Switch port analyzers

US 7,474,666 B2
Filed: 09/03/2003
Issued: 01/06/2009
Est. Priority Date: 09/03/2003
Status: Active Grant

First Claim

Patent Images

1. A network device, comprising:

an ingress port;

at least one buffer associated with the ingress port;

at least one egress port; and

at least one processor configured to do the following;

receive a first Fibre Channel packet from ingress port;

determining that a header of the first Fibre Channel packet indicates that the first Fibre Channel packet should be transmitted to a first egress port;

store a copy of the first Fibre Channel packet in a buffer associated with the ingress port;

transmit a first replica of the first Fibre Channel packet to the first egress port; and

transmit a second replica of the first Fibre Channel packet to a second egress port, the second egress port is not configured to participate in the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol, wherein the second egress port is not configured to act as an ingress port.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and devices are provided for non-disruptive monitoring of network traffic through one or more ports of a Fibre Channel network device. Preferred embodiments of the invention are used in conjunction with the switched port analyzer (“SPAN”) and/or remote SPAN (“RSPAN”) features. SPAN mode operation allows traffic through any Fibre Channel interface of a network device to be replicated and delivered to a single port on the same network device. Ingress SPAN allows the monitoring of some or all packets that ingress a specified port or ports. Egress SPAN allows the monitoring of some or all packets that egress a specified port or ports. RSPAN allows the delivery of the replicated traffic to a port on a remote network device. Filtering may be applied, for example, to SPAN packets having selected virtual storage area network numbers.

90 Citations

View as Search Results

47 Claims

1. A network device, comprising:
- an ingress port;
  
  at least one buffer associated with the ingress port;
  
  at least one egress port; and
  
  at least one processor configured to do the following;
  
  receive a first Fibre Channel packet from ingress port;
  
  determining that a header of the first Fibre Channel packet indicates that the first Fibre Channel packet should be transmitted to a first egress port;
  
  store a copy of the first Fibre Channel packet in a buffer associated with the ingress port;
  
  transmit a first replica of the first Fibre Channel packet to the first egress port; and
  
  transmit a second replica of the first Fibre Channel packet to a second egress port, the second egress port is not configured to participate in the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol, wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The network device of claim 1, wherein the second egress port is a port of the network device.
  - 3. The network device of claim 1, wherein the second egress port is a port of another network device.
  - 4. The network device of claim 1, wherein the network device is configured to transmit the second replica of the first Fibre Channel packet to the second egress port regardless of the identity of the first egress port.
  - 5. The network device of claim 1, further configured to do the following:
    - receive a second Fibre Channel packet at the ingress port, a header of the second Fibre Channel packet indicating that the second Fibre Channel packet should be transmitted to a third egress port;
      
      store a copy of the second Fibre Channel packet in a buffer associated with the ingress port;
      
      transmit a first replica of the second Fibre Channel packet to the third egress port; and
      
      transmit a second replica of the second Fibre Channel packet to the second egress port.

6. A method for use in a Fibre Channel network, the method comprising:
- receiving a first Fibre Channel packet, a header of the first Fibre Channel packet indicating that the first Fibre Channel packet should be transmitted to a first egress port;
  
  storing a copy of the first Fibre Channel packet;
  
  transmitting a first replica of the first Fibre Channel packet to the first egress port; and
  
  transmitting a second replica of the first Fibre Channel packet to a second egress port, the second egress port is not configured to participate in the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol, wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the second egress port is a port of the network device.
  - 8. The method of claim 6, wherein the second egress port is a port of another network device.
  - 9. The method of claim 6, wherein the second replica of the first Fibre Channel packet is transmitted to the second egress port regardless of the identity of the first egress port.
  - 10. The method of claim 6, further comprising:
    - receiving a second Fibre Channel packet, a header of the second Fibre Channel packet indicating that the second Fibre Channel packet should be transmitted to a third egress port;
      
      storing a copy of the second Fibre Channel packet;
      
      transmitting a first replica of the second Fibre Channel packet to the third egress port; and
      
      transmit a second replica of the second Fibre Channel packet to the second egress port.

11. A computer readable medium encoded with a computer program, the computer program comprising instructions for controlling a network device to perform the following steps:
- receiving a first Fibre Channel packet at an ingress port of the network device, a header of the first Fibre Channel packet indicating that the first Fibre Channel packet should be transmitted to a first egress port of the network device;
  
  storing a copy of the first Fibre Channel packet in a buffer associated with the ingress port;
  
  transmitting a first replica of the first Fibre Channel packet to the first egress port; and
  
  transmitting a second replica of the first Fibre Channel packet to a second egress port, the second egress port is not configured to participate in the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol , wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (12, 13)
- - 12. The computer readable medium of claim 11, wherein the second egress port is a port of the network device.
  - 13. The computer readable medium of claim 11, wherein the second egress port is a port of another network device.

14. A method for use in a Fibre Channel network, the method comprising:
- receiving a Fibre Channel packet;
  
  determining, based on a header of the Fibre Channel packet, that the Fibre Channel packet should be transmitted to a first egress port and that the Fibre Channel packet has been assigned a virtual storage area network number;
  
  storing a copy of the Fibre Channel packet;
  
  transmitting a first replica of the Fibre Channel packet to the first egress port; and
  
  determining, based at least in part on the virtual storage area network number, whether to transmit a second replica of the Fibre Channel packet to a second egress port.
- View Dependent Claims (15, 16)
- - 15. The method of claim 14, wherein the second egress port is a port of the network device.
  - 16. The method of claim 14, wherein the second egress port is a port of another network device.

17. A computer readable medium encoded with a computer program, the computer program comprising instructions for controlling a network device to perform the following steps:
- receive a Fibre Channel packet at an ingress port;
  
  determine, based on a header of the Fibre Channel packet, that the Fibre Channel packet should be transmitted to a first egress port and that the Fibre Channel packet has been assigned a virtual storage area network number;
  
  store a copy of the Fibre Channel packet in a buffer associated with the ingress port;
  
  transmit a first replica of the Fibre Channel packet to the first egress port; and
  
  determine, based at least in part on the virtual storage area network number, whether to transmit a second replica of the Fibre Channel packet to a second egress port.
- View Dependent Claims (18, 19)
- - 18. The computer readable medium of claim 17, wherein the second egress port is a port of the network device.
  - 19. The computer readable medium of claim 17, wherein the second egress port is a port of another network device.

20. A network device, comprising:
- an ingress port;
  
  at least one buffer associated with the ingress port;
  
  at least one egress port; and
  
  at least one processor configured to do the following;
  
  receive a Fibre Channel packet at the ingress port;
  
  determine that the Fibre Channel packet should be transmitted to a first egress port;
  
  store a copy of the Fibre Channel packet in a buffer associated with the ingress port;
  
  transmit a first replica of the Fibre Channel packet to the first egress port; and
  
  apply a rule to determine whether to rewrite, drop, decrypt or truncate a second replica of the Fibre Channel packet that is transmitted to a second egress port, wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The network device of claim 20, wherein the rule involves the ingress port.
  - 22. The network device of claim 20, wherein the rule involves the first egress port.
  - 23. The network device of claim 20, further configured to obtain a virtual storage area network number from the Fibre Channel packet and wherein the rule involves the virtual storage area network number.
  - 24. The network device of claim 20, wherein the modifying of the second replica comprises dropping the second replica.

25. A method for use in a Fibre Channel network, the method comprising:
- receiving a Fibre Channel packet;
  
  determining that the Fibre Channel packet should be transmitted to a first egress port;
  
  storing a copy of the Fibre Channel packet;
  
  transmitting a first replica of the Fibre Channel packet to the first egress port; and
  
  applying a rule to determine whether to rewrite, drop, decrypt or truncate a second replica of the Fibre Channel packet that is transmitted to a second egress port, wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (26, 27, 28)
- - 26. The method of claim 25, wherein the rule involves the ingress port.
  - 27. The method of claim 25, wherein the rule involves the first egress port.
  - 28. The method of claim 25, further comprising obtaining a virtual storage area network number from the Fibre Channel packet and wherein the rule involves the virtual storage area network number.

29. A computer readable medium encoded with a computer program, the computer program comprising instructions for controlling a network device to perform the following steps:
- receive a Fibre Channel packet at an ingress port;
  
  determine that the Fibre Channel packet should be transmitted to a first egress port;
  
  store a copy of the Fibre Channel packet in a buffer associated with the ingress port;
  
  transmit a first replica of the Fibre Channel packet to the first egress port; and
  
  apply a rule to determine whether to rewrite, drop, decrypt or truncate a second replica of the Fibre Channel packet that is transmitted to a second egress port, wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (30, 31, 32)
- - 30. The computer readable medium of claim 29, wherein the rule involves the ingress port.
  - 31. The computer readable medium of claim 29, wherein the rule involves the first egress port.
  - 32. The computer readable medium of claim 29, further comprising instructions for controlling the network device to obtain a virtual storage area network number from the Fibre Channel packet and wherein the rule involves the virtual storage area network number.

33. A computer readable medium encoded with a computer program, the computer program comprising instructions for controlling a port of a network device for use in a Fibre Channel protocol network to perform the following steps:
- ignore the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol for data traffic received at an egress port; and
  
  allow the data traffic to be sent only in the egress port'"'"'s egress direction.
- View Dependent Claims (34, 35, 36)
- - 34. The computer readable medium of claim 33, further comprising instructions for controlling the port to receive frames from within the network device.
  - 35. The computer readable medium of claim 33, further comprising instructions for controlling the port to output frames with an extended inter-switch link header.
  - 36. The computer readable medium of claim 33, further comprising instructions for controlling the port to output frames without an extended inter-switch link header.

37. A method for controlling a port of a network device for use in a Fibre Channel protocol network, the method comprising:
- ignoring the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol for data traffic received at an egress port; and
  
  allowing the data traffic to be sent only in the egress port'"'"'s egress direction.
- View Dependent Claims (38, 39, 40)
- - 38. The method of claim 37, further comprising controlling the port to receive frames from within the network device.
  - 39. The method of claim 37, further comprising controlling the port to output frames with an extended inter-switch link header.
  - 40. The method of claim 37, further comprising controlling the port to output frames without an extended inter-switch link header.

41. A network device for use in a Fibre Channel network, the network device comprising:
- an ingress port configured to receive a Fibre Channel packet, a header of the Fibre Channel packet indicating that the Fibre Channel packet should be transmitted to a first egress port, wherein the ingress port is further configured to;
  
  store a copy of the Fibre Channel packet in a buffer associated with the ingress port;
  
  transmit a first replica of the Fibre Channel packet to the first egress port; and
  
  transmit a second replica of the Fibre Channel packet;
  
  a reflector port configured to;
  
  receive the second replica of the Fibre Channel packet;
  
  encapsulate the second replica of the Fibre Channel packet with routing information such that the Fibre Channel packet can traverse an intervening network to a second network device; and
  
  transmit the encapsulated second replica of the Fibre Channel packet to a second egress port of the second network device, the second egress port is not configured to participate in the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol, wherein the second egress port is not configured to act as an ingress port.
- View Dependent Claims (42, 43)
- - 42. The network device of claim 41, wherein the reflector port does not make a third replica of the Fibre Channel packet.
  - 43. The network device of claim 41, wherein the reflector port makes a determination not to make a third replica of the Fibre Channel packet based on internal header information of the second replica of the Fibre Channel packet.

44. An apparatus, comprising:
- means for receiving a first Fibre Channel packet, a header of the first Fibre Channel packet indicating that the first Fibre Channel packet should be transmitted to a first egress port;
  
  means for storing a copy of the first Fibre Channel packet;
  
  means for transmitting a first replica of the first Fibre Channel packet to the first egress port; and
  
  means for transmitting a second replica of the first Fibre Channel packet to a second egress port, the second egress port is not configured to participate in the buffer-to-buffer credit flow control mechanism of the Fibre Channel protocol, wherein the second egress port is not configured to act as an ingress port.

45. An apparatus, comprising:
- means for receiving a Fibre Channel packet;
  
  means for determining, based on a header of the Fibre Channel packet, that the Fibre Channel packet should be transmitted to a first egress port and that the Fibre Channel packet has been assigned a virtual storage area network number;
  
  means for storing a copy of the Fibre Channel packet;
  
  means for transmitting a first replica of the Fibre Channel packet to the first egress port; and
  
  means for determining, based at least in part on the virtual storage area network number, whether to transmit a second replica of the Fibre Channel packet to a second egress port.
- View Dependent Claims (46, 47)
- - 46. The apparatus of claim 45, wherein the second egress port is a port of the network device.
  - 47. The apparatus of claim 45, wherein the second egress port is a port of another network device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Cressa, Matthew, Kloth, Raymond J., Edsall, Thomas James, Ghosh, Kalyan K., Dutt, Dinesh Ganapathy, Rastogi, Gaurav
Primary Examiner(s)
Ho; Duc C

Application Number

US10/655,452
Publication Number

US 20050053073A1
Time in Patent Office

1,952 Days
Field of Search

370/235, 370/392, 370/401, 370/241
US Class Current

370/401
CPC Class Codes

H04L 2212/00   Encapsulation of packets

H04L 43/00   Arrangements for monitoring...

H04L 43/18   Protocol analysers

H04L 49/357   Fibre channel switches

H04L 49/555   Error detection

Switch port analyzers

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

90 Citations

47 Claims

Specification

Solutions

Use Cases

Quick Links

Switch port analyzers

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

90 Citations

47 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links