Measurement modules

From Allegro Packets Product Wiki
Jump to navigation Jump to search

The Allegro Network Multimeter provides a number of network measurement modules for different use cases. Here you can find a list of modules and a short description and see the specific module for detailed documentation.

Generic modules

The Capture module lists all running captures which were started interactively in any other module.
It also allows for starting new captures with specific filters.
This module allows you to measure packet loss and latency between two Multimeter installations.
The packet ring buffer feature allows you to create a buffer of fixed size on an external storage device to which all processed packets will be recorded. If the fixed size buffer is full, the oldest packets in the buffer will be replaced with new packets in a round-robin fashion.
The Pcap analysis module allows for the analysis of Pcap files by sending them to the appliance. After analyzing a Pcap, the web interface displays all the metadata as if the packets are live traffic at the time of the Pcap recording.
The Incidents module allows for notifications to be created when specific network incidents are detected.

L2 - Ethernet Layer

The MAC module gathers information about all captured MAC addresses, including the protocols used, traffic, communication peers and MAC/IP mappings.
The QoS module processes and displays traffic with QoS tags VLAN PCP and MPLS TC on Layer 2 (and IP DSCP on Layer 3).
The packet size module accounts the size of all packets (Layer 2 with CRC) and shows packet size distribution.
The ARP module monitors ARP packets for tracking MAC addresses and announced IP addresses.
The VLAN module accounts traffic per VLAN tag seen on the network.
The MAC protocols module accounts traffic of all different MAC protocols.
The stp module analyzes STP traffic and shows a history of the identified root Bridges with their configurations.
The MPLS module displays information about all identified MPLS labels (single label and double-stacked).
The LLDP module extracts information from LLDP (Link Layer Discovery Protocol) messages and correlates this information to the respective MAC and IP addresses.
The PPPoE module displays all PPPoE sessions and traffic within a specific session.
The Burst analysis module measures throughput per interface or MAC address and displays utilization graphs for fast burst recognition.

L3 - IP Layer

The IP module gathers information about all captured IPv4 and IPv6 addresses including the protocol used, traffic, communication peers, and connections.
The QoS module processes and displays traffic with QoS tags for IP DSCP on Layer 3 and VLAN PCP (and MPLS TC on Layer 2).
The Network Multimeter uses a geolocation library to identify the IP addresses of individual countries. The country information is shown in other modules; however, this web page lists all countries and their corresponding amount of traffic. It also shows detailed statistics per country including all IP addresses seen for that country.
The DHCP module tracks requests and responses for dynamic IP assignments in networks.
DNS name resolving is handled passively by processing all DNS requests and responses captured by the system.
This module lists all IP addresses and names known by the system. This information is used by other modules to look up names.
The NetBIOS module monitors NetBIOS packets for tracking announced host names for IP addresses.
The ICMP module shows information about ICMP traffic and specific packet types.
The multicast module analyzes IGMP traffic and displays detailed information on multicast groups and members.

L4 - Transport Layer

The Connections module provides access to a list of connections of all IPs aggregated together based on selected sort and filter parameters.
The TCP module measures the TCP handshake time for connection setup. It allows you to identify slow responding servers in a network.
The Layer 4 server ports module measures traffic per TCP and UDP server port.
The IPSec module shows information about IPSec ESP traffic and sequence counter correctness.

L7 - Application Layer

The SSL module keeps track of SSL server names and common names in SSL/TLS encrypted traffic. It enables you to get the name resolved even if no DNS has been seen.
The HTTP module keeps track of HTTP host names requested in HTTP connections. It allows you to get the name resolved even if no DNS has been seen and to see which virtual host is handled by a given server.
The L7 module gathers information about all supported Layer 7 protocols. This includes information on how much traffic was seen for each protocol for each IPv4 and IPv6 address.
The response-time analysis module allows you to define your own protocol request and response pattern and measure the response time and request/response loss.
The SMB module gathers information about all SMB servers handling unencrypted traffic. It shows which shares have been accessed and which files in those shares have been read or written to, together with detailed statistics per file.
The SIP statistics includes all SIP calls and their associated metadata.
The NTP module shows detailed information about Network Time Protocol servers selected and their corresponding network clients.
The PTP module stores the PTP members and their associated metadata like the PTP version.
The Profinet module analyzes Profinet RT cyclic and acyclic traffic and displays details on all devices and their communication relationships.
The OPC-UA module displays information about OPC-UA binary protocol traffic and performs response-time measurement.
The RTP module shows detailed information about RTP codecs used.