Post about "networking fundamentals"

Route Analytics and Netflow – Technology For Managing IP Network Unpredictability

Today, businesses increasingly rely on applications to deliver top and bottom line results from greater business process automation, and individuals consume vast and growing amounts of IP-based media. As a result, enterprises and service providers are building larger and more redundant networks to ensure traffic delivery. Unfortunately, the resulting network complexity is causing them to hit the limits of traditional network management technology. The reason: IP is not inherently predictable.Why Aren’t IP Networks Predictable?IP’s distributed routing intelligence makes it efficient and at the same time unpredictable. IP routing protocols automatically calculate and manage traffic routes or paths between points in the network based on the latest known state of network elements. Any changes to those elements cause the routing topology to be recalculated dynamically. While this keeps IP networks highly resilient in case of network failures, it also creates endless variability in the active routing topology. A large network can be in any one of millions of possible active routing topology states. In addition, application traffic patterns are by nature unpredictable. Network problems – router software bugs, misconfigurations, hardware that fails (often after exhibiting intermittent instability) – can add to that unpredictability.The Challenge of Managing Complex IP NetworksWith routing and traffic changing dynamically over time, it is a real network management challenge to ensure predictably high application performance. Take troubleshooting for example: when an end user reports an application performance problem that doesn’t stem from an obvious hardware failure, the root cause of the problem can be quite difficult to figure out in a large, redundant network. IT engineers don’t know the route the traffic took through the network, the relevant links servicing the traffic, or whether those links were congested at the time of the problem. Even determining which devices serviced the traffic at the time of the problem in a complex network can be nearly impossible.Traditional Network Management Only Goes to a PointThe overarching architectural principle of traditional network management is to gather information on a vast number of different “points” in the network, then correlate various point data to infer clues about service conditions. They key mechanism for doing this is the Simple Network Management Protocol (SNMP), which gathers information from point devices such as routers, switches, servers and their interfaces.Clearly, “point data” is useful – for example, an interface or device that fails, runs out of memory, or is congested with traffic is important to know about. However, the sum of all this point data is much less than the whole picture. Just knowing that an interface is full of traffic doesn’t tell you why it is full. Where is the traffic coming from and going to? Is the traffic usually on this interface, or was there a change in the network or elsewhere that caused it to shift to this interface? If so, from where, when, and for how long? Without answers to these questions, there is no real understanding of the behavior of the network as a whole, which robs the point data of much of its contextual meaning. This lack of visibility not only impacts operations processes like troubleshooting, but also engineering and planning. For example, without understand network-wide dynamics, change management and planning can be fraught with errors that stem from not knowing how changing a particular device will impact the entire network’s routing and traffic.Route Analytics with Netflow-Visibility into Network-Wide Routing and Traffic DynamicsLuckily, there’s a way to peer into the dynamic behavior of IP routing and traffic flows using a combination of route analytics and Netflow technologies. Route analytics provides precise understanding of network-wide routing by passively peering with selected routers via routing protocols such as OSPF, IS-IS, EIGRP and BGP to receive all available routing information, then computing an always-up-to-date, network-wide map of all routers, links, advertised and withdrawn network addresses, and traffic paths. Every time the network changes in a way that impacts routing, the routing protocols provide real-time updates which keep route analytics completely accurate. Since route analytics understands all paths, it can very efficiently provide network-wide traffic information on all links by collecting Netflow data at key traffic sources such as data centers and Internet peerings, then map traffic flows over their actual pathsThe Benefits of Route AnalyticsRoute analytics provides a new and far more useful picture of network and service behavior that helps network managers ensure that their networks are adequately engineered to deliver a complex, changing matrix of application traffic at various service levels. For example, engineers can use route analytics to model a change of high priority traffic caused by the anticipated rollout of a new application. The simulated new traffic will be overlaid not on some abstract model, but on the traffic and routing matrix as it actually exists in the network. Depending on what it shows, engineers can catch potential impacts before moving ahead, or proceed with confidence in the rollout, knowing that the network will continue to support existing application requirements.Troubleshooting also gets much faster, since engineers can see the route/path that a particular application traffic flow traveled across the network at the time a problem occurred, then analyze all links to see if key applications or CoS were breaching their volume thresholds. If there was congestion, further analysis can show whether a routing issue caused traffic to shift, or, if additional, unexpected traffic was present, where it originated, its destination and the route that included the problem link. Even if a routing or traffic problem isn’t the root cause, knowing the precise path provides the most accurate possible starting point for examining devices and interfaces involved in servicing application traffic.