摘要:
A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.
摘要:
A method may include receiving a packet associated with a flow of packets, the packet including a destination address; selecting one of a plurality of memory banks, the selected memory bank being associated with the flow of packets, wherein each of the plurality of memory banks stores the same next-hop information for forwarding the packet to the destination address; accessing, in the selected memory bank, the next-hop information for forwarding the packet to the destination address; and forwarding the packet to the destination address based on the next-hop information.
摘要:
A network device comprises a service card (e.g., a lawful intercept (LI) service card) executing a communication protocol to receive, from one or more sources (e.g., law enforcement agents), intercept information specifying at least one destination and criteria for matching one or more packet flows. The network device further includes a network interface card to receive a packet from a network, and a control unit to provide the packet from the interface card to the LI service card. The LI service card executes a flow match detection module that, when the packet matches the criteria of the intercept information, forwards the packet to the destination specified by the intercept information. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow LEAs to tap packet flows with little delay after specifying intercept information, e.g., within 50 milliseconds, even under high-volume networks.
摘要:
A method is provided for handling member link state changes in an aggregate interface. An aggregate interface may be established to include a number of member links. A mask may be associated with the aggregate interface, where the mask identifies a current state of each member link in the aggregate interface. The mask is retrieved and used to identify active links in the aggregate interface when packets are received for forwarding on the aggregate interface.
摘要:
A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.
摘要:
A method may include receiving a packet associated with a flow of packets, the packet including a destination address; selecting one of a plurality of memory banks, the selected memory bank being associated with the flow of packets, wherein each of the plurality of memory banks stores the same next-hop information for forwarding the packet to the destination address; accessing, in the selected memory bank, the next-hop information for forwarding the packet to the destination address; and forwarding the packet to the destination address based on the next-hop information.