Patent Grant
7898984
The present invention is related to the following applications, all of which are incorporated herein by reference:
Commonly assigned application entitled “Intelligent Communications Network Tap Port Aggregator,” filed on Mar. 7, 2006 herewith by Matityahu et al., application Ser. No. 11/370,487, issued as a U.S. patent, U.S. Pat. No. 7,760,859, on Jul. 20, 2010; and
Commonly assigned application entitled “Active Response Communications Network Tap,” filed on Jul. 1, 2005 herewith by Matityahu et al., application Ser. No. 11/174,033.
Telecommunication networks have long been employed to facilitate communication between users who are geographically dispersed. Communication may include transmission of data packets, such as media and voice packets, between a plurality of network devices, such as routers and switches. In today society, a company may depend upon its network to be fully functionally in order to conduct business. Thus, a company may monitor its network in order to ensure reliable performance, enable fault detection, and detect unauthorized activities.
Monitoring may be performed by connecting network taps to the networks to gather information about the data traffic in order to share the information with monitoring tools. However, conventional network taps may employ a store-and-forward technique that may cause delay in the network traffic, thereby creating communication latency. In addition, since data traffic may flow into a port of a network device in a bidirectional manner, full-duplex monitoring may require a second network interface card (NIC). Besides increasing the cost of monitoring, a second NIC may cause the configuration of the monitoring system to become more complex and less flexible.
The invention relates, in an embodiment, to an arrangement in a network device for facilitating multiple connection speeds with a network. The arrangement includes a set of network ports. The set of network ports includes a set of input network ports for receiving data traffic and a set of output network ports for outputting the data traffic from the network device. The arrangement also includes a monitoring port, which is configured to receive aggregated data traffic from the set of network ports. The aggregated data traffic is aggregated by an aggregator. The arrangement further includes a plurality of physical layer interface (PHY). Each PHY of the plurality of PHY is configured to support multiple speeds. The arrangement yet also includes a media access controller (MAC), which is configured to support the multiple speeds, whereas the data traffic is configured to traverse the network device between the set of input network ports and the set of output network ports irrespective whether power is provided to circuitry of the network device.
The invention also relates, in an embodiment, to an arrangement in a network device for facilitating active response between a monitoring device and an end-device. The arrangement includes a set of network ports, which includes a set of input network ports for receiving data traffic and a set of output network ports for outputting the data traffic from the network device. The arrangement also includes a monitoring port, which is configured to transmit a set of instructions from the monitoring device coupled to the monitoring port. The arrangement further includes logic arrangement for receiving and multicasting the set of instructions, whereas the data traffic is configured to traverse the network device between the set of input network ports and the set of output network ports irrespective whether power is provided to circuitry of the network device.
The invention yet also relates, in an embodiment, to an arrangement in a network device for facilitating power over Ethernet (POE) over a network. The arrangement includes a first network port, which is configured to receive a signal that includes data packets and power packets. The arrangement also includes a second network port, which is configured to receive the signal from the first network port. The arrangement further includes a tap structure, which is configured to couple to the first network port and the second network port to receive the data packets, whereas data traffic is configured to traverse the network device between the set of input network ports and the set of output network ports irrespective whether power is provided to circuitry of the network device.
The above summary relates to only one of the many embodiments of the invention disclosed herein and is not intended to limit the scope of the invention, which is set forth in the claims herein. These and other features of the present invention will be described in more detail below in the detailed description of the invention and in conjunction with the following figures.
The present invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which:
The present invention will now be described in detail with reference to a few embodiments thereof as illustrated in the accompanying drawings. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art, that the present invention may be practiced without some or all of these specific details. In other instances, well known process steps and/or structures have not been described in detail in order to not unnecessarily obscure the present invention.
Various embodiments are described hereinbelow, including methods and techniques. It should be kept in mind that the invention might also cover articles of manufacture that includes a computer readable medium on which computer-readable instructions for carrying out embodiments of the inventive technique are stored. The computer readable medium may include, for example, semiconductor, magnetic, opto-magnetic, optical, or other forms of computer readable medium for storing computer readable code. Further, the invention may also cover apparatuses for practicing embodiments of the invention. Such apparatus may include circuits, dedicated and/or programmable, to carry out tasks pertaining to embodiments of the invention. Examples of such apparatus include a general-purpose computer and/or a dedicated computing device when appropriately programmed and may include a combination of a computer/computing device and dedicated/programmable circuits adapted for the various tasks pertaining to embodiments of the invention.
As aforementioned, a company's network is an important asset to the company. The network needs to be working properly in order for the company to conduct business. The company may monitor the network in order to ensure reliability and security of the network. Unlike more conventional network tapping methods, which may cause delay in the network traffic, the network device with port aggregation is able to provide full-duplex monitoring with zero delay. In addition, since the network device with port aggregation is capable of aggregating stream of data traffic, full-duplex monitoring may occur without incurring the additional cost of a second network interface card (NIC).
To facilitate discussion, prior art
As can be appreciated from the foregoing, power aggregator 100 is a discrete network tap. In other words, power aggregator 100 enables data traffic to continue to flow between network devices irrespective whether power is available to enable the circuitry of power aggregator 100 (as shown by the bypass route 112). Thus, data traffic is not disrupted even if power is not available to enable power aggregator 100 to perform its monitoring function.
If power is on for port aggregator 100, then the set of switches (110 and 116) may route the incoming data traffic through an FPGA (field-programmable gate array) 124. In the example above, stream of data packets 150 has been received by switch 110. Since power is on, switch 110 may transport stream of data packets 150 to a PHY (physical layer interface) 120. As discussed herein, a PHY refers to an integrated circuit that may be employed to interface with a media access controller (MAC). Upon receiving the data traffic, PHY 120 may send stream of data packets 150 to a MAC 122. Stream of data packets 150 may be received by MAC 122 and sent along to FPGA 124.
At FPGA 124, for data traffic flowing from first network port 102, FPGA 124 may create a loop to enable stream of data packets 150 to continue flowing to second network port 104. Similarly, stream of data packets 152 coming from second network port 104 may flow along network line 114 through switch 116 to a PHY 126 and MAC 122 to FPGA 124. Upon receiving stream of data packets 152, FPGA 124 may create a loop and send stream of data packets 152 downstream to first network port 102.
To monitor the streams of data packets that may be received by the network ports, an aggregator component 118 may be employed to tap network lines 108 and 114, as the paths flow through FPGA 124. In other words, streams of data packets (150 and 152) from the network ports (102 and 104) may be aggregated by aggregator component 118 from within FPGA 124 to be sent onward to a monitor device, which may be associated with monitor port 106. A copy of the streams of data packets (150 and 152) may be forwarded to aggregator component 118 along a monitor path 128, for stream of data packets 150, and a monitor path 130, for stream of data packets 152.
To facilitate network traffic management, a memory buffer may be associated with each monitor path. In an example, streams of data packets (150 and 152) flowing through monitor paths 128 and 130 may be temporarily store in memory buffers 132 and 134, respectively. Streams of data packets (150 and 152) may flow from the memory buffers to FPGA 124. FPGA 124 may employ an arbitration algorithm to determine the order in which the streams of data packets (150 and 152) may be processed. In an example, a round-robin method may be employed in which streams of data packets (150 and 152) from memory buffers 132 and 134 may be alternately handled. If streams of data packets (150 and 152) are received at the same time, data traffic from one memory buffer may be given higher priority. In an example, FPGA may be configured to give higher priority to stream of data packets 150 coming from memory buffer 132.
Once streams of data packets are received by aggregator component 118, aggregator component 118 may aggregate streams of data packets (150 and 152) into a single aggregate stream of data packets 154 and forward the aggregate data traffic along a line 136 through MAC 122 and a PHY 138 to monitor port 106.
If the streams of data packets (150 and 152) are coming in at a faster rate than the memory buffers can handle, such that the memory buffers become full, then the streams of data packets (150 and 152) may be directed away from the monitoring paths. In an example, if memory buffer 132 is full, then any additional data packets coming in from network line 108 may be dropped from monitoring path 128 until memory buffer 132 has cleared out sufficient memory space to handle additional data packets. Note that the data packets that are being dropped are only being dropped from the monitoring paths (128 and 130) and not from the network lines (108 and 114). In other words, the original data packets are still being transported between the two network ports but the original data packets are not being copied and forwarded to the monitoring device along the monitor paths (128 and 130) when memory buffer overflow occurs. Also, data packets may only be dropped from a monitor path if the memory buffer associated with that monitor path is full. In an example, if memory buffer 132 is full but memory buffer 134 is not, then only data traffic that may be intended for memory buffer 132 may be dropped.
To expand the capability of the port aggregator, additional features may be provided.
In accordance with embodiments of the present invention, an enhanced communication network tap (ECNT) port aggregator is provided. Embodiments of the invention include expanding the port aggregator to accommodate different Ethernet speeds. Embodiments of the invention also include adding an active response functionality to the port aggregator in order to allow a monitoring device the capability of communicating back into the network by full-duplex communication. Embodiments of the invention further include implementing power over Ethernet (POE) in order to send power through the internet. Embodiments of the invention yet also including a dropped packet counter for identifying packets dropped during monitoring.
In this document, various implementations may be discussed using routers as an example. This invention, however, is not limited to routers and may include other network devices such as switches and hubs. Instead, the discussions are meant as examples and the invention is not limited by the examples presented.
In an embodiment of the invention, an ECNT port aggregator may provide support for multiple Ethernet speeds as a single unit. To enable this functionality, the ECNT port aggregator may include electrical components, such as PHYs and a MAC, that are capable of supporting multiple speeds. In an example, a PHY may include logic for determining the best speed that an ECNT port aggregator may utilize. The logic may employ an auto-negotiation algorithm for determining the best speed based on the speed of the end-device. The logic may also employ a force mode method for determining the best speed. The force mode method may be based on a user's configuration preference.
In another embodiment of the invention, an ECNT port aggregator may include active response functionality. With active response, control packets, such as a TCP reset, may be sent back into the network to handle network conditions, such as anomalies. Thus, with active response, the monitoring capability may be expanded to enable a user, such as an IT administrator, to respond to adverse network conditions.
In yet another embodiment of the invention, an ECNT port aggregator may also enhanced monitoring capability by employing a dropped packet counter. By implementing a dropped packet counter, statistical information about dropped packets due to memory buffer overflow may be collected and made available for later analysis.
In yet another embodiment of the invention, an ECNT port aggregator may also support POE. With POE, power may be distributed to network end-devices that may require electricity to function without incurring the additional cost associated with providing the power to the end-devices. Also, with POE, the ECNT port aggregator may be able to support incoming signals that may require POE functionality to reach the destination end-device.
The features and advantages of the present invention may be better understood with reference to the figures and discussions that follow.
Those skilled in the arts are aware that network communication may be conducted at different speeds, such as 10 megabits per second (mbps), 100 mbps, and 1000 mbps. To enable the ECNT port aggregator to support multiple speeds, the PHY and the MAC components that may be utilized may be able to support multiple speeds.
To enable a port aggregator to support multiple speeds, a multiple speeds PHY 202 may be employed. Multiple speeds PHY 202 may be a commercially available PHY, such as Marvel PHY 88B1111. In order for PHY 202 to perform link setup 210, an algorithm may be employed. In an example, link setup 210 may be implemented by employing auto negotiation. With auto negation, PHY 202 may be able to determine the best speed for optimal performance. In an example, if PHY 202 is capable of supporting 10 mbps, 100 mbps, and 1000 mbps, then 1000 mbps is the best speed. However, 1000 mbps may not be applicable if the end-devices at both network ports are incapable of supporting this speed. Instead, the speed limitation may be based on the lower speed device. In an example, if one end-device is capable of supporting 1000 mbps and the other end-device is only capable of supporting 100 mbps, PHY 202 may be configured to operate at 100 mbps.
Instead of employing auto negotiation, PHY 202 may employ a force mode to determine the best speed rate. With the force mode, PHY 202 may be forced to operate at a specific speed, regardless of the speed an end-device may be capable of supporting. In an example, PHY 202 may be forced to operate at 100 mbps even though both end-devices may be capable of supporting 1000 mbps.
In an embodiment, a MAC 204, which is connected to PHY 202 via lines 206 and 208, may also be capable of supporting multiple speeds. Similar to PHY 202, different link setup may be employed by MAC 204 to support multiple speeds. In an example, force mode may be employed to force MAC 204 to operate at a specific speed.
As can be appreciated from the foregoing, with PHYs and a MAC that is capable of supporting multiple speeds, the ECNT port aggregator may be configured to support end devices of different speeds. With the multiple speed enhancements, performance may be improved since the speed of operation that an ECNT port aggregator may be able to support may be adjusted to accommodate for the different end-devices.
Consider the situation wherein, for example, a monitor device attached to a monitor port 302 may want to send a set of instructions via a stream of control packets 304 to network ports 306 and 308. As can be appreciated from the foregoing, the type of control packets that may be sent back into the network may depend upon the capability and purpose of the monitor device. In an example, the monitor device at monitor port 302 may send a TCP reset. Stream of control packets 304 may flow from monitor port 302 along a monitor path 310 to a PHY 312. Upon receiving stream of control packets 304, PHY 312 may forward stream of control packets to a programmable component, such as a FPGA 316, via a MAC 314.
In an embodiment, FPGA 316 may include a bridge 318 that may be configured to receive incoming stream of control packets 304 and to multicast stream of control packets 304 back out to the end-devices at network ports 306 and 308. Without bridge 318, the port aggregator may not be able to transmit control packets coming from the monitor device. As can be appreciated from the foregoing, by modifying the port aggregator to include bridge 318, the enhanced communication network tap port aggregator may now provide a path by which a monitor device may interact with the network ports in order to actively respond to network conditions. In an example, a user may be able to send a TCP reset when the user identifies an anomaly in the network traffic.
In an embodiment, FPGA 316 may be configured to multicast the incoming control packets to all network ports. In an example, stream of control packets may be intended for end-device located at network port 306. Regardless of the intended final destination. FPGA 316 may be configured to multicast the stream of data packets to both network ports (306 and 308). Since the ECNT port aggregator provides a non-intrusive method for monitoring a network, the stream of data traffic may not be altered. Thus, FPGA 316 may multicast the incoming control packets out to all network ports and let the end-devices handled the control packet accordingly. In other words, stream of control packets may be sent along a network line 320 through a MAC 314, a PHY 324, and a switch 328 before being received by the end-device at monitor port 306. Similarly, the same stream of control packets may be sent along a network line 322 through MAC 314, a PHY 326, and a switch 330 before arriving at port 308. Since the control packet is intended for the end device at port 306, upon receiving the control packet, the end device at port 306 may process the control packet whereas the end device at port 308 may ignore the control packet.
As can be appreciated from the foregoing, the ECNT port aggregator with active response may enable the user through the monitor port to send control packets back into the network. Thus, the user is able to actively respond to network situations that may adversely impact the network. As a result, the ECNT port aggregator may provide the user with an additional tool for monitoring and managing the network.
To provide power to remote devices, an ECNT port aggregator with POE functionality may be provided. An ECNT port aggregator may include a network port 402 and a network port 404. Consider the situation wherein, for example, an Ethernet line is connected to network port 402. A signal including data packets and power may be transfer from Ethernet line though network port 402 to network port 404. In an example, a first set of connector pins (pins 1-2, pins 3-6, pins 4-5, pins 7-8) from network port 402 may receive the signal from the Ethernet line.
To extract the data packets from the signal received from the Ethernet line, transformers may be employed to perform coupling between the first set of connector pins and a second set of connector pins (pins 1′-2′, pins 3′-6′, pins 4′-5′, pins 7′-8′). In an example, a transformer 406 may perform coupling between pins 1-2 and pins 1′-2′. In the example of
To transfer the power received by network port 402 to network 404, center taps may be employed to create bridges between the transformers. In an example, a center tap 408 may be connected to transformer 406 of pins 1-2 of network port 402 to transfer power to a center tap 410, which is connected to a transformer 412 of pins 1-2 of network port 404 to create a POE bypass route to transfer power between network port 402 and network port 404. To facilitate the transfer of power, an inductor 430 may be utilized to make a connection between the two center taps (408 and 410). Inductor 430 may also be employed to perform low-pass filter in order to remove high-pass signals, thereby enabling only power to be transfer through the POE bypass route.
As can be appreciated from the forgoing, one or more embodiments of the present invention provide for an enhanced communication network tap (ECNT) power aggregator. With embodiments of the present invention, 1) devices of different Ethernet speeds may now be supported by a single unit, 2) power may sent on the same signal as a data packet in order to enable electrical devices to be operational without being actually plugged into an electrical outlet, 3) monitoring capability may be enhanced by accessing statistical data collected by a dropped packet counter, and 4) active response functionality to enable monitoring device the capability of communicating back into the network by full-duplex communication. With these additional features, the ECNT power aggregator increases efficiency while minimizing network costs.
While this invention has been described in terms of several preferred embodiments, there are alterations, permutations, and equivalents, which fall within the scope of this invention. Although various examples are provided herein, it is intended that these examples be illustrative and not limiting with respect to the invention.
Also, the title and summary are provided herein for convenience and should not be used to construe the scope of the claims herein. Further, the abstract is written in a highly abbreviated form and is provided herein for convenience and thus should not be employed to construe or limit the overall invention, which is expressed in the claims. If the term “set” is employed herein, such term is intended to have its commonly understood mathematical meaning to cover zero, one, or more than one member. It should also be noted that there are many alternative ways of implementing the methods and apparatuses of the present invention. It is therefore intended that the following appended claims be interpreted as including all such alterations, permutations, and equivalents as fall within the true spirit and scope of the present invention.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4802161 | Byars et al. | Jan 1989 | A |
| 5173794 | Cheung et al. | Dec 1992 | A |
| 5648965 | Thadani et al. | Jul 1997 | A |
| 5781318 | Tremblay | Jul 1998 | A |
| 5825775 | Chin et al. | Oct 1998 | A |
| 5983308 | Kerstein | Nov 1999 | A |
| 6041037 | Nishio et al. | Mar 2000 | A |
| 6108310 | Wilkinson et al. | Aug 2000 | A |
| 6167025 | Hsing et al. | Dec 2000 | A |
| 6272136 | Lin et al. | Aug 2001 | B1 |
| 6366557 | Hunter | Apr 2002 | B1 |
| 6424627 | Sørhaug | Jul 2002 | B1 |
| 6449247 | Manzardo et al. | Sep 2002 | B1 |
| 6658565 | Gupta et al. | Dec 2003 | B1 |
| 6801940 | Moran et al. | Oct 2004 | B1 |
| 6823383 | MacBride | Nov 2004 | B2 |
| 6841985 | Fetzer | Jan 2005 | B1 |
| 6882654 | Nelson | Apr 2005 | B1 |
| 6898630 | Ueno et al. | May 2005 | B2 |
| 7027437 | Merchant et al. | Apr 2006 | B1 |
| 7171504 | Ishii | Jan 2007 | B2 |
| 7277957 | Rowley et al. | Oct 2007 | B2 |
| 7308705 | Gordy et al. | Dec 2007 | B2 |
| 7321565 | Todd et al. | Jan 2008 | B2 |
| 7324553 | Varier et al. | Jan 2008 | B1 |
| 7415013 | Lo | Aug 2008 | B1 |
| 7477611 | Huff | Jan 2009 | B2 |
| 7486625 | Matityahu et al. | Feb 2009 | B2 |
| 7505416 | Gordy et al. | Mar 2009 | B2 |
| 7573896 | Wang et al. | Aug 2009 | B2 |
| 7616587 | Lo et al. | Nov 2009 | B1 |
| 7760859 | Matityahu et al. | Jul 2010 | B2 |
| 20010040870 | Ohmori et al. | Nov 2001 | A1 |
| 20020003592 | Hett et al. | Jan 2002 | A1 |
| 20020026374 | Moneymaker et al. | Feb 2002 | A1 |
| 20020073199 | Levine et al. | Jun 2002 | A1 |
| 20020087710 | Aiken et al. | Jul 2002 | A1 |
| 20020110148 | Hickman et al. | Aug 2002 | A1 |
| 20020176355 | Mimms et al. | Nov 2002 | A1 |
| 20020180592 | Gromov | Dec 2002 | A1 |
| 20030112760 | Puppa et al. | Jun 2003 | A1 |
| 20030142666 | Bonney et al. | Jul 2003 | A1 |
| 20030147385 | Montalvo et al. | Aug 2003 | A1 |
| 20040023651 | Gollnick et al. | Feb 2004 | A1 |
| 20040109411 | Martin | Jun 2004 | A1 |
| 20040120259 | Jones et al. | Jun 2004 | A1 |
| 20040190547 | Gordy et al. | Sep 2004 | A1 |
| 20040202164 | Hooper et al. | Oct 2004 | A1 |
| 20040215832 | Gordy et al. | Oct 2004 | A1 |
| 20050005031 | Gordy et al. | Jan 2005 | A1 |
| 20050060535 | Bartas | Mar 2005 | A1 |
| 20050129033 | Gordy et al. | Jun 2005 | A1 |
| 20050132051 | Hill et al. | Jun 2005 | A1 |
| 20050213512 | Konuma et al. | Sep 2005 | A1 |
| 20050257262 | Matityahu et al. | Nov 2005 | A1 |
| 20060083268 | Holaday et al. | Apr 2006 | A1 |
| 20060083511 | Edmunds et al. | Apr 2006 | A1 |
| 20060153092 | Matityahu et al. | Jul 2006 | A1 |
| 20060200711 | Schondelmayer et al. | Sep 2006 | A1 |
| 20060233115 | Matityahu et al. | Oct 2006 | A1 |
| 20070002754 | Matityahu et al. | Jan 2007 | A1 |
| 20070002769 | Matityahu et al. | Jan 2007 | A1 |
| 20070064917 | Matityahu et al. | Mar 2007 | A1 |
| 20070081553 | Cicchetti et al. | Apr 2007 | A1 |
| 20070171966 | Light et al. | Jul 2007 | A1 |
| 20080214108 | Beigne et al. | Sep 2008 | A1 |
| 20090040932 | Matityahu et al. | Feb 2009 | A1 |
| 20090041051 | Matityahu et al. | Feb 2009 | A1 |
| 20090168659 | Matityahu et al. | Jul 2009 | A1 |
| 20100146113 | Matityahu et al. | Jun 2010 | A1 |
| Number | Date | Country |
|---|---|---|
| 2001-197066 | Jul 2001 | JP |
| 2006148686 | Jun 2006 | JP |
| 10-2004-0058415 | Jul 2004 | KR |
| Number | Date | Country | |
|---|---|---|---|
| 20090041051 A1 | Feb 2009 | US |
