APPLICATION VISIBILITY IN LAYER 3 NETWORKS
A device may receive configuration information for generating an application probe. The application probe may be used to request network information, associated with an application, from network devices. The device may determine, based on the configuration information, traffic parameters associated with the application. The device may determine a requested type of network information to be requested from the network devices. The device may generate the application probe by including, in the application probe, the traffic parameters and information identifying the requested type of network information. The device may transmit the application probe to a network device of the network devices. The device may receive, from the network device and based on transmitting the application probe, a value associated with the requested type of network information.
In computer networks, network management refers to the activities, methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems. Network management may be used to control a manner in which network traffic is processed by network devices included in a network.
SUMMARYAccording to some possible implementations, a device may receive configuration information for generating an application probe. The application probe may be used to request network information, associated with an application, from network devices. The device may determine, based on the configuration information, traffic parameters associated with the application. The device may determine a requested type of network information to be requested from the network devices. The device may generate the application probe by including, in the application probe, the traffic parameters and information identifying the requested type of network information. The device may transmit the application probe to a network device of the network devices. The device may receive, from the network device and based on transmitting the application probe, a value associated with the requested type of network information.
According to some possible implementations, a computer-readable medium may store instructions that, when executed by a processor, cause the processor to receive configuration information for generating an application probe. The application probe may be used to request network information, associated with an application, from network devices. The instructions may cause the processor to determine, based on the configuration information, traffic parameters that identify a traffic flow associated with the application. The instructions may cause the processor to determine a type of network information to be requested from the network devices. The type of network information may be associated with processing of the application probe by the network devices. The instructions may cause the processor to generate the application probe. The application probe may include the traffic parameters and information identifying the type of network information. The instructions may cause the processor to transmit the application probe to a network device of the network devices. The instructions may cause the processor to receive, from the network device and based on transmitting the application probe, a value corresponding to the type of network information. The instructions may cause the processor to store the value corresponding to the type of network information.
According to some possible implementations, a method may include receiving, by a probing device, configuration information for generating application probes. The application probes may be used to request network information, associated with an application, from network devices. The method may include determining, by the probing device and based on the configuration information, a traffic parameter associated with the application. The method may include determining, by the probing device, a network information type to be requested from the network devices. The method may include generating, by the probing device, the application probes. The application probes may identify the traffic parameter and the network information type. The method may include transmitting, by the probing device, a first application probe, of the application probes, to a first network device of the network devices. The method may include transmitting, by the probing device, a second application probe, of the application probes, to a second network device of the network devices. The method may include receiving, by the probing device and from the first network device, a first value associated with the network information type. The method may include receiving, by the probing device and from the second network device, a second value associated with the network information type. The method may include storing, by the probing device, the first value and the second value.
The following detailed description of example implementations refers to the accompanying drawings. The same reference numbers in different drawings may identify the same or similar elements.
An application provider that provides an application (e.g., a software application, a web application, etc.) may want to monitor attributes of network traffic, associated with the application, as the network traffic is communicated over a network. However, when the network traffic is communicated over the network (e.g., a layer 3 network), information that links the application to the network traffic may be lost. This may make it difficult to link attributes of the network traffic to the application. Implementations described herein assist in monitoring attributes of network traffic associated with an application (e.g., so that an application provider may improve performance of the application).
As further shown in
Application environment 210 may include an environment associated with an application (e.g., a software application, a web application, etc.). Application environment 210 may include one or more hardware devices (e.g., application device 220) that assist in providing and/or managing the application. As an example, application environment 210 may include a data center, a cloud computing environment, a server farm, a server cluster, a private network, etc.
Application device 220 may include one or more devices capable of requesting, receiving, generating, storing, processing, and/or providing network information associated with an application. In some implementations, application device 220 may include a device associated with providing and/or managing an application (e.g., and/or may be located within application environment 210). For example, application device 220 may include a server device (e.g., a web server, an orchestration server, a management server, etc.) or a similar type of device. Additionally, or alternatively, application device 220 may include a device associated with receiving a service provided by an application (e.g., and/or may not be located within application environment 210). For example, application device 220 may include a desktop computer, a laptop computer, a mobile phone (e.g., a smart phone), or the like.
Probing device 230 may include one or more devices capable of generating, storing, processing, and/or transmitting application probes and/or information associated with application probes. For example, probing device 230 may include a server device (e.g., a proxy server, a monitoring server, etc.), a router, a switch, a gateway, a hub, a bridge, a security device (e.g., an intrusion detection device, a firewall, etc.), a load balancing device, or the like. In some implementations, probing device 230 may generate and transmit, to network device(s) 240, application probes for monitoring network traffic associated with an application, and may receive values, for the requested network information, from network device(s) 240.
In some implementations, probing device 230 may be located internal to application environment 210. In some implementations, probing device 230 may be located external to application environment 210 (e.g., within a particular quantity of hops). In some implementations, probing device 230 may be located on a border between application environment 210 and an external network (e.g., network 250).
Network device 240 may include one or more devices (e.g., one or more traffic transfer devices) capable of processing and/or transferring traffic between endpoint devices (e.g., application device 220 that provides an application and a user device that receives a service provided by the application). For example, network device 240 may include a router, a gateway, a switch, a hub, a bridge, a reverse proxy, a firewall, a server (e.g., a proxy server), a security device, an intrusion detection device, a load balancer, or a similar type of device. Network device 240 may receive an application probe from probing device 230 (and/or via one or more other network devices 240), may determine network information requested via the application probe, and may provide the requested network information to probing device 230.
Network 250 may include one or more wired and/or wireless networks. For example, network 250 may include a cellular network, a public land mobile network (PLMN), a wireless local area network (e.g., a Wi-Fi network), a local area network (LAN), a wide area network (WAN), a metropolitan area network (MAN), a telephone network (e.g., the Public Switched Telephone Network (PSTN)), a private network, an ad hoc network, an intranet, the Internet, a fiber optic-based network, a cloud computing network, and/or a combination of these or another type of network.
The number and arrangement of devices and networks shown in
Bus 310 may include a component that permits communication among the components of device 300. Processor 320 may include a processor (e.g., a central processing unit (CPU), a graphics processing unit (GPU), an accelerated processing unit (APU), etc.), a microprocessor, and/or any processing component (e.g., a field-programmable gate array (FPGA), an application-specific integrated circuit (ASIC), etc.) that interprets and/or executes instructions. Memory 330 may include a random access memory (RAM), a read only memory (ROM), and/or another type of dynamic or static storage device (e.g., a flash memory, a magnetic memory, an optical memory, etc.) that stores information and/or instructions for use by processor 320.
Storage component 340 may store information and/or software related to the operation and use of device 300. For example, storage component 340 may include a hard disk (e.g., a magnetic disk, an optical disk, a magneto-optic disk, a solid state disk, etc.), a compact disc (CD), a digital versatile disc (DVD), a floppy disk, a cartridge, a magnetic tape, and/or another type of computer-readable medium, along with a corresponding drive.
Input component 350 may include a component that permits device 300 to receive information, such as via user input (e.g., a touch screen display, a keyboard, a keypad, a mouse, a button, a switch, a microphone, etc.). Additionally, or alternatively, input component 350 may include a sensor for sensing information (e.g., a global positioning system (GPS) component, an accelerometer, a gyroscope, an actuator, etc.). Output component 360 may include a component that provides output information from device 300 (e.g., a display, a speaker, one or more light-emitting diodes (LEDs), etc.).
Communication interface 370 may include a transceiver-like component (e.g., a transceiver, a separate receiver and transmitter, etc.) that enables device 300 to communicate with other devices, such as via a wired connection, a wireless connection, or a combination of wired and wireless connections. Communication interface 370 may permit device 300 to receive information from another device and/or provide information to another device. For example, communication interface 370 may include an Ethernet interface, an optical interface, a coaxial interface, an infrared interface, a radio frequency (RF) interface, a universal serial bus (USB) interface, a Wi-Fi interface, a cellular network interface, or the like.
Device 300 may perform one or more processes described herein. Device 300 may perform these processes in response to processor 320 executing software instructions stored by a computer-readable medium, such as memory 330 and/or storage component 340. A computer-readable medium is defined herein as a non-transitory memory device. A memory device includes memory space within a single physical storage device or memory space spread across multiple physical storage devices.
Software instructions may be read into memory 330 and/or storage component 340 from another computer-readable medium or from another device via communication interface 370. When executed, software instructions stored in memory 330 and/or storage component 340 may cause processor 320 to perform one or more processes described herein. Additionally, or alternatively, hardwired circuitry may be used in place of or in combination with software instructions to perform one or more processes described herein. Thus, implementations described herein are not limited to any specific combination of hardware circuitry and software.
The number and arrangement of components shown in
As shown in
The configuration information may include, for example, an application identifier that includes one or more traffic parameters for identifying the application as being associated with a packet. For example, an application identifier may include a source network address (e.g., a media access control (MAC) address, an internet protocol (IP) address, a device identifier, etc.) associated with the application (e.g., a source network address that identifies a device that provides the application, such as application device 220), a destination network address associated with the application (e.g., that identifies a destination device to receive application information), a port identifier associated with the application (e.g., a source port identifier, a destination port identifier, etc.), a protocol identifier associated with the application (e.g., information that identifies a protocol via which application information is transmitted, such as transport control protocol (TCP), user datagram protocol (UDP), SIGTRAN protocol, a web traffic frame, an encrypted web traffic frame, etc.), or the like. In some implementations, the application identifier may include information that identifies a traffic flow via which application packets are carried. Additionally, or alternatively, the application identifier may include information associated with a tunnel via which application packets are carried (e.g., a tunnel identifier, tunnel endpoint identifiers, a type of tunnel, a protocol for the tunnel, etc.).
Additionally, or alternatively, the configuration information may include monitoring information that identifies a manner in which probing device 230 is to monitor network information associated with the application. For example, the monitoring information may indicate a start time for monitoring the network information (e.g., a start time at which application probes are to be transmitted to network devices 240), an end time for monitoring the network information (e.g., an end time at which probing device 230 is to stop transmitting application probes), a time period during which probing device 230 is to monitor the network information, a quantity of network devices 240 from which to request network information (e.g., a quantity of hops to which application probes are to be sent), etc.
The configuration information may identify a type of network information to be requested from network devices 240, in some implementations. Network information may include information associated with network traffic being processed by network device 240. Additionally, or alternatively, network information may include information associated with processing the application probe (e.g., by network device 240). For example, network information may include a measure of bandwidth utilization of network device 240 (e.g., an average bandwidth utilization for all network traffic, a bandwidth utilization on a particular interface via which the application probe is input and/or output, etc.), a measure of central processing unit (CPU) utilization of network device 240, a quantity of network traffic being processed by network device 240, a measure of latency associated with network traffic and/or an application probe processed by network device 240 (e.g., an average latency, a maximum latency, a minimum latency, a switching latency, etc.), a measure of jitter associated with the network traffic, a packet drop rate associated with the network traffic and/or the application probe, a queue utilization of network device 240, information that identifies a path for the network traffic and/or the application probe (e.g., a path through one or more network devices 240, such as an equal-cost multi-path (ECMP) routing path), load balancing information (e.g., an ECMP bucket utilization for detecting fair load balancing), a click synchronization protocol used by network device 240 (e.g., a precision time protocol (PTP), etc.), etc.
In some implementations, the configuration information may identify a set (e.g., one or more) of the above types of network information, or other types of network information, to be requested from network devices 240. Additionally, or alternatively, the user may use a group identifier to select a set of network information types, and the group identifier may be provided to probing device 230. Probing device 230 may use the group identifier to identify the set of network information types to be requested. For example, the user may provide an indication to collect information associated with a traffic flow (e.g., application-centric information), information associated with an overlay, such as a tunnel (e.g., application overlay information), etc.
As further shown in
For example, probing device 230 may include, in a payload of the packet, an application probing header that indicates that network information is to be returned by network device 240, and/or that identifies a type of network information to be returned. In some implementations, probing device 230 may generate the application probe using a protocol specified in the configuration information (e.g., a same protocol as application packets). Additionally, or alternatively, probing device 230 may generate the application probe by encapsulating the payload (e.g., using IP encapsulation and/or application-level encapsulation).
In some implementations, probing device 230 may insert expiration information in the application probe. Network device 240 may use the expiration information to determine whether to provide the requested network information. For example, if the expiration information indicates that the application probe (e.g., a packet) expires upon being received by a particular network device 240, then the particular network device 240 may detect this expiration, and may provide the requested network information. The expiration information may identify an expiration condition that causes the application probe to expire (e.g., a particular amount of time after which the application probe expires, a particular quantity of hops after which the application probe expires, etc.).
In some implementations, the expiration information may include a time-to-live (TTL) indicator. The TTL indicator may indicate a time period for application probe expiration, and/or may indicate a quantity of hops after which the application probe expires. Probing device 230 may generate multiple application probes for a particular application, and different application probes may have different TTL indicators. For example, probing device 230 may generate a first application probe with a TTL indicator of one, indicating that the application probe expires upon reaching a first network device 240 that is one hop away from probing device 230. Similarly, probing device 230 may generate a second application probe with a TTL indicator of two, indicating that the application probe expires upon reaching a second network device 240 that is two hops away from probing device 230. In this way, probing device 230 may gather end-to-end network information from multiple network devices 240.
As further shown in
In this way, probing device 230 may use simulated application packets, in the form of application probes, to collect network information that indicates a manner in which actual application packets (e.g., that carry application information) are processed in a network (e.g., by network devices 240). Thus, probing device 230 may collect network information relating to an application layer (e.g., layer 4) using application probes in a network layer (e.g., layer 3).
Although
As shown in
As shown in
As shown by reference number 540, assume that probing device 230 transmits the application probes over a network. As shown by reference number 550, since Probe 1 has a TTL indicator of one (e.g., will expire at the first hop reached), a first network device 240, shown as Network Device 1, may receive Probe 1 and send the requested network information back to probing device 230, as described in more detail elsewhere herein. As shown by reference number 560, since Probe 2 has a TTL indicator of two (e.g., will expire at the second hop reached). Network Device 1 may transmit Probe 2 to a second network device 240, shown as Network Device 2. Network device 2 may receive Probe 2, and may send the requested network information back to probing device 230, as described in more detail elsewhere herein.
Since the application probes include an application identifier for the application to be monitored (e.g., since an application probe simulates an application packet), network devices 240 may process the application probes as if the application probes were actual application packets that carry application information. In this way, probing device 230 may gather network information that indicates a manner in which actual application packets are processed in a network (e.g., a layer 3 network).
As indicated above.
As shown in
As further shown in
As further shown in
As further shown in
As further shown in
Additionally, or alternatively, probing device 230 may aggregate network information associated with multiple application probes, and may provide the aggregated network information to application device 220. For example, probing device 230 may aggregate network information, associated with a particular application, received from multiple network devices 240. Additionally, or alternatively, probing device 230 may perform a calculation using network information received from multiple network devices 240, to determine an end-to-end treatment of application packets. For example, probing device 230 may determine an average value (e.g., an average latency across multiple network devices 240, an average bandwidth utilization, etc.), may determine a maximum value (e.g., a maximum value of a particular type of network information), may determine a minimum value (e.g., a minimum value of a particular type of network information), or the like.
In this way, application device 220 may use the aggregated network information to improve application performance. For example, application device 220 may use the network information to execute (e.g., launch) an application in an intelligent manner, may use the network information to improve performance of an application that is already executing, etc.
Although
As shown in
As shown in
As shown by reference number 750, assume that probing device 230 provides the network information and/or the aggregated network information to application device 220. As shown by reference number 760, assume that application device 220 modifies delivery of the application based on the received network information. In this way, application device 220 may use network information, relating to a manner in which application packets are processed by network devices 240, to manage an application.
As indicated above,
Implementations described herein assist in monitoring attributes of network traffic associated with an application (e.g., so that an application provider may improve performance of the application).
The foregoing disclosure provides illustration and description, but is not intended to be exhaustive or to limit the implementations to the precise form disclosed. Modifications and variations are possible in light of the above disclosure or may be acquired from practice of the implementations.
As used herein, the term component is intended to be broadly construed as hardware, firmware, and/or a combination of hardware and software.
As used herein, a packet may refer to a network packet, a frame, a datagram, a segment, a fragment of a packet, a fragment of a frame, a fragment of a datagram, a fragment of a segment, or any other formatted or unformatted unit of data capable of being transmitted via a network.
Some implementations are described herein in connection with thresholds. As used herein, satisfying a threshold may refer to a value being greater than the threshold, more than the threshold, higher than the threshold, greater than or equal to the threshold, less than the threshold, fewer than the threshold, lower than the threshold, less than or equal to the threshold, equal to the threshold, etc.
It will be apparent that systems and/or methods, described herein, may be implemented in different forms of hardware, firmware, or a combination of hardware and software. The actual specialized control hardware or software code used to implement these systems and/or methods is not limiting of the implementations. Thus, the operation and behavior of the systems and/or methods were described herein without reference to specific software code—it being understood that software and hardware can be designed to implement the systems and/or methods based on the description herein.
Even though particular combinations of features are recited in the claims and/or disclosed in the specification, these combinations are not intended to limit the disclosure of possible implementations. In fact, many of these features may be combined in ways not specifically recited in the claims and/or disclosed in the specification. Although each dependent claim listed below may directly depend on only one claim, the disclosure of possible implementations includes each dependent claim in combination with every other claim in the claim set.
No element, act, or instruction used herein should be construed as critical or essential unless explicitly described as such. Also, as used herein, the articles “a” and “an” are intended to include one or more items, and may be used interchangeably with “one or more.” Furthermore, as used herein, the term “set” is intended to include one or more items, and may be used interchangeably with “one or more.” Where only one item is intended, the term “one” or similar language is used. Also, as used herein, the terms “has.” “have,” “having.” or the like are intended to be open-ended terms. Further, the phrase “based on” is intended to mean “based, at least in part, on” unless explicitly stated otherwise.
Claims
1-20. (canceled)
21. A method comprising:
- receiving, by a network device, an application probe;
- determining, by the network device, that the application probe has expired;
- determining, by the network device and based on determining that the application probe has expired, information requested via the application probe; and
- providing, by the network device, the information requested via the application probe.
22. The method of claim 21, where the application probe comprises expiration information; and
- where determining that the application probe has expired comprises: determining that the application probe has expired based on reading the expiration information.
23. The method of claim 22, where the expiration information comprises a time-to-live (TTL) indicator, and
- where determining that the application probe has expired comprises: determining that the application probe has expired based on the TTL indicator.
24. The method of claim 21, where providing the information requested via the application probe comprises:
- reading a payload of the application probe to identify the information requested via the application probe.
25. The method of claim 21, where the application probe comprises expiration information comprising an expiration condition,
- the expiration condition indicating at least one of: an amount of time after which the application probe expires, or a quantity of hops after which the application probe expires.
26. The method of claim 21, where providing the information requested via the application probe comprises:
- inserting the information, requested via the application probe, in a return packet, the return packet comprising a time-to-live (TTL) indicator.
27. The method of claim 26, where the return packet comprises a payload; and
- where inserting the information, requested via the application probe, in the return packet comprises: encapsulating the payload using an Internet Control Message Protocol (ICMP) header, the ICMP header including at least one of: an application identifier, a device identifier for the network device, or a device identifier for a probing device.
28. A computer-readable medium storing instructions, the instructions comprising:
- one or more instructions that, when executed by one or more processors of a network device, cause the one or more processors to: receive an application probe; determine that the application probe has expired; determine, based on determining that the application probe has expired, information requested via the application probe; and provide the information requested via the application probe.
29. The computer-readable medium of claim 28, where the application probe comprises expiration information; and
- where the one or more instructions, that cause the one or more processors to determine that the application probe has expired, are to: determine that the application probe has expired based on reading the expiration information.
30. The computer-readable medium of claim 29, where the expiration information comprises a time-to-live (TTL) indicator; and
- where the one or more instructions, that cause the one or more processors to determine that the application probe has expired, are to: determine that the application probe has expired based on the TTL indicator.
31. The computer-readable medium of claim 28, where the one or more instructions, that cause the one or more processors to provide the information requested via the application probe, are to:
- read a payload of the application probe to identify the information requested via the application probe.
32. The computer-readable medium of claim 28, where the application probe comprises expiration information comprising an expiration condition,
- the expiration condition indicating at least one of: an amount of time after which the application probe expires, or a quantity of hops after which the application probe expires.
33. The computer-readable medium of claim 28, where the one or more instructions, that cause the one or more processors to provide the information requested via the application probe, are to:
- insert the information, requested via the application probe, in a return packet, the return packet comprising a time-to-live (TTL) indicator.
34. The computer-readable medium of claim 33, where the return packet comprises a payload; and
- where the one or more instructions, that cause the one or more processors to insert the information, requested via the application probe, in the return packet, are to: encapsulate the payload using an Internet Control Message Protocol (ICMP) header, the ICMP header including at least one of: an application identifier, a device identifier for the network device, or a device identifier for a probing device.
35. A device, comprising:
- one or more memories; and
- one or more processors, communicatively coupled to the one or more memories, to: receive an application probe; determine that the application probe has expired; determine, based on determining that the application probe has expired, information requested via the application probe; and provide the information requested via the application probe.
36. The device of claim 35, where the application probe comprises expiration information; and
- where the one or more processors, when determining that the application probe has expired, are to: determine that the application probe has expired based on reading the expiration information.
37. The device of claim 36, where the expiration information comprises a time-to-live (TTL) indicator; and
- where the one or more processors, when determining that the application probe has expired, are to: determine that the application probe has expired based on the TTL indicator.
38. The device of claim 35, where the one or more processors, when providing the information requested via the application probe, are to:
- read a payload of the application probe to identify the information requested via the application probe.
39. The device of claim 35, where the application probe comprises expiration information comprising an expiration condition,
- the expiration condition indicating at least one of: an amount of time after which the application probe expires, or a quantity of hops after which the application probe expires.
40. The device of claim 35,
- where the one or more processors, when providing the information requested via the application probe, are to: insert the information, requested via the application probe, in a return packet, the return packet comprising a time-to-live (TTL) indicator;
- where the return packet comprises a payload; and
- where the one or more processors, when inserting the information, requested via the application probe, in the return packet, are to: encapsulate the payload using an Internet Control Message Protocol (ICMP) header, the ICMP header including at least one of: an application identifier, a device identifier for the device, or a device identifier for a probing device.
Type: Application
Filed: Mar 13, 2017
Publication Date: Jun 29, 2017
Inventors: Jainendra Kumar (Fremont, CA), Raghu Ram REDDY MAVILLAPALLY (Sunnyvale, CA)
Application Number: 15/457,317