Introduction

From Allegro Network Multimeter Manual
Revision as of 12:44, 29 April 2020 by Soumar (talk | contribs)
Jump to navigation Jump to search

The Allegro Network Multimeter is a real-time network measurement tool to identify network problems, performance bottlenecks, and to measure network quality parameters. It can be used for network trouble shooting, performance measurement, performance monitoring, and other use cases. The device is easy to install and provides a modern web based interface to analyze multiple network traffic parameters from all layers of the network stack.

The device can be placed inline in gigabit networks, or running on a mirror port of a router. It will measure the following network parameters:

  • Layer 2 MAC analysis: Througput, assigned IP addresses, communication peers, and more
  • Layer 3 IP analysis: Throughput, used IPs, communication peers, connection information, DPI protocols used, Geolocation (country information)
  • Layer 7 analysis: passive DNS name resolving, passive DHCP information, DPI protocols


Introduction


All information are available in realtime including history graphs of the traffic for the complete device, per MAC address, per IP address, or even per protocol. Additionally, graphs can be clicked to zoom into a specific time frame and see measurement results for only that time window.

The device uses only in-memory storage and does not store any network information permanently, allowing to use the device also in restricted areas where no data is allowed to be stored. One exception, if configured, is the packet ring buffer (see Storage). Packets captured to the packet ring buffer are stored permanently until the ring buffer is deleted.

The Allegro Network Multimeter provides open interfaces to extract all information visible in the web interface for further processing.

Also, network traffic can be captured in real-time as HTTP downloads, including filtering to selected IPs, protocols, or MAC address.

Dynamic memory utilization

The Allegro Network Multimeter dynamically adjust its memory usage to the traffic it sees. This means that in smaller networks the device can store historical data longer while for larger networks the device stores more IP addresses and related information, but for a shorter amount of time.

The Network Multimeter will automatically remove old data from memory if the memory usage is above 90%. At the web interface, the system info page in the info submenu shows the current usage and more importantly for which period of time data is available.

A high memory usage is usually not a problem as the device will not remove any measured data unless the limit of 90% is reached. So over time, 90% of the memory will be used. However, the type of traffic has a direct influence on how long data can be accessed.

If the memory usage keeps increasing to 100%, the system can no longer free memory as all information are too recent to be freed. This basically means that for the current traffic load, a larger Allegro Network Multimeter is required.

By default, all graphs show network traffic in one second resolution for recent traffic and reduces the detail level for older traffic. In the Settings it is possible to adjust the graph resolution and reduction values to either get more detailed graphs or longer data storage time.

Name correlation

The Network Multimeter will present name information wherever available and use different data sources for extracting name information for network devices (and their IP addresses). Names are often announced by the devices itself (via DHCP or NetBIOS), or are part of the network infrastructure (via DNS or HTTP host names).

All information is gathered during runtime and shown for each IP address to make it possible to identify the actual system behind.

Depending on the network setup, the same IP can be assigned to different devices over time. The Allegro Network Multimeter will show as much name information as possible even if such information is outdated. This means that it can happen that a name is shown for an IP address that actually belongs to a different device. This is usually not a problem since new device should announce their name so that the internal name database will be up to date again.

Retrieved from "https://allegro-packets.com/wiki/index.php?title=Introduction&oldid=2425"