Cloud

3 ways to use packet capture in public cloud operations and migration

Packet capture is normally a tool of last resort in the private data center, but some organizations may want to consider it as a first stop in public cloud.

cloud.jpg
Image: iStockphoto/lukutin77

One of the appeals of infrastructure-as-a-service (IaaS) offerings is that the complexity of the physical underlay is abstracted away. While the complexity is abstracted, the fundamentals of computer science don't disappear. Abstracted technology still breaks and needs troubleshooting. Because of this, the packet capture and analysis tools become arguably more useful in public cloud operations and migration.

Here are three scenarios where you may find packet capture use in the public cloud.

1. Detect non-supported applications

Public cloud networking is an abstraction of physical networking. From the perspective of the OS and application, all the services look similar to a physical network. The OS has a network adapter that allows the binding of protocols from TCP/IP to IPX/SPX. The major cloud providers only support TCP and UDP IP packets. Most modern applications mainly rely on these transport protocols, but there are caveats.

One such caveat is broadcast or multicast based use cases. Cloud provider networks drop all broadcast and multicast traffic. If an application requires either technique, then you can expect a loss in functionality. Packet capture and analysis help to determine if there's a reliance on multicast in an application. A typical architecture that requires multicast are applications that discover peers to form a cluster, or video broadcast solutions.

2. Performance baseline

One of the major differences between the instance sizes within a provider's service is network performance. For example, in AWS the C3 instance allows the use of Jumbo Frames vs. the typical 1500 bytes. In the case of AWS, the traffic must remain within the VPC.

SEE: Why a modern security strategy demands endpoint protection

Packet capture provides the data needed to determine if the effective throughput, or at least packet size, is correct. A practical use for Jumbo Frames in the cloud is data intensive use cases such as a virtual storage array.

3. Troubleshooting

As the famous saying goes, the cloud is just someone else's computer. Whether a private data center or a cloud provider's data center, applications behave badly. A cloud OS instance runs on top of abstractions. While it makes the provisioning and management of the physical infrastructure simple, public cloud provides a different challenge—visibility.

When an application experiences performance issues in a private data center, engineers have access to many tools to diagnose the problems. In the public cloud, the only view an engineer has is that of the operating system. Packet capture becomes an increasingly important tool in troubleshooting performance issues.

The packets leaving and entering a given instance is the lower level of information you can receive in the public cloud. The error counters on the physical switch or the I/O counts of a storage array are not available. You must optimize the OS and application for the service provider's offering. Packet captures become a critical source of information in an environment with minimum visibility.

Share your tips

Outside of packet captures, what traditional tools have you found useful in supporting public cloud instances? Share your thoughts in the comments section or let us know on Twitter via @techrepublic.

Also see

About Keith Townsend

Keith Townsend is a technology management consultant with more than 15 years of related experience designing, implementing, and managing data center technologies. His areas of expertise include virtualization, networking, and storage solutions for Fo...

Editor's Picks

Free Newsletters, In your Inbox