What do router networks and a preschool have in common? A lot more than you think. Read on for the answer.
对于普通企业来说,“网络”的意思是“路由器网络”。并不是说网络中没有其他内容,而是整个企业网络涉及建立IP连接。我们发明了一系列术语来描述IP网络的元素,似乎我们每天都在添加新的术语。正如我们所做的那样,越来越多的企业发现他们对网络的运营不太了解。他们没有“可观察性”。
这个术语是由许多来源定义的,以至于定义毫无意义。让我们削减炒作,专注于在许多定义中发现的术语,即痕迹的概念。跟踪意味着一条路径,一段关系,这就是网络应该的全部意义。
A network is made up of boxes, and network management and monitoring has tended to focus on the behavior of these boxes as an indicator of the state of the network. All boxes A-OK? Network OK. This same view is pervasive in application management; the sum of the state of the pieces equals the state of the whole. What IT ops people found was that this seemingly obvious approach missed the critical point of message flow. You have to trace how work moves through a series of components to understand how an application is working. Same, it turns out, for a network, because a network isn’t a box or even just a collection of boxes, it’s a cooperative.
现在出于这个开幕问题。您的网络有点像一个充满学龄前儿童的房间,因为它几乎没有控制障碍。您可以告诉学龄前儿童该怎么做,组织小组活动等等,但是每个孩子内部有点自我生存的Gremlin,可以逃跑并做一些意外的事情。你猜怎么着?几乎所有的IP网络都是故意的Gremlins的集合。
各个路由器发现使用自适应行为移动流量的路线。每个路由器通常都会宣传它可以到达的网络目的地,并接收并将广告从他人那里转发到每个相邻路由器。由此,他们选择了“最佳”路线,如果某些东西破裂或拥挤,路由器会通过通常称为融合的东西来制定新的拓扑。这是新的拓扑最佳吗?想想学龄前儿童制定自己的课程计划。
Since routes are created from reachability data exchanged with partner devices, it takes time for changes to percolate through their partners and their partners’ partners, and so forth, and for everyone to pick out what’s best. While this is going on, it’s possible to have packets take erratic routes, even to hit a dead end. Then when the process is finished, whether what’s happened yields truly optimum routes is an open question.
您怎么知道数据包的路线?有一个IP命令,Traceroute可以告诉您,一些路由器供应商将在其管理系统中内置包装的数据包跟踪工具,以帮助可视化网络中的路由。网络监控公司也有第三方工具会做同样的事情。它们在特定供应商工具可能无法正常工作的多供应商网络中特别有用。
在数据包跟踪中要寻找的是一条似乎没有任何逻辑的路由,或者在没有可见设备或网络故障时会不断变化。这些条件中的任何一个都可能是由于拥塞,这可能会导致数据包丢失或延迟。为了弄清楚发生了什么,您从数据包跟踪端到端开始,然后遵循它,寻找超负荷或受到高错误率的设备或连接。
不要指望仅包装痕迹获得可靠的答案。它应该显示您的路线似乎出现问题,但请记住,每个路由器都会从邻居那里获得可及的数据,因此该错误可能位于其他地方。如果您可以同时从多个网络端点获取跟踪数据,则在此处提供了一个完整的路由图,即用于数据包跟踪可视化的这些专用工具的输出。
In this case, knowledge isn’t power, though, no matter what the old saw says. There’s a difference between just watching a network and running it, just like there’s a difference between watching a football game and calling the plays. Netops is about controlling and not just knowing. The starting point in traffic management is to examine your router policies to see whether you’re picking routes correctly, but sometimes even controlling routing policies won’t get your flows going along the routes you want. If that’s the case, you have a traffic-management issue to address. The best tools to add traffic management capability areMplsandSDN。
Mplslets routers build routes by threading an explicit path through routers. SDN eliminates the whole concept of adaptive routing and convergence by having a central controller maintain a global route map that it gives to each SDN switch, and that it updates in response to failures or congestion. If your network consists of aVPNservice and a complicated LAN, SDN is likely the better option. If you actually have a complex router network, MPLS is likely the right choice. With either MPLS or SDN, you know where your flows are because you put them there.
There’s also the option of virtual networking, if neither MPLS nor SDN seems to fit your needs. Almost all the major network vendors offer virtual networks that use a second routing layer, and by putting virtual-network routers at critical places you can create explicit routes for your traffic. SomeSD-WANproducts will also support this. It may also be possible to use policy management to control how routes and route changes are calculated. Virtual networks are especially valuable if you have multiple paths between remote sites or the cloud and data centers. You can use a virtual network to pick the best path, or to divide traffic across multiple options, like a VPN and the internet.
不要忘记可观察性的控制维度。当父母抗议时,一个看着兄弟姐妹在泥泞中玩耍的青少年可能会感到惊讶,“我想我告诉你看他们!”好吧,这名青少年就是这样做的!这就是可观察性的弱点。确保您可以通过新发现的流程和路线知识来做些事情,否则您的网络可能仍然表现得像一个充满学龄前儿童的房间。