Configuration of rules in a network visibility system
First Claim
1. A method of configuring rules in a network visibility system, said method comprising:
- maintaining, at a network device, a default rules table, which specifies a default allocation of IP addresses to output ports;
receiving, at the network device, control information containing, for a tunnel, an endpoint IP address of a control session and an endpoint IP address of a data session;
determining, at the network device, whether the endpoint IP address of said control session and the endpoint IP address of said data session in said default rules table are allocated to a same output port of the network device; and
if the endpoint IP address of said control session and the endpoint IP address of said data session are not allocated to the same output port of the network device, configuring, at the network device, a dynamic rule in a dynamic rules table to force packets of both said control session and said data session to be forwarded to the same output port of the network device.
6 Assignments
0 Petitions
Accused Products
Abstract
Aspects of the present disclosure enable a router controller to maintain a default rules table indicating allocation of IP addresses (of GTP packets) to respective output ports. In an embodiment, the router controller receives information indicating the respective tunnel endpoint IP addresses of a control session and a data session of a user. The router controller is configured to determine whether such IP addresses of the control session and the data session(s) are allocated to the same output port. If the IP addresses of the control session and the data session are not allocated to the same output port, router controller is configured to generate a dynamic rule to force packets of both the control session and the data session to the same output port.
-
Citations
20 Claims
-
1. A method of configuring rules in a network visibility system, said method comprising:
-
maintaining, at a network device, a default rules table, which specifies a default allocation of IP addresses to output ports; receiving, at the network device, control information containing, for a tunnel, an endpoint IP address of a control session and an endpoint IP address of a data session; determining, at the network device, whether the endpoint IP address of said control session and the endpoint IP address of said data session in said default rules table are allocated to a same output port of the network device; and if the endpoint IP address of said control session and the endpoint IP address of said data session are not allocated to the same output port of the network device, configuring, at the network device, a dynamic rule in a dynamic rules table to force packets of both said control session and said data session to be forwarded to the same output port of the network device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory machine readable medium storing one or more sequences of instructions for enabling a network visibility system to configure rules, wherein execution of said one or more instructions by one or more processors contained in said network visibility system enables said network visibility system to perform the actions of:
-
maintaining, at a network device, a default rules table, which specifies the default allocation of IP addresses to output ports; receiving, at the network device, control information containing, for a tunnel, an endpoint IP address of a control session and an endpoint IP address of a data session; determining, at the network device, whether the endpoint IP address of said control session and the endpoint IP address of said data session in said default rules table are allocated to a same output port of the network device; and if the endpoint IP address of said control session and the endpoint IP address of said data session are not allocated to the same output port of the network device, configuring, at the network device, a dynamic rule in a dynamic rules table to force packets of both said control session and said data session to be forwarded to the same output port of the network device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A network visibility system comprising:
-
a network device with a processing block and a memory, said memory to store instructions which when retrieved and executed by said processing block causes said network visibility system to perform the actions of; maintaining a default rules table, which specifies the default allocation of IP addresses to output ports; receiving control information containing, for a tunnel, an endpoint IP address of a control session and an endpoint IP address of a data session; determining whether the endpoint IP address of said control session and the endpoint IP address of said data session in said default rules table are allocated to a same output port of the network device; and if the endpoint IP address of said control session and the endpoint IP address of said data session are not allocated to the same output port of the network device, configuring, at the network device, a dynamic rule in a dynamic rules table to force packets of both said control session and said data session to be forwarded to the same output port of the network device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification