METHOD FOR MAINTAINING DIFFERENTIATED SERVICES DATA FLOW AT A NETWORK DEVICE IMPLEMENTING REDUNDANT PACKET DISCARD SECURITY TECHNIQUES
First Claim
1. A method of determining whether to discard a received packet at a node, the method comprising the steps of:
- responsive to a service level associated with the received packet, selecting a number from at least two available numbers, wherein the number identifies a number of previously received packets and wherein the at least two available numbers are different;
comparing a sequence number associated with the received packet against sequence numbers associated with the selected number of previously received packets; and
discarding the received packet in the event of a match between any one of the sequence numbers associated with the selected number of previously received packets and the sequence number associated with the received packet.
7 Assignments
0 Petitions
Accused Products
Abstract
An improved method is described for providing Differentiated Services (Diffserv) traffic to a node in a network that implements a security method that discards duplicate packets received at the node. The method includes the step of identifying at least two service levels to be provided to received traffic and assigning different size look-back window counts to each of the service levels. The look-back window count indicates a number of packets that have been previously received at the node that should be compared against a received packet to determine whether a duplicate packet has been received. In one embodiment, a service level that has higher priority is assigned a lower look-back window count and thus examines fewer previously received packets than a service level having a lower priority. Such an arrangement reduces the possibility that traffic having higher priority is dropped as a security measure.
-
Citations
14 Claims
-
1. A method of determining whether to discard a received packet at a node, the method comprising the steps of:
-
responsive to a service level associated with the received packet, selecting a number from at least two available numbers, wherein the number identifies a number of previously received packets and wherein the at least two available numbers are different; comparing a sequence number associated with the received packet against sequence numbers associated with the selected number of previously received packets; and discarding the received packet in the event of a match between any one of the sequence numbers associated with the selected number of previously received packets and the sequence number associated with the received packet. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for discarding redundant packets received at an input interface, comprising:
-
a sequence number buffer, for storing sequence numbers associated with packets received at the input interface; a look-back window table, comprising at least two entries, each entry associated with a service level and storing a number representing a number of previously received packets to be compared in determining whether to discard a received packet. - View Dependent Claims (9, 10, 11, 12)
-
-
13. An apparatus comprising:
means for comparing a sequence number of a received packet against a set of sequence numbers of previously received packets to determine whether there is a match, wherein a number of sequence numbers included in the set varies according to a service level of the received packet. - View Dependent Claims (14)
Specification