WO2004062206A3 - Method and apparatus for managing packet flows for multiple network services - Google Patents

Method and apparatus for managing packet flows for multiple network services Download PDF

Info

Publication number
WO2004062206A3
WO2004062206A3 PCT/US2003/032232 US0332232W WO2004062206A3 WO 2004062206 A3 WO2004062206 A3 WO 2004062206A3 US 0332232 W US0332232 W US 0332232W WO 2004062206 A3 WO2004062206 A3 WO 2004062206A3
Authority
WO
WIPO (PCT)
Prior art keywords
flow
network services
multiple network
flow rules
rules
Prior art date
Application number
PCT/US2003/032232
Other languages
French (fr)
Other versions
WO2004062206A2 (en
Inventor
Robert D Bressler
Christoph L Schuba
Michael F Speer
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Priority to GB0511859A priority Critical patent/GB2411543B/en
Priority to JP2004564779A priority patent/JP2006512012A/en
Priority to AU2003284078A priority patent/AU2003284078A1/en
Publication of WO2004062206A2 publication Critical patent/WO2004062206A2/en
Publication of WO2004062206A3 publication Critical patent/WO2004062206A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/20Traffic policing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2425Traffic characterised by specific attributes, e.g. priority or QoS for supporting services specification, e.g. SLA
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2441Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/32Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames

Abstract

One embodiment of the present invention provides a system that facilitates managing network data traffic for multiple network services. During operation, the system receives flow rules for network data traffic from multiple network services, wherein the flow rules can possibly conflict. Next, the system collapses the flow rules from the multiple network services into a consistent set of flow rules in a low-level form that can be efficiently applied to a packet flow. The system subsequently installs the consistent set of flow rules into a flow enforcement device, which applies the consistent set of flow rules to a packet flow received from a high-speed network connection. In this way, the flow rules from the multiple network services can be simultaneously applied to packet flow, instead of being applied separately by each network service.
PCT/US2003/032232 2002-12-23 2003-10-10 Method and apparatus for managing packet flows for multiple network services WO2004062206A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
GB0511859A GB2411543B (en) 2002-12-23 2003-10-10 Method and apparatus for managing packet flows for multiple network services
JP2004564779A JP2006512012A (en) 2002-12-23 2003-10-10 Method and apparatus for managing packet flows for multiple network services
AU2003284078A AU2003284078A1 (en) 2002-12-23 2003-10-10 Method and apparatus for managing packet flows for multiple network services

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/329,016 2002-12-23
US10/329,016 US20040122967A1 (en) 2002-12-23 2002-12-23 Method and apparatus for managing packet flows for multiple network services

Publications (2)

Publication Number Publication Date
WO2004062206A2 WO2004062206A2 (en) 2004-07-22
WO2004062206A3 true WO2004062206A3 (en) 2004-12-16

Family

ID=32594648

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/032232 WO2004062206A2 (en) 2002-12-23 2003-10-10 Method and apparatus for managing packet flows for multiple network services

Country Status (5)

Country Link
US (1) US20040122967A1 (en)
JP (1) JP2006512012A (en)
AU (1) AU2003284078A1 (en)
GB (1) GB2411543B (en)
WO (1) WO2004062206A2 (en)

Families Citing this family (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060015942A1 (en) 2002-03-08 2006-01-19 Ciphertrust, Inc. Systems and methods for classification of messaging entities
US8578480B2 (en) 2002-03-08 2013-11-05 Mcafee, Inc. Systems and methods for identifying potentially malicious messages
US8561167B2 (en) 2002-03-08 2013-10-15 Mcafee, Inc. Web reputation scoring
US20040177139A1 (en) * 2003-03-03 2004-09-09 Schuba Christoph L. Method and apparatus for computing priorities between conflicting rules for network services
US7561578B2 (en) * 2003-11-13 2009-07-14 Cryptek, Inc. System and method for traversing metadata across multiple network domains at various layers of the protocol stack
US7512071B2 (en) * 2004-06-15 2009-03-31 Sun Microsystems, Inc. Distributed flow enforcement
US7760730B2 (en) * 2004-06-15 2010-07-20 Oracle America, Inc. Rule set verification
US7505463B2 (en) * 2004-06-15 2009-03-17 Sun Microsystems, Inc. Rule set conflict resolution
GB2415342B (en) * 2004-06-15 2006-08-16 Sun Microsystems Inc Resolving conflicts between rule sets with subsets for which priority is expressed by ordered precedence and longest prefix
US8635690B2 (en) 2004-11-05 2014-01-21 Mcafee, Inc. Reputation based message processing
US7143006B2 (en) * 2005-03-23 2006-11-28 Cisco Technology, Inc. Policy-based approach for managing the export of network flow statistical data
US20090064395A1 (en) * 2005-04-20 2009-03-12 Dow Debra A Accessories for apparel
EP1793537B1 (en) * 2005-12-02 2009-03-25 Alcatel Lucent Network node with modular multistage packet classification
JP4518070B2 (en) * 2006-11-22 2010-08-04 ヤマハ株式会社 Packet filter verification packet generation method, verification packet generation device, verification packet generation program, packet filter test method, packet filter test device
US8929360B2 (en) * 2006-12-07 2015-01-06 Cisco Technology, Inc. Systems, methods, media, and means for hiding network topology
US7779156B2 (en) * 2007-01-24 2010-08-17 Mcafee, Inc. Reputation based load balancing
US8763114B2 (en) 2007-01-24 2014-06-24 Mcafee, Inc. Detecting image spam
US8214497B2 (en) 2007-01-24 2012-07-03 Mcafee, Inc. Multi-dimensional reputation scoring
US8185930B2 (en) 2007-11-06 2012-05-22 Mcafee, Inc. Adjusting filter or classification control settings
US8045458B2 (en) * 2007-11-08 2011-10-25 Mcafee, Inc. Prioritizing network traffic
US8589503B2 (en) 2008-04-04 2013-11-19 Mcafee, Inc. Prioritizing network traffic
US8621638B2 (en) 2010-05-14 2013-12-31 Mcafee, Inc. Systems and methods for classification of messaging entities
US9942320B2 (en) * 2012-09-11 2018-04-10 Telefonaktiebolaget Lm Ericsson (Publ) Method and architecture for application mobility in distributed cloud environment
CN103312618B (en) * 2013-05-30 2016-03-30 中国人民解放军国防科学技术大学 Based on the flow management method of software and hardware combining
US10129100B2 (en) 2014-08-22 2018-11-13 Vmware, Inc. Policy management system for heterogeneous cloud services
CN108604995B (en) * 2016-01-08 2021-06-15 Nec实验室欧洲有限公司 Method for operating a network, network and coordinator for use in the method
US11218447B2 (en) * 2018-03-02 2022-01-04 Disney Enterprises, Inc. Firewall rule remediation for improved network security and performance
US11516670B2 (en) 2020-07-06 2022-11-29 T-Mobile Usa, Inc. Security system for vulnerability-risk-threat (VRT) detection
US11800361B2 (en) 2020-07-06 2023-10-24 T-Mobile Usa, Inc. Security system with 5G network traffic incubation
US11770713B2 (en) 2020-07-06 2023-09-26 T-Mobile Usa, Inc. Distributed security system for vulnerability-risk-threat (VRT) detection
US11622273B2 (en) 2020-07-06 2023-04-04 T-Mobile Usa, Inc. Security system for directing 5G network traffic
US11743729B2 (en) 2020-07-06 2023-08-29 T-Mobile Usa, Inc. Security system for managing 5G network traffic

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001022686A1 (en) * 1999-09-21 2001-03-29 Infineon Technologies North America Corp. Rule based ip data processing
WO2001047207A2 (en) * 1999-12-22 2001-06-28 Intel Corporation Method and apparatus for proprietary data forwarding in an open architecture for network devices
WO2002015521A1 (en) * 2000-08-17 2002-02-21 Redback Networks Inc. Methods and apparatus for packet classification with multi-level data structure

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154776A (en) * 1998-03-20 2000-11-28 Sun Microsystems, Inc. Quality of service allocation on a network
US6157955A (en) * 1998-06-15 2000-12-05 Intel Corporation Packet processing system including a policy engine having a classification unit
US6170009B1 (en) * 1998-07-17 2001-01-02 Kallol Mandal Controlling devices on a network through policies
US6463470B1 (en) * 1998-10-26 2002-10-08 Cisco Technology, Inc. Method and apparatus of storing policies for policy-based management of quality of service treatments of network data traffic flows
US6167445A (en) * 1998-10-26 2000-12-26 Cisco Technology, Inc. Method and apparatus for defining and implementing high-level quality of service policies in computer networks
US6327618B1 (en) * 1998-12-03 2001-12-04 Cisco Technology, Inc. Recognizing and processing conflicts in network management policies
US6393474B1 (en) * 1998-12-31 2002-05-21 3Com Corporation Dynamic policy management apparatus and method using active network devices
US6671724B1 (en) * 2000-03-21 2003-12-30 Centrisoft Corporation Software, systems and methods for managing a distributed network
CA2326851A1 (en) * 2000-11-24 2002-05-24 Redback Networks Systems Canada Inc. Policy change characterization method and apparatus
US7159125B2 (en) * 2001-08-14 2007-01-02 Endforce, Inc. Policy engine for modular generation of policy for a flat, per-device database

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001022686A1 (en) * 1999-09-21 2001-03-29 Infineon Technologies North America Corp. Rule based ip data processing
WO2001047207A2 (en) * 1999-12-22 2001-06-28 Intel Corporation Method and apparatus for proprietary data forwarding in an open architecture for network devices
WO2002015521A1 (en) * 2000-08-17 2002-02-21 Redback Networks Inc. Methods and apparatus for packet classification with multi-level data structure

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
GAO J ET AL: "A PROGRAMMABLE ROUTER ARCHITECTURE SUPPORTING CONTROL PLANE EXTENSIBILITY", IEEE COMMUNICATIONS MAGAZINE, IEEE SERVICE CENTER. PISCATAWAY, N.J, US, vol. 38, no. 3, March 2000 (2000-03-01), pages 152 - 159, XP000948535, ISSN: 0163-6804 *

Also Published As

Publication number Publication date
GB2411543A (en) 2005-08-31
AU2003284078A8 (en) 2004-07-29
GB0511859D0 (en) 2005-07-20
WO2004062206A2 (en) 2004-07-22
AU2003284078A1 (en) 2004-07-29
GB2411543B (en) 2006-06-28
US20040122967A1 (en) 2004-06-24
JP2006512012A (en) 2006-04-06

Similar Documents

Publication Publication Date Title
WO2004062206A3 (en) Method and apparatus for managing packet flows for multiple network services
DE60324834D1 (en) METHOD FOR PROVIDING SERVICE QUALITY DURING THE PACKET TRANSFER BETWEEN A TERMINAL DEVICE AND A MOBILE COMMUNICATION NETWORK
GB2404111B (en) Audio-communication bandwidth management system, method and program for the same, communication connection server, and network apparatus
WO2004112297A3 (en) Apparatus and method for providing quality of service for a network data connection
DE60015354D1 (en) DEVICE AND METHOD FOR TRANSFERRING INFORMATION IN A PACKAGE DATA NETWORK
WO2004075593A3 (en) Method and apparatus for controlling data rate of a reverse link in a communication system
AR069048A2 (en) A WIRELESS COMMUNICATION SYSTEM, A METHOD AND APPARATUS FOR IMPROVED INCREASED LINK MULTIPLEXATION
WO2006073574A3 (en) Network based quality of service
WO2003069827A3 (en) Method and apparatus for network user location verification
WO2007056107A3 (en) System and method for improved data throughput in a wireless network
HK1040858A1 (en) Information distributing method, information distributing system, information distributing server, mobile communication network system, and communication service providing method
WO2006125149A3 (en) Method and apparatus for wireless multi-carrier communications
WO2004046858A3 (en) A system architecture for self-provisioning service and method of use
EP1677550A4 (en) Wireless-line-shared network system, and management apparatus and method therefor
AU2003223412A1 (en) Method and apparatus for coordinating a radio network controller and node b resource management device for high speed downlink packet data service
WO2006055428A3 (en) System and method for distribution of provisioning packets
WO2006028654A3 (en) Systems and methods for receiving data in a wireless communication network
WO2009028877A3 (en) Scheduling method and apparatus for high speed video stream service in communication system
WO2002103514A3 (en) Method and apparatus for relationship management
EP1791322A4 (en) A method and system for automatically distributing the service to the ppp access terminal
WO2007127794A3 (en) Data services over g.shdsl transport infrastructure
EP2019560A4 (en) A METHOD, SYSTEM AND APPARATUS FOR ENSURING THE QUALITY OF SERVICE(QoS) OF THE PACKET TRAFFIC
DE502005002979D1 (en) Method and device for anonymous connection establishment in a telecommunication network
SG110025A1 (en) Communications system, communications method, network manager, and transfer device
GB2399988B (en) Communication unit, communication system and method for reducing network congestion therein

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 0511859

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20031010

WWE Wipo information: entry into national phase

Ref document number: 0511859.1

Country of ref document: GB

WWE Wipo information: entry into national phase

Ref document number: 2004564779

Country of ref document: JP

122 Ep: pct application non-entry in european phase