1. Field of the Invention
The present invention relates to a method of, and an apparatus for, monitoring and fault-analyzing a network of LANs.
2. Description of the Prior Art
LANs (local area networks) are rapidly spreading among businesses. The LANs in offices and buildings are connected to one another through, for example, WANs (wide area networks), to share resources. To connect LANs and WANs to one another, LAN-to-LAN connectors each having a bridge, a router, and a bridge-router are employed to provide filtering, forwarding, and routing functions to deal with different protocols of different kinds of LANs.
If a data transfer fault occurs between specific terminals of different LANs in a network of LANs, the fault must be analyzed. In this case, packet analyzers are installed in paths of the LANs. Permanently installing these analyzers involves high costs, and arranging the analyzers whenever a fault occurs is physically difficult. It is required, therefore, to provide a technique for analyzing a fault at low cost.
A LAN-to-LAN connector usually has a bridge that connects different LANs to each other and checks the source and destination addresses of a packet in a data link layer to see whether the packet must be transferred or abandoned, a router that checks the header of a packet in a network layer to see whether or not the packet must be sent to another network, and if it must be sent to another network, finds an optimum route for passing the packet, and a bridge-router that has both the functions of the bridge and router. If a packet collision or error occurs in a transmission path between LANs, the LAN-to-LAN connector stores information related to the fault and transfers the information to an exclusive monitor manager or an SNMP (single network management protocol) manager, which statistically manages such information of the LANs. This system is incapable of monitoring communication between specific terminals in LANs.
A prior art will be explained with reference to FIGS. 1 to 5.
FIG. 1 shows a network of LANs according to the prior art, and FIG. 2 shows a network involving a WAN (wide area network).
In FIG. 1, the LANs 1 to 3 are based on the Ethernet technology. A LAN-to-LAN connector 1 is arranged between the LANs 1 and 2, and a LAN-to-LAN connector 2 between the LANs 2 and 3. The network of FIG. 2 includes LANs 1 to 3 and the WAN 1. A LAN-to-LAN connector 1 is arranged between the LANs 1 and 2, a LAN-to-LAN connector 2 between the LAN 2 and the WAN 1, and a LAN-to-LAN connector 3 between the WAN 1 and the LAN 3.
FIG. 3 shows a method of inserting a LAN analyzer, FIG. 4 shows one of the LAN-to-LAN connectors of FIGS. 1 and 2, and FIG. 5 shows a flow of steps carried out by the LAN-to-LAN connector. These figures will be explained in detail.
The LAN-to-LAN connector of FIG. 4 may connect the LANs 1 and 2 to each other. The connector has a router (bridge) 90, an internal bus 91, and LAN/WAN interfaces 92 and 93. The LAN/WAN interface 92 is connected to the LAN 1, and the LAN/WAN interface 93 to the LAN 2.
The LAN/WAN interface receives a packet from a transmission path of the LAN or WAN and transfers the packet to the router. The router processes the packet according to the flow of FIG. 5 and transfers the packet to the LAN/WAN interface that is connected to a destination transmission path.
The process flow of the router will be explained with reference to FIG. 5. Step S1 receives a packet from the LAN/WAN interface. Step S2 identifies a protocol of the packet, and step S3 determines whether or not the packet must be routed. Namely, if the packet has an MAC (media access control) address plus an IP address, the packet involves a TCP/IP and must be routed, and if it has only an MAC address, it involves a protocol specific to a manufacturer and must not be routed.
If the packet must be routed, a routing process is carried out. In step S4, a network address filter (not shown) filters out a network address. Namely, if the packet has a predetermined network address, the packet is passed, and if not, it is blocked. If the packet is passed, step S5 looks up a routing table (not shown) and adds the packet to a network router.
When the packet has a protocol not to be routed, an MAC address filter checks the MAC address of the packet. If the MAC address must be blocked, step S6 blocks the packet, and an MAC bridge forwards the packet onto the following LAN in step S7.
In the network of FIG. 1 or 2 having the LAN-to-LAN connectors each having the functions of FIG. 5, a communication interrupt fault may occur between, for example, a server 1 connected to the LAN 1 and a client 1 connected to the LAN 3. Then, a fault analyzer such as a LAN analyzer is used to monitor the terminal address such as the MAC or IP address of each packet transferred through transmission paths of the LANs, and if necessary, examine the protocol of the packet.
In FIG. 1, the LAN analyzers must be connected to analysis points (1) to (3) of the LANs 1 to 3, respectively. In FIG. 2, the LAN analyzers must be connected to an analysis point (1) between the LAN-to-LAN connector 2 and the WAN 1 and an analysis point (2) between the WAN 1 and the LAN-to-LAN connector 3, respectively.
FIG. 3 shows a method of inserting the LAN analyzer. A branching unit must be arranged in a transmission path, to branch packets into the LAN analyzer and monitor and analyze the packets.
The LAN analyzers are expensive. Permanently arranging the LAN analyzers in transmission paths of LANs, which are presently very complicated, involves great costs. Accordingly, it is preferable to simultaneously measure, as soon as a communication interrupt fault occurs between, for example, the server 1 and the client 1, all LANs that pass packets between the server 1 and client 1.
It is impossible, however, to arrange the LAN analyzers at a plurality of locations as soon as a fault occurs. Accordingly, the prior art employs one LAN analyzer to check the paths of the LANs one by one. This technique takes a long time to complete. In FIG. 1 for example, the LAN analyzer is connected to the analysis points (1) to (3) one after another, to monitor packets.
When data must be transferred to a distant place through the LAN-to-LAN connectors and WAN as shown in FIG. 2, the LAN analyzer must be connected to the branching unit of FIG. 3 having a physical WAN interface to fetch data. A physical layer of the WAN covers a variety of interfaces such as CCITT V-series interfaces including V. 35 and V. 24/28, CCITT X-series interfaces including X. 21, ISDN interfaces including I. 430, and high-speed digital interfaces. Also, a data link layer of the WAN involves many protocols such as modifications of HDLC specific to vendors, although they will be standardized into the PPP of TCP/IP.
The WAN of FIG. 2 may employ a high-speed LAN using an FDDI (fiber distributed data interface). In this case, the LAN analyzer connected to an analysis point of the high-speed LAN must have an interface proper for the high-speed LAN. In this way, there are many physical interfaces.
When analyzing data transferred through the WAN and high-speed LAN, it is necessary to prepare branching units having connectors for different physical layers including optical fibers, coaxial cables, and twisted pair cables. At the same time, the LAN analyzers must have such physical interfaces. In addition, there are many kinds of data frames, i.e., data link layers transferred among the LAN-to-LAN connectors depending on vendors, to hinder analysis. High-speed LANs such as FDDIs require specific interfaces.
FIG. 6 explains a method of monitoring and analyzing a LAN, employing a parent monitor and child units. A LAN-to-LAN connector 94 has LAN interfaces 96 (from 1 to n) connected to LANs 1 to n, respectively. This connector has a router 95 for carrying out a routing (bridging) process. Among the LANs, the LAN m is provided with the parent monitor 97. The other LANs are each provided with the child unit 98, which may be a separate device or a program such as a remote monitoring program (RMON) executed, in the background, on a personal computer. In response to a command from the parent monitor 97, each of the child units 98 monitors packets transferred through the respective LANs. The child units 98 send monitored results to the parent unit 97 through the LAN-to-LAN connector 94 in response to a command from the parent monitor 97.
According to the prior art of FIGS. 1 to 5, it is difficult to employ expensive analyzers to monitor LANs at a plurality of analysis points when a fault occurs in the LANs. Accordingly, one LAN analyzer may be employed to monitor the analysis points one after another. This technique is incapable of analyzing a fault that is not recurrent. If a plurality of analyzers are used to simultaneously monitor the analysis points, installation, and preparatory work for, the analyzers will be complicated.
To monitor a network including a WAN, branching units proper for the physical layer of the WAN must be prepared, and the LAN analyzers must also have proper physical interfaces. Even with these facilities, it is hard to analyze data link protocols specific to vendors.
According to the method of monitoring and analyzing LANs with the parent and child units of FIG. 6, each LAN must have the child unit and all of the child units must be always active. Employing the exclusive child units increases costs. Executing a program serving as the child unit in the background of a personal computer (PC) means that the PCs must always be active. When the child units are connected to the WAN, they must deal with various kinds of physical layers and data link layers specific to vendors, similar to the LAN analyzers used for a network including the WAN.