In computer and other networks, communication between two end-users or other resources may pass through a series of intervening devices, the principal function of which is to forward communications to their intended destination. It is frequently desired to know by what path communication is passing between two devices through the network. For example, if an end-user device is malfunctioning or sending out undesirable communications traffic, the system operator may wish to know exactly where the offending device is connected to the network, so that the offending device can be disconnected without also disconnecting other users or resources.
There may be many physically possible paths, and even many reasonable paths, between any two end-points on a network. The path actually used may vary, depending on the availability of specific forwarding devices, the level of other traffic on particular links, and other ephemeral considerations.
In the internet and similar networks, the Open System Interconnection (OSI) layer 3 “network layer” handles packet routing in software that allows a considerable amount of communication about the packets being routed. For example, in Internet Protocol (IP), the layer 3 routers along a path to or from a device doing the tracing can be traced by sending “traceroute” packets that are addressed to the end-point, but are designed to travel only a limited number of steps before “timing out” and triggering an error message returned to the sender. By varying the number of steps before different packets time out, the sender can ideally obtain a complete list of the routers along the path.
Some network protocols use a packet header that includes the network addresses of the routers that have handled, or are intended to handle, the packet. In those protocols, “sniffer” software can obtain the path between two devices in communication by inspecting the headers of packets in transit.
However, two successive layer 3 routers, or the last layer 3 router and the end-point, may be connected by a “switch mesh” of switches, operating at the OSI layer 2 “data link” layer. A switch typically has several ports, each connected to one or more neighbor switches, and a Forwarding Database Table (FDB) that lists what devices outside the switch mesh can be reached through each port. Outside devices connected to a switch mesh may include layer 3 routers as well as end-user devices and other resources. The FDB typically identifies each device by its Medium Access Control (MAC) address, which is an identifying number permanently assigned to the device. Layer 2 switches do not respond to layer 3 stratagems such as traceroute, but mechanically forward any incoming packet for which an outgoing port can be identified.
A switch mesh of switches can be “discovered” by a Network Management System (NMS) querying each switch in turn, obtaining the connection information from the FDB, and constructing an image of the switch mesh. The listing of physically available connections from a discovery is usually fairly stable. However, because the individual switches are dynamically maintaining the paths actually used locally, discovered information on paths actually in use rapidly becomes out of date. Discovery being a resource-intensive operation, it is often not practical to discover a switch mesh sufficiently frequently to maintain an up-to-date image of the actual paths.