Real time monitoring of TCP flows
First Claim
1. A method for real time monitoring of at least one TCP flow comprising:
- monitoring TCP packets flowing past a particular point in a TCP network;
determining a flow trace including at least source and destination addresses and source and destination port numbers for each TCP packet;
creating a packet record for each monitored TCP packet within a determined flow trace, the packet record including at least a transmitted sequence number and an actual received sequence number;
determining an expected received sequence number for each packet record from the transmitted sequence number and the expected received sequence number of the previously received packet; and
determining a difference between the expected received sequence number for each packet record and the actual received sequence number for that packet record to thereby determine by how much a particular packet was moved out of sequence.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for real time monitoring of at least one TCP flow involves monitoring TCP packets flowing past a particular point in a TCP network. A flow trace including at least source and destination addresses for each TCP packet is determined and a packet record for each monitored TCP packet within a determined flow trace is created. Each of the packet records includes at least a transmitted order number and an actual received sequence number, from which an expected received sequence number for each packet record is determined and stored in the packet record. The difference between the expected received sequence number for each packet record and the expected received sequence number for the previous packet record is used to thereby determine by how much a particular packet was moved out of sequence.
49 Citations
17 Claims
-
1. A method for real time monitoring of at least one TCP flow comprising:
-
monitoring TCP packets flowing past a particular point in a TCP network;
determining a flow trace including at least source and destination addresses and source and destination port numbers for each TCP packet;
creating a packet record for each monitored TCP packet within a determined flow trace, the packet record including at least a transmitted sequence number and an actual received sequence number;
determining an expected received sequence number for each packet record from the transmitted sequence number and the expected received sequence number of the previously received packet; and
determining a difference between the expected received sequence number for each packet record and the actual received sequence number for that packet record to thereby determine by how much a particular packet was moved out of sequence. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification