Object-aware transport-layer network processing engine

US 20050060427A1
Filed: 08/09/2004
Published: 03/17/2005
Est. Priority Date: 04/15/2003
Status: Abandoned Application

First Claim

Patent Images

1. A network communication unit, comprising:

an application-layer rule specification interface operative to define rules that each include a predicate that defines one or more conditions within an application layer construct and an action associated with that condition, condition detection logic responsive to the rule specification logic and operative to detect the conditions according to the rules, and implementation logic responsive to the rule specification interface and to the condition detection logic operative to perform an action specified in a rule when a condition for that rule is satisfied.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one general aspect, a network communication unit is disclosed that includes connection servicing logic that is responsive to transport-layer headers and is operative to service virtual, error-free network connections. A programmable parser is responsive to the connection servicing logic and is operative to parse application-level information received by the connection servicing logic for at least a first of the connections. Also included is application processing logic that is responsive to the parser and operative to operate on information received through at least the first of the connections based on parsing results from the parser.

207 Citations

46 Claims

1. A network communication unit, comprising:
- an application-layer rule specification interface operative to define rules that each include a predicate that defines one or more conditions within an application layer construct and an action associated with that condition, condition detection logic responsive to the rule specification logic and operative to detect the conditions according to the rules, and implementation logic responsive to the rule specification interface and to the condition detection logic operative to perform an action specified in a rule when a condition for that rule is satisfied.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The apparatus of claim 1 wherein the implementation logic is operative to perform load-balancing operations.
  - 3. The apparatus of claim 1 wherein the implementation logic is operative to perform caching operations.
  - 4. The apparatus of claim 1 wherein the implementation logic is operative to perform firewall operations.
  - 5. The apparatus of claim 1 wherein the implementation logic is operative to perform compression operations.
  - 6. The apparatus of claim 1 wherein the implementation logic is operative to perform cookie insertion operations.
  - 7. The apparatus of claim 1 wherein the implementation logic is operative to perform dynamic quality of service adjustment operations.
  - 8. The apparatus of claim 1 wherein the implementation logic is operative to perform stream modification operations.
  - 9. The apparatus of claim 1 wherein the implementation logic is operative to perform packet-marking operations.
  - 10. The apparatus of claim 1 wherein the condition detection logic is operative to detect information in HTTP messages.
  - 11. The apparatus of claim 1 wherein the condition detection logic is operative to detect information in IP headers.
  - 12. The apparatus of claim 1 wherein the implementation logic is operative to perform object modifications.
  - 13. The apparatus of claim 1 wherein most of the rule-specification interface, the condition detection logic, and the implementation logic are all built with function-specific hardware.
  - 14. The apparatus of claim 1 wherein substantially all of the rule-specification interface, the condition detection logic, and the implementation logic are all built with function-specific hardware.
  - 15. The apparatus of claim 1 wherein the implementation logic is operative to request at least one retry.
  - 16. The apparatus of claim 1 wherein the implementation logic is operative to redirect at least a portion of a communication.
  - 17. The apparatus of claim 1 wherein the implementation logic is operative to forward at least a portion of a communication.

18. A network communication unit, comprising:
- means for defining application-layer rules that each include a predicate that defines one or more conditions within an application layer construct and an action associated with that condition, condition detecting means responsive to the rule defining means for detecting the conditions according to the rules, and means responsive to the rule defining means and to the condition detecting means for performing an action specified in a rule when a condition for that rule is satisfied.

19. Logic for processing a stream of transport layer data, comprising:
- a full parser for parsing the stream and extracting content of interest in an object in the stream; and
  
  a policy-based mechanism for determining how to process the object based at least in part on the content in the extracted content.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 20. The logic of claim 19, wherein the policy based mechanism determines to forward the underlying object to a server.
  - 21. The logic of claim 19, wherein the policy based mechanism determines to block the underlying object from being forwarded.
  - 22. The logic of claim 19, wherein the policy based mechanism includes a policy-based load balancer that balances loads to a group of servers based on a policy.
  - 23. The logic of claim 22, wherein the policy-based load balancer applies a round robin load balancing algorithm.
  - 24. The logic of claim 22, wherein the policy-based load balancer applies a weighted hash load balancing algorithm.
  - 25. The logic of claim 22, wherein the policy-based load balancer applies a weighted round robin load balancing algorithm.
  - 26. The logic of claim 22, further comprising a simplified parser to determine whether enough stream data has arrived to process the stream.
  - 27. The logic of claim 26, wherein the simplified parser and the full parser are combined.
  - 28. The logic of claim 22, wherein the object is a message in one of the following protocols:
    - HTTP, FTP or MIME.
  - 29. The logic of claim 22, wherein the object is a message of a line-oriented protocol in which a final line of the message can be identified.
  - 30. The logic of claim 22, wherein the object is a message and the object has message length fields appearing at well-known byte offsets from a start of the message.
  - 31. The logic of claim 22, wherein the policy-based mechanism relies on a policy that includes user-defined policy rules.

32. A device for directing network traffic between clients and servers, comprising:
- a parser for parsing streams of transport layer data in the network traffic, said parser parsing out underlying objects in said streams;
  
  a policy-based mechanism for determining how to process the underlying object based at least in part on content in the parsed out underlying objects; and
  
  logic for processing the underlying object as determined by the policy-based mechanism.
- View Dependent Claims (33, 34, 35, 43, 44)
- - 33. The device of claim 32, wherein the policy-based mechanism includes a load-balancer that balances loads to a group of servers based on a policy.
  - 34. The device of claim 32, wherein the policy-based mechanism employs a policy that includes user-specified rules.
  - 35. The device of claim 32, wherein the device is a switch.
  - 43. The method of claim 32, wherein the policy-based mechanism determines to reset a connection with a client that sent the stream to the device.
  - 44. The method of claim 32, wherein the policy-based mechanism determines to redirect the stream to a new address.

36. A method of processing a stream of transport layer data, comprising the steps of:
- parsing the stream to identify content in an underlying object in the stream; and
  
  applying a policy-based mechanism to determine how to process the stream based at least in part on content in the underlying object.
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. The method of claim 36, wherein the underlying object is an HTTP message.
  - 38. The method of claim 36, wherein the underlying object is one of an HTTP request, a FTP message or an MIME message.
  - 39. The method of claim 38, wherein the content that is identified is in a header of the HTTP request.
  - 40. The method of claim 36, wherein the underlying object is a cookie in an HTTP request.
  - 41. The method of claim 36, wherein the content that is identified is a uniform resource identifier (URI).
  - 42. The method of claim 36, wherein the policy-based mechanism determines to forward the stream to a server.

45. In a device for forwarding network traffic from clients to servers, a method, comprising the steps of:
- identifying real services provided by the servers;
  
  grouping the real services into service groups;
  
  providing a policy that includes object rules for matching object values to service groups;
  
  examining an object in a stream of transport level data and applying the policy to determine a selected one of the service groups to send the object to.
- View Dependent Claims (46)
- - 46. The method of claim 45, further comprising the step of applying a load balancing algorithm to determine which of the servers that provides the real services in the selected service group is to receive the object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Lussier, Daniel, Phillips, Paul, Metzger, Stephen, Levergood, Thomas, Waters, Gregory, Ramelson, Brian

Application Number

US10/914,830
Publication Number

US 20050060427A1
Time in Patent Office

Days
Field of Search
US Class Current

709/238
CPC Class Codes

H04L 67/1001   for accessing one among a p...

H04L 67/1008   based on parameters of serv...

H04L 67/1014   based on the content of a r...

H04L 67/1017   based on a round robin mech...

H04L 67/1023   based on a hash applied to ...

H04L 67/14   Session management for real...

H04L 67/61   taking into account QoS or ...

H04L 67/63   Routing a service request d...

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/163   In-band adaptation of TCP d...

H04L 69/329   in the application layer [O...

Object-aware transport-layer network processing engine

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

207 Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

Object-aware transport-layer network processing engine

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

207 Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links