Architecture

Linknesis follows an API-first design. Web traffic and Probe traffic are handled on separate channels for security and performance.

Core components

The Core is deployed as a multi-container stack:

  • linknesis-nginx — TLS termination and static file serving on port 443.
  • linknesis-core — Zig backend. Serves REST API on an internal port and accepts WebSocket connections from Probes on port 4443.
  • linknesis-db — MongoDB with time-series collections for test results.
  • linknesis-webhook-sender — polls queued webhook events and dispatches them.
  • linknesis-certbot — manages Let's Encrypt certificates.

Probe channel

Probes connect directly to the Core over WSS on port 4443. The Core implements TLS 1.3 with ECDHE and uses a pre-shared key (PSK) derived from the certificate fingerprint for initial handshake authorization.

Web channel

Operators access the GUI through Nginx on port 443. Nginx proxies API requests to the Core's internal API port. Static assets are served directly by Nginx.

Data flow

Test definitions are stored in MongoDB. The Core sends commands to Probes over WebSocket. Probes stream results back, which the Core expands and stores in time-series collections. Webhooks and AI analysis run asynchronously against the stored data.

© Linknesis. Documentation for the Linknesis network monitoring platform.