Configuration of a network visibility system

US 10,057,126 B2
Filed: 10/30/2015
Issued: 08/21/2018
Est. Priority Date: 06/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method performed in a network visibility system comprising a packet router and a router controller, said method comprising:

receiving a first sequence of packets;

determining, by said packet router, using a plurality of rules formed based on IP addresses from a second sequence of packets, a specific one of a plurality of output ports on which to forward each of said first sequence of packets, wherein a corresponding analytic server is coupled to process any packets received on a corresponding output port of the plurality of output ports, and wherein the plurality of rules formed by said router controller comprises;

a first set of rules, with each rule designed to match packets that are not GPRS Tunneling Protocol (non-GTP) packets, and to either drop matching non-GTP packets or to forward the matching non-GTP packets to a specified one of said output ports, anda second set of rules, with each rule designed to match GPRS Tunneling Protocol (GTP) packets, and to either drop matching GTP packets or to forward the matching GTP packets for further processing within said packet router;

examining the second sequence of packets received before said first sequence of packets, to discover one or more IP addresses present in said second sequence of packets, wherein one or more of said plurality of rules are formed based on said one or more IP addresses; and

forwarding each of said first sequence of packets on the corresponding determined output port for processing by the corresponding analytic server.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network visibility system provided according to an aspect of the present disclosure forms rules for routing of packets to appropriate analytic server, based on IP addresses discovered while processing packets. Due to such discovery and forming of rules based on discovery, manual configuration of the network visibility system can be avoided. In an embodiment, the network visibility system comprises a packet router and a router controller. The router controller receives the examined packets from the packet router and configures the packet router with the formed rules.

330 Citations

17 Claims

1. A method performed in a network visibility system comprising a packet router and a router controller, said method comprising:
- receiving a first sequence of packets;
  
  determining, by said packet router, using a plurality of rules formed based on IP addresses from a second sequence of packets, a specific one of a plurality of output ports on which to forward each of said first sequence of packets, wherein a corresponding analytic server is coupled to process any packets received on a corresponding output port of the plurality of output ports, and wherein the plurality of rules formed by said router controller comprises;
  
  a first set of rules, with each rule designed to match packets that are not GPRS Tunneling Protocol (non-GTP) packets, and to either drop matching non-GTP packets or to forward the matching non-GTP packets to a specified one of said output ports, anda second set of rules, with each rule designed to match GPRS Tunneling Protocol (GTP) packets, and to either drop matching GTP packets or to forward the matching GTP packets for further processing within said packet router;
  
  examining the second sequence of packets received before said first sequence of packets, to discover one or more IP addresses present in said second sequence of packets, wherein one or more of said plurality of rules are formed based on said one or more IP addresses; and
  
  forwarding each of said first sequence of packets on the corresponding determined output port for processing by the corresponding analytic server.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein said network visibility system comprises a packet router and a router controller,wherein said examining is performed in said router controller,wherein said determining and said forwarding are performed in said packet router, wherein said method further comprises:
    - forming of said plurality of rules by said router controller; and
      
      configuring of said packet router with said plurality of rules, wherein said configuring is performed by said router controller.
  - 3. The method of claim 1, wherein said second sequence of packets is sent by said packet router to said router controller only if none of the plurality of rules are matched by any packet of said second sequence of packets,wherein said plurality of rules is formed by said router controller upon receiving of said second sequence of packets from said packet router.
  - 4. The method of claim 3, wherein said GTP packets comprise a first set of packets related to 3G networks, and a second set of packets related to 4G/LTE networks,wherein said plurality of IP addresses comprise a first set of IP addresses of said 3G networks and a second set of IP addresses of said 4G/LTE networks,wherein said second set of IP addresses corresponds to serving gateways (SGW), packet-data-network gateways (PGW), mobility management entities (MME), home subscriber servers (HSS), and eNodeBs in said 4G/LTE networks, andwherein said first set of IP addresses corresponds to Serving GPRS Support Nodes (SGSN), Gateway GPRS Support Nodes (GGSN), and radio network controllers (RNC) in said 3G networks.
  - 5. The method of claim 4, further comprising maintaining a configuration file including the first set of IP addresses present in said 3G networks and the second set of IP addresses present in said 4G/LTE networks as a basis for formation of said plurality of rules,wherein said router controller is operable to retrieve one or more IP addresses in said configuration file and form at least some of said plurality of rules based on the retrieved one or more IP addresses present in said configuration file upon being initialized,wherein said plurality of IP addresses is added to said configuration file on discovery of said plurality of addresses.
  - 6. The method of claim 5, wherein said configuration file further contains a mapping of IP network addresses to respective VLAN Identifiers (IDs), wherein the VLAN IDs are used to distribute processing load among different components of said packet router.

7. A router controller to configure a packet router, said router controller comprising:
- a memory to store instructions;
  
  a processing unit to retrieve and execute said instructions, wherein execution of said instructions causes said router controller to perform the actions of;
  
  examining a first sequence of packets to discover one or more of a plurality of IP addresses contained in said first sequence of packets;
  
  forming one or more of a plurality of rules based on said plurality of IP addresses wherein the plurality of rules comprises;
  
  a first set of rules, with each rule designed to match packets that are not GPRS Tunneling Protocol (non-GTP) packets, and to either drop matching non-GTP packets or to forward the matching non-GTP packets to a specified output port, anda second set of rules, with each rule designed to match GPRS Tunneling Protocol (GTP) packets, and to either drop matching GTP packets or to forward the matching GTP packets for further processing within said packet router;
  
  forwarding said plurality of rules to said packet router to cause said packet router to be configured with said plurality of rules formed based on IP addresses from the first sequence of packets, wherein said packet router thereafter forwards each of a second sequence of packets to respective ones of said plurality of analytic servers according to said plurality of rules.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The router controller of claim 7, wherein said first sequence of packets is received from said packet router.
  - 9. The router controller of claim 7, wherein said first sequence of packets is sent by said packet router to said router controller only if none of the first set of rules and the second set of rules are matched by any of said first sequence of packets,wherein said plurality of rules is formed by said router controller upon receiving of said first sequence of packets from said packet router.
  - 10. The router controller of claim 9, wherein said GTP packets comprise a first set of packets related to 3G networks, and a second set of packets related to 4G/LTE networks,wherein said plurality of IP addresses comprise a first set of IP addresses of said 3G networks and a second set of IP addresses of said 4G/LTE networks,wherein said second set of IP addresses correspond to serving gateways (SGW), packet-data-network gateways (PGW), mobility management entities (MME), home subscriber servers (HSS) and eNodeBs in said 4G/LTE networks, andwherein said first set of IP addresses correspond to Serving GPRS Support Nodes (SGSN), Gateway GPRS Support Nodes (GGSN) and radio network controllers (RNC) in said 3G networks.
  - 11. The router controller of claim 10, wherein said router controller maintains a configuration file including the first set of IP addresses present in said 3G networks and the second set of IP addresses present in said 4G/LTE networks as a basis for formation of said plurality of rules,wherein said router controller is operable to retrieve one or more IP addresses in said configuration file and form at least some of said plurality of rules based on the retrieved one or more IP addresses present in said configuration file,wherein said plurality of IP addresses is added to said configuration file on discovery of said plurality of addresses.
  - 12. The router controller of claim 11, wherein said configuration file further contains a mapping of IP network addresses to respective VLAN Identifiers (IDs), wherein the VLAN IDs are used to distribute processing load among different components of said packet router.

13. A non-transitory machine readable medium storing one or more sequences of instructions for causing a router controller to configure a packet router, wherein execution of said one or more sequences of instructions by one or more processors contained in said router controller causes said router controller to perform the actions of:
- examining a first sequence of packets to discover one or more of a plurality of IP addresses contained in said first sequence of packets;
  
  forming one or more of a plurality of rules based on said plurality of IP addresses wherein the plurality of rules comprises;
  
  a first set of rules, with each rule designed to match packets that are not GPRS Tunneling Protocol (non-GTP), and to either drop matching non-GPRS packets or to forward the matching non-GPRS packets to a specified output port, anda second set of rules, with each rule designed to match GPRS Tunneling Protocol (GTP) packets, and to either drop matching GTP packets or to forward the matching GTP packets for further processing within said packet router; and
  
  forwarding said plurality of rules to said packet router to cause said packet router to be configured with said plurality of rules formed based on IP addresses received from the first sequence of packets, wherein said packet router thereafter forwards each of a second sequence of packets to respective ones of said plurality of analytic servers according to said plurality of rules.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The non-transitory machine readable medium of claim 13, wherein said first sequence of packets is received from said packet router.
  - 15. The non-transitory machine readable medium of claim 13, wherein said first sequence of packets is sent by said packet router to said router controller only if none of the first set of rules and the second set of rules are matched by any of said first sequence of packets,wherein said plurality of rules are formed by said router controller upon receiving of said first sequence of packets from said packet router.
  - 16. The non-transitory machine readable medium of claim 15, wherein said GTP packets comprise a first set of packets related to 3G networks, and a second set of packets related to 4G/LTE networks,wherein said plurality of IP addresses comprise a first set of IP addresses of said 3G networks and a second set of IP addresses of said 4G/LTE networks,wherein said second set of IP addresses correspond to serving gateways (SGW), packet-data-network gateways (PGW), mobility management entities (MME), home subscriber servers (HSS) and eNodeBs in said 4G/LTE networks, andwherein said first set of IP addresses correspond to Serving GPRS Support Nodes (SGSN), Gateway GPRS Support Nodes (GGSN) and radio network controllers (RNC) in said 3G networks.
  - 17. The non-transitory machine readable medium of claim 16, wherein said router controller maintains a configuration file including the first set of IP addresses present in said 3G networks and the second set of IP addresses present in said 4G/LTE networks as a basis for formation of said plurality of rules,wherein said router controller is operable to retrieve one or more IP addresses in said configuration file and form at least some of said plurality of rules based on the retrieved one or more IP addresses present in said configuration file,wherein said plurality of IP addresses are added to said configuration file on discovery of said plurality of addresses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Extreme Networks, Inc.
Original Assignee
Extreme Networks, Inc.
Inventors
Vedam, Jude Pragash, Sharma, Shailender, Varimalla, Rakesh
Primary Examiner(s)
Moore, Ian N
Assistant Examiner(s)
Le, Brian T

Application Number

US14/927,478
Publication Number

US 20160373303A1
Time in Patent Office

1,026 Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/4666   Operational details on the ...

H04L 41/0886   Fully automatic configuration

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/0895   Configuration of virtualise...

H04L 41/342   between virtual entities, e...

H04L 43/00   Arrangements for monitoring...

H04L 43/10   Active monitoring, e.g. hea...

H04L 43/12   Network monitoring probes

H04L 43/20   the monitoring system or th...

H04L 45/745   Address table lookup; Addre...

H04L 47/125   by balancing the load, e.g....

Configuration of a network visibility system

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

330 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Configuration of a network visibility system

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

330 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others