The present invention generally relates to apparatus, methods and protocols useful in carrying out data communication between devices in a network. The invention relates more specifically to communicating network information among network devices using protocols based on Universal Resource Locators.
A computer network generally includes a number of devices, including switches, routers and hubs, connected to allow communication among the devices. The devices within a network are often categorized into two classes: end stations such as workstations, desktop PCs, printers, servers, hosts, fax machines, and devices that primarily supply or consume information; and network devices such as gateways, switches and routers that primarily forward information between the other devices.
Each device has one or more circuit boards, a microprocessor and a memory, and runs a control program. In general, networks often include several different types of data switching and routing devices. These network devices may have different physical characteristics. New devices, with characteristics that are presently unknown, are constantly being developed. The characteristics of many network devices may change over time. For example, characteristics of the network devices change when subsystems like boards, network interface modules, and other parts are added or removed from a device. Further, network devices ordinarily operate on a continuous basis. Accordingly, many networks are managed, supervised and maintained by a network administrator or network manager.
To properly maintain a network, the network administrator needs to have up-to-date information available about the devices in the network and how the devices are interconnected. A network management system or network management software may be used to automate these tasks. To obtain information about the network, the network management system may communicate with network devices using an agreed-upon network management protocol. An example of a network communication protocol that facilitates network management is Simple Network Management Protocol (xe2x80x9cSNMPxe2x80x9d), which is described in xe2x80x9cIntroduction to SNMPv3,xe2x80x9d available on the Internet in the document xe2x80x9cv3white.hmtlxe2x80x9d of directory xe2x80x9csnmpv3xe2x80x9d at the World Wide Web domain xe2x80x9csnmp.comxe2x80x9d, and xe2x80x9cInternetworking Technologies Handbook,xe2x80x9d published by Cisco Systems, Inc.
SNMP is an asynchronous protocol that operates using a request-response model. A significant limitation of SNMP is that it may be used only for communications over networks that use Transmission Control Protocol and Internet Protocol (TCP/IP) for communication at lower network layers. There is a need for a way to use SNMP communications over networks that use other types of transport protocols such as IPX, SPX, and AppleTalk.
Certain network servers and other network devices communicate using the Remote Authentication Dial-In User Service (RADIUS) protocol. RADIUS is useful for controlling access, authentication, and accounting for remote users who dial in to a server to obtain network services. RADIUS is defined in, for example, xe2x80x9cRADIUS: Remote Authentication Dial-In User Service: Remote Network Access Security in an Open Systems Environment,xe2x80x9d available on the Internet as document xe2x80x9cradius.htmlxe2x80x9d at World Wide Web domain xe2x80x9ckmi.com.xe2x80x9d RADIUS operates below the application layer and tends to implemented in a network device in a way that is tightly coupled to the functions carried out by the device. In addition, because RADIUS is a lower-level protocol, obtaining and displaying management information in a human-perceivable manner requires use of an intermediate computer. Due to the limitations of RADIUS, some network management systems require one server for carrying out RADIUS access, authentication, and accounting (AAA) functions, and a second server that obtains RADIUS information, formats it, and generates one or more HTML pages containing the information.
FIG. 1 is a block diagram of a network management system in which Gateway 112 controls access by one or more Users 118 to a Managed Network 116. All network traffic directed from User 118 to Managed Network 116 must pass through Gateway 112 and is blocked unless the User is authenticated. Gateway 112 executes a Radius agent 114. For example, a system of this type may be used to configure a network using the 6510 Service Selection Gateway that is commercially available from Cisco Systems, Inc., San Jose, Calif. The Cisco 6510 contains three Fast Ethernet ports. A first port is connected to receive user traffic directed at a managed network; a second port is connected to the managed network; and the third port may be connected to a RADIUS server and a Service Selection Dashboard server on a separate subnet or the same network as the network side.
Gateway 112 communicates with Managed Network 116 and its devices using SNMP. A software application that provides user interface functions, DashBoard 108, executes in an HTTP Server 106 and communicates with the Gateway using a Radius host 110 complementary to Radius agent 114. HTTP Server 106 is coupled to Network 104 by a network link. A Client 100, which executes a Browser 102, is also coupled to Network 104 and may be located logically or physically remote from the Network, HTTP Server, and Gateway. Client 100 is a computer device such as a workstation, personal computer, server, or other equivalent network element. Network 104 in this embodiment is contemplated to be a global, packet-switched network that uses open protocols, such as the Internet. However, Network 104 may comprise any communication network. Browser 102 is an application program that may send and receive network information. Examples of commercial products that are suitable for use as Browser 102 are Microsoft Internet Explorer(copyright) and Netscape Navigator(copyright).
In this arrangement, HTTP Server 106 communicates with Gateway 112 using RADIUS protocol messages, and communicates with Browser 102 using HTML over an HTTP network. This arrangement is functional, however, it would be simpler and less expense to provide a way to directly query and display RADIUS information using a client or server that can communicate using HTML. In addition, the foregoing arrangement requires the Gateway 112 or the DashBoard application 108 to store state information so that HTML transactions can be correlated with RADIUS transactions.
Another problem in this field is that streaming video information cannot be communicated efficiently over every network element. For example, there are now several different streaming video client programs available, such that streaming video is becoming ubiquitous. The video clients are capable of executing on a variety of platforms and can receive video information that is transported over many different network protocols. There is also increasing interest in the use of programs written in the Java(copyright) language to carry out network processing functions. However, at present Java(copyright) applets require the use of TCP/IP as a transport protocol.
A related problem is that using conventional streaming video clients and transport protocols, when a video stream is carried through the network, certain internetwork elements may not be set immediately to the best available quality of service. Delivery of streaming video requires network elements having high bandwidth and throughput to be continuously available. However, the network elements and the software that manages them may take considerable time to recognize the nature of the stream and set each internetwork element to an appropriate quality of service.
The Universal Resource Locator (URL) provides a way to identify a multimedia resource in a network. The URL is defined in T. Berners-Lee, xe2x80x9cUniform Resource Locators (URL): A Syntax for the Expression of Access Information of Objects on the Network,xe2x80x9d Mar. 21, 1994. However, in the past, the use of URLs for locating information in a network has required a network that communicates using Hypertext Transfer Protocol (HTTP). This protocol is not available in all network devices. Many devices, such as switches and routers, cannot respond to control messages that are communicated using HTTP. In addition, HTTP works only at OSI Layer 4. Thus, there is a need for a system that use URLs to address network information at devices that do not use HTTP.
The foregoing needs and objects, and other needs and objects that will become apparent from the following description, are achieved by the present invention, which comprises, in one aspect, a method of retrieving a value of a RADIUS accounting attribute that is stored in a RADIUS server of a network. In an embodiment, the method may comprise creating and storing a Uniform Resource Locator (URL) that includes a request for a value of the RADIUS attribute; communicating the URL to the RADIUS server; extracting the request from the URL; and communicating a responsive URL, which includes the value of the attribute and an identifier of the attribute, from the RADIUS server.
In another aspect, the invention provides a method of processing a value of a RADIUS accounting attribute that is stored in a RADIUS server of a network, involving executing a RADIUS agent and an interface software element at the managed device; creating and storing a Uniform Resource Locator (URL) that comprises a request for the RADIUS accounting attribute at the client computer system, the request including information identifying the attribute and a type of processing to be carried out; processing the request based on the type to result in the value of the attribute; and communicating the value of the attribute to the managed device in a responsive URL.
According to another aspect, the invention provides a method of retrieving a value of a Management Information Base (MIB) variable that is stored in a MIB of a managed device in a network. A Uniform Resource Locator (URL) that includes a Simple Network Management Protocol (SNMP) request for a value of the MIB variable is created and stored. The URL is communicated to the managed device. The SNMP request is obtained from the URL. A responsive URL is communicated, which includes the value of the MIB variable and an identifier of the MIB variable, from the managed device.
In another aspect, the invention provides a method of processing a value of a Management Information Base (MIB) variable that is stored in a MIB of a managed device of a network. The method may involve executing an SNMP agent and a first URL interface software element at the managed device; creating and storing a Uniform Resource Locator (URL) that comprises an SNMP request for the MIB variable at the managed device, the request including information identifying the MIB variable and a type of SNMP processing to be carried out; processing the request based on the type to result in retrieving the value of the MIB variable; and communicating the value of the MIB variable to the managed device in a responsive URL.
Other aspects of the invention include an apparatus and a computer-readable medium configured to carry out the foregoing steps.