MetaConnect: a better way to tap

Latest News AND EVENTS

Stay up to date and find all the latest news and latest events from Metamako right here.

MetaConnect: a better way to tap

Posted on August 18, 2014 by David Snowdon 18 August 2014

There are lots of reasons that organisations need to tap a feed, replicating it to a second endpoint. For example, compliance requirements might necessitate a record of all data traversing the network for later audit. Security and intrusion detection can be performed out of band by replicating streams to a logging device. Media broadcast might benefit from recording all video feeds. An example that's close to our hearts at Metamako is latency measurement in financial trading systems – taps can be used to replicate the input and output of a system to a packet capture and logging device, and thereby allow for an accurate analysis of the response time of the system.

The pricing in the tables below were obtained using CDW's pricing on a reasonable option in the product category. Note that we have not tested this combination of products and make no guarantees. The product selection was purely for example's sake (as was our use of CDW's pricing). Your preferences and product choices may well vary, and so your results below may vary and you should check all this for yourself. We've tried to be conservative. Barring mistakes, the prices were obtained from CDW's web site, and are current as of 17th August, 2014, and are in US Dollars. 

Optical taps

The traditional way monitor a connection is using passive optical taps. These take an optical fibre, put it through a prism, half silvered mirror, or simply a Y cable, and thereby split half of the light to each of two cables. It's a low-latency way of doing things – you only incur the latency for the cable – and it's deterministic – the light takes the same amount of time to travel the length of the fibres/prism/mirror. Of course, to do this, you need to be using optical fibre, and that introduces the big downside to using optical taps – cost. Say you wish to tap a set of 10G links in a rack, and the endpoints of those links are all SFP+ connectors. Instead of using cheap twin-ax copper cables, you now need to cable everything using fibre, and you need to use fibre SFP+ modules. Each of those modules costs money. You also need to use fibre SFP+ modules to receive the data – one module for each direction. And you need two optical taps for each connection, which need to be mounted securely somewhere in the rack. All of this adds up. 

Replace with MetaConnect

MetaConnect is a much better alternative to using optical taps. The latency through MetaConnect is about the same as through an optical tap, with the same determinism. We're not focussing on them in this article, but there are a lot of advantages other than a significantly lower total cost. MetaConnect regenerates the signals, so instead of degrading the signals as a passive optical solution does, MetaConnect uses CDR and EDC to recover the signal and retransmit it. That means less errors in your packets. You also get the ability to dynamically patch the connections (including which packet capture device is connected to which). You also get the ability to use twinax cables from different vendors (since MetaConnect should work with all vendors' SFP+ cables and modules. I'll stop going on about it, but some other great features are the ability to see the signals, do loopbacks for testing, see the packet count on each line, sniff the lines using tcpdump, disconnect or reconnect lines, etc. 

You need to factor the pricing for MetaConnect. For a real quote, you should get in touch with us (info@metamako.com). For these purposes we'll assume that a MetaConnect 48 device is used, and that it costs $15kUSD (in reality our pricing is less than this). A MetaConnect 48 device can support up to 12 bi-directional links. So each bi-directional tap costs about $1250USD in the MetaConnect if it's fully utilised. You might not use every port in a MetaConnect, so the cost of MetaConnect may be amortised over a smaller number of ports than 48. 

In addition to a pure cost saving, you also get dynamic patching, visibility into your signals, packet-awareness (packet statistics), PRBS capabilities, timestamping capabilities (reducing the cost of the packet capture cards needed), and a great management platform and interface. It's true that the MetaConnect introduces an extra point of failure... However our fault-tolerant hardware (including redundant fans and power supply modules) results in a low likelihood of an event which would not have also taken out the rest of the rack. (For example, should both power feeds fail, the rest of the rack will also be left completely without power). 

Example 1: Connect two vendor-agnostic devices intra-rack

Our first example is where two devices which do not have a particular SFP+ requirement (i.e. they are not vendor-locked) are connected together within the same rack. These can be connected using twinax copper cables. So the base cost is:

Item
Number
Unit cost
Total cost
Twinax cable 1 29.99 29.99
Total     29.99

 

If we want to tap this connection using optical taps, ignoring the cost of the packet capture device, we estimate the tapping equipment to be (your milage may vary depending on the quality of the SFP+ module you use): 

Item
Number
Unit cost
Total cost
Optical tap (bidirectional)* 1 2,549.99 2,549.99
10GBase-SR SFP+ Module 4 106.99 427.96
10GBase-SR fibre (full duplex) 4 19.99 79.96
Total     3057.99

 

So we can see that for the cabling to tap the connection (which must run using optics rather than copper), we pay an extra $3028 in this case. 

Let's compare these scenarios with a similar setup using a MetaConnect and passive direct-attach twinax cables:

Item
Number
Unit cost (estimate)
Total cost
Twinax cable 4 29.99 119.96
Amortised cost of MetaConnect 48 port (indicative pricing) 4 312.50 1,250.00
Total     1,369.96

 

So, instead of paying $3,057.99 as we would have using optics, we've paid $1,369.96, a $1,688 saving, while simultaneously improving the feature set and providing some fantastic new capabilities. 

If the MetaConnect 48 is not fully utilised, the cost per port will be higher. The break-even point in this scenario is 6 bi-directional taps – i.e. the MetaConnect 48 only needs to be half utilised. 

Note also that multiple taps from a single source can be made easily in a MetaConnect, simply using an extra port for each extra tap. 

Example 2: Connecting two CISCO vendor locked devices intra-rack

And if we were connecting two CISCO switches which require CISCO SFP+ modules and cables, connecting using twinax: 

Item
Number
Unit cost
Total cost
CISCO Twinax cable 1 129.99 129.99
Total     129.99

 

And then connecting using optics (we use cheaper Finisar SFP+ modules for the packet capture device, since this is usually the case): 

Item
Number
Unit cost
Total cost
Optical tap (bidirectional) 1 2,549.99 2,549.99
CISCO 10GBase-SR SFP+ Module 2 691.99 1,383.98
Packet capture device 10GBase-SR SFP+ Module 2 106.99 213.98
10GBase-SR fibre (full duplex) 4 19.99 79.96
Total     4,226.92

 

In this case we've paid extra for the vendor-locked SFP+ modules. The difference in the cabling cost to tap is $4,096.93. 

Using MetaConnect, we need to use two CISCO direct-attach cables (note that if it were two different brands, the MetaConnect would be able to connect the two): 

Item
Number
Unit cost (estimate)
Total cost
CISCO Twinax cable 2 129.99 259.98
Twinax cable 2 29.99 59.98
Amortised cost of MetaConnect 48 port (indicative pricing) 4 312.50 1,250.00
Total     1,539.97

 

So, compare the pricing of optics vs. MetaConnect – $4,226.92 vs. $1,539.97... A saving of $2,686.95. The break-even is at four taps (i.e. four bi-directional taps will cost less using MetaConnect than using optics). 

Example 3: Connect a CISCO switch to a 10GBase-LR WAN link

Another common situation is to tap a WAN link. The first major problem with this is that the signal is degraded – some portion of the optical power (at least 10%) is sent to the packet capture device, and the rest is sent to the WAN link. This happens in both directions, so the signal is degraded on the way in and on the way out. 

Say you're using 10GBase-LR  (by no means the most expensive medium) to connect to a CISCO switch:

Item
Number
Unit cost
Total cost
CISCO 10GBase-LR SFP+ module 1 2777.99 2,777.99
Single mode Fibre   1 25.99 25.99
Total     2,803.97

 

And then to tap the link, you need the following:

Item
Number
Unit cost (estimate)
Total cost
Optical tap (bidirectional) 1 2,549.99 2,549.99
CISCO 10GBase-LR SFP+ Module 1 2777.99 2777.99
Finisar 10GBase-LR SFP+ Module 2 192.99 385.98
Single mode Fibre 3 25.99 77.97
Total     5,791.93

 

So the difference in cost between the tapped and untapped cabling is $2,987.96. 

If we implement this scenario using MetaConnect, we no longer need to use CISCO optics (since the WAN interface is connected to the MetaConnect, which can use any optics). This is a fantastic capability!

Item
Number
Unit cost (estimate)
Total cost
Finisar 10GBase-LR SFP+ Module 1 192.99 192.99
CISCO Twinax cable 1 129.99 129.99
Twinax cable 2 29.99 59.98
Amortised cost of MetaConnect 48 port (indicative pricing) 4 312.50 1,250.00
Total     1,632.96

 

This is a phenomenal saving. Instead of paying $5,791.93 for your cabling, you've paid $1,632.96 – a saving of $4,158 per bidirectional link. The breakeven point is just three links.

The ability to use any optics you want is a real drawcard. You might want to use the MetaConnect this way even if you weren't tapping. The total cost of a CISCO Twinax cable, Finisar SFP+ module and two ports on a MetaConnect 48 ($947.98) is significantly lower than the cost of a single CISCO 10GBase-LR module ($2,777.99). 

Our conclusion

You might have guessed it already, but we think that MetaConnect is an awesome alternative to an array of passive optical taps. Don't forget that you can use the MetaConnect ports however you want, so one device can perform more than one function. Check out our use cases page for more information about other ways to use MetaConnect.