Search

US-20260128950-A1 - Unified Network Entity

US20260128950A1US 20260128950 A1US20260128950 A1US 20260128950A1US-20260128950-A1

Abstract

A network entity aggregation system may obtain different information for entities of a network from various sources of network entity information. The network entity aggregation system may generate a list of unified network entities including a corresponding record for each unified network entity. Unified network entity information and/or aggregated network information of the unified network entities may be presented to a user via a web interface and/or provided to applications and/or services.

Inventors

  • Justin Costa-Roberts
  • Charles Yixuan Ding
  • Ilwon Seo

Assignees

  • ARISTA NETWORKS, INC.

Dates

Publication Date
20260507
Application Date
20260105

Claims (20)

  1. 1 . A method for aggregating network entity information, the method comprising: receiving first table entries of a first table stored by a first network device, the first table entries identifying a first set of network entities and including first information for a given network entity; receiving second table entries of a second table stored by a second network device, the second table entries identifying a second set of network entities and including second information for the given network entity; and generating a global table based on the first and second table entries by combining the first information for the given network entity and the second information for the given network entity to generate combined information and associating the combined information with a unified entity.
  2. 2 . The method defined in claim 1 , wherein the first and second table entries include same table entries and wherein the global table is generated by reconciling the same table entries into resulting entries stored in the global table.
  3. 3 . The method defined in claim 1 , wherein the first table is a local table specific to the first network device and wherein the second table is a local table specific to the second network device.
  4. 4 . The method defined in claim 3 , wherein the first and second table entries are received from server equipment configured to collect information from the first and second network devices.
  5. 5 . The method defined in claim 3 , wherein the first and second table entries are received directly from the first and second network devices.
  6. 6 . The method defined in claim 1 , wherein the first table is specific to a first network portion of a network, wherein the second table is specific to a second network portion of the network, and wherein the global table includes information for the network.
  7. 7 . The method defined in claim 6 , wherein the first and second tables are each a local Address Resolution Protocol (ARP) table and the global table is a global ARP table indicating Internet Protocol (IP) address to Media Access Control (MAC) address mappings in the network.
  8. 8 . The method defined in claim 6 , wherein the first and second tables are each a local network access control table and the global table is a global network access control table indicating authenticated entities in the network.
  9. 9 . The method defined in claim 6 , wherein the first and second tables are each a local wireless network client table and the global table is a global wireless network client table indicating wireless network clients connected to the network.
  10. 10 . The method defined in claim 1 further comprising: supplying global information indicated by the global table as output via an application programming interface to an external application or an external service.
  11. 11 . The method defined in claim 1 further comprising: supplying global information indicated by the global table as output to a web server for presentation on one or more web pages.
  12. 12 . A network entity aggregation system comprising: one or more input-output interfaces; memory circuitry; and processing circuitry configured to: receive, via the one or more input-output interfaces, network entity information from a plurality of sources, the network entity information comprising a first local table stored on a first network device and a second local table stored on a second network device; aggregate the network entity information to identify a list of unified network entities by aggregating information from the first and second local tables; store, on the memory circuitry, a global table for the list of unified network entities based on the information aggregated from the first and second local tables; and output, via the one or more input-output interfaces, content in the global table for the list of unified network entities.
  13. 13 . The network entity aggregation system defined in claim 12 , wherein the first table is specific to a first network portion of a network, wherein the second table is specific to a second network portion of the network, and wherein the global table includes information for the network.
  14. 14 . The network entity aggregation system defined in claim 13 , wherein the global table identifies entities by a network protocol, a networking function, or an entity type.
  15. 15 . The network entity aggregation system defined in claim 12 , wherein the processing circuitry is configured to store, on the memory circuitry, an additional global table based on information aggregated from additional network device local tables.
  16. 16 . The network entity aggregation system defined in claim 12 , wherein the processing circuitry is configured to store, on the memory circuitry, a second additional global table based on information aggregated from second additional network device local tables, wherein the global table is a global Address Resolution Protocol (ARP) table, wherein the additional global table is a global network access control table, and wherein the second additional global table is a global wireless network client table.
  17. 17 . A method for obtaining a unified network entity, the method comprising: obtaining, by a network entity aggregation system, first hierarchical classification information indicative of a first representation of a network entity from a first source; obtaining, by the network entity aggregation system, second hierarchical classification information indicative of a second representation of the network entity from a second source; generating, by the network entity aggregation system, a unified network entity entry for the network entity, wherein the unified network entity entry associates the first hierarchical classification information with the second hierarchical classification information; and providing, by the network entity aggregation system, output based on the unified network entity entry.
  18. 18 . The method defined in claim 17 , wherein the first hierarchical classification information provides a first level of classification for the network entity and wherein the second hierarchical classification information provides a second level of classification for the network entity that is more specific than the first level of classification for the network entity.
  19. 19 . The method defined in claim 17 further comprising: obtaining, by the network entity aggregation system, third hierarchical classification information indicative of a third representation of the network entity from the second source, wherein the unified network entity entry associates the third hierarchical classification information with the first and second hierarchical classification information.
  20. 20 . The method defined in claim 17 further comprising: obtaining, by the network entity aggregation system, third hierarchical classification information indicative of a third representation of the network entity from a third source, wherein the third representation of the network entity conflicts with the second representation of the network entity, wherein the unified network entity entry associates the first hierarchical classification information with the second hierarchical classification information based on the second source having higher priority than the third source.

Description

This application is a continuation of U.S. non-provisional patent application No. 18/545,674, filed December 19, 2023, which claims the benefit of U.S. provisional patent application No. 63/547,788, filed November 8, 2023. The disclosures of these applications are hereby incorporated by reference herein in their entireties. BACKGROUND A communication system includes multiple network devices that are interconnected to form a network for conveying network traffic between end hosts. Various types of network entities exist within the network such as host devices and network devices. The same network entity can be identified in different manners (e.g., depending on the network protocols employed) within the network. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a diagram of an illustrative network coupled to a network entity aggregation system in accordance with some embodiments. FIG. 2 is a diagram of an illustrative network entity aggregation system that includes various database(s), application(s), and/or service(s) in accordance with some embodiments. FIG. 3 is a diagram of an illustrative unified network entity record in accordance with some embodiments. FIG. 4 is a diagram of illustrative sources of network entity information in accordance with some embodiments. FIG. 5 is a diagram of illustrative types of network entities for which entity records are maintained in accordance with some embodiments. FIG. 6 is a diagram of illustrative flow information that may be generated for a unified network entity in accordance with some embodiments. FIG. 7 is a diagram of illustrative global information that may be consolidated from local information at various network devices in accordance with some embodiments. FIG. 8 is a diagram of illustrative levels of classification information maintained for a unified network entity in accordance with some embodiments. FIG. 9 is a diagram of illustrative network-location-based information maintained for a unified network entity in accordance with some embodiments. FIG. 10 is a diagram of an illustrative network entity for which corresponding unified entity network-location-based information is maintained in accordance with some embodiments. FIG. 11 is a flowchart of illustrative operations for operating a network entity aggregation system in accordance with some embodiments. DETAILED DESCRIPTION A network can convey network traffic, e.g., in the form of frames, packets, etc., for end hosts. The network can include various network entities such as end hosts from which network traffic is sourced and to which network traffic is destined and network devices that forward the network traffic. Various sources of network entity information gather information about the network entities. However, because the network entity information is often gathered in different network portions, based on different network protocols, and/or generally includes different types of information (e.g., even for the same entity), it may be difficult to provide a coherent view of the network entities within the network. Accordingly, a networking system may be provided with a network entity aggregation system that aggregates information from multiple sources of network entity information. As examples, the sources may include databases for network analysis equipment, for network visibility equipment, and/or for other types of equipment for other network applications, may include packet recorders, sampled packet collectors, and/or other types of storage devices that store network traffic information (e.g., the sampled packet itself, consolidated versions of the packet, packet flow records, etc.), may include network devices, management or controller devices for the network devices, and/or other devices that facilitate operations of the network, may include management equipment for server equipment (e.g., virtual machines implemented on end host equipment) and/or other equipment that facilitate operations of the end hosts, and/or may include other types of devices and/or equipment. In particular, at least some of the sources may operate using different network protocols and therefore store different network protocol data (e.g., in the form of tables or other data structures). Because these sources may store different pieces of information for different network entities (e.g., including different pieces of information for and therefore different representations of the same network entity). The network entity aggregation system may be configured to aggregate the different pieces of information (e.g., create a new unified network entity, combine information for the same network entity or otherwise reconcile multiple representations of the same network entity, etc.) to generate a list of unified network entities. The use of a network entity aggregation system (e.g., the generation of unified network entities and the maintenance of corresponding information about the unified network entities) can help provide a coherent