This invention relates to the field of network analysis, and in particular to a system and method for inferring the connectivity among devices of a network.
The continually increasing usage of communications has increased the demand for efficient and reliable networks; consequently, there is an increased demand for management tools to support such networks.
Advanced networking techniques, including, for example, the ability to create virtual networks and virtual connections, increases the scope of a network manager's responsibilities. It is common for a corporate network manager to be responsible for a corporate network that spans the country, or spans the world. This extended scope of responsibilities generally leads to a delegation of responsibilities for physically connecting the myriad devices used at each locale, and for logically connecting groups of network nodes without regard to their locales.
To effectively manage a network, the network manager must be aware of how the devices of the network are connected to each other, both physically and logically. Generally, a model of the network is created, and tools are provided for viewing the model from different perspectives, making changes to components and/or the connectivity among the components, simulating the performance of the network, and so on. The creation of a model of a network comprising hundreds or thousands of devices, however, can be an onerous task, and keeping the model up to date can be even more difficult.
Techniques have been developed to automate the building of a model of a network by collecting information from the actual devices on the network regarding their configuration and inferring connectivity based on this information. However, these techniques generally require a substantial amount of human intervention, because the data collected is generally incomplete, and often conflicting. Different types of devices have different roles to perform in a network, and therefore their configurations will be directed to the particular role that they are performing. For example, the configuration of a network router will contain the information required by the router to determine which router or layer-3 device should receive each received packet, based on an address contained in the message; the configuration of a network switch, on the other hand, will contain the information required by the switch to establish connections to the next physical device, without regard to the particular type of device or protocol layer. Compounding the problem of mixed forms of connectivity information dependent upon the type of device, different vendors of the same type of device may use different techniques for establishing or monitoring the configuration of their devices.
FIGS. 1A-1D illustrate an example of the mix of information provided by different sources of connectivity information. In these illustrations, four routers R1, R2, R3, and R10, and one switch S1 are identified; interfaces on each device are labeled Fe0/1, Fe0/2, etc. The acquired information is illustrated on the left, with the resultant inferred connectivity on the right. The term ‘inference engine’ is used herein to define a particular process or device that processes a given set of information to produce an inferred set of connections (topology) based on that information.
FIG. 1A illustrates connectivity inferred by an engine that processes IP addressing information, indicating that R1-Fe0/1, R2-Fe0/1 and R3-Fe0/1 are in the same subnet. FIG. 1B illustrates connectivity information from an engine that processes forwarding table information, indicating that R2-Fe0/1 is connected to S1-Fe0/2, and that R3-Fe0/1 is connected to S1-Fe0/3. FIG. 1C illustrates connectivity information from an engine that processes neighbor discovery information, indicating that R2-Fe0/1 is connected to R3-Fe0/1. FIG. 1D illustrates connectivity information from an engine that processes tunnel information, indicating that a tunnel exists between R2 and R10.
As can be seen, none of the individual inference engines are able to determine the entire physical connectivity of the elements R1, R2, R3, R10, and S1 in this network. And, FIG. 1C appears to conflict with FIG. 1B, apparently because the switch S1 is transparent to the neighbor discovery process (not a ‘neighbor’, per se).
It would be advantageous to be able to infer more of the connectivity of a network than current techniques provide. It would also be advantageous to be able to resolve apparent conflicts in reported connectivity information. It would also be advantageous to infer connections with some degree of confidence even when there is no direct reference or data indicating the existence of such a connection.
These advantages, and others, can be realized by a method and system that integrates the connectivity information provided by a variety of connectivity inference techniques, and is able to resolve conflicts as they arise during the consolidation process. A consolidation is performed among inference engines that operate at a base level of connectivity detail to create a model of the network at this base level. The connectivity information provided by inference engines at each subsequent higher level of connectivity abstraction is then overlaid on the base level connectivity. By separately consolidating the connectivity information at each level of abstraction, the rules for dealing with conflicts can be simplified and/or better focused to resolve the conflict. By assuming that the more detailed lower level information is likely to be more accurate, rules can be developed to modify the connectivity models produced by the higher level techniques to conform to the lower level connectivity details while still maintaining the integrity of the higher level connectivity models.
Throughout the drawings, the same reference numerals indicate similar or corresponding features or functions. The drawings are included for illustrative purposes and are not intended to limit the scope of the invention.