In many data centers, latency and jitter are the most important metrics. Even the small amounts of delay (latency) or delay variation (jitter) introduced by a switch can have a profound impact on application performance. In the data center and inside the LAN where devices are only a few meters apart every microsecond counts.  Latency is also important limiting factor for high frequency computing (HPC): The more transactions an organization can process in a given unit of time, the more revenue it can expect to realize. In other words the more it takes to process packets, fewer transactions will happen.

To help reduce latency and jitter a cut-through switching architecture is required. Cut-through architecture is one method of design for packet-switching systems. 

When a packet arrives at a switch, the switch starts forwarding the packet almost immediately, reading only the first few bytes in the packet to learn the destination address. The opposite approach is the store-and-forward technique that is commonly used in traditional bridges and routers. In this approach, the entire packet is received in a buffer before it is forwarded. The device performs error checking on the packet as well. The entire store-and-forward process takes time and adds latency. Some might say that it store-and-forward reduces error rate but IMO this is just an implementation issue.

As network throughput has increased, the cut-through method became an essential part of switch design. It is no longer possible to hold packets up using the store-and-forward method. Both store-and-forward and cut-through Layer 2 switches base their forwarding decisions on the destination MAC address of data packets. They also learn MAC addresses as they examine the source MAC (SMAC) fields of packets as stations communicate with other nodes on the network.

When a Layer 2 Ethernet switch initiates the forwarding decision, the series of steps that a switch undergoes to determine whether to forward or drop a packet is what differentiates the cut-through methodology from its store-and-forward counterpart.

Whereas a store-and-forward switch makes a forwarding decision on a data packet after it has received the whole frame and checked its integrity, a cut-through switch engages in the forwarding process soon after it has examined the destination MAC (DMAC) address of an incoming frame.

Director xStream and iLinkAgg xStream are based on cut-through architecture providing the necessary ultra low latency and predictable jitter that enables the modern data center architects and designers to build monitoring solutions that meet the business needs of today and tomorrow.  

The following diagram illustrates the architecture advantages very nicely:

 The benefits of Cut-Through switching architecture


BTW, you can also read about this subject in our eBook top 5 ways to enhance your cisco environment. You can register to download it from this link

2011 Inc. 500 | 5000 List


For the second year in a row, Net Optics has been chosen as one of America’s 5000 fastest-growing private companies by the editors of Inc. Magazine! Each year, the business and IT media pundit sifts through more than 30 million U.S. companies for those worthy of inclusion in the elite Top 5,000 of highest performers. These companies represent the fastest-growing and market-savviest upper levels of their respective marketplaces.

Net Optics is very thankful to have received the recognition and to be part of the Inc. 500 | 5000 list for 2011. Watch the video above of Net Optics President and CEO, Bob Shaw speak about the accomplishment!

Net Optics will be at this year's upcoming Interop New York at Booth 611 with Director of Cloud Solutions Ran Nahmias presenting at the Speaker Center. Ran's presentation will be in focus of virtual networks, virtual switches and how they are implemented in ESX environments. The session will take a deep technological dive to cover best practices in solving today's biggest challenges in security, compliance and visibility for virtualization. Ran will also cover the existing technologies for virtual networks monitoring solutions starting with virtual switch promiscuous mode, VM layer probes and the recently announced kernel implementation of a monitoring shim.

Videos of the Director GUI and CLI

Director's Web GUI and Command Line Interface can be a bit intimidating when you first get started. Visit the Net Optics Videos page to view walk-throughs of these two management interfaces. As of this writing, they reside in the third row of videos on the page.

Net Optics Product Management Team

Halloween is coming up soon—the candy and costumes are already showing up in the stores. So it's a good time to talk about masks; in this case, masks in filters.

In the Net Optics Director family of filtering monitoring switches, most of the filter qualifiers accept masks. For example,

filter add ip_src= ip_src_mask= in_ports=...

The mask says that the first three octets of the IP source address are significant, and the last octet is to be ignored. In other words, it designates the address range to In CIDR notation this range is, meaning that the first 24 bits are signficant. (CIDR notation is not accepted in the Director CLI.)

You can also enter ranges directly. For example,

filter add l4_src_port=9000-9030 in_ports=...

If you are working with a Director Pro device, the Pro engine (which does Deep Packet Inspection and dynamic load balancing) will implement the range 9000-9030 exactly as requested. However, if you have a Director, which lacks the Pro engine, the range will be implemented as a mask, selecting the mask that results in the smallest range that includes the requested range:

Net Optics> filter add l4_src_port=9000-9030 in_ports=m.1 in_ports=...
Net Optics> filter list
Filter #1:  l4_src_port=8960-9087/ffffff80 in_ports=...
Net Optics>

The range 9000-9030 was replaced with the value 8960 and the mask 0xffffff80, resulting in an actual range of 8960-9087 (0x2300-0x237f). It is a little be wider than the requested range of 9000-9030.

Here is where things start to get interesting and scary. Somebody (Marcel Trojahn) went through the trouble of creating a tool that calculates a set of masks that generate the exact range for any requested range. You can find it at on his blog: ("u32 port masks"). [Note: You may need to use Firefox for the tool to work. We had some trouble with Internet Explorer.] For this case, it calculates:

A total of 5 filters will be necessary to cover the port range 9000-9030...
Here some example filters:
tc filter add (...) u32 match ip [s-d]port 9000 0xfff8 flowid (...)
tc filter add (...) u32 match ip [s-d]port 9008 0xfff0 flowid (...)
tc filter add (...) u32 match ip [s-d]port 9024 0xfffc flowid (...)
tc filter add (...) u32 match ip [s-d]port 9028 0xfffe flowid (...)
tc filter add (...) u32 match ip [s-d]port 9030 0xffff flowid (...)

We can use this information in Director like this:

Net Optics> filter add l4_src_port=9000 l4_src_port=65528 in_ports=...
Net Optics> filter add l4_src_port=9008 l4_src_port=65520 in_ports=...
Net Optics> filter add l4_src_port=9024 l4_src_port=65532 in_ports=...
Net Optics> filter add l4_src_port=9028 l4_src_port=65534 in_ports=...
Net Optics> filter add l4_src_port=9030 l4_src_port=65535 in_ports=...
... repeating the same in_ports, action, and redir_ports in each filter.

Trojahn's tool is a very cool treat!

One final trick with masks. If you are on a Director, you cannot specify both a mask and a range for the same filter qualifier. The reason is that the range converts to a mask, as we've seen, so the specified mask become a duplicate, conflicting parameter.

However, if you are on a Director Pro, you can specify both a mask and range. The mask gets implemented in the standard TapFlow filtering engine, and the range gets implemented in the Pro engine. Here is an example of how this trick is useful:

filter add ip4_src= ip4_src_mask=1 in_ports=...

The the mask selects all packets with odd-numbered IPv4 source addresses because all bits except the least significant bit are masked off. The Pro engine applies the range, resulting in passing packets with IP source addresses,, and—all the odd source addresses in the range.

So there's a trick and a treat for you with masks!  I hope you find them useful, and I hope you like the picture of the Net Optics Product Management team at the top of this post. I am on the left.  :-)

Recruiting, cultivating, and maintaining talented employees is a job in and of itself.  Whether the job market is slow or sizzling, there are steps employers can take to make sure they attract, keep, and develop a talented workforce.  From day one, Net Optics has made job satisfaction and professional development a top priority.  Now we’re ready to share some of our secrets so our partners and customers can reap the benefits of happy and motivated employees.  Click on the link to hear our corporate coach, Terri Kabachnik.

And for those of you with subscriptions to HR West magazine, check out the August issue wherein Net Optics shares some of it’s unique talent management techniques.