How To Segregate & Load Balance 10Gbps Traffic To 1Gbps... // White Paper

Transcription

How To Segregate & Load Balance 10Gbps Traffic To 1Gbps... // White Paper
How To Segregate & Load Balance 10Gbps Traffic To 1Gbps Tools
// White Paper
The Smart Route To Visibility™
The latest Internet phenomenon, Web 2.0, is transforming the
World Wide Web from a collection of static portals to a dynamic
interactive medium ideally suited for commerce, advertising, grassroot content creation, and on-demand multimedia consumption.
Technical Challenges
A major issue faced when deploying 10GbE core networks is
to provide a cost-effective, comprehensive solution to monitor
mission-critical traffic at full line-rate. Ensuring network integrity
including performance, security and compliance is paramount.
Critical mass in broadband and wireless accessibility, an important
enabling factor for Web 2.0, has made high-speed networking
technology a commodity. In the year 2000, service providers struggled
Unfortunately, 10 Gigabit monitoring tools while available, are either
prohibitively expensive or simply incapable of handling full linerate except in short bursts.
with deploying expensive 100Mbps Fast Ethernet switching
Recently, a new class of Traffic Visibility Switch, designed specifically
technology, today they have almost completely transitioned to
for out-of-band network monitoring has been introduced and can
Gigabit Ethernet to stay competitive. As this trend continues, the
accommodate multiple bit-mask filtering rules at each ingress
second decade of the 21st century will emerge as the decade of
port (both 1GbE and 10GbE).
10 Gigabit expansion. Few customers are willing to be left behind
and most are already moving to transition their core network to 10
Gigabit in order to realize additional cost savings and substantial
Using these multi-rule sequential pre-filters, 10 Gigabit traffic
performance gains.
can be “mapped” to multiple load-sharing 1 Gigabit analyzers.
With each tool analyzing a specific VLAN range, port number
or IP subnet according to the specific filter rule, comprehensive
Port mirroring has its limitations and since managed switches are
monitoring at 10Gbps without oversubscribing any single Gigabit
an integral part of the infrastructure, it is important to be careful
tool is achieved. Since mapping filters are hardware based,
not to establish a point-of-failure. Understanding what can be
latency is negligible and full line-rate performance is guaranteed.
monitored is important for success. SPAN ports are often over
used leading to dropped frames. LAN switches are designed to
groom traffic (change timing or add delay), extract bad frames
and ignore all layer 1 & 2 information. Furthermore, typical
implementations of SPAN ports cannot handle FDX monitoring,
and analyzing VLANs is also problematic.
Copyright © 2012 Gigamon, LLC. All rights reserved. Gigamon, GigaVUE®, GigaSMART, G-TAP, Flow Mapping are registered trademarks of Gigamon, LLC and/or affiliates in the
United States and certain other countries. Visibility Fabric, Traffic Visibility Fabric (TVF), Citrus, and The Smart Route To Visibility are trademarks of Gigamon. All other trademarks
are the property of their respective owners.
Gigamon | 598 Gibraltar Drive Milpitas, CA 95035 | PH 408.263.2022 | www.gigamon.com
1
How To Segregate & Load Balance 10Gbps Traffic To 1Gbps Tools
// White Paper
The Smart Route To Visibility™
Computers/End
User Devices
Access
Switches
Storage
Distribution
Switches
Core
Switches
Servers
Gigamon
10GigaPORT-6X
1G/10G PORTS (SFP+)
SERIAL TIME CODE
SLOT 2
Alm
IntelligentDAN TM
PORTS
Rdy
GPS Lock
Pwr
GPS ANT (TNC-RG213)
GigaVUE-2404MB
G1
G2
G3
9
1G/10G PORTS (SFP+)
G4
G1 G2 G3 G4
1
2
1
16
RS232
10/100/1000 PORTS (SFP)
M/S
Rdy
3
4
2
3
5
4
6
5
7
6
SLOT 1
8
7
8
PORTS G1-G4
PORTS 1-8
Pwr
Mgmt
Console
10GigaPORT-8X
SLOT 3
1G/10G PORTS (SFP+)
PORTS
17
24
Pwr
VoIP Phones
UP WHEN
INSTALLED IN
REAR SLOT
VoIP
Security Protocol Forensic Application
Analyzers
IDS Analyzers Recorders Monitors
Network Monitoring with a Single Core Switch
Network Monitoring with Multiple Core Switches
10G Network Ports
1
10G Network Ports
1
Core
Switch
Filter Rule 1
1G Tool Ports
Post-Filter
Filter Rule 2
Filter Rule 3
Filter Rule 4
5
Core
Switch
Post-Filter
Post-Filter
5
Filter Rule 3
Post-Filter
6
Filter Rule 4
M onitor Tool 1
M onitor Tool 2
Post-Filter
7
Post Filter
8
Filter Rule 1
6
7
Monitor Tool 3
Post Filter
Post-Filter
Filter Rule 2
Monitor Tool 1
Monitor Tool 2
Legend
10G
1G
Filter Rule 1
1G Tool Ports
8
Monitor Tool 4
2
Core
Switch
Filter Rule 2
Filter Rule 3
M onitor Tool 3
Filter Rule 4
M onitor Tool 4
Legend
10G
1G
Whether it is Gigabit or 10 Gigabit, mission critical core networks
Shown here is a typical web-centric customer data center running
are almost always tiered, meshed and fully redundant. High
a 10Gbps core. In order to support the tremendous amount of
availability network architecture dictates that multiple 10Gbps
web traffic (on the order of tens of millions of page views per
links are deployed between parallel switches to improve reliability.
week), it is not uncommon to have up to ten 1Gbps links to the
Therefore, packets do not travel on a unique path and in order
Internet (to ISP’s and peering sites). Furthermore, it is estimated
to provide thorough monitoring, multiple 10Gbps traffic streams
that total traffic is also increasing at 30% per quarter. Therefore a
would have to be mapped simultaneously and aggregated so that
scalable monitoring solution is needed to match growth.
each tool gets a logical slice of the total traffic.
In the core of the network, servers are organized in clusters,
each serving specific business functions. These functions range
from online shopping, credit verification, merchandise delivery,
Copyright © 2012 Gigamon, LLC. All rights reserved. Gigamon, GigaVUE®, GigaSMART, G-TAP, Flow Mapping are registered trademarks of Gigamon, LLC and/or affiliates in the
United States and certain other countries. Visibility Fabric, Traffic Visibility Fabric (TVF), Citrus, and The Smart Route To Visibility are trademarks of Gigamon. All other trademarks
are the property of their respective owners.
Gigamon | 598 Gibraltar Drive Milpitas, CA 95035 | PH 408.263.2022 | www.gigamon.com
2
How To Segregate & Load Balance 10Gbps Traffic To 1Gbps Tools
// White Paper
The Smart Route To Visibility™
product support, uploading and downloading of music, pictures,
podcasts, video, and various online activities including search,
chat, email, blogging, etc. Each server switch is connected to
the core switches using two 10Gbps redundant links, which are
connected to the Internet through multiple 1Gbps redundant links.
A large number of best-of-breed monitoring tools from multiple
vendors are deployed including performance tools to track realtime user experience and to enable internal charge-back
About Gigamon
to various business functions, database security tools to prevent
Gigamon provides intelligent Traffic Visibility Networking solutions
leakage of confidential information and forensic data storage
for enterprises, data centers and service providers around the globe.
to proactively and retroactively examine attacks and abuses.
Our technology empowers infrastructure architects, managers and
All of these monitoring appliances compete for out-of-band
operators with unmatched visibility into the traffic traversing both
traffic access.
physical and virtual networks without affecting the performance or
stability of the production environment. Through patented technologies,
With the Traffic Visibility Switch, the 10Gbps traffic streams
the Gigamon GigaVUE portfolio of high availability and high density
mirrored from the core switches are captured and aggregated.
products intelligently delivers the appropriate network traffic to security,
Mapping filters based on IP address range corresponding
monitoring or management systems. With over seven years’ experience
to the server switches are used to segregate the total traffic
designing and building intelligent traffic visibility products in the US,
into different logical groupings such that each appliance is
Gigamon serves the vertical market leaders of the Fortune 1000
responsible for monitoring traffic belonging to one or several
and has an install base spanning 40 countries.
specific business functions.
For more information about our Gigamon products visit:
Using a Traffic Visibility Switch with multi-rule mapping features
www.gigamon.com
to share the load among multiple parallel processing Gigabit
tools is the most effective way to cost-effectively monitor
your 10Gbps network.
Moreover, the Traffic Visibility Switch acts as the virtualization
layer between the network and monitoring tools. It is the building
block for a flexible Traffic Visibility Network that enables IT
engineers to deploy monitoring tools at will. Adds, changes
and moves can be performed without requiring any physical
changes or exerting load to the production network. Speed
change (1Gbps to 10Gbps or 10Gbps to 1Gbps) and media
conversion (copper to optical, multimode to single mode)
can also be easily accommodated.
Copyright © 2012 Gigamon, LLC. All rights reserved. Gigamon, GigaVUE®, GigaSMART, G-TAP, Flow Mapping are registered trademarks of Gigamon, LLC and/or affiliates in the
United States and certain other countries. Visibility Fabric, Traffic Visibility Fabric (TVF), Citrus, and The Smart Route To Visibility are trademarks of Gigamon. All other trademarks
are the property of their respective owners.
Gigamon | 598 Gibraltar Drive Milpitas, CA 95035 | PH 408.263.2022 | www.gigamon.com
3