Detecting and preventing network loops

US 10,491,508 B2
Filed: 09/17/2018
Issued: 11/26/2019
Est. Priority Date: 07/21/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets;

first determining a first number of packets received through the port by a hardware element on the network device;

second determining a second number of packets received through the port and dropped by the hardware element on the port;

third determining a third number of control packets received through the port by a CPU process on the network device;

fourth determining whether the third number>

(first number−

second number);

fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and

correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and computer-readable storage media for detecting network loops. A system can identify, for each virtual tunnel endpoint (VTEP) from multiple VTEPs in a network, respective media access control address data including the respective local interface media access control addresses of the respective VTEP and respective media access control addresses learned by the respective VTEP. The system can determine whether the VTEPs are running spanning tree protocol (STP), and whether a media access control address learned by a first VTEP matches a respective local interface media access control address of a second VTEP. The system can detect a loop when the media access control address learned by the first VTEP matches the respective local interface media access control address of the second VTEP. The system can also detect a loop when the VTEPs are running STP and the first and second VTEPs see the same STP root bridge.

Citations

20 Claims

1. A computer-implemented method comprising:
- identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets;
  
  first determining a first number of packets received through the port by a hardware element on the network device;
  
  second determining a second number of packets received through the port and dropped by the hardware element on the port;
  
  third determining a third number of control packets received through the port by a CPU process on the network device;
  
  fourth determining whether the third number>
  
  (first number−
  
  second number);
  
  fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and
  
  correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-implemented method of claim 1, wherein the control packets comprise at least one bridge protocol data unit (BPDU) packet.
  - 3. The computer-implemented method of claim 1, wherein the control packets comprise at least one link aggregation control protocol (LACP) packets.
  - 4. The computer-implemented method of claim 1, wherein the control packets comprise at least one link layer discovery protocol (LLDP) packet and/or at least one cisco discovery protocol (CDP) packet.
  - 5. The computer-implemented method of claim 1, wherein the port is one of an access port or a trunk port, wherein all virtual local area networks (VLANs) configured on the trunk port are marked as blocked.
  - 6. The computer-implemented method of claim 1, wherein the first number of packets transmitted comprises a rate of packets transmitted, and wherein the second number of packets transmitted comprise a rate of control packets received.
  - 7. The computer-implemented method of claim 1, wherein the one or more types of packets comprises all packets excluding the control packets, wherein the hardware element comprises an application specific integrated circuit.

8. A network device comprising:
- one or more processors; and
  
  a computer-readable storage medium having stored therein instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising;
  
  identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets;
  
  first determining a first number of packets received through the port by a hardware element on the network device;
  
  second determining a second number of packets received through the port and dropped by the hardware element on the port;
  
  third determining a third number of control packets received through the port by a CPU process on the network device;
  
  fourth determining whether the third number>
  
  (first number−
  
  second number);
  
  fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and
  
  correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The device of claim 8, wherein the control packets comprise at least one bridge protocol data unit (BPDU) packet.
  - 10. The device of claim 8, wherein the control packets comprise at least one link aggregation control protocol (LACP) packets.
  - 11. The device of claim 8, wherein the control packets comprise at least one link layer discovery protocol (LLDP) packet and/or at least one cisco discovery protocol (CDP) packet.
  - 12. The device of claim 8, wherein the port is one of an access port or a trunk port, wherein all virtual local area networks (VLANs) configured on the trunk port are marked as blocked.
  - 13. The device of claim 8, wherein the first number of packets transmitted comprises a rate of packets transmitted, and wherein the second number of packets transmitted comprise a rate of control packets received.
  - 14. The device of claim 8, wherein the one or more types of packets comprises all packets excluding the control packets, wherein the hardware element comprises an application specific integrated circuit.

15. A non-transitory computer-readable storage media having stored therein instructions which, when executed by a processor, cause the processor to perform operations comprising:
- identifying a port, on a network device, that is in a blocking state, the blocking state for dropping one or more types of packets and preventing the port from forwarding the one or more types of packets;
  
  first determining a first number of packets received through the port by a hardware element on the network device;
  
  second determining a second number of packets received through the port and dropped by the hardware element on the port;
  
  third determining a third number of control packets received through the port by a CPU process on the network device;
  
  fourth determining whether the third number>
  
  (first number−
  
  second number);
  
  fifth determining that the blocking state has failed to prevent the port from forwarding the one or more types of packets in response to a positive result of the fourth determining; and
  
  correcting, in response to a positive outcome of the fifth determining, the failed blocking state by disabling the port, setting the port to a state that allows some traffic to pass while preventing other traffic from passing, and/or re-configuring one or more links of the port.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The media of claim 15, wherein the control packets comprise at least one bridge protocol data unit (BPDU) packet.
  - 17. The media of claim 15, wherein the control packets comprise at least one link aggregation control protocol (LACP) packets.
  - 18. The media of claim 15, wherein the control packets comprise at least one link layer discovery protocol (LLDP) packet and/or at least one cisco discovery protocol (CDP) packet.
  - 19. The media of claim 15, wherein the port is one of an access port or a trunk port, wherein all virtual local area networks (VLANs) configured on the trunk port are marked as blocked.
  - 20. The media of claim 15, wherein the first number of packets transmitted comprises a rate of packets transmitted, and wherein the second number of packets transmitted comprise a rate of control packets received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Manthiramoorthy, Natarajan, Srinivasan, Venkatesh, Narayanan, Swaminathan, Mehta, Ambrish Niranjan, Singh, Anand Kumar, Chodey, Anulekha
Primary Examiner(s)
Roberts, Brian S
Assistant Examiner(s)
Haque, Abusayeed M

Application Number

US16/133,439
Publication Number

US 20190020575A1
Time in Patent Office

435 Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/437   Ring fault isolation or rec...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 43/08   Monitoring or testing based...

H04L 43/20   the monitoring system or th...

H04L 45/18   Loop-free operations

H04L 45/28   using route fault recovery

H04L 45/32   Flooding denial of service ...

H04L 45/48   Routing tree calculation

H04L 45/488   using root node determination

H04L 47/20   Traffic policing

H04L 49/354   for supporting virtual loca...

H04L 5/0012   Hopping in multicarrier sys...

H04L 69/324   in the data link layer [OSI...

Y02D 30/00   Reducing energy consumption...

Detecting and preventing network loops

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Detecting and preventing network loops

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links