Most network administrators would give their right arms to get an accurate picture of their network over time. Knowing where
the network is broken can save hours of troubleshooting, which translates into monetary savings for any enterprise. Creating
a dynamic network map is a good solution, but most devices that gather that data ignore the one device that can tell them
everything: routers.
Traditional network monitoring packages treat the network as a group of devices that happen to be interconnected. As a result,
routing information tends to be interpreted on a device-by-device basis, making troubleshooting difficult.
Luckily, an emerging class of network mapper is changing that by using existing routers and routing protocols to gather network
information. Two early entries, Packet Design’s Route Explorer 1.5 and Ipsum’s Route Dynamics 1.2 network monitoring packages
treat the network as a large interconnected system, collecting routing information for analysis.
This new approach allows administrators to monitor the network in terms of traffic paths and connections, making sure relevant
network paths are available to users. With the stored information, administrators can “replay” the state of the network from
a point in the past to make diagnoses.
Because Route Explorer and Route Dynamics get data directly from the routers, their network maps are more accurate. Plus,
both systems are almost entirely passive, and neither requires router reconfiguration to integrate into a network.
The differences, however, lie in the products’ user interfaces and architecture: Route Dynamics is more distributed, Route
Explorer is centrally managed. Though both are very good, Route Explorer’s extra features, including its what-if analysis
tools, give it an edge.
Centralized Mapping
I used the University of Hawaii’s OSPF (Open Shortest Path First) network at its Advanced Network Computing Lab (ANCL) to host both boxes. On the most basic level, OSPF is a link-state protocol: Each OSPF-enabled router has complete
knowledge of how the various subnetworks are connected. OSPF, like a friendly traffic cop, will provide a copy of the specific
network map to anyone with the proper credentials. Getting information directly from the network’s routers, combined with
the “entire map” property of OSPF, is what makes these devices work.
After configuring Route Explorer’s initial network via the LCD on the 2U appliance, the rest of the setup and admin tasks,
such as user management, Ethernet interface configuration, and route database administration, are done via a Web interface.
The administrative interface on the Route Explorer is intuitive and easy to use, but the downloadable VNC (Virtual Network
Computing) end-user interface is not as polished.
Route Explorer is centrally managed, for the most part, and has three main modes of operation: network monitoring, route recording,
and historical. In network monitoring mode, Route Explorer listens for changes and can be configured to send out alerts (syslog
alert or SNMP trap). I found this to be a particularly useful feature, as it will alert administrators if the network routing
topology changes.
In recording mode, the Route Explorer simply records to a database all the routes it hears on the wire. This allows statistical
analysis of network routes during specific periods of time.
Furthermore, the route database becomes the basis for historical mode, which includes the very useful what-if analysis tools.
With a few mouse clicks, you can easily simulate one or more router failures anywhere within the network and observe the effect
on the flow of traffic, pinpointing network weak spots.
I found the what-if analysis to be an interesting and eye-opening feature. I’ve never been able to simulate routes and router
failures in such an intuitive way, and Route Explorer showed me just how resilient the ANCL network connection is to router
failures. I also discovered that our network is not as redundant as I thought -- a valuable lesson to learn.
Distributed Mapping
Unlike Route Explorer, Ipsum’s Route Dynamics takes a distributed approach to network monitoring. The system consists of a
central 2U appliance and one or more 1U “listener” appliances that are deployed throughout an IP network.
The small appliances gather network topology information by listening to OSPF broadcasts, then send the information to the
central system to be recorded in a database. This distributed setup increases the system’s fault management features -- the
listeners can continue to provide information if one router goes down -- as well as allowing simultaneous data sampling from
different parts of the network.
Ipsum works with the clients to tailor its system for the specific environment, including pre-configuring all units down to
the IP address for the client. This can save a considerable amount of admin effort, as the Route Dynamics setup has a steep
learning curve compared to that of Route Explorer.
Route Dynamics uses a Java-based interface for all network-monitoring functions, which feels more polished and intuitive than
Route Explorer’s interface. However, the Java interface must be installed on a user’s computer, which limits the Route Dynamics
system to Windows and Linux users.
Route Dynamics has three major modes of operation: monitoring, historical, and alerting. In monitoring mode, the Route Dynamics
system passively gathers network information, which can be used to view the network as a graphical map.
In historical mode, a user has access to a rich set of utilities that query the accumulated data by various criteria, such
as viewing the status of nodes over time or getting the status of a single node at a specific moment.
Finally, alerting mode allows users to view “unusual” events occurring in the network. For example, bad routes being injected
by a peer can be easily diagnosed in this mode as the system flags significant changes in route topology.
I found that this alert mode did a better job at classifying and presenting events to the user than did Route Explorer. Unfortunately,
Route Dynamics does not support external alerts as Route Explorer does, nor does it have the valuable what-if analysis features.
Planning the Next Step
These products are still early entries in this new class of network monitoring systems, but there are two major features I’d
like to see added. First, neither product currently has the ability to simulate network reconfiguration or expansion, which
would be helpful. Route Explorer’s what-if tools will show what happens if an existing router crashes, but cannot show you
the effect of adding a new router.
Second, both products will show you a network’s weak spots, but neither can help you with a fix. Given the cost of downtime
in any production network, a simulation of reconfiguration or expansion would be of great value to network administrators.
Both Route Dynamics and Route Explorer do their jobs well and are similarly priced, so the ultimate choice will depend on
your needs.
Route Explorer will be a better option for companies with a central network operations center and limited space, as well as
those with a diverse sampling of platforms since its interface is supported on more systems. Route Dynamics, however, will
work well for companies with a more distributed network; its distributed structure can better document failures, and the enhanced
error reports would help any company with an overly complex network.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
