Data center deployments involve a lot of networking components. Troubleshooting networking issues in such deployments requires capturing network packet traces at multiple nodes in the network/deployment. In a traditional physical network, a node can be an endpoint host, switch, router, etc. Many current methods for simultaneously collecting captures at multiple nodes of a network system are highly manual, requiring an administrator to identify nodes at which to perform a packet capture, attempt to synchronize the captures at the various nodes, and to extensively process the data to identify issues (e.g., packet drops, performance issues, packet corruptions, etc.) in the captured data for a particular situation. This makes it difficult to trace packets through the various collected captures. Some methods merge all of the captures into a single merged capture, losing much of the associated context information required for troubleshooting or generating a useful analysis.
With server virtualization in general, and network virtualization in particular, the number and type of nodes a packet traverses have increased. There are control flows as well as data flows which together determine which path a particular traffic or packet takes. Virtual switches, virtual routers, edge gateways, distributed firewalls, load-balancers, etc. are just some of the new nodes that add to the complexity of tracing traffic.
Debugging network issues in this world of virtual networking requires that captures be performed at more points in the network. With virtual networking, there might be multiple points within a single node where packet captures need to be performed. For example, in order to trace a packet through a network, it may be necessary to capture packets at a virtual switch, a virtual router, and uplinks in a single host. In addition, different nodes may be physically located in different geographic locations, requiring the synchronization and coordination of packet captures at various locations. Troubleshooting issues with nodes in a distributed network is difficult.