1. Field of the Invention
The present invention pertains to data service systems. More particularly, this invention relates to a system and method for providing integrated management of the availability and performance of a data service system having interdependent functional modules.
2. Description of the Related Art
FIG. 1 shows a prior art Internet or Intranet access system 10. As can be seen from FIG. 1, the access system 10 typically includes an Internet/Intranet service system (ISS) 20 and an interconnect network 14 that connects the ISS 20 to subscriber sites (FIG. 1 only shows one such site 11). Subscribers connect directly to the ISS 20 from their terminals (e.g., personal computers, Macintoshes, Web terminals, etc.). A modem 13 may be used to connect the user terminal 12 to the ISS 20.
The ISS 20 typically includes web content servers 24 that store data for access from the subscriber sites. The content servers 24 typically support servers for Internet applications, such as electronic mail, bulletin boards, news groups, and World Wide Web access. In addition, the ISS 20 may have web proxy servers 25 that allow a network administrator to restrict access to the global Internet 15 or other ISSs 16. Another use of the proxy servers 25 is to cache frequently accessed data from the Internet. The ISS 20 may also include address assignment servers 22 and a network address translator 27. The address assignment servers 22 assigns an address to a user terminal when it is first connected to the ISS 20. The assigned address uniquely identifies the terminal in the ISS 20. The network address translator 27 is used when the ISS 20 uses different addresses for communication within the system 20 and for communication outside the system 20.
Subscribers in the ISS 20 usually refer to servers in the ISS 20, in the global Internet 15, and other ISSs 16, by their host names. However, routing of packets to and from the servers is based on network addresses assigned to the servers rather than the host names. In the ISS 20, Domain name servers (DNS) 23 are used to translate subscriber references to host names into network addresses of the servers. The DNS 23 may themselves rely on other DNS servers in the global Internet 15 and other ISSs 16 to determine the host name to network address mappings.
Other components or modules that are typical of the ISS are a firewall 26 that controls access to and from the system 20, and a router or routers 21 for routing transmissions to and from subscribers, and to and from the global Internet 15 and other ISSs 16.
Data transfer between the ISS 20 and the subscriber site 11 is provided by the interconnect network 14. The network 14 can use a number of technologies supporting a wide range of bandwidths.
In the ISS 20, the Internet Protocol (IP) is typically used for data communication to and from the various access servers 22-27, as well as with the global Internet 15 and other ISSs 16. The Transmission Control Protocol (TCP) that operates above the IP layer and ensures reliable delivery of information to and from the access servers is used for reliable access to the web and proxy servers in the ISS 20, the global Internet 15, and other ISSs 16. The application protocols used above the TCP layer are specific to the applications being accessed by subscribers. For example, the File Transfer Protocol (FTP) is used for file transfers and the Hyper Text Transport Protocol (HTTP) is used for web accesses.
Management of a data service system (e.g., ISS 20) typically includes the following functions: (1) monitoring the availability and performance of the system; and (2) diagnosing the availability and performance problems that occur during the operation of the system. Of course, the management may include other functions.
Prior art testing and measurement tools have been developed to enable management of the individual functional modules of the ISS. For example, a prior art Multi-Router Traffic Grapher (MRTG) testing tool enables the forwarding rate of a router over time to be observed. Another prior art testing tool, PerfView (made by Hewlett-Packard Co. of Palo Alto, Calif.), can monitor CPU, disk, and memory utilization on a specific host system. The resource consumption of specific functional modules (e.g., web content servers) can also be monitored using PerfView. Tools for monitoring the performance of web content servers have also been developed, e.g, the public domain timeit tool. Moreover, many testing tools have also been developed to measure the performance of the interconnect network. These tools include Netperf, throughput TCP (ttcp).
One drawback of the prior art testing technologies is that they only measure the status (i.e., availability and performance) of individual modules without taking into consideration of the services the system provides. To assess the status of the ISS 20 and the various services offered by the ISS 20 (e.g., news, FTP, Web access, etc.), a network operator has to manually check (i.e., individually test) each module of the ISS to determine the module's status and then correlate the status of all of the modules to figure out where the problem is in the ISS 20. This requires that the network operator understand not only the interconnections between the different modules of the ISS 20 but also the logical interdependencies between these modules. The difficulty of this process is illustrated by way of an example in FIG. 2, which shows that a user accesses a web site at the global Internet 15 via the proxy server 25. Although the data transfer occurs from the Internet web site via the proxy server 25, the actual access requires the access of the DNS 23 to obtain the IP address of that particular web site. Only after the IP address of the web site has been determined, the proxy server 25 can accesses the global Internet 15. To assess the status of the ISS 20, the operator has not only to check the network routes between the proxy server 25 and the global Internet 15 and between the proxy server 25 and the user terminal 12, but to be aware of the dependency of the web service on the DNS server 23 and test the DNS server as well. If the web operator only checks the modules along the network route, the problem module (i.e., DNS 23) can not be identified. The diagnosis of availability and performance problems in the ISS 20 gets more complex as the number of modules in the ISS 20 increases.
Another drawback is that since modules are measured in isolation, their measurements do not assess the availability and performance of the modules as the availability and performance relate to the service being provided using the modules. For example, the performance measurements for a firewall measured in isolation are CPU utilization at the firewall, packet handling rate (i.e., packets per second) of the firewall, the delay introduced by the firewall in routing a packet, and the number of packets discarded by the firewall per second because of buffer overflows. However, the impact of the firewall performance on the ISS system depends on several factors that are external to the firewall. These factors include the specific TCP (Transmission Control Protocol), the TCP/IP stack used in users' terminal and in the web content and proxy servers, the TCP window size used by the web browser and web server application modules, and the size of the data transfer. Furthermore, the location of the firewall in the topology of the ISS system determines which of the functional modules the firewall impacts. Therefore, the precise impact of the firewall performance on the performance of the ISS system cannot be measured by considering the firewall in isolation.