Systems and methods for providing differentiated services within a network communication system
First Claim
1. A method for performing services within a network communication system, the method comprising:
- providing a plurality of service applications at a service module, the service module disposed between a client and a server;
intercepting at least one packet between the client and the server;
determining whether the at least one packet matches a predetermined service criteria associated with at least one of the plurality of service applications;
establishing a first connection between the service module and the client and a second connection between the service module and the server;
receiving data transmitted by the server for the client;
processing at least a portion of the data communicated between the client and the server using the service application associated with the predetermined service criteria; and
transmitting the processed data to the client.
10 Assignments
0 Petitions
Accused Products
Abstract
A service module incorporated within the network infrastructure intercepts packets communicated between a client and a server to determine whether the connection corresponds to one of a plurality of service applications that may supported by the service module. If so, the service module breaks the connection by terminating the connection with the client at the service module and opening a separate connection between the service module and the server. The service application may then perform application-specific process of the data communicated between the client and server. In order to increase processing efficiency associated with classifying the connection between the client and the server, the service module stores classification rules in a plurality of hashing tables, with hash conflicts arranged as an m-ary tree structure. This arrangement enables the service module to efficiently search for classification rules and resolve hash conflicts without imposing a significant processing penalty.
133 Citations
38 Claims
-
1. A method for performing services within a network communication system, the method comprising:
-
providing a plurality of service applications at a service module, the service module disposed between a client and a server;
intercepting at least one packet between the client and the server;
determining whether the at least one packet matches a predetermined service criteria associated with at least one of the plurality of service applications;
establishing a first connection between the service module and the client and a second connection between the service module and the server;
receiving data transmitted by the server for the client;
processing at least a portion of the data communicated between the client and the server using the service application associated with the predetermined service criteria; and
transmitting the processed data to the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for selectively performing at least one of a plurality of service applications within a network communication system, the method comprising:
-
classifying a connection that has been requested between the client and the server to determine whether the connection matches a predetermined service criteria, the predetermined service criteria associated with at least one of the plurality of service applications;
forming a first connection between the client and the service module and a second connection between the service module and the server in response to the connection matching the predetermined service criteria; and
using the first connection and the second connection to redirect at least a portion of data communicated between the client and the server to the service application associated with the predetermined service criteria. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method for classifying a packet communicated between a client and a server in accordance with a plurality of classification rules, the method comprising:
-
storing at least a first portion of the plurality of classification rules in a first hashing table such that hash conflicts for the classification rules in the first hashing table are stored as an m-ary tree structure;
hashing the first hashing table in accordance with a first hash field, the first hash field based on at least a portion of a header of the packet;
if the hash entry indicated by the hashing step comprises a classification rule, applying the indicated classification rule to the header of the packet; and
if the hash entry indicated by the hashing step does not comprise a classification rule, performing a binary search of the m-ary tree structure based on a second hash field to determine a next hash entry. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35)
-
-
36. A system for performing differentiated services within a network communication system, the system comprising:
-
a processor; and
a memory unit, operably coupled to the processor, for storing data an instructions which when executed by the processor cause the processor to operate so as to;
provide a plurality of service applications at a service module, the service module disposed between a client and a server;
intercept at least one packet between the client and the server;
determine whether the at least one packet matches a predetermined service criteria associated with at least one of the plurality of service applications;
establish a first connection between the service module and the client and a second connection between the service module and the server;
receive data transmitted by the server for the client;
process at least a portion of the data communicated between the client and the server using the service application associated with the predetermined service criteria; and
transmit the processed data to the client.
-
-
37. A system for performing differentiated services within a network communication system, the system comprising:
-
a processor; and
a memory unit, operably coupled to the processor, for storing data an instructions which when executed by the processor cause the processor to operate so as to;
classify a connection that has been requested between the client and the server to determine whether the connection matches a predetermined service criteria, the predetermined service criteria associated with at least one of the plurality of service applications;
form a first connection between the client and the service module and a second connection between the service module and the server in response to the connection matching the predetermined service criteria; and
use the first connection and the second connection to redirect at least a portion of data communicated between the client and the server to the service application associated with the predetermined service criteria.
-
-
38. A system for classifying a connection, the system comprising:
-
a processor; and
a memory unit, operably coupled to the processor, for storing data an instructions which when executed by the processor cause the processor to operate so as to;
store at least a first portion of the plurality of classification rules in a first hashing table such that hash conflicts for the classification rules in the first hashing table are stored as an m-ary tree structure;
hash the first hashing table in accordance with a first hash field, the first hash field based on at least a portion of a header of the packet;
if the hash entry indicated by the hashing step comprises a classification rule, apply the indicated classification rule to the header of the packet; and
if the hash entry indicated by the hashing step does not comprise a classification rule, perform a binary search of the m-ary tree structure based on a second hash field to determine a next hash entry.
-
Specification