[wplug] Switch recommendation
Bill Moran
wmoran at potentialtech.com
Fri May 21 08:42:25 EDT 2010
On Thu, 20 May 2010 22:03:50 -0400
Janos Dohanics <web at 3dresearch.com> wrote:
> On Thu, 20 May 2010 11:54:05 -0400
> Bill Moran <wmoran at potentialtech.com> wrote:
>
> > On Thu, 20 May 2010 10:57:39 -0400
> > Janos Dohanics <web at 3dresearch.com> wrote:
> > >
> > > When tried to configure port mirroring, the host designated to
> > > capture packets lost all connectivity - I could no longer ping
> > > anything from this host or ping this host from any other. Netgear
> > > tech support told me that this was normal (?).
> >
> > Yes. This is normal. The mirrored port can't be used as a normal
> > port as well [...]
>
> Thank you all - Bill, why is it that the capturing NIC can receive
> either the mirrored packets or it's own normal traffic, but not both?
I don't know for sure. In theory, it _could_ do both.
If I had to guess, I would guess that it's a resource/performance issue.
Most people don't think about it, but a switch does have a CPU and memory,
and both of those have to be very efficient. I mean, who even considers
switching latency? If a switch can't move packets fast enough to be
transparent on the network, nobody's going to buy it. As a result, a
mirror port probably disables all of the normal collision domain checks
and simply receives all packets. If you have to make it do that _and_
still participate as part of a collision domain, your switching code
becomes more complex, and probably slower. The memory requirements may
increase as well. If that results in a switch that drops packets or
incurs significant latency, you've now got a product that's going to
be returned or incur significant cost in support calls.
The other option is to put a faster CPU and more memory in the switch, at
which point you've got something that uses more power, needs fans and
more serious cooling, costs more, etc ...
Another thought ... a mirror port could easily be using the full 100mb/sec
at any time. In fact, on a high quality switch, the required bandwidth
could exceed 100mb/sec (if you have 3 streams going near 100mb/sec each,
your mirror port has to send 300mb/sec of data ...) Why on earth would
you _want_ to use that for data as well?
Again ... I'm just speculating.
-Bill
More information about the wplug
mailing list