4.1 Traffic Distribution Overview
This section describes basic concepts of traffic distribution.
The traffic distribution device captures the packets on a network and forwards them to packet
analysis devices or computers that run the packet analysis software for analyzing, recording and
processing. Because of the high link bandwidth on the backbone network, a packet analysis
device cannot analyze or process a large amount of traffic. Therefore, the traffic captured on the
network cannot be forwarded to a packet analysis device for analyzing and processing. In this
case, the traffic distribution device needs to distribute the traffic to suit the processing capability
of the packet analysis device.
4.2 Traffic Distribution Features Supported by the S7700
This section describes the traffic distribution features supported by the S7700.
During traffic distribution, the concealment and security of the traffic distribution device on the
network must be ensured. Therefore, the traffic distribution device needs to provide the following
functions:
l Unidirectional single-fiber communication
To ensure the data security of the packet analysis server and defend against counter
monitoring technologies on the network, the traffic distribution device must be hidden from
other devices on the network. The unidirectional single-fiber communication technology
provides the concealment for traffic distribution devices.
The optical interface boards of the S7700 provide the single-fiber communication function.
You can use single-fiber communication commands to implement unidirectional single-
fiber communication between two interfaces.
NOTE
Currently, only the E-series boards and X12SA boards support the single-fiber communication
function and this function needs to be configured with the license.
l Identical source and destination
In addition to analyzing the unidirectional traffic of the two communication parties, a packet
analysis device needs to analyze traffic between the two communication parties so that the
traffic information can be fully analyzed. In this case, the packets of the two communication
parties need to be distributed to the same traffic distribution server. The traffic distribution
device is required to support the algorithm based on the same source and destination in the
special forwarding procedure. "Identical source and destination" indicates that bidirectional
data packets of a network connection must be sent out from the same outbound interface.
l Data integrity
For distributed services, to ensure the correctness of traffic analysis, the original network
traffic needs to be sent to the traffic analysis server without any change. In this case, the
traffic distribution device must ensure the integrity of packets during data forwarding,
without changing any attribute of packets.
The TTL value is carried in IP protocol packets. Network devices determine whether to
discard data packets according to the TTL value. The TTL value is set by the transmit host
to prevent infinite loop of data packets on the IP network. The network devices are required
to decrease the TTL value by 1 at least when IP data packets are forwarded.
Quidway S7700 Smart Routing Switch
Configuration Guide - QoS 4 Traffic Distribution Configuration
Issue 01 (2011-07-15) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
95
To Next Page
Loading...
