There are several tools and methodologies available to test a network infrastructure. Network testing enables network managers to monitor the performance of the network, troubleshoot connectivity issues, and identify the root-cause. Generally this network performance analysis is performed with specific test tools, including network performance monitoring tools like NetBeez.
Let’s review what network testing it, what open source tools are available in the following sections:
- Network testing definition
- Why network testing is important
- Network testing tools
- Network testing use cases
- Network testing solution: NetBeez
Network Testing Definition
Network testing is the process of verifying the correct functioning and performance of a network infrastructure. It involves using various test tools, network troubleshooting techniques and methodologies to assess different network testing metrics. Network performance metrics collected include latency, packet loss, and bandwidth. The goal of network testing software is to ensure that a network is efficient, secure, and reliable to handle traffic load.
Why Network Testing Is Important
In today’s interconnected world, the smooth flow of data is essential for virtually every aspect of today’s businesses. Network testing is not just a way to assess network performance. Network testing acts as quality assurance of business processes that are delivered over a digital infrastructure.
Here are five reasons why organizations need to implement network testing:
- Identifying performance bottlenecks: There are several network conditions that impact the performance of an infrastructure, such as the specifications of its routers and switches, the way it is designed and configured, the type of internet connection, and so on. Performance testing helps identify areas where the throughput is not as expected, causing network issues.
- Risk assessments: Network testing is used to assess the risks of a partial or total loss of network service and connectivity. For instance, when doing a redundancy test by turning off a primary switch or router, or shutting down the primary utility line to test if the backup generator kicks in. These controlled outages help verify that risk mitigation measures are correctly implemented and that are functioning as designed.
- Compliance requirements: For example, financial and healthcare organizations employ security testing to validate that their network complies with PCI or HIPAA standards. Checks also include scanning available services on network devices. Network testing provides a method to actively monitor and enforce adherence to these and other standards.
- Assessing network controls: All organizations must implement security measures to protect and prevent network threats. Network testing can be used to verify that proper network controls such as access lists and firewalls are configured as expected.
- Continuous improvement: Continuous network testing provides valuable insights of network conditions as it generates an historical trace of network performance. These baselines will help analyze long-term trends and estimate in advance when upgrades will be necessary. Continuous improvement should also consider digital experience monitoring.
Network Testing Tools
The results of network testing provide key insights on network performance and highlight issues and potential risks associated with a network. In this section, we will mention commonly available tools and network tests that everyone can use. At the end of the section we will also introduce NetBeez, a network performance monitoring solution that automates network tests. NetBeez provides real-time visibility into remote worker network issues, including performance monitoring across WAN and VPN connections, and quality assessment of ISP and Wi-Fi connectivity.
Testing latency and packet loss with ping
Ping is a network performance test that runs via command-line tool to verify network connectivity, latency, and packet loss. By default, a ping test works by sending one packet (echo_request) every second and waiting for a reply (echo_reply). With each reply ping reports the round-trip time (RTT), which is the time that it took for one exchange of packets. Round-trip time is expressed in milliseconds (ms).
Ping can generate a specific number of echo requests (option -c count) or run continuously until the user interrupts it. Once the command exits, ping reports the packet loss (% of packets not replied), and the min, max, and average of the round-trip time.
$ ping netbeez.net -c 10
PING netbeez.net (126.96.36.199): 56 data bytes
64 bytes from 188.8.131.52: icmp_seq=0 ttl=59 time=7.993 ms
64 bytes from 184.108.40.206: icmp_seq=1 ttl=59 time=13.753 ms
64 bytes from 220.127.116.11: icmp_seq=2 ttl=59 time=8.757 ms
64 bytes from 18.104.22.168: icmp_seq=3 ttl=59 time=9.407 ms
64 bytes from 22.214.171.124: icmp_seq=4 ttl=59 time=9.742 ms
64 bytes from 126.96.36.199: icmp_seq=5 ttl=59 time=10.225 ms
64 bytes from 188.8.131.52: icmp_seq=6 ttl=59 time=8.266 ms
64 bytes from 184.108.40.206: icmp_seq=7 ttl=59 time=11.380 ms
64 bytes from 220.127.116.11: icmp_seq=8 ttl=59 time=7.632 ms
64 bytes from 18.104.22.168: icmp_seq=9 ttl=59 time=9.151 ms
--- netbeez.net ping statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 7.632/9.631/13.753/1.732 ms
Read this article on ping options if you want to learn some extra options and testing use cases you can achieve. The following image shows a ping test where all 10 packets sent are replied: In this case we have no packet loss (0%).
In this other example, we run the same ping test, but one packet is lost: It could be that the echo_request was lost or damaged, or the echo_reply. We can’t tell that, but we still detect a 10% packet loss rate.
NetBeez supports ping tests to monitor latency, packet loss, estimate jitter and MOS, and get alerts when reachability to a remote host is lost or undergoing performance issues. Associated with each test, the user can define the alerting conditions that will trigger a notification. Below is a screenshot of a continuous ping test to google.com to verify the latency and packet loss of an internet connection.
Traceroute is a network performance test that discovers all the intermediate routers between a source host where the command runs, and a destination one. The command ends when it reaches the destination. Each intermediate router is called hop. For each router, traceroute reports the round-trip time (RTT) and its hostname. This article on traceroute explains in detail how it works.
In network testing, traceroute allows you to verify that the traffic from one host is following the correct path. It also helps you find out where traffic is interrupted when troubleshooting. One important thing to be aware of is that there are many flavors of traceroute. Each one of them has its pros and cons:
- Traceroute: is the most basic and available tool that is installed in operating systems like Windows (called tracert), Linux, and Mac. Easy to use and gets the job done.
- MTR: This tool works as a traceroute test, but it also reports the packet loss per hop. This article on MTR provides more information about it. You will need to download and install this if you want to gather packet loss information per hop.
Below, we’ll present the example of a traceroute execution on Mac to netbeez.net. For each hop, traceroute reports its IP address, hostname (if available), and three RTT measurements.
% traceroute netbeez.net
traceroute to netbeez.net (22.214.171.124), 64 hops max, 52 byte packets
1 172.29.0.1 (172.29.0.1) 2.805 ms 1.736 ms 1.724 ms
2 126.96.36.199 (188.8.131.52) 4.029 ms 2.939 ms 4.314 ms
3 184.108.40.206 (220.127.116.11) 4.000 ms 4.032 ms 2.993 ms
4 * * *
5 ae1.3510.level3.net (18.104.22.168) 35.903 ms * 14.297 ms
6 22.214.171.124 (126.96.36.199) 15.174 ms * *
7 188.8.131.52 (184.108.40.206) 46.029 ms
220.127.116.11 (18.104.22.168) 15.888 ms
22.214.171.124 (126.96.36.199) 14.852 ms
8 netbeez.net (188.8.131.52) 14.897 ms 14.363 ms 14.116 ms
When you see * on a hop, that means that we don’t have information about that hop. The node most probably was configured to disregard traceroute probes. Unfortunately it’s a limit that can’t be hardly overcome in most cases. In some cases, you can try to change the protocol used by traceroute, which is ICMP in Windows and UDP in Linux and Mac.
Traceroute, like MTR, is a network performance test that only discovers one path at the time. As a result, when ECMP is present, those tools may report an incorrect sequence of hops. So if discovering alternate paths is key for you, consider this option:
- Dublin-traceroute: This command supports Equal-Cost MultiPath (ECMP), meaning that it can discover redundant links and map them. By default it runs 20 concurrent traceroute tests to identify all possible routes to a destination. Dublin traceroute also provides information about the Autonomous System Number (ASN) of a node, NAT detection, and more. You can read more about dublin-traceroute in a previous article we wrote.
NetBeez supports both traceroute and dublin-traceroute commands. We call dublin traceroute Path Analysis. In our implementation, we enrich the node data with geolocation. Below is a screenshot of a path analysis test against netbeez.net. Note the display of ECMP routes, and compare to the traceroute test run up above. Path analysis is a must for network testing SaaS and other Internet applications.
DNS is a vital network service whose function is to translate hostnames such as those contained in web URLs to IP addresses. When a large company suffers a DNS outage, you’ll read about it in the news. Users wouldn’t be able to access websites and other applications, and hosted services would stop functioning. A nightmare for network engineers (just search for “DNS meme” and have a laugh). Let’s see how you can verify the correct functioning of a DNS server.
Most operating systems support the command nslookup (dig is an alternative in Linux and Mac). Nslookup allows you to perform a DNS query with a specific server. To run this utility, you type nslookup on the command prompt. That will get you into the nslookup console. Once in, you type the command server followed by the IP address of the DNS server that you want to test. Once selected the nameserver, you type the hostname that you want to resolve. Here’s an example with nameserver 192.168.1.1 and hostname netbeez.net.
> server 192.168.1.1
Default server: 192.168.1.1
The above nslookup output successfully reports the IP address of netbeez.net, which is 184.108.40.206. If you want to know why the server 192.168.1.1 replies with a “non-authoritative answer”, read this DNS article we wrote.
Let’s see what happens when a DNS test fails:
;; connection timed out; no servers could be reached
In this case, we don’t have a connection with the DNS server because of the timeout. First, validate that connectivity to the DNS server is available. Then, verify that the DNS service is running.
NetBeez provides DNS testing with query timing. You can select the DNS server to test, and the query to execute. If the server is unspecified, each network monitoring agent will use whatever DNS server has configured. NetBeez can then trigger alerts if there are no replies, or if the resolution time is above a certain threshold.
Iperf for throughput testing
Iperf is a bandwidth testing tool that generates TCP or UDP traffic between a source and a destination. Once the commands exits, it reports different statistics such as throughput, packet loss (UDP), jitter (UDP) and retransmissions (TCP). It’s a valuable open source utility that everyone can use. When considering iperf for bandwidth testing, make sure that the hardware supports the speed that needs to be tested. In cases where you want to push several Gbps of traffic, you may need to change the TCP window size or use multiple streams. We wrote extensively about iperf, so check out that link as a starting point.
To run iperf, execute first the server on the receiving host with iperf -s, then the client with iperf -c followed by the server’s IP address. Here’s one iperf command between two hosts.
Client connecting to 10.0.20.5, UDP port 5001
Sending 1470 byte datagrams, IPG target: 1121.52 us (kalman adjust)
UDP buffer size: 0.16 MByte (default)
[ 3] local 10.0.10.5 port 60603 connected with 10.0.20.5 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 1.0 sec 1.22 MBytes 10.2 Mbits/sec
[ 3] 1.0- 2.0 sec 1.28 MBytes 10.8 Mbits/sec
[ 3] 2.0- 3.0 sec 1.25 MBytes 10.5 Mbits/sec
[ 3] 3.0- 4.0 sec 1.24 MBytes 10.4 Mbits/sec
[ 3] 4.0- 5.0 sec 1.26 MBytes 10.5 Mbits/sec
[ 3] 5.0- 6.0 sec 1.25 MBytes 10.5 Mbits/sec
[ 3] 6.0- 7.0 sec 1.25 MBytes 10.5 Mbits/sec
[ 3] 7.0- 8.0 sec 1.25 MBytes 10.5 Mbits/sec
[ 3] 8.0- 9.0 sec 1.25 MBytes 10.5 Mbits/sec
[ 3] 0.0-10.0 sec 12.5 MBytes 10.5 Mbits/sec
[ 3] Sent 8917 datagrams
[ 3] Server Report:
[ 3] 0.0-10.0 sec 12.5 MBytes 10.5 Mbits/sec 0.009 ms 0/ 8917 (0%)
One thing to note about iperf is that it’s a unidirectional test. To run a network performance test in both directions, you need to switch the roles of the two hosts. In alternative you can use the reverse option, that runs a transfer from the server to the client. This is useful in the case where the receiver (server) is behind a NAT or firewall.
NetBeez supports iperf for testing network bandwidth. When creating a new iperf test, the user selects the source and destination agents, the protocol, iperf version, and options. Then, it picks the schedule when the test should run and the alerting conditions. For instance, if the resulting bandwidth is less than 10 Mbps.
Internet connection testing
There are several tools available to the an internet connection. Two popular network tests are:
- Speedtest is an internet connection test developed by Ookla; this test is proprietary, has a CLI and web-based version, and is multi-platform.
- NDT is a network speed test developed by the M-LAB, a research consortium that released an open source alternative to speedtest. NDT runs a CLI command, and supports Linux, Windows, and Mac.
NDT: Network Diagnostic Tool for internet connection testing
NDT is an internet connection testing tool that runs a download and upload test with a server located on the Internet. When the test starts, it selects the server to use from a list of available ones, generally the one with lowest latency. The organization that offers this service (M-LAB) is a non-profit whose goal is to collect performance measurements for the Internet. Many organizations participate in this initiative, including Internet2. You could also host your own NDT server.
To conclude, NDT is a good alternative to test an internet connection. NDT can also run on a web browser. If you search for speedtest on google, Google will give you the option to run a browser based speed test. In the following image you can see a NDT test run from a Windows machine. The output includes download speed, upload speed, and latency.
NetBeez can run internet connection tests with NDT. Similarly to iperf, the user picks the agents, the schedule, and the warning conditions. The following screenshot displays the aggregate results of NDT tests from several agents. It is then possible to break down the results and sort by download speed, upload speed, or latency.
SaaS and web applications testing
One simple way to test SaaS and web applications is to use a web browser and verify that you can access them. However, this method doesn’t perform continuous testing. As a result, it doesn’t scale when you have many applications to check and/or if your network is complex. Think about when you have to push a routing change, or a firewall update.
When working in a large and mission critical environment, automate the application tests. This way, you can receive alerts as soon as a problem arises. In that scenario, you can either revert back your changes, or quickly troubleshoot the problem. To conclude, automating application testing will help you to be proactive and quick at detecting issues.
Two CLI-based network testing tools for SaaS and web applications available are:
- Curl is a powerful command line tool for testing HTTPS pages and web services in general. Curl supports timing breakdown, and other options that may be useful for network testing and application performance. I invite you to read an article we previously wrote about curl timing.
- Hping is a network performance test that verifies if a TCP or UDP port is open and responding. This test is one of the most common tools to test firewalls and check if a specific service on a host is responding. You can read a previous article we wrote about hping options. Hping is also used for security testing and audit of network devices.
Network monitoring tools
Network monitoring tools play a crucial role in enhancing network testing processes by providing real-time insights and comprehensive analysis of network performance. These tools enable testers to monitor various parameters such as bandwidth utilization, latency, packet loss, and device health, allowing them to identify potential bottlenecks and performance issues. With the ability to capture and analyze network traffic, monitoring tools facilitate the detection of anomalies and irregularities, aiding in the troubleshooting and resolution of issues promptly. Moreover, these tools often offer historical data and trend analysis, empowering testers to assess long-term network behavior and plan for scalability. Overall, network monitoring tools contribute significantly to the efficiency and effectiveness of network testing, ensuring the reliability and optimal performance of the entire network infrastructure.
Network Testing Use Cases
You can perform network testing ad-hoc, for example after a network change, or permanently, to keep a constant monitoring of the network. There are different use cases for network testing. The most common ones are:
- Validate configuration changes – Testing services and connectivity after a network configuration change to verify that it was successful and that it didn’t cause unplanned outages. Testing could be as easy as running a ping test, or more complicated checks in the case of routing policies or QoS reconfigurations.
- Circuits turn-up or sites go-live – When turning up a new network site or link, such as a new internet connection, a connectivity and throughput test will help verify that outside networks are reachable and that enough bandwidth is provisioned. This includes ping tests for outside reachability along with an iperf test for throughput. Should the link be more than 1 Gbps, specialized hardware may be used to gather accurate measurements.
- Troubleshooting – When troubleshooting a single user complaint or an outage, network testing helps isolate the problem and collect all the evidence required to identify the root cause. Check out two articles that we wrote about how to troubleshoot network performance issues and how to troubleshoot end-user problems.
- Service assurance – Whether you are offering a SaaS solution to customers, connectivity to residential subscribers, or WiFi to employees, network testing helps monitoring and enforcing Service Level Agreements. A network monitoring solution like NetBeez for example can trigger alerts and notification in the case where a performance metric doesn’t match a certain rule.
- Proactive monitoring – By running continuous network tests, you collect and monitor key performance metrics, such as latency and packet loss, that help you be proactive on issues that could degrade network performance and the end-users’ experience.
NetBeez: Network testing solution
NetBeez is a powerful network performance testing and monitoring solution that stands out for its effectiveness in ensuring the reliability and performance of network infrastructures. What makes NetBeez particularly beneficial for network performance testing is its proactive and distributed approach. Continuous performance testing against the network and application ensures a proactive approach to accident management and quick troubleshooting.
By deploying hardware or software agents throughout your network, NetBeez continuously assesses network health from multiple vantage points, providing real time insights into network latency, packet loss, and other key performance metrics. The following table lists the types of network monitoring tests run by NetBeez.
|Network Performance Test
|Round-trip time, packet loss, jitter, and MOS estimate
|DNS resolution time, DNS availability
|HTTP GET time, HTTP availability
|Hop IP, RTT, and hostname
|Hop IP, RTT, Geolocation, ASN, AS name, and hostname
|Throughput, packet loss (UDP), retransmissions (TCP), jitter (UDP)
|Download speed, upload speed, latency
|Latency, packet loss, jitter, MOS
This distributed monitoring approach allows for early detection of network issues, enabling IT teams to troubleshoot and resolve problems before end-users even notice a dip in performance. The NetBeez network testing software supports the following deployment options thanks to a vast range of agent types:
|Hardware GigE,, Virtual, Docker, Linux
|Windows/Mac software clients
|Hardware WiFi, Windows/Mac software clients
Additionally, NetBeez offers a user-friendly interface and comprehensive reporting, making it a valuable tool for network administrators and engineers seeking to optimize their network’s efficiency and ensure a seamless user experience. Overall, NetBeez empowers organizations with the tools they need to proactively manage and maintain their networks, reducing downtime and enhancing overall network performance.
How to Test a Network with NetBeez
Testing a network with NetBeez is pretty straightforward. Here’s a high level procedure:
Step 1 – Deploy network testing agents
In this initial step, install the network monitoring agents that run network testing against your network and applications. The network testing data collected by these units will help collect data about network availability and performance. NetBeez provides two options:
- Network Agents are hardware, virtual or software appliances that get installed on-premise at remote branch offices and headquarters, or at public clouds and data centers.
- Remote Worker Agents are software clients for Windows or Mac operating systems that run on end-user laptops. These agents extend network performance testing beyond the corporate perimeter, including the network of work from home employees.
Consult the online documentation to see how you can install NetBeez agents.
Step 2 – Create network performance tests
There are two test tools employed by NetBeez to monitor a network infrastructure, its services and applications:
- Targets – Defined by URL or FQDN, a target includes a certain set of ping, DNS, HTTP, and traceroute tests to execute continuous network performance monitoring. These tests run continuously and return results in real time on the user dashboard.
- Scheduled tests – These are iperf, network speed, and VoIP tests that run at specific user defined times. Iperf is generally used to verify throughput between two NetBeez agents, or one agent and one external iperf server. Network speed helps measuring download and upload speed of an internet connection.
Step 3 – Review network performance testing data
Once the targets and scheduled tests are configured, the agents will immediately start network testing and reporting data to the dashboard. In the following screenshot you can see the real time data gathered by a remote end-user on a Windows laptop. The network performance monitoring data includes latency, packet loss, and jitter. Network monitoring tools like NetBeez help capture the user experience of remote employees.
Conclusion on Network Testing Tools
Network testing software and proactive troubleshooting are key to a successful network management strategy. To meet the demands of the end-users and ensure business resiliency, it’s important to understand what tests to run, use the right tools, and follow best practices. Remember that network testing is a vast field, and this article is just a starting point. If you wish to learn more about NetBeez network monitoring, request a demo and give it a try!