Propagating network configuration policies using a publish-subscribe messaging system
First Claim
Patent Images
1. A method, comprising:
- subscribing a node in a network to one or more topics associated with a configuration policy in a publish-subscribe messaging system, wherein said subscribing comprises selecting the one or more topics in the publish-subscribe messaging system based on a state of the node;
receiving, by the node in the network through the publish-subscribe messaging system, one or more messages comprising a first representation of the configuration policy from a policy server;
using a data model to convert, by the node, the first representation into a second representation of the configuration policy; and
using the second representation to apply the configuration policy during processing of network traffic at the node.
2 Assignments
0 Petitions
Accused Products
Abstract
The disclosed embodiments provide a system for propagating network configuration policies using a publish-subscribe messaging system. During operation, the system receives, through the publish-subscribe messaging system, one or more messages containing a first representation of a configuration policy from a policy server. Next, the system uses a data model to convert the first representation into a second representation of the configuration policy. The system then uses the second representation to apply the configuration policy during processing of network traffic.
31 Citations
17 Claims
-
1. A method, comprising:
-
subscribing a node in a network to one or more topics associated with a configuration policy in a publish-subscribe messaging system, wherein said subscribing comprises selecting the one or more topics in the publish-subscribe messaging system based on a state of the node; receiving, by the node in the network through the publish-subscribe messaging system, one or more messages comprising a first representation of the configuration policy from a policy server; using a data model to convert, by the node, the first representation into a second representation of the configuration policy; and using the second representation to apply the configuration policy during processing of network traffic at the node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
obtaining, at a policy server; a first configuration policy for a first subset of nodes in a network; and a second configuration policy for a second subset of nodes in the network; generating, by the policy server; a first message comprising the first configuration policy for receipt by the first subset of nodes through a publish-subscribe messaging system; and a second message comprising the second configuration policy for receipt by the second subset of nodes through the publish-subscribe messaging system; and transmitting, by the policy server, the first message and the second message to the publish-subscribe messaging system. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A system, comprising:
-
a policy server comprising a non-transitory computer-readable medium comprising instructions that, when executed, cause the system to; obtain a first configuration policy for a first subset of nodes in a network and a second configuration policy for a second subset of nodes in the network; generate a first message comprising the first configuration policy for receipt by the first subset of nodes through a publish-subscribe messaging system; generate a second message comprising the second configuration policy for receipt by the second subset of nodes through the publish-subscribe messaging system; and transmit the first and second messages to the publish-subscribe messaging system; and the first and second subsets of nodes, wherein each node in the first and second subsets comprises a non-transitory computer-readable medium comprising instructions that, when executed, cause the system to; receive, through the publish-subscribe messaging system, one or more messages comprising a first representation of a configuration policy from the policy server, wherein the configuration policy is at least one of the first and second configuration policies; use a data model to convert the first representation into a second representation of the configuration policy; and using the second representation to apply the configuration policy during processing of network traffic. - View Dependent Claims (15, 16, 17)
-
Specification