1. Field of the Invention
The present invention relates in general to the field of information handling systems, and more specifically, to discovery of network devices within communication networks.
2. Description of the Related Art
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes, thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is processed, stored or communicated, an how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservation, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information, and may include one or more computer systems, data storage systems, and networking systems.
The hardware components and software applications that comprise information handling systems continue to improve in their ability to produce, manage and communicate information. One type of information handling system is a network switch, which may comprise a single node, or a group of nodes, within a computer network. For example, a single network switch may connect a group of servers to other devices in a network. As another example, multiple network switches may be interconnected in large, or geographically dispersed, network implementations to provide efficient device connectivity and/or advanced data routing capabilities between network nodes.
Interconnections between these network nodes are typically achieved by one or more physical links coupled to network switching devices comprised of a plurality of ports, each of which is capable of accepting a physical connection. As the number and complexity of computers, nodes, physical links, routers, and switching devices increase, network inventory management, administration, and troubleshooting can become complicated.
For example, new devices may need to be implemented within the network, or existing devices may need to be upgraded, requiring up-to-date information about the devices currently comprising the network, and how they are interconnected, in order to construct a network topology. In the past, constructing a network topology typically required a full or partial sweep of all possible network addresses within a network to locate active nodes. These full or partial network sweeps can add undesirable traffic and congestion to the network. Furthermore, discovery of devices comprising a network by their associated type, class, and/or attributes can present additional challenges. Currently, no efficient method exists for discovering a specific set, or class of, network devices based on their respective attributes, without performing a full network scan.
Those of skill in the art will be knowledgeable of the International Standards Organization's (ISO) Open System Interconnect (OSI) model, comprised of seven layers, for classifying information about computer network operation and management. While the switches, routers, computers and other devices that comprise a network may operate at one or more layers of the OSI model, Layers 2 and 3 are most pertinent to their discovery. Information about what devices comprise the network is generally called Layer 3 information, and information about how the devices are physically connected within the network is called Layer 2 information.
Layer 2 of the OSI model, known as the data link layer, generally involves data frame transfer within a network. Layer 2 switches operate at high speed, and can forward network traffic quickly based on the low-layer, physical network addressing information that is generally assigned to hardware devices during manufacture. However, Layer 2 switches possess little intelligence, and have no knowledge of a data packet's contents, nor its final destination.
Layer 3 of the OSI model, known as the network layer generally involves datagram routing from one network to another. A Layer 3 network device is defined as any resource capable of routing Internet Protocol (IP) network traffic. Layer 3 switches can examine network addresses more fully, to identify network locations as well as the physical destination device, understand the logical, address to which a packet is headed, and incorporate routing functions to calculate optimal routes. Even though Layer 3 processing takes more time than a simple Layer 2 look-up, potential delays can be overcome with hardware-based routing engines, and a high-throughput switching fabric.
A hybrid Layer 2/3 network device is defined as any resource capable of routing and forwarding Internet Protocol (IP) network traffic, and can include bridge, router, and switch hardware, as well as a client or server running forwarding and/or routing software. Layer 2/3 switches combine the speed of Layer 2 switching, with the intelligence of Layer 3 routing in a single platform, offering the advantages of both in one managed entity. Because Layer 2/3 devices do not read very deeply into the packet header, they can operate very efficiently while providing greater throughput.
Skilled practitioners ofthe art will understand that a managed classification system is the systematic grouping of information stored into categories based on defined associations or relationships. One example of a managed classification system would be the manner in which network vendors assign Media Access Controller (MAC) addresses to different types of network equipment (e.g., bridges, network interface cards (NICs), routers, switches, etc.). An example of information stored within a forwarding or routing device that could be applied towards a managed classification system is an Address Resolution Protocol (ARP) table, which is found in a Layer 3 or hybrid Layer 2/3 device, and contains IP address to MAC address associations. A MAC address is a numerical identifier, implemented on broadcast networks such as Ethernet, that uniquely identifies each network device and allows frames to be marked for routing to specific devices. As such, it forms much of the basis for Layer 2 networking, which higher OSI layer protocols build upon to produce complex, functioning networks.
For example, Layer 2 switches have several key functions, including MAC address learning, data frame forwarding, and making predetermined filtering decisions. When a Layer 2 switch is powered on, the MAC address table is initially empty. Whenever a frame is received, the switch caches the source address in the MAC address table, which is used thereafter to both forward and filter received frames. Likewise, Layer 2 switches can determine whether or not frames are transmitted via a specified port, resulting in the MAC address table also being referenced as a MAC filtering table.
Prior approaches for determining the actual physical topology of a network have used this MAC address capability to gather configuration information of a Layer 2 switch's neighboring network devices. However, as in full network scans, unnecessary or non-relevant devices are not filtered out to reduce the number of scanned devices. Other approaches combine MAC address information along with other information to aide the discovery of routers and switches. For example, BPDU, RARP, and other network protocol packets can be “sniffed” for additional device information and location. Similarly, information can be retrieved from bridge or router tables to construct a learned MAC address table.
However, none of these approaches have the ability to filter out unwanted or non-relevant devices based on the information gathered from their corresponding MAC addresses. What is needed, is an efficient method for discovering a specific set, or class of, network devices, based on predetermined attributes, without performing a full network scan.
The present invention provides a system and method for discovering a specific set or class of network devices coupled to a network, based on predetermined criteria or attributes (e.g., manufacturer, set of devices, class of device, etc.) without performing a full network scan. Skilled practitioners of the art are aware that typical network scan approaches require a full or partial sweep of all possible IP addresses within a network to locate active nodes. These full or partial network sweeps can add undesirable traffic and congestion to the network.
The present invention uses the information stored within a Layer 3 network routing device, or a hybrid Layer 2/3 network forwarding and routing device, along with a managed classification system to optimize node-to-node network discovery. The device class network discovery method of the present invention can be implemented in any network application (e.g., network system management application). For example, in the present invention, a network system management application can obtain a “default gateway” (e.g., a Layer 3 or hybrid Layer 2/3 device).
The network system management application can then communicate with the Layer 3 or hybrid Layer 2/3 device and download a copy of the device's ARP and ipRouteTable via Simple Network Management Protocol (SNMP), Command Line Interface (CLI), or other network management protocol. The network system management application can then use the information from the downloaded ipRoute Table to discover all connected Layer 3 and hybrid Layer 2/3 devices, and thereafter can iteratively repeat the process until ARP and ipRouteTable tables have been downloaded for a plurality of Layer 3 and hybrid Layer 2/3 devices within the network.
The application can then apply a managed classification system to the downloaded ARP tables to obtain a subset of device(s) that meet the classification system criteria (e.g., all clients, peripheries, printers, routers, servers, switches, etc. manufactured by a set of predetermined suppliers). In one embodiment, the subset of devices can be obtained by filtering on the MAC address found in the ARP table to identify specific user-definable set of manufacturer devices or class of devices. In other embodiments, the filter can be used to compare the MAC with a list of user-defined MACs in an inventory database. The application can then directly contact the sub-set of devices meeting predetermined criteria established through the use of the managed classification system, and perform a deep or full discovery of those devices for system configuration, management, and/or monitoring purposes.
Use of this optimized discovery process reduces network traffic, and saves considerable time in discovering devices in a large network, by only communicating with the forwarding or routing devices, and the desired nodes. Furthermore, use of the invention allows enterprise applications to discover a predetermined set, or class of, devices comprising a network faster than current methods, while generating a fraction of the network traffic produced by current approaches. Those of skill in the art will understand that many such embodiments and variations of the invention are possible, including but not limited to those described hereinabove, which are by no means all inclusive.
The present invention may be better understood, and its numerous objects, features and advantages made apparent to those skilled in the art by referencing the accompanying drawings. The use of the same reference number throughout the several figures designates a like or similar element.
The present invention provides a system and method for discovering a specific set, or class of, network devices (e.g., bridges, network interface cards, routers, switches, etc.) based on predetermined criteria or attributes without performing a full network scan. In one embodiment, the subset of devices can be obtained by filtering on the MAC address found in the ARP table to identify specific user-definable set of manufacturer devices or class of devices. In other embodiments, the filter can be used to compare the MAC with a list of user-defined MACs in an inventory database.
For purposes of this disclosure, an information handling system may include any instrumentality or aggregate of instrumentalities operable to compute, classify, process, transmit, receive, retrieve, originate, store, display, manifest, detect, record, reproduce, handle, or utilize any form of information, intelligence or data for business, scientific, control or other purposes. For example an information handling system may be a personal computer, a network storage device, or any other suitable device and may vary in size, shape performance, functionality, and price. The information handling system may include random access memory (RAM), one or more processing resources such as a central processing unit (CPU) or hardware or software control logic, read only memory (ROM), and/or other types of nonvolatile memory. Additional components of the information handling system may include one or more disk drives, one or more network ports for communicating with external devices as well as various input and output (I/O) devices, such as a keyboard, a mouse, and a video display. The information handling system may also include one or more buses operable to transmit communications between the various hardware components. Information handling systems may also comprise one or more nodes in a network and include, without limitation, individual devices such as network switches and server computers, as well as collections of other components and devices that cooperate to handle data.
In this same embodiment, the network system management application 402, communicating through a host network port 406, and a physical connection 416, can establish a default gateway, with a Layer 3 or hybrid Layer2/3 device (e.g., router) 418. Once the default gateway 418 is established, the network system management application 402 can then communicate with the gateway 418 and download a copy of the device's ARP and/or ipRouteTable tables 450 via Simple Network Management Protocol (SNMP), Command Line Interface (CLI), or some other management network protocol.
The network system management application 402 can then use the information from the downloaded ipRouteTable to to discover all connected Layer 3 and hybrid Layer 2/3 devices 420, 422, 424, and then iteratively repeat the process until ARP and ipRouteTable tables 450 have been downloaded for all Layer 3 and hybrid Layer 2/3 devices within the sub-network 408. Once downloaded, the network system management application 402 can store each discovered device's ARP and/or ipRouteTable tables 456 in a network system management application database 404 for later use.
The network system management application 402 can repeat the process for sub-network ‘B’ 610 to discover all connected Layer 3 and hybrid Layer 2/3 devices 628, 630 and then iteratively download their associated ARP and ipRouteTable tables 450. Similarly, the network system management application 402 can then repeat the process for sub-network ‘C’ 612 to discover all connected Layer 3 and hybrid Layer 2/3 devices 638, 640 and then iteratively download their associated ARP and ipRouteTable tables 450. Once downloaded, the network system management application 402 can store each discovered device's ARP and/or ipRouteTable tables 456 in a network system management application database 404.
The network system management application 402 can then directly contact 664, 666 the sub-set of devices 628, 640 meeting the predetermined criteria 458 established through the use of the managed classification system, and perform a deep or full discovery of those devices, retrieving their respective and associated information 656, 658 for system configuration, management, and/or monitoring purposes.
Similarly, the network system management application 402 can then repeat the process for sub-network ‘C’ 612 to discover all network devices 742, 744, 746, 748 connected to Layer 3 and/or hybrid Layer 2/3 device 640 and then iteratively download their associated ARP and ipRouteTable tables 450. Once downloaded, the network system management application 402 can store the ARP and/or ipRouteTable tables 456 in a network system management application database 404 for later use.
The network system management application 402 can apply a managed classification system (e.g., filtering on the MAC address) found in the ARP and/or ipRouteTable tables 456 stored on the network system management application database 404, to identify a predetermined set or class of devices 458 that meet the classification system criteria (e.g., all clients, peripheries, printers, routers, servers, switches, etc. manufactured by a set of predetermined suppliers). The network system management application 402 can then directly contact 872, 874 the specific devices 736, 748 meeting the predetermined criteria 458 established through the use of the managed classification system, and perform a deep or full discovery of those devices, retrieving their respective and associated information 860, 862 for system configuration, management, and/or monitoring purposes.
As discussed herein, the present invention provides a system and method for quickly identifying and discovering a specific class or type of device(s) within a network, using only the information found in a Layer 3 and hybrid Layer 2/3 device. Furthermore, use of the invention could allow enterprise applications to discover a predetermined set, or class of, devices within a network faster than current methods, and generating a fraction of the network traffic produced by current approaches.
Currently, the only network device classification information utilized is MAC address information stored in a Layer 3 and hybrid Layer 2/3 device, which encodes manufacturing, and possibly device class, and/or family information. In the future, other classification information may be identified that can be used by the method of the device class network algorithm, in which case, the invention can be equally applicable.
Although the embodiments disclosed have been described in detail, skilled practitioners in the art will recognize that many other embodiments and variations of the present invention are possible. In addition, each of the referenced components in this embodiment of the invention may be comprised of a plurality of components, each interacting with the other in a distributed environment. Furthermore, a variety of changes, substitutions and/or alterations can be made to expand on the referenced embodiments of the invention, thereby extending the scale and reach of the system's implementation.