Network connectivity determination

US 7,711,800 B2
Filed: 01/31/2006
Issued: 05/04/2010
Est. Priority Date: 01/31/2006
Status: Active Grant

First Claim

Patent Images

1. A method of determining network connectivity comprising:

determining whether a request is for web connectivity or IP connectivity;

wherein, if the request is for IP connectivity, then (a) executing network profiling to determine the number of hops (Hfar) to an edge of an ISP network that provides the IP connectivity, (b) executing a passive analyzer that reviews incoming packets to determine network connectivity, (c) executing triggered probing of a network to determine network connectivity, and (d) executing direct probing of a network to determine network connectivity;

wherein, if the request is for web connectivity, then(e) determining if a web proxy is present in the network and, if a web proxy is not present in the network, then (i) executing network profiling to determine Hfar, (ii) executing a passive analyzer that reviews incoming packets to determine network connectivity, (iii) executing triggered probing of a network to determine network connectivity, and (iv) executing direct probing of a network to determine network connectivity,(f) if a web proxy is present in the network, then (1) executing a passive analyzer that reviews incoming packets to determine network connectivity, (2) executing triggered probing of a network to determine network connectivity, and (3) executing direct probing of a network to determine network connectivity;

wherein executing web proxy detection further comprises (a1) storing a list of a pool of seed URL hosted on the Internet along with the IP addresses of the hosts, (a2) performing an HTTP GET for three or more seed URLs randomly selected from the pool, (a3) determining whether all the HTTP GETs responses match the expected content;

wherein, if the determination of whether all the HTTP GETs responses match the expected content is yes, then executing web proxy detection also includes checking for the IP addresses for a plurality of responses and checking the TTLs for the responses;

wherein, if the IP addresses and TTLs are as expected, then executing web proxy detection also includes determining that proxy servers are present, performing name resolutions for a plurality of names, and determining whether any name successfully resolves but the results are different from the expected result;

wherein, if the determination is yes, then detecting the presence of DNS spoofing, determining that web connectivity is not be present, and invoking the passive analyzer;

wherein, if the determination of whether all the HTTP GETs responses match the expected content is no, then determining that a web proxy is present, checking IP addresses of responses, and checking TTLs of responses;

wherein, if addresses are the same for all responses, then also calculating a hop count to proxy server;

wherein, if IP addresses are different than expected website addresses, then also determining the IP address of the proxy server;

indicating being connected to the Internet when packets are received from an ISP'"'"'s backbone;

picking a plurality of seed host names from a pool of geographically distributed Internet sites;

performing DNS lookups to obtain IPv4 addresses for the plurality of seed host names;

selecting one IPv4 address for each host; and

for each of the plurality of seed hosts, sending two UDP (or TCP) packets with the TTL 2-tuple <

Hfar−

1, Hfar>

using the port designated port for traceroute.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method by which the connectivity status of network connections on a PC is determined in real-time by passively reviewing packet information from the TCP/IP stack. To achieve high accuracy of the connectivity status determination, the method involves the determination of the edge of a local network. In cases where little or no network traffic is observed on the network, scalable active probing methods are designed to make accurate connectivity determination. Special considerations for network setups like networks with web proxy servers, NAT or edge firewalls are also included to improve the accuracy of the determination in those environments.

72 Citations

View as Search Results

5 Claims

1. A method of determining network connectivity comprising:
- determining whether a request is for web connectivity or IP connectivity;
  
  wherein, if the request is for IP connectivity, then (a) executing network profiling to determine the number of hops (Hfar) to an edge of an ISP network that provides the IP connectivity, (b) executing a passive analyzer that reviews incoming packets to determine network connectivity, (c) executing triggered probing of a network to determine network connectivity, and (d) executing direct probing of a network to determine network connectivity;
  
  wherein, if the request is for web connectivity, then(e) determining if a web proxy is present in the network and, if a web proxy is not present in the network, then (i) executing network profiling to determine Hfar, (ii) executing a passive analyzer that reviews incoming packets to determine network connectivity, (iii) executing triggered probing of a network to determine network connectivity, and (iv) executing direct probing of a network to determine network connectivity,(f) if a web proxy is present in the network, then (1) executing a passive analyzer that reviews incoming packets to determine network connectivity, (2) executing triggered probing of a network to determine network connectivity, and (3) executing direct probing of a network to determine network connectivity;
  
  wherein executing web proxy detection further comprises (a1) storing a list of a pool of seed URL hosted on the Internet along with the IP addresses of the hosts, (a2) performing an HTTP GET for three or more seed URLs randomly selected from the pool, (a3) determining whether all the HTTP GETs responses match the expected content;
  
  wherein, if the determination of whether all the HTTP GETs responses match the expected content is yes, then executing web proxy detection also includes checking for the IP addresses for a plurality of responses and checking the TTLs for the responses;
  
  wherein, if the IP addresses and TTLs are as expected, then executing web proxy detection also includes determining that proxy servers are present, performing name resolutions for a plurality of names, and determining whether any name successfully resolves but the results are different from the expected result;
  
  wherein, if the determination is yes, then detecting the presence of DNS spoofing, determining that web connectivity is not be present, and invoking the passive analyzer;
  
  wherein, if the determination of whether all the HTTP GETs responses match the expected content is no, then determining that a web proxy is present, checking IP addresses of responses, and checking TTLs of responses;
  
  wherein, if addresses are the same for all responses, then also calculating a hop count to proxy server;
  
  wherein, if IP addresses are different than expected website addresses, then also determining the IP address of the proxy server;
  
  indicating being connected to the Internet when packets are received from an ISP'"'"'s backbone;
  
  picking a plurality of seed host names from a pool of geographically distributed Internet sites;
  
  performing DNS lookups to obtain IPv4 addresses for the plurality of seed host names;
  
  selecting one IPv4 address for each host; and
  
  for each of the plurality of seed hosts, sending two UDP (or TCP) packets with the TTL 2-tuple <
  
  Hfar−
  
  1, Hfar>
  
  using the port designated port for traceroute.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein executing network profiling for IPv4 comprises sending several packets with initial TTL set to different values around Hfar and any responses to those packets indicates internet connectivity.
  - 3. The method of claim 2, further comprising indicating the ISP backbone has been reached when packets are received from geographically separate locations on separate paths.
  - 4. The method of claim 1, further comprising using the presence of inbound Internet connectivity to indicate full network connectivity.
  - 5. The method of claim 4, further comprisingcomparing the source of the received packets to a list of sources known to be further than the Internet backbone;
    - and

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Qian, Tin, Gavrilescu, Alexandru
Primary Examiner(s)
Nguyen; Quang N.
Assistant Examiner(s)
Miah; Razu A

Application Number

US11/345,189
Publication Number

US 20070177499A1
Time in Patent Office

1,554 Days
Field of Search

706/201, 706/202, 706/217, 706/223, 706/231, 370/252
US Class Current

709/219
CPC Class Codes

H04L 43/0811   by checking connectivity

H04L 43/12   Network monitoring probes

H04L 69/16   Implementation or adaptatio...

Network connectivity determination

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

72 Citations

5 Claims

Specification

Use Cases

Quick Links

Others

Network connectivity determination

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

5 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others