Accurate real-time monitoring of bottlenecks and performance of packet trace collection

Collection of packet traces for future analysis is a very meticulous work that must guarantee accurate traces in order for these traces to be valuable for analysis. Current platforms do not provide a means to measure this accuracy. This paper describes a real-time monitoring method to measure the quality of a collected trace. The method takes a system architecture approach monitoring different points of the system to account for all potential drops of the packet journey. A set of metadata is stored in metatraces to be analyzed together with the trace after the capturing. The primary information is taken from standard Ethernet counters which are available in all commodity hardware and therefore performs very well without expensive specific hardware. The paper presents the evaluation of the real-time monitoring method concluding that the processing overhead does not produce significant performance degradation and that it improves packet loss detection up to orders of magnitude depending on different scenarios.