Method and apparatus for defining and implementing high-level quality of service policies in computer networks

US 6,167,445 A
Filed: 10/26/1998
Issued: 12/26/2000
Est. Priority Date: 10/26/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for implementing high-level, device-independent traffic management policies within a computer network having multiple, dissimilar intermediate network devices, the method comprising the steps of:

selecting one or more high-level policies;

translating the one or more high-level policies into a plurality of executable rules;

receiving a request for traffic management policies from an intermediate device supporting a set of network services;

selecting, in response to the request, one or more rules that are compatible with the network services supported by the intermediate device;

forwarding the selected one or more rules to the intermediate device; and

utilizing the one or more rules to configure the set of network services at the intermediate device to realize the selected high-level policies.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer network having multiple, dissimilar network devices includes a system for implementing high-level, network policies. The high-level policies, which are generally device-independent, are translated by one or more policy servers into a set of rules that can be put into effect by specific network devices. Preferably, a network administrator selects an overall traffic template for a given domain and may assign various applications and/or users to the corresponding traffic types of the template. Location-specific policies may also be established by the network administrator. The policy server translates the high-level policies inherent in the selected traffic template and location-specific policies into a set of rules, which may include one or more access control lists, and may combine several related rules into a single transaction. Intermediate network devices, which may have one or more roles assigned to their interfaces, are configured to request traffic management information from the policy server which replies with a particular set of transactions and rules. The rules, which may correspond to the particular roles assigned to the interfaces, are then utilized by the intermediate devices to configure their particular services and traffic management mechanisms. Other rules are utilized by the intermediate devices to classify packets with a particular priority and/or service value and to treat classified packets in a particular manner so as to realize the selected high-level policies within the domain.

1067 Citations

18 Claims

1. A method for implementing high-level, device-independent traffic management policies within a computer network having multiple, dissimilar intermediate network devices, the method comprising the steps of:
- selecting one or more high-level policies;
  
  translating the one or more high-level policies into a plurality of executable rules;
  
  receiving a request for traffic management policies from an intermediate device supporting a set of network services;
  
  selecting, in response to the request, one or more rules that are compatible with the network services supported by the intermediate device;
  
  forwarding the selected one or more rules to the intermediate device; and
  
  utilizing the one or more rules to configure the set of network services at the intermediate device to realize the selected high-level policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein the rules formulated by the step of translating include at least one of classification, behavioral and configuration rules.
  - 3. The method of claim 2 wherein the step of selecting further includes the step of selecting a predefined traffic template and loading the selected template with user and application information.
  - 4. The method of claim 3 further comprising the step of up-dating one or more data structures associated with the selected template as user and application information is inserted therein.
  - 5. The method of claim 4 wherein at least one classification rule includes an access control list object, a rule management object and a classification decision rule object.
  - 6. The method of claim 5 wherein the at least one classification rule further includes a location object and a direction object.
  - 7. The method of claim 6 wherein at least one behavioral rule includes a label test object and a behavioral rule object.
  - 8. The method of claim 7 wherein the at least one behavioral rule further includes a location object and a direction object.
  - 9. The method of claim 8 wherein at least one configuration rule includes a configuration rule object.
  - 10. The method of claim 9 wherein the at least one configuration rule further includes a location object and a direction object.
  - 11. The method of claim 10 wherein the step of translating includes the step of performing an algorithmic transformation on the one or more data structures to obtain the corresponding classification, behavioral and configuration rules.

12. A policy server for use in implementing high-level, device-independent traffic management policies within a computer network having multiple, dissimilar intermediate network devices and one or more information resources, the policy server comprising:
- means for receiving the high-level traffic management policies including one or more corresponding data structures;
  
  a policy translator that is configured to access the one or more information resources for inserting information in the data structures;
  
  a policy rule generating engine coupled to the policy generator and configured to translate the data structures into one or more executable traffic management rules;
  
  a device-specific filter entity coupled to the policy rule generating engine and configured to select a subset of the one or more traffic management rules in response to a request from a respective intermediate network device having particular traffic management resources and services; and
  
  and a communication engine coupled to the device-specific filter entity for exchanging requests from intermediate network devices and selected subsets of the one or more traffic management rules.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The policy server of claim 12 wherein the one or more corresponding data structures include a user table that maps individual network users identified in the high-level polices to network addresses and maps network groups to network masks.
  - 14. The policy server of claim 13 wherein the one or more corresponding data structures further include an application table that maps application programs identified in the high-level policies to network protocol and port number.
  - 15. The policy server of claim 14 wherein the high-level traffic management policies are represented by a selected traffic template that maps each of a plurality of traffic types defined by the selected traffic template with at least one of a differentiated service (DS) codepoint, a network user and an application program.
  - 16. The policy server of claim 15 wherein the one or more corresponding data structures further include a queue assignment table that maps DS codepoints to queue numbers.
  - 17. The policy server of claim 16 wherein the one or more corresponding data structures further include a queue threshold table that maps DS codepoints to queue thresholds.
  - 18. The policy server of claim 17 wherein the one or more corresponding data structures further include a priority table that maps DS codepoints to DS mark down values, user priority values and type of service values.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
McCloghrie, Keith, Gai, Silvano
Primary Examiner(s)
Maung, Zarni
Assistant Examiner(s)
WINDER, PATRICE L

Application Number

US09/179,036
Time in Patent Office

792 Days
Field of Search

713/200, 713/201, 709/220, 709/221, 709/222, 709/223, 709/224
US Class Current

709/223
CPC Class Codes

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/5003   Managing SLA; Interaction b...

H04L 41/5054   Automatic deployment of ser...

H04L 41/5096   wherein the managed service...

Method and apparatus for defining and implementing high-level quality of service policies in computer networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

1067 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for defining and implementing high-level quality of service policies in computer networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1067 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links