US20100325486A1 - Systems and methods for providing redundancy in communications networks - Google Patents
Systems and methods for providing redundancy in communications networks Download PDFInfo
- Publication number
- US20100325486A1 US20100325486A1 US12/871,702 US87170210A US2010325486A1 US 20100325486 A1 US20100325486 A1 US 20100325486A1 US 87170210 A US87170210 A US 87170210A US 2010325486 A1 US2010325486 A1 US 2010325486A1
- Authority
- US
- United States
- Prior art keywords
- resources
- network device
- network
- instructions
- vsd
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/22—Alternate routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/28—Routing or path finding of packets in data switching networks using route fault recovery
Definitions
- Implementations consistent with the principles of the invention relate generally to communications networks and, more particularly, to systems and methods for providing redundancy in communications networks.
- a typical communications network includes a lot of different types of network devices.
- a typical communications network may include host devices, which act as the source or destination of a particular flow of traffic, routers and/or switches, which act to forward traffic flows toward their appropriate destinations, and security devices, which provide, for example, firewall or other security functionality. These different types of network devices may be interconnected via links.
- a link between a pair of network devices may fail or a network device may fail.
- a second network device may act as a backup for a first network device. If any part of the first network device fails, the entire first network device may fail over to the second network device.
- a method includes detecting a problem with a logical section of a first network device, and failing over only the logical section of the first network device to a second network device.
- a system in another implementation consistent with the principles of the invention, includes a first network device and a second network device.
- the first network device includes a group of first logical portions and is configured to detect a problem with one of the first logical portions, and transmit a message identifying the one first logical portion.
- the second network device includes a group of second logical portions, where the group of second logical portions corresponds to the group of first logical portions.
- the second network device is configured to receive the message from the first network device, and activate the one second logical portion corresponding to the one first logical portion in response to receiving the message.
- a network device in still another implementation consistent with the principles of the invention, includes a group of logical units, where each logical unit is associated with at least one interface and a group of network addresses. Each logical unit is configured to monitor a status of the at least one interface with which the each logical unit is associated, monitor a status of each network address in the group of network addresses with which the each logical unit is associated, and determine whether to enter an inoperable state based on the monitoring the at least one interface and the monitoring the group of network addresses.
- FIG. 1 is an exemplary diagram of a communications network in which systems and methods consistent with the principles of the invention may be implemented;
- FIG. 2 is an exemplary configuration of the network device of FIG. 1 in an implementation consistent with the principles of the invention
- FIG. 3 is an exemplary configuration of a virtual security device (VSD) in an implementation consistent with the principles of the invention
- FIG. 4 is an exemplary configuration of a data structure that may be associated with a VSD in an implementation consistent with the principles of the invention
- FIG. 5 is a flowchart of an exemplary process for routing data units in a network in an implementation consistent with the principles of the invention
- FIG. 6 is a flowchart of an exemplary process for failing over a logical portion of a network device in an implementation consistent with the principles of the invention.
- FIG. 7 is an exemplary data structure that may be associated with a VSD in an implementation consistent with the principles of the invention.
- Systems and methods consistent with the principles of the invention improve traffic forwarding within a communications network.
- a problem when a problem is detected in a logical portion of a network device, a corresponding logical portion of another network device may take over the functions performed by that problematic logical portion.
- FIG. 1 is an exemplary diagram of a communications network 100 in which systems and methods consistent with the principles of the invention may be implemented.
- network 100 may include network devices 110 and 120 that route data between networks 130 and 140 . It will be appreciated that network 100 may include other devices (not shown) that aid in receiving, processing, and/or transmitting data.
- Network device 110 and 120 may include one or more network devices that receive data units (e.g., Internet Protocol (IP) packets) and forward the data units toward their destination(s).
- IP Internet Protocol
- network devices 110 and 120 may perform one or more security functions, such as filtering the data units.
- network devices 110 and 120 may be divided into multiple virtual systems (VSYSs) 111 - 113 and 121 - 123 , respectively.
- VSYS virtual systems
- Each VSYS may be a subdivision of its network device and appear to a user to be a stand-alone entity.
- Each VSYS may be separately managed.
- VSYS 1 111 of network device 110 may be identical to VSYS 1 121 of network device 120
- VSYS 2 112 of network device 110 may be identical to VSYS 2 122 of network device 120
- VSYS 3 113 of network device 110 may be identical to VSYS 3 123 of network device 120 .
- VSYS 1 111 and 121 may serve as a backup for the other of VSYS 1 111 and 121
- one of VSYS 2 112 and 122 may serve as a backup for the other of VSYS 2 112 and 122
- VSYS 3 113 and 123 may serve as a backup for the other of VSYS 3 113 and 123
- each network device 110 and 120 may include more or fewer VSYSs than illustrated in FIG. 1 .
- each network device 110 and 120 may include one or more virtual security devices (VSDs) 115 , 116 , 125 , and 126 .
- VSDs virtual security devices
- Each VSD 115 / 116 / 125 / 126 may be a single logical device within network device 110 / 120 .
- VSD 1 115 of network device 110 may be identical to VSD 1 125 of network device 120 and VSD 2 116 of network device 110 may be identical to VSD 2 126 of network device 120 .
- each network device 110 and 120 may include more or fewer VSDs than illustrated in FIG. 1 .
- each VSYS 111 / 112 / 113 / 121 / 122 / 123 may be associated with (or bound to) a VSD 115 / 116 / 125 / 126 .
- Multiple VSYSs may bind to a single VSD or a single VSYS may bind to multiple VSDs.
- VSYS 1 111 and VSYS 2 112 bind to VSD 1 115 of network device 110
- VSYS 3 113 binds to VSD 2 116 of network device 110
- VSYS 1 121 and VSYS 2 122 bind to VSD 1 125 of network device 120
- VSYS 2 123 binds to VSD 2 126 of network device 120 .
- Network device 110 may connect to network device 120 via a link 115 .
- link 115 may include a dedicated physical link. It will be appreciated that link 115 may be any type of link for communicating information, including a wireless link. Link 115 may allow network devices 110 and 120 to communicate with one another. For example, network devices 110 and 120 may transmit/receive status messages via link 115 .
- Networks 130 and 140 may include one or more networks capable of forwarding data units.
- Networks 130 and 140 may include, for example, a local area network (LAN), a wide area network (WAN), a telephone network, such as the Public Switched Telephone Network (PSTN), an intranet, the Internet, or a combination of networks.
- network 130 may include an untrusted network, such as the Internet
- network 140 may include a trusted network, such as a private network.
- FIG. 2 is an exemplary configuration of network device 110 of FIG. 1 in an implementation consistent with the principles of the invention. It will be appreciated that network 120 may be similarly configured. As illustrated, network device 110 may include a bus 210 , processing logic 220 , an Application Specific Integrated Circuit (ASIC) 230 , a memory 240 , and a group of communication interfaces 250 . Bus 210 permits communication among the components of network device 110 .
- ASIC Application Specific Integrated Circuit
- Processing logic 220 may include any type of conventional processor or microprocessor that interprets and executes instructions.
- ASIC 230 may include one or more ASICs capable of performing network-related functions. In one implementation, ASIC 230 may perform a security-related function.
- Memory 240 may include a random access memory (RAM) or another dynamic storage device that stores information and instructions for execution by processing logic 220 ; a read only memory (ROM) or another type of static storage device that stores static information and instructions for use by processing logic 220 ; and/or some other type of magnetic or optical recording medium and its corresponding drive.
- Communication interfaces 250 may include any transceiver-like mechanism that enables network device 110 to communicate with other devices and/or systems, such as network device 120 and devices associated with networks 130 and 140 .
- network device 110 may perform network communications-related operations.
- Network device 110 may perform these and other operations in response to processing logic 220 executing software instructions contained in a computer-readable medium, such as memory 240 .
- a computer-readable medium may be defined as one or more memory devices and/or carrier waves.
- the software instructions may be read into memory 240 from another computer-readable medium or from another device via a communication interface 250 .
- the software instructions contained in memory 240 may cause processing logic 220 to perform processes that will be described later.
- hardwired circuitry may be used in place of or in combination with software instructions to implement processes consistent with the principles of the invention.
- systems and methods consistent with the principles of the invention are not limited to any specific combination of hardware circuitry and software.
- FIG. 3 is an exemplary configuration of VSD 1 115 in an implementation consistent with the principles of the invention.
- VSD 1 125 may be configured in a similar manner.
- VSDs 2 116 / 126 may be similarly configured.
- VSD 1 115 may include a zone 310 of interfaces E 1 -E 3 315 - 1 through 315 - 3 (collectively, “interfaces 315 ”) that share a common interface 320 .
- Interfaces 315 may, for example, connect network device 110 to network 140
- shared interface 320 may connect network device 110 to network 130 .
- interface E 1 315 - 1 may be associated with VSYS 1 111
- interfaces E 2 315 - 2 and E 3 315 - 3 may be associated with VSYS 2 112 .
- FIG. 4 is an exemplary configuration of a data structure 400 that may be associated with a VSD in an implementation consistent with the principles of the invention.
- data structure 400 described below is associated with VSD 1 115 of FIG. 1 .
- a similar data structure may be associated with VSD 1 125 and VSD 2 116 / 126 .
- data structure 400 may include a flag field 410 , an interface list field 420 , a zone list field 430 , a track network address (NA) list field 440 , a threshold field 450 , and a summation (SUM) field 460 .
- Flag field 410 may store a flag value. In one implementation, a flag value of 1 may indicate that the flag has been set and a flag value of 0 may indicate that the flag has not been set.
- Interface list field 420 may store a list of zero or more interfaces to be monitored. In one implementation, interface list field 420 may store information identifying interfaces associated with VSD 1 115 . In the exemplary configuration illustrated in FIGS. 1 and 3 , VSD 1 115 may be associated with interfaces E 1 -E 3 315 and shared interface 320 . Therefore, interface list field 420 may store information identifying interfaces E 1 -E 3 315 and shared interface 320 . Each interface identified in interface list field 420 may be associated with a weight value. The weight values may be configurable.
- Zone list field 430 may store a list of zones associated with VSD 1 115 .
- VSD 1 115 may be associated with zone 310 . Therefore, zone list field 430 may store information identifying zone 310 .
- Each zone identified in zone list field 430 may be associated with a weight value. The weight values may be configurable.
- Track network address list field 440 may store a list of zero or more network addresses to be monitored.
- track network address list field 440 may store network addresses of which VSD 1 115 is associated.
- VSD 1 115 may monitor the status of one or more devices associated with network 130 and/or 140 . Therefore, the network address (e.g., an IP address) of those devices may be stored in field 440 for VSD 1 115 .
- Each network address in track network address list field 310 may be associated with the following information: an interval value, a threshold value, method information, and a weight value. This information may be configurable. The interval value may indicate how often the associated network address is to be contacted. In one implementation, the interval value may be 1 second.
- the threshold value may indicate the number of times that the associated network address is to be contacted if no reply is received. In one implementation, the threshold value may be 3.
- the method information may indicate the manner in which the associated network address is to be contacted. For example, the method information may indicate that the associated network address is to be pinged. Other techniques for contacting network addresses may alternatively be used. For example, an address resolution protocol (ARP) technique may alternatively be used. The choice of method may be user configurable.
- Threshold field 450 may store a configurable threshold value.
- the threshold value may be an integer value greater than or equal to 1.
- Summation field 460 may store a value representing a current status level of VSD 1 115 . The manner in which the summation value is determined is described in detail below with respect to the process of FIG. 5 .
- FIG. 5 is a flowchart of an exemplary process for routing data units in network 100 in an implementation consistent with the principles of the invention.
- the following process may be implemented by a VSD of a network device 110 / 120 . It is assumed, for explanatory purposes, that the processing described below is performed by VSD 1 115 of network device 110 .
- VSD 1 115 monitoring the status of the interfaces (IFs) (e.g., interfaces 315 and 320 in the exemplary configuration illustrated in FIG. 3 ) identified in interface list field 420 of data structure 400 (act 505 ).
- VSD 1 115 may receive event messages from each interface 315 and 320 identified in field 420 of data structure 400 .
- VSD 1 115 may determine whether any of the associated interfaces are down (act 510 ).
- VSD 1 115 may determine that a particular associated interface 315 / 320 is down when an event message is received from that associated interface 315 / 320 .
- processing may return to act 505 with VSD 1 115 continuing to monitor the status of the associated interfaces.
- VSD 1 115 may verify the status of the associated interfaces at a periodic time interval, such as every second. The time interval may be configurable.
- VSD 1 115 may monitor the status of the network addresses stored in field 440 of data structure 400 associated with VSD 1 115 (act 515 ). In one implementation, VSD 1 115 may contact each network address in track network address list field 440 at the interval and using the method specified in data structure 400 . VSD 1 115 may determine whether any of the network addresses are unreachable (e.g., the device associated with the network address cannot be reached) (act 520 ). VSD 1 115 may determine that a particular network address is not reachable when the number of times that a reply to a ping request (or ARP command) to that network address has not been received equals the threshold value stored in data structure 400 for that network address. If each of the network addresses is determined to be reachable, processing may return to act 515 with VSD 1 115 continuing to verify the status of the network addresses at the intervals specified in data structure 400 .
- VSD 1 115 may monitor the status of each zone identified in zone list 430 of data structure 400 associated with VSD 1 115 (act 525 ). In one implementation, VSD 1 115 may receive event messages from each zone identified in field 430 of data structure 400 . VSD 1 115 may determine whether any of the associated zones are down (act 530 ). VSD 1 115 may determine that a particular zone is down when an event message is received from that associated zone indicating that the zone is down. If each zone in zone list 430 is determined to be operable (i.e., not down), processing may return to act 525 with VSD 1 115 continuing to monitor the status of the associated zones. In one implementation, VSD 1 115 may verify the status of the associated zones at a periodic time interval, such as every second. The time interval may be configurable.
- VSD 1 115 may set the flag in flag field 410 (act 535 ).
- VSD 1 115 may periodically check the status of the flag in flag field 410 of data structure 400 (act 540 ). If VSD 1 115 determines that the flag in field 410 has not been set (act 540 ), processing can return to act 540 with VSD 1 115 continuing to check the status of the flag in field 410 . If, on the other hand, VSD 1 115 determines that the flag in field 410 has been set (act 540 ), VSD 1 115 may add the weights of the associated interfaces or zones that are determined to be down and the weights of those network addresses that are determined to be unreachable to the summation value in summation field 460 (act 545 ). The summation value may be zero (or some other predetermined value) when all of the interfaces and zones are determined to be available and all of the network addresses are determined to be reachable.
- VSD 1 115 may compare the summation value in summation field 460 to the threshold value in field 450 (act 550 ). VSD 1 115 may make this comparison at predetermined periods. If the summation value does not equal or exceed the threshold value (act 555 ), VSD 1 115 may reset the summation value to zero and reset the flag (e.g., set the flag value to zero) (act 560 ). Processing may then return to act 540 with VSD 1 115 determining whether the flag in flag field 410 has been set. If, on the other hand, the summation value equals or exceeds the threshold value (act 555 ), VSD 1 115 becomes inoperable and should be failed over to VSD 1 125 of network device 120 (act 565 ).
- FIG. 6 is a flowchart of an exemplary process for failing over a logical portion of a network device 110 / 120 in an implementation consistent with the principles of the invention. Processing may begin with network device 120 monitoring status messages received from network device 110 (act 605 ). Network devices 110 and 120 may periodically exchange status messages via link 115 . The status messages may indicate the operability of each VSD associated with the network device. For example, network device 110 may transmit a status message to network device 120 indicating the status of VSD 1 115 and VSD 2 116 . Similarly, network device 120 may transmit a status message to network device 110 indicating the status of VSD 1 125 and VSD 2 126 . Each network device 110 / 120 may transmit status messages at configurable time intervals (e.g., every second) or in response to an event (e.g., a logical section of network device 110 / 120 becoming inoperable).
- time intervals e.g., every second
- an event e.g., a logical section of network device 110 /
- VSD 1 115 of network device 110 is active and that VSD 2 125 of network device 120 is inactive (e.g., serving as the backup for VSD 1 115 ). It is also assumed that VSD 1 115 of network device 110 becomes inoperable. As such, network device 110 may transmit a status message to network device 120 that indicates that VSD 1 115 has become inoperable (act 610 ). In response, network device 120 may place VSD 1 125 , which corresponds to VSD 1 115 , into an active mode, thereby failing over VSD 1 from network device 110 to network device 120 (act 615 ).
- VSD 1 115 Since VSD 1 115 is failed over, each VSYS associated with VSD 1 115 of network device 110 will also be failed over to network device 120 . Therefore, any sessions associated with VSD 1 115 will be transferred to network device 120 for processing by the appropriate VSYS associated with VSD 2 125 .
- the VSD may continue to verify the status of the network addresses with which the VSD is associated. For example, the VSD may continue to send ping (or ARP) commands to the network addresses associated with the VSD and then re-compute the summation value to determine whether the VSD should be brought back up.
- the VSD may, for example, serve as the backup for the currently active VSD or this newly recovered VSD may resume functioning as the active VSD and the currently active VSD may return to an inactive (or backup) state.
- VSD 1 115 of network device 110 is operable and is in an active mode and that VSD 1 125 of network device 120 is in a backup mode.
- VSD 1 115 is configured as illustrated in FIG. 3 .
- VSD 1 115 is associated with exemplary data structure 700 illustrated in FIG. 7 .
- flag value in flag field 410 is zero (meaning that the flag is not set)
- that interface list field 420 stores information identifying interfaces E 1 , E 2 , and E 3 315 and shared interface (IF) 320 , each having a weight assigned to it of 255
- that zone list field 430 stores information identifying zone 310 , which has a weight assigned to it of 255
- that track network address field 440 stores the two network addresses (i.e., NA 1 and NA 2 ), each having a weight assigned to it of 255
- that the threshold value in threshold field 450 is 255
- summation value in summation field 460 is 0.
- VSD 1 115 may monitor the status of interfaces 315 and 320 listed in interface list 420 , zones 310 listed in zone list 430 , and network addresses listed in track network address list field 440 . As illustrated in FIG. 7 , VSD 1 115 may cause the status of network address NA 1 to be checked every second via a pinging method.
- VSD 1 115 may periodically check the status of the flag in flag field 410 . Upon detecting that the flag is set, VSD 1 115 may add the weight (255) associated with network address NA 1 to the summation value (0) in summation field 460 . The new summation value (255) may then be compared to the threshold value (255) in threshold field 450 . Since the new summation value (255) matches the threshold value (255), VSD 1 115 becomes inoperable.
- network device 110 may indicate that VSD 1 115 has become inoperable. Upon receipt, network device 120 may activate VSD 1 125 . In this way, a logical portion of network device 110 can be failed over to network device 120 . Other portions of network device 110 may continue operating as usual. For example, if VSD 2 116 of network device was in an active mode prior to VSD 1 115 being failed over to network device 120 , VSD 2 116 may continue processing traffic during and after the fail over of VSD 1 115 . By only failing over a logical portion of network device, the time period in which a fail over can occur is reduced.
- Systems and methods consistent with the principles of the invention improve traffic forwarding within a communications network.
- a logical portion of a first network device becomes inoperable, that logical portion of the first network device can be failed over to a second network device while the remaining operable portions of the first network device can continue functioning as usual.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A system includes a first network device and a second network device. The first network device includes a group of first logical portions and is configured to detect a problem with one of the first logical portions, and transmit a message identifying the one first logical portion. The second network device includes a group of second logical portions, where the group of second logical portions corresponds to the group of first logical portions. The second network device is configured to receive the message from the first network device, and activate the one second logical portion corresponding to the one first logical portion in response to receiving the message.
Description
- Implementations consistent with the principles of the invention relate generally to communications networks and, more particularly, to systems and methods for providing redundancy in communications networks.
- A typical communications network includes a lot of different types of network devices. For example, a typical communications network may include host devices, which act as the source or destination of a particular flow of traffic, routers and/or switches, which act to forward traffic flows toward their appropriate destinations, and security devices, which provide, for example, firewall or other security functionality. These different types of network devices may be interconnected via links.
- In some instances, a link between a pair of network devices may fail or a network device may fail. In those instances, it is important that the communications network be able to continue to route traffic. Therefore, some networks include redundancy. For example, a second network device may act as a backup for a first network device. If any part of the first network device fails, the entire first network device may fail over to the second network device.
- In a first implementation consistent with the principles of the invention, a method includes detecting a problem with a logical section of a first network device, and failing over only the logical section of the first network device to a second network device.
- In another implementation consistent with the principles of the invention, a system includes a first network device and a second network device. The first network device includes a group of first logical portions and is configured to detect a problem with one of the first logical portions, and transmit a message identifying the one first logical portion. The second network device includes a group of second logical portions, where the group of second logical portions corresponds to the group of first logical portions. The second network device is configured to receive the message from the first network device, and activate the one second logical portion corresponding to the one first logical portion in response to receiving the message.
- In still another implementation consistent with the principles of the invention, a network device includes a group of logical units, where each logical unit is associated with at least one interface and a group of network addresses. Each logical unit is configured to monitor a status of the at least one interface with which the each logical unit is associated, monitor a status of each network address in the group of network addresses with which the each logical unit is associated, and determine whether to enter an inoperable state based on the monitoring the at least one interface and the monitoring the group of network addresses.
- The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, explain the invention. In the drawings,
-
FIG. 1 is an exemplary diagram of a communications network in which systems and methods consistent with the principles of the invention may be implemented; -
FIG. 2 is an exemplary configuration of the network device ofFIG. 1 in an implementation consistent with the principles of the invention; -
FIG. 3 is an exemplary configuration of a virtual security device (VSD) in an implementation consistent with the principles of the invention; -
FIG. 4 is an exemplary configuration of a data structure that may be associated with a VSD in an implementation consistent with the principles of the invention; -
FIG. 5 is a flowchart of an exemplary process for routing data units in a network in an implementation consistent with the principles of the invention; -
FIG. 6 is a flowchart of an exemplary process for failing over a logical portion of a network device in an implementation consistent with the principles of the invention; and -
FIG. 7 is an exemplary data structure that may be associated with a VSD in an implementation consistent with the principles of the invention. - The following detailed description of implementations consistent with the principles of the invention refers to the accompanying drawings. The same reference numbers in different drawings may identify the same or similar elements. Also, the following detailed description does not limit the invention. Instead, the scope of the invention is defined by the appended claims and their equivalents.
- Systems and methods consistent with the principles of the invention improve traffic forwarding within a communications network. In an exemplary implementation, when a problem is detected in a logical portion of a network device, a corresponding logical portion of another network device may take over the functions performed by that problematic logical portion.
-
FIG. 1 is an exemplary diagram of acommunications network 100 in which systems and methods consistent with the principles of the invention may be implemented. As illustrated,network 100 may includenetwork devices networks network 100 may include other devices (not shown) that aid in receiving, processing, and/or transmitting data. -
Network device network devices - As illustrated in
FIG. 1 ,network devices network device 110 may be identical to VSYS 1 121 ofnetwork device 120, VSYS 2 112 ofnetwork device 110 may be identical to VSYS 2 122 ofnetwork device 120, and VSYS 3 113 ofnetwork device 110 may be identical to VSYS 3 123 ofnetwork device 120. In this way, one of VSYS 1 111 and 121 may serve as a backup for the other of VSYS 1 111 and 121, one of VSYS 2 112 and 122 may serve as a backup for the other of VSYS 2 112 and 122, and one of VSYS 3 113 and 123 may serve as a backup for the other of VSYS 3 113 and 123. It will be appreciated that eachnetwork device FIG. 1 . - In one implementation consistent with the principles of the invention, each
network device network device 110/120. In one implementation, VSD 1 115 ofnetwork device 110 may be identical toVSD 1 125 ofnetwork device 120 and VSD 2 116 ofnetwork device 110 may be identical to VSD 2 126 ofnetwork device 120. In this way, one of VSD 1 115 and 125 may serve as a backup for the other of VSD 1 115 and 125, and one of VSD 2 116 and 126 may serve as a backup for the other of VSD 2 116 and 126. It will be appreciated that eachnetwork device FIG. 1 . - In one implementation consistent with the principles of the invention, each
VSYS 111/112/113/121/122/123 may be associated with (or bound to) a VSD 115/116/125/126. Multiple VSYSs may bind to a single VSD or a single VSYS may bind to multiple VSDs. For explanatory purposes, it will be assumed hereafter that VSYS 1 111 and VSYS 2 112 bind to VSD 1 115 ofnetwork device 110, VSYS 3 113 binds to VSD 2 116 ofnetwork device 110, VSYS 1 121 and VSYS 2 122 bind to VSD 1 125 ofnetwork device 120, and VSYS 2 123 binds to VSD 2 126 ofnetwork device 120. -
Network device 110 may connect tonetwork device 120 via alink 115. In one implementation,link 115 may include a dedicated physical link. It will be appreciated thatlink 115 may be any type of link for communicating information, including a wireless link.Link 115 may allownetwork devices network devices link 115. -
Networks Networks network 130 may include an untrusted network, such as the Internet, andnetwork 140 may include a trusted network, such as a private network. -
FIG. 2 is an exemplary configuration ofnetwork device 110 ofFIG. 1 in an implementation consistent with the principles of the invention. It will be appreciated thatnetwork 120 may be similarly configured. As illustrated,network device 110 may include abus 210,processing logic 220, an Application Specific Integrated Circuit (ASIC) 230, amemory 240, and a group of communication interfaces 250.Bus 210 permits communication among the components ofnetwork device 110. -
Processing logic 220 may include any type of conventional processor or microprocessor that interprets and executes instructions.ASIC 230 may include one or more ASICs capable of performing network-related functions. In one implementation,ASIC 230 may perform a security-related function. -
Memory 240 may include a random access memory (RAM) or another dynamic storage device that stores information and instructions for execution by processinglogic 220; a read only memory (ROM) or another type of static storage device that stores static information and instructions for use by processinglogic 220; and/or some other type of magnetic or optical recording medium and its corresponding drive. Communication interfaces 250 may include any transceiver-like mechanism that enablesnetwork device 110 to communicate with other devices and/or systems, such asnetwork device 120 and devices associated withnetworks - As will be described in detail below,
network device 110, consistent with the principles of the invention, may perform network communications-related operations.Network device 110 may perform these and other operations in response toprocessing logic 220 executing software instructions contained in a computer-readable medium, such asmemory 240. A computer-readable medium may be defined as one or more memory devices and/or carrier waves. The software instructions may be read intomemory 240 from another computer-readable medium or from another device via acommunication interface 250. The software instructions contained inmemory 240 may causeprocessing logic 220 to perform processes that will be described later. Alternatively, hardwired circuitry may be used in place of or in combination with software instructions to implement processes consistent with the principles of the invention. Thus, systems and methods consistent with the principles of the invention are not limited to any specific combination of hardware circuitry and software. -
FIG. 3 is an exemplary configuration ofVSD 1 115 in an implementation consistent with the principles of the invention.VSD 1 125 may be configured in a similar manner.VSDs 2 116/126 may be similarly configured. As illustrated,VSD 1 115 may include azone 310 of interfaces E1-E3 315-1 through 315-3 (collectively, “interfaces 315”) that share acommon interface 320. Interfaces 315 may, for example, connectnetwork device 110 tonetwork 140, while sharedinterface 320 may connectnetwork device 110 tonetwork 130. As illustrated,interface E 1 315-1 may be associated withVSYS 1 111, whileinterfaces E 2 315-2 and E3 315-3 may be associated withVSYS 2 112. -
FIG. 4 is an exemplary configuration of adata structure 400 that may be associated with a VSD in an implementation consistent with the principles of the invention. For explanatory purposes, assume thatdata structure 400 described below is associated withVSD 1 115 ofFIG. 1 . A similar data structure may be associated withVSD 1 125 andVSD 2 116/126. - As illustrated,
data structure 400 may include aflag field 410, aninterface list field 420, azone list field 430, a track network address (NA)list field 440, athreshold field 450, and a summation (SUM)field 460.Flag field 410 may store a flag value. In one implementation, a flag value of 1 may indicate that the flag has been set and a flag value of 0 may indicate that the flag has not been set. -
Interface list field 420 may store a list of zero or more interfaces to be monitored. In one implementation,interface list field 420 may store information identifying interfaces associated withVSD 1 115. In the exemplary configuration illustrated inFIGS. 1 and 3 ,VSD 1 115 may be associated with interfaces E1-E3 315 and sharedinterface 320. Therefore,interface list field 420 may store information identifying interfaces E1-E3 315 and sharedinterface 320. Each interface identified ininterface list field 420 may be associated with a weight value. The weight values may be configurable. -
Zone list field 430 may store a list of zones associated withVSD 1 115. In the exemplary configuration illustrated inFIG. 3 ,VSD 1 115 may be associated withzone 310. Therefore,zone list field 430 may storeinformation identifying zone 310. Each zone identified inzone list field 430 may be associated with a weight value. The weight values may be configurable. - Track network
address list field 440 may store a list of zero or more network addresses to be monitored. In one implementation, track networkaddress list field 440 may store network addresses of whichVSD 1 115 is associated. For example,VSD 1 115 may monitor the status of one or more devices associated withnetwork 130 and/or 140. Therefore, the network address (e.g., an IP address) of those devices may be stored infield 440 forVSD 1 115. Each network address in track networkaddress list field 310 may be associated with the following information: an interval value, a threshold value, method information, and a weight value. This information may be configurable. The interval value may indicate how often the associated network address is to be contacted. In one implementation, the interval value may be 1 second. The threshold value may indicate the number of times that the associated network address is to be contacted if no reply is received. In one implementation, the threshold value may be 3. The method information may indicate the manner in which the associated network address is to be contacted. For example, the method information may indicate that the associated network address is to be pinged. Other techniques for contacting network addresses may alternatively be used. For example, an address resolution protocol (ARP) technique may alternatively be used. The choice of method may be user configurable. -
Threshold field 450 may store a configurable threshold value. The threshold value may be an integer value greater than or equal to 1.Summation field 460 may store a value representing a current status level ofVSD 1 115. The manner in which the summation value is determined is described in detail below with respect to the process ofFIG. 5 . -
FIG. 5 is a flowchart of an exemplary process for routing data units innetwork 100 in an implementation consistent with the principles of the invention. The following process may be implemented by a VSD of anetwork device 110/120. It is assumed, for explanatory purposes, that the processing described below is performed byVSD 1 115 ofnetwork device 110. - Processing may begin with
VSD 1 115 monitoring the status of the interfaces (IFs) (e.g., interfaces 315 and 320 in the exemplary configuration illustrated inFIG. 3 ) identified ininterface list field 420 of data structure 400 (act 505). In one implementation,VSD 1 115 may receive event messages from eachinterface 315 and 320 identified infield 420 ofdata structure 400.VSD 1 115 may determine whether any of the associated interfaces are down (act 510).VSD 1 115 may determine that a particular associated interface 315/320 is down when an event message is received from that associated interface 315/320. If each of the associated interfaces is determined to be operable (i.e., not down), processing may return to act 505 withVSD 1 115 continuing to monitor the status of the associated interfaces. In one implementation,VSD 1 115 may verify the status of the associated interfaces at a periodic time interval, such as every second. The time interval may be configurable. -
VSD 1 115 may monitor the status of the network addresses stored infield 440 ofdata structure 400 associated withVSD 1 115 (act 515). In one implementation,VSD 1 115 may contact each network address in track networkaddress list field 440 at the interval and using the method specified indata structure 400.VSD 1 115 may determine whether any of the network addresses are unreachable (e.g., the device associated with the network address cannot be reached) (act 520).VSD 1 115 may determine that a particular network address is not reachable when the number of times that a reply to a ping request (or ARP command) to that network address has not been received equals the threshold value stored indata structure 400 for that network address. If each of the network addresses is determined to be reachable, processing may return to act 515 withVSD 1 115 continuing to verify the status of the network addresses at the intervals specified indata structure 400. - Similar to the monitoring of the interfaces and network addresses,
VSD 1 115 may monitor the status of each zone identified inzone list 430 ofdata structure 400 associated withVSD 1 115 (act 525). In one implementation,VSD 1 115 may receive event messages from each zone identified infield 430 ofdata structure 400.VSD 1 115 may determine whether any of the associated zones are down (act 530).VSD 1 115 may determine that a particular zone is down when an event message is received from that associated zone indicating that the zone is down. If each zone inzone list 430 is determined to be operable (i.e., not down), processing may return to act 525 withVSD 1 115 continuing to monitor the status of the associated zones. In one implementation,VSD 1 115 may verify the status of the associated zones at a periodic time interval, such as every second. The time interval may be configurable. - If
VSD 1 115 determines that one or more of the interfaces frominterface list 420 are down (act 510), one or more network addresses from track networkaddress list field 440 are unreachable (act 410), or one or more zones fromzone list 430 are down (act 530),VSD 1 115 may set the flag in flag field 410 (act 535). -
VSD 1 115 may periodically check the status of the flag inflag field 410 of data structure 400 (act 540). IfVSD 1 115 determines that the flag infield 410 has not been set (act 540), processing can return to act 540 withVSD 1 115 continuing to check the status of the flag infield 410. If, on the other hand,VSD 1 115 determines that the flag infield 410 has been set (act 540),VSD 1 115 may add the weights of the associated interfaces or zones that are determined to be down and the weights of those network addresses that are determined to be unreachable to the summation value in summation field 460 (act 545). The summation value may be zero (or some other predetermined value) when all of the interfaces and zones are determined to be available and all of the network addresses are determined to be reachable. -
VSD 1 115 may compare the summation value insummation field 460 to the threshold value in field 450 (act 550).VSD 1 115 may make this comparison at predetermined periods. If the summation value does not equal or exceed the threshold value (act 555),VSD 1 115 may reset the summation value to zero and reset the flag (e.g., set the flag value to zero) (act 560). Processing may then return to act 540 withVSD 1 115 determining whether the flag inflag field 410 has been set. If, on the other hand, the summation value equals or exceeds the threshold value (act 555),VSD 1 115 becomes inoperable and should be failed over toVSD 1 125 of network device 120 (act 565). -
FIG. 6 is a flowchart of an exemplary process for failing over a logical portion of anetwork device 110/120 in an implementation consistent with the principles of the invention. Processing may begin withnetwork device 120 monitoring status messages received from network device 110 (act 605).Network devices link 115. The status messages may indicate the operability of each VSD associated with the network device. For example,network device 110 may transmit a status message to networkdevice 120 indicating the status ofVSD 1 115 andVSD 2 116. Similarly,network device 120 may transmit a status message to networkdevice 110 indicating the status ofVSD 1 125 andVSD 2 126. Eachnetwork device 110/120 may transmit status messages at configurable time intervals (e.g., every second) or in response to an event (e.g., a logical section ofnetwork device 110/120 becoming inoperable). - It is assumed for explanatory purposes that
VSD 1 115 ofnetwork device 110 is active and thatVSD 2 125 ofnetwork device 120 is inactive (e.g., serving as the backup forVSD 1 115). It is also assumed thatVSD 1 115 ofnetwork device 110 becomes inoperable. As such,network device 110 may transmit a status message to networkdevice 120 that indicates thatVSD 1 115 has become inoperable (act 610). In response,network device 120 may placeVSD 1 125, which corresponds toVSD 1 115, into an active mode, thereby failing overVSD 1 fromnetwork device 110 to network device 120 (act 615). SinceVSD 1 115 is failed over, each VSYS associated withVSD 1 115 ofnetwork device 110 will also be failed over tonetwork device 120. Therefore, any sessions associated withVSD 1 115 will be transferred tonetwork device 120 for processing by the appropriate VSYS associated withVSD 2 125. - Once a VSD is failed over, the VSD may continue to verify the status of the network addresses with which the VSD is associated. For example, the VSD may continue to send ping (or ARP) commands to the network addresses associated with the VSD and then re-compute the summation value to determine whether the VSD should be brought back up. When a VSD is brought back up, the VSD may, for example, serve as the backup for the currently active VSD or this newly recovered VSD may resume functioning as the active VSD and the currently active VSD may return to an inactive (or backup) state.
- The following example illustrates the above processing. With reference to
FIG. 1 , assume for this example thatVSD 1 115 ofnetwork device 110 is operable and is in an active mode and thatVSD 1 125 ofnetwork device 120 is in a backup mode. Assume further thatVSD 1 115 is configured as illustrated inFIG. 3 . Moreover, assume thatVSD 1 115 is associated withexemplary data structure 700 illustrated inFIG. 7 . - With reference to
FIG. 7 , assume that the flag value inflag field 410 is zero (meaning that the flag is not set), thatinterface list field 420 stores information identifyinginterfaces E 1,E 2, andE 3 315 and shared interface (IF) 320, each having a weight assigned to it of 255, thatzone list field 430 storesinformation identifying zone 310, which has a weight assigned to it of 255, that tracknetwork address field 440 stores the two network addresses (i.e., NA1 and NA2), each having a weight assigned to it of 255, that the threshold value inthreshold field 450 is 255, and the summation value insummation field 460 is 0. - Processing may begin with
VSD 1 115 monitoring the status ofinterfaces 315 and 320 listed ininterface list 420,zones 310 listed inzone list 430, and network addresses listed in track networkaddress list field 440. As illustrated inFIG. 7 ,VSD 1 115 may cause the status of network address NA1 to be checked every second via a pinging method. - Assume for this example that a response is not received from NA1 in response to three consecutive ping requests (the threshold value for network address NA1). The flag in
flag field 410 may then be set (e.g., by making the flag value 1).VSD 1 115 may periodically check the status of the flag inflag field 410. Upon detecting that the flag is set,VSD 1 115 may add the weight (255) associated with network address NA1 to the summation value (0) insummation field 460. The new summation value (255) may then be compared to the threshold value (255) inthreshold field 450. Since the new summation value (255) matches the threshold value (255),VSD 1 115 becomes inoperable. - In a status message from
network device 110 tonetwork device 120,network device 110 may indicate thatVSD 1 115 has become inoperable. Upon receipt,network device 120 may activateVSD 1 125. In this way, a logical portion ofnetwork device 110 can be failed over tonetwork device 120. Other portions ofnetwork device 110 may continue operating as usual. For example, ifVSD 2 116 of network device was in an active mode prior toVSD 1 115 being failed over tonetwork device 120,VSD 2 116 may continue processing traffic during and after the fail over ofVSD 1 115. By only failing over a logical portion of network device, the time period in which a fail over can occur is reduced. - Systems and methods consistent with the principles of the invention improve traffic forwarding within a communications network. In an exemplary implementation, if a logical portion of a first network device becomes inoperable, that logical portion of the first network device can be failed over to a second network device while the remaining operable portions of the first network device can continue functioning as usual.
- The foregoing description of exemplary implementations consistent with the principles of the invention provides illustration and description, but is not intended to be exhaustive or to limit the invention to the precise form disclosed. Modifications and variations are possible in light of the above teachings or may be acquired from practice of the invention. For example, while a series of acts has been described with regard to
FIGS. 5 and 6 , the order of the acts may be varied in other implementations consistent with the invention. Moreover, non-dependent acts may be implemented in parallel. - No element, act, or instruction used in the description of the present application should be construed as critical or essential to the invention unless explicitly described as such. Also, as used herein, the article “a” is intended to include one or more items. Where only one item is intended, the term “one” or similar language is used. Further, the phrase “based on” is intended to mean “based, at least in part, on” unless explicitly stated otherwise.
Claims (21)
1-32. (canceled)
33. A method comprising:
identifying, by a virtual security device, whether any resources, in a set of resources associated with a first network device, are unreachable;
identifying, by the virtual security device, weights associated with the resources, in the set of resources, that are unreachable;
accumulating, by the virtual security device, the weights associated with the unreachable resources to obtain an accumulated value; and
failing over only the set of resources of the first network device to a second network device when the accumulated value equals or exceeds a threshold.
34. The method of claim 33 , where failing over only the set of resources of the first network device includes:
failing over only a particular logical portion of the first network device to the second network device.
35. The method of claim 33 , where failing over only the set of resources of the first network device includes:
not failing over another set of resources, of the first network device, to another network device.
36. The method of claim 33 , where the set of resources comprises at least one of:
one or more interfaces, or
one or more network addresses.
37. The method of claim 36 , where a particular interface, of the one or more interfaces, connects the virtual security device to a network.
38. The method of claim 36 , where a particular network address, of the one or more network addresses, is a network address of a particular device associated with a network to which the virtual security device is connected.
39. The method of claim 36 , where the set of resources comprises:
a zone of interfaces that comprises two or more interfaces, of the one or more interfaces.
40. The method of claim 33 , further comprising:
monitoring the set of resources, where monitoring a particular resource, in the set of resources, includes:
periodically transmitting a ping request to the particular resource, and
determining whether a ping was received, from the particular resource, in response to the ping request; and
where identifying that the particular resource is unreachable comprises:
determining that a ping was not received, from the particular resource and in response to a ping request, at least a threshold number of times.
41. A computer-readable memory device having computer-readable instructions stored thereon, the computer-readable instructions comprising:
instructions to identify whether any resources, in a set of resources associated with a first network device, are unreachable;
instructions to identify weights associated with the resources, in the set of resources, that are unreachable;
instructions to accumulate the weights associated with the unreachable resources to obtain an accumulated value; and
instructions to fail over only the set of resources of the first network device to a second network device when the accumulated value equals or exceeds a threshold.
42. The computer-readable memory device of claim 41 , where the instructions to fail over only the set of resources of the first network device include:
instructions to fail over only a particular logical portion of the first network device to the second network device.
43. The computer-readable memory device of claim 41 , where the instructions to fail over only the set of resources of the first network device include:
instructions to forego failing over another set of resources, of the first network device, to another network device.
44. The computer-readable memory device of claim 41 , where the set of resources comprises at least one of:
one or more interfaces, or
one or more network addresses.
45. The computer-readable memory device of claim 44 , where the instructions are executed by a virtual security device, where a particular interface, of the one or more interfaces, connects the virtual security device to a network.
46. The computer-readable memory device of claim 44 , where the instructions are executed by a virtual security device, where a particular network address, of the one or more network addresses, is a network address of a particular device associated with a network to which the virtual security device is connected.
47. The computer-readable memory device of claim 44 , where the set of resources comprises:
a zone of interfaces that comprises two or more interfaces, of the one or more interfaces.
48. The computer-readable memory device of claim 41 , further comprising:
instructions to monitor the set of resources, where the instructions to monitor a particular resource, in the set of resources, include:
instructions to periodically transmit a ping request to the particular resource, and
instructions to determine whether a ping was received, from the particular resource, in response to the ping request; and
where the instructions to identify that the particular resource is unreachable comprise:
instructions to determine that a ping was not received, from the particular resource and in response to a ping request, at least a threshold number of times.
49. A device, comprising:
a memory to store computer-executable instructions, and
one or more processors to execute the computer-executable instructions to:
identify whether any resources, in a set of resources associated with a first network device, are unreachable;
identify weights associated with the resources, in the set of resources, that are unreachable;
accumulate the weights associated with the unreachable resources to obtain an accumulated value; and
fail over only the set of resources of the first network device to a second network device when the accumulated value equals or exceeds a threshold.
50. The device of claim 49 , where when failing over only the set of resources of the first network device, the one or more processors are to:
fail over only a particular logical portion of the first network device to the second network device.
51. The device of claim 49 , where when failing over only the set of resources of the first network device, the one or more processors are to:
foregoing failing over another set of resources, of the first network device, to another network device.
52. The device of claim 49 , where the set of resources comprises at least one of:
one or more interfaces, or
one or more network addresses.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/871,702 US20100325486A1 (en) | 2005-01-19 | 2010-08-30 | Systems and methods for providing redundancy in communications networks |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/037,179 US7808893B1 (en) | 2005-01-19 | 2005-01-19 | Systems and methods for providing redundancy in communications networks |
US12/871,702 US20100325486A1 (en) | 2005-01-19 | 2010-08-30 | Systems and methods for providing redundancy in communications networks |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/037,179 Continuation US7808893B1 (en) | 2005-01-19 | 2005-01-19 | Systems and methods for providing redundancy in communications networks |
Publications (1)
Publication Number | Publication Date |
---|---|
US20100325486A1 true US20100325486A1 (en) | 2010-12-23 |
Family
ID=42797796
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/037,179 Expired - Fee Related US7808893B1 (en) | 2005-01-19 | 2005-01-19 | Systems and methods for providing redundancy in communications networks |
US12/871,702 Abandoned US20100325486A1 (en) | 2005-01-19 | 2010-08-30 | Systems and methods for providing redundancy in communications networks |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/037,179 Expired - Fee Related US7808893B1 (en) | 2005-01-19 | 2005-01-19 | Systems and methods for providing redundancy in communications networks |
Country Status (1)
Country | Link |
---|---|
US (2) | US7808893B1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9626262B1 (en) * | 2013-12-09 | 2017-04-18 | Amazon Technologies, Inc. | Primary role reporting service for resource groups |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6732186B1 (en) * | 2000-06-02 | 2004-05-04 | Sun Microsystems, Inc. | High availability networking with quad trunking failover |
US6954436B1 (en) * | 2001-02-28 | 2005-10-11 | Extreme Networks, Inc. | Method and apparatus for selecting redundant routers using tracking |
US7010716B2 (en) * | 2002-07-10 | 2006-03-07 | Nortel Networks, Ltd | Method and apparatus for defining failover events in a network device |
US7328261B2 (en) * | 2001-11-21 | 2008-02-05 | Clearcube Technology, Inc. | Distributed resource manager |
-
2005
- 2005-01-19 US US11/037,179 patent/US7808893B1/en not_active Expired - Fee Related
-
2010
- 2010-08-30 US US12/871,702 patent/US20100325486A1/en not_active Abandoned
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6732186B1 (en) * | 2000-06-02 | 2004-05-04 | Sun Microsystems, Inc. | High availability networking with quad trunking failover |
US6954436B1 (en) * | 2001-02-28 | 2005-10-11 | Extreme Networks, Inc. | Method and apparatus for selecting redundant routers using tracking |
US7328261B2 (en) * | 2001-11-21 | 2008-02-05 | Clearcube Technology, Inc. | Distributed resource manager |
US7010716B2 (en) * | 2002-07-10 | 2006-03-07 | Nortel Networks, Ltd | Method and apparatus for defining failover events in a network device |
Also Published As
Publication number | Publication date |
---|---|
US7808893B1 (en) | 2010-10-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7583593B2 (en) | System and methods for detecting network failure | |
KR100617344B1 (en) | Reliable fault resolution in a cluster | |
US9219641B2 (en) | Performing failover in a redundancy group | |
US10320898B2 (en) | Automated multi-network failover for data centers | |
CN109344014B (en) | Main/standby switching method and device and communication equipment | |
CN108234191A (en) | The management method and device of cloud computing platform | |
US8121026B2 (en) | Systems and methods for routing data in a communications network | |
US10454809B2 (en) | Automatic network topology detection for merging two isolated networks | |
US9674285B2 (en) | Bypassing failed hub devices in hub-and-spoke telecommunication networks | |
US20030233473A1 (en) | Method for configuring logical connections to a router in a data communication system | |
US9559894B2 (en) | System and method for supporting high available (HA) network communication in a middleware machine environment | |
US11848995B2 (en) | Failover prevention in a high availability system during traffic congestion | |
US20150381498A1 (en) | Network system and its load distribution method | |
US11223559B2 (en) | Determining connectivity between compute nodes in multi-hop paths | |
EP3544235B1 (en) | A method, a network device, and a computer program product for resetting a packet processing component to an operational state | |
US7808893B1 (en) | Systems and methods for providing redundancy in communications networks | |
US20220337504A1 (en) | Modified graceful restart | |
CN116319676B (en) | Domain name resolution method, device, storage medium and system | |
CN114826887B (en) | Private network connection communication method and system | |
CN115632987A (en) | Load balancing method based on DNS and route issuing control | |
CN118677834A (en) | Main router switching method, device, equipment and medium | |
CN117081912A (en) | Method, device, equipment and medium for host switching of source address conversion | |
CN117255001A (en) | Barrier removing method and device for service node, load balancer and readable storage medium | |
Chowdhury et al. | On the design, development, deployment, and network survivability analysis of the dynamic routing system protocol | |
CN106533774A (en) | Method for constructing LVS system and LVS system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |