IT managers need visibility into the traffic flowing through their networks. Without this insight, they rely heavily on guesswork for performance problem resolution and capacity planning. Legacy measurement tools are also usually prohibitively expensive, lack scalability to today's gigabit speeds, drain network hardware productivity, and increase software and hardware ownership costs.
A new IETF draft standard, RFC 3176, addresses all these limitations to traditional traffic monitoring and forensic network analysis through network packet sampling. The informational RFC also is marketed under the name "sFlow" by the industry trade organization sflow.org.
RFC 3176 lets administrators reliably and statistically measure their networks' performance and traffic impact of all connected applications, users, servers, switches, routers and storage switches. SFlow monitors and proactively helps administrators adjust network traffic patterns in complex enterprise, metropolitan service provider and high-performance computing environments with thousands of nodes and significant bandwidth requirements.
Instead of deploying cost-prohibitive probes throughout the network, the sFlow agent is embedded in the network switch or router ASIC and samples the network traffic. The sFlow management information base controls the sFlow agent, which captures, formats and forwards the packet samples to a central RFC 3176 data collector creating a datagram. By statistically sampling network traffic, network administrators gain a system-wide view of the traffic, network security and application traffic sources throughout the network.
With typical data gathering, RFC 3176 doesn't add significant network load, which is in contrast to software-based proprietary vendor approaches to traffic monitoring. The only sFlow packet sampling work done in software on the device is a few simple lookups, marshalling data into a datagram and queuing the datagram for transmission.
When a packet is sampled, its header is extracted and placed into an sFlow datagram or detailed map of the packet's network journey, which includes header, I/O source, destination and interface statistics. This datagram then is sent immediately to the sFlow Collection Server, a central data collector and analyzer.
Partner Content
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout's nGenius & Sniffer users.
www.netscout.com
Metzler on Service Delivery Management
Delivering IT business value by evolving our thinking from managing application performance to focusing on services.
Learn More
2009 Handbook of Application Delivery
Successful IT organizations must know how to make the right application delivery decisions in these tough economic times.
Download the Handbook
Metzler on the Modern IP Network
Discusses the growing emphasis on network management and the need to implement a holistic view of the end-to-end experience of the user.
Read the Brief