A Dynamic Network Topology Map is a Useful Tool, But It’s Not a Panacea
What is a dynamic network topology mapping tool?
A dynamic network topology map provides an interactive, animated visualization of the connections between network elements and end systems. Many network management solutions use discovery capabilities to find what elements you have in the network. Some would go one step further by discovering how network elements are connected and put them together to give you a dynamic network topology map.
Using a combination of protocols like Cisco Discovery Protocol (CDP)/Link-Layer Discovery Protocol (LLDP), SNMP data and the Command Line Interface (CLI) information collected, network information can be displayed on the map to drive troubleshooting diagnoses in real-time and historically. Example of useful diagnostics information includes interface errors, router down and link down events. Building a model based on this information, you can map a traffic path between point A and point B. The ability to perform path analysis makes troubleshooting more intuitive. For the purpose of this discussion, I am calling this type of network management tools network topology mapping tools. Network topology mapping tools are particularly good for network documentation and ease network troubleshooting if you suspect the problem is caused by either a topology or configuration change.
At a glance, network topology mapping tools appear to have overlapping functions with Network Performance Monitoring tools. Both tools discover the network, present a network topology map, collect SNMP and CLI data from network elements, perform path analysis and they are used by network engineers for troubleshooting.
Comparing the overlapping functions between network topology mapping tools and Application-aware Network Performance Monitoring tools
You can find a definition of Application-aware Network Performance Monitoring here.
There is a perception that router-based traffic-flow collection and analysis is impractical to turn on at every interface and device in the network leading to blind spots. In reality, it is not necessary to turn on flow collection everywhere although the more observation points you have, the better the visibility. It is also increasingly not possible to enable flow collection and analysis at every node due to administrative control issues with managed services and the Internet. A model-based network topology mapping tool is going to have a hard time dealing with this kind of black hole of information with no CLI nor SNMP access to the network elements, whereas a traffic measurement centric view is able to stitch together a picture from the disparate parts. Perhaps, this would be an interesting topic for my next blog. I can walk you through an example illustrating how LiveAction’s solution can correlate information from different observation points to provide you a big picture.
Network Performance Monitoring tools that collect traffic flows (e.g. NetFlow, IPFIX, SFlow) provide much greater insight in what is happening in your network. One of the primary reasons for deploying Network Performance Monitoring tools is to gain insight into the quality of the end-user’s experience and how applications are performing. This key capability is lacking a network topology mapping tool. To put it simply, network topology mapping is not a monitoring tool!