When you can't find the reason to a problem you experience, you need to take a look at the traffic pattern. There is a broad range of "sniffers" as they are called. The thing that differs different sniffers from each other is the possibility to decode different protocols and have the communication in clear text. There are also more costly analyzers that can analyze the traffic pattern and warn you for any suspicious behavior like slow response time and other. If you seldom use a sniffer you can as well start with a freeware tool, you find the under our download page

The most sniffers present the information in layers according to the OSI model as described here. First you find the link layer (level 2) as level one only has electrical signals. Level 2 (Ethernet) consist of MAC-addresses and information about VLAN, priority and other. After that is layer 3 (IP) with IP addresses and traffic type. Layer 4 (session level) gives you the TCP information if any. According to the complexity of the instrument you also can see higher level with application information etc.

A nice and price worthy tool is the Colasofts Capsa a very competent software with a lot of functionality to a low price.

A freeware tool is Whireshark previously called Ethereal or Microsoft's free Network analyzer

In a switched network you do not see information passing between two ports on other ports if you don't configure it. Most advanced switches have a function called "mirroring" to mirror traffic on a certain port to another port where you connect your sniffer. What you will see without mirroring is broadcast traffic or "announcement" on the LAN segment.

When your sniffer is connected you can always filter on specific addresses or ports to see just the traffic you are interested in. You got a timestamp on every packet and can follow the conversation in a neat way with delays or missing replies. This will tell you which equipment that fails.

At this page you can see which switches support mirroring and how to do.