TCP attribute/error monitoring solutions

To: <debian-isp@lists.debian.org>
Subject: TCP attribute/error monitoring solutions
From: "Matthew Ploessel" <matthew@ploessel.com>
Date: Sat, 1 May 2004 03:07:59 -0700
Message-id: <[🔎] 005701c42f64$2eb0a4a0$6602a8c0@laptop>
In-reply-to: <014001c42ee3$19683490$a301a8c0@Farsight.local>

Debian-ISP Group,

 I operate an ISP and make it my main focus to operate a network with
stable and reliable connectivity. I've looked/tested several network
monitoring packages but am coming up dry for great solutions. I am
seeking a reliable method of passively monitoring my network (via
span-port or similar) to watch bidirectional TCP session traffic
attributes such as; response time, retransmits, unsuccessful handshakes,
and unusual window-size decreases, inconstant TTLs, session drops,
unanswered requests, etc. 

Monitoring these type of attributes gives a reliable metric for what
peers/ASNs/transit paths/end points/etc are having specific problems
opposed to the unreliable ping response and daemon monitoring techniques
commonly used in the industry.

Does anyone have any comments/experience/recommendations regarding a
solution to polling this type of data, and a displaying it in a central
presentation interface (similar to what
ntop/openview/concord/ciscoworks have). My only request is that the
software is open source, displays tcp attrib's per ASN/network or
similar, and runs on debian :p

So far the best resource I've found for this subject is the tools listed
at http://www.caida.org/tools/ but I'm not completely satisfied with
what I've found.

Thanks for your assistance in advance,

-Matt

Reply to:

Next by Date: Please help me get to Internet on Debian
Next by thread: Please help me get to Internet on Debian
Index(es):
- Date
- Thread