Would availability statistics be accurate even though my Traffic Diagnostics show high Two-way loss (TWL), and Sequence number gap (SNG) rates? As some here might know (if you have read my latest postings) we are experiencing multiple issues with DCRUM and the above errors. Some other issues - duplicates, unidirectional traffic, drops, etc. - have been mitigated through working with our switch and network packet broker partners. However, we might not be able to resolve the last two errors - TWL and SNG - because of our NetSec team configuring the firewalls with TCP sequence number randomization. Due to how our network is laid out for our customers and their different tiers, it is a requirement to capture on both sides of all firewalls.; and adding a second AMD is not an option at this time.
Long opening, but here are my questions.
Would the availability metrics be accurate even though these errors exist?
What other metrics would be accurate even though these errors exist?
I would like to implement alerting based on availability, and any other metrics. We have seen zero ROI on DCRUM, and my management is reviewing other solutions.
If you need other information to answer this, don't hesitate to ask.
Thanks and God bless,
Shortly put, it a risky business.
Measurement like server response time or transaction errors will be correct - for those transactions that will be measured. But not all will be measured, due to noise.
Measurements of connection refusal will be measured (where TCP RST has been sent by server) - but again, not all case because some packets may be lost.
Measurements of whole transaction response time may be skewed, transaction size may be affected.
Traffic breakdown per different applications may be OK, as the noise would be affecting each app equally. Applications will be recognized etc, but all measurements that rely on TCP flow analysis would be questionable if analyzed flow copies (delivered via SPAN) are garbled. Please note that this applies to any probe-based solution, Dynatrace or not. Garbage in, garbage out, this affects everyone equally.
Overall - it would be hard to implement a reliable network sniffing based solution without clean wire data sources.
Did you try to contact your packet broker vendor for help? They have intimate knowledge on this kind of challenging cases.