WO2015183311A1 - Determine edge switch based on network traffic - Google Patents

Determine edge switch based on network traffic Download PDF

Info

Publication number
WO2015183311A1
WO2015183311A1 PCT/US2014/040285 US2014040285W WO2015183311A1 WO 2015183311 A1 WO2015183311 A1 WO 2015183311A1 US 2014040285 W US2014040285 W US 2014040285W WO 2015183311 A1 WO2015183311 A1 WO 2015183311A1
Authority
WO
WIPO (PCT)
Prior art keywords
switch
network
switches
controlled
end host
Prior art date
Application number
PCT/US2014/040285
Other languages
French (fr)
Inventor
Shaun Wackerly
Duane Edward Mentze
Original Assignee
Hewlett-Packard Development Company, L.P.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett-Packard Development Company, L.P. filed Critical Hewlett-Packard Development Company, L.P.
Priority to PCT/US2014/040285 priority Critical patent/WO2015183311A1/en
Publication of WO2015183311A1 publication Critical patent/WO2015183311A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/64Hybrid switching systems
    • H04L12/6418Hybrid transport
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • H04L41/122Discovery or management of network topologies of virtualised topologies, e.g. software-defined networks [SDN] or network function virtualisation [NFV]

Definitions

  • Computing devices such as laptops, desktops, mobile phones, tablets, and the like often utilize resources including services, data, and applications within an electronic communication network. Consequently, networks of these computing devices have grown in size and complexity. These networks may include various infrastructure devices, such as switches, routers, hubs, and the like, which connect to and provide the network for the computing devices.
  • FIG. 1 illustrates a block diagram of a network controller to determine an edge switch for a particular end host within a network according to examples of the present disclosure
  • FIGs. 2A and 2B illustrate a block diagram of a network controller to determine an edge switch for a particular end host within a network according to examples of the present disclosure
  • FIGs. 3A and 3B illustrate a block diagram of a network controller to determine an edge switch for a particular end host within a network according to examples of the present disclosure
  • FIG. 4 illustrates a flow diagram of a method for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure
  • FIG. 5 illustrates a flow diagram of a method for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure
  • FIG. 6 illustrates a flow diagram of a method for finding edge switches according to examples of the present disclosure.
  • FIGs. 7A and 7B illustrate a flow diagram of a method for determining whether a switch is an edge switch according to examples of the present disclosure.
  • Electronic communication networks may include a variety of devices including networked end-host devices (e.g., a user computing device) and networked infrastructure devices (e.g., network switches, routers, hubs, etc.). Through the network, these interconnected devices communicate by transmitting and receiving data packets. For example, a first end-host device may transmit a data packet to a second end-host device through an infrastructure device such as a network switch designed to forward the data packets accordingly.
  • networked end-host devices e.g., a user computing device
  • networked infrastructure devices e.g., network switches, routers, hubs, etc.
  • SDN Software-defined networking
  • software-defined networks may include a network controller for implementing and managing the software-defined network and various tasks relating to networking.
  • the controller may wish to identify certain switches that are edge switches (that is, switches that are in an edge-most position within the network and connected to end host devices) in order to propagate security, routing, forwarding, and other rules to the switches. This may also be true in hybrid software defined networks that include both controlled and uncontrolled switches. Currently, controllers propagate security, routing, forward, and other rules to each of the switches within the network without regard to whether the switch is an edge switch. This approach causes increased network traffic, utilizes more resources within the switches, and may need to be repeated frequently (e.g., after any network infrastructure changes).
  • a method may include receiving, by a computing system, network traffic from a network switch within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network. The method may further include determining, by the computing system, whether the switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
  • a system may include a processing resource and a link database to store a set of known links between a set of controlled switches within a controlled network.
  • the system may further include an edge switch detection module, executable by the processing resource, to determine which of the set of controlled switches are edge switches for a particular host based on analyzing network traffic sent by the particular end host through the network of controlled switches utilizing the set of known links.
  • a non-transitory computer-readable storage medium may store instructions that, when executed by a processor, cause the processor to receive a request to identify edge switches for a particular end host in a controlled network.
  • the instructions may further cause the processor to retrieve a set of switches in the controlled network from a database. Additionally, the instructions may cause the processor to determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network.
  • the disclosed edge switch identification techniques do not require complete control over every flow within the network. Additionally, the edge switch identification techniques can handle packet reception regardless of the order the packets are received. Moreover, the edge switch identification techniques functions in the presence of uncontrolled switches, even at the edge of the network.
  • FIG. 1 illustrates a block diagram of a network controller 100 to determine an edge switch for a particular end host within a network.
  • the network controller 100 may be a computing system to monitor and manage network attached switches.
  • the network controller 100 includes an edge switch detection module 1 10 for determining an edge switch for a particular end host within a network.
  • the network controller 100 may include various additional hardware components (not shown), including processing resources, memory resources, networking resources, storage resources, and the like.
  • the network controller 100 may include a database, such as link DB 106.
  • the link DB 108 may be separate from, but communicatively coupled to, the network controller 100.
  • the network controller 100 is connected to a plurality of network switches, such as controlled switches 120, 122, and 124. In this way, the network controller 100 is said to control the controlled switches.
  • the plurality of network switches may each include one or more network ports. These network ports are utilized in communicatively coupling a switch to another networkabie device, such as an end host device, another switch, a router, or another network device. These communicative couplings are referred to as links within the network.
  • the network represents generally hardware components and computers interconnected by communications channels that allow sharing of resources and information.
  • the network may include one or more of a cable, wireless, fiber optic, or remote connection via a telecommunication link, an infrared link, a radio frequency link, or any other connectors or systems that provide electronic communication.
  • the network may include, at least in part, an Intranet, the internet, or a combination of both, in another example, the network may be a software defined network.
  • the network may also include intermediate proxies, routers, switches, load balancers, and the like.
  • the paths followed by network between the various components such as network controller 100, controlled switches 120, 122, and 124, and end hosts 130 and 134, as depicted in FIG. 1 , represent the logical communication paths between these devices, not necessarily the physical paths between the devices.
  • controlled switch 120 includes network ports A1 and A2, the controlled switch 122 includes network ports B1 and B2, and the controlled switch 124 includes network ports C1 and C2, although additional network ports may be present.
  • Port A1 of controlled switch 120 is connected to end host 130 while port A2 is communicatively coupled to port B1 of controlled switch 122.
  • Port B2 of controlled switch 122 is communicatively coupled to port CI of controlled switch 124.
  • Port C2 of controlled switch 124 is communicatively coupled to end host 134.
  • the end hosts, controlled switches, and network controller are said to form a network.
  • the network may be homogenous (i.e., made up of the same types and/or configurations of network devices) or heterogeneous (i.e., made up of different types and/or configurations of network devices).
  • the dotted line denotes network traffic being sent from end host 130 to end host 134.
  • the network traffic is sent from the end host 130 to the controlled switch 120 and is received through port A1 .
  • the network traffic is then relayed by controlled switch 120 to controlled switch 122 via the link between ports A2 and B1 .
  • the network traffic is relayed by controlled switch 122 to controlled switch 124 via the link between ports B2 and C1.
  • the network traffic is relayed by controlled switch 124 to the end host 134 through port C2.
  • the link structure between the controlled switches may be known to the networking device 100 as it may be stored in link DB 106 which may be any appropriate time of database, data store, or other storage medium.
  • each (or some) of the plurality of controlled switches 120, 122, and 124 may include additional ports (not shown) for connecting the controlled switches to the network controller 100.
  • These links are illustrated by the dashed lines 140, 142, and 144, across which, network traffic may be copied or taken from the controlled switches to the network controller 100 through a control plane 150 (or similar transmission layer) of the network. This enables the network controller 100 to listen for packets transmitted within the network to identify where end host devices are located (i.e., to which controlled switch the end host is connected).
  • a controlled switch such as the controlled switches 120, 122, and/or 124
  • receives network traffic e.g., data packets
  • each of the controlled switches 120, 122, and 124 transmit a copy of that packet to the network controller 100.
  • packets from a certain protocol e.g., ARP or DHCP
  • the first packet of unique transmissions flows from a specific host may be copied or sent to the network controller 100.
  • the network controller 100 may examine source information from copied packets and then using this information to determine where an end host resides.
  • the edge switch detection module 1 10 of the network controller 100 can determine that the controlled switch 120 received a packet at port A1 of the controlled switch 120 and that the data packet was retransmitted (or relayed) to the controlled switch 122 via port A2 of controlled switch 120. Similarly, the edge switch detection module 1 10 can determine that the controlled switch 122 received a packet at port B1 of the controlled switch 122 and that the data packet was retransmitted to the controlled switch 122 via port B2. The edge switch detection module 1 10 can also determine that the controlled switch 124 received a packet at port CI of the controlled switch 124 and that the data packet was retransmitted to end host 134 via port C2.
  • the controlled switch may indicate to the network controller 100 that a packet was received, at which port the packet was received, and/or at which port the packet was retransmitted.
  • the edge switch detection module 1 10 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
  • the network traffic may be transmitted in as broadcast/multicast traffic which is intended to be received by the end host. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across controlled switches 120, 122, and 124.
  • the edge switch detection module 1 10 may analyze the particular links traversed by the network traffic, if the network traffic is observed to traverse a link known as being between two controlled switches (such as the link between port A2 of controlled switch 120 and port B1 of controlled switch 122), then the controlled switch 122 (i.e., the controlled switch receiving the transmission over the known link) can be eliminated as not being an edge switch for end host 130. Likewise, if the network traffic is observed to traverse the link between port B2 of controlled switch 122 and port C1 of controlled switch 124, then the controlled switch 124 can be eliminated as not being an edge switch for end host 130.
  • the edge switch detection module 1 10 can determine which of the controlled switches 120, 122, and 124 are edge switches for a particular host.
  • controlled switch 120 is an edge switch for end host 130.
  • FIGs. 2A and 2B illustrate a block diagram of a network controller 200 to determine an edge switch for a particular end host within a network.
  • the network controller 200 may be a computing system to monitor and manage network attached switches, in an example, the network controller 200 includes an edge switch detection module 210 for determining an edge switch for a particular end host within a network.
  • the network controller 200 may include various additional hardware components (not shown), including processing resources, memory resources, networking resources, storage resources, and the like, in an example, the network controller 200 may include a database, such as link DB 206. However, in other examples, the link DB 206 may be separate from, but communicatively coupled to, the network controller 200.
  • the network controller 200 is connected to a plurality of network switches, such as controlled switches 220, 222, 224, and 226. in this way, the network controller 200 is said to control the controlled switches.
  • the plurality of network switches may each include one or more network ports. These network ports are utilized in communicatively coupling a switch to another networkable device, such as an end host device, another switch, a router, or another network device. These communicative couplings are referred to as links within the network.
  • the network represents generally hardware components and computers interconnected by communications channels that allow sharing of resources and information.
  • the network may include one or more of a cable, wireless, fiber optic, or remote connection via a telecommunication link, an infrared link, a radio frequency link, or any other connectors or systems that provide e!ectronic communication.
  • the network may include, at least in part, an Intranet, the internet, or a combination of both, in another example, the network may be a software defined network.
  • the network may also include intermediate proxies, routers, switches, load balancers, and the like.
  • the paths followed by network between the various components represent the logical communication paths between these devices, not necessarily the physical paths between the devices.
  • controlled switch 220 includes network ports A1 and A2, the controlled switch 222 includes network port B1 , the controlled switch 224 includes network ports C1 , C2, and C3, and the controlled switch 226 includes network port D1 , although additional network ports may be present.
  • Port A1 of controlled switch 220 is connected to end host 230 while port A2 is communicatively coupled to a port of uncontrolled switch 228.
  • Port B1 of controlled switch 222 is communicatively coupled to a port of uncontrolled switch 228, as is port C1 of controlled switch 224.
  • Port C2 of controiled switch 224 is communicatively coupled to end host 234 while port C3 is communicatively coupled to port D1 of controlled switch 226.
  • the end hosts, controlled switches, uncontrolled switch, and network controller are said to form a network.
  • the network may be homogenous (i.e., made up of the same types and/or configurations of network devices) or heterogeneous (i.e., made up of different types and/or configurations of network devices),
  • the dotted line in FIG, 2A denotes network traffic being sent from end host 230 to end host 234.
  • the network traffic is sent from the end host 230 to the controlled switch 220 and is received through port A1 .
  • the network traffic is then relayed by controlled switch 220 to controlled switches 222 and 224 via the links between ports A2 of controlled switch 220 and ports B1 and C1 of controlled switches 222 and 224 respectively through the uncontrolled switch 228.
  • the network traffic is then relayed by controlled switch 224 to the end host 234 through port C2 and to controlled switch 226 via the link between ports C3 of controlled switch 224 and D1 of controiled switch 226.
  • link structure between the controlied switches may be known to the networking device 200 as it may be stored in link DB 208 which may be any appropriate time of database, data store, or other storage medium.
  • link DB 208 may show the following links:
  • each (or some) of the p!uraiity of controlled switches 220, 222, 224, and 226 may include additional ports (not shown) for connecting the controlled switches to the network controller 200.
  • These links are illustrated by the dashed lines 240, 242, 244, and 246 across which, network traffic may be copied from the controlled switches to the network controller 200 through a control plane 250 (or similar transmission layer) of the network. This enables the network controller 200 to listen for packets transmitted within the network to identify where end host devices are located (i.e., to which controlled switch the end host is connected).
  • a controlled switch such as the controlied switches 220, 222, 224, and/or 226, receives network traffic (e.g., data packets), each of the controlled switches 220, 222, 224, and 226 transmit a copy of that packet to the network controller 200.
  • network traffic e.g., data packets
  • packets from a certain protocol e.g., ARP or DHCP
  • the first packet of unique transmissions flows from a specific host may be copied or sent to the network controller 200.
  • the network controller 200 may examine source information from copied packets and then using this information to determine where an end host resides.
  • the edge switch detection module 210 of the network controller 200 can determine that the controlled switch 220 received a packet at port A1 of the controlied switch 220 and that the data packet was retransmitted (or relayed) to the controlled switches 222 and 224 via port A2 of controlled switch 220. Similarly, the edge switch detection module 210 can determine that the controlled switches 222 and 224 received a packet at ports B1 and C1 respectively. The edge switch detection module 210 can also determine that the controlled switch 224 received a packet at port C1 of the controlled switch 224 and that the data packet was retransmitted to end host 234 via port C2 and to controlled switch 226.
  • the edge switch detection module 210 can also determine that the controlled switch 226 received a packet at port D1 from port C3 of controlled switch 224. This occurs in addition to the original network traffic packet being transmitted through the controiled switches 220, 222, 224, and 226 and uncontrolled switch 228 from end host 230 to end host 234, as described above.
  • the controlled switch may indicate to the network controller 200 that a packet was received, at which port the packet was received, and/or at which port the packet was retransmitted.
  • the edge switch defection module 210 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
  • the network traffic may be transmitted in as broadcast/multicast traffic which is intended to be received by the end host. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across controiled switches 220, 222, 224, and 226.
  • the edge switch detection module 210 may analyze the particular links traversed by the network traffic, if the network traffic is observed to traverse a link known as being between two controlled switches (such as the link between port A2 of controlled switch 220 and port B1 of controiled switch 222) but crossing one or more uncontrolled switches, then the controiled switch 222 (i.e., the controlled switch receiving the transmission over the known link) can be eliminated as not being an edge switch for end host 230. Likewise, if the network traffic is observed to traverse the link between port C3 of controiled switch 224 and port D1 of controlled switch 226, then the controiled switch 224 can be eliminated as not being an edge switch for end host 230.
  • the edge switch detection module 210 can determine which of the controlled switches 220, 222, 224, and 226 are edge switches for a particular host.
  • controlled switch 220 is an edge switch for end host 230.
  • the dotted line in FIG. 2B denotes network traffic being sent from end host 238 to end host 234.
  • the network traffic is sent from the end host 238 to the controlled switches 220, 222, and 224 through the uncontrolled switch 228 and is received through port A2 of controlled switch 220, port B1 of controlled switch 222, and port C1 of controlled switch 224.
  • the network traffic is then relayed by controlled switch 224 to controlled switch 226 via the link between ports C3 of controlled switch 224 and port D1 of controlled switches 226.
  • the network traffic is also relayed by controlled switch 224 to the end host 234 through port C2.
  • link structure between the controlled switches may be known to the networking device 200 as it may be stored in link DB 206 which may be any appropriate time of database, data store, or other storage medium.
  • link DB 206 may show the following links:
  • each (or some) of the plurality of controlled switches 220, 222, 224, and 226 may include additional ports (not shown) for connecting the controlled switches to the network controller 200.
  • These links are illustrated by the dashed lines 240, 242, 244, and 246 across which, network traffic may be copied from the controlled switches to the network controller 200 through a control plane 250 (or similar transmission layer) of the network. This enables the network controller 200 to listen for packets transmitted within the network to identify where end host devices are located (i.e., to which controlled switch the end host is connected).
  • a controlled switch such as the controlled switches 220, 222, 224, and/or 226, receives network traffic (e.g., data packets), each of the controlled switches 220, 222, 224, and 226 transmit a copy of that packet to the network controller 200.
  • network traffic e.g., data packets
  • each of the controlled switches 220, 222, 224, and 226 transmit a copy of that packet to the network controller 200.
  • packets from a certain protocol e.g., ARP or DHCP
  • the network controller 200 may examine source information from copied packets and then using this information to determine where an end host resides.
  • the edge switch detection module 210 of the network controller 200 can determine that the controlled switches 220, 222, and 224 received a packet at ports A2, B1 , and C1 respectively. Similarly, the edge switch detection module 210 can determine that the controlled switch 226 received a packet at port D1 and that the data packet was retransmitted to end host 234 via port C2 by controlled switch 224. In another implementation, the controlled switch may indicate to the network controller 200 that a packet was received, at which port the packet was received, and/or at which port the packet was retransmitted.
  • the edge switch detection module 210 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
  • the network traffic may be transmitted in as broadcast/multicast traffic which is intended to be received by the end host. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across controlled switches 220, 222, 224, and 226.
  • the edge switch detection module 210 may analyze the particular links traversed by the network traffic, if the network traffic is observed to traverse a link known as being between two controlled switches (such as the link between port C3 of controlled switch 224 and port D1 of controlled switch 226), then the controlled switch 226 (i.e., the controlled switch receiving the transmission over the known link) can be eliminated as not being an edge switch for end host 238.
  • the edge switch detection module 210 can determine which of the controlled switches 220, 222, 224, and 226 are edge switches for a particular host, in the example illustrated in FIG. 2B, controlled switches 220, 222, and 224 are edge switches for end host 238.
  • FIGs. 3A and 3B illustrate a block diagram of a network controller 300 having an edge switch detection module 310 to determine an edge switch for a particular end host within a network according to examples of the present disclosure.
  • FIGs. 3A and 3B include particular components, modules, etc. according to various examples. However, in different implementations, more, fewer, and/or other components, modules, arrangements of components/modules, etc. may be used according to the teachings described herein, in addition, various components, modules, etc. described herein may be implemented as one or more software modules, hardware modules, special-purpose hardware (e.g., application specific hardware, application specific integrated circuits (ASICs), embedded controllers, hardwired circuitry, etc.), or some combination of these.
  • ASICs application specific integrated circuits
  • the network controller 300 may include any appropriate type of computing system or computing device, including for example smartphones, tablets, desktops, laptops, workstations, servers, smart monitors, smart televisions, digital signage, scientific instruments, retail point of sale devices, video wails, imaging devices, peripherals, networking devices, or the like.
  • the network controller 300 may include a processing resource 302 that represents generally any suitable type or form of processing unit or units capable of processing data or interpreting and executing instructions.
  • the instructions may be stored on a non-transitory tangible computer-readable storage medium, such as a memory resource 304 in FIG. 3B, or on a separate device (not shown), or on any other type of volatile or non-volatile memory that stores instructions to cause a programmable processor to perform the techniques described herein.
  • the network controller 300 may include dedicated hardware, such as one or more integrated circuits, Application Specific Integrated Circuits (ASICs), Application Specific Special Processors (ASSPs), Field Programmable Gate Arrays (FPGAs), or any combination of the foregoing examples of dedicated hardware, for performing the techniques described herein, in some implementations, multiple processors may be used, as appropriate, along with multiple memories and/or types of memory.
  • ASICs Application Specific Integrated Circuits
  • ASSPs Application Specific Special Processors
  • FPGAs Field Programmable Gate Arrays
  • the network controller 300 includes an edge switch detection module 310.
  • the edge switch detection module 310 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across the controlled switches. In particular, the edge switch detection module 310 may analyze the particular links traversed by the network traffic. If the network traffic is observed to traverse a link known as being between two controlled switches, then the controlled switch receiving the transmission over the known link can be eliminated as not being an edge switch for the particular end host. By eliminating the switches which are not edge switches by analyzing the network traffic traversing the network as compared to the known links between the controlled switches, the edge switch detection module 310 can determine which of the controlled switches are edge switches for a particular host.
  • the edge switch detection module 310 utilizes known links between the controlled switches in determining an edge switch for a particular end host. These known links are stored in a link database accessible to the network controller 300, such as link DB 306.
  • the link DB 308 may be a part of the network controller 300, may be attached to the network controller 300, or may be accessible via a remote connection, such as via a network connection.
  • the link DB 306 may be any suitable data store or database for storing information such as link information between the controlled switches. The link information may be manually input into the link DB 306, or the information may be automatically determined, for example, by the network controller 300, or by another suitable device or system.
  • the modu!e(s) described herein may be a combination of hardware and programming.
  • the programming may be processor executable instructions stored on a tangible memory resource such as memory resource 304, and the hardware may include processing resource 302 for executing those instructions.
  • memory resource 304 can be said to store program instructions that when executed by the processing resource 302 implement the modules described herein.
  • Other modules may also be utilized to perform the functionality described herein.
  • FIG. 4 illustrates a flow diagram of a method 400 for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure.
  • the method 400 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B or may be stored as instructions on a non- transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 400.
  • method 400 may include: receiving, by a computing system, network traffic from a network switch within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network (block 402); and determining, by the computing system, whether the switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network (block 404).
  • the method 400 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B) receiving network traffic from a network switch (e.g., controlled switches 120, 122, and 124 of FIG. 1 and/or controlled switches 220, 222, 224, and 226 of FIGs. 2A and 2B) within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network.
  • the request may be generated at the network controller automatically or manually by a user.
  • the request may indicate the particular host for which the edge switches are to be determined.
  • the method 400 continues to block 404.
  • the method 400 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B) determining whether the switch (e.g., controlled switches 120, 122, and 124 of FIG. 1 and/or controlled switches 220, 222, 224, and 226 of FIGs. 2A and 2B) is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
  • the analysis may include analyzing the network traffic in comparison to a set of known links between controlled switches and determining, based on the comparison to the known links, which switches are edge switches for the particular end host.
  • a controlled switch receiving network traffic from a particular host over a known link to another controlled switch is not an edge switch for that particular host, in this way, controlled switches can be eliminated as edge switches for a particular host, and any switches remaining in the set of controlled switches would be considered to be edge switches.
  • FIG. 5 illustrates a flow diagram of a method 500 for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure.
  • the method 500 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of F!Gs. 2A and 2B or may be stored as instructions on a non- transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 500.
  • method 500 may include: receive a request to identify edge switches for a particular end host in a controlled network (block 502); retrieve a set of switches in the controlled domain from a database (504); and determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network (block 508).
  • the method 500 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B) receiving a request to identify edge switches for a particular end host in a controlled network.
  • the request may be generated at the network controller automatically or manually by a user.
  • the request may indicate the particular host for which the edge switches are to be determined.
  • the method 500 continues to block 504.
  • the method 500 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FiGs. 2A and 2B) retrieving a set of switches in the controlled network from a database.
  • the switches in the set of switches are controlled switches with known links among one another.
  • the method 500 then continues to block 506.
  • the method 500 includes determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network.
  • the analysis may include analyzing the network traffic in comparison to a set of known links between controlled switches and determining, based on the comparison to the known links, which switches in the set of switches are edge switches for the particular end host. For example, a controlled switch receiving network traffic from a particular host over a known link to another controlled switch is not an edge switch for that particular host. In this way, controlled switches can be eliminated as edge switches from the set of switches for a particular host, and any switches remaining in the set of controlled switches would be considered to be edge switches.
  • the method 500 may include adding the switch to a set of edge switches for the particular host responsive to determining that a switch in the set of switches is an edge switch for the particular end host. It should be understood that the processes depicted in FIG. 4 represent illustrations, and that other processes may be added or existing processes may be removed, modified, or rearranged without departing from the scope and spirit of the present disclosure.
  • FIG. 6 illustrates a flow diagram of a method 600 for finding edge switches according to examples of the present disclosure.
  • the method 600 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B or may be stored as instructions on a non-transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 600.
  • method 600 includes receiving a request to find at switches for a particular host in a controlled network (block 602). The method 600 then proceeds to receiving a set of switches in the controlled network (block 604) which received from a database containing a set of switches (block 606).
  • the method 600 iterates over for each switch and a set of switches (block 608).
  • the iteration first determines whether there are more switches in a set of switches that have yet to be analyzed (block 610). If there are more switches in the set of switches to be analyzed, a switch is selected from the set of switches (block 612) and it is determined whether that switch is an edge switch (block 614). If the switch is determined not to be an edge switch, the for loop recycles, but if the switch is determined to be an edge switch the switches added to the set of edge switches for the particular host (616).
  • the method 600 returns the edge switches for the particular host (block 618). The method 600 then terminates.
  • FIGs. 7A and 7B illustrate a flow diagram of a method for determining whether a switch is an edge switch according to examples of the present disclosure.
  • the method 700 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B or may be stored as instructions on a non- transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 700.
  • method 700 includes receiving a request to determine whether a switch (S) is an edge switch for host (H) (block 702). Next, it is determined whether the host (H) is observed on the switch (S) (block 704). If not, switch (8) is not an edge switch for host (H) (block 706). if, however, it is determined that host (H) is observed on the switch S, a database is queried to find the ports on the switch where host H has been observed (block 708). Then, the set of ports (Ps) is stored (block 710). A database (such as link DB 106 of FIG. 1 and/or link DB 108 of FIGs. 2A and 2B) is then queried to find the inter-switch links from the set of ports (Ps). The set of links (Ls) is then stored (block 712).
  • the method 700 iterates over for each link (L) in the set of links (Ls) (block 714).
  • the iteration first determines whether there are any more links (L) (block 718), and if not, switch (S) is an edge switch for host (H) (block 718). However, if it is determined that there are more links (L), then an inter-switch link (L) is removed from the set of links (Ls) (block 720) and a set of ports on the destination of (L) (e.g., the switch on the other end of the inter-switch link from switch (S)) are retrieved (block 722). Next, it is determined whether the set of links is empty (block 724).
  • the iteration cycles back to determine whether more links (L) are present (block 716). However, if not, it is determined whether the set of links contained the link destination port (block 726), and if so, the iteration cycles back to determine whether more links (L) are present (block 716). However, if not, it is therefore determined that switch (S) is not an edge switch for host (H) (block 728). The method 700 terminates.
  • the flow diagram of method 700 illustrated in FIG. 7 represents finding an edge switch for a particular host provides a general analysis algorithm for determining an edge switch which traverses each of the set of edge switches.
  • the method 700 may be modified by eliminating the determination of whether the set of links contained the link destination port at block 726 and may instead iterate back to the top of the procedure to operate on the link destination switch rather than just the next switch in the set. In this way, in a topology where there are numerous of controlled switches, but a specific host's traffic is seen on a handful of those switches, the method 700 may be optimized using recursion and iterating from a starting point.

Abstract

In one example implementation according to aspects of the present disclosure, a method may include receiving, by a computing system, network traffic from a network switch within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network. The method may further include determining, by the computing system, whether the switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.

Description

DETERMINE EDGE SWITCH BASED ON NETWORK T AFHC
BACKGROUND
[0001] Computing devices, such as laptops, desktops, mobile phones, tablets, and the like often utilize resources including services, data, and applications within an electronic communication network. Consequently, networks of these computing devices have grown in size and complexity. These networks may include various infrastructure devices, such as switches, routers, hubs, and the like, which connect to and provide the network for the computing devices.
BRIEF DESCRIPTION OF THE DRAWINGS
[0002] The following detailed description references the drawings, in which:
[0003] FIG. 1 illustrates a block diagram of a network controller to determine an edge switch for a particular end host within a network according to examples of the present disclosure;
[0004] FIGs. 2A and 2B illustrate a block diagram of a network controller to determine an edge switch for a particular end host within a network according to examples of the present disclosure;
[0005] FIGs. 3A and 3B illustrate a block diagram of a network controller to determine an edge switch for a particular end host within a network according to examples of the present disclosure;
[0006] FIG. 4 illustrates a flow diagram of a method for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure;
[0007] FIG. 5 illustrates a flow diagram of a method for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure;
[0008] FIG. 6 illustrates a flow diagram of a method for finding edge switches according to examples of the present disclosure; and
[0009] FIGs. 7A and 7B illustrate a flow diagram of a method for determining whether a switch is an edge switch according to examples of the present disclosure. DETA!LED DESCRIPTION
[0010] Electronic communication networks may include a variety of devices including networked end-host devices (e.g., a user computing device) and networked infrastructure devices (e.g., network switches, routers, hubs, etc.). Through the network, these interconnected devices communicate by transmitting and receiving data packets. For example, a first end-host device may transmit a data packet to a second end-host device through an infrastructure device such as a network switch designed to forward the data packets accordingly.
[0011] Software-defined networking (SDN) enables networks services to be managed through abstraction of lower level functionality. In addition to the traditional end-host devices and networked infrastructure devices found in networks, software-defined networks may include a network controller for implementing and managing the software-defined network and various tasks relating to networking.
[0012] The controller may wish to identify certain switches that are edge switches (that is, switches that are in an edge-most position within the network and connected to end host devices) in order to propagate security, routing, forwarding, and other rules to the switches. This may also be true in hybrid software defined networks that include both controlled and uncontrolled switches. Currently, controllers propagate security, routing, forward, and other rules to each of the switches within the network without regard to whether the switch is an edge switch. This approach causes increased network traffic, utilizes more resources within the switches, and may need to be repeated frequently (e.g., after any network infrastructure changes).
[0013] Various implementations are described below by referring to several examples of determining whether a switch is an edge switch for a particular host in a network, in one example implementation according to aspects of the present disclosure, a method may include receiving, by a computing system, network traffic from a network switch within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network. The method may further include determining, by the computing system, whether the switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
[0014] In another example implementation according to aspects of the present disclosure, a system may include a processing resource and a link database to store a set of known links between a set of controlled switches within a controlled network. The system may further include an edge switch detection module, executable by the processing resource, to determine which of the set of controlled switches are edge switches for a particular host based on analyzing network traffic sent by the particular end host through the network of controlled switches utilizing the set of known links.
[0015] In yet another example implementation according to aspects of the present disclosure, a non-transitory computer-readable storage medium may store instructions that, when executed by a processor, cause the processor to receive a request to identify edge switches for a particular end host in a controlled network. The instructions may further cause the processor to retrieve a set of switches in the controlled network from a database. Additionally, the instructions may cause the processor to determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network.
[0016] In some implementations, the disclosed edge switch identification techniques do not require complete control over every flow within the network. Additionally, the edge switch identification techniques can handle packet reception regardless of the order the packets are received. Moreover, the edge switch identification techniques functions in the presence of uncontrolled switches, even at the edge of the network. These and other advantages will be apparent from the description that follows.
[0017] FIG. 1 illustrates a block diagram of a network controller 100 to determine an edge switch for a particular end host within a network. The network controller 100 may be a computing system to monitor and manage network attached switches. In an example, the network controller 100 includes an edge switch detection module 1 10 for determining an edge switch for a particular end host within a network. The network controller 100 may include various additional hardware components (not shown), including processing resources, memory resources, networking resources, storage resources, and the like. In an example, the network controller 100 may include a database, such as link DB 106. However, in other examples, the link DB 108 may be separate from, but communicatively coupled to, the network controller 100.
[0018] The network controller 100 is connected to a plurality of network switches, such as controlled switches 120, 122, and 124. In this way, the network controller 100 is said to control the controlled switches. The plurality of network switches may each include one or more network ports. These network ports are utilized in communicatively coupling a switch to another networkabie device, such as an end host device, another switch, a router, or another network device. These communicative couplings are referred to as links within the network.
[0019] The network represents generally hardware components and computers interconnected by communications channels that allow sharing of resources and information. The network may include one or more of a cable, wireless, fiber optic, or remote connection via a telecommunication link, an infrared link, a radio frequency link, or any other connectors or systems that provide electronic communication. The network may include, at least in part, an Intranet, the internet, or a combination of both, in another example, the network may be a software defined network. The network may also include intermediate proxies, routers, switches, load balancers, and the like. The paths followed by network between the various components such as network controller 100, controlled switches 120, 122, and 124, and end hosts 130 and 134, as depicted in FIG. 1 , represent the logical communication paths between these devices, not necessarily the physical paths between the devices.
[0020] In the example shown, controlled switch 120 includes network ports A1 and A2, the controlled switch 122 includes network ports B1 and B2, and the controlled switch 124 includes network ports C1 and C2, although additional network ports may be present. Port A1 of controlled switch 120 is connected to end host 130 while port A2 is communicatively coupled to port B1 of controlled switch 122. Port B2 of controlled switch 122 is communicatively coupled to port CI of controlled switch 124. Port C2 of controlled switch 124 is communicatively coupled to end host 134. In this way, the end hosts, controlled switches, and network controller are said to form a network. In examples, the network may be homogenous (i.e., made up of the same types and/or configurations of network devices) or heterogeneous (i.e., made up of different types and/or configurations of network devices).
[0021] The dotted line denotes network traffic being sent from end host 130 to end host 134. When this occurs, the network traffic is sent from the end host 130 to the controlled switch 120 and is received through port A1 . The network traffic is then relayed by controlled switch 120 to controlled switch 122 via the link between ports A2 and B1 . Similarly, the network traffic is relayed by controlled switch 122 to controlled switch 124 via the link between ports B2 and C1. Finally, the network traffic is relayed by controlled switch 124 to the end host 134 through port C2. The link structure between the controlled switches may be known to the networking device 100 as it may be stored in link DB 106 which may be any appropriate time of database, data store, or other storage medium. For example, a table in link DB 108 may show the following links: j Controlled Switch 120, Port A2 <===> j Controlled Switch 122, Port B1 j Controlled Switch 122, Port B2 <===> j Controlled Switch 124, Port C1
[0022] Additionally, each (or some) of the plurality of controlled switches 120, 122, and 124 may include additional ports (not shown) for connecting the controlled switches to the network controller 100. These links are illustrated by the dashed lines 140, 142, and 144, across which, network traffic may be copied or taken from the controlled switches to the network controller 100 through a control plane 150 (or similar transmission layer) of the network. This enables the network controller 100 to listen for packets transmitted within the network to identify where end host devices are located (i.e., to which controlled switch the end host is connected).
[0023] When a controlled switch, such as the controlled switches 120, 122, and/or 124, receives network traffic (e.g., data packets), each of the controlled switches 120, 122, and 124 transmit a copy of that packet to the network controller 100. However, in other examples, packets from a certain protocol (e.g., ARP or DHCP) or the first packet of unique transmissions flows from a specific host may be copied or sent to the network controller 100. The network controller 100 may examine source information from copied packets and then using this information to determine where an end host resides. From this information, the edge switch detection module 1 10 of the network controller 100 can determine that the controlled switch 120 received a packet at port A1 of the controlled switch 120 and that the data packet was retransmitted (or relayed) to the controlled switch 122 via port A2 of controlled switch 120. Similarly, the edge switch detection module 1 10 can determine that the controlled switch 122 received a packet at port B1 of the controlled switch 122 and that the data packet was retransmitted to the controlled switch 122 via port B2. The edge switch detection module 1 10 can also determine that the controlled switch 124 received a packet at port CI of the controlled switch 124 and that the data packet was retransmitted to end host 134 via port C2. This occurs in addition to the original network traffic packet being transmitted through the controlled switches 120, 122, and 124 from end host 130 to end host 134, as described above, in another implementation, the controlled switch may indicate to the network controller 100 that a packet was received, at which port the packet was received, and/or at which port the packet was retransmitted.
[0024] In the case where end host 130 transmits network traffic to end host 134 (i.e., a unicast transmission), the edge switch detection module 1 10 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network. In other examples, the network traffic may be transmitted in as broadcast/multicast traffic which is intended to be received by the end host. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across controlled switches 120, 122, and 124. In particular, the edge switch detection module 1 10 may analyze the particular links traversed by the network traffic, if the network traffic is observed to traverse a link known as being between two controlled switches (such as the link between port A2 of controlled switch 120 and port B1 of controlled switch 122), then the controlled switch 122 (i.e., the controlled switch receiving the transmission over the known link) can be eliminated as not being an edge switch for end host 130. Likewise, if the network traffic is observed to traverse the link between port B2 of controlled switch 122 and port C1 of controlled switch 124, then the controlled switch 124 can be eliminated as not being an edge switch for end host 130. By eliminating the switches which are not edge switches by analyzing the network traffic traversing the network as compared to the known links between the controlled switches, the edge switch detection module 1 10 can determine which of the controlled switches 120, 122, and 124 are edge switches for a particular host. In the example illustrated in FIG. 1 , controlled switch 120 is an edge switch for end host 130.
[0025] FIGs. 2A and 2B illustrate a block diagram of a network controller 200 to determine an edge switch for a particular end host within a network. The network controller 200 may be a computing system to monitor and manage network attached switches, in an example, the network controller 200 includes an edge switch detection module 210 for determining an edge switch for a particular end host within a network. The network controller 200 may include various additional hardware components (not shown), including processing resources, memory resources, networking resources, storage resources, and the like, in an example, the network controller 200 may include a database, such as link DB 206. However, in other examples, the link DB 206 may be separate from, but communicatively coupled to, the network controller 200.
[0026] The network controller 200 is connected to a plurality of network switches, such as controlled switches 220, 222, 224, and 226. in this way, the network controller 200 is said to control the controlled switches. The plurality of network switches may each include one or more network ports. These network ports are utilized in communicatively coupling a switch to another networkable device, such as an end host device, another switch, a router, or another network device. These communicative couplings are referred to as links within the network.
[0027] The network represents generally hardware components and computers interconnected by communications channels that allow sharing of resources and information. The network may include one or more of a cable, wireless, fiber optic, or remote connection via a telecommunication link, an infrared link, a radio frequency link, or any other connectors or systems that provide e!ectronic communication. The network may include, at least in part, an Intranet, the internet, or a combination of both, in another example, the network may be a software defined network. The network may also include intermediate proxies, routers, switches, load balancers, and the like. The paths followed by network between the various components such as network controller 200, controlled switches 220, 222, 224, and 226, uncontrolled switch 228, and end hosts 230, 234, and 238, as depicted in FIG. 2, represent the logical communication paths between these devices, not necessarily the physical paths between the devices.
[0028] In the example shown, controlled switch 220 includes network ports A1 and A2, the controlled switch 222 includes network port B1 , the controlled switch 224 includes network ports C1 , C2, and C3, and the controlled switch 226 includes network port D1 , although additional network ports may be present. Port A1 of controlled switch 220 is connected to end host 230 while port A2 is communicatively coupled to a port of uncontrolled switch 228. Port B1 of controlled switch 222 is communicatively coupled to a port of uncontrolled switch 228, as is port C1 of controlled switch 224. Port C2 of controiled switch 224 is communicatively coupled to end host 234 while port C3 is communicatively coupled to port D1 of controlled switch 226. In this way, the end hosts, controlled switches, uncontrolled switch, and network controller are said to form a network. In examples, the network may be homogenous (i.e., made up of the same types and/or configurations of network devices) or heterogeneous (i.e., made up of different types and/or configurations of network devices),
[0029] The dotted line in FIG, 2A denotes network traffic being sent from end host 230 to end host 234. When this occurs, the network traffic is sent from the end host 230 to the controlled switch 220 and is received through port A1 . The network traffic is then relayed by controlled switch 220 to controlled switches 222 and 224 via the links between ports A2 of controlled switch 220 and ports B1 and C1 of controlled switches 222 and 224 respectively through the uncontrolled switch 228. The network traffic is then relayed by controlled switch 224 to the end host 234 through port C2 and to controlled switch 226 via the link between ports C3 of controlled switch 224 and D1 of controiled switch 226. _ g _
[0030] The link structure between the controlied switches may be known to the networking device 200 as it may be stored in link DB 208 which may be any appropriate time of database, data store, or other storage medium. For example, a table in link DB 208 may show the following links:
\ Controlled Switch 220, Port A2 <== =-> \ Controlled Switch 222, Port B1
\ Controlled Switch 220, Port A2 <== ==> j Controlled Switch 224, Port C1 j Controlled Switch 222, Port B1 <== ==> j Controlied Switch 224, Port C1 j Controlled Switch 224, Port C3 <== j Controlled Switch 228, Port D1
[0031] Additionaily, each (or some) of the p!uraiity of controlled switches 220, 222, 224, and 226 may include additional ports (not shown) for connecting the controlled switches to the network controller 200. These links are illustrated by the dashed lines 240, 242, 244, and 246 across which, network traffic may be copied from the controlled switches to the network controller 200 through a control plane 250 (or similar transmission layer) of the network. This enables the network controller 200 to listen for packets transmitted within the network to identify where end host devices are located (i.e., to which controlled switch the end host is connected).
[0032] When a controlled switch, such as the controlied switches 220, 222, 224, and/or 226, receives network traffic (e.g., data packets), each of the controlled switches 220, 222, 224, and 226 transmit a copy of that packet to the network controller 200. However, in other examples, packets from a certain protocol (e.g., ARP or DHCP) or the first packet of unique transmissions flows from a specific host may be copied or sent to the network controller 200. The network controller 200 may examine source information from copied packets and then using this information to determine where an end host resides. From this information, the edge switch detection module 210 of the network controller 200 can determine that the controlled switch 220 received a packet at port A1 of the controlied switch 220 and that the data packet was retransmitted (or relayed) to the controlled switches 222 and 224 via port A2 of controlled switch 220. Similarly, the edge switch detection module 210 can determine that the controlled switches 222 and 224 received a packet at ports B1 and C1 respectively. The edge switch detection module 210 can also determine that the controlled switch 224 received a packet at port C1 of the controlled switch 224 and that the data packet was retransmitted to end host 234 via port C2 and to controlled switch 226. The edge switch detection module 210 can also determine that the controlled switch 226 received a packet at port D1 from port C3 of controlled switch 224. This occurs in addition to the original network traffic packet being transmitted through the controiled switches 220, 222, 224, and 226 and uncontrolled switch 228 from end host 230 to end host 234, as described above. In another implementation, the controlled switch may indicate to the network controller 200 that a packet was received, at which port the packet was received, and/or at which port the packet was retransmitted.
[0033] In the case where end host 230 transmits network traffic to end host 234 (i.e., a unicast transmission), the edge switch defection module 210 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network. In other examples, the network traffic may be transmitted in as broadcast/multicast traffic which is intended to be received by the end host. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across controiled switches 220, 222, 224, and 226. in particular, the edge switch detection module 210 may analyze the particular links traversed by the network traffic, if the network traffic is observed to traverse a link known as being between two controlled switches (such as the link between port A2 of controlled switch 220 and port B1 of controiled switch 222) but crossing one or more uncontrolled switches, then the controiled switch 222 (i.e., the controlled switch receiving the transmission over the known link) can be eliminated as not being an edge switch for end host 230. Likewise, if the network traffic is observed to traverse the link between port C3 of controiled switch 224 and port D1 of controlled switch 226, then the controiled switch 224 can be eliminated as not being an edge switch for end host 230. By eliminating the switches which are not edge switches by analyzing the network traffic traversing the network as compared to the known links between the controiled switches, the edge switch detection module 210 can determine which of the controlled switches 220, 222, 224, and 226 are edge switches for a particular host. In the example illustrated in FIG. 2A, controlled switch 220 is an edge switch for end host 230.
[0034] The dotted line in FIG. 2B denotes network traffic being sent from end host 238 to end host 234. When this occurs, the network traffic is sent from the end host 238 to the controlled switches 220, 222, and 224 through the uncontrolled switch 228 and is received through port A2 of controlled switch 220, port B1 of controlled switch 222, and port C1 of controlled switch 224. The network traffic is then relayed by controlled switch 224 to controlled switch 226 via the link between ports C3 of controlled switch 224 and port D1 of controlled switches 226. The network traffic is also relayed by controlled switch 224 to the end host 234 through port C2.
[0035] The link structure between the controlled switches may be known to the networking device 200 as it may be stored in link DB 206 which may be any appropriate time of database, data store, or other storage medium. For example, a table in link DB 206 may show the following links:
! Controlled Switch 220, Port A2 < = : :=> j Controlled Switch 222, Port B1 j Controlled Switch 220, Port A2 < = ; j Controlled Switch 224, Port C1 j Controlled Switch 222, Port B1 < = : = =:> j Controlled Switch 224, Port C1
\ Controlled Switch 224, Port C3 ™ - \ Controlled Switch 226, Port D1
[0036] Additionally, each (or some) of the plurality of controlled switches 220, 222, 224, and 226 may include additional ports (not shown) for connecting the controlled switches to the network controller 200. These links are illustrated by the dashed lines 240, 242, 244, and 246 across which, network traffic may be copied from the controlled switches to the network controller 200 through a control plane 250 (or similar transmission layer) of the network. This enables the network controller 200 to listen for packets transmitted within the network to identify where end host devices are located (i.e., to which controlled switch the end host is connected). [0037] When a controlled switch, such as the controlled switches 220, 222, 224, and/or 226, receives network traffic (e.g., data packets), each of the controlled switches 220, 222, 224, and 226 transmit a copy of that packet to the network controller 200. However, in other examples, packets from a certain protocol (e.g., ARP or DHCP) or the first packet of unique transmissions flows from a specific host may be copied or sent to the network controller 200. The network controller 200 may examine source information from copied packets and then using this information to determine where an end host resides. From this information, the edge switch detection module 210 of the network controller 200 can determine that the controlled switches 220, 222, and 224 received a packet at ports A2, B1 , and C1 respectively. Similarly, the edge switch detection module 210 can determine that the controlled switch 226 received a packet at port D1 and that the data packet was retransmitted to end host 234 via port C2 by controlled switch 224. In another implementation, the controlled switch may indicate to the network controller 200 that a packet was received, at which port the packet was received, and/or at which port the packet was retransmitted.
[0038] In the case where end host 238 transmits network traffic to end host 234 (i.e., a unicast transmission), the edge switch detection module 210 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network. In other examples, the network traffic may be transmitted in as broadcast/multicast traffic which is intended to be received by the end host. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across controlled switches 220, 222, 224, and 226. in particular, the edge switch detection module 210 may analyze the particular links traversed by the network traffic, if the network traffic is observed to traverse a link known as being between two controlled switches (such as the link between port C3 of controlled switch 224 and port D1 of controlled switch 226), then the controlled switch 226 (i.e., the controlled switch receiving the transmission over the known link) can be eliminated as not being an edge switch for end host 238. By eliminating the switches which are not edge switches by analyzing the network traffic traversing the network as compared to the known links between the controlled switches, the edge switch detection module 210 can determine which of the controlled switches 220, 222, 224, and 226 are edge switches for a particular host, in the example illustrated in FIG. 2B, controlled switches 220, 222, and 224 are edge switches for end host 238.
[0039] FIGs. 3A and 3B illustrate a block diagram of a network controller 300 having an edge switch detection module 310 to determine an edge switch for a particular end host within a network according to examples of the present disclosure. FIGs. 3A and 3B include particular components, modules, etc. according to various examples. However, in different implementations, more, fewer, and/or other components, modules, arrangements of components/modules, etc. may be used according to the teachings described herein, in addition, various components, modules, etc. described herein may be implemented as one or more software modules, hardware modules, special-purpose hardware (e.g., application specific hardware, application specific integrated circuits (ASICs), embedded controllers, hardwired circuitry, etc.), or some combination of these.
[0040] It should be understood that the network controller 300 may include any appropriate type of computing system or computing device, including for example smartphones, tablets, desktops, laptops, workstations, servers, smart monitors, smart televisions, digital signage, scientific instruments, retail point of sale devices, video wails, imaging devices, peripherals, networking devices, or the like.
[0041] The network controller 300 may include a processing resource 302 that represents generally any suitable type or form of processing unit or units capable of processing data or interpreting and executing instructions. The instructions may be stored on a non-transitory tangible computer-readable storage medium, such as a memory resource 304 in FIG. 3B, or on a separate device (not shown), or on any other type of volatile or non-volatile memory that stores instructions to cause a programmable processor to perform the techniques described herein. Alternatively or additionally, the network controller 300 may include dedicated hardware, such as one or more integrated circuits, Application Specific Integrated Circuits (ASICs), Application Specific Special Processors (ASSPs), Field Programmable Gate Arrays (FPGAs), or any combination of the foregoing examples of dedicated hardware, for performing the techniques described herein, in some implementations, multiple processors may be used, as appropriate, along with multiple memories and/or types of memory.
[0042] In addition to the processing resource 302 and the memory resource 304, the network controller 300 includes an edge switch detection module 310. The edge switch detection module 310 determines whether a switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network. This may occur, for example, by comparing the known links between controlled switches to the network traffic observed across the controlled switches. In particular, the edge switch detection module 310 may analyze the particular links traversed by the network traffic. If the network traffic is observed to traverse a link known as being between two controlled switches, then the controlled switch receiving the transmission over the known link can be eliminated as not being an edge switch for the particular end host. By eliminating the switches which are not edge switches by analyzing the network traffic traversing the network as compared to the known links between the controlled switches, the edge switch detection module 310 can determine which of the controlled switches are edge switches for a particular host.
[0043] The edge switch detection module 310 utilizes known links between the controlled switches in determining an edge switch for a particular end host. These known links are stored in a link database accessible to the network controller 300, such as link DB 306. The link DB 308 may be a part of the network controller 300, may be attached to the network controller 300, or may be accessible via a remote connection, such as via a network connection. The link DB 306 may be any suitable data store or database for storing information such as link information between the controlled switches. The link information may be manually input into the link DB 306, or the information may be automatically determined, for example, by the network controller 300, or by another suitable device or system.
[0044] In one example, the modu!e(s) described herein may be a combination of hardware and programming. The programming may be processor executable instructions stored on a tangible memory resource such as memory resource 304, and the hardware may include processing resource 302 for executing those instructions. Thus memory resource 304 can be said to store program instructions that when executed by the processing resource 302 implement the modules described herein. Other modules may also be utilized to perform the functionality described herein.
[0045] FIG. 4 illustrates a flow diagram of a method 400 for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure. The method 400 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B or may be stored as instructions on a non- transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 400. In one example, method 400 may include: receiving, by a computing system, network traffic from a network switch within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network (block 402); and determining, by the computing system, whether the switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network (block 404).
[0046] At block 402, the method 400 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B) receiving network traffic from a network switch (e.g., controlled switches 120, 122, and 124 of FIG. 1 and/or controlled switches 220, 222, 224, and 226 of FIGs. 2A and 2B) within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network. The request may be generated at the network controller automatically or manually by a user. The request may indicate the particular host for which the edge switches are to be determined. The method 400 continues to block 404.
[0047] At block 404, the method 400 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B) determining whether the switch (e.g., controlled switches 120, 122, and 124 of FIG. 1 and/or controlled switches 220, 222, 224, and 226 of FIGs. 2A and 2B) is an edge switch based on analyzing the network traffic sent by the particular end host through the network. The analysis may include analyzing the network traffic in comparison to a set of known links between controlled switches and determining, based on the comparison to the known links, which switches are edge switches for the particular end host. For example, a controlled switch receiving network traffic from a particular host over a known link to another controlled switch is not an edge switch for that particular host, in this way, controlled switches can be eliminated as edge switches for a particular host, and any switches remaining in the set of controlled switches would be considered to be edge switches.
[0048] Additional processes also may be included, and it should be understood that the processes depicted in FIG. 4 represent illustrations, and that other processes may be added or existing processes may be removed, modified, or rearranged without departing from the scope and spirit of the present disclosure.
[0049] FIG. 5 illustrates a flow diagram of a method 500 for determining an edge switch for a particular end host by analyzing at least a portion of the network traffic sent by the particular end host according to examples of the present disclosure. The method 500 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of F!Gs. 2A and 2B or may be stored as instructions on a non- transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 500. In one example, method 500 may include: receive a request to identify edge switches for a particular end host in a controlled network (block 502); retrieve a set of switches in the controlled domain from a database (504); and determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network (block 508).
[0050] At block 502, the method 500 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B) receiving a request to identify edge switches for a particular end host in a controlled network. The request may be generated at the network controller automatically or manually by a user. The request may indicate the particular host for which the edge switches are to be determined. The method 500 continues to block 504. [0051] At block 504, the method 500 includes a computing system (e.g. network controller 100 of FIG. 1 and/or network controller 200 of FiGs. 2A and 2B) retrieving a set of switches in the controlled network from a database. The switches in the set of switches are controlled switches with known links among one another. The method 500 then continues to block 506.
[0052] At block 506, the method 500 includes determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network. The analysis may include analyzing the network traffic in comparison to a set of known links between controlled switches and determining, based on the comparison to the known links, which switches in the set of switches are edge switches for the particular end host. For example, a controlled switch receiving network traffic from a particular host over a known link to another controlled switch is not an edge switch for that particular host. In this way, controlled switches can be eliminated as edge switches from the set of switches for a particular host, and any switches remaining in the set of controlled switches would be considered to be edge switches.
[0053] Additional processes also may be included. For example, the method 500 may include adding the switch to a set of edge switches for the particular host responsive to determining that a switch in the set of switches is an edge switch for the particular end host. It should be understood that the processes depicted in FIG. 4 represent illustrations, and that other processes may be added or existing processes may be removed, modified, or rearranged without departing from the scope and spirit of the present disclosure.
[0054] FIG. 6 illustrates a flow diagram of a method 600 for finding edge switches according to examples of the present disclosure. The method 600 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B or may be stored as instructions on a non-transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 600. [0055] In an example, method 600 includes receiving a request to find at switches for a particular host in a controlled network (block 602). The method 600 then proceeds to receiving a set of switches in the controlled network (block 604) which received from a database containing a set of switches (block 606).
[0056] Next, the method 600 iterates over for each switch and a set of switches (block 608). The iteration first determines whether there are more switches in a set of switches that have yet to be analyzed (block 610). If there are more switches in the set of switches to be analyzed, a switch is selected from the set of switches (block 612) and it is determined whether that switch is an edge switch (block 614). If the switch is determined not to be an edge switch, the for loop recycles, but if the switch is determined to be an edge switch the switches added to the set of edge switches for the particular host (616).
[0057] Once the iteration cycles through each of the switches the set of switches, and there are no more switches in a set of switches to be analyzed, the method 600 returns the edge switches for the particular host (block 618). The method 600 then terminates.
[0058] Additional processes also may be included, and it should be understood that the processes depicted in FIG. 6 represent illustrations, and that other processes may be added or existing processes may be removed, modified, or rearranged without departing from the scope and spirit of the present disclosure.
[0059] FIGs. 7A and 7B illustrate a flow diagram of a method for determining whether a switch is an edge switch according to examples of the present disclosure. The method 700 may be executed by a computing system or a computing device such as network controller 100 of FIG. 1 and/or network controller 200 of FIGs. 2A and 2B or may be stored as instructions on a non- transitory computer-readable storage medium that, when executed by a processor, cause the processor to perform the method 700.
[0060] In an example, method 700 includes receiving a request to determine whether a switch (S) is an edge switch for host (H) (block 702). Next, it is determined whether the host (H) is observed on the switch (S) (block 704). If not, switch (8) is not an edge switch for host (H) (block 706). if, however, it is determined that host (H) is observed on the switch S, a database is queried to find the ports on the switch where host H has been observed (block 708). Then, the set of ports (Ps) is stored (block 710). A database (such as link DB 106 of FIG. 1 and/or link DB 108 of FIGs. 2A and 2B) is then queried to find the inter-switch links from the set of ports (Ps). The set of links (Ls) is then stored (block 712).
[0061] Next, the method 700 iterates over for each link (L) in the set of links (Ls) (block 714). The iteration first determines whether there are any more links (L) (block 718), and if not, switch (S) is an edge switch for host (H) (block 718). However, if it is determined that there are more links (L), then an inter-switch link (L) is removed from the set of links (Ls) (block 720) and a set of ports on the destination of (L) (e.g., the switch on the other end of the inter-switch link from switch (S)) are retrieved (block 722). Next, it is determined whether the set of links is empty (block 724). If so, the iteration cycles back to determine whether more links (L) are present (block 716). However, if not, it is determined whether the set of links contained the link destination port (block 726), and if so, the iteration cycles back to determine whether more links (L) are present (block 716). However, if not, it is therefore determined that switch (S) is not an edge switch for host (H) (block 728). The method 700 terminates.
[0082] It should be noted that the flow diagram of method 700 illustrated in FIG. 7 represents finding an edge switch for a particular host provides a general analysis algorithm for determining an edge switch which traverses each of the set of edge switches. However, in other implementations, the method 700 may be modified by eliminating the determination of whether the set of links contained the link destination port at block 726 and may instead iterate back to the top of the procedure to operate on the link destination switch rather than just the next switch in the set. In this way, in a topology where there are numerous of controlled switches, but a specific host's traffic is seen on a handful of those switches, the method 700 may be optimized using recursion and iterating from a starting point.
[0063] Additional processes also may be included, and it should be understood that the processes depicted in FIG. 7 represent illustrations, and that other processes may be added or existing processes may be removed, modified, or rearranged without departing from the scope and spirit of the present disclosure. [0064] It should be emphasized that the above-described examples are merely possible examples of implementations and set forth for a clear understanding of the present disclosure. Many variations and modifications may be made to the above-described examples without departing substantially from the spirit and principles of the present disclosure. Further, the scope of the present disclosure is intended to cover any and all appropriate combinations and subcombinations of ail elements, features, and aspects discussed above. All such appropriate modifications and variations are intended to be included within the scope of the present disclosure, and ail possible claims to individual aspects or combinations of elements or steps are intended to be supported by the present disclosure.

Claims

WHAT IS CLAIMED IS:
1. A method comprising:
receiving, by a computing system, network traffic from a network switch within a network responsive to a request to determine whether the switch is an edge switch for a particular end host within the network; and
determining, by the computing system, whether the switch is an edge switch based on analyzing the network traffic sent by the particular end host through the network.
2. The method of claim 1 , wherein analyzing the network traffic sent by the particular end host through the network further comprises:
determining, by the computing system, whether network traffic from the end host was observed on the switch; and
responsive to determining that network traffic from the host was not observed on the switch, determining that the switch is not an edge switch.
3. The method of claim 1 , wherein analyzing the network traffic sent by the particular end host through the network further comprises:
comparing, by the computing system, a port of the switch to a set of known links between a set of switches, wherein the switch is a member of the set of switches.
4. The method of claim 1 , wherein the network is a software defined network.
5. A system comprising:
a processing resource;
a link database to store a set of known links between a set of controlled switches within a controlled network;
an edge switch detection module, executable by the processing resource, to determine which of the set of controlled switches are edge switches for a particular host based on analyzing network traffic sent by the particular end host through the network of controlled switches utilizing the set of known links.
6. The system of claim 5, wherein analyzing the network traffic sent by the particular end host through the network further comprises:
determining, by the computing system, whether network traffic from the end host was observed on the switch.
7. The system of claim 6, wherein analyzing the network traffic sent by the particular end host through the network further comprises:
responsive to determining that network traffic from the host was not observed on the switch, determining that the switch is not an edge switch.
8. The system of claim 5, wherein analyzing the network traffic sent by the particular end host through the network further comprises:
comparing, by the computing system, a port of the switch to the set of known links between the set of switches.
9. The method of claim 1 , wherein the network is a software defined network.
10. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor, cause the processor to:
receive a request to identify edge switches for a particular end host in a controlled network;
retrieve a set of switches in the controlled network from a database; and determine whether each switch in the set of switches is an edge switch for the particular end host by analyzing network traffic sent by the particular end host through the controlled network.
1 1 . The computer-readable storage medium of claim 1 1 , further storing instructions that cause the processor to: responsive to determining that a switch in the set of switches is an edge switch for the particular end host, add the switch to a set of edge switches for the particular host.
12. The computer-readable storage medium of claim 1 1 , wherein analyzing the network traffic sent by the particular end host through the controlled network further comprises:
determining, by the computing system, whether network traffic from the end host was observed on the switch.
13. The computer-readable storage medium of claim 12, wherein analyzing the network traffic sent by the particular end host through the controlled network further comprises:
responsive to determining that network traffic from the host was not observed on the switch, determining that the switch is not an edge switch.
14. The computer-readable storage medium of claim 1 1 , wherein analyzing the network traffic sent by the particular end host through the controlled network further comprises:
comparing, by the computing system, a port of the switch to a set of known links between a set of switches, wherein the switch is a member of the set of switches.
15. The computer-readable storage medium of claim 1 1 , wherein the controlled network is a software defined network.
PCT/US2014/040285 2014-05-30 2014-05-30 Determine edge switch based on network traffic WO2015183311A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2014/040285 WO2015183311A1 (en) 2014-05-30 2014-05-30 Determine edge switch based on network traffic

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2014/040285 WO2015183311A1 (en) 2014-05-30 2014-05-30 Determine edge switch based on network traffic

Publications (1)

Publication Number Publication Date
WO2015183311A1 true WO2015183311A1 (en) 2015-12-03

Family

ID=54699462

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2014/040285 WO2015183311A1 (en) 2014-05-30 2014-05-30 Determine edge switch based on network traffic

Country Status (1)

Country Link
WO (1) WO2015183311A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100008262A1 (en) * 2007-04-12 2010-01-14 Fujitsu Limited Signaling apparatus and signaling method
US20110019586A1 (en) * 2005-12-22 2011-01-27 Amdocs Systems Limited Method, system and apparatus for communications circuit design
US20120155467A1 (en) * 2010-12-17 2012-06-21 Guido Appenzeller Methods for configuring network switches
US8406128B1 (en) * 2010-06-29 2013-03-26 Amazon Technologies, Inc. Efficient highly connected data centers
US8631094B1 (en) * 2008-08-08 2014-01-14 Google Inc. Distributed parallel determination of single and multiple source shortest paths in large directed graphs

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110019586A1 (en) * 2005-12-22 2011-01-27 Amdocs Systems Limited Method, system and apparatus for communications circuit design
US20100008262A1 (en) * 2007-04-12 2010-01-14 Fujitsu Limited Signaling apparatus and signaling method
US8631094B1 (en) * 2008-08-08 2014-01-14 Google Inc. Distributed parallel determination of single and multiple source shortest paths in large directed graphs
US8406128B1 (en) * 2010-06-29 2013-03-26 Amazon Technologies, Inc. Efficient highly connected data centers
US20120155467A1 (en) * 2010-12-17 2012-06-21 Guido Appenzeller Methods for configuring network switches

Similar Documents

Publication Publication Date Title
US9225641B2 (en) Communication between hetrogenous networks
US9184995B2 (en) Traffic visibility in an open networking environment
US20160301603A1 (en) Integrated routing method based on software-defined network and system thereof
US20150281075A1 (en) Method and apparatus for processing address resolution protocol (arp) packet
US11184267B2 (en) Intelligent in-band telemetry auto-configuration for IP networks
US9876712B2 (en) Method and device for processing address resolution protocol in software-defined networking environment
JP7058270B2 (en) Routing within a hybrid network
KR101604970B1 (en) Finding services in a service-oriented architecture(soa) network
CN109361600B (en) Method and equipment for acquiring path identifier
US20170048157A1 (en) Intelligent Software-Defined Networking Based Service Paths
US9007962B2 (en) Deadlock-free routing using edge-disjoint sub-networks
CN104394080A (en) Method and device for achieving function of security group
CN103326948B (en) A kind of exchange processing system and method
US10367686B2 (en) Automatically detecting roles of nodes in layered network topologies
US9954775B2 (en) Software-defined network (SDN) system using host abstraction, and method for implementing the same
EP3183831B1 (en) Software defined networking portal
US20150002616A1 (en) Apparatus and method for processing multicast traffic in openflow environment
CN109474507A (en) A kind of message forwarding method and device
US20170041229A1 (en) Method, Apparatus and System for Communication Between OpenFlow Device and IP Network Device
EP3262802B1 (en) Automatic discovery and provisioning of multi-chassis etherchannel peers
US20160099862A1 (en) Redundant network formation
CN104967572A (en) Network access method, apparatus and equipment
CN105262686B (en) Network connectivity verification method and device
CN105978699B (en) The method and system of tracking features is carried out for across a network
EP3468286A1 (en) Method, device and system for data transmission, physical residential gateway and access node

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14892994

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14892994

Country of ref document: EP

Kind code of ref document: A1