Network connectivity determination
First Claim
1. A method of determining network connectivity comprising:
- determining whether a request is for web connectivity or IP connectivity;
wherein, if the request is for IP connectivity, then (a) executing network profiling to determine the number of hops (Hfar) to an edge of an ISP network that provides the IP connectivity, (b) executing a passive analyzer that reviews incoming packets to determine network connectivity, (c) executing triggered probing of a network to determine network connectivity, and (d) executing direct probing of a network to determine network connectivity;
wherein, if the request is for web connectivity, then(e) determining if a web proxy is present in the network and, if a web proxy is not present in the network, then (i) executing network profiling to determine Hfar, (ii) executing a passive analyzer that reviews incoming packets to determine network connectivity, (iii) executing triggered probing of a network to determine network connectivity, and (iv) executing direct probing of a network to determine network connectivity,(f) if a web proxy is present in the network, then (1) executing a passive analyzer that reviews incoming packets to determine network connectivity, (2) executing triggered probing of a network to determine network connectivity, and (3) executing direct probing of a network to determine network connectivity;
wherein executing web proxy detection further comprises (a1) storing a list of a pool of seed URL hosted on the Internet along with the IP addresses of the hosts, (a2) performing an HTTP GET for three or more seed URLs randomly selected from the pool, (a3) determining whether all the HTTP GETs responses match the expected content;
wherein, if the determination of whether all the HTTP GETs responses match the expected content is yes, then executing web proxy detection also includes checking for the IP addresses for a plurality of responses and checking the TTLs for the responses;
wherein, if the IP addresses and TTLs are as expected, then executing web proxy detection also includes determining that proxy servers are present, performing name resolutions for a plurality of names, and determining whether any name successfully resolves but the results are different from the expected result;
wherein, if the determination is yes, then detecting the presence of DNS spoofing, determining that web connectivity is not be present, and invoking the passive analyzer;
wherein, if the determination of whether all the HTTP GETs responses match the expected content is no, then determining that a web proxy is present, checking IP addresses of responses, and checking TTLs of responses;
wherein, if addresses are the same for all responses, then also calculating a hop count to proxy server;
wherein, if IP addresses are different than expected website addresses, then also determining the IP address of the proxy server;
indicating being connected to the Internet when packets are received from an ISP'"'"'s backbone;
picking a plurality of seed host names from a pool of geographically distributed Internet sites;
performing DNS lookups to obtain IPv4 addresses for the plurality of seed host names;
selecting one IPv4 address for each host; and
for each of the plurality of seed hosts, sending two UDP (or TCP) packets with the TTL 2-tuple <
Hfar−
1, Hfar>
using the port designated port for traceroute.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method by which the connectivity status of network connections on a PC is determined in real-time by passively reviewing packet information from the TCP/IP stack. To achieve high accuracy of the connectivity status determination, the method involves the determination of the edge of a local network. In cases where little or no network traffic is observed on the network, scalable active probing methods are designed to make accurate connectivity determination. Special considerations for network setups like networks with web proxy servers, NAT or edge firewalls are also included to improve the accuracy of the determination in those environments.
72 Citations
5 Claims
-
1. A method of determining network connectivity comprising:
-
determining whether a request is for web connectivity or IP connectivity; wherein, if the request is for IP connectivity, then (a) executing network profiling to determine the number of hops (Hfar) to an edge of an ISP network that provides the IP connectivity, (b) executing a passive analyzer that reviews incoming packets to determine network connectivity, (c) executing triggered probing of a network to determine network connectivity, and (d) executing direct probing of a network to determine network connectivity; wherein, if the request is for web connectivity, then (e) determining if a web proxy is present in the network and, if a web proxy is not present in the network, then (i) executing network profiling to determine Hfar, (ii) executing a passive analyzer that reviews incoming packets to determine network connectivity, (iii) executing triggered probing of a network to determine network connectivity, and (iv) executing direct probing of a network to determine network connectivity, (f) if a web proxy is present in the network, then (1) executing a passive analyzer that reviews incoming packets to determine network connectivity, (2) executing triggered probing of a network to determine network connectivity, and (3) executing direct probing of a network to determine network connectivity; wherein executing web proxy detection further comprises (a1) storing a list of a pool of seed URL hosted on the Internet along with the IP addresses of the hosts, (a2) performing an HTTP GET for three or more seed URLs randomly selected from the pool, (a3) determining whether all the HTTP GETs responses match the expected content; wherein, if the determination of whether all the HTTP GETs responses match the expected content is yes, then executing web proxy detection also includes checking for the IP addresses for a plurality of responses and checking the TTLs for the responses; wherein, if the IP addresses and TTLs are as expected, then executing web proxy detection also includes determining that proxy servers are present, performing name resolutions for a plurality of names, and determining whether any name successfully resolves but the results are different from the expected result; wherein, if the determination is yes, then detecting the presence of DNS spoofing, determining that web connectivity is not be present, and invoking the passive analyzer; wherein, if the determination of whether all the HTTP GETs responses match the expected content is no, then determining that a web proxy is present, checking IP addresses of responses, and checking TTLs of responses; wherein, if addresses are the same for all responses, then also calculating a hop count to proxy server; wherein, if IP addresses are different than expected website addresses, then also determining the IP address of the proxy server; indicating being connected to the Internet when packets are received from an ISP'"'"'s backbone; picking a plurality of seed host names from a pool of geographically distributed Internet sites; performing DNS lookups to obtain IPv4 addresses for the plurality of seed host names; selecting one IPv4 address for each host; and for each of the plurality of seed hosts, sending two UDP (or TCP) packets with the TTL 2-tuple <
Hfar−
1, Hfar>
using the port designated port for traceroute.- View Dependent Claims (2, 3, 4, 5)
indicating Internet connectivity if a packet is received from a source of the list of sources known to be further than the Internet backbone.
-
Specification