Network monitoring device and system

US 5,315,580 A
Filed: 08/26/1991
Issued: 05/24/1994
Est. Priority Date: 09/28/1990
Status: Expired due to Term

First Claim

Patent Images

1. A network monitoring device for monitoring the activity on a network carrying message packets of a predetermined type, the monitoring device comprising:

a receive means for detecting substantially all message packets carried on the network,a sampling means operatively interfaced with the receive means for selecting only some of the message packets received by the receive means, selection being based on the number of message packets detected by the receive means; and

a processing means interfaced with the receive means and the sampling means for collecting data related to only the message packets so selected by the sampling means.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The network monitoring device is provided for monitoring the activity on a network carrying message packets each of which contains source and destination addresses. The monitoring device includes a network interface for sending and receiving message packets carried on the network, and a processor for collecting and processing data from the packets received by the network interface. In order to minimize processor memory requirements for the monitoring device, only randomly selected packets detected by the network interface are processed by the processor of the device. Preferably, the monitoring device is further simplified by providing a central measurement station to analyze data collected from the randomly sampled packets. As a result, the only processing required to be done by the monitoring device is the construction of collected-data packets for transmission to the central measurement station. A network monitoring system can advantageously be provided by using a number of such monitoring devices each associated with a respective logical segment of the network and each forwarding collected-data packets to a central measurement station.

241 Citations

22 Claims

1. A network monitoring device for monitoring the activity on a network carrying message packets of a predetermined type, the monitoring device comprising:
- a receive means for detecting substantially all message packets carried on the network,a sampling means operatively interfaced with the receive means for selecting only some of the message packets received by the receive means, selection being based on the number of message packets detected by the receive means; and
  
  a processing means interfaced with the receive means and the sampling means for collecting data related to only the message packets so selected by the sampling means.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The device according to claim 1, wherein each message packet comprises at least one data item providing information related to the message packet, the processing means being operative to collect at least one of the data items from at least one message packet so selected thereby forming collected-data packets, the monitoring device further comprising:
    - a transmit means coupled to the processing means, the transmit means being operative to transmit message packets over the network; and
      
      the processing means being operative to cause the transmit means to transmit each of the collected-data packets so formed over the network, the data items of at least one collected-date packet so transmitted being analyzed remote from the network monitoring device to determine at least one statistical characteristic of the network.
  - 3. The device according to claim 2, wherein each message packet contains a source and a destination address, and wherein the data items collected and formed into collected data packets by the processing means are the source and destination addresses of each message packet selected by the sampling means.
  - 4. The device according to claim 1, wherein the sampling means effects the selection of message packets in a statistically random manner.
  - 5. The device according to claim 4, wherein each message packet comprises at least one data item providing information related to the message packet, the processing means being operative to collect at least one of the data items from at least one message packet so selected thereby forming collected-data packets, the monitoring device further comprising:
    - a transmit means coupled to the processing means, the transmit means being operative to transmit message packets over the network; and
      
      the processing means being operative to cause the transmit means to transmit each of the collected-data packets so formed over the network, the data items of at least one collected-data packet so transmitted being analyzed remote from the network monitoring device to determine a statistical characteristic of the network.
  - 6. The device according to claim 2 or claim 5, further comprising:
    - a counter means for maintaining a running count of at least one of the following;
      
      a) a total number of message packets detected by the receive means,b) a total number of message packets detected by the receive means having an error,c) a total number of message packets detected by the receive means having lengths greater than an acceptable maximum message length and having lengths less than an acceptable minimum message length; and
      
      the processing means being operative to incorporate each running count so maintained in the collected-data packets.
  - 7. A network monitoring system operative to monitor the activity on a network carrying message packets of a predetermined type, the monitoring system comprising:
    - at least one network monitoring device according to claim 5, wherein the receive means of the monitoring device is connected to the network; and
      
      a measurement station connected to the network operable to receive the collected-data packets from the transmit means of each network monitoring device connected to the network and to extract and process the data items received by the measurement station.
  - 8. The system according to claim 7, wherein the measurement station is operative to construct traffic matrices from the data items incorporated in the collected-data packets received by the measurement station.
  - 9. The system according to claim 8, wherein the measurement station is connected to the same network as the plurality of monitoring devices, the transmit means of each monitoring device being operative to transmit the collected-data packets on the same network.
  - 10. The system according to claim 7, wherein the network to be monitored includes at least one routing means separating the network into a plurality of logical segments and serving to restrict unnecessary packet flow between the segments, the monitoring system further comprising a plurality of the network monitoring devices, the receive means of each of the plurality of network monitoring devices being connected to at least one segment of the network.
  - 11. The system according to claim 10, wherein the measurement station is connected to the same network as the plurality of monitoring devices, the transmit means of each monitoring device being operative to transmit the collected-data packets on the same network.
  - 12. The system according to claim 7, wherein the measurement station is connected to the same network as the plurality of monitoring devices, the transmit means of each monitoring device being operative to transmit the collected-data packets on the same network.
  - 13. The device according to claim 1, wherein the processing means is operative to process the data so collected to construct a traffic matrix.

14. A network monitoring device for monitoring the activity on a network carrying message packets of a predetermined type, each message packet having at least one data item providing information related to the message packet, the monitoring device comprising:
- a receive means for detecting message packets carried on the network;
  
  a sampling means operatively interfaced with the receive means for selecting only some of the message packets detected by the receive means;
  
  a data-collection means for extracting at least one data item from at least one message packet so selected the data-collection means forming the data items so extracted into collected-data packets; and
  
  a transmit means for transmitting each collected-data packet over the network.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
- - 15. The device according to claim 14, further comprising:
    - a counter means for maintaining a running count of at least one of the following;
      
      a) a total number of message packets received by the receive means,b) a total number of message packets received by the receive means having an error,c) a total number of message packets received by the receive means having lengths greater than an acceptable maximum message length and having lengths less than an acceptable minimum message length; and
      
      the data-collection means being operative to incorporate each running count so maintained in the collected-data packets.
  - 16. A network monitoring system operative to monitor the activity on a network carrying message packets, the monitoring system comprising:
    - at least one network monitoring device according to claim 14, wherein the receive means of the monitoring device is connected to the network; and
      
      a measurement station connected to the network operable to receive the collected-data packets from the transmit means of each network monitoring device connected to the network and to extract and further process the data related to the message packets incorporated in the collected-data packets.
  - 17. The system according to claim 16, wherein the measurement station is operative to construct traffic matrices from the data incorporated in the collected-data packets received by the measurement station.
  - 18. The system according to claim 17, wherein the measurement station is connected to the same network as the plurality of monitoring devices, the transmit means of each monitoring device being operative to transmit the collected-data packets on the same network.
  - 19. The system according to claim 16, wherein the network to be monitored includes at least one routing means separating the network into a plurality of logical segments and serving to restrict unnecessary packet flow between the segments, the monitoring system further comprising a plurality of the network monitoring devices, the receive means of each of the plurality of network monitoring devices being connected to at least one segment of the network.
  - 20. The system according to claim 19, wherein the measurement station is connected to the same network as the plurality of monitoring devices, the transmit means of each monitoring device being operative to transmit the collected-data packets on the same network.
  - 21. The system according to claim 16, wherein the measurement station is connected to the same network as the plurality of monitoring devices, the transmit means of each monitoring device being operative to transmit the collected-data packets on the same network.
  - 22. The device according to claim 14, wherein each said message packet contains a source and a destination address and wherein the data items extracted from each selected message packet by the data-collection means are the source and destination addresses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Company (HP Inc.)
Inventors
Phaal, Peter
Primary Examiner(s)
Safourek, Benedict V.

Application Number

US07/749,580
Time in Patent Office

1,002 Days
Field of Search

370/13, 370/14, 370/17, 370/94.1, 371/15.1, 371/20.1, 375/10, 364/550, 340/825.06
US Class Current

370/232
CPC Class Codes

H04L 43/022   by sampling

H04L 43/0847   Transmission error

H04L 43/16   Threshold monitoring

H04L 45/02   Topology update or discovery

H04L 45/04   Interdomain routing, e.g. h...

H04L 45/42   Centralised routing

H04L 45/46   Cluster building

H04L 45/70   Routing based on monitoring...

Network monitoring device and system

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

241 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Network monitoring device and system

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

241 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others