TCP attribute/error monitoring solutions
I operate an ISP and make it my main focus to operate a network with
stable and reliable connectivity. I've looked/tested several network
monitoring packages but am coming up dry for great solutions. I am
seeking a reliable method of passively monitoring my network (via
span-port or similar) to watch bidirectional TCP session traffic
attributes such as; response time, retransmits, unsuccessful handshakes,
and unusual window-size decreases, inconstant TTLs, session drops,
unanswered requests, etc.
Monitoring these type of attributes gives a reliable metric for what
peers/ASNs/transit paths/end points/etc are having specific problems
opposed to the unreliable ping response and daemon monitoring techniques
commonly used in the industry.
Does anyone have any comments/experience/recommendations regarding a
solution to polling this type of data, and a displaying it in a central
presentation interface (similar to what
ntop/openview/concord/ciscoworks have). My only request is that the
software is open source, displays tcp attrib's per ASN/network or
similar, and runs on debian :p
So far the best resource I've found for this subject is the tools listed
at http://www.caida.org/tools/ but I'm not completely satisfied with
what I've found.
Thanks for your assistance in advance,