WO2010013098A1 - Data path debugging - Google Patents

Data path debugging Download PDF

Info

Publication number
WO2010013098A1
WO2010013098A1 PCT/IB2008/054460 IB2008054460W WO2010013098A1 WO 2010013098 A1 WO2010013098 A1 WO 2010013098A1 IB 2008054460 W IB2008054460 W IB 2008054460W WO 2010013098 A1 WO2010013098 A1 WO 2010013098A1
Authority
WO
WIPO (PCT)
Prior art keywords
debugging
node
data path
data
data packets
Prior art date
Application number
PCT/IB2008/054460
Other languages
French (fr)
Inventor
Anish Verma
Andrew Mcrae
Original Assignee
Alcatel Lucent
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alcatel Lucent filed Critical Alcatel Lucent
Priority to PCT/IB2008/054460 priority Critical patent/WO2010013098A1/en
Publication of WO2010013098A1 publication Critical patent/WO2010013098A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/12Network monitoring probes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/026Capturing of monitoring data using flow identification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering

Definitions

  • the embodiments disclosed herein generally relate to networks, and, more particularly, to data path debugging in networks.
  • rate limiting of debug logs occurs at debug logging server.
  • Data path continuously generates debug logs, and debug logging server has to rate-limit the logs generated by data path. This will further impact performance of network devices adversely.
  • debug architecture is not flexible enough in allowing debug code for particular component or a specified set of components in a network device.
  • debugging logs are generated for all interfaces in a network device, resulting in a large number of debugging logs and therefore making troubleshooting more difficult
  • an embodiment herein provides a method and system for debugging a data path of a network device, for example, router/switch using dynamic method to selectively add and remove debugging nodes in the data path with no impact on the packet forwarding performance, the method comprising steps of inserting a debugging node in the data path, classifying the data packets passing through debugging node, generating debug logs for the data packets, and removing the debugging node from the data path on completion of debugging.
  • a plurality of debugging nodes can be placed on the data path on per interface basis.
  • the debugging node can be placed on the ingress and egress of a particular component in the data path thereby permitting the user to debug the functionality of a particular component in the data path.
  • the debugging node includes complete debugging and rate limiting functionality.
  • the debugging node classifies the data packets passing through the node using one pass classification and generates debug logs for each data packet with rate limiting.
  • the debugging node classifies said data packets using one pass classification up to seven layers of the Open System Interconnection (OSI) model.
  • OSI Open System Interconnection
  • the debugging node is adapted to classify said data packets using one pass classification and provides classification of data packets up to seven layers of the OSI model.
  • Embodiments herein further disclose a system for debugging a data path of a network device using dynamic method to selectively add and remove debugging nodes in a data path with no impact on the packet forwarding performance, the system comprising at least one means adapted to insert a debugging node in the data path, classify the data packets passing through the debugging node, generate debug logs for the data packets with rate limiting and remove the debugging node once the user is done with debugging the data path.
  • ⁇ plurality of debugging nodes can be placed on the data path where the debugging node can be placed on the ingress and egress of a particular component in the data path.
  • the debugging node includes complete debugging and rate limiting functionality and is adapted to classify said data packets using one pass classification and provides classification of data packets up to seven layers of the OSI model.
  • FIG. 1 illustrates a schematic diagram depicting a network device and components, according to an embodiment heroin
  • F(G. 2 illustrates a block diagram depicting the functional modules of a debugging node, according to an embodiment herein;.
  • FIG. 3 is a block diagram showing an exemplary illustration of a data path with debugging nodes inserted on an interface, according to an embodiment herein;
  • FJG. 4 illustrates a schematic diagram depicting the debugging nodes insetted on the ingress and egress of a Network Address Translation (N AT) node in the data path, according to an embodiment herein;
  • FIG. 5 illustrates a flowchart depicting a method of debugging a data path by inserting debugging nodes, according to an embodiment herein.
  • Embodiments herein disclose a method of debugging the data path functionality of a network device by providing a dynamic method to selectively add and remove debugging nodes in a data path with little or no impact on the packet forwarding performance.
  • a debugging node contains complete debugging functionality, including rate limiting functionality.
  • user can insert a debugging node at the required point in the data path.
  • the debugging node can be programmatically created and inserted, in the data path.
  • a user can place any number of debugging nodes simultaneously in the data path. More than one instance of a debugging node can be placed on the ingress and. egress of a particular component in the data path. thereby permitting the user to debug the functionality of a particular component in the data path and narrow down a data path level problem to a component level problem in the data path.
  • the debugging node classifies the data packets passing through the node and generates debug logs for each data packet with rate limiting.
  • the debugging nodes have little or no impact on the packet forwarding performance of the path. Once the user is done with debugging the path, then the user can then remove the debugging node.
  • FIG. 1 illustrates a schematic diagram depicting a network device and the components, according Io an embodiment herein.
  • a network device 101 works as an intermediate system that mediates sending, receiving or forwarding data in a computer network.
  • the network device 101 can be a router, hub, bridge or switch.
  • the network devices 101 allow computers on completely separate networks to communicate with one another.
  • a network device 101 say router is used as gateway for other computers to access the Internet 102.
  • the network device 101 is placed between the computers and the modem provided by the internet service provider and connects all computers to the network device by connecting the network device to the modem.
  • the network device is connected to the computer 1 103, computer 2 104, server 105 and by a wireless connection to a laptop 106.
  • FJG. 2 illustrates a block diagram depicting the functional modules of a debugging node, according to an embodiment herein.
  • the functional modules of the debugging node 201 include complete debugging module 202, rate-limiting module 203, and classifier module 204.
  • the debugging node 201 can be any device connected to a network such as computers, personal digital assistants (PDAs), cell phones, switches, routers or other networked devices.
  • PDAs personal digital assistants
  • the debugging node 201 acts as a connection point, cither a redistribution point or an end point, for data transmission and has programmed or engineered capability such as debugging commands or modules to recognize and process data transmission to other nodes.
  • Rate limiting is a security feature which disables a user's ability to send several instant messages al a time.
  • the insertion and removal of debugging node 201 dynamically allows rate limiting of debug logs at data paths.
  • the debugging node 201 uses a common classifier to classify the data packets on the data path.
  • the classifier may be a collection of rules or policies. Packet classification requires matching each data packet against a database of filters (or rules), and forwarding the packet according to the highest priority filter.
  • the classifier may use one pass classification to classify the packets, where one pass classification is one method of packet classification where a single, flexible, extensible syntax defines a common classification and specifies policies for all services.
  • the syntax also defines complex classifications for QoS, anti-virus, VoIP and other applications.
  • single-pass packet classification a packet enters a firewall first, thus protecting all other services in a gateway.
  • the IPSec service decrypts and classifies the packet using the common classification and attaches a tag that contains information about which services need to process the packet.
  • the packet then passes to a filter in the services gateway that accepts or denies the packet based on information in the tag.
  • each data packet is classified only once in the data path and the rest of the nodes in the data path utilize the same classification.
  • data packets usually pass through a variety of security modules, such as firewalls and content filters before the packet is forwarded.
  • One pass classification module 204 also provides classification upto seven layers of Open Systems Interconnection Basic Reference Model (OSl), where the seven layers are the Physical layer. Data link layer, Network layer,
  • the debugging nodes 201 are dependent on the interface.
  • the ingress and egress interfaces of flic debugging nodes 201 can be modified according to the location of the node.
  • FlG. 3 is a block diagram showing an exemplary illustration of a data path with debugging nodes inserted on a data path, according to an embodiment herein.
  • the data path comprises of 3 nodes, 301, 302 and 303.
  • Debugging nodes 201 have been inserted in the data path to debug the data path.
  • the debugging node 201 classifies data packets passing through the node 201 and generates debug logs for packets, which match the criteria and available limits.
  • the debug logs are generated only for packets which match pre-dete ⁇ nined criteria. Also, the number of debug logs generated may also he limited, on a per second or a per minute basis.
  • the debug logs generated arc rate limited for matching each data packet.
  • the debugging node 201 uses a common classifier to classify the data packets on the data path.
  • the classifier module 204 may use one pass classification, where each data packet is classified only once in the data path and the rest of the nodes in the data path utilize the same classification.
  • the classifier module 204 also provides classification apto seven layers. The user can also verify the functionality of node 2 302. using the debug logs which arc generated by the debugging nodes 201 for a data packet before and after node 2 302.
  • FIG. 4 illustrates a schematic diagram depicting the debugging nodes inserted on the ingress and egress of a Network Address Translation (NAT) node 402 in the data path, according to an embodiment herein.
  • the data path comprises of 3 nodes, decap node 401, NAT node 402 and IP node 403.
  • Debugging nodes 201 have been inserted in the data path to debug the data path.
  • the debugging node 201 classifies the data packets passing through the nodes 201 and generates debug logs for matching data packet if logs are within the configured rate limit.
  • the debugging node 201 uses a common classifier to classify the data packets on the data path.
  • the classifier module 204 may use one pass classification, where in one pass classification, data packet is classified only once in the data path and the rest of the nodes in the data path utilize the same classification.
  • One pass classification also provides classification upto seven layers. The user can verify the functional i Iy of NAT node 402, using the debug logs which are generated by the debugging nodes 201 for a data packel before and after NAT node 402.
  • FlG, 5 illustrates a flowchart depicting a method of debugging a data path by inserting debugging nodes, according to an embodiment herein.
  • the user inserts (501) a debugging node 201 on a particular interlace in the data path.
  • the interface can have more than one instance for inserting a debugging node 201.
  • the debugging node 201 classifies (502) the data packets passing through debugging node.
  • the node 201 uses a common classifier to classify the data packets on the data path. Further, the debugging node 201 generates (503) debug logs for the packet with rate limiting. Thereafter, the user removes (504) the debugging nodes 201 from the data path.
  • the debug node 201 is interface based and generates logs for data packets only from interested interface and removes debug logs from uninterested interface.
  • the dynamic insertion and removal of debugging nodes 201 permits rate limiting of debug logs at the data path.
  • the selective insertion and removal of debug nodes 201 has no impact on the packet forwarding performance of the data path while debugging is turned OFF and the selective insertion and removal of debug nodes 201 has minimal impact on the packet forwarding performance of the data path while debugging is turned ON. However, the impact does not diminish the performance of the data path as compared to the existing solutions.
  • the various actions in method 500 may be performed in (he order presented, in a different order, or simultaneously. Further, in some embodiments, some actions listed in FIG. 5 may be omitted.
  • the embodiments disclosed herein facilitate the debugging of the functionality of a component by placing the debugging node ingress ov egress of the component, thereby reducing the problems of debugging to component level in data path. Further, the debugging node is inserted on per interface basis, controls data path debugging and also removes the debug logs from uninterested interface. [0024] As can be appreciated, the embodiments disclosed herein provides data path debugging functionality of a network device by inserting a debugging node containing complete debugging and rate limiting functionality. Also it is to be understood that the invention as described here is not limited to this precise embodiment and that various changes and modifications may be affected therein without departing from the original scope or spirit of present invention.
  • the embodiments disclosed herein can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment including both hardware and software elements.
  • the embodiments that arc implemented in software include but arc not limited to, firmware, resident software, microcode, etc.

Abstract

A method for debugging data paths in a network device is disclosed. The method includes inserting a debugging node in the data path, classifying the date packets passing "through the debugging nodes, generating debug logs for the data packet with rate limiting and removing the debugging node. The debugging nodes include complete debugging. rate limiting and one pass classification functionalities. The debugging node debugs the data packets and removes debug logs from uninterested interfaces. The debugging nodes may be placed at the ingress or egress of a particular component to debug the functionality of the component.

Description

Data path debugging
BACKGROLJND Technical Field [001] The embodiments disclosed herein generally relate to networks, and, more particularly, to data path debugging in networks.
Description of the Related Art
[002] Existing techniques to debug data path in network devices (for example, routers and switches) deteriorate the performance of the network devices and thus making online troubleshooting extremely difficult. In existing solutions, data path has to carry the debug code and the debug code has to be executed for every data packet that is processed by a network device. So the limitations of the existing debug architecture burden the data path code and hence adversely impact the network performance. Even if data logs are turned off, performance of network devices are adversely affected as the debugging code is present on data path.
[003] Furthermore, in existing solutions, rate limiting of debug logs occurs at debug logging server. Data path continuously generates debug logs, and debug logging server has to rate-limit the logs generated by data path. This will further impact performance of network devices adversely.
[004] Also, in existing solutions, debug architecture is not flexible enough in allowing debug code for particular component or a specified set of components in a network device. By default, debugging logs are generated for all interfaces in a network device, resulting in a large number of debugging logs and therefore making troubleshooting more difficult
SUMMARY
[005] In view of the foregoing, an embodiment herein provides a method and system for debugging a data path of a network device, for example, router/switch using dynamic method to selectively add and remove debugging nodes in the data path with no impact on the packet forwarding performance, the method comprising steps of inserting a debugging node in the data path, classifying the data packets passing through debugging node, generating debug logs for the data packets, and removing the debugging node from the data path on completion of debugging. A plurality of debugging nodes can be placed on the data path on per interface basis. The debugging node can be placed on the ingress and egress of a particular component in the data path thereby permitting the user to debug the functionality of a particular component in the data path. The debugging node includes complete debugging and rate limiting functionality. The debugging node classifies the data packets passing through the node using one pass classification and generates debug logs for each data packet with rate limiting. The debugging node classifies said data packets using one pass classification up to seven layers of the Open System Interconnection (OSI) model.
[006] Embodiments herein further disclose a debugging node adapted to perform debugging of data path comprises at least one means adapted to classify the data packets on data path, generate debug logs for the data packets and perform rate limiting of the debug logs for matching the data packets. The debugging node is adapted to classify said data packets using one pass classification and provides classification of data packets up to seven layers of the OSI model.
[007] Embodiments herein further disclose a system for debugging a data path of a network device using dynamic method to selectively add and remove debugging nodes in a data path with no impact on the packet forwarding performance, the system comprising at least one means adapted to insert a debugging node in the data path, classify the data packets passing through the debugging node, generate debug logs for the data packets with rate limiting and remove the debugging node once the user is done with debugging the data path. Λ plurality of debugging nodes can be placed on the data path where the debugging node can be placed on the ingress and egress of a particular component in the data path. The debugging node includes complete debugging and rate limiting functionality and is adapted to classify said data packets using one pass classification and provides classification of data packets up to seven layers of the OSI model.
[OOSJThese and other aspects of the embodiments disclosed herein will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. It should be understood, however, that the following descriptions, while indicating preferred embodiments and numerous specific details thereof, arc given by way of illustration and not of limitation. Many changes and modifications may be made within the scope of the embodiments disclosed herein without departing from the spirit thereof, and the embodiments disclosed herein include all such modifications.
BRIEF DESCRIPTION OF THE DRAWINGS [009] The embodiments disclosed herein will be better understood from the following detailed description with reference to the drawings, in which:
[0010] FIG. 1 illustrates a schematic diagram depicting a network device and components, according to an embodiment heroin; [0011] F(G. 2 illustrates a block diagram depicting the functional modules of a debugging node, according to an embodiment herein;.
[0012JFIG. 3 is a block diagram showing an exemplary illustration of a data path with debugging nodes inserted on an interface, according to an embodiment herein;
[0013] FJG. 4 illustrates a schematic diagram depicting the debugging nodes insetted on the ingress and egress of a Network Address Translation (N AT) node in the data path, according to an embodiment herein; and
[0014] FIG. 5 illustrates a flowchart depicting a method of debugging a data path by inserting debugging nodes, according to an embodiment herein.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
[0015] The embodiments disclosed herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. Descriptions of well-known components and processing techniques arc omitted so as to not unnecessarily obscure the embodiments disclosed herein. The examples tised herein are intended merely to facilitate an understanding of ways m which the embodiments disclosed herein may be practiced and to further enable those of skill in the art to practice the embodiments disclosed herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments disclosed herein.
[0016] Embodiments herein disclose a method of debugging the data path functionality of a network device by providing a dynamic method to selectively add and remove debugging nodes in a data path with little or no impact on the packet forwarding performance. Referring now to the drawings, and more particularly to FIGS. 1 through 4, where similar reference characters denote corresponding features consistently throughout the Ggures, there are shown preferred, embodiments.
[0017] A debugging node contains complete debugging functionality, including rate limiting functionality. For debugging a path in a network device, user can insert a debugging node at the required point in the data path. The debugging node can be programmatically created and inserted, in the data path. A user can place any number of debugging nodes simultaneously in the data path. More than one instance of a debugging node can be placed on the ingress and. egress of a particular component in the data path. thereby permitting the user to debug the functionality of a particular component in the data path and narrow down a data path level problem to a component level problem in the data path. The debugging node classifies the data packets passing through the node and generates debug logs for each data packet with rate limiting. The debugging nodes have little or no impact on the packet forwarding performance of the path. Once the user is done with debugging the path, then the user can then remove the debugging node.
[0018] FIG. 1 illustrates a schematic diagram depicting a network device and the components, according Io an embodiment herein. A network device 101 works as an intermediate system that mediates sending, receiving or forwarding data in a computer network. The network device 101 can be a router, hub, bridge or switch. The network devices 101 allow computers on completely separate networks to communicate with one another. A network device 101 say router is used as gateway for other computers to access the Internet 102. The network device 101 is placed between the computers and the modem provided by the internet service provider and connects all computers to the network device by connecting the network device to the modem. The network device is connected to the computer 1 103, computer 2 104, server 105 and by a wireless connection to a laptop 106.
[0019] FJG. 2 illustrates a block diagram depicting the functional modules of a debugging node, according to an embodiment herein. The functional modules of the debugging node 201 include complete debugging module 202, rate-limiting module 203, and classifier module 204. The debugging node 201 can be any device connected to a network such as computers, personal digital assistants (PDAs), cell phones, switches, routers or other networked devices. The debugging node 201 acts as a connection point, cither a redistribution point or an end point, for data transmission and has programmed or engineered capability such as debugging commands or modules to recognize and process data transmission to other nodes. Rate limiting is a security feature which disables a user's ability to send several instant messages al a time. The insertion and removal of debugging node 201 dynamically allows rate limiting of debug logs at data paths. The debugging node 201 uses a common classifier to classify the data packets on the data path. The classifier may be a collection of rules or policies. Packet classification requires matching each data packet against a database of filters (or rules), and forwarding the packet according to the highest priority filter. The classifier may use one pass classification to classify the packets, where one pass classification is one method of packet classification where a single, flexible, extensible syntax defines a common classification and specifies policies for all services. The syntax also defines complex classifications for QoS, anti-virus, VoIP and other applications. With single-pass packet classification, a packet enters a firewall first, thus protecting all other services in a gateway. In the firewall, the IPSec service decrypts and classifies the packet using the common classification and attaches a tag that contains information about which services need to process the packet. The packet then passes to a filter in the services gateway that accepts or denies the packet based on information in the tag. In one pass classification 204, each data packet is classified only once in the data path and the rest of the nodes in the data path utilize the same classification. In one pass classification 204, data packets usually pass through a variety of security modules, such as firewalls and content filters before the packet is forwarded. One pass classification module 204 also provides classification upto seven layers of Open Systems Interconnection Basic Reference Model (OSl), where the seven layers are the Physical layer. Data link layer, Network layer,
Transport layer. Session layer, Presentation layer, and the Application layer. In One pass classification the data packets are classified only once and rest of the module make use of this classification. Also, no extra load needs to be added to classify data packets in one pass classification. The debugging nodes 201 are dependent on the interface. The ingress and egress interfaces of flic debugging nodes 201 can be modified according to the location of the node.
[0020] FlG. 3 is a block diagram showing an exemplary illustration of a data path with debugging nodes inserted on a data path, according to an embodiment herein. The data path comprises of 3 nodes, 301, 302 and 303. Debugging nodes 201 have been inserted in the data path to debug the data path. The debugging node 201 classifies data packets passing through the node 201 and generates debug logs for packets, which match the criteria and available limits. The debug logs are generated only for packets which match pre-deteπnined criteria. Also, the number of debug logs generated may also he limited, on a per second or a per minute basis. The debug logs generated arc rate limited for matching each data packet. The debugging node 201 uses a common classifier to classify the data packets on the data path. The classifier module 204 may use one pass classification, where each data packet is classified only once in the data path and the rest of the nodes in the data path utilize the same classification. The classifier module 204 also provides classification apto seven layers. The user can also verify the functionality of node 2 302. using the debug logs which arc generated by the debugging nodes 201 for a data packet before and after node 2 302.
[0021] FIG. 4 illustrates a schematic diagram depicting the debugging nodes inserted on the ingress and egress of a Network Address Translation (NAT) node 402 in the data path, according to an embodiment herein. The data path comprises of 3 nodes, decap node 401, NAT node 402 and IP node 403. Debugging nodes 201 have been inserted in the data path to debug the data path. The debugging node 201 classifies the data packets passing through the nodes 201 and generates debug logs for matching data packet if logs are within the configured rate limit. The debugging node 201 uses a common classifier to classify the data packets on the data path. The classifier module 204 may use one pass classification, where in one pass classification, data packet is classified only once in the data path and the rest of the nodes in the data path utilize the same classification. One pass classification also provides classification upto seven layers. The user can verify the functional i Iy of NAT node 402, using the debug logs which are generated by the debugging nodes 201 for a data packel before and after NAT node 402.
[0022] FlG, 5 illustrates a flowchart depicting a method of debugging a data path by inserting debugging nodes, according to an embodiment herein. The user inserts (501) a debugging node 201 on a particular interlace in the data path. The interface can have more than one instance for inserting a debugging node 201. The debugging node 201 classifies (502) the data packets passing through debugging node. The node 201 uses a common classifier to classify the data packets on the data path. Further, the debugging node 201 generates (503) debug logs for the packet with rate limiting. Thereafter, the user removes (504) the debugging nodes 201 from the data path. The debug node 201 is interface based and generates logs for data packets only from interested interface and removes debug logs from uninterested interface. The dynamic insertion and removal of debugging nodes 201 permits rate limiting of debug logs at the data path. The selective insertion and removal of debug nodes 201 has no impact on the packet forwarding performance of the data path while debugging is turned OFF and the selective insertion and removal of debug nodes 201 has minimal impact on the packet forwarding performance of the data path while debugging is turned ON. However, the impact does not diminish the performance of the data path as compared to the existing solutions. The various actions in method 500 may be performed in (he order presented, in a different order, or simultaneously. Further, in some embodiments, some actions listed in FIG. 5 may be omitted.
[0023] The embodiments disclosed herein facilitate the debugging of the functionality of a component by placing the debugging node ingress ov egress of the component, thereby reducing the problems of debugging to component level in data path. Further, the debugging node is inserted on per interface basis, controls data path debugging and also removes the debug logs from uninterested interface. [0024] As can be appreciated, the embodiments disclosed herein provides data path debugging functionality of a network device by inserting a debugging node containing complete debugging and rate limiting functionality. Also it is to be understood that the invention as described here is not limited to this precise embodiment and that various changes and modifications may be affected therein without departing from the original scope or spirit of present invention.
[0025] The list of structures corresponding to the claimed means is not exhaustive and that one skilled in the art understands that equivalent structures can be substituted for the recited structure without departing from the scope of the invention,
[0026] The embodiments disclosed herein can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment including both hardware and software elements. The embodiments that arc implemented in software include but arc not limited to, firmware, resident software, microcode, etc.
[0027] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments disclosed herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that lhe phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while lhe embodiments disclosed herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments? disclosed herein can be practiced with modification within the spirit and scope of the appended claims.

Claims

CLAMS What is claimed is:
1. A method, of debugging a data path of a network device, the method comprising steps of inserting (501) at least one debugging node (201 ) in said data path, classifying (502) data packets passing through said debugging node (201), generating (503) debug logs for said data packets; and removing (504) said debugging node (201).
2. The method, as claimed in claim 1, wherein said debugging node (201) includes debugging functionality.
3. The method, as claimed in claim 1, wherein said debugging node (201) includes rate limiting functionality for debug logs.
4. The method as claimed in claim I 1 wherein said method permits a user to debug functionality of a component in said data path, wherein said debugging nodes (201) are placed on ingress and egress of said component.
5. The method, as claimed In claim 1, wherein said debugging node (201 ) classifies said data packets using one pass classification.
6. The method of claim 1, wherein said debugging node (201 ) classifies said data packets using one pass classification up to seven layers of the Open System Interconnection (OSl) model.
7. Λ node (201) adapted Io perform debugging of dala path, wherein said node (201) comprises alleast one means adapted to classifying (502) data packets on said data path; performing rate limiting of debug logs for matching said data packets; and generating (503) debug logs for said data packets.
8. A debugging node (201), as claimed in claim 7, wherein said debugging node
(201) is adapted to classify (502) said data packets using one pass classification.
9. A system for debugging a data patli in a network device, said system comprising atleast one means adapted to: inserting (501) at least one debugging node (201) in said data path, classifying (502) data packets passing through said debugging node (201), generating (503) debug logs for said data packets; and removing (504) said debugging node (201).
10. The system, as claimed in claim 9, wherein said debugging node (201 ) is adapted to perform debugging of data path, wherein said node (201) comprises atleast one means adapted Lo classifying (502) data packets on said data path: performing rate limiting of debug logs for matching said data packets; and generating (503) debug logs for said dala packets.
1. The system, as claimed in claim 9, wherein said debugging node (201) is adapted to classify (202) said data packets using one pass classification up to seven layers of Open System Interconnection (OSl) model.
PCT/IB2008/054460 2008-08-01 2008-08-01 Data path debugging WO2010013098A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/IB2008/054460 WO2010013098A1 (en) 2008-08-01 2008-08-01 Data path debugging

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB2008/054460 WO2010013098A1 (en) 2008-08-01 2008-08-01 Data path debugging

Publications (1)

Publication Number Publication Date
WO2010013098A1 true WO2010013098A1 (en) 2010-02-04

Family

ID=40394087

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2008/054460 WO2010013098A1 (en) 2008-08-01 2008-08-01 Data path debugging

Country Status (1)

Country Link
WO (1) WO2010013098A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0230712A1 (en) * 1985-10-09 1987-08-05 Outram Research Limited Data logger
US5611044A (en) * 1993-11-01 1997-03-11 Hewlett-Packard Company System and method for cross-triggering a software logic analyzer and a hardware analyzer
US6182247B1 (en) * 1996-10-28 2001-01-30 Altera Corporation Embedded logic analyzer for a programmable logic device
US6651099B1 (en) * 1999-06-30 2003-11-18 Hi/Fn, Inc. Method and apparatus for monitoring traffic in a network
US20050060598A1 (en) * 2003-09-12 2005-03-17 Finisar Corporation Network analysis tool
US7299277B1 (en) * 2002-01-10 2007-11-20 Network General Technology Media module apparatus and method for use in a network monitoring environment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0230712A1 (en) * 1985-10-09 1987-08-05 Outram Research Limited Data logger
US5611044A (en) * 1993-11-01 1997-03-11 Hewlett-Packard Company System and method for cross-triggering a software logic analyzer and a hardware analyzer
US6182247B1 (en) * 1996-10-28 2001-01-30 Altera Corporation Embedded logic analyzer for a programmable logic device
US6651099B1 (en) * 1999-06-30 2003-11-18 Hi/Fn, Inc. Method and apparatus for monitoring traffic in a network
US7299277B1 (en) * 2002-01-10 2007-11-20 Network General Technology Media module apparatus and method for use in a network monitoring environment
US20050060598A1 (en) * 2003-09-12 2005-03-17 Finisar Corporation Network analysis tool

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
C.K.ZUWER, J.W.LOCKWOOD: "Debugging of an Internet Packet Scheduler Using the Identify® Software", THE SYNDICATED - A TECHNICAL NEWSLETTER FOR ASIC AND FPGA DESIGNERS, vol. 4, no. 4, December 2004 (2004-12-01), pages 5 - 6, XP002518744 *
KEVIN DOOLEY ET AL: "Paragraph 18.14: Rate-Limiting Syslog Traffic", CISCO COOKBOOK, DOOLEY K, BROWN I J, O'REALLY, July 2003 (2003-07-01), pages 689 - 690, XP009113703, ISBN: 978-0-596-00367-8 *

Similar Documents

Publication Publication Date Title
US11916933B2 (en) Malware detector
US8095683B2 (en) Method and system for mirroring dropped packets
US9954873B2 (en) Mobile device-based intrusion prevention system
US6219786B1 (en) Method and system for monitoring and controlling network access
US9525696B2 (en) Systems and methods for processing data flows
US9800608B2 (en) Processing data flows with a data flow processor
JP4906504B2 (en) Intelligent integrated network security device
US7979368B2 (en) Systems and methods for processing data flows
US8135657B2 (en) Systems and methods for processing data flows
US20080163333A1 (en) Method and apparatus for dynamic anomaly-based updates to traffic selection policies in a switch
US20060123481A1 (en) Method and apparatus for network immunization
US20110238855A1 (en) Processing data flows with a data flow processor
US20110231564A1 (en) Processing data flows with a data flow processor
US20110213869A1 (en) Processing data flows with a data flow processor
EP2442525A1 (en) Systems and methods for processing data flows
WO2009142854A2 (en) Method and apparatus to index network traffic meta-data
US20070289014A1 (en) Network security device and method for processing packet data using the same
US20080104688A1 (en) System and method for blocking anonymous proxy traffic
Trost Practical intrusion analysis: prevention and detection for the twenty-first century
Lahmadi et al. A framework for automated exploit prevention from known vulnerabilities in voice over IP services
Armoogum et al. Survey of practical security frameworks for defending SIP based VoIP systems against DoS/DDoS attacks
WO2010013098A1 (en) Data path debugging
Lee et al. NetPiler: Detection of ineffective router configurations
Erlacher Efficient intrusion detection in high-speed networks.
Bul'ajoul Performance of Network Intrusion Detection and Prevention Systems in Highspeed Environments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08875835

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08875835

Country of ref document: EP

Kind code of ref document: A1