Skip to main content
Published on

Filtering and Packet Capture to the Rescue of 100G Ethernet


Although 100G deployment is ramping-up to address growing demand for bandwidth, it also poses numerous challenges to service providers and network operators on account of its multiservice offering, various supported services, and implications on service-level agreements (SLAs). In addition, the complexity of 100G means that as the service offering scales to the higher rate, network engineers are increasingly being called on to perform troubleshooting and services calls.

100G network troubleshooting involves a number of complex procedures that must be performed in order to determine where network failures are occurring and why. New networks are more complex than ever before and provide network engineers with little information about specific events; therefore, investigating various potential causes of failure is imperative. Adding to these challenges is the pressure of limited investigation time and the risk that customers will be adversely affected.

To address these issues while ensuring proper deployment and optimal performance of 100G Ethernet networks, carriers need troubleshooting tools that are capable of performing key tests to identify critical issues. One option available to network engineers is to capture and decode traffic on affected circuits.

The first step in capturing traffic involves the filter, with a focus on one particular traffic stream due to the high traffic present in normal transmission. Filtering isolates significant traffic, thus optimizing the search engine.

The next step, truncation, involves decoding header information for in-depth troubleshooting. This step is crucial for engineers, because the payload information of most captures is proprietary, and cannot be decoded. Truncation also eliminates the capture of unnecessary data that consumes memory without providing any useful information.

A very common issue when capturing Ethernet traffic is that the capture usually starts as soon as the capture tool is enabled. This type of capture presents issues when the event of interest occurs earlier or later, filling the memory buffer before any useful information can be recorded and resulting in a missed opportunity.

Capture triggers address this issue by enabling the memory to be filled only once the event of interest has been detected. Use of capture triggers optimizes the data being saved and simplifies the troubleshooting process by only enabling the memory to be filled once the event of interest has been detected. This equates to more efficient use of memory and troubleshooting time, resulting in meaningful capture data yielding more relevant information.

The triggering position is often used to perform pre- and post-analysis. This is critical to network troubleshooting, because it provides insight into what caused the failure and how the network reacted to it. In addition, triggering position capabilities allow the user to specify where the trigger event will be located in the capture, making it possible to select the frames to be captured depending on their position relative to the trigger event. Traditional capture tools; however, do not offer the ability to perform mid-trigger or pre-trigger; instead they only provide post-trigger capabilities.

To learn more about different capture triggers, in addition to other key tests and tools used to efficiently troubleshoot 100G Ethernet networks, download our Troubleshooting 100G Ethernet Using Filtering and Packet Capture White Paper.