WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
Method and apparatus for viewing and managing a configuration of a computer network    

Get related patents on CD
United States Patent5926463   
Link to this pagehttp://www.wikipatents.com/5926463.html
Inventor(s)Ahearn; Michael J. (Gorham, ME), Baryiames; Konstantinos (Merrimack, NH), Black; Darryl (Merrimack, NH), Ciampa; Robert A. (Andover, MA), Emken; James (Arlington, MA), Nelson; William (Auburn, MA), Sulc; Peter J. (Pepperall, MA), Xiang; Jing (Westford, MA)
AbstractA method and apparatus for viewing a configuration of a computer network by polling a plurality of switches and routers present in the network to obtain copies of information stored in databases on the switches and routers. The present invention determines from this combined database is the status of the links, switches and routers, as well as uses software tools to determine the status of the network and its devices. The devices are then graphically displayed according to physical connectivity and status. Each status being displayed differently.
   














 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History Custom Search
Drawing from US Patent 5926463
Method and apparatus for viewing and managing a configuration of a computer network - US Patent 5926463 Drawing
Method and apparatus for viewing and managing a configuration of a computer network
Inventor     Ahearn; Michael J. (Gorham, ME) , Baryiames; Konstantinos (Merrimack, NH) , Black; Darryl (Merrimack, NH) , Ciampa; Robert A. (Andover, MA) , Emken; James (Arlington, MA) , Nelson; William (Auburn, MA) , Sulc; Peter J. (Pepperall, MA) , Xiang; Jing (Westford, MA)
Owner/Assignee     3Com Corporation (Santa Clara, CA)
Patent assignment
All assignments
Company News
Publication Date     July 20, 1999
Application Number     08/943,769
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     October 6, 1997
US Classification     370/254 370/410 370/451
Int'l Classification    
Examiner     Vu; Huy D.
Assistant Examiner     Boakye; Alexander
Attorney/Law Firm     McGlew and Tuttle
Address
Parent Case    
Priority Data    
USPTO Field of Search     370/254 370/255 370/400 370/401 370/402 370/403 370/404 370/389 370/390 370/331
Patent Tags     viewing managing configuration a computer network
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5818842
Burwell

Oct,1998
[0 after 0 votes]		5515376
Murthy
370/402
May,1996
[0 after 0 votes]
5487065
Acampora
370/331
Jan,1996
[0 after 0 votes]		5274631
Bhardwaj
370/401
Dec,1993
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B

[0 market size comments]
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%

[0 market share comments]
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%

[0 reasonable royalty comments]
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A

[0 Guesstimation of Royalty Value Comments]
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
[0 license availability comments]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
[0 owner/assignee comments]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]

[0 competitive advantage comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]

[0 commercial alternatives comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


What is claimed is:

1. A method for viewing a configuration of a computer network, the method comprising:

providing a plurality of workstations communicating by frames and packets though a plurality of links connected to a plurality of switches and a plurality of routers, each of said plurality of switches having a MAC database storing information regarding the quantity of frames received by a respective said switch and indicating where a frame received on one of said links of said respective switch is transferred to another of said links of a respective said switch, said packets having an IP address of a destination workstation, each of said plurality of routers having an IP database storing information regarding the quantity of packets received by a respective said router and indicating onto which of said links a received packet having a specific IP address is to be transferred to;

polling said plurality of switches and routers to obtain copies of each of said MAC and IP lookup tables;

combining said polled lookup tables;

determining from said combined lookup tables a status of each of said links, said switches and said routers;

graphically displaying said plurality of workstations, links, switches and routers according to physical connectivity and status, each status being displayed differently.

2. A method in accordance with claim 1, further comprising:

determining a critical path of said packets from one of said workstations to another of said workstations;

displaying said critical path.

3. A method in accordance with claim 2, further comprising:

displaying said critical path with said displaying of said physical connectivity and status.

4. A method in accordance with claim 3, wherein:

each of said plurality of routers has a IP address lookup table indicating onto which of said links a packet having a specific IP address is to be transferred to, said each routers having multicast means for receiving a multicast packet on one of said links and forwarding said multicast packet to a subset of said links according to a multicast tree table;

polling is performed on said plurality of routers to obtain copies of each of said IP lookup tables, and said multicast tree tables;

said polled multicast tree tables are combined to determine a presence and content of any existing multicast trees;

graphically displaying said contents of said any existing multicast trees with said displaying of said physical connectivity and status.

5. A method in accordance with claim 3, wherein:

said plurality of switches have a plurality of said links between themselves, said plurality of switches operate a spanning tree protocol to individually activate and deactivate said plurality of links between said switches, each of said plurality of switches having a MAC address lookup table indicating where a frame received on one of said links is transferred to another of said links;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said links are activated and deactivated;

displaying said activated links differently than said deactivated links with said displaying of said physical connectivity and status.

6. A method in accordance with claim 3, wherein:

said plurality of switches have a plurality of said links between themselves, each of said plurality of switches having an address MAC lookup table indicating where a frame received on one of said links is transferred to another of said links, a subset of said plurality of links being combined by said switches and said MAC lookup table into a trunk line transferring data in parallel over said subset of links;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said links are formed into said trunk line;

displaying said trunk line differently than said links and with said displaying of said physical connectivity and status.

7. A method in accordance with claim 3, wherein:

a subset of said workstations communicate through said switches according to a ring protocol, each of said plurality of switches having an address MAC lookup table indicating where a frame received on one of said links is transferred to another of said links according to said ring protocol;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said workstations are in said subset and are participating in said ring protocol;

displaying said subset of workstations as a ring with said displaying of said physical connectivity and status.

8. A method in accordance with claim 1, wherein:

each of said plurality of routers has a IP address lookup table indicating onto which of said links a packet having a specific IP address is to be transferred to, said each routers having multicast means for receiving a multicast packet on one of said links and forwarding said multicast packet to a subset of said links according to a multicast tree table;

polling is performed on said plurality of routers to obtain copies of each of said IP lookup tables, and said multicast tree tables;

said polled multicast tree tables are combined to determine a presence and content of any existing multicast trees;

graphically displaying said contents of said any existing multicast trees.

9. A method in accordance with claim 8, further comprising:

displaying said any existing multicast trees with said displaying of said physical connectivity and status.

10. A method in accordance with claim 9, wherein:

said plurality of switches have a plurality of said links between themselves, said plurality of switches operate a spanning tree protocol to individually activate and deactivate said plurality of links between said switches, each of said plurality of switches having a MAC address lookup table indicating where a frame received on one of said links is transferred to another of said links;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said links are activated and deactivated;

displaying said activated links differently than said deactivated links with said displaying of said physical connectivity and status.

11. A method in accordance with claim 9, wherein:

said plurality of switches have a plurality of said links between themselves, each of said plurality of switches having an address MAC lookup table indicating where a frame received on one of said links is transferred to another of said links, a subset of said plurality of links being combined by said switches and said MAC lookup table into a trunk line transferring data in parallel over said subset of links;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said links are formed into said trunk line;

displaying said trunk line differently than said links and with said displaying of said physical connectivity and status.

12. A method in accordance with claim 9, wherein:

a subset of said workstations communicate through said switches according to a ring protocol, each of said plurality of switches having an address MAC lookup table indicating where a frame received on one of said links is transferred to another of said links according to said ring protocol;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said workstations are in said subset and are participating in said ring protocol;

displaying said subset of workstations as a ring with said displaying of said physical connectivity and status.

13. A method in accordance with claim 1, wherein:

said plurality of switches have a plurality of said links between themselves, said plurality of switches operate a spanning tree protocol to individually activate and deactivate said plurality of links between said switches, each of said plurality of switches having a MAC address lookup table indicating where a frame received on one of said links is transferred to another of said links;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said links are activated and deactivated;

displaying said activated links differently than said deactivated links.

14. A method in accordance with claim 13, further comprising:

displaying said activated links and deactivated links with said displaying of said physical connectivity and status.

15. A method in accordance with claim 13, further comprising:

determining from said combined MAC lookup tables which of said plurality of switches is participating in said spanning tree protocol;

displaying said switches participating in said spanning tree protocol differently than said switches not participating in said spanning tree protocol;

determining from said combined MAC lookup tables which bridges of said plurality of switches are participating in said spanning tree protocol, and a port number of said bridges participating in said spanning tree protocol;

displaying said bridges participating in said spanning tree protocol with said port number and in a different manner than bridges not participating in said spanning tree protocol.

16. A method in accordance with claim 13, further comprising:

identifying broadcast storms from said combined MAC lookup tables;

displaying locations of said broadcast storms.

17. A method in accordance with claim 13, further comprising:

identifying and displaying a rate of reconfiguration of said links above a predetermined value;

identifying and displaying trunking ports in an spanning tree protocol blocking state;

identifying and displaying an optimum root node;

identifying and displaying choke points.

18. A method in accordance with claim 14, wherein:

a subset of said plurality of links are combined by said switches and said MAC lookup table into a trunk line transferring data in parallel over said subset of links;

determining from said combined MAC lookup tables which of said links are formed into said trunk line;

displaying said trunk line differently than said links with said displaying of said physical connectivity and status.

19. A method in accordance with claim 18, further comprising:

determining a critical path of said packets from one of said workstations to another of said workstations;

displaying said critical path with said displaying of said physical connectivity and status.

20. A method in accordance with claim 18, wherein:

each of said plurality of routers has a IP address lookup table indicating onto which of said links a packet having a specific IP address is to be transferred to, said each routers having multicast means for receiving a multicast packet on one of said links and forwarding said multicast packet to a subset of said links according to a multicast tree table;

polling is performed on said plurality of routers to obtain copies of each of said IP lookup tables, and said multicast tree tables;

said polled multicast tree tables are combined to determine a presence and content of any existing multicast trees;

graphically displaying said contents of said any existing multicast trees with said displaying of said physical connectivity and status.

21. A method in accordance with claim 20, further comprising:

determining a critical path of said packets from one of said workstations to another of said workstations;

displaying said critical path with said displaying of said physical connectivity and status.

22. A method in accordance with claim 1, wherein:

said plurality of switches have a plurality of said links between themselves, each of said plurality of switches having an address MAC lookup table indicating where a frame received on one of said links is transferred to another of said links, a subset of said plurality of links being combined by said switches and said MAC lookup table into a trunk line transferring data in parallel over said subset of links;

polling said plurality of switches to obtain copies of each of said MAC lookup tables;

combining said polled MAC lookup tables;

determining from said combined MAC lookup tables which of said links are formed into said trunk line;

displaying said trunk line differently than said links.

23. A method in accordance with claim 22, further comprising:

displaying said trunk line with said displaying of said physical connectivity and status.

24. A method in accordance with claim 22, further comprising:

identifying in said displaying each of said subset links in said trunk line;

displaying a status of said trunk line, and a status of each of said subset links in said trunk line;

displaying utilization of said trunk line and utilization of each of said subset links;

detecting and displaying misconfiguration of said trunk line.
 Description Submit all comments and votes
 


FIELD OF THE INVENTION

The present invention relates to a multiple view network management tool for managing a network as a system. In particular a plurality of workstations are in communication with each other through a plurality of links, a plurality of switches and a plurality of routers. Data is collected from the switches and routers and used to view and manage the network as a system.

BACKGROUND OF THE INVENTION

Computer networks are increasing in size and complexity. When only two workstations are in communication with each other, data transfer, synchronization, and a common language or data format is relatively simple to establish. When more than two workstations are connected, coordination, addressing, and identification problems become more complex. As the number of workstations increases, additional hardware is often needed. The hardware is used to coordinate the different requirements that need to be fulfilled in order for successful communication to take place.

One long-standing attempt at breaking up the complexities of networking is the OSI (open systems interconnection) Seven Layer Reference Model. This model represents a network as seven layers:

Application--Layer 7

Presentation--Layer 6

Session--Layer 5

Transport--Layer 4

Network--Layer 3

Datalink--Layer 2

Physical--Layer 1.

This seven layer model has become the de facto standard for networking; it segments functionality by layer and makes network construction more module with interchangeable parts. This model is widely referenced to the point that network managers refer to network problems as being a layer 3 (network layer) problem or a layer 2 (datalink layer) problem. Layer 3 and layer 2 are particularly important layers for determining overall network health; subsequently a network manager spends much of his time managing these layers.

When the number of workstations increases to above approximately 5, or especially 10, hardware is needed to manage all of the data traffic. All of the workstations are usually provided with a link to a hardware device known as a concentrator. The plurality of workstations communicate with the other plurality of workstations over these links and through the concentrator. One of the most basic functions of a concentrator is for the concentrator to function as a repeater.

Each workstation communicates by sending data in frames, where the frame has a destination MAC address. All network devices, such as those that allow a workstation to communicate over a network, are assigned a unique MAC address. The frame with the destination MAC address is sent from the workstation over a link to the repeater. A repeater takes the frame received on one link, and sends a frame out on all the other links. Each workstation connected to the repeater monitors its respective link, and when a frame arrives that has a destination MAC address that matches the workstations MAC address, the workstation reads the frame and processes the frame internally.

Once the number of workstations largely increases, for example beyond 100, or the amount of traffic through the concentrator becomes excessive, a concentrator including a switch, is used. Such a switch has more intelligence than a repeater. The switch looks at the destination address of each frame received on a link, and then based on information contained in the switch, the switch only forwards the frame onto the link, or links, where the destination MAC address exists. The switch can contain this information in a MAC address look-up table, and this look-up table can either be created by a system operator, or the switch can learn which MAC addresses are on a specific link, by reading source addresses on frames received over that specific link (build a look-up table). Other information, such as the quantity of frames received or transmitted onto a link, as well as the size, type and quality of frames can also be recorded by the switch. This information is stored as data in a database.

A repeater is usually used to group together a small number of workstations into what is often called a Local Area Network (LAN), with a switch connecting several LAN's. In this way, the number of workstations that are able to communicate with each other can be increased tremendously, without each frame having to be sent to each workstation. This cuts down on traffic and allows frames to be more quickly sent from one workstation to another.

Presently the number of workstations which are to be connected together, particularly in large companies with locations in many different cities, and several buildings in each of those cities, has caused the amount of traffic to overwhelm repeaters and switches. Therefore, higher level network coordination is required.

An Internet Protocol (IP) has been devised for coordinating such a large number of individual workstations, which often spread out in groups over a large geographical area. This Internet protocol uses an IP address in addition to the MAC address.

Routers are then provided which operate in a manner somewhat similar to switches, but instead read the IP address of a packet. Such a packet is formed of one or more frames. When a router receives a packet, it reads the IP address, and then based on internal information, forwards the packet to a specific port or ports. These ports are connected to links which can then either be connected to other routers in the network, or to, switches, repeaters or individual workstations depending on the how the router is configured.

A packet going from one workstation to another, may have to pass over links, and through several repeaters, switches and routers before it reaches its destination workstation. Also some packets may be destined for more than one workstation, as is often the case when multimedia is transmitted over a large network. The routers must contain information on the proper forwarding of packets, and this information must be updated. When a packet must pass through several routers, and when a workstation in one country wishes to communicate with a workstation several countries away, the packet is transferred from router to router through all of those countries.

Many large companies, have what is now known as Intranets. Intranets act much like the global Internet, but are limited to the workstations of a particular company spread out over many countries, cities and buildings in each city. Tools are needed which allow system operators to determine how to configure the routers and switches, and to identify problems which are causing the network to not operate properly.

SUMMARY AND OBJECTS OF THE INVENTION

It is the primary object of the present invention to provide a method and apparatus for viewing the configuration of a computer network, especially an Intranet of a large company. The method of the present invention polls or collects the database information from the switches and routers of the Intranet. These databases are combined and information is determined or calculated from these databases to determine the status, configuration and connectivity of the individual workstations, links, switches and routers. Some of the parameters that are determined or are calculated, include bandwidth utilization, congestion, Quality of Service (QOS), error rates, and actual and switched connections between the various elements of the network.

This information is displayed in a graphic view, where the appearance of the individual elements represents the status or configuration of the individual elements. Also the relative positioning, and the connections between elements in the graphic view represent the connectivity relationships of the actual elements in the actual network.

Another object of the present invention is to combine different types of status information into a single view.

Management of layers 3 and 2 is greatly facilitated by having an accurate picture of the network. Network pictures give a network manager a reference point of what is connected to what, where each device is in relation to other devices, the location of routers and switches, and the proximity of end notes and end devices.

However, the present invention goes well beyond simple connectivity pictures. The present invention recognizes that the connectivity picture is only one view of the network for network management. The present invention is based additionally on presenting views which are beneficial to a network manager. In addition, the present invention shows each view in context with overlapping views. For example, in a preferred embodiment a multimedia path view of the network is overlaid on the layer 3 (routing) view of the network. Multiple views in context give network managers many ways to view the same network components and their interrelationships in one picture. This provides strong context and focus on interrelationships which is often the route of network problems.

One of the views is an IP path tracing view of the network. This enables the network manager to monitor critical network links in the network, and in particular to see the exact path taken by a packet from one workstation, through the routers to another workstation.

A multimedia path tracing view of the network is also provided which has the ability to monitor the network data flows with the DVMRP (Distance-Vector Multicast Routing Protocol). This provides the network manager with a multimedia view of the network in context with a normal connectivity view. The network manager is then able to see how multimedia packets are passing through the network, in relationship to other views of the network, and thus determine if the receiving of multimedia packets by several workstations is interfering with other operations of the network.

A spanning tree view of the network is also provided. A plurality of switches often contain a plurality of links between themselves to provide redundant links, should a link fail. However, having several active links between two switches, can cause broadcast storms and therefore a spanning tree protocol is typically in operation to remove redundant links and hold them in standby. The spanning tree view of the network allows a network manager to see layer 2 connectivity and any standby links. This view is particularly important in switched networks where switches often get lost or clumped in layer 3 routing connectivity views.

A trunking view of the network is also provided. One of the techniques used to increase the bandwidth between network devices is to load balance data between multiple ports or links. This results in bandwidth summation of all the ports, and essentially a very large bandwidth connection made up of many physical links logically managed as one. The trunking view of the present invention provides a display of trunked links in relation to all the other views.

Some local area networks may organize their workstations in a ring protocol. The present invention provides a ring view of the network showing which workstations are connected in a ring, and their relative positions in that ring.

The present invention also provides a routing connectivity view of the network. While this routing connectivity view is not unique, the feature of this routing connectivity view in context with the other views, provides additional information to a network manager and the combination is unique.

The present invention evaluates the various network views as a composite, in much the same way as a network manager does. For example, one of the fundamental problems of a network is configuration consistency among routing devices within the network. If timers are out-of-synch, or tables are inconsistent, the network often fails or at minimum is handicapped. Because the present invention maintains network views of the network, it can automatically verify certain key configuration consistencies for the network manager, and show inconsistencies in context on the graphic display. This increases problem resolution, often to the point of fixing problems before they are realized by network users.

The system of the present invention is built using client/server technology. The clients can be Java-based, Windows, or Unix applications, which provide access to the network view from any web browser. The server is preferably C++-based and runs on either a Unix or Windows O/S. All network views and network status will be distributed by the server in a hierarchial (in context) fashion, and not as a tabular collection of data which must be assembled appropriately at the client.

This provides methodology for a consistent set of views across the network using a very thin client, very powerful server, and in context hierarchical data. This hierarchical data is expected to be very useful in present and future analysis of computer networks.

The various features of novelty which characterize the invention are pointed out with particularity in the claims annexed to and forming a part of this disclosure. For a better understanding of the invention, its operating advantages and specific objects attained by its uses, reference is made to the accompanying drawings and descriptive matter in which preferred embodiments of the invention are illustrated.

BRIEF DESCRIPTION OF THE DRAWINGS

In the drawings:

FIG. 1 is an IP path tracing view of the network;

FIGS. 2A-D is a flow chart showing how the information for the IP tracing view is collected, calculated and displayed;

FIG. 3 is a multimedia path tracing view of the network;

FIG. 4 is a spanning tree view of the network;

FIG. 5 is a flow chart showing how the information is collected, calculated and displayed for the spanning tree view;

FIG. 6 is a trunking view of the network;

FIG. 7 is a flow chart showing how the information is collected, calculated and displayed for the trunking view;

FIG. 8 is a routing overview of the network which can be expanded to show information from the other views;

FIG. 9 is a flow chart showing how information is collected, calculated and displayed for the routing view;

FIG. 10 is a flow chart showing how information is collected, calculated and displayed for the ring portion of the routing view;

FIG. 11 is a diagram illustrated in the geometrical relationship between each node in the algorithm (the nodes are represented by squares);

FIG. 12 is a map consisting of 6032 objects "nodes and connections" as placed by the radial place algorithm;

FIG. 13 is a detailed view of a section of FIG. 21; and

FIG. 14 is a flow chart showing how the radial placement is determined in a view.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

Referring to the drawings, the primary view for this application is a topology view consisting of routers, router interfaces, backbone networks, WAN networks, and network "clouds". A backbone network is a network that directly interconnects two or more routers. A single router interface that connects a campus backbone to a wide area backbone is represented as a WAN network. A network cloud is a group of one or more networks that are not part of the backbone (each network is directly connected to only one router). Starting with a list of the backbone routers, the present invention will poll each routers IP address table along with a few objects from the iftable to obtain the list of interfaces that have configured IP addresses. The resulting list of interfaces is then used to discover the networks to which the router is connected.

FIG. 8 shows a routing conductivity view of the network. Individual nodes or workstations 1 are connected to each other, and other devices on the network by links 3. The links 3 can take many different forms such as twisted pair, coaxial cable, and fiberoptic. All these different types of links have different bandwidth capabilities and can also have different physical layer configurations, such as layer 2 collision domain. A switch 5 connects the four workstation 1 in the upper left portion of FIG. 8 to the rest of the network. Another switch 5 connects the four workstations 1 in the upper right portion of FIG. 8 to the rest of the network. And still another switch 5 connects the three workstations 1 in the lower right side of FIG. 8 to the rest of the network, and to the switch 5 connecting the four modules in the upper right. The link 3 connecting the two switches 5 on the right side of FIG. 8, is a trunking link in a preferred embodiment. The user is able to request that trunk links be specifically identified and this link would then have a different appearance than other links which are not trunk links.

Alternatively the user could request an expanded view of this particular link, as it is shown in FIG. 6. The link in FIG. 6 is a trunk link formed of individual lines 7. The switches 5 on either end of the link treat all of the trunk lines 7 as one link and data is transferred over all of these trunk lines 7 in a substantially parallel form. The individual trunk lines 7 can have different appearances, represented in FIG. 6 by different types of diagonal lines, to show different features or status of the individual trunk lines 7. As an example, one of the trunk lines 7 could be noisy, so that its data rate is much lower. A network supervisor could select the display to show the bandwidth utilization of all the lines 7, or links 3 in a broad overview of the network. The network supervisor would then be able to determine if there were any difficulties on any of the lines or links. In another example, the network supervisor could request to see total available bandwidth, to determine if the adding of additional workstations would cause difficulty.

As also shown in FIG. 8, routers line are shown. In a preferred embodiment, the routers 9 are shown with a shape which has more angles than a switch 5 or a workstation 1. In this preferred embodiment, the more angles the showing of a device has, the more intelligence or processing capability a device has.

FIG. 8 also shows ring network topology 11, in a form of a circle. These are FDDI rings, and can either be single or dual ring topologies. Servers 13 are also shown. A network supervisor is thus allowed view many different devices of the network and observe their connectivity. The network supervisor can also zoom in on a particular link or area of the network and obtain additional information, such as trunk lines present in a link, and link status.

Many times a network supervisor is not concerned with all the devices in a network. Instead one particular workstation 1 may be having difficulty communicating with a particular server 13. In this case, the network administrator, would use the IP view of the network, as shown in FIG. 1. FIG. 1 actually shows two different IP trace views for demonstration purposes. In the top IP trace view, a particular workstation 1a desires to communicate with a particular server 13a. The IP view shows all the devices and links between the particular workstation 1a and the particular server 13a. In the top example in FIG. 1, the links 3 are represented by lines of varying thickness. Depending on the users selection, the thickness of the lines can either represent total available bandwidth, bandwidth utilization, error rates, quality of service, actual data rate, and/or the presence of any trunk lines. As one can see, the connection between the particular workstation 1a and the first server 13, is a particularly thick line, while the next link is a much thinner line. This could indicate to a network supervisor that the second link may be causing congestion and having a bottleneck affect on communications between the particular workstation 1a and the particular server 13a. The top example in FIG. 1 also shows that a ring topology 11, mainly a dual ring topology, is present between the particular workstation 1a and a particular server 13a. In the present invention, in a preferred embodiment, the network supervisor can request identification of each of the individual servers, routers and switches between the particular workstation 1a and the particular server 13a. The network supervisor is then able to obtain information from the devices and analyze any difficulties in communication between the particular workstation 1a and the particular server 13a.

A large source of traffic across a network is cause by what is often known as mulitmedi or multicast traffic. This often takes the form of a particular type of programming by one station, which then sends this programming to a plurality of workstations 1. FIG. 3 shows a multicast or multimedia view of a network from a particular router 9a to a plurality of other devices. The multimedia program is sent from the particular router 9a to particular workstations 1b. Each of the workstations 1b has requested from a corresponding switch 5, router 9 or server 13 that packets or frames having a particular address, such as the address for a particular multimedia program, be forwarded to that particular workstation 1b. In effect, the particular workstation 1b requests from the closest switch 5, router 9, or server 13, that it be subscribed to a particular program. If this closest switch 5, router 9 or server 13 is itself not subscribed to a particular program, that device will then request from another device that it be subscribed to that particular program. This continues on until a device is found which already subscribes, to that particular program, such a router 9a.

Such programming often contains video and audio information that is delivered at periodic intervals. This can consume large amounts of bandwidth in a network. Therefore it is very beneficial to the network supervisor to determine which particular workstations 1b are subscribing to a multimedia, or at least multicast transmissions. The network supervisor, in a preferred embodiment, can analyze the individual links 3 in a multicast tree, and the individual devices between the particular workstations 1b and the particular router 9a which provides the source of the multimedia transmission.

FIG. 4 shows a spanning tree view of a network. Many of the switches 5 have two or more links 3 between themselves. A spanning tree algorithm has been run on these switches 5 and in order to avoid broadcast storms from more than one active link 3 between adjacent switches 5, only one of the links 3 between the adjacent switches 5 is active, and the remaining links 3 are inactive. In the spanning tree view shown in FIG. 4, the active links 3a are shown as solid lines, and the inactive links 3b are shown in outline. This gives the network supervisor an indication as to the vulnerability of a particular link, since if there are several inactive redundant links 3b, reliability of that particular link is particularly strong. If a particular link between two adjacent switches only has one active link, with no inactive links, that link is particularly vulnerable to failure and preventing communication between workstations 1 on opposite sides of that link. Also, the network supervisor is able to see if the spanning tree algorithm has properly activated and deactivated certain links. If the network supervisor sees that there are two active links between adjacent switches 5, then the supervisor knows there has been failure in the spanning tree algorithm, or that the spanning tree algorithm has not been run. Likewise the network supervisor can detect an error if only inactive links are between the two adjacent switches.

ROUTING CONDUCTIVITY VIEW CREATION

The routing topology is constructed as follows:

If a network has two or more router interfaces with addresses on the network, a backbone network icon will be displayed for the network. A line connecting a router to the network represents the router's interface.

The remaining networks have only one associated interface. If the interface type and speed indicate that it is a WAN link, a WAN network icon is created for this network. The line connecting a router to the network represents the router's WAN interface.

All other networks are assigned to a network cloud. Each router will have at most one network cloud icon connected to it. The cloud icon represents all of the non-backbone and non-WAN networks to which the router is directly connected.

The user is able to give each router, network, and cloud a logical name. The application provides reasonable defaults for all logical names.

Note that his is a single, flat view of the backbone. There are no submaps and/or further drill-down maps. Not all of the complexity and levels of hierarchy are replicated. This topology view represents only the essential Layer 3 elements of the campus backbone in a way that is simple and useful.

From this view, the user can select an object and display/modify its properties such as:

Router: Name, Date last baselined, Integrity check status, RIP (Routing Information Protocol) enabled, OSPF (Open Shortest Path First) enabled Backbone Network: Name, Date last baselined, Integrity check status Network cloud: Name, list of networks, and integrity check status of each network OSPF Area Topology

If one or more of the backbone routers are running OSPF, the user is able to view the OSPF area topology. To discover this topology, a Router Watch means polls some MIB objects from the ospflfTable. This Router Watch may also display virtual links between otherwise isolated OSPF areas.

Configuration Polling, Change Detection, and Status Update

The purpose of the topology view is to make it easy for network managers to detect changes in the backbone router configuration and draw attention to faulty configurations. To accomplish this the Router watch means periodically polls each router for key configuration data. The user is able to schedule when the next configuration poll will occur along with the time interval between polls. The user is also able to request a configuration poll on demand or a different polling schedule for route table polling depending on the amount of data.

After a configuration poll is completed, the Router Watch means will compare the received data to the previous data (current baseline plus deltas from all configuration polls since the baseline) and detect any differences. All objects that have changed will then be integrity checked to ensure that all changes are consistent with the configuration and topology of the backbone network. Integrity checking is described below.

The color-coded status of each object in the topology views is determined by the result of configuration polling and subsequent integrity checks. The following colors are preferable:

Blue--Unknown: device not yet polled or not currently reachable from management system.

Green--OK: No changes have occurred since last baseline.

Light Green--OK with changes: Changes have occurred since last baseline, each change passed all integrity checks.

Yellow--Warning: Changes have occurred since last baseline, integrity checks indicate a possible problem.

Red--Error: Changes have occurred since last baseline, integrity checks indicate a sever configuration problem.

Grey--Not applicable: Device is not an IP Router (IP view) or does not have OSPF enabled (OSPF view).

The following data will be polled during each configuration poll. This list may be expanded in a further embodiment as more agent support is available and more integrity checks are added.

The following data affects the status of each router icon:

______________________________________ ipForwarding ipRouteTable ipRouteDest ipRouteMask ipRouteIfIndex ipRouteMetric1 ipRouteNextHop ipRouteType ipRouteProto ______________________________________

The routing protocols currently active on a router/router interface are deduced from the ipRouteProto field of each routing table entry. The following objects are polled depending on the protocol(s) that are in use:

RIP: a variable that indicates the currently configured RIP update time

OSPF: ospfAdminStat possibly other objects from ospfGeneralGroup

The following data affects the discovery of the backbone topology as well as the status of each router interface, network icon, and network cloud icon:

______________________________________ ipAddrTable ipAdEntAddr ipAdEntNetMask ipAdEntIfIndex ifOperStatus (for interface identified by ipAdEntIfIndex) ifType (for interface identified by ipAdEntIfIndex) ifSpeed (for interface identified by ipAdEntIfIndex) ospfIfTable ospfIpAddress ospfAreaID ospfAdminState ospfIfHelloInterval ospfIRtrDeadIntnerval ospfIfPollInterval ospfIfAuthKey ______________________________________

Baseline Management

Baseline management enables the user to easily detect changes to the Layer 3 configuration of the backbone.