As businesses have realized the economic advantages of sharing expensive computer resources, cabling systems (both physical and wireless) have proliferated to enable the sharing of such resources over a network. A local area network, or "LAN, refers to an interconnected data network that is usually confined to a moderately-sized geographical area, such as a single office building or a campus area. Larger networks are often referred to as wide area networks or "WANs."
Networks may be formed using a variety of different interconnection elements, such as unshielded twisted pair cables, shielded twisted pair cables, coaxial cable, fiber optic cable, and wireless interconnection elements. The configuration of these cabling elements, and the interfaces for the communications medium, may follow one or more topologies such as a star, ring, bus or mesh.
FIG. 1 illustrates one example of a communications network. Facility A has four user devices 6 connected by links to network devices 1, 2 and 9. Facility A, for example, may be a building on a campus or a separate floor within a building. Facilty B, at a separate geographic location, has one user device 6 and an analyzer 5, each connected by links 7 to network devices 3, 4. User devices (or end stations) 6 may be a personal computer, printer, CAD/CAM workstation, or any other device to be connected to other devices by the network. Intermediary devices 1-4 and 9 are used to direct communications in the network. These devices may correspond to switches, routers, bridges or any other device that selectively directs communications in a network.
Facilities A and B are interconnected through an inter-facility link 8. Each of links 7 and 8 may be interconnection 97 element as previously described. The devices in each facility may be connected in any topology. Through the intrafacility (links 7) and interfacility (link 8) connections, any user can share resources available to any other user in the network.
Port mirroring is defined as the "copying" of all data received or transmitted on a given port to another port on the same device, for the purposes of monitoring or diagnosing a network. For example, suppose in the network of FIG. 1 a network administrator wishes to monitor activity to a port on device 1 in Facility A. The administrator has a network administration center in Facility B, and has resources such as analyzers located at this facility. Present implementations of port mirroring would require the administrator to transport the analyzer to Facility A, and physically attach the analyzer directly to device 1. He would then have to monitor the analyzer in this remote location.
Thus, as presently implemented, port mirroring presents the following limitations:
Requires that a dedicated "mirror port" be present on the same physical device as the port on which the surveillance is to be conducted; often, this will result in a reconfiguration of the network. PA1 Requires that the monitoring equipment be co-located with the device that is being monitored; this often involves physical re-allocation of equipment. PA1 Requires that network personnel be dispatched to the physical location of the device to perform monitoring activities. PA1 selecting a first port of a first device from which to mirror packets; PA1 selecting a first port of a second device to which to mirror the packets; and PA1 mirroring the packets from the first port of the first device to the first port of the second device by encapsulating the packets and sending the encapsulated packets through the network to the second device. PA1 a mirror-from-port at which packets are transmitted or received; PA1 a mirror-to-port; and PA1 means for mirroring the packets to a remote device in the network by encapsulating the packets to enable transmission to the remote device and sending the encapsulated packets out the mirror-to-port.
In large campus-wide or corporate-wide networks, these activities are highly intrusive to the network administrator. It would thus be desirable to have a more convenient means of monitoring traffic on a device connected to a network.