Nontransparent Accelerators
Nontransparent accelerators are designed
to optimize traffic that has been redirected to it and explicitly forward the
optimized traffic to a statically defined or dynamically discovered peer through
an explicit connection to that peer accelerator. In this way, the accelerator
knows about its peer either through some form of automatic discovery or through
a previously applied configuration. Packets leaving an accelerator that is
applying optimization are explicitly destined to the distant peer
accelerator.
With nontransparent accelerators, due to
the way optimized traffic is explicitly forwarded to the peer accelerator,
packet header information is obfuscated from the network. The network sees only
packets between the accelerator devices rather than packets that contain header
information about the flow being optimized. This might present challenges from a
network feature perspective where packet header information is used for traffic
classification, security, path selection, or anything that relies on the ability
of the network to have insight into this information. For instance, QoS
classification might not be able to see which user is communicating with which
server or which application is being used. This might lead to the configured
behavior of policing, queuing, or shaping being defeated. Similarly, any
preconfigured policy routes or optimized routes will not be able to
differentiate flows to determine which network path to use.
As another example, traffic analysis and
reporting capabilities, including NetFlow, might be able to see only flows being
exchanged between accelerators and not the communication between the client and
server. In this way, NetFlow would export flows that are between accelerators,
rendering the NetFlow data useless. Because of these limitations, many
nontransparent accelerators are designed with some of these network features
integrated, which may require operational changes to have monitoring and
analysis tools receive data from another device.
Figure 3-26 elaborates on how a nontransparent
accelerator solution can directly impact the ability of features configured in
the network due to the loss of packet header visibility.
Sections
Comments (0 posted)
Syndication
