|By Gary Kaiser||
|July 7, 2014 08:15 AM EDT||
As a network professional, one of your newer roles is likely troubleshooting poor application performance. For most of us, our jobs have advanced beyond network "health," towards sharing - if not owning - responsibility for application delivery. There are many reasons for this more justifiable than the adage that the network is first to be blamed for performance problems. (Your application and system peers feel they are first to be blamed as well.) Two related influencing trends come to mind:
- Increased globalization, coupled with (in fact facilitated by) inexpensive bandwidth means that the network is becoming a more critical part of the business at the same time its constraint is shifting from bandwidth to latency.
- Many of the network devices - appliances - that sit in the path between remote offices and data centers are application-fluent, designed to enhance and speed application performance, often by spoofing application behaviors; in fact, many of these have evolved in response to problems introduced by increased network latency.
In an ideal world, your application performance management (APM) solution or your application-aware network performance management (AANPM) solution would automatically isolate the fault domain for you, providing all the diagnostic evidence you need to take the appropriate corrective actions. The reality is that this isn't always the case; intermittent problems, unexpected application or network behaviors, inefficient configuration settings, or just a desire for more concrete proof mean that manual troubleshooting remains a frequent exercise. Although it may seem like there are a near-unlimited number of root causes of poor application performance, and that trial and error, guesswork and finger-pointing are valid paths toward resolution, the truth is much different. In a series of network triage blog posts, I'll identify the very limited realm of possible performance constraints, explain how to measure and quantify their impact, illustrate these using network packet trace diagrams, and offer meaningful and supportable actions you might evaluate to correct the problem. Understanding how to detect these possible performance problems (there are twelve altogether) will help you troubleshoot faster, more accurately, with greater insight, while collaborating more effectively with your application and system peers.
In this introductory entry, I present the request/reply application paradigm assumption upon which most of the analyses depend, illustrate key packet-level measurements, and provide a list of the 12 bottleneck categories we'll discuss in future blog entries to the series.
Packet Flow Diagrams
Throughout the blog series I will be using packet flow diagrams to illustrate message flows on the network, often to emphasize TCP's influence on these flows. Some are drawings to illustrate concepts and theory, others are screenshots from Compuware's Transaction Trace Analysis that illustrate the pertinent performance bottleneck. The diagram conventions are simple:
- Each arrow represents one TCP packet
- Blue arrows are used to represent data packets
- Red arrows are used to represent TCP ACK packets
- The slope of the arrow represents network delay
- Time flows from top to bottom
We will frequently use the term "operation," which we define as the unit of work that an application performs on behalf of a user; we sometimes describe it as "Click (or Enter key) to screen update." Business transactions are made up of one or more operations; for example, a user may click through a series of screens (operations) to complete a customer order update. Operations are an important demarcation point, as they represent the unique performance dimension important to the business, to the user, and to IT. The time a user waits for the system to execute an operation impacts business transaction performance and therefore productivity, and is dictated by the performance of lower-level IT-managed hardware, software and services. Note that this terminology may differ somewhat from network probes that often use the term "transaction" to reference session-layer request-response exchanges, which we discuss next.
We assume a client/server or request/reply paradigm, with TCP as the transport; this covers virtually all of what we might refer to as interactive business applications. It would include, for example, web-based apps, "fat client" apps, file server access, file transfers, backups, etc. It specifically excludes voice and video streaming as well as the presentation tier of thin-client solutions that use protocols such as ICA and PCoIP.
For each operation, there will be at least one application-level request and one corresponding application-level reply. These can be considered application messages, sometimes referred to as application-layer protocol data units (PDUs). Consider a simple client-server operation. At the application layer, a request message is passed to the client's TCP stack (TCP socket) for segmentation (into packets), addressing, and transmission; these lower layer TCP stack functions are essentially transparent to the application. At the receiving end (the server), the data from the network packets is reassembled into the application layer message and delivered to the listener service for processing. Once processing is complete, the server application passes the reply message to the server's TCP stack, and the message contents are similarly segmented and transferred across the network to the client. The performance of these request/reply message exchanges is constrained by two factors; message processing (at the server or client) and message transmission (across the network).
It is helpful, then, to consider this request/reply message exchange as the basis for performance analysis; the reassembled messages represent our network-centric insight into the application, while the packets visible in the trace file inform us how efficiently the network transports these messages.
For further insight click here for the full article, and stay tuned for Part II.
Most organizations prioritize data security only after their data has already been compromised. Proactive prevention is important, but how can you accomplish that on a small budget? Learn how the cloud, combined with a defense and in-depth approach, creates efficiencies by transferring and assigning risk. Security requires a multi-defense approach, and an in-house team may only be able to cherry pick from the essential components. In his session at 19th Cloud Expo, Vlad Friedman, CEO/Founder o...
Jul. 26, 2016 04:30 AM EDT Reads: 1,868
Jul. 26, 2016 04:15 AM EDT Reads: 1,225
Jul. 26, 2016 03:45 AM EDT Reads: 1,830
Jul. 26, 2016 03:30 AM EDT Reads: 1,065
Jul. 26, 2016 02:45 AM EDT Reads: 1,537
Jul. 26, 2016 02:00 AM EDT Reads: 1,328
Jul. 26, 2016 01:45 AM EDT Reads: 2,193
Jul. 26, 2016 01:45 AM EDT Reads: 1,308
Jul. 26, 2016 01:30 AM EDT Reads: 997
Jul. 26, 2016 01:30 AM EDT Reads: 1,688
Jul. 26, 2016 01:30 AM EDT Reads: 1,476
Jul. 26, 2016 01:15 AM EDT Reads: 2,530
Jul. 26, 2016 12:45 AM EDT Reads: 641
Jul. 26, 2016 12:00 AM EDT Reads: 2,150
Jul. 26, 2016 12:00 AM EDT Reads: 1,545