Automatic Network Topology Detection and Modeling

US 20120275311A1
Filed: 04/29/2011
Published: 11/01/2012
Est. Priority Date: 04/29/2011
Status: Abandoned Application

First Claim

Patent Images

1. A network monitoring system comprising:

one or more monitoring probes coupled to network interfaces, the probes capable of capturing data packets from the network interfaces,the monitoring probes further comprising one or more topology analyzers capable of receiving the captured data packets and comparing the captured data packets to a known network element list, the topology analyzers capable of identifying new network elements that are not on the known network element list,the monitoring probes further comprising a probe topology agent capable of receiving data from the topology analyzers regarding the new network elements and resolving overlapping detections of a same new network element from different topology analyzers; and

a monitoring system server coupled to one or more probes,the monitoring system comprising a server topology agent coupled to probe topology agents on the one or more probes, the server topology agent capable of receiving data from the probe topology agents regarding the new network elements and resolving overlapping detections of the same new network element from different probe topology agents,the monitoring system server further comprising a topology maintenance agent capable of maintaining current network topology information, the topology maintenance agent capable of providing updated network element lists to the probe topology analyzers.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for identifying the topology of a network is disclosed. One or more monitoring probes capture data packets from network interfaces. Network elements, such as physical ports, physical links, network nodes, logical links, and SCTP associations, are identified from the captured data packets. A data model is created for storing the network elements, including the physical ports, physical links, network nodes, logical links, and SCTP associations. The data model also stores associations between the network elements. The monitoring probes pass network element data to a monitoring server. A topology agent in each monitoring probe identifies duplicates of previously detected network elements within the probe. A topology agent in the monitoring system server identifies duplicates of previously detected network elements within the monitoring system server.

Citations

18 Claims

1. A network monitoring system comprising:
- one or more monitoring probes coupled to network interfaces, the probes capable of capturing data packets from the network interfaces,the monitoring probes further comprising one or more topology analyzers capable of receiving the captured data packets and comparing the captured data packets to a known network element list, the topology analyzers capable of identifying new network elements that are not on the known network element list,the monitoring probes further comprising a probe topology agent capable of receiving data from the topology analyzers regarding the new network elements and resolving overlapping detections of a same new network element from different topology analyzers; and
  
  a monitoring system server coupled to one or more probes,the monitoring system comprising a server topology agent coupled to probe topology agents on the one or more probes, the server topology agent capable of receiving data from the probe topology agents regarding the new network elements and resolving overlapping detections of the same new network element from different probe topology agents,the monitoring system server further comprising a topology maintenance agent capable of maintaining current network topology information, the topology maintenance agent capable of providing updated network element lists to the probe topology analyzers.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The network monitoring system of claim 1, wherein the known network element list comprises physical ports in the network.
  - 3. The network monitoring system of claim 1, wherein the known network element list comprises physical links in the network.
  - 4. The network monitoring system of claim 1, wherein the known network element list comprises network nodes in the network.
  - 5. The network monitoring system of claim 1, wherein the known network element list comprises logical links in the network.
  - 6. The network monitoring system of claim 1, further comprising:
    - one or more SCTP tracking modules capable of receiving the captured data packets and comparing the captured data packets to a known SCTP association list, the SCTP tracking modules capable of identifying new SCTP associations that are not on the known SCTP association list.

7. A computer-readable storage medium comprising instructions for controlling a monitoring system to identify a network topology based upon data packets captured from network interfaces, wherein the instructions, when executed, cause a processor to perform actions comprising:
- receiving data packets from a plurality of monitoring probes;
  
  identifying network elements associated with the data packets; and
  
  determining whether the network elements were already identified and are in a list of known network elements.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The computer-readable storage medium of claim 7, wherein the network elements comprise physical ports in a communication network.
  - 9. The computer-readable storage medium of claim 7, wherein the network elements comprise physical links in a communication network.
  - 10. The computer-readable storage medium of claim 7, wherein the network elements comprise network nodes in a communication network.
  - 11. The computer-readable storage medium of claim 7, wherein the instructions, when executed, further cause a processor to perform actions comprising:
    - storing the network elements in a data model adapted for mapping a network topology, the data model comprising one or more physical ports, the data model further comprising one or more physical links wherein each physical link is associated with one or more of the physical ports, the data model further comprising network nodes wherein each network node may be associated with a physical link.
  - 12. The computer-readable storage medium of claim 7, wherein the instructions, when executed, further cause a processor to perform actions comprising:
    - identifying logical links within a communications network, the logical links associated with two or more network nodes.
  - 13. The computer-readable storage medium of claim 12, wherein the instructions, when executed, further cause a processor to perform actions comprising:
    - identifying SCTP associations within a communications network, the SCTP associations paired with a logical link.

14. A method for identifying the topology of a network, comprising:
- capturing, via one or more monitoring probes, data packets from network interfaces;
  
  identifying one or more physical ports in the network from the data packets;
  
  storing data for each physical port in a topology data model;
  
  identifying one or more physical links in the network from the data packets;
  
  storing data for each physical link in the topology data model, each physical link associated with one or more physical ports in the topology data model;
  
  identifying one or more network nodes in the network from the data packets;
  
  storing data for each network node in the topology data model, wherein one or more of the network nodes are associated with one or more physical links in the topology data model;
  
  identifying one or more logical links in the network from the data packets;
  
  storing data for each logical link in the topology data model, wherein one or more of the logical links are associated with two or more network nodes in the topology data model;
  
  identifying one or more SCTP associations in the network from the data packets; and
  
  storing data for each SCTP association in the topology data model, wherein one or more of the SCTP associations are paired with one of the logical links in the topology data model.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The method of claim 14, further comprising:
    - associating each physical port with a particular monitoring probe, wherein multiple physical ports may be associated with a same monitoring probe.
  - 16. The method of claim 14, further comprising:
    - identifying two or more physical links as a physical link group.
  - 17. The method of claim 14, further comprising:
    - identifying two or more network nodes as a network node group.
  - 18. The method of claim 14, further comprising:
    - identifying two or more logical links as a logical link group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tektronix Incorporated (Fortive Corp.)
Original Assignee
Tektronix Incorporated (Fortive Corp.)
Inventors
Ivershen, Aleksey G., Han, Sanchu, Pipkin, Ryan Lee

Application Number

US13/098,135
Publication Number

US 20120275311A1
Time in Patent Office

Days
Field of Search
US Class Current

370/241
CPC Class Codes

H04L 41/046   comprising network manageme...

H04L 41/12   Discovery or management of ...

H04L 43/12   Network monitoring probes

Automatic Network Topology Detection and Modeling

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Automatic Network Topology Detection and Modeling

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links