Introduction: Difference between revisions

From Allegro Network Multimeter Manual
Jump to navigation Jump to search
Access restrictions were established for this page. If you see this message, you have no access to this page.
No edit summary
No edit summary
Line 12: Line 12:


All information is available in Real-Time including history graphs of the global traffic, traffic per MAC address, per IP address, or even per protocol. Additionally, graphs can be clicked to zoom into a specific timeframe and see measurement results for only that specific time interval.
All information is available in Real-Time including history graphs of the global traffic, traffic per MAC address, per IP address, or even per protocol. Additionally, graphs can be clicked to zoom into a specific timeframe and see measurement results for only that specific time interval.
=== Data processing and storage ===
=== Data processing and storage ===
The Allegro Network Multimeter consists of two separate data planes, fascilitating two modi operandi.
The Allegro Network Multimeter consists of two different and completely separate types of memory where data is being processed (RAM and Storage), which facilitates different modes of opperation.
 
1. Allegro Network Multimeter uniquely utilizes Random Access Memory (RAM) to construct its very fast In-Memory Database. Measurement data and statistics shown throughout the web-interface/dashboard, are stored in, and retrieved from RAM. This allows for the Allegro Network Multimeter to be used in restricted and or GDPR/AVG sensitive areas, where it is not allowed to store or remove data.
 
2. Allegro Network Multimeter facilitates the use of a so called Packet Ring Buffer. The packet ring buffer (see [[Storage]]) is a HDD/SSD storage device where packet data can be stored "permanently". This allows a Allegro Network Multimeter user to retroactively extract packets of interest from the web-interface, in the form of a pcap, for in depth analysis with Allegro's built in Webshark or Wireshark.
=== Dynamic memory utilization ===


The Allegro Network Multimeter dynamically adjusts its memory useage to the traffic it sees. This means that in smaller networks the device can store historical data longer while for larger networks the device stores more IP addresses and related information, but for a shorter amount of time.
1. Allegro Network Multimeter uniquely utilizes Random Access Memory (RAM) to construct its very fast In-Memory Database. Measurement data and statistics shown throughout the web-interface/dashboard, are stored in, and retrieved from RAM. This allows for the Allegro Network Multimeter to be used in restricted and GDPR/AVG sensitive areas, where it is not allowed to store or remove data. Statistics and data shown in the dashboard will be gone in event of a power cycle.


The Network Multimeter will automatically remove old data from memory if the memory useage is above 90%. At the web interface, the system info page in the info submenu shows the current useage and more importantly for which period of time data is available.
2. Allegro Network Multimeter facilitates the use of a so called Packet Ring Buffer. The packet ring buffer (see [[Storage]]) is a HDD/SSD storage device where packet data can be stored "permanently". This allows Allegro Network Multimeter users to retroactively extract packets of interest from the web-interface. In depth analysis of such extracted pcap file can be done either with Allegro's built in Webshark or with Wireshark.


A high memory useage is usually not a problem as the device will not remove any measured data unless the limit of 90% is reached. So over time, 90% of the memory will be used. However, the type of traffic has a direct influence on how long data can be accessed.
The use of a packet ring buffer also allows to easily replay network traffic (or parts thereof) that was captured to the storage device. So for instance, an engineer could send out a portable Allegro Network Multimeter to a remote site/customer, have the Allegro collect network traffic for multiple days and replay & analyse this data afterwards. Packet broker type filters can be set for the In-Memory Database and the packet ring buffer.
===Dynamic memory utilization===
The Allegro Network Multimeter dynamically adjusts its memory usage to the traffic it sees. This means that in smaller networks with few IPs and connections, the analyzer can store historical data longer than in larger networks with far more IP- and connection information.


If the memory useage keeps increasing to 100%, the system can no longer free memory as all information are too recent to be freed. This basically means that for the current traffic load, a larger Allegro Network Multimeter is required.
The Network Multimeter will automatically remove old data from memory (FiFo) if the memory useage is above 90%. Under "Info" in the web interface's menu, the "System info" page shows the current usage and, more importantly, for which period of time data is available.


By default, all graphs show network traffic in one second resolution for recent traffic and reduces the detail level for older traffic. In the Settings it is possible to adjust the graph resolution and reduction values to either get more detailed graphs or longer data storage time.
A high memory useage is usually not a problem as the device will not remove any measured data unless the limit of 90% is reached. So over time, 90% of the memory will be used. The type of traffic has a great influence on how long data can be accessed.


=== Name correlation ===
In a situation where the memory useage keeps increasing to 100%, the Analyzer is overloaded. This basically means that for that traffic load or situation, a larger Allegro Network Multimeter is required.


The Network Multimeter will display name information wherever available and use different data sources for extracting name information for network devices (and their IP addresses). Names are often announced by the device itself (via DHCP or NetBIOS), or are part of the network infrastructure (via DNS or HTTP host names).
By default, all graphs will display recent network traffic with a 1 second resolution. For older traffic the graph resolution will dynamically be lowered e.g. up to 16s. It is possible to adjust the aforementioned graph resolution and reduction values in the settings, to either get more detailed graphs OR a longer period of data & statistics available in the dashboard.
===Name correlation===
The Network Multimeter will display "Name information" whenever available. Different data sources are used for extracting such name information from network devices and their respective IP addresses. Name information is often announced by the device itself (via DHCP or NetBIOS), or as part of the network infrastructure (via DNS or HTTP host names).


All information is gathered during runtime and shown for each IP address to make it possible to identify the actual system parameters.
All information is gathered during runtime and shown for each IP address to make it possible to identify the actual system parameters.


Depending on the network setup, the same IP can be assigned to different devices over time. The Allegro Network Multimeter will show as much name information as possible even if such information is outdated. This means that it can occur that a name is displayed for an IP address that belongs to a different device. This should not be a problem since new devices should announce their name to bring the internal name database up to date again.
Depending on the network setup, the same IP can be assigned to different devices over time. The Allegro Network Multimeter will show as much name information as possible even if such information is outdated. This means that it can occur that a name is displayed for an IP address that actually belongs to a different device. This is not really a problem, since new devices (should) announce their name regularly, which will bring the internal name database up to date again.

Revision as of 14:59, 6 November 2020

he Allegro Network Multimeter is a real-time network measurement tool to identify network problems, performance bottlenecks, and to measure network quality parameters. It can be used for network troubleshooting, performance measurement, performance monitoring and other use cases. The appliance is easy to install and provides a modern web-based interface to analyze multiple network traffic parameters from all Layers of the network stack.

The appliance can be placed inline in gigabit networks, or running on the Mirror Port of a router. It will measure the following network parameters:

  • Layer 2 statistics & analysis MAC, QoS, ARP, VLAN, STP, MPLS, LLDP, PPPoE, packet size distribution and Micro burst analysis.
  • Layer 3 statistics & analysis Individual IP, QoS, DHCP, DNS, Netbios, ICMP, Multicast and Geolocation.
  • Layer 4 statistics & analysis TCP, IPSec, individual connections and L4 server ports.
  • Layer 7 statistics & analysis SSL, HTTP, SIP, RTP, SMB, Profinet, OPC-UA, L7 app. protocols, NTP, PTP and custom response time analysis.
Introduction


All information is available in Real-Time including history graphs of the global traffic, traffic per MAC address, per IP address, or even per protocol. Additionally, graphs can be clicked to zoom into a specific timeframe and see measurement results for only that specific time interval.

Data processing and storage

The Allegro Network Multimeter consists of two different and completely separate types of memory where data is being processed (RAM and Storage), which facilitates different modes of opperation.

1. Allegro Network Multimeter uniquely utilizes Random Access Memory (RAM) to construct its very fast In-Memory Database. Measurement data and statistics shown throughout the web-interface/dashboard, are stored in, and retrieved from RAM. This allows for the Allegro Network Multimeter to be used in restricted and GDPR/AVG sensitive areas, where it is not allowed to store or remove data. Statistics and data shown in the dashboard will be gone in event of a power cycle.

2. Allegro Network Multimeter facilitates the use of a so called Packet Ring Buffer. The packet ring buffer (see Storage) is a HDD/SSD storage device where packet data can be stored "permanently". This allows Allegro Network Multimeter users to retroactively extract packets of interest from the web-interface. In depth analysis of such extracted pcap file can be done either with Allegro's built in Webshark or with Wireshark.

The use of a packet ring buffer also allows to easily replay network traffic (or parts thereof) that was captured to the storage device. So for instance, an engineer could send out a portable Allegro Network Multimeter to a remote site/customer, have the Allegro collect network traffic for multiple days and replay & analyse this data afterwards. Packet broker type filters can be set for the In-Memory Database and the packet ring buffer.

Dynamic memory utilization

The Allegro Network Multimeter dynamically adjusts its memory usage to the traffic it sees. This means that in smaller networks with few IPs and connections, the analyzer can store historical data longer than in larger networks with far more IP- and connection information.

The Network Multimeter will automatically remove old data from memory (FiFo) if the memory useage is above 90%. Under "Info" in the web interface's menu, the "System info" page shows the current usage and, more importantly, for which period of time data is available.

A high memory useage is usually not a problem as the device will not remove any measured data unless the limit of 90% is reached. So over time, 90% of the memory will be used. The type of traffic has a great influence on how long data can be accessed.

In a situation where the memory useage keeps increasing to 100%, the Analyzer is overloaded. This basically means that for that traffic load or situation, a larger Allegro Network Multimeter is required.

By default, all graphs will display recent network traffic with a 1 second resolution. For older traffic the graph resolution will dynamically be lowered e.g. up to 16s. It is possible to adjust the aforementioned graph resolution and reduction values in the settings, to either get more detailed graphs OR a longer period of data & statistics available in the dashboard.

Name correlation

The Network Multimeter will display "Name information" whenever available. Different data sources are used for extracting such name information from network devices and their respective IP addresses. Name information is often announced by the device itself (via DHCP or NetBIOS), or as part of the network infrastructure (via DNS or HTTP host names).

All information is gathered during runtime and shown for each IP address to make it possible to identify the actual system parameters.

Depending on the network setup, the same IP can be assigned to different devices over time. The Allegro Network Multimeter will show as much name information as possible even if such information is outdated. This means that it can occur that a name is displayed for an IP address that actually belongs to a different device. This is not really a problem, since new devices (should) announce their name regularly, which will bring the internal name database up to date again.

Retrieved from "https://allegro-packets.com/wiki/index.php?title=Introduction&oldid=3178"