How to isolate internet traffic from LAN traffic

I'm looking for a software which allows me to view internet traffic in real-time. On my search I came across NetGenius and NetWorx:

• NetGenius: After installing the software, all my traffic (LAN and internet) gets capped around 170 MBit/s while at the same time NetGenius is at 100% CPU load.
  
  1 GBit/s LANs have been around for like 20 years, how can a software which (according to its changelog) was just created 2 years ago have such a horrible performance? This has to be some bad joke.
• Networx: Traffic monitoring doesn't seem to affect the network speed below 1 GBit/s. I can't test it in a 10 GBit/s LAN at the moment.
  
  The CPU utilization is negligible, but I can't get correct speed readings:
  
  
  • If I tell Networx to monitor my Ethernet adapter, it will capture and count all traffic (both local and internet)
  • If I tell Networx to ignore LAN traffic, it will automatically select to monitor "All Adapters" and gray out the setting.
    
    While this will count normal internet traffic correctly, it will count all traffic to VPN networks twice (one time the traffic on the virtual VPN adapter and one time on the physical Ethernet adapter).
    
    I already tried to include/exclude the remote VPN IP range in/from the local addresses and VPN traffic was always counted twice.

How can I use either NetGenius or NetWorx to monitor only the internet traffic (= normal internet + remote VPN) in real-time without a massive performance loss? (I don''t need application-specific traffic reports or long term statistics collections)

It's odd that NetGenius caps your connection. In our tests on a gigabit connection there was no speed drop and very little CPU usage. It is however important to understand that there are two processing modes in NetGenius:

1. Read-only mode. This is active when you don't block any apps, don't change their priorities and don't assign speed limits on them. In this mode the software passively monitors all network traffic and everything runs at full speed.
2. Capture-process-transmit mode. This is active if an app is blocked, prioritised or has a speed limit set on it. In this mode the software must intercept all network traffic, process and queue it and then transmit further. This requires CPU power and adds latency, which may reduce the maximum speed.

Either processing mode is selected automatically depending on how apps are configured in NetGenius. If all apps are unrestricted the software runs in mode 1. If any app is restricted it will switch to mode 2.

Now regarding your question about separating LAN traffic from Internet traffic and excluding VPN. VPN clients usually work by capturing network connections on your computer and tunnelling them. The traffic is captured at the same level in the OS as both NetWorx and NetGenius use. This may result in doubled readings when some app sends data, because the data is intercepted by the VPN client and then sent again. Our software can't distinguish that, so unfortunately neither tool will help you achieve what you want.

• NetGenius: I just installed the software, I didn't change any settings. I looked again but unless there are some restrictions applied automatically it should run in read-only mode.
• Networx: I think it would help if I could select a network interface to monitor and enable "ignore LAN traffic" at the same time. One other software I'm currently testing (DU Meter) allows this and counts the correct amount of traffic if I unselect the VPN network adapter in the settings.

The reason why NetWorx disables the choice of a network interface is that it captures network traffic at a higher level (WFP/TDI) in the system whereas the concept of network interfaces only exists at a lower level (NDIS). This is a design decision that unfortunately makes the application unsuitable for your scenario.

DU Meter most likely operates at the lower level, so it can capture network interface information. If DU Meter works for you, great - you can simply go with it.