Network flow switching and flow data export

US 6,243,667 B1
Filed: 05/28/1996
Issued: 06/05/2001
Est. Priority Date: 05/28/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for routing messages in a data network wherein a set of packets is isolated for specialized policy treatment by a plurality of routing devices in the data network, the method comprising the steps of:

identifying a first one message of a first plurality of messages associated with an application layer, said first plurality of messages having at least one policy treatment in common, said first plurality of messages being identified in response to an address of a selected source device and an address of a selected destination device, wherein said policy treatment comprises at least one of the access control information, security information, queuing information, accounting information, traffic profiling information, and policy information;

generating a unique hash key by each of the routing devices that receives the first plurality of messages, the unique hash key being based upon the address of the selected source device, the address of the selected destination device, a port number associated with the selected source device, a port number associated with the selected destination device, and a protocol type corresponding to the first plurality of messages;

recording said first policy treatment by building a corresponding entry in a flow cache, wherein the first plurality of messages is identified by the unique hash key;

recording information about said first plurality of messages;

transmitting said information to at least one selected device on said network based upon a predetermined operating parameter;

identifying a second one message of said first plurality of messages; and

routing said second one message responsive to said first routing treatment.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a method and system for switching in networks responsive to message flow patterns. A message “flow” is defined to comprise a set of packets to be transmitted between a particular source and a particular destination. When routers in a network identify a new message flow, they determine the proper processing for packets in that message flow and cache that information for that message flow. Thereafter, when routers in a network identify a packet which is part of that message flow, they process that packet according to the proper processing for packets in that message flow. The proper processing may include a determination of a destination port for routing those packets and a determination of whether access control permits routing those packets to their indicated destination.

Citations

19 Claims

1. A method for routing messages in a data network wherein a set of packets is isolated for specialized policy treatment by a plurality of routing devices in the data network, the method comprising the steps of:
- identifying a first one message of a first plurality of messages associated with an application layer, said first plurality of messages having at least one policy treatment in common, said first plurality of messages being identified in response to an address of a selected source device and an address of a selected destination device, wherein said policy treatment comprises at least one of the access control information, security information, queuing information, accounting information, traffic profiling information, and policy information;
  
  generating a unique hash key by each of the routing devices that receives the first plurality of messages, the unique hash key being based upon the address of the selected source device, the address of the selected destination device, a port number associated with the selected source device, a port number associated with the selected destination device, and a protocol type corresponding to the first plurality of messages;
  
  recording said first policy treatment by building a corresponding entry in a flow cache, wherein the first plurality of messages is identified by the unique hash key;
  
  recording information about said first plurality of messages;
  
  transmitting said information to at least one selected device on said network based upon a predetermined operating parameter;
  
  identifying a second one message of said first plurality of messages; and
  
  routing said second one message responsive to said first routing treatment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method as in claim 1, wherein
3. A method as in claim 2, wherein said stream of packets is associated with a first selected port number at said source device and a second selected port number at said destination device.
4. A method as in claim 1, wherein said first plurality of messages comprises a message flow.
5. A method as in claim 1, wherein said first plurality of messages comprises an ordered sequence, and said first one message has a selected position in said ordered sequence.
6. A method as in claim 1, wherein said step of recording comprises building an entry flow cache, wherein said flow cache includes a plurality of entries, one said entry for each said plurality of messages, each said entry including a unicast destination address.
7. A method as in claim 1, including a step of identifying a first packet of a second stream of packets, wherein the packets of said second stream of packets have at least one second policy treatment in common, said second routing treatment differing from said first policy treatment.
8. A method as in claim 1, wherein said policy treatment comprises a destination output port for routing said first message.
9. A method as in claim 1, wherein said information comprisesan arrival time for an initial one message in said plurality of messages;
- an arrival time for most recent one message in said plurality of messages;
  
  a cumulative count of bytes in said plurality of messages;
  
  or a cumulative count of said one messages in said plurality of messages.
10. A method as in claim 1, comprising the steps ofreceiving said information at said selected device on said network;
- recording said information in a database at said selected device; and
  
  making said information available to a second device on said network.

11. A system for routing packets in a data network wherein a set of packets is isolated for specialized policy treatment, said system comprising:
- a source device for outputting a stream of packets;
  
  a destination device for receiving said stream of packets; and
  
  a plurality of routing devices for transporting said stream of packets from said source device to said destination device, each of said plurality of routing devices comprising, means for receiving said stream of packets, said stream of packets comprising a plurality of message flows associated with an application layer, each said packet being associated with one selected message flow, each said message flow having at least one policy treatment in common, wherein said policy treatment comprises at least one of access control information, security information, queuing information, accounting information, traffic profiling information, and policy information;
  
  means for associating packets with a first one of said message flows, means for generating a unique hash key upon receipt of the stream of packets, the unique hash key being based upon an address of the source device, an address of the destination device, a port number associated with the source device, a port number associated with the destination device, and a protocol type corresponding to the first plurality of messages, means for caching an entry associated with said first one of said message flows, wherein said first one of said message flows is identified by the unique hash key, means for recording information about said first one of said message flows;
  
  means for transmitting said information to the destination device on said network based upon a predetermined operating parameter, and means for routing packets responsive to entries in said caching means.
- View Dependent Claims (12, 13, 14, 15)
- - 12. A system as in claim 11, wherein said entry comprises access control information.
  - 13. A system as in claim 12, wherein said entry comprises a destination output port for routing packets.
  - 14. A system as in claim 11, wherein said information comprises
15. The system as in claim 11,wherein the caching means comprises a plurality of buckets, each bucket including a linked list that includes a maximum of two entries.

16. A method for routing messages in a data network wherein a set of packets is isolated for specialized policy treatment by plurality devices in the data network, said method comprising the steps of:
- identifying a first one packet of a first stream of packets defining a first message flow associated with an application layer, wherein said first stream of packets comprise an ordered sequence and said first packet has a selected position in said ordered sequence, said first stream of packets having at least one first routing policy treatment in common, wherein said policy treatment comprises at least one of access control information, security information, queuing information, accounting information, traffic profiling information, and policy information; and
  
  generating a unique hash key by each of the routing devices that receives the first stream of packets, the unique hash key being based upon an address of a selected source device, an address of a selected destination device, a port number associated with the selected source device, a port number associated with the selected destination device, and a selected protocol type, said first routing treatment being identified by the unique hash key;
  
  recording said unique hash key by building an entry in a flow cache;
  
  identifying subsequent packets of a said first stream of packets defining said first message flow;
  
  recording information about said first stream of packets;
  
  transmitting said information to at least one selected device on said network based upon a predetermined operating parameter; and
  
  routing said subsequent packets responsive to said first policy treatment.
- View Dependent Claims (17, 18, 19)
- - 17. A method as in claim 16, comprising the step of identifying a first one packet of a second stream of packets defining a second message flow, said second stream of packets having at least one second policy treatment in common, said second policy treatment differing from said first policy treatment.
  - 18. A method as in claim 16, wherein said policy treatment further comprises a destination output port for routing said first one packet.
  - 19. A method as in claim 16, wherein said information comprises

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Systems, Inc.
Inventors
Bruins, Barry L., Kerr, Darren R.
Primary Examiner(s)
Teska, Kevin J.
Assistant Examiner(s)
PHAN, THAI Q

Application Number

US08/655,429
Time in Patent Office

1,834 Days
Field of Search

395/500, 395/200.01, 395/200.13, 395/683, 395/185.04, 370/352, 370/389, 370/392, 370/351, 370/410
US Class Current

703/27
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 45/566   Routing instructions carrie...

H04L 47/2441   relying on flow classificat...

Network flow switching and flow data export

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Network flow switching and flow data export

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links