In the earlier blog, we introduced overlay networks and the transition of data center networks. We briefly described the several visibility options for overlay networks – visibility of the underlay network, specificoverlay network, overlay networks, underlay and overlay at the same time ‘full end of end view’.
Before exploring the complexities of overlay networking, it is crucial to understand the difference between network visibility and endpoint visibility. There are some major differences between the two.
We, at Cubro, provide network visibility.
Complexities of Overlay Networks
The issues are clearly seen in this picture if you tap and monitor at these points:
There are two issues:
Issue 1: The same traffic can be seen several times. All overlay networks are seen at the same time. The reason is that the L2 networks can run the same IP range and it is very complex for the classical monitoring to separate the streams because typical monitoring solution works with IP addresses to determine the different paths in the network.
Typical monitoring tools cannot handle tunnelled traffic. Nearly all monitoring tools are designed to handle traffic only on one port, or on one logical network layer. This tool cannot usually correlate traffic.
This is the common issue; same IP range but different overlay. Normally the standard monitoring devices do not see the outer header. Therefore, the result of the inner IP measurement is often wrong. The overlay information is usually lost and therefore, the result is incorrect!
Issue 2: This issue is even more complex. The overlay network can be distributed over different DC, these different DCs are typically connected over BGP links. In this case, a BGP correlation is needed to produce useful results.
In the last blog of the series, we will highlight the solutions offered by Cubro which offer network visibility and are more cost effective.