公开(公告)号：US10887251B2

公开(公告)日：2021-01-05

申请号：US16130560

申请日：2018-09-13

Applicant: International Business Machines Corporation ,  Napatech A/S

Inventor： Wayne F. Tackabury ,  Russell Couturier ,  William A. Bird ,  Thomas D. Silliman ,  Alex Omo Agerholm ,  Michael Milde Lilja ,  Peter Dahl Ekner ,  Philip Due Soeberg

IPC: G01R31/08 ,  G06F11/00 ,  G08C15/00 ,  H04J1/16 ,  H04J3/14 ,  H04L1/00 ,  H04L12/26 ,  H04L12/947 ,  H04L12/42 ,  H04L12/703 ,  H04L12/24

Abstract: Embodiments are directed to a method of implementing a packet capture ring. The packet capture ring includes a plurality of appliances, and the plurality of appliances includes a first appliance and a second appliance. The first appliance and the second appliance are both attached to a network tap, and the first appliance works as a master appliance. The master appliance ingests packets from the network tap, encapsulates the packets and forwards encapsulated packets in the packet capture ring. The method includes: detecting, by the second appliance, a failure of the first appliance; working, by the second appliance, as the master appliance; and removing, by the second appliance, the first appliance from a forwarding designation list.

公开(公告)号：US10601729B2

公开(公告)日：2020-03-24

申请号：US16018973

申请日：2018-06-26

Applicant: International Business Machines Corporation ,  Napatech A/S

Inventor： William A. Bird ,  Russell Couturier ,  Thomas D. Silliman ,  Wayne Tackabury ,  Alex Omo Agerholm ,  Michael Milde Lilja ,  Peter Dahl Ekner ,  Philip Due Soeberg

IPC: H04L12/923 ,  H04L12/26 ,  H04L12/861 ,  H04L12/911 ,  H04L29/06 ,  H04L12/801 ,  H04L12/42 ,  H04L12/703

Abstract: Embodiments are directed to a packet capture ring that provides a single network tap for packet capture and a series of processors (or appliances) for handling serialization and search request processing in a confederated and highly scalable manner. One such appliance (a “primary” appliance) maintains a tap port to the network. Each packet capture appliance has a locally attached repository that stores raw packets and a juxtaposed index that allows for retrieval of those packets. The primary appliance sends a single copy of encapsulated packets in opposite directions around the ring to its descendants. A designation is made across the system as to a “currently designated” appliance for servicing requests for indexing and storage of captured packets. This current designation shifts from appliance to appliance in the system, as a “previously designated” appliance has its storage capacity filled.

公开(公告)号：US20200092227A1

公开(公告)日：2020-03-19

申请号：US16130560

申请日：2018-09-13

Applicant: International Business Machines Corporation ,  Napatech A/S

Inventor： Wayne F. Tackabury ,  Russell Couturier ,  William A. Bird ,  Thomas D. Silliman ,  Alex Omo Agerholm ,  Michael Milde Lilja ,  Peter Dahl Ekner ,  Philip Due Soeberg

IPC: H04L12/947 ,  H04L12/26 ,  H04L12/42 ,  H04L12/703 ,  H04L12/24

Abstract: Embodiments are directed to a method of implementing a packet capture ring. The packet capture ring includes a plurality of appliances, and the plurality of appliances includes a first appliance and a second appliance. The first appliance and the second appliance are both attached to a network tap, and the first appliance works as a master appliance. The master appliance ingests packets from the network tap, encapsulates the packets and forwards encapsulated packets in the packet capture ring. The method includes: detecting, by the second appliance, a failure of the first appliance; working, by the second appliance, as the master appliance; and removing, by the second appliance, the first appliance from a forwarding designation list.

公开(公告)号：US20180095981A1

公开(公告)日：2018-04-05

申请号：US15281208

申请日：2016-09-30

Applicant: Napatech A/S

Inventor： Hans-Martin Brændmose Jensen ,  Michael Milde Lilja

IPC: G06F17/30

CPC classification number: G06F16/1724

Abstract: The invention relates to a method for storing files in a data storage. The method comprises steps of providing the data storage with a plurality of data files all having the same predetermined size and a step of subsequently storing new data in the data storage by including the new data in a new data file having the predetermined size and overwriting an existing data file with the new data file.

公开(公告)号：US10467196B2

公开(公告)日：2019-11-05

申请号：US15281208

申请日：2016-09-30

Applicant: Napatech A/S

Inventor： Hans-Martin Brændmose Jensen ,  Michael Milde Lilja

IPC: G06F7/00 ,  G06F16/17

Abstract: The invention relates to a method for storing files in a data storage. The method comprises steps of providing the data storage with a plurality of data files all having the same predetermined size and a step of subsequently storing new data in the data storage by including the new data in a new data file having the predetermined size and overwriting an existing data file with the new data file.

公开(公告)号：US10250511B2

公开(公告)日：2019-04-02

申请号：US15179442

申请日：2016-06-10

Applicant: Napatech A/S ,  International Business Machines Corporation

Inventor： William A. Bird ,  Russell Couturier ,  Vijay Dheap ,  Patrick V. Johnstone ,  Ben A. Wuest ,  Alex Omø Agerholm

IPC: H04L12/26 ,  H04L12/851 ,  H04L12/853 ,  H04L29/06

Abstract: Embodiments provide a system and method for network tracking. By using packet capture applications having a flow identifier and a time stamper, one or more raw packets from one or more packet flows intercepted from a network can be tagged with a unique identifier and timestamp that can later be used to aggregate packet flows that have been analyzed by one or more capture applications. The unique identifier can relate to the network interface of the particular capture application and can also have an increasing value, where the increase in value can be monotonic. Later capture applications, while capable of generating secondary timestamps, can disregard those secondary timestamps for the primary timestamp of the first capture application in order to remove complications arising from latency issues.

公开(公告)号：US10211939B2

公开(公告)日：2019-02-19

申请号：US14900001

申请日：2014-06-27

Applicant: Napatech A/S

Inventor： Nicolai Asbjørn Smitt

IPC: H04J3/06 ,  H04L7/00 ,  G06F5/06

Abstract: Forwarding points in time of a clock over a clock boundary is performed by launching the points in time into a buffer, such as a FIFO, in the first clock domain. The oldest point in time is fed into a FIFO or delay line in the other clock domain, which FIFO or delay line comprises a plurality of received points in time, which are shifted through the FIFO or delay line over time. An estimate of a point in time in the second clock domain is derived from a plurality of the points in time in the delay line/FIFO, such as from a mean value thereof. This point in time may be compensated for a known delay in order for this determined point in time to be identical to or close to an actual point in time of the first clock in the first clock domain.

公开(公告)号：US20170005730A1

公开(公告)日：2017-01-05

申请号：US15114307

申请日：2015-01-08

Applicant: NAPATECH A/S

Inventor： Sune Graves Krohn

IPC: H04B10/116 ,  H01R13/73 ,  H04B10/50 ,  H01R13/717

CPC classification number: H04B10/116 ,  H01R13/7172 ,  H01R13/7175 ,  H01R13/73 ,  H01R2201/04 ,  H04B10/503

Abstract: A network card or the like with two or more connectors having reflecting sides, where a light emitter is positioned between or behind the connectors and emit light toward the reflecting sides which act as a wave guide and guide the light to an opening between the connectors and toward the surroundings.

Abstract translation: 具有两个或多个具有反射侧的连接器的网卡等，其中发光器位于连接器之间或之后，并且朝向作为波导的反射侧发光，并将光引导到连接器之间的开口和 朝向周围。

公开(公告)号：US20160277322A1

公开(公告)日：2016-09-22

申请号：US15034252

申请日：2014-11-11

Applicant: NAPATECH A/S

Inventor： Jens Christophersen

IPC: H04L12/935 ,  H04L12/741 ,  H04L12/861

CPC classification number: H04L49/3036 ,  H04L45/74 ,  H04L49/00 ,  H04L49/9078

Abstract: A system and a method for analysing a plurality of data packets where the data packets are analysed to determine which of a number of subsequent process(es) is/are to further analyse the data packets. Information identifying the subsequent process(es) is added to a FIFO. An unknown data packet type is not immediately recognizable, whereby a storage location is reserved in the FIFO, and the data packet is fed to a separate characterizing process deriving the information relating to the relevant process(es), which information is subsequently fed to the relevant storage location in the FIFO, so that the order of data packets represented in the FIFO is the order of receipt of the data packets. From the FIFO, information is fed to a work list or storage of the relevant subsequent processes to process the pertaining data packets. This processing may also be in the chronological order of receipt of the data packets.

Abstract translation: 一种用于分析数据分组被分析的多个数据分组的系统和方法，以确定多个后续处理中的哪一个是/进一步分析数据分组。 识别后续过程的信息被添加到FIFO。 未知数据分组类型不能被立即识别，由此在FIFO中保留存储位置，并且将数据分组馈送到导出与相关进程相关的信息的单独特征化过程，该信息随后被馈送到 FIFO中的相关存储位置，使得在FIFO中表示的数据分组的顺序是接收数据分组的顺序。 从FIFO中，将信息馈送到相关后续处理的工作列表或存储器以处理相关数据分组。 该处理也可以是接收数据分组的时间顺序。

公开(公告)号：US20160142167A1

公开(公告)日：2016-05-19

申请号：US14900001

申请日：2014-06-27

Applicant: NAPATECH A/S

Inventor： Nicolai Asbjørn Smitt

IPC: H04J3/06 ,  G06F5/06

CPC classification number: H04J3/06 ,  G06F5/065 ,  G06F2205/067 ,  H04J3/0697 ,  H04L7/005

Abstract: Forwarding points in time of a clock over a clock boundary is performed by launching the points in time into a buffer, such as a FIFO, in the first clock domain. The oldest point in time is fed into a FIFO or delay line in the other clock domain, which FIFO or delay line comprises a plurality of received points in time, which are shifted through the FIFO or delay line over time. An estimate of a point in time in the second clock domain is derived from a plurality of the points in time in the delay line/FIFO, such as from a mean value thereof. This point in time may be compensated for a known delay in order for this determined point in time to be identical to or close to an actual point in time of the first clock in the first clock domain.

Abstract translation: 通过在时钟边界上的时钟上的转发时间点，通过在第一时钟域中将时间点发送到诸如FIFO的缓冲器中来执行。 最早的时间点被馈送到另一个时钟域中的FIFO或延迟线，该FIFO或延迟线包括多个接收的时间点，这些时间点经过FIFO或延迟线被移位。 第二时钟域中的时间点的估计从延迟线/ FIFO中的多个时间点导出，例如从其平均值。 这个时间点可以被补偿已知的延迟，以使该确定的时间点与第一时钟域中的第一时钟的实际时间点相同或接近。