posted

1 Comment

by Damian Miller, NetflowLogic

NetFlow or IPFIX

NetFlow or IPFIX is a networking protocol that collects IP traffic information as records and sends them to a processing technology such as NetFlow Logic’s NetFlow Integrator for traffic flow analysis. VMware NSX, the networking foundation for the software defined data center (SDDC), supports NetFlow/IPFIX,  which is the most common version supported by network devices. NetFlow/IPFIX capability in the NSX platform, when combined with NetFlow Integrator, provides visibility between the virtual overlay and physical networking layers that include:

  • Intrahost virtual machine traffic (virtual machine–to–virtual machine traffic on the same host)
  • Interhost virtual machine traffic (virtual machine–to–virtual machine traffic on different hosts)
  • Virtual machine to physical host traffic

The figure below shows a Virtual Distributed Switch (VDS) configured to send NetFlow records to NetFlow Integrator, which is connected to an external physical network switch. The blue dotted line with the arrow indicates the NetFlow session that is established to send flow records for NetFlow Integrator to analyze.

phys-switch

Netflow Usage

NetFlow capability on a Virtual Distributed Switch along with a NetFlow processor like NetFlow Integrator helps monitor application flows, identifies connectivity issues, and measures flow performance over time. It also helps in capacity planning and ensuring that networking resources are utilized properly by different applications, based on their needs.

By “stitching” virtual and physical flows, NetFlow Integrator reports where virtual traffic is encapsulated, and which physical network devices the encapsulated traffic traverses through.

While processing physical flows of network communications, NetFlow Integrator analyses and reports the health and failure risk of network devices down to the interface level. This enables IT Operators and Virtual Infrastructure (VI) Administrators to troubleshoot which virtual network conversations are affected by physical network degradation and outages.

Best Practices – Managing Network Operations with vRealize

While the benefits of virtual networking are increasingly becoming understood, including fine grain segmentation, application personalization, and provisioning automation at the cloud portal level, one of the biggest operational concerns is the loss of visibility regarding how to trace and troubleshoot connectivity between the virtual and physical networking layers. Lacking traceability leads to longer time to resolution, and unacceptable outage time frames for many customers. Best practices are to utilize processors like NetFlow Integrator with VMware vRealize Operations Manager to address this operational issue by leveraging the core platform capabilities of vRealize Operations Manager with NetFlow Logic’s expertise in collecting and analyzing network health and path data, and representing this as a superset of data within vRealize Operations Manager.

Netflow in the topology view.

Managing Netflow within vRealize Operations

Resulting from this integration, administrators can, at-a-glance, quickly see the health of any network interface. They can also see the virtual tunnel end points (VTEPs), where VM traffic is encapsulated. They can drill into the network interfaces that are reporting forwarding problems, see affected VMs, and quickly determine where and how to take corrective actions.

Conclusion

As customers move to VMware NSX as the standard for network virtualization for the software defined data center (SDDC), they need the proper tools in order to identify specific location of a network problem, be it the virtual network or the physical network. They also need to simplify network operations management and manage their SLA requirements. NetFlow features on the NSX platform, when combined with tools like NetFlow Integrator, enable a comprehensive solution with best practices for IT Operators and VI Administrators for use with VMware vRealize.

In the next post I will talk about setup and configuration, and in the subsequent posts we will deep dive into specific use cases.

Learn more at: www.netflowlogic.com