A. Field of the Invention
The principles described herein relate generally to network traffic monitoring and, more particularly, to systems and methods that provide dynamic flow capture of network traffic.
B. Description of Related Art
Network devices, such as routers, receive data on physical media, such as optical fiber, analyze the data to determine its destination, and output the data on physical media in accordance with the destination. In a high traffic public network, such as the Internet, the routers that make up the network may be owned and operated by a number of different entities. An Internet Service Provider (ISP), for example, may operate a number of routers. The ISP may sell access to the network to end-users, such as consumers or businesses.
ISPs may desire or need to monitor traffic from certain ones of its customers. In some jurisdictions, the law may require that the ISP have the ability to monitor its traffic.
Passive traffic monitoring techniques are known by which the ISP (or other entity that controls a router) may set up filtering criteria within the router. When data matches the filtering criteria, a copy of the data is forwarded to one or more destinations. For example, a filter may be set up that specifies that all packets from a particular IP address be forwarded to a designated destination.