Gaining end to end visibility into the path a flow took through the network can be an easy thing to do if you have the right network traffic monitoring tool.   Because multiple paths exist between devices, leveraging traceroute or routed topology information may not provide the exact path taken by an end to end flow.  To help address this mystery, a couple of utilities exist on the market today.


Mediatrace
Cisco Mediatrace is a network path visibility tool which attempts to provide hop by hop path visibility of a flow (e.g. phone call) though the layer 2 and 3 topology.  This application allows admins to view DSCP values, dropped packets, jitter and more on each device from point A to B. Although it is currently limited to Cisco hardware, the concept is solid and proves useful in VoIP and video environments.

 

Many networks are a hybrid of hardware vendors which may only contain a few Cisco Mediatrace capable routers and switches.  Most if not all major routing platforms today from nearly all vendors support some form of NetFlow.  What can be done to show flow path in a multi vendor environment. 

Flow Hopper™
An Advanced NetFlow Analyzer  should include a feature like Flow Hopper ™, a patent pending application which attempts to provide an end to end path of the flow through the layer 3 topology.  Flow Hopper is different from Cisco Mediatrace in that it leverages any version of NetFlow or IPFIX from any vendor which includes NextHop in the flow export. 

 

If Flow Hopper determines that an asymmetric flow path exists (i.e. a different route is taken on the return path), the GUI will draw out the connection accordingly.  Admins can click on each router or layer 3 switch in the path and view all details exported in the flow template.  Changes in element values (e.g. DSCP, TTL, octets, etc.) between ingress and egress metered flows are highlighted.

Medianet Performance Monitoring
Imagine how much easier root cause analysis is when you know the path and you can click on each router in the path to see the changes in the flow along the way.  If you are using something like Performance Monitoring for Cisco Medianets, knowing where the jitter or packet loss was introduced can be very helpful. Make sure you are running IOS 15.2.2T or more recent for the most capable Flexible NetFlow exports.



End to end visibility which displays the complete network flow path is a must when trying to perform root cause analysis. If you want to learn more about Advanced NetFlow, join NetFlow Developments on Linkedin.