With NetEye RUE we are able to build up a reliable Application and Network Performance Monitoring, by analyzing the real traffic. However, is there also a possibility to gather information about the state of the PCs and servers?
Yes, it is! In the TCP communication, there exists a certain event, which informs us about the state of “suffering” of a PC/server or application. This event is called zero window. If the PC/server is monitored with NetEye, we are even able to depict the state of the machine during the point in time when the event occurred.
Zero Window – Technical Explanation:
Zero Window is an event in the TCP communication, which occurs when the buffer runs full.
All packets that are send to an application (expl. Firefox) are initially read by the network card of the operating system and temporarily stored in the buffer, where they remain until the application reads the packets and consequently deletes them from the buffer. Unfortunately, the deletion of the buffer does not always happens correctly or is processed too slowly. This may happen when the application is blocked or there is not enough CPU (overloaded PC). In these cases, the buffer runs full very quickly.
With a full buffer it is not possible to receive additional data, therefore the TCP protocol sends a notification to the sender to temporarily stop the transmission. Obviously, such situations result in a very bad user experience.
Zero window provides us the information if a PC (or rarer, a server) is in trouble because of an overload or a downtime of the application.
In NetEye RUE we’ve added the zero window information to the KPIs of the performance analysis (network latency, application latency, loadtime).
Through the information about a present zero window, we are able to explain situations where requests show long load times, but network latency and application latency are unremarkable.
If a request shows a value higher than 0 in zero window, we have a simple explanation for long load times and can assign the problem to the local PC.