Last Tuesday, our own Ben Erwin and Michael Leonard, Project Marketing Manager at Cisco, gave a Webinar entitled: “Building Performance-first Application Delivery Networks with Cisco and NetQoS,” where they showed attendees scenario based demonstrations based on a model of “Baseline, Optimize, Control, Quantify, and Troubleshoot,” which is one of the few models in IT that doesn’t have a catchy acronym. I mean, seriously, “BOCQT?” Isn’t that the sound a Ukranian hen makes?

Anyway, Ben Erwin and Michael Leonard have written up answers to all of the questions that they simply weren’t able to get to in the original time allotted. These answers are below:

Q: Our corporate data center has two connections into our MPLS network (for redundancy). How can WAAS be deployed in this scenario?

A: WAAS could be deployed on either or both links. WAAS is aware of asymmetric routing environments, so WAAS can deal with traffic that goes out on one link and returns on the other.

Q: If the NetQoS module or modules require NetFlow, please make a point of mentioning that. We don't have NetFlow, and don't want to buy it unless we have to.

A: The traffic analysis module does require NetFlow (or any flow export data source). If you have Cisco routers and switches in place today, then you already have NetFlow. NetFlow is included in the hardware at no additional cost.

Q: Is ACE optimization available on the ACE modules yet?

A: Yes, you can use ACE to optimize application delivery and baseline, quantify, and troubleshoot with NetQoS.

Q: How do you support new protocols for a new app?

A: NetQoS will automatically detect new protocols on the network. You can then choose to monitor application delivery and the appropriate optimization technology from Cisco.

Q: Can I view my virtual servers with this product?

A: Yes. NetQoS will allow you to monitor traffic to/from virtual servers. WAAS and ACE will also optimize application traffic to/from virtual servers.

Q: Which Cisco platforms must we be on to take advantage of the integration of Cisco and NetQoS?

A: For optimization, Cisco WAAS and ACE. In addition, any router/switch supporting NetFlow, IP SLA, CBQoS, or NBAR will also provide reporting into NetQoS.

Q: What are the instrumentation feeds to NetQoS: WAAS flow agent? NetFlow? What else?

A: SNMP, raw packets, Cisco UC (VoIP) metrics

Q: Does WAAS/ACE work with IPv6 addresses?

A: Not today, but it is under consideration for a future release.

Q: I understand there must be a pair of WAAS for each WAN link, how about ACE, does that need to be a pair also?

A: No. ACE is only deployed in the data center near the server farms.

Q: Do you support any data sources that require a network tap?

A: Nothing requires a network tap. However, a tap can be used to feed NetQoS raw packet data instead of a mirror (SPAN) port.

Q: How well does this technology work with MPLS?

A: All of the technologies mentioned in the presentation can function in MPLS environments. Cisco can optimize traffic over MPLS networks and NetQoS can monitor the delivery of applications over MPLS networks.

Q: Do I need an extra Aggregator for monitoring the WAEs or does a SuperAgent see the statistics of the WAEs ?

A: SuperAgent does require an Aggregator to view traffic from the WAE (WAAS) appliances.

Q: Does NetQoS collect/trend IP SLA data?

A: Yes. NetQoS collects and historically trends IP SLA data.

Q: Are there any detailed documents (engineer level) describing exactly how the integration works between the WAE/WAAS modules and SuperAgent. I need detail to explain exactly why I need it.

A: Yes. If you're a customer or prospect contact your NetQoS account rep. If not, contact the NetQoS sales team at sales@netqos.com and request a technical discussion on the integration.

Q: Is there an agent for the ACE?

A: No. ACE does not require agents.

Q: How does WAAS/ACE work with encryption?

A: Both WAAS and ACE interoperate with SSL encrypted traffic.

Q: We use RDP port 3389 for access to our Server farm. Can we implement NetQoS with this environment?

A: Yes. NetQoS can monitor traffic over RDP ports.

Q: Is this solution well suited for video streaming applications, specifically, real time video feeds?

A: Yes, NetQoS can monitor video traffic's impact on WAN bandwidth, network performance, and application delivery. WAAS has support for Microsoft media based video. WAAS will send only one stream over the core and split stream at the branch to conserve bandwidth.

Q: We are not using Cisco WAAS, but rather a competing product; can you touch upon interoperability with other WAN Acceleration vendors and more on the QoS specific functionality for tuning that?

A: NetQoS can provide traffic statistics if you're product exports flow records. However, these may not be very useful if the optimized traffic is tunneled. You cannot receive accurate response metrics with a non-Cisco optimization product and NetQoS (or any other performance monitoring vendor). Response time monitoring capabilities for optimized environments are only available with the combination of NetQoS and Cisco. Therefore, you would not be able to quantify the impact of any QoS tuning.

Q: Does deploying WAAS include NetQoS SuperAgent functionality, or are they separate products? I heard a rumor that deploying WAAS includes SuperAgent functionality.

A: They are separate products. However, WAAS does include NetQoS code that allows it to interoperate with NetQoS SuperAgent.

Q: How many of Cisco's IP SLA tests does NetQoS currently support? And will NetQoS add support to cover all of Cisco's IP SLA tests?

A: NetQoS supports all of the Cisco IP SLA tests today.

Q: Does WAAS differentiate between MPLS Class of service?

A: Yes, WAAS can give priority and process traffic according to DSCP marking.

Q: If it's not outside the scope of this presentation, can you talk about the performance differences between the inline and non-inline deployment models?

A: Performance is similar in both instances. WAAS implements WCCP as the primary method for non-inline and is tuned to work effectively with the device it is redirecting traffic to so as not to overload it.

Q: Strategically, assuming availability of higher WAN bandwidth at a lower cost, what becomes the core strength of WAAS?

A: WAAS allows you to use your bandwidth more effectively so that you don’t need to overprovision and WAAS overcomes the impact of latency on application performance. Even if you have enough bandwidth in theory, you might not be able to fill the pipe due to the behavior of TCP on links with high latency.

Q: Can you export NAM data to NetQoS today?

A: NetQoS can collect data from NAM’s today via SNMP.

Q: Even custom applications with custom communication formats?

A: Yes. Any custom IP application can interoperate with NetQoS and Cisco.

Q: I take it that this device would allow to see how affective your QOS policy is being. Does this take the place of the QoS Manager?

A: Yes WAAS allows you to see what applications are using your bandwidth and how much bandwidth they are using as well as how much reduction in bandwidth usage WAAS is providing per application. WAAS works with the QoS policies on your router. WAAS can make separate QoS control device unnecessary.

Q: Do I need NetFlow enabled on the remote site and the head office router to do a baseline?

A: NetFlow can be enabled in either location. Baseline calculations are independent of the NetFlow source or location.

Q: The SuperAgent can't tell anything about response times of UDP traffic, but does the SuperAgent show the amount of UDP traffic?

A: Correct, SuperAgent cannot monitor the delivery UDP applications. However, the NetQoS traffic analysis capabilities with Cisco NetFlow can show the amount of UDP traffic on the network. In addition, NetQoS can report Cisco IP SLA metrics to measure UDP latency.

Q: How many (max) ports per NetQoS appliance. Are we talking fiber? Fiber channel?

A: Depending on the capabilities needed, appliances come with 2, 4, or 8 ports with copper, fiber, or fiber channel connectivity.

Q: What hardware is required at a branch office to deploy WAAS?

A: WAAS can be deployed as an appliance or as a network module for the Cisco ISR router.

Q: How do appropriately size the model of WAAS hardware for your network?

A: Cisco provides a sizing tool and sizing guidelines. Sizing is based on throughput requirements and the number of TCP connections to be supported. WAAS was tested by an independent test facility to scale to over 50,000 TCP connections.

Q: How big is the impact on Cisco router processor load, when using NetFlow reporting?

A: 2% or less impact to CPU cycles on any Cisco router/switch model.

Q: Which segment do you use CBQoS statistics and into which metric does it get aggregated?

A: CBQoS data is collected via SNMP with the NetQoS device management capabilities.

Q: Can NetQoS read the real underlying application if another port is used?

A: Yes, NetQoS can provide full deep packet inspection capabilities to read any layer of the application.

Q: How does WAAS work with encrypted MAPI (email) from branch to datacenter?

A: Support for encrypted MAPI is under consideration for a future release. Currently WAAS will not apply full optimizations if the traffic is encrypted but will provide the default L4 optimizations that are effective for Exchange cached mode.

Q: Can WAAS encrypt its optimized traffic?

A: WAAS can encrypt data stored on the disk and WAAS can optimize SSL encrypted traffic. WAAS does not encrypt traffic in flight. WAAS interoperates with your security infrastructure.

Q: Is WAAS and ACE required to measure transactions response time?

A: No. Application delivery and response times can be measured with NetQoS without WAAS or ACE. However, WAAS and ACE are required to optimize the delivery of applications.

Now, me, personally, I don’t use Twitter. Oh, yes, I know, as “new media/blog guy” I’m supposed to be all “hep” to the latest “doo-dads” what with me being one of those crazy “internet geekerinos” but I just never really saw a value in Twitter that wasn’t available with LiveJournal years ago.

One hundred and forty characters is simply not enough room to convey anything particularly complex, informative, or artistic. I mean, even though I read “Burnt Orange Report,” published by Karl-Thomas Mussleman, I must admit that twitter posts like…

“karltm Sitting behind marc katz in traffic. His left rear tire pressure is low. 12:24 PM May 24, 2008 from txt”

…neither inform nor entertain.

Others, like this one from my friend and sometimes improv comedy partner Chris Trew of Coldtowne…

“christrew just ate body paint 19 minutes ago from web”

…are just things you don’t want to know.

For all of its flaws, however, Twitter’s service is something that many professionals – for whatever reason – rely on. Unfortunately, Twitter is not particularly reliable – the constant outages have prompted at least one person to create a Web site called “IsTwitterDown.com” which pings Twitter’s server.

Now , pinging Twitter’s server may indeed help you determine fault – but it won’t tell you anything about the dropped packets, network round trip time, or any of the other performance issues which prevent Twitter from being usable. For example, users experienced degraded service this morning because Twitter’s main database crashed due to too many connections. A quick ping wouldn’t detect “too many connections” – it would just be one of the successful connections of which there were apparently too many.

To Twitter’s credit, they’re well aware of the performance issues and just today have started a blog which details “performance and reliability.” Pagination – whatever that is – is partially restored. (I’m assuming it might have something to do with Ellen Page, the lead actress in “Juno.”)

Mark Gibbs at Network World suggested that IsTwitterDown.com should switch from merely pinging the Twitter server to using cURL and Wget to see if you can send and receive Twitter updates, which would be more accurately measuring the performance of Twitter. Then again, considering that istwitterdown.com is in the same vein as abevigoda.com, which constantly updates "is he dead?" status of Abe Vigoda, that might be taking the joke too far.

On “Ask Slashdot” a reader asks about the possibility of traffic shaping to control his roommate’s Bit-Torrent hogging.

Of course, the Slashdotters were more than helpful – recommending that instead of traffic shaping, he simply set up a QoS policy on his consumer-grade router – and if his router didn’t currently support it, that he use replace the router firmware with something like Tomato, OpenWRT, or IPCop.

Others, seeking the “Russian Pencil” solution as opposed to the “NASA Space Pen” solution recommended that the roommate get a good talking to – and be persuaded, perhaps, to run the torrents during off-peak hours.

However, there are other solutions to this problem, and I’ve spent most of the morning thinking of them. (I love my job.)

Solution 1: Defeat the Matrix.

Step 1: Drink Tequila.
Step 2: Play Crystal Method at high volume.
Step 3: Rip the router out from the wall. Congratulations, you have defeated the Matrix. Declare this fact loudly.
Step 4: Dodge in slow-motion any objects that your roommate may throw at you.

Solution 2: Drown Him in Kittens

Step 1: Bailey’s Irish Crème
Step 2: Play Loituma at high volume
Step 3: Split the network and redirect all of his HTTP traffic to “Kittenwar.com”
Step 4: Hide the ammunition to your roommate’s shotgun. Oh, wait. That really should have been Step 2…

Solution 3: A Trip to Texas

Step 1: Drink half a bottle of Crown Royal. This will help you to see the Chupacabra in Step 3.
Step 2: Take the train to a border town in Texas. Listen to ZZ Top on your iPod.
Step 3: Capture a Chupacabra, using the other half of the Crown Royal as bait, and the bag to transport the Chupacabra. (See Fig. 1)
Step 4: Tell your roommate you will release the Chupacabra into his room if he doesn’t stop the bandwidth hogging.

Solution 4: It Makes Real Cupcakes

Step 1: Get a Sasquatch blind drunk on Hennessey.
Step 2: Watch Harry and the Hendersons
Step 3: Replace roommate’s computer with EZ Bake Oven.
Step 4: Replace roommate with Sasquatch.

J.H. Woodyatt says:

"It's time to start talking about what the Internet will be like in a future where we abandon all our efforts toward the IPv6 transition.  Because the transition isn't happening.  It's not going to happen.  We're going to be living on IPv4/NAT for the rest of our lives."

Now, I’m known among my friends as the pessimistic one.  Granted, there’s a lot to be pessimistic about – gas prices, global warming, high fructose corn syrup, robot uprisings… But Woodyatt talks about a future he believes will come to pass – one in which IPv6 is never implemented fully and which leaves us with IPv4. 

And while Woodyatt talks about the many problems that will arise when the IPv4 address space is exhausted (like the decreased performance you get from using a NAT on a NAT on a NAT, or the logistics of asking major multinationals to pay for something that they previously got for free,) he doesn’t really back up his main point that we are going to be living on IPv4 – merely asserts it.  The closest he gets is saying that “there is no cost for IPv4/NAT high enough to drive adoption of IPv6,” a paragraph below he asserts that nobody knows exactly how much it’s going to cost to buy IPv4 addresses on a free market. 

“Nobody knows.  It could be pennies a year.  It could be the better part of a hundred dollars a month.  Nobody knows.  Nobody freaking knows.”

There’s no question that IPv6 adoption has been slower than many would hope – possibly because unlike the Y2K problem, the IPv6 switchover doesn’t have a firm date set.  Personally, I think ICANN should go ahead and make an announcement that all of the root nameservers will be going IPv6-only on some fixed date.  (May I suggest March 29, 2011?  IPv4 can only handle 2^32 possible unique addresses – and March 29, 2011 is my 32^nd birthday.  Then again, the IPv4 Exhaustion Counter currently estimates “exhaustion day” as Jan 17, 2011.)

And one big driver for IPv6 – phones, toasters, cars, and other electronic/mechanical thingy-doo-dads needing their own IP addresses now seems more like science fiction than anything of practical importance.

But that hasn’t stopped governmental agencies, such as the European Union, from switching over to IPv6.  Sure, it may take longer in America, where government agencies only pay lip service to IPv6, but America is neither the world, nor is it a technological world leader. 

NAT may work for now – but they’re still adding complexity to design, deployment, and maintenance of networks, add an additional possible point of failure, and break P2P apps.  It may take a while – and it’s probably not going to happen overnight.  But those companies and organizations that don’t switch will find themselves at a competitive disadvantage that will require them to switch over eventually anyhow – at an increased cost.  IPv6 adoption will happen, and the “DOOOOOOM” scenario may provide a couple uncomfortable months – but eventually things will settle back down into a new normal.

And this is coming from a guy who refuses to put money into a 401k because he believes that it’s better invested in concrete, canned goods, anti-radiation pills and shotguns.

A conference of Web and Internet visionaries and experts, including inventor of the World Wide Web, Tim-Berners Lee, will be held at Rensselaer Polytechnic Institute. At “Tetherless World Research Constellation,” the questions will be determined by Internet submissions and voting. The entire event, scheduled for June 11th, will be streamed over the Internet.

First, enterprise IT teams may notice a slight spike in traffic on June 11th from people interested in the future of the Web.

Second, enterprise IT teams should be some of those people interested in the future of the Web.

One of the many good things that Web 2.0 has brought with it is the idea of reusable APIs and mashups - applications which combine data from multiple sources. The result is greater flexability in presenting information to the end-user. For example, Craigslist's housing ads can be plotted and tracked on a Google Map - thus "Housingmaps.com".

Application developers are using these APIs in order to give their own products new capabilities. However, combining data from multiple sources into a single integrated tool means that you're pinging an external source for every one of those sources - each one of which might have its own delay. These services in turn might be pinging multiple data centers or other mashups.

These are the changes to the Web already affecting the network; some foreknowledge of what happens next with the Web and how it will affect enterprise networking would be very useful.

In general there isn't enough communication between application developers and network engineers - the result is "chatty apps" and bandwidth heavy applications that might work on a LAN but don't work over the WAN. Anything to increase that communication and get both sides on the same page should be encouraged.

There’s a store nearby a Wal*Mart on Route I-35 in Austin. “Goodwill Computer Works” – run by the same Goodwill company that operates the thrift stores, has old technology, donated by people who don’t need it and sold at very low prices. It’s a veritable smorgasbord of DVD-Roms, Zip Drives, SDRam, 10 Gigabyte hard drives, ATI All-in-Wonder AGP cards, and copies of Windows NT 3.5.

Oh, and old computers. Tons of them – most from the Pentium 2 and Pentium 3 era, many of them donated by large companies who have upgraded from the old to the latest-and-greatest.

A posting on Slashdot got me wondering – what would you do with a whole bunch of old, obsolete tech? Donate them? Well, that’s a good tax write-off, but what if you could actually do something with them.

Here are ten things you can do with old technology such as Pentium 2 laptops.

1) The Wired Meeting Room

Wouldn’t it be nice to have an interdepartmental meeting where everyone had access to their email accounts – and could look up information when needed at a moment’s notice? What if you put a laptop in front of each seat in a six-person meeting room?

There are a number of ways this could be accomplished – if the laptops are capable of running a Web browser, any Web-based mail would work. Still another option would be to add a Webcam, Microphone and some form of VoIP software – allowing you to communicate with others across the corporate LAN, WAN, or Internet – that is, however, assuming that your network is performing well enough to handle the extra load.

Another option is to set the laptops up as dumb terminals and have them log in to a more robust server in the meeting room – or to their office computers at their desks!

2) Laptop Anywhere.

Again, take the laptops and set them up as dumb terminals to the user’s personal office computer – but this time, add WiFi and the user can then bring his or her work anywhere in the entire office building – or at least those areas in the office building covered by the WiFi network. And heading to another person’s office to collaborate on a project means that you don’t have to leave your own computer behind.

3) Monitor Performance at-a-glance

If you want to keep appraised of network performance, SNMP polling data, utilization – even live Web traffic, you could mount an old laptop to your wall and keep abreast of what you’re looking at. If these statistics can be determined via a terminal – that’s good, but anything that can be put into a Web browser can be shown by anything that can run a Web browser.

4) The Stock Ticker Of The Future

Sure, you could also use the above trick to monitor stock Web pages – and it would be much simpler than this route – but if you’re savvy enough, you could set up a small server box with the MythTV backend, install MythTV front-end on a series of laptops, and each of them can stream CNBC live. It’d take a lot of traffic but hopefully if you keep it on the relatively high throughput environment of a LAN, it’d be okay. Just make sure that you know what the effect will be on your network before you do this – video takes a lot of bandwidth.

5) Beowulf Cluster

It had to be said.

6) Digital Picture Frame (Suggested by Dan Brzoska)

If you don’t mind potentially wrecking the computer, there are more than a few tutorials on how to turn old laptops into digital picture frames – this tutorial from Popular Science shows how to set up the computer to grab the photos from someone’s Flickr stream, meaning you can update the photos from across the world.

7) Productivity Booster (Suggested by Jason Tanner)

Want a second monitor for the office? It may be hard to justify getting a second monitor that would cost the company $200-400 – but using a laptop the IT department was going to donate anyway is a much easier sell. You can do this a number of ways – Web-based e-mail works, althoughit’s possible to set up the computer as a dumb terminal to your work computer and have full access to your standard e-mail client, like Outlook.

8) Demo Server (Suggested by Manish Chacko)

If your company sells computer products, the dumb terminal trick can be used again to serve up demos of your products to customers when they come into the office. Why not let them play with the product themselves instead of watching you do it for them? They may come up with a question about how to use the product that they may not have asked otherwise.

9) Office Space

You know the scene I’m talking about.

10) Scrabble (Suggested by Jim Duster)

If all else fails, you can take the keyboards off of old laptops and pry them off to play Scrabble. Remember, you’ll need at least 12 “E” tiles – which means 12 keyboards.

Noah Shachtman at Wired’s lede is hard to improve on, so I’ll quote him directly.

The Air Force wants a suite of hacker tools, to give it "access" to -- and "full control" of -- any kind of computer there is.  And once the info warriors are in, the Air Force wants them to keep tabs on their "adversaries' information infrastructure completely undetected."

This is why people like me have trouble getting to sleep at night.   The phrase “the military is trying to take over my computer,” is easily dismissed as the rantings of a paranoid delusional conspiracy theorist. It’s another thing when the military says: “We want to take over your computer.”

The program is called “Dominant Cyber Offensive Engagement” and the goal is to – well, in military parlance, the goal is to “Deceive, Deny, Disrupt, Degrade, [or] Destroy” computers deemed by the military to be hostile. 

One of the ways to “degrade” is through military botnets; another goal the armed forces are pushing forward.  Under the theory that the best defense is a good offense, Col. Charles W. Williamson III, (not related to Maj. Charles E. Winchester III, played by David Ogden Stiers for six seasons on M*A*S*H,) wrote in the Armed Forces Journal that “America needs the ability to carpet bomb in Cyberspace.”

It’s not hard to imagine how this could go horribly, horribly wrong for anyone caught in the middle of a “fight” between rival botnets.  Imagine an infected botnet zombie on your network – one whose botmaster, for whatever reason, terrorism, economic disruption, or “teh lulz,” decides to use that computer to attack a computer in the military.  The change from a defensive strategy to a counterattack means that instead of one botnet on your network – you now have two separate botnets.  Furthermore, what’s the likelihood the military botnet will call off the attack if you manage to contain the original botnet?  And of course, with a criminal botnet, you could always kick them off your network without impunity because what they’re doing is illegal.  Interefere with a military botnet and you’re “obstructing the interests of National Security.” 

Either way, both botnets are sending massive amounts of anomalous traffic back and forth – “degrading” performance if it doesn’t just bring the whole enterprise crashing down.

Of course, the military hasn’t been doing that well on cybersecurity defense.  Operation Cisco Raider revealed that over 3,500 counterfeit Cisco network components have been discovered, some of them in military installations. 

I’m going to have to call my doctor and ask him to increase my dose of Ambien.

by Brian Boyko
Editor, Network Performance Daily

Enterprises are seeing more adoption of 10 gigabit Ethernet according to a report by Network Instruments, and reported on their Network Observations blog that nearly one quarter of businesses are implementing 10G networks by the end of the year. The larger the company, the more likely a 10G rollout.

There’s certainly evidence of a trend, but is that evidence of a need-based demand? LAN technology at the gigabit Ethernet level typically has low latency – and I don’t see 10G Ethernet helping with that much if at all. Gigabit Ethernet is still a heck of a lot of bandwidth, especially compared to the bandwidth offered by WAN solutions. In any LAN/WAN/LAN traffic path, it’s almost always the WAN that proves to be the bottleneck.

But it is possible, with large VoIP networks, that you could be overloading the LAN capacity and decide to move to 10G for that reason. This could possibly explain why big companies are more likely to have 10G than smaller companies – because if you’re not hitting the bottleneck on the LAN, 10G doesn’t really help you deliver the applications any faster or effectively.

What I think is more likely is that 10G has hit a price point where it costs about as much to roll out 10G as it does the older technologies. Instead of 10G taking over the market from companies migrating from 1G, instead it seems that when companies choose to build new systems, they’re choosing to build them in 10G instead of 1G.

But again, it comes down to application delivery. And if we’re not delivering applications faster, the question is then asked – is there any application that is not feasible to execute on a 1G network for which a 10G network would be suitable?

Then I remembered that I’m a geek, and I like my toys.

Specifically, when I move into my new apartment next month, I’ll be back on my own router hardware. My current place has Ethernet built in – it’s a feature that saves me $50 a month, but the complex houses its own routers, which I have no capability to port-forward, which means that I can’t set up a remote desktop connection so that I can check on my home computer from work. And looking forward to being able to do that again reminds me that perhaps one of the new applications that could propel an adoption to 10G might be combining virtualization with remote desktop software – that is, making the end users work from their desk computers on a virtualized environment on a server. This means that you get more life out of older but still usable desktop hardware. According to the FAQ from RealVNC, at 100Mbps per connection, “most tasks will be indistinguishable performed remotely from if they were performed locally” Still, 100Mbps fills up a 1Gbps LAN pretty quickly. However, a 10Gb LAN might be able to accommodate this new application.

There are limitations – anything using full screen video or animation (a movie, or a 3-D environment) where there are rapid changes of every pixel will require even more bandwidth before it gets “choppy” – which will probably sink my plans of playing Half Life 2 on my Mac via a remote desktop connection to a PC. But this is certainly one of those “think about it” half baked ideas that may become reality in the near future.

By Ben Erwin

Have you ever read the Surgeon General’s warning on the side of your packet capture probe or appliance?  Look closely and you’ll find it:

SURGEON GENERAL’S WARNING:  PACKET CAPTURE PROBES MAY CAUSE IT BUDGETS TO VANISH AND MAY COMPLICATE PREGNANCY

IT budgets are being needlessly consumed by over indulgence in packet capture and analysis capabilities.  People seem to be somewhat addicted to packet capture.  Why is this happening?

Don’t get me wrong, I’m not anti-packet capture.  Packet capture has an important place in managing application delivery.  That place, however, is the data center.   Applications will occasionally misbehave (even though everyone will blame the network) and you will need some packet capture and analysis capabilities to find out why.  NetQoS provides the capabilities with NetQoS SuperAgent and GigaStor.  SuperAgent’s end to end application response time capabilities can isolate the issue from the network to the application, and GigaStor’s retrospective analysis can help you analyze raw packets for root cause – all from the confines of your data center.

Monitoring the edge is when packet capture becomes hazardous to your IT budget’s health.  While most IT shops have not pushed their application servers to the edge, technologies like MPLS and VoIP have decentralized network communication and increased the need for visibility at the edge. This is when packet capture junkies get out of control.

At $5 to 10K each, putting packet capture probes throughout the edge is simply not worth it. If you manage a large enterprise network, close your eyes and imagine having to deploy, monitor, and manage hundreds of boxes throughout your network just for edge visibility.  What’s my TCO of having all of the probes on your network?  What’s my impact to manpower?  Sure, they work fine for troubleshooting issues in the data center but can I really afford one at every site?  But I still need visibility…is there is a cure to my packet capture addiction? 

As a matter of fact, there is a cure – NetFlow.  Enabling NetFlow on edge routers provides cost-effective application visibility without the need to deploy probes.  Why is it cost-effective?  Because NetFlow itself is essentially free.  It already exists on your existing infrastructure, just waiting for you to enable and collect it. 

While NetFlow is not as granular as packet capture, robust NetFlow reporting capabilities will help you solve almost every issue at the edge.  NetFlow provides several IP layer metrics (including port, IP address, and ToS bit just to name a few) to help you troubleshoot network problems. 

Currently, NetFlow and NetQoS ReporterAnalyzer are monitoring over 250,000 WAN links for IT shops worldwide, and over 65 companies use NetFlow ReporterAnalyzer to monitor at least 1,000 WAN links.  All of these IT shops have blissfully discovered NetFlow is the only cost-effective solution for monitoring the edge.

So if you find yourself trying to scratch the packet capture itch just make sure you’re buying in moderation.  Save yourself a ton of time and money and keep packet capture in the data center.  When it comes to obtaining visibility into the edge, NetFlow is the way to go.

We’ve mentioned numerous times about broadband penetration and speed lagging behind countries more rural and less populated – in other words, countries the U.S. has no excuse lagging behind.

Ars Technica recently put out an article detailing what differences in national broadband policy exist that have enabled other nations to surpass the U.S.’s broadband capability. Japan and France have local loop unbundling – that allows for more competition among ISPs.  They also both deploy fiber instead of copper even if it doesn’t show an immediate profit, and competing ISPs are rolling out new fiber infrastructure instead of just leasing lines. 

Japan, France, Sweden, and Canada all treat broadband as a “core infrastructure element” – that is, it is treated as vital to the functioning of the national economy as good roads, bridges, tunnels, and electrical grids.

In all fairness, the U.S. can claim the same thing.  The U.S. may have no broadband policy, may be looking to traffic shaping to solve problems that would be better addressed by more fiber rollouts (oh, and by the way, there’s a new $800,000 deep packet inspection device on the market today to help service providers monitor and shape traffic), and may be relying on increasingly obsolete technologies – but at least we treat it the same as we do our roads, bridges, tunnels, and electrical grids. 

Which is to say, not very well at all.  The American Society of Civil Engineers gave the United States infrastructure a “D” in 2005, down from a score of “D+” in 2003 – and to fix those problems would require $1.6 trillion over five years.  Since then, not much has been done, according to this CBS video reposted on RawStory.com.

Instead, the government is considering plans to lease highways to private companies – using tolls to provide a “free market” solution to the infrastructure problem – but which will ultimately be a government sanctioned private monopoly over certain sections of blacktop. It is difficult to see how this would improve infrastructure, rather than simply allowing private companies to charge the maximum people will pay for the minimum infrastructure service people will put up with.

So, as far as treating broadband infrastructure like the rest of America’s infrastructure, it seems we already do that.  But what needs to be clear is that broadband infrastructure is infrastructure – that is, it is just as important for the rural area to get good broadband as it was for them to get good roads back during the Eisenhower administration. 

In a macabre way, this limited broadband is good for vendors; if broadband was plentiful there wouldn’t be so great a demand for WAN Optimization tools, for example.  Sure, WAN Optimization is a good idea anyway but it is the high cost of bandwidth that spurs demand forward.  It is becoming harder to maintain performance not just because of the various new demands on the network but also because the infrastructure across the country is simply inadequate – thus the demand for network performance monitoring tools.  Increasing bandwidth doesn’t always solve the network problem but insufficient bandwidth always creates one.