Reliable packet monitoring methods and apparatus for high speed networks
First Claim
Patent Images
1. A method for controlling traffic on a network, said method comprising:
- monitoring a data stream;
determining a particular byte offset within the monitored stream at which to block flow of the stream; and
blocking flow of the data stream at the determined byte offset.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for controlling traffic on a network includes monitoring a data stream, determining a particular byte offset within the monitored stream at which to block flow of the stream, and blocking flow of the data stream at the determined byte offset.
498 Citations
61 Claims
-
1. A method for controlling traffic on a network, said method comprising:
-
monitoring a data stream;
determining a particular byte offset within the monitored stream at which to block flow of the stream; and
blocking flow of the data stream at the determined byte offset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for controlling traffic on a network, said method comprising:
-
monitoring a data stream for a first predetermined condition;
blocking flow of the data steam upon a detection of the first predetermined condition; and
re-enabling flow of the blocked stream. - View Dependent Claims (11, 12)
-
-
13. A method for controlling traffic on a network, said method comprising:
-
monitoring a TCP data stream for a predetermined condition; and
generating and transmitting a TCP FIN packet for the monitored data stream upon a detection of the predetermined condition for the purpose of terminating the TCP data stream.
-
-
14. A method for controlling traffic on a network, said method comprising:
-
monitoring a TCP data stream from a first device directed toward a second device for a predetermined condition; and
manipulating the TCP data stream such that the second device receives data different than that sent from the first device. - View Dependent Claims (15, 16, 17)
-
- 18. A method for controlling traffic on a network, said method comprising monitoring TCP traffic in band through a switch using a plurality of content scanning engines.
-
22. A method for controlling traffic on a network, said method comprising content scanning a plurality of TCP packets to detect a content match that spans multiple packets.
-
23. A method for controlling traffic on a network, said method comprising monitoring a plurality of flows through the network wherein per flow memory usage is matched to a burst width of a memory module used to monitor a flow.
-
24. A method for controlling traffic on a network, said method comprising monitoring a plurality of flows through the network wherein an overlapping retransmission is handled using a data enabled signal and a valid bytes vector.
-
25. A method for controlling traffic on a network said method comprising:
-
monitoring a plurality of data flows simultaneously;
assigning a maximum idle period of time for each monitored flow; and
stopping monitoring a flow which is idle for at least the assigned period of time.
-
-
26. A method for controlling traffic on a network said method comprising:
-
monitoring a plurality of data flows simultaneously;
maintaining a period of idle time for each monitored flow; and
stopping monitoring the flow having a longest period of idle time. - View Dependent Claims (27, 28)
-
-
29. A method for controlling traffic on a network said method comprising:
-
monitoring a plurality of existing data flows simultaneously wherein each existing flow has a hash table entry;
receiving a new flow to be monitored, wherein the new flow hashes to the hash table entry of an existing flow causing a hash table collision; and
stopping monitoring of the existing flow whose hash table entry the new flow collided with. - View Dependent Claims (30)
-
-
31. A Field Programmable Gate Array (FPGA) configured to:
-
monitor a plurality of data flows using a hash table to store state information regarding each flow;
resolve hash table collisions according to a first algorithm stored on said FPGA;
receive a second algorithm at said FPGA to resolve hash table collisions, said second algorithm different from the first algorithm; and
use the received second algorithm to resolve hash table collisions occurring subsequent said receipt of the second algorithm.
-
-
32. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a data stream;
determine a particular byte offset within the monitored stream at which to block flow of the stream; and
block flow of the data stream at the determined byte offset. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a data stream for a first predetermined condition;
block flow of the data steam upon a detection of the first predetermined condition; and
re-enable flow of the blocked stream. - View Dependent Claims (42, 43)
-
-
44. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a TCP data stream for a predetermined condition; and
generate and transmit a TCP FIN packet for the monitored data stream upon a detection of the predetermined condition for the purpose of terminating the TCP data stream.
-
-
45. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a TCP data stream from a first device directed toward a second device for a predetermined condition; and
manipulate the TCP data stream such that the second device receives data different than that sent from the first device. - View Dependent Claims (46, 47, 48)
-
-
49. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor TCP traffic in band using a plurality of content scanning engines. - View Dependent Claims (50, 51, 52)
-
-
53. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to scan a plurality of TCP packets to detect a content match that spans multiple packets.
-
-
54. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to monitor a plurality of flows through the network wherein per flow memory usage is matched to a burst width of a memory module used to monitor a flow.
-
-
55. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to monitor a plurality of flows through the network wherein an overlapping retransmission is handled using a data enabled signal and a valid bytes vector.
-
-
56. An apparatus for controlling traffic on a network said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a plurality of data flows simultaneously;
assign a maximum idle period of time for each monitored flow; and
stop monitoring a flow which is idle for at least the assigned period of time.
-
-
57. An apparatus for controlling traffic on a network said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a plurality of data flows simultaneously;
maintain a period of idle time for each monitored flow; and
stop monitoring the flow having a longest period of idle time. - View Dependent Claims (58, 59)
-
-
60. An apparatus for controlling traffic on a network, said apparatus comprising:
-
at least one input port;
at least one output port; and
at least one logic device operationally coupled to said input port and said output port, said logic device configured to;
monitor a plurality of existing data flows simultaneously wherein each existing flow has a hash table entry;
receive a new flow to be monitored, wherein the new flow hashes to the hash table entry of an existing flow causing a hash table collision; and
stop monitoring of the existing flow whose hash table entry the new flow collided with. - View Dependent Claims (61)
-
Specification