# 新一代 Ntopng 网络流量监控 > NTOPNG是NTOP的新一代版本,提供以下特性: 多协议网络流量;IPv4/IPv6活跃主机 网络流量监控(RRD存储格式);基于nDPI实现应用协议发现 作为 NetFlow/sFlow 采集器 (Cisco/ Juniper 路由器) ;交换机配合 nProbe. ![](http://riboseyim-qiniu.riboseyim.com/ntop-demo-1.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-demo-2.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-demo-3.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-demo-4.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-demo-5.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-demo-6.jpg) **What ntopng can do for me?** * * Sort network traffic according to many protocols * Show network traffic and IPv4/v6 active hosts * Store on disk persistent traffic statistics in RRD format * Geolocate hosts * Discover application protocols by leveraging on nDPI, ntop’s DPI framework. * Characterise HTTP traffic by leveraging on characterisation services provided by block.si. ntopng comes with a demo characterisation key, but if you need a permanent one, please mail . * Show IP traffic distribution among the various protocols * Analyse IP traffic and sort it according to the source/destination * Display IP Traffic Subnet matrix (who’s talking to who?) * Report IP protocol usage sorted by protocol type * Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks) when used together with nProbe. * Produce HTML5/AJAX network traffic statistics ## Ntopng 架构 ![](http://riboseyim-qiniu.riboseyim.com/ntopng-arch-view.jpg) #### 主要开发语言 C、C++、**Python**、Lua #### 数据采集层 **Libpcap** :网络数据包捕获函数包 **ZeroMQ** 一个C内核及C++编写的核心库libzmq,50余种语言支持的绑定程序(例如Python支持PyZMQ),号称最快的消息库,协议级,目标是成为Linux的一部分。 #### 业务处理层 Monitoring Engine,负责采集数据的规整、压缩、转储。 #### 存储 **Sqlite**:轻型数据库,多语言支持(此处为python) Gdbm:DBM的GNU版本,使用hash存储非结构化数据 **Redis** Redis是一个开源的使用ANSIC语言编写、支持网络、可基于内存亦可持久化的日志型、Key-Value数据库,并提供多种语言的API。Ntopng的Redis数据结构如下: ![](http://riboseyim-qiniu.riboseyim.com/ntop-redis-data.jpg) #### 前端展现层 **RRDtool** 源自MRTG(多路由器流量绘图器)。MRTG是有一个大学连接到互联网链路的使用率的小脚本开始的。MRTG后来被当作绘制其他数据源的工具使用,包括温度、速度、电压、输出量等等。 **Geoip:IP GIS图形** ![](http://riboseyim-qiniu.riboseyim.com/ntopng-geomap.png) #### 其它库 autoconf、automake、pkg-config、libtool(提供通用的库编译支持) Gettext、icu4c:国际化(I18N)和本地化(L10N),多语言支持 **libffi** “FFI” 的全名是 Foreign Function Interface,通常指的是允许以一种语言编写的代码调用另一种语言的代码。而 “Libffi” 库只提供了最底层的、与架构相关的、完整的”FFI”,因此在它之上必须有一层来负责管理两种语言之间参数的格式转换。 Gobject-introspection:(简称 GI)用于产生与解析 C 程序库 API 元信息,以便于动态语言(或托管语言)绑定基于 C + GObject 的程序库 json-glib、json-c、openssl、glib libtasn1:开发 ASN.1 (Abstract Syntax Notation One) 结构管理的 C 库 gmp Nettle:a low-level cryptographic library (加密) Gnutls:(加密) libpng:the official PNG reference library (图形) pixman:像素管理(图形) Cairo:a2Dgraphicslibrarywithsupportformultipleoutputdevices. Freetype:FreeType库是一个完全免费(开源)的、高质量的且可移植的字体引擎,它提供统一的接口来访问多种字体格式文件,包括TrueType,OpenType, Type1, CID,CFF, Windows FON/FNT, X11 PCF等 fontconfig:字体库管理 ### P2P 演示案例 ![](http://riboseyim-qiniu.riboseyim.com/ntop-p2p-1.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-p2p-2.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-p2p-3.jpg) ![](http://riboseyim-qiniu.riboseyim.com/ntop-p2p-4.jpg) 更多精彩内容,请扫码关注公众号:@睿哥杂货铺\ [RSS订阅 RiboseYim](https://riboseyim.github.io?product=ebook\&id=linuxperfmaster) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://riboseyim.gitbook.io/perf/network-ntopng.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.