Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
LANs /

Port Mirroring: The duplex paradox

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By John Curtis
Network World on High Speed LANs, 10/7/98

As you've read in this newsletter before, network capture and analysis in a switched LAN environment usually means "tapping" the switch's lines by using a "mirror" port. In this approach, traffic is copied from one "source" port to another destination or "mirror" port; an analyzer attached to the mirror port then sees all of the traffic entering and exiting the source port - in theory.

Unfortunately, a problem can arise when customers configure their switch ports for full duplex operation. Since full duplex allows traffic to flow simultaneously in both directions, it effectively doubles the available network bandwidth. Now, a mirror port on a switch can monitor traffic in one direction but not two (i.e., it can copy traffic FROM the source port but cannot monitor traffic TO it), and is therefore a logical half duplex operation. Even if the switch copies traffic from both transmit and receive channels on the source port, the traffic will eventually be forced onto the transmit channel of the mirror port. For this reason, mirroring a full duplex source port may cause packet loss as traffic on the full duplex source port exceeds the available bandwidth of the mirror port.

To make matters worse, customers often can't tell if the mirror port is oversubscribed: Simply because utilization reported by the analyzer on the mirror port is less than 100% doesn't mean that all packets have arrived safely. That is because oversubscription can occur at intervals shorter than that over which the analyzer is reporting its results. In other words, if actual throughput at the source port exceeds the mirror port's bandwidth for a half second, then drops significantly, the analyzer may never see throughput approaching 100% in a given one-second sample.

With this problem in mind, we'll return next week to consider two methods of mitigating this problem and determine which one approach is best for which customer environments.

RELATED LINKS

The Tolly Group, a strategic consulting and independent testing organization, offers a full range of services designed to furnish the vendor and the end-user communities with authoritative and unbiased information. The Tolly Group is a leader in assessing leading edge technologies and provides such services as: network design, product evaluations, industry studies, and market research. For more information, visit The Tolly Group's World Wide Web site, send e-mail to info@tolly.com, call 800-933-1699 or 732-528-3300, or fax 732-528-1888.. Fast Ethernet switches: Autosensing can be catastrophic
Network World on High-Speed LANs, 8/24/98.

Control over flow control
Network World on High-Speed LANs, 6/9/98.

Slower can be better
For heavily loaded networks, switched 10M bit/sec Ethernet beats its big brother, shared 100M bit/sec. Network World review, 3/9/98.

Sign up for this and other free e-mail newsletters


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.