The present invention generally relates to data processing. The invention relates more specifically to methods and apparatus providing automatic discovery of switch devices in a computer network.
Computer networks are widely used in business, education and government to interconnect end stations, such as workstations and personal computers, and to share resources, such as storage devices and servers. Networks may carry data, voice, video, or hybrid messages and information (xe2x80x9ctrafficxe2x80x9d). A network may be organized as a local area network (LAN), a wide area network (WAN), an internetwork that connects one or more LANs or WANs, a campus network, enterprise network, etc. Intermediate network devices such as routers, bridges, switches and gateways are used to route traffic between end stations, between networks, and from one network device to another. Basic information about networks and internetworking is provided in D. Comer, xe2x80x9cComputer Networks and Internetsxe2x80x9d (2d ed. 1999) and xe2x80x9cInternetworking Technologies Handbookxe2x80x9d (Cisco Systems, Inc., 1999).
Large networks may include thousands of end stations and network devices. In these networks, management of the network devices, their logical interconnections, and their internal configurations becomes a problem. As one response, the network management station (NMS) has been developed. Typically a network management station is a workstation or personal computer that runs a software program known as a network management system. The network management system generally enables an administrator to view a current configuration of a network, re-configure devices or their attributes, monitor network performance, etc.
Network management systems often are used with network devices that communicate using Simple Network Management Protocol (SNMP) and that store configuration information in one or more Management Information Base (MIB) variable values in the network device. The SNMP MIB information stored in a network device enables a NMS to determine the nature of the device more easily. However, not all network devices or switch devices, support SNMP.
For proper operation and to report accurate data, an NMS normally determines the logical and physical configuration of a managed network periodically, e.g., when the NMS initializes or starts operation. One aspect of determining the configuration of a network involves determining what devices are in the network, a process known as xe2x80x9cdevice discovery.xe2x80x9d Some network management stations can carry out automatic discovery of certain network devices, such as routers and workstations, and thereby provide the ability to manage the discovered devices remotely from the network management system console. An example of a NMS with this capability is a workstation that runs Cisco Resource Manager Essentials, commercially available from Cisco Systems, Inc., San Jose, Calif.
Several approaches may be used to carry out automatic discovery of various network devices. For example, routing table lookup can be used to discover routers, sequential ICMP Echo or Address Resolution Protocol (ARP) table lookup may be used to discover IP hosts, and Service Advertisement Protocol (SAP) table lookup can be used to discover IPX nodes. ARP is described in Request For Comments (RFC) 826, xe2x80x9cAddress Resolution Protocol.xe2x80x9d
However, there is no standard approach to discover network switch devices (xe2x80x9cswitchesxe2x80x9d or xe2x80x9cbridgesxe2x80x9d). Generally, switches are computer-based systems that connect and permit communication between two or more different network media, e.g., Ethernet, Token Ring, FDDI, etc. An example of a switch is the Catalyst 5000, commercially available from Cisco Systems, Inc. Some NMS products, such as Novell Managewise, cannot discover switches. Other network management systems require the network administrator to provide, manually, seed information pertaining to the switches, e.g., an IP address of the switch. An example of an NMS that requires such seed information is Optivity, from Nortel Networks.
Other systems carry out automatic discovery by sending ICMP Echo requests to all the IP addresses in the IP subnet range, or selectively to some active nodes by looking at the ARP cache on the hosts or on the routers. This approach is roughly equivalent to xe2x80x9cpingingxe2x80x9d all possible IP addresses in the IP subnet range. If a device responds, and it supports SNMP, then the NMS may also issue a query to the device for the value of any SNMP MIB variables that are specific to switches, such as the xe2x80x9csysTypexe2x80x9d MIB variable that is defined in MIB-II. For example, the NMS may issue such a query to all the hosts that have responded to the ICMP Echo requests, to determine if any such responding host is a switch.
Unfortunately, such approaches essentially involve blind or brute force searching, and introduce significant ICMP message traffic and SNMP message traffic into the network. For example, there may be hundreds of messages required to identify one switch, e.g., if the subnet range is 255 IP addresses, then 255 packets may be required. Another disadvantage is that the discovery time is too long, on the order of several hours in a complex network. Further, if a switch does not support SNMP, it is not discovered using these approaches because it cannot respond to SNMP requests. And even if a device does support SNMP, different device vendors implement different MIBs, so there is no assurance that a switch can be identified.
Many computer-based network routing devices (xe2x80x9croutersxe2x80x9d) support a form of remote network monitoring that is implemented in a Remote Network Monitoring (RMON) agent in the router. The RMON agent is a software element that is executed by or in the router normally used for traffic analysis or packet capturing. The RMON agent can monitor network traffic on network segments that directly connect interfaces of the routers. The RMON agent can examine all packets that travel across a physical segment that is being monitored. Based on the contents of the packets, the RMON agent can create network traffic statistic values and store them in the form of SNMP RMON MIB values that are used by NMS stations for network traffic analysis. Presently RMON has no applicability to device discovery.
The Spanning Tree Algorithm, as specified in IEEE Specification 802.1D, is implemented in almost all network switches. The Spanning Tree Algorithm defines a protocol that is used for communications between switches for the purpose of eliminating packet looping in a switched network.
FIG. 1 is a simplified block diagram of a network that illustrates use of Spanning Tree. In FIG. 1, four (4) switches 100A, 100B, 100C, 100D are interconnected by internetwork links 102AB, 102AC, 102BD, 102CD. Switch 100D is further coupled to router 104, which routes data traffic to a local area network (LAN) 106. Each switch 100A, 100B, 100C, 100D is associated with a separate local area network 105A, 105B, 105C, 105D to which the switch directs or bridges traffic from LAN 106.
In this configuration, a logical loop exists among switches 100A, 100B, 100C, 100D, and such a loop can cause a network to crash as packets travel endlessly around the loop. The Spanning Tree algorithm will prevent such crashes by logically severing one of the links 102AB, 102AC, 102BD, 102CD and thereby breaking the loop. Using Spanning Tree, the switches are logically organized in a multiway tree, in which one switch is a root node of the tree, and all other switches are leaf nodes of the tree. In this logical arrangement, loops are eliminated.
Switches operating under Spanning Tree will transmit Bridge Protocol Data Units (xe2x80x9cBPDUsxe2x80x9d) to communicate with other switches. The BPDUs are transmitted periodically, e.g., every thirty (30) seconds. The BPDUs allow each switch to calculate a spanning tree by communicating information about what switches are in the network.
When a switch initializes, it assumes that itself is the root node of a spanning tree, and periodically transmits BPDUs on each of its ports with its unique switch identifier value as a root identifier value and as a transmitting bridge identifier value. Each BPDU includes these data values in a Transmitting Bridge ID field or value and in a Root ID field or value. If a switch receives a BPDU message that contains a Root ID value for a different switch, from a LAN than the LAN that the switch is on, that switch will not send any more BPDUs on that LAN.
When the spanning tree stabilizes, one of the switches is selected as a root and only one switch on each LAN transmits the BPDU on that LAN periodically. For example, referring again to FIG. 1, a spanning tree may comprise switch 100A as root, switch 100B and switch 100C as first level child nodes, and switch 100D as a second level child node.
Based on the foregoing, there is a clear need in this field for an approach for automatically discovering switch devices in a network.
There is a particular need for an approach for automatically discovering switch devices that do not support SNMP.
It would be useful to have an approach for automatically discovering switch devices that takes advantage of a protocol, such as Spanning Tree, that is commonly supported by switches.
The foregoing needs and objects, and other needs and objects that will become apparent from the following description, are achieved by the present invention, which comprises, in one aspect, a method and apparatus that provide automatic discovery of switch devices in a switched network.
In one aspect, the invention provides a method of automatically discovering switch devices in a network for use by a network management system. One or more data packets are received at a remote monitor agent that is logically coupled to the network, each packet containing a multicast destination address. A transmitting device identifier value and a root device identifier value are determined from information in the packets. One or more switch device addresses, corresponding to the transmitting device identifier value and a root device identifier value, are determined. Information identifying the switch devices is then stored in a storage area that is accessible to the remote monitor agent and the network management system.
In one specific embodiment, the remote monitor agent of a router is modified to detect packets received at the router that contain multicast destination addresses, e.g., packets that contain Bridge Protocol Data Units (BPDUs). Each packet is examined to determine a transmitting device identifier and a root device identifier value from the packet. The transmitting device identifier value and root device identifier value are associated with one or more switches in a managed network. The remote monitor agent determines the IP addresses that correspond to the transmitting device identifier value and root device identifier value, e.g., using reverse lookup approach. The IP address values, or other identifying information about the discovered switches, are stored in a MIB table. A network management station may retrieve the switch information from the MIB table and thereby discover switch devices in the network for use in a network management topology display or other applications.
Aspects of the invention include a router configured to carry out the foregoing steps; a remote monitor (RMON) agent configured to carry out the foregoing steps, alone or in cooperation with a switch discovery service; a computer-readable medium configured to carry out the foregoing steps; and other aspects as set forth in the following description.