NEIGHBOR DISCOVERY PROXY WITH DISTRIBUTED PACKET INSPECTION SCHEME

US 20080298277A1
Filed: 08/15/2008
Published: 12/04/2008
Est. Priority Date: 05/25/2004
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a network component containing circuitry configured to;

receive a packet encapsulated with a plurality of protocol layers;

inspect the received packet to determine whether the received packet is a neighbor discovery message, wherein a first inner layer of the protocol layers is analyzed during the inspection;

if the received packet is a neighbor discovery message according to the inspection, modify an attribute of a second layer according to a distributed inspection scheme between the network component and a remote routing device, wherein the second modified layer is an outer layer with respect to the first inner layer, wherein the second modified layer encapsulates the first analyzed layer; and

forward the packet having the modified attribute.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network device is to receive traffic including neighbor discovery messages from requesting customer devices, and can detect the neighbor discovery messages within the traffic according to a distributed inspection scheme that includes the network device and a remote component. The network device is to then examine the neighbor discovery messages to determine if the neighbor discovery message should be forwarded to other of the customer devices, and respond to the requesting customer devices.

104 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a network component containing circuitry configured to;
  
  receive a packet encapsulated with a plurality of protocol layers;
  
  inspect the received packet to determine whether the received packet is a neighbor discovery message, wherein a first inner layer of the protocol layers is analyzed during the inspection;
  
  if the received packet is a neighbor discovery message according to the inspection, modify an attribute of a second layer according to a distributed inspection scheme between the network component and a remote routing device, wherein the second modified layer is an outer layer with respect to the first inner layer, wherein the second modified layer encapsulates the first analyzed layer; and
  
  forward the packet having the modified attribute.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1 wherein the circuitry is further configured to:
    - identify a bit value in a type field of the second layer, the bit value identifying a protocol used to format data containing in the packet; and
      
      change the bit value independently of any modification to the formatting of the data.
  - 3. The system of claim 1 wherein the second layer is an Ethernet layer and the circuitry is configured to modify an Ethertype setting without modifying the data following the Ethertype field.
  - 4. The system of claim 1 further comprising a routing device, wherein the routing device contains circuitry configured to:
    - receive the forwarded packet; and
      
      perform fast packet inspection on the forwarded packet to observe that the forwarded packet contains a neighbor discovery message, wherein said fast packet inspection utilizes the modified attribute and consumes fewer processing resources than the inspection by the network component.
  - 5. The system of claim 4 wherein the routing device circuitry is configured to determine whether to filter the neighbor discovery message according to a destination of the neighbor discovery message.
  - 6. The system of claim 1 wherein the inspection and modification by the network component offloads packet inspection from an access router.
  - 7. The system of claim 6 wherein the network component is a cable modem and the access router is a Cable Modem Termination System (CMTS), wherein the cable modem is configured to perform an initial inspection of the packet and the CMTS performs a fast subsequent inspection based on the initial packet inspection by the cable modem.
  - 8. The system of claim 1 wherein the network component performs the modification prior to the network component modulating the received packet for transmission on a cable network.

9. A Cable Modem Termination System (CMTS), comprising circuitry configured to:
- exchange traffic between a cable network and another network;
  
  identify an upstream portion of the traffic that is received over the cable network;
  
  inspect a layer two portion of packets included in the identified traffic portion, said inspection to identify ones of the packets containing a predefined bit value in their respective layer two portion; and
  
  filter the identified packets according to an address comparison.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The CMTS of claim 9 wherein identified packets contain IPv6 packets encapsulated in an Ethernet frame, and the bit value contained in the Ethertype field of the Ethernet frame is different than the standard bit value for indicating IPv6 packets.
  - 11. The CMTS of claim 9 wherein the circuitry is further configured to format unfiltered ones of the identified packets for forwarding, wherein the formatted packets for forwarding encapsulate the same IP packet as their corresponding received packets but a different Ethertype bit value than their corresponding received packets.
  - 12. The CMTS of claim 11 wherein the pre-negotiated bit value is a non-standard Ethertype field value.
  - 13. The CMTS of claim 9 wherein the formatting of the forwarded packets provides containment of the non-standard Ethertype field value within an upstream path of the cable network.

14. A method, comprising:
- inspecting, at a first device, a first layer of a packet, the first layer encapsulated in a second different layer;
  
  according to whether the inspection indicates that the packet is a neighbor discovery packet, modifying information contained in the second different layer of the packet to indicate a result of the inspection; and
  
  forwarding the packet having the modified information from the first device, over a network, to a second device.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, further comprising:
    - subsequently inspecting the second layer at the second device, the subsequent inspection to observe the modified information; and
      
      responsive to observation of the modified information, determine whether to forward the packet from the second device to an indicated destination.
  - 16. The method of claim 15 wherein the subsequent inspection to observe the modified information analyzes a subset of data analyzed during the previous inspection.
  - 17. The method of claim 14 wherein the modified information is contained within an Ethertype field of the packet.
  - 18. The method of claim 14 wherein the packet contains an IPv6 packet in a payload of the Ethernet frame and the modified information does not match a standard bit value for indicating an IPv6 packet.
  - 19. The method of claim 14, further comprising:
    - identifying an address included in the packet;
      
      comparing the identified address to a list containing addressing information for cable modems;
      
      determining whether the list includes a stored address corresponding to the identified address according to the comparison; and
      
      preventing the packet from being forwarded according to the determination such that the packet is not forwarded if the stored address is present in the list.
  - 20. The method of claim 19 further comprising responding to a source of the packet if the packet is prevented from being forwarded.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Sudan, Madhu, Beebee, William, SINGH, Hemant, Littelfield, Joshua

Granted Patent

US 8,102,854 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/255
CPC Class Codes

H04L 12/2801   Broadband local area networks

H04L 12/66   Arrangements for connecting...

H04L 45/00   Routing or path finding of ...

NEIGHBOR DISCOVERY PROXY WITH DISTRIBUTED PACKET INSPECTION SCHEME

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

104 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

NEIGHBOR DISCOVERY PROXY WITH DISTRIBUTED PACKET INSPECTION SCHEME

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

104 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links