news, processor, server virtualization, virtual traffic, SNMP, virtual environment monitoring solution, multitier infrastructure, virtualization, virtual servers, vmware, virtual machines, virtual environments, CPU management, virtual infrastructure

News

Tools For Tracking Virtual Traffic

Virtualization Brings A New Set Of Issues To Small & Medium-Sized Enterprizes

By Sandra Kay Miller

Nov 30, 2007 - It’s hard to fix what you can’t see. IT and data center managers are finding out there are real headaches associated with virtual traffic as organizations squeeze more resources out of their existing investments through server virtualization.

Tracking down problems in the virtual realm can be difficult on a number of fronts. “One of the biggest weaknesses we saw out there in terms of the way that people are managing the data centers today is that the tools that were available for virtual servers were only really looking at technical summary data of what was actually going on,” explains Jay Botelho, director of product management for WildPackets (www.wildpackets.com), a Walnut Creek, Calif.,-based software company providing network and application analysis tools.

For example, many of the virtual analysis tools currently available rely on data from MIBs (management information bases), such as those used with SNMP (Simple Network Management Protocol), to look for problems occurring on the virtual servers. According to Botelho, this methodology is fraught with problems. “One is that the data is not in real time because the data has to get put into these MIBs. Two, even though the data in MIBs and SNMP is standard, the data is really particular to specific applications or hardware nodes that people are looking at, so they may or may not be capturing all the information they’re really interested in. And number three, it’s still only a summary of information,” he says.

Even when a problem is reported within the summaries, such as slow response time, there is little information as to why the response time is slow.

Srinivas Ramanathan, president and CEO of eG Innovations (www.eginnovations.com), a virtual environment monitoring solution, believes that identifying where and why problems occur in virtual environments is one of the key challenges. “IT is evolving into a multitier infrastructure. It used to be clients talking to a server, but now it’s one application talking to another application to deliver complete functionality,” he notes. “If I didn’t take virtualization into account, I may not get to the real root of the problem. What has worked in the nonvirtual world no longer works in the virtual world because of the additional layers of complexity.”

In an effort to effectively handle more complexity, many traffic analysis tools can put a heavy load on the server. However, Botelho points out that only capturing packets won’t bog down systems; additional features (storage and real-time analysis) do.

Botelho further explains that when traffic is monitored in a virtual environment, often only the packets between a few applications and host servers are involved and not the entire link into the data center.

Available Options
OmniPeek is WildPackets’ portable network analysis tool. “One of the things that we realized we could do with OmniPeek is that we could use some of the facilities that are already available in virtual servers because all of them have virtual network adapters,” says Botelho. That means that WildPackets is able to run an instance of network analysis software on each one of the virtual servers. Traditionally, OmniPeek would capture and examine packets based on a hardware network interface. “We are able to take advantage of these software-oriented network adapters that still exist in virtual servers like VMware and are able to see the packets as they cross that virtual network adapter, so we’re still able to see the same types of things like you would with a hardware adapter,” notes Botelho.

This means deep packet inspection can provide valuable information, especially with applications. “You’re going to find payloads that have important error messages in them like ‘can’t connect to the database’ or ‘wrong password,’” says Botelho.

Botelho lists the inability to actually see the traffic itself as the biggest pain point seen from WildPackets’ network-based perspective, but by examining virtual traffic from the network analysis standpoint, he doesn’t consider the task complicated. “You just want to be able to get at the data and then have the appropriate tool to look at it. You need something that can not only get the data but look at the data from an application perspective,” he notes.

Further exacerbating the challenge of following virtual traffic is the ability to monitor entire virtual machines. Ramanathan explains that not just packets move individually, but entire virtual machines migrate between physical machines depending upon available resources such as CPU and memory. “Tracking this movement adds another layer of complexity upon monitoring virtual traffic. From the perspective of diagnosis, it’s a huge problem because you have multiple tiers, machines sharing resources and machines being completely dynamic,” Ramanathan says.

To tame the complexity of virtual environments, the eG Monitor for VMware Infrastructures has been added to eG’s Enterprise Suite that provides monitoring and management for virtual environments.

Virtual machines themselves already have a fair amount of diagnostics for traffic and performance analysis but have yet to build in the diagnostics to specifically look at the application-to-application performance, such as people connecting to the Oracle database or accessing the SAP application. “I think that pain point comes into play at the application layer and not at the networking layer. It’s nice to see there are products out there that let customers capture all the way down to the packet level for application analysis in the virtual realm,” says Botelho.

Traffic analysis at the packet requires highly skilled IT personnel, but eG sees an opportunity in the enterprise by making virtual traffic and performance monitoring easier. Ramanathan has found that pushing routine monitoring tasks out to lower-skilled IT people, such as the help desk, results in a broader perspective. “They don’t want to get into the nitty-gritty, such as CPU management, but they need tools for a virtual infrastructure that can help them figure out where bottlenecks are occurring without spending endless hours troubleshooting,” he says.

# # #
All trademarks, service marks and company names are the property of their respective owners.