-
Notifications
You must be signed in to change notification settings - Fork 46
Network Patterns
This section contains a number of networking scenarios that you can cross-check with your own traces.
Note: IP addresses and machine names have been obfuscated into the 10.xxx.xxx.xxx, 172.[16-31].xxx.xxx, or 192.168.xxx.xxx range with generic names, such as SQLPROD01.CONTOSO.COM.
Note: Traces shown are parsed using NETMON 3.4.
In many cases, SQL Server is not listening on port 1433. Since there is no special code in TCP to indicate the sub-protocol type, the parser is hard-coded to interpret traffic on port 1433 as SQL Server traffic.
Change NETMON Parser Port for SQL Server
Normal Login Using SQL Authentication
Normal Login Using a Domain Account and NTLM Authentication
Normal Login Using a Domain Account and Kerberos Authentication
Idle Connection with Keep-Alive Packets
Normal Closing Connection
Normal MARS Closing Connection
All Packets Duplicated
Packets in One Direction
Connection Dropped in both Directions
Connection Dropped in one Direction
Connection Dropped in one Direction - One-Sided Trace
Network Device Reset Connection
Logon Timeout Due to Slow Domain Controller
Server has a Connection Backlog
VPN Delays Packets Causing Connection to Reset