To capture packet data you need, you should connect nChronos Server to the correct networking devices. The correct devices are the network devices that have ALL traffic you want to monitor such as switches with port mirroring function, and they are able to send a copy of each packet to the server’s NIC. nChronos server will automatically set the server’s NICs into promiscuous mode so that all traffic gets to the server’s network interface card will be captured.
Generally the correct devices include, managed switches, hubs and TAPs. A managed switch is the perfect choice that you can use its port mirroring/SPAN function to copy the packets traveling through down to a monitor port so that you can use nChronos server program to get those packet copies. This function is called Port Mirroring (Cisco calls it SPAN). For more details about port mirroring, please read Switch Management on our website. The figure below shows where to deploy nChronos server and console on a managed switch.
If a managed switch is unavailable in the network, you may use a hub or network TAP to get network traffic. Note that a hub can only process 100 Mbps of traffic, and it’s not a good choice for modern networks. But if the network traffic is small, a hub is also an economy choice. The figure below shows how to use a hub to capture network traffic and how to connect console and server.
Besides using a hub to capture traffic from a small network, a network tap is a more wise choice to be used to capture traffic from a heavily utilized cable. A network tap is acting the port mirroring function of a managed switch, which is able to make a copy of each packet and send it to your server. For example, you can put a network tap between a switch and a router, and you can get all traffic, inbound and outbound, between them. If you are planning to monitor traffic of a heavily utilized uplink, a network tap is suggested other than using port mirroring. The figure below shows how to deploy a network tap for packet monitoring, and how to connect up console and server.
| Back |