Network Instruments Observer User Manual

Quick Start Manual

®

Volume 16, June 2002

Network Instruments’ Observer

®

ii Quick Start Manual

© 2002 by Network Instruments, LLC (Limited Liability Corporation). All rights reserved.

Network Instruments' Observer for use with Microsoft Windows 98, Windows NT 4.x, Windows 2000,
or Windows XP. “Observer”, “Network Instruments” and the “N with a dot logo” are registered
trademarks of Network Instruments, LLC, and may be registered in certain jurisdictions.

Written and designed by: Network Instruments, LLC, 8800 West Highway Seven, Minneapolis
MN 55426, USA.

Limited Warranty—Software

Network Instruments, LLC will replace defective media or documentation for a 60-day period
after the shipment of the product from Network Instruments, LLC. Should Network Instruments,
LLC release a newer version of the software within 60 days of shipment of the product, Network
Instruments, LLC will update the copy of the software upon request, provided request is made
by the licensed user within the 60-day period of shipment of the new version. This update may
consist of a CD, or a manual, or both at the discretion of Network Instruments, LLC. User may be
charged a shipping fee for updates.

Network Instruments, LLC shall not be liable for material, equipment, data, or time loss caused
directly or indirectly by proper or improper use of the software. In cases of loss, destruction, or
corruption of data, Network Instruments, LLC shall not be liable. Network Instruments, LLC
does not take any other responsibility. Network Instruments, LLC does not warrant that the
product will meet your requirements or that the operation of the product will be uninterrupted
or that the product will be error-free.

NETWORK INSTRUMENTS, LLC SPECIFICALLY DISCLAIMS ALL OTHER
WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO,
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. IN NO EVENT SHALL NETWORK INSTRUMENTS, LLC BE LIABLE FOR ANY
LOSS OF PROFIT OR ANY OTHER COMMERCIAL DAMAGE, INCLUDING BUT NOT
LIMITED TO SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR OTHER DAMAGES.

Network Instruments, LLC makes no other warranty, expressed or implied.

Copyright and License

Network Instruments' Observer, Expert Observer, and Observer Suite are neither shareware nor
freeware. Network Instruments' Observer, Expert Observer, and Observer Suite are commercial
software packages that are subject to international copyright laws.

Upon registration of the Network Instruments’ Observer product, you are licensed to use Network
Instruments’ Observer at
monitored by purchasing additional probe licenses. When additional licenses are purchased, you will
then be licensed to run as many probes as you have licenses. The purchase of a Probe Pack does not
include a license for Observer or Expert Observer. Should you need additional Observer or distributed
Observer consoles, you will need to purchase licenses separately.

If you install Network Instruments’ Observer on additional PCs, you will need to purchase an
additional Observer license for each PC. If you are installing probes on laptops, you will need to
purchase a Probe Pack for each laptop.

Network Instruments’ Observer, Expert Observer, and Observer Suite are the property of Network
Instruments, LLC and may not be copied for purposes other than backup.

Included in the Observer box is a blue activation card containing the Identification Number and
License Number for the product. This activation card is your proof of purchase. You will need to
produce this document for upgrades and you will need to provide the activation numbers to receive
technical support.

This software is licensed as stated above. The license does not constitute ownership of the software,
only the right to use the software.

one

site on

one

LAN on

one

personal computer. Additional segments can be

© 2001 Network Instruments, LLC iii

Purchasing Additional Licenses

To purchase additional licenses of Observer, Expert Observer, or Observer Suite, contact your
software vendor or Network Instruments, LLC at:

Corporate Headquarters:

Network Instruments, LLC

Fourth Floor
8800 West Highway Seven
Minneapolis, MN 55426 USA
(800) 526-7919 Toll Free
(952) 932-9899 Voice
(952) 932-9545 Fax
email: info@networkinstruments.com

UK and Europe:

Network Instruments, Ltd.

Brewery House
Black Eagle Close
Westerham TN16 1RG
UNITED KINGDOM
+44 (0) 1959 569880 Voice
+44 (0) 1959 569881 Fax
email: europe@networkinstruments.com

Technical Support

Network Instruments provides technical support:

By fax (depending on where you are located):

US & countries outside of Europe at (952) 932-9545

UK and Europe at +44 (0) 1959 569881

By phone (depending on where you are located):

US & countries outside of Europe at (952) 932-9899

UK and Europe at +44 (0) 1959 569880

Or by email at:

support@networkinstruments.com

Network Instruments provides technical support for a period of 60 days after the purchase of the
product at no charge. After the 60-day initial support period, support will only be provided to
those customers who have purchased a maintenance agreement.

Telephone technical support hours are between 9:00 am and 5:00 pm (CST U.S.) at each office.

Suggestions are welcomed. Many of the improvements made to Observer have originated as
end-user suggestions. Please submit detailed suggestions in writing to:
support@networkinstruments.com, or by fax at: (952) 932-9545. Please submit any corrections to
or criticism of Network Instruments’ publications to: pubs@networkinstruments.com or by fax at
(952) 932-9545.

For those parties with the capability to receive Internet email, it is recommended to subscribe to
the Network Instruments’ Observer mailing list.

Subscribe by submitting an email message to:

listserver@networkinstruments.com

with the following in the body (not the subject) of the email:

subscribe observer

iv Observer® Quick Start Manual

Contents

Observer Quick Start Manual ..................................................... 1

Installation........................................................................................ 2

Configuring Observer ..................................................................... 3

Licensing Observer .......................................................................... 3

Running Observer for the First Time................................................ 4

Getting Started with Observer Modes and Tools................... 5

Discover Network Names................................................................ 5

Top Talkers ........................................................................................ 7

Router Observer ............................................................................... 8

Internet Observer ............................................................................. 9

Network Trending........................................................................... 10

Packet Capture ............................................................................. 12

Bandwidth Utilization ..................................................................... 16

Switched Observer ........................................................................ 17

Real-Time Expert............................................................................. 19

Conclusion...................................................................................... 21

© 2001 Network Instruments, LLC v

Observer Quick Start Manual

Welcome to Network Instruments’ Observer, a network monitor and protocol
analyzer for Microsoft, Unix, Novell, Apple, VoIP, and wireless networks (to
name a but a few supported environments). Observer helps the experienced
network administrator to diagnose, solve, and prevent network problems.

This manual does not cover the entire range of Observer’s functionality.
Rather, it briefly describes how to install and configure Observer, and leads
you to some of the most commonly used Observer modes and tools. For more
comprehensive descriptions of Observer’s modes and tools, refer to the
Observer User Guide and the help system.

© 2002 Network Instruments, LLC 1

Installation

Installation

Check the system requirements in the Observer User Guide to make sure that
your system meets the hardware and software requirements necessary to run
Observer.

You can install Observer from a CD-ROM or from the Internet. Network
Instruments recommends that you install Observer from the Internet. The
latest version of Observer is available via anonymous ftp on the Network
Instruments’ ftp site at:

ftp://ftp.networkinstruments.com/pub/demos/obsdemo.exe

To begin the download, you may either:

1. Download OBSDEMO.EXE to an empty temporary directory and run it,
or

2. Insert the Observer CD-ROM in the CD-ROM drive.

3. When the setup program autoruns, follow the instructions on the screen.

Once the executable file is run, you will be taken through the following
process:

1. Setup will ask you to choose a language; select your preferred language
and click on the N

EXT button.

2. You will be asked if you are installing Observer, an Advanced Probe, or
an RMON Probe. Select “Observer” and click on the N

3. Setup will ask you in which directory you would like to install Observer.
Unless you have a specific reason to install Observer elsewhere, install
Observer in the default directory.

4. Check the README.WRI for any additional information.

2 Observer® Quick Start Manual

EXT button.

Configuring Observer

Configuring Observer

In Windows 98/2000 and XP, no additional configuration is required. In
Windows NT you must install a protocol service driver. Follow these steps:

For Windows NT:

1. Setup will open the Windows NT Network Setup dialog.

2. Click the “Services” tab.

3. When asked for the type, select “Have disk” and point to the “Observer
Files” directory.

4. Reboot your system.

Licensing Observer

Observer is always delivered in Demo (evaluation) mode and will run in
Demo mode until it has been activated. The Demo mode provides an
excellent way of seeing each Observer mode in action—each mode is fully
populated with a random collection of real packets, collected from Network
Instruments’ own networks. In this way Observer can be run at any time
without the need of a network connection and it provides an excellent way to
learn Observer's operation.

To activate Observer into full functionality, follow these steps:

1. From the Windows desktop, click

Start > Programs > Observer > Observer.

Observer will start in Demo mode and let you choose between a
simulation demo and a limited real-time demo.

2. Choose “Simulation Demo,” select any device, and then click O

Depending on where and how you purchased Observer, your activation
information may have been provided to you on a “Right to Use” (RTU)
certificate. You’ll need the following four strings: Name, Company
Name, Identification Number, and Licensing Number.

K.

3. Click the “Enter Name” textbox. Enter your name and company name
exactly as on the RTU, click O

K, and then click ACCEPT.

4. Enter your license number where indicated, and click OK.

5. Close Observer. When you start Observer again, it will be fully
functional.

If you don’t have your licensing information available, contact your
Network Instruments’ sales representative.

© 2002 Network Instruments, LLC

3