Method and system for network management using wire tapping

US 8,352,590 B2
Filed: 02/21/2006
Issued: 01/08/2013
Est. Priority Date: 02/21/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving data to initialize a virtual point-to-point tunnel interface between a network device within a network and a wire-tapping device connected to the network through a network edge device, wherein the wire-tapping device is external to the network, wherein the virtual point-to-point tunnel interface is paired with at least one physical interface on the network device, and the physical interface is configured to participate in a routing protocol;

authenticating the virtual point-to-point tunnel interface to receive routing protocol traffic;

initializing the virtual point-to-point tunnel interface to receive information, wherein the received information is the routing protocol traffic;

receiving the information through the virtual point-to-point tunnel interface, wherein the information is received at the wire-tapping device from the network device through the at least one physical interface;

collating the received information at the wire-tapping device;

determining a network topology at the wire-tapping device, the determination being enabled by the collated received information; and

based on the network topology, determining, at the wire-tapping device, a shortest path for forwarding data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and a system for collecting information in a network. A wiretap tunnel interface is initialized between a wire-tapping device and a network device. The wire-tapping device receives information related to routing protocol traffic from the network device through the wiretap tunnel interface. The wire-tapping device collates the received information about the routing protocol traffic. This collated information is used by the network administrator to manage the network.

Citations

20 Claims

1. A method comprising:
- receiving data to initialize a virtual point-to-point tunnel interface between a network device within a network and a wire-tapping device connected to the network through a network edge device, wherein the wire-tapping device is external to the network, wherein the virtual point-to-point tunnel interface is paired with at least one physical interface on the network device, and the physical interface is configured to participate in a routing protocol;
  
  authenticating the virtual point-to-point tunnel interface to receive routing protocol traffic;
  
  initializing the virtual point-to-point tunnel interface to receive information, wherein the received information is the routing protocol traffic;
  
  receiving the information through the virtual point-to-point tunnel interface, wherein the information is received at the wire-tapping device from the network device through the at least one physical interface;
  
  collating the received information at the wire-tapping device;
  
  determining a network topology at the wire-tapping device, the determination being enabled by the collated received information; and
  
  based on the network topology, determining, at the wire-tapping device, a shortest path for forwarding data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising utilizing the routing protocol by utilizing information regarding forwarding data in the network.
  - 3. The method of claim 2, further comprising utilizing the information related to the routing protocol by using encapsulated information according to a router encapsulation mechanism.
  - 4. The method of claim 1, wherein the receiving data to initialize the virtual point-to-point tunnel interface between the network device and the wire-tapping device comprises:
    - coupling the wire-tapping device to the network device through the virtual point-to-point tunnel interface; and
      
      executing an authentication mechanism, wherein the authentication mechanism is executed to authenticate the wire-tapping device to receive the encapsulated information related to the routing protocol.
  - 5. The method of claim 4, further comprising executing the authentication mechanism according to an authentication protocol.
  - 6. The method of claim 4, wherein the executing the authentication mechanism further comprises sending an interested traffic parameter to the network device.
  - 7. The method of claim 6, further comprising configuring the interested traffic parameter with information related to the routing protocol and information related to the at least one physical interface paired with the virtual point-to-point tunnel interface, wherein the information related to the routing protocol specifies the routing protocol required for forwarding the data in the network.
  - 8. The method of claim 4, wherein the executing the authentication mechanism further comprises querying the network device for sending the information related to the routing protocol to the wire-tapping device.
  - 9. The method of claim 1, wherein the receiving the information comprises receiving a control word from the network device.
  - 10. The method of claim 9, wherein the control word comprises information related to a type code of a routing protocol, context information related to the routing protocol, information related to a number of the at least one physical interface paired with the virtual point-to-point tunnel interface, wherein the type code classifies the routing protocol.
  - 11. The method of claim 1, wherein the collating the received information comprises:
    - segregating the received information; and
      
      processing the segregated information.
  - 12. The method of claim 1, further comprising sending a keep alive message from the virtual point-to-point tunnel interface, wherein the wire-tapping device sends the keep alive message to indicate the presence of the wire-tapping device to the network device.
  - 13. The method of claim 12, wherein the keep alive message is sent according to a generic router encapsulating tunneling mechanism.
  - 14. The method of claim 1, further comprising sending information through the virtual point-to-point tunnel interface, wherein the information is sent to the wire-tapping device from the network device.
  - 15. The method of claim 1, wherein the virtual point-to-point tunnel interface is a passive interface.

16. A method comprising:
- coupling a wire-tapping device to a network device within a network by configuring a virtual point to point tunnel interface on the network device and a wire-tapping device connected to the network through a network edge device, wherein the wire-tapping device is external to the network, wherein the virtual point-to-point tunnel interface is paired with at least one physical interface on the network device, and the physical interface is configured to participate in a routing protocol;
  
  executing an authentication mechanism, the authentication mechanism being executed to authenticate the wire-tapping device to receive routing protocol traffic;
  
  initializing the virtual point-to-point interface to receive information, wherein the received information is the routing protocol traffic;
  
  receiving the information through the virtual point-to-point tunnel interface, wherein the information is received at the wire-tapping device from the network device through the at least one physical interface;
  
  collating the received information at the wire-tapping device, wherein the received information is collated for managing the network by a user;
  
  determining a network topology at the wire-tapping device, the determination being enabled by the collated received information; and
  
  based on the network topology, determining, at the wire-tapping device, a shortest path for forwarding data.
- View Dependent Claims (17)
- - 17. The method of claim 16, further comprising deriving a routing table from the collated information at the wire-tapping device.

18. A system for collecting network information the system comprising:
- a virtual point-to-point tunnel interface through which a wire-tapping device receives the network information, wherein the virtual point-to-point tunnel interface is configured to be paired with at least one physical interface, and the physical interface is configured to participate in a routing protocol; and
  
  the wire-tapping device characterized as being external to a network and connected to the network through a network edge device, the wire-tapping device configured to;
  
  receive the network information, wherein the received information comprises information related to the routing protocol,receive information from a network device within the network through the virtual point-to-point tunnel interface, at the wire-tapping device being configured to receive the information from the network device through the at least one physical interface,collate the received information;
  
  determine a network topology, the determination being enabled by the collated received information; and
  
  based on the network topology, determine a shortest path for forwarding data.

19. A non-transitory machine-readable storage medium including instructions executable by a processor, the machine-readable storage medium comprising:
- at least one instruction for receiving data to initialize a virtual point-to-point tunnel interface between a network device within a network and a wire-tapping device connected to the network through a network edge device, wherein the wire-tapping device is external to the network, wherein the virtual point-to-point tunnel interface is paired with at least one physical interface on the network device, and the physical interface is configured to participate in a routing protocol;
  
  at least one instruction for authenticating the virtual point-to-point tunnel interface to receive routing protocol traffic;
  
  at least one instruction for initializing the virtual point-to-point tunnel interface to receive information, wherein the received information comprises the routing protocol traffic;
  
  at least one instruction for receiving the information through the virtual point-to-point tunnel interface, wherein the wire-tapping device is configured to receive the information from the network device through the at least one physical interface;
  
  at least one instruction for collating the received information;
  
  at least one instruction for determining a network topology, the determination being enabled by the collated received information; and
  
  at least one instruction for determining, based on the network topology, a shortest path for forwarding data.

20. An apparatus comprising:
- a computer processor for executing instructions; and
  
  a machine-readable storage medium including instructions executable by the computer processor comprising;
  
  at least one instruction for receiving data to initialize a virtual point-to-point tunnel interface between a network device within a network and a wire-tapping device connected to the network through a network edge device, wherein the wire-tapping device is external to the network, wherein the virtual point-to-point tunnel interface is paired with at least one physical interface on the network device, and the physical interface is configured to participate in a routing protocol;
  
  at least one instruction for initializing the virtual point-to-point tunnel interface to receive information, wherein the received information comprises routing protocol traffic;
  
  at least one instruction for collating the received information;
  
  at least one instruction for determining a network topology, the determination being enabled by the collated received information; and
  
  at least one instruction for determining, based on the network topology, a shortest path for forwarding data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Sankaran, Ganesh Chennimalai, Venkat, Balaji
Primary Examiner(s)
RECEK, JASON D

Application Number

US11/359,287
Publication Number

US 20070199052A1
Time in Patent Office

2,513 Days
Field of Search

709/223, 709/224, 709/238, 726/4
US Class Current

709/224
CPC Class Codes

H04L 63/306 intercepting packet switche...

H04M 3/2281 Call monitoring, e.g. for l...

Method and system for network management using wire tapping

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for network management using wire tapping

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links