When customers need to troubleshoot their cloud-based applications, they reach for two things: Wireshark and a Network Tap. Wireshark’s open source network protocol analyzer capability allows users to decode packet communication through their networks to identify problem areas. Inserting a network tap between the Carrier demarc and local firewall provides customers with access to their data without relying on port mirroring techniques or incurring costly downtime.
An independent school supporting several e-learning initiatives encountered a problem with DHCP on their cloud-managed wireless network. Information technology consulting firm CVM, Inc., a Datacom Systems partner, was dispatched to examine the issue. The customer informed CVM, Inc. that the packet capture tool built into their wireless devices was being disrupted by a malfunctioning HSRP which would occasionally “break”. As the tool was still in beta, solutions were limited.
CVM’s initial plan was to simply mirror the WAN uplink port on the customer’s core switch, set a connected laptop’s NIC to promiscuous mode to capture all broadcast traffic, regardless of vLAN, and submit the findings to support. However, all ports on the core switch were in use, and the downtime required to make the necessary wiring and configuration changes was not acceptable to the customer.
Taking these restrictions into consideration, CVM selected the Datacom Systems CTP-1000 network tap. The CTP-1000 was installed between the core switch and the customer’s firewall without displacing an occupied port, and installation incurred only seconds of downtime during off-hours.
With the tap in place, CVM was able to generate the appropriate PCAPs using Wireshark and send the data to vendor support. Ultimately, the problem lay with a corrupted configuration on one of the wireless access points.
Due to the ease of insertion into the existing infrastructure, CVM used the CTP-1000 as a mobile tool, shortening the time required to gather the appropriate information not only from the core switch to firewall uplink, but the trunk ports servicing the damaged Wireless Access Point as well.
Initially, the customer was concerned about introducing a single point of failure with the tap. This apprehension was eliminated by identifying the CTP-1000’s redundant power supplies and graceful failover features that ensured connectivity would not be lost, even if the tap failed. Since installation and the resolution of their problem, the customer has decided to leave Datacom Systems CTP-1000 network tap in line between the core switch and the firewall, maintaining a convenient entry point into all ingress and egress traffic in the future.