1. Introduction

In this tutorial, we’ll study what North-South and East-West mean in the context of network traffic. First, we’ll give an overview of the terminology. Then, we’ll understand the concept of each term. Finally, we’ll look at an example to better clarify the concept of the two terms.

2. Terminology

Both the terms North-South and East-West are widely applied when referring to different network traffic flows. This terminology is related to the way network designers typically draw network diagrams.

The reason is that diagrams generally represent communications between devices within the network scope horizontally and external connections vertically. Thus, we can use North-South to refer to horizontal communications and East-West for vertical ones.

We can use this terminology in many different contexts. However, the scope of the network (which defines whether traffic is internal or external) varies for each case.

For example, it is widespread to use this terminology in the context of data centers. However, we can also use these terms to distinguish traffic in the scope of a LAN (Local Area Network), a specific distributed system, a data center, a domain, and many others.

3. North-South and East-West Traffic

North-South usually describes any traffic coming in and out of a network scope. Thus, this term refers to communication between a device inside the scope of a network and any other device outside it, and vice versa.

A common use of the term North-South is to indicate client-to-server traffic. In this case, the client is usually outside the scope of the server’s network (or data center, domain, etc). However, we can apply this term when referring to traffic between devices other than clients and servers.

The term East-West traffic refers to traffic between devices within a network scope. Therefore, we can employ this term to indicate a communication that occurs internally in a network.

The term East-West generally describes traffic between servers in the same network scope. However, we can use this term to refer to traffic between any other type of device inside the same scope.

For example, a well-known case of East-West traffic occurs when switches exchange spanning-tree information to prevent network loops in a data center. In this case, traffic flows only within the data center.

4. An Example in a Data Center

Now that we’ve learned both terms’ definitions, let’s examine an example. In this example, we depict the two types of traffic in the same scenario.

The figure below illustrates a client requesting a service over the Internet for a server located in a typical data center. We have a set of compute servers and storage devices within the data center. In addition, to ensure better performance and management control, we also have a network organized into different layers:

North

In the case shown, the green line represents the communication between client and server. As we can see, this line indicates an external communication. Moreover, the diagram represents it horizontally. Therefore, we can say that this green line represents North-South traffic.

The figure also shows the purple line representing communication between the server and a storage device. This line illustrates a very common case in which a server needs to access some content in storage (or even in a database) to respond to the client properly.

As we can notice, the purple line indicates internal communication that only flows through the ToR (Top of Rack) and Aggregation switches. Also, it’s drawn vertically in the diagram. Thus, in this case, we can say that the purple line represents East-West traffic.

5. Amount of Traffic and Security Issues: North-South vs East-West

These two types of traffic represent different forms of communication (internal and external), and it’s natural for one to occur more than the other. In general, external communications (North-South) generate a greater amount of traffic than internal communications (East-West).

Also, North-South traffic represents all the communication with external entities (such as clients and partner organizations). Thus, this type of traffic often involves the exchange of sensitive information, such as user credentials. For this reason, North-South traffic is often considered more critical than East-West.

In this sense, to ensure the performance and security of North-South traffic, organizations have applied many tools. It includes the use of firewalls, intrusion detection systems, VPNs, and protocols such as TLS.

However, recent trends have transformed East-West traffic, significantly increasing the amount of data generated and also its relevance. In particular, these changes are driven by technologies such as NFV, SDN, and microservice architectures, which potentially increase the amount of East-West traffic.

6. Conclusion

In this article, we studied the concept of North-South and East-West traffic. As we’ve learned, North-South typically refers to external communications that generate traffic coming in and out of some network scope. On the other hand, we generally call communications that occur only within a certain network scope as East-West.