Documenting Traffic Flow on the Existing Network

Documenting traffic flow involves identifying and characterizing individual traffic flows between traffic sources and stores. Traffic flows have recently become a hot topic for discussion in the Internet community. A lot of progress is being made on defining flows, measuring flow behavior, and allowing an end station to specify performance requirements for flows.

To understand traffic flow behavior better, you can read Request For Comments (RFC) 2722, "Traffic Flow Measurement: Architecture." RFC 2722 describes an architecture for the measurement and reporting of network traffic flows, and discusses how the architecture relates to an overall traffic flow architecture for intranets and the Internet.

Measuring traffic flow behavior can help a network designer determine which routers should be peers in routing protocols that use a peering system, such as the Border Gateway Protocol (BGP). Measuring traffic flow behavior can also help network designers do the following:

• Characterize the behavior of existing networks

• Plan for network development and expansion

• Quantify network performance

• Verify the quality of network service

• Ascribe network usage to users and applications

An individual network traffic flow can be defined as protocol and application information transmitted between communicating entities during a single session. A flow has attributes such as direction, symmetry, routing path and routing options, number of packets, number of bytes, and addresses for each end of the flow. A communicating entity can be an end system (host), a network, or an autonomous system.

The simplest method for characterizing the size of a flow is to measure the number of Kbytes or Mbytes per second between communicating entities. To characterize the size of a flow, use a protocol analyzer or network management system to record load between important sources and destinations. Cisco tools for characterizing traffic flows include Cisco FlowCollector and Data Analyzer, which are based on the Cisco NetFlow technology.

You can use Table 4-3 to document information about the direction and volume of traffic flows. The objective is to document the Kbytes or Mbytes per second between pairs of autonomous systems, networks, hosts, and applications. To get the information to fill out the charts, place a monitoring device in the core of the network and let it collect data for one or two days. To get the information to fill out the Path column, you can turn on the record-route option in an IP network. The record-route option has some disadvantages, however. It doesn't support very large internetworks and it is often disabled for security reasons. You can also estimate the path by looking at routing tables and analyzing network traffic on multiple segments.

Table 4-3. Network Traffic Flow on the Existing Network

Destination 1

Destination 2

Destination 3

Destination n

Mbytes per Second


Mbytes per Second


Mbytes per Second


Mbytes per Second


Source 1

Source 2

Source 3

Source n

Was this article helpful?

0 0
SEO Tactics

SEO Tactics

Discover how you can explode your traffic and boost your sales with advanced SEO techniques that can put the search engines to work for you quickly.

Get My Free Ebook


  • paavo
    What is the best way to identify traffic flow on an existing network?
    2 months ago

Post a comment