|
|
When used with TrafficDirector, the term domain describes the types of traffic for which you want to see statistics. A domain lets you display a specific traffic stream; for example, when you choose to display statistics for the IP domain, only information about the IP traffic on a selected network segment is displayed.
Domains are flexible and can display traffic for any of the following layers:
In the TrafficDirector architecture, a domain is a definable variable that can include one protocol or a group of protocols.
For example, you could create one domain to include all of the following IP-related protocols or create a separate domain for each protocol:
You could choose to group specific protocols together to form one domain. If you group IPX (D2) and NCP (D5) into a domain you name LAB, when you apply domain LAB, only traffic using the IPX and NCP protocols is displayed. When you want to see all traffic, use the domain RMON (includes all supported protocols).
You would use a domain to view all traffic on a network segment that matches the protocol specified in the domain. Many commonly-used protocols (for example, IP and IPX) are predefined TrafficDirector domains. The predefined RMON domain includes all supported protocols; this means you can use it to see all traffic on a network segment.
Using the Domain Editor application, you can define both generic and protocol domains to suit the monitoring needs of your organization. This lets you monitor traffic patterns and bandwidth usage that are specific to your network environment. For example, you can monitor your WAN for unauthorized use, such as individuals playing DOOM. Since this interactive game runs over Transmission Control Protocol (TCP) and uses port number 666, you can define a domain for TCP traffic coming in and out of port 666. Once you apply the domain to the network by installing it on one or more agents, you can use it to see all DOOM traffic on the WAN.
Occasionally you may see a domain name appended with a tilde symbol (~). This indicates domain traffic detected by TrafficDirector that contains all of the criteria required to match a specific domain, and also includes criteria not defined in the domain. In other words, the traffic qualifies for categorization as a specific domain, but contains characteristics that are not defined in the domain.
You can use predefined domains to get RMON statistics for specific protocols, or add a custom domain, such as LAB, to get RMON statistics for that domain. The special predefined domain, RMON, provides RMON statistics for all the traffic on the segment.
The original RMON standard supports only network monitoring of link layer traffic. This means that it can present statistics only for aggregate traffic, not for the different layers of various protocol stacks (such as IP, FTP, or IPX). Because it cannot monitor at the network layer, an RMON device cannot distinguish traffic on its segment that originated across a router. By not monitoring above the MAC layer, many useful applications, such as monitoring WAN links, measuring client-server response time, or providing seven-layer protocol statistics, are not possible.
Domains provide an architecture that lets you monitor of network traffic for all seven Open System Interconnection (OSI) layers within the framework of the RMON standard. With domains, you can monitor any protocol traffic for any device or subnet on any segment of an enterprise network.
In TrafficDirector, you can add two types of domains: protocol or generic. Protocol domains work only with RMON2. You can add, edit, or delete protocol domains for protocols in the data link, network, and application layers. Protocols for each of these layers are supplied with TrafficDirector in special *.inf files. Whenever you want to add or edit protocol domains, the *.inf files contain all of the protocol definitions that you need. You should not edit these *.inf files, since a SwitchProbe will not recognize any protocol definition other than those shipped with the product.
Generic domains support the TrafficDirector enhanced MIBs. For generic domains, TrafficDirector supports the MAC, NET, and SUBNET address modes. In the MAC address mode, host and matrix tables are built using the six-byte physical-layer MAC address as specified by the RMON standard. TrafficDirector includes the RMON domain, which is used with third-party RMON agents to monitor MAC-level (basic) RMON statistics. In the NET address mode, TrafficDirector creates host and matrix tables containing network addresses for IP, IPX, and DECNET packets.
SUBNET address mode is similar to NET address mode, except that the agent uses subnetwork addresses for collection purposes. This means that the resulting host and matrix tables contain total statistics for each subnetwork. TrafficDirector uses only IP, IPX, and DECNET packets to create the tables.
Managing remote network segments is critical to providing high network availability. Key network management standards such as RMON and SNMP are the technology enablers that build the tools, such as TrafficDirector, to manage distributed networks.
|
|