Packet capture is normally a tool of last resort in the private data center, but some organizations may want to consider it as a first stop in public cloud.
One of the appeals of infrastructure-as-a-service (IaaS) offerings is that the complexity of the physical underlay is abstracted away. While the complexity is abstracted, the fundamentals of computer science don't disappear. Abstracted technology still breaks and needs troubleshooting. Because of this, the packet capture and analysis tools become arguably more useful in public cloud operations and migration.
Here are three scenarios where you may find packet capture use in the public cloud.
1. Detect non-supported applications
Public cloud networking is an abstraction of physical networking. From the perspective of the OS and application, all the services look similar to a physical network. The OS has a network adapter that allows the binding of protocols from TCP/IP to IPX/SPX. The major cloud providers only support TCP and UDP IP packets. Most modern applications mainly rely on these transport protocols, but there are caveats.
One such caveat is broadcast or multicast based use cases. Cloud provider networks drop all broadcast and multicast traffic. If an application requires either technique, then you can expect a loss in functionality. Packet capture and analysis help to determine if there's a reliance on multicast in an application. A typical architecture that requires multicast are applications that discover peers to form a cluster, or video broadcast solutions.
2. Performance baseline
One of the major differences between the instance sizes within a provider's service is network performance. For example, in AWS the C3 instance allows the use of Jumbo Frames vs. the typical 1500 bytes. In the case of AWS, the traffic must remain within the VPC.
Packet capture provides the data needed to determine if the effective throughput, or at least packet size, is correct. A practical use for Jumbo Frames in the cloud is data intensive use cases such as a virtual storage array.
As the famous saying goes, the cloud is just someone else's computer. Whether a private data center or a cloud provider's data center, applications behave badly. A cloud OS instance runs on top of abstractions. While it makes the provisioning and management of the physical infrastructure simple, public cloud provides a different challenge--visibility.
When an application experiences performance issues in a private data center, engineers have access to many tools to diagnose the problems. In the public cloud, the only view an engineer has is that of the operating system. Packet capture becomes an increasingly important tool in troubleshooting performance issues.
The packets leaving and entering a given instance is the lower level of information you can receive in the public cloud. The error counters on the physical switch or the I/O counts of a storage array are not available. You must optimize the OS and application for the service provider's offering. Packet captures become a critical source of information in an environment with minimum visibility.
Share your tips
Outside of packet captures, what traditional tools have you found useful in supporting public cloud instances? Share your thoughts in the comments section or let us know on Twitter via @techrepublic.
- Lessons in the cloud: How Juniper Networks made the switch and what you can learn (TechRepublic)
- HPE to acquire Cloud Cruiser for measuring IT usage (ZDNet)
- Beware these pitfalls when moving enterprise applications to the public cloud (ZDnet)
- The weaponized personal network of things could be on your doorstep before you know it (TechRepublic)
- How to add cloud functionality to your WordPress site with an easy to use plugin (TechRepublic)