1. Field
This disclosure relates to receiving, processing and replaying traffic for testing a network or network device.
2. Description of the Related Art
Datacenter devices generate and test heavy traffic loads that are typical of realistic networks. At times when devices are being tested, it is desirable to replay (or re-perform) a set of data traffic that was used to test a network. However, there exists a difficulty in communications networks in replaying various types of traffic. Specifically, there exists a difficulty in replaying TCP captures having multiple HTTP requests and responses in a TCP session. Each HTTP requests/responses in a TCP session from client to device under test may be sent to multiple TCP sessions from device under test to server. Challenge is that replay module is stateless and does not have knowledge of any protocol.
In some test environments, administrators want to replay portions of streams having multiple requests/responses that were transmitted through the network. Usually multiple servers need to serve each of these requests in order to determine the source of a particular error or other problem in the device under test in between the clients and the servers. Some test environments may be configured with a secure connection between a client and a device under test, while having multiple persistent connections between a device under test and the servers. In such configurations, when a client is transmitting data, such as HTTP requests, a server may receive each of these requests in any of its opened persistent TCP connections in any order. In such environments, servers have difficulty identifying correct response to be chosen out of multiple responses against an incoming request.
In many types of communications networks, each message to be sent may be divided into portions of fixed or variable length. Each portion may be referred to as a packet, a frame, a cell, a datagram, a data unit, or other unit of information, all of which are referred to herein as packets.
Each packet may contain all or a portion of an original message, commonly called the payload of the packet. The payload of a packet may contain data, or may contain voice or video information. The payload of a packet may also contain network management and control information. In addition, each packet contains identification and routing information, commonly called a packet header. The packets are sent individually over the network through multiple switches or nodes. The packets are reassembled into the message at a final destination using the information contained in the packet headers, before the message is delivered to a target device or end user. At the receiving end, the reassembled message is passed to the end user in a format compatible with the user's equipment.
Communications networks that transmit messages as packets are called packet switched networks. Packet switched networks commonly contain a mesh of transmission paths which intersect at hubs or nodes. At least some of the nodes may include a switching device or router that receives packets arriving at the node and retransmits the packets along appropriate outgoing paths. Packet switched networks are governed by a layered structure of industry-standard protocols. Layers 1, 2, 3, and layer 4 of the structure are the physical layer, the data link layer, the network layer, and the transport layer, respectively.
Layer 1 protocols define the physical (electrical, optical, or wireless) interface between nodes of the network. Layer 1 protocols include various Ethernet physical configurations, the Synchronous Optical Network (SONET) and other optical connection protocols, and various wireless protocols such as Wi-Fi.
Layer 2 protocols govern how data is logically transferred between nodes of the network. Layer 2 protocols include the Ethernet, Asynchronous Transfer Mode (ATM), Frame Relay, and Point to Point Protocol (PPP).
Layer 3 protocols govern how packets are routed from a source to a destination along paths connecting multiple nodes of the network. The dominant layer 3 protocols are the well-known Internet Protocol version 4 (IPv4) and version 6 (IPv6). A packet switched network may need to route IP packets using a mixture of the Ethernet, ATM, FR, and/or PPP layer 2 protocols. At least some of the nodes of the network may include a router that extracts a destination address from a network layer header contained within each packet. The router then used the destination address to determine the route or path along which the packet should be retransmitted. A typical packet may pass through a plurality of routers, each of which repeats the actions of extracting the destination address and determining the route or path along which the packet should be retransmitted.
Layer 4 protocols govern end-to-end message delivery in a network. In particular, the Transmission Control Protocol (TCP) provides for reliable delivery of packets streams using a system of sequential acknowledgement and retransmission when necessary. TCP is a connection-oriented protocol in which two devices exchange messages to open a virtual connection via the network. Once a connection is opened, bidirectional communications may occur between the connected devices. The connection may exist until closed by one of the devices. Opening and closing a connection both require several steps at which specific messages are exchanged between the two devices. A connection may also be closed when an anticipated response is not received by one device for a predetermined period of time, commonly called a “time-out”. A TCP connection is considered to be “stateful” since each device must maintain information describing the state of the connection (being opened, established, being closed), what data has been sent, and what sent data has been acknowledged.
A TCP connection is defined by a pair of IP Addresses (fields in the IP header of each packet of the TCP connection) and a pair of TCP Ports (fields in the TCP header of each TCP packet). TCP Ports define what higher level protocol or process is using the services of the TCP connection. TCP Ports should not be confused with hardware ports (connections between hardware devices and a network). The header of each TCP packet contains a sequence number identifying the first data byte in the TCP packet, and an acknowledgement number identifying the next data byte expected to be received. The sequence and acknowledgement numbers are, in simplified terms, a count of the number of data bytes sent and received, respectively, over the TCP connection. Two devices communicating via a TCP connection maintain data indicating the highest sequence number transmitted and the highest acknowledgement number received. This information can be used to retransmit packets that are not acknowledged in a timely manner.
Layer 7, or application layer, protocols include the Hyper-Text Transfer Protocol (HTTP) used to convey HTML documents such as Web pages, and the Simple Mail Transfer Protocol (SMTP) and Post Office Protocol (POP3) used to convey electronic mail messages. Other layer 7 protocols include Simple Message System (SMS), File Transfer Protocol (FTP), Real Time Protocol (RTP), Real-time Transport Control Protocol (RTCP), Real Time Streaming Protocol (RTSP), Media Gateway Control Protocol (MEGACO), Session Initiation Protocol (SIP), and other protocols used to transfer data, voice, video, and network control information over a network.
In this patent, the term “device under test” (DUT) encompasses one or more network devices within a packet switched communications network. In order to test a DUT, test traffic comprising a large number of packets may be generated and transmitted to and/or through the DUT at one or more ports. Return test traffic transmitted through and/or from the DUT may be received at different ports. In this context, the term “port” refers to a logical entity coupled to the DUT by a communications path. The term “port unit” refers to a module within the network test equipment that connects to the DUT at a port. Thus a “port” encompasses a physical “port unit” and the data and parameters that define and constraint the operation of the port unit during a test session. Each port connected to the DUT may be both a source of test traffic and a destination for test traffic. Each port may emulate a plurality of logical source or destination addresses. Each port may emulate a plurality of network users, clients, peers, servers, or other network devices.
The test traffic may depend on the type of network or device to be tested and the type of test to be performed. For example, when a DUT is a switch or router operating at layer 2 or layer 3 of the network structure, the test traffic may include a large plurality of IP packets apparently originating from a plurality of source IP addresses and destined for a plurality of destination IP addresses. In this case, the actual content of the IP packets may be unimportant.
When the DUT operates at a higher layer of the network structure (for example, when the DUT is or includes a server, a server load balancer, a firewall, a network security device that performs packet inspection, or similar network devices), the test traffic may include or be a large plurality of TCP connections of a larger number of application layer transactions (e.g. HTTP GET transactions).
A series of packets originating from a single port unit and having a specific type of packet and a specific rate will be referred to herein as a “stream.” A source port unit may support multiple outgoing streams simultaneously and concurrently, for example to accommodate multiple packet types, rates, or destinations. “Simultaneously” means “at exactly the same time.” “Concurrently” means “within the same time.”
In order to diagnose problems in a network under test or in a test system, packets may be captured or stored for later analysis. For example, TCP packets may be stored to allow diagnosis of problems such as excessive retransmissions or unexpected connection terminations. Traditionally, entire received packets were stored in memory. This approach, however, requires a substantial amount of memory. Further, a time consuming search operation must be performed to retrieve packets associated with a specific TCP connection. Even if the number of packets to be stored is reduced by hardware or software filters, the amount of memory required to store more than a few seconds of received test traffic may be prohibitive. Additionally, memory bus throughput and memory latency limit the rate at which packets can be captured, thus reducing the performance of the test system.
Throughout this description, elements appearing in figures are assigned three-digit reference designators, where the most significant digit is the figure number where the element is introduced and the two least significant digits are specific to the element. An element that is not described in conjunction with a figure may be presumed to have the same characteristics and function as a previously-described element having the same reference designator.