Multiplex communications – Diagnostic testing – Path check
Reexamination Certificate
2000-06-29
2004-08-03
Nguyen, Brian (Department: 2661)
Multiplex communications
Diagnostic testing
Path check
C370S395310, C709S224000, C713S152000
Reexamination Certificate
active
06771606
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a network switching system on-line data unit monitoring control, which learns, captures, collects, monitors, or forwards data units from a node in the network assigned by the user subject to the parameter values in the columns in a forwarding configuration table set by the user.
2. Description of the Prior Art
In an Ethernet, as shown in
FIG. 1
, at least one switch
30
is used to connect different Ethernet Segments
11
,
12
,
13
, and
14
. The network switch
30
can be a network apparatus having a plurality of ports. In a network switching system, network apparatus or stacks of network apparatus communicate with one another by means of same BPDUs (Bridge Protocol Data Units) The network switch
30
leans source address and destination address of all incoming data units through a controller or software installed therein, establishes or updates a Forwarding Table in its controller or software, and forwards incoming data units to the corresponding destination subject to the Forwarding Table, i.e., when the ports
1
,
2
,
3
and
4
respectively received data units from nodes A, B, C and D at Segments
11
,
12
,
13
and
14
, the switch
30
collect the destination addresses and source addresses of the data units with the Forwarding Table
31
, see
FIG. 2
, and proceeds with the following steps:
(1) If the data unit's source address does not exist in the Forwarding Table
31
, the switch
30
records the source address and the corresponding port in the Forwarding Table
31
to complete dynamic registration of the source address of the data unit;
(2) If the data unit's source address already exists in the Forwarding Table
31
, the switch
30
immediately updates the column of port in the Forwarding Table
31
to complete dynamic updating of the port of the data unit;
(3) If the destination address of the data unit belongs to one node of same segment, the switch
30
discards the data unit to complete filtering of the data unit;
(4) If the destination address of the data unit already exists in the Forwarding Table
31
, the switch immediately forwards the data unit to the port of the destination address to complete forwarding of the data unit;
(5) If the destination address of the data unit does not exist in the Forwarding Table
31
, the switch
30
flood the destination address to every port in use, and the switch
30
records the destination address in the Forwarding Table
31
to complete dynamic registration of the source address of the data unit if the node of the destination address responds to the data unit.
By means of the aforesaid learning procedure, the switch keeps the Forwarding Table
31
in completion and accuracy, and provides the necessary data to the nodes in the network for communication subject to the information in the Forwarding Table
31
. Therefore, when a data unit enters the switch
30
after all nodes have been learned, the switch directly forwards the data unit to the node of the destination address subject to the data recorded in the Forwarding Table. However, because current network switches are made having more and more number of ports, the corresponding Forwarding Table becomes more and more big, and the MIS (Management Information System) people must pay extra effort to establish the corresponding controllable Forwarding Table. When establishing the corresponding controllable Forwarding Table, errors may occur. Further, the learning function causes the MIS people unable to lock the corresponding Forwarding Table easily, and unauthorized node's source address may occupy the memory space of the Forwarding Table. Further, because conventional network switches have the function of auto aging out timer, they cannot effectively handle the information source upon the trial of a hacker, thereby causing a network security management problem.
Because the aforesaid data unit learning and forwarding techniques only allow network switches to collect and manage data units at one port, to let their network switch controller provide a counter, or to monitor traffic utilization and size by means of external Shiffer or mirror, conventional network switches cannot effectively monitor data units from different network segments or a particular node in a particular network segment, keeping the general direction of a particular node under control.
Because external apparatus, such as Hub, Shiffer, PC, and etc., are used to collect and analyze on-line data units during development of network switch products, the procedure of developing network switch products is complicated, and the problem cannot be effectively analyzed and handled immediately upon its occurrence during the experimentation stage of the developed network switch products.
SUMMARY OF THE INVENTION
The present invention has been accomplished under the circumstances in view. It is one object of the present invention to provide a network switching system on-line data unit monitoring control, which enables the network switching system, in addition to data unit learning and forwarding functions, to monitor data units from different network segments directly, keeping the general direction of particular nodes under control. It is another object of the present invention to provide a network switching system online data unit monitoring control, which locks a particular node in the network to capture, collect or analyze data units when an abnormality (for example, spanning tree continuously making topology chain or control frame forwarding/receiving abnormality) or unauthorized access (for example, the intrusion of a hacker, or a simple intrusion) occurs in the network, so as to effectively ensure the security of the network. According to the present invention, the network switch is controlled by the settings from the user to establish a forwarding configuration table subject to the forwarding table built therein, and to forward passing-by data units to a CPU in the network switch, enabling the CPU to capture, collect, monitor and forward data units from particular nodes in time subject to the parameter values set in the forwarding configuration table.
REFERENCES:
patent: 5872783 (1999-02-01), Chin
patent: 6141738 (2000-10-01), Munter et al.
patent: 6570877 (2003-05-01), Kloth et al.
patent: 6600724 (2003-07-01), Cheng
patent: 6628623 (2003-09-01), Noy
Bacon & Thomas PLLC
D-Link Corp.
Nguyen Brian
LandOfFree
Networking switching system on-line data unit monitoring... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Networking switching system on-line data unit monitoring..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Networking switching system on-line data unit monitoring... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3350058