IN-KERNEL CONTENT-AWARE SERVICE DIFFERENTIATION

US 20080059636A1
Filed: 10/31/2007
Published: 03/06/2008
Est. Priority Date: 06/27/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

differentiating at least one service class in a kernel to provide different levels of service for system performance to users to perform service differentiation based on content in at least one data packet, including the steps of;

capturing said at least one data packet until a complete application header is detected;

parsing said complete application header to determine at least one application tag;

matching said at least one application tag to at least one matching rule;

determining a presence of at least one match with said at least one matching rule; and

performing service differentiation action based on said at least one matching rule in order to provide a particular level of service from said different levels of service; and

detecting establishment of a new connection and establishing of a new TCP connection.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The increasing number of Internet users and innovative new services such as e-commerce are placing new demands on Web servers. It is becoming essential for Web servers to provide performance isolation, have fast recovery times, and provide continuous service during overload at least to preferred customers. The invention describes a kernel-based architecture for content-aware service differentiation that protects Web servers against overload by controlling the amount and rate of work entering the system. We have invented a mechanism that provides admission control and service differentiation based on connection and application level information. The application header-based connection control uses application-level information (such as URIs and cookies for HTTP) to define different service differentiation actions. The present invention provides the kernel mechanisms that are more efficient and scalable than application level controls implemented in current Web servers.

15 Citations

View as Search Results

23 Claims

1. A method comprising:
- differentiating at least one service class in a kernel to provide different levels of service for system performance to users to perform service differentiation based on content in at least one data packet, including the steps of;
  
  capturing said at least one data packet until a complete application header is detected;
  
  parsing said complete application header to determine at least one application tag;
  
  matching said at least one application tag to at least one matching rule;
  
  determining a presence of at least one match with said at least one matching rule; and
  
  performing service differentiation action based on said at least one matching rule in order to provide a particular level of service from said different levels of service; and
  
  detecting establishment of a new connection and establishing of a new TCP connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 13, 18, 19)
- - 2. A method as in claim 1, wherein said at least one application tag includes at least one tag taken from a group of tags including:
    - URI, cookie, request method, HTTP version, a tag in an application protocol, and a tag in a communication protocol.
  - 3. A method as in claim 1, wherein said at least one application tag is a URI, and wherein the URI is the second string in a HTTP header as defined in the application protocol.
  - 4. A method as in claim 1, further comprising employing a table having said at least one matching rule.
  - 5. A method as in claim 1, wherein the step of determining includes finding a best match.
  - 6. A method as in claim 1, wherein said step of performing service differentiation action includes at least one action taken from a group of actions including:
    - dropping, rate controlling, scheduling connections, monitoring, request prioritization, and a policing action.
  - 7. A method as in claim 1, wherein said step of performing service differentiation action includes an action of dropping, and wherein said action of dropping includes discarding a connection based on rules that are created to provide better performance to the connections that are accepted.
  - 8. A method as in claim 6, wherein said action includes at least one act taken from a group of acts including:
    - sending a reset message, sending an application return code, determining compliance with a given rate and/or burst, prioritization, weighted round robin, round robin, ordering, recording statistics, performing a cleanup, and protocol control.
  - 9. A method as in claim 1, further comprising installing at least one matching rule to provide a higher level of system performance for higher classed packets and connections.
  - 13. A method as in claim 1, wherein said step of capturing includes detecting application header delimiters for said at least one data packet.
  - 18. An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing service differentiation, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 1.
  - 19. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for service differentiation, said method steps comprising the steps of claim 1.

10-11. -11. (canceled)

14. An apparatus comprising a service differentiation module to provide different levels of service for system performance to users, said module including a tangible computing medium enabling functions of:
- a parser to parse a client Web request;
  
  a classifier to classify the request based on application headers and assigning a request class within a kernel;
  
  a selector to determine an action rule based on the request class;
  
  a performer to apply the action rule based on the request class in order to provide better system performance for higher classed packets and connections; and
  
  a detector to detect establishment of a new connection and establishing of a new TCP connection.
- View Dependent Claims (20)
- - 20. A computer program product comprising a tangible computer usable medium having computer readable program code means embodied therein for causing service differentiation, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 14.

15. An apparatus comprising a policy agent, said policy agent including:
- a communicator to communicate from a user space to a kernel with an application interface;
  
  an initializer to instantiate service differentiation rules for an application tag within the kernel which include classification and action rules; and
  
  a manager to delete and update rules on a user request.
- View Dependent Claims (21)
- - 21. A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing rule installation, the computer readable program code means in said computer program product for causing a computer to effect the functions of claim 15.

16. A method comprising:
- forming a rule, including the steps of;
  
  communicating from a user space to a kernel with an application interface;
  
  instantiating service differentiation rules for an application tag within the kernel which include classification and action rules; and
  
  deleting and adding rules based upon a user request.
- View Dependent Claims (17)
- - 17. A method as in claim 16, further comprising updating rules based upon a user request.

22. An apparatus comprising a computing medium enabling at least one function of:
- means for differentiating at least one service class in a kernel to perform service differentiation based on content in at least one data packet, comprising;
  
  means for capturing said at least one data packet until a complete application header is detected;
  
  means for parsing said complete application header to determine at least one application tag;
  
  means for matching said at least one application tag to at least one matching rule;
  
  means for determining a presence of at least one match with said at least one matching rule; and
  
  means for performing service differentiation action based on said at least one matching rule.
- View Dependent Claims (23)
- - 23. A computer program product comprising a tangible computer usable medium having computer readable program code means embodied therein for causing differentiation of at least one service class in a kernel, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 22.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ashish Mehra, Douglas Freimuth, Renu Tewari, Thiemo Voigt
Original Assignee
Ashish Mehra, Douglas Freimuth, Renu Tewari, Thiemo Voigt
Inventors
Freimuth, Douglas, Tewari, Renu, Voigt, Thiemo, Mehra, Ashish

Application Number

US11/933,200
Publication Number

US 20080059636A1
Time in Patent Office

Days
Field of Search
US Class Current

709/226
CPC Class Codes

H04L 67/01   Protocols

H04L 67/51   Discovery or management the...

H04L 67/56   Provisioning of proxy servi...

H04L 67/564   Enhancement of application ...

H04L 67/62   Establishing a time schedul...

H04L 69/22   Parsing or analysis of headers

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

IN-KERNEL CONTENT-AWARE SERVICE DIFFERENTIATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

IN-KERNEL CONTENT-AWARE SERVICE DIFFERENTIATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others