Method and apparatus for limiting network connection resources

US 6,816,910 B1
Filed: 02/20/2001
Issued: 11/09/2004
Est. Priority Date: 02/17/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of limiting connection resources at a first network node, comprising:

detecting, at a second network node, a handshake message sent via at least a first network from a third network node toward the first network node;

randomly selecting one of a plurality of pending network connections at the first network node, the plurality of pending network connections started in response to a plurality of handshake messages sent toward the first network node via at least a second network; and

sending from the second network node a message to end the randomly selected pending network connection.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments include methods and apparatuses limit connection resources at one or more first network nodes. In one method embodiment, at a second network node, a handshake message is detected; a pending network connection is randomly selected; and a message to end the randomly selected pending network connection is sent from the second node. Various embodiments have one or more elements that can begin if a total of pending network connections exceeds a threshold. In one apparatus embodiment, a packet sniffer component detects a handshake message; a random selection component is coupled to the packet sniffer and randomly selects a pending network connection; and a sending component is coupled to the random selection component and sends a message to end the randomly selected pending network connection. Various embodiments have one or more elements that can begin if a total of pending network connections exceeds a threshold.

Citations

148 Claims

1. A method of limiting connection resources at a first network node, comprising:
- detecting, at a second network node, a handshake message sent via at least a first network from a third network node toward the first network node;
  
  randomly selecting one of a plurality of pending network connections at the first network node, the plurality of pending network connections started in response to a plurality of handshake messages sent toward the first network node via at least a second network; and
  
  sending from the second network node a message to end the randomly selected pending network connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
- - 2. The method of claim 1, wherein the handshake message and the plurality of handshake messages comprise Transmission Control Protocol data comprising a synchronize flag having a set value.
  - 3. The method of claim 1, wherein each of the plurality of pending network connections waits, to complete handshaking, for Transmission Control Protocol data comprising an acknowledge flag having a set value.
  - 4. The method of claim 1, wherein the detecting comprises sniffing.
  - 5. The method of claim 1, wherein the message to end the randomly selected pending network connection comprises Transmission Control Protocol data comprising a reset flag having a set value.
  - 6. The method of claim 1, wherein the first network is a local area network.
  - 7. The method of claim 1, wherein the first network is a wide area network.
  - 8. The method of claim 1, wherein the first network is an internetwork.
  - 9. The method of claim 1, wherein the second network is an internetwork.
  - 10. The method of claim 1, wherein the randomly selecting follows a probability distribution across the plurality of pending network connections.
  - 11. The method of claim 10, wherein the probability distribution is uniform.
  - 12. The method of claim 10, wherein the probability distribution is nonuniform.
  - 13. The method of claim 1, wherein the message to end the randomly selected pending network connection comprises a spoofed network identifier of the third network node.
  - 14. The method of claim 1, wherein the message to end the randomly selected pending network connection is sent if, in response to the detecting the handshake message, adding another pending network connection to the plurality of pending network connections causes a total of the plurality of pending network connections to exceed a threshold.
  - 15. The method of claim 1, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes with which the first node has successfully handshaked, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes with which the first node has not successfully handshaked.
  - 16. The method of claim 15, wherein the successfully handshaking comprises completing three-way handshaking.
  - 17. The method of claim 15, wherein the randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
  - 18. The method of claim 15, wherein the randomly selecting is limited to randomly selecting from the second subplurality.
  - 19. The method of claim 15, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 20. The method of claim 15, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 21. The method of claim 15, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 22. The method of claim 15, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 23. The method of claim 1, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node does not have historical data.
  - 24. The method of claim 23, wherein the randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
  - 25. The method of claim 23, wherein the randomly selecting is limited to randomly selecting from the second subplurality.
  - 26. The method of claim 23, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 27. The method of claim 23, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 28. The method of claim 23, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 29. The method of claim 23, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 30. The method of claim 1, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data having a first characteristic, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data having a second characteristic.
  - 31. The method of claim 30, wherein the randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
  - 32. The method of claim 30, wherein the randomly selecting is limited to randomly selecting from the second subplurality.
  - 33. The method of claim 30, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 34. The method of claim 30, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 35. The method of claim 30, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 36. The method of claim 30, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 37. The method of claim 1, further comprising:
38. The method of claim 37, wherein the successfully handshaking comprises completing three-way handshaking.
39. The method of claim 37, wherein the network identifier comprises an Internet Protocol address.
40. The method of claim 37, wherein the network identifier comprises a Transmission Control Protocol port number.
41. The method of claim 37, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises at least one or more pending network connections started in response to a handshake message comprising a network identifier corresponding to a stored identifier, and the second subplurality comprises one or more pending network connections started in response to a handshake message comprising a network identifier not corresponding to a stored identifier.
42. The method of claim 41, wherein the randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
43. The method of claim 41, wherein the randomly selecting is limited to randomly selecting from the second subplurality.
44. The method of claim 41, wherein the network identifier corresponds to the stored identifier if the network identifier maps to the stored identifier.
45. The method of claim 41, wherein the network identifier corresponds to the stored identifier if the stored identifier maps to the network identifier.
46. The method of claim 41, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
47. The method of claim 41, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
48. The method of claim 41, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
49. The method of claim 41, wherein a total of the plurality of pending network connections equals a total of the second subplurality.

50. An apparatus for limiting connection resources at a first network node, comprising:
- a packet sniffer component adapted to be coupled to the first network node, wherein the packet sniffer detects a handshake message sent via at least a first network from a second network node toward the first network node;
  
  a random selection component coupled to the packet sniffer, wherein the random selection component randomly selects one of a plurality of pending network connections at the first network node, and the plurality of pending network connections are started in response to a plurality of handshake messages sent toward the first network node via at least a second network; and
  
  a sending component coupled to the random selection component, wherein the sending component sends a message to end the randomly selected pending network connection.
- View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98)
- - 51. The apparatus of claim 50, wherein the handshake message and the plurality of handshake messages comprise Transmission Control Protocol data comprising a synchronize flag having a set value.
  - 52. The apparatus of claim 50, wherein each of the plurality of pending network connections waits, to complete handshaking, for Transmission Control Protocol data comprising an acknowledge flag having a set value.
  - 53. The apparatus of claim 50, wherein the packet sniffer component sniffs the handshake message.
  - 54. The apparatus of claim 50, wherein the message to end the randomly selected pending network connection comprises Transmission Control Protocol data comprising a reset flag having a set value.
  - 55. The apparatus of claim 50, wherein the first network is a local area network.
  - 56. The apparatus of claim 50, wherein the first network is a wide area network.
  - 57. The apparatus of claim 50, wherein the first network is an internetwork.
  - 58. The apparatus of claim 50, wherein the second network is an internetwork.
  - 59. The apparatus of claim 50, wherein the random selection component follows a probability distribution across the plurality of pending network connections.
  - 60. The apparatus of claim 59, wherein the probability distribution is uniform.
  - 61. The apparatus of claim 59, wherein the probability distribution is nonuniform.
  - 62. The apparatus of claim 50, wherein the message to end the randomly selected pending network connection comprises a spoofed network identifier of the second network node.
  - 63. The apparatus of claim 50, wherein the message to end the randomly selected pending network connection is sent if, in response to the detecting the handshake message, adding another pending network connection to the plurality of pending network connections causes a total of the plurality of pending network connections to exceed a threshold.
  - 64. The apparatus of claim 50, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes with which the first node has successfully handshaked, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes with which the first node has not successfully handshaked.
  - 65. The apparatus of claim 64, wherein the successfully handshaking comprises completing three-way handshaking.
  - 66. The apparatus of claim 64, wherein the random selection component is at least substantially limited to randomly selecting from the second subplurality.
  - 67. The apparatus of claim 64, wherein the random selection Component is limited to randomly selecting from the second subplurality.
  - 68. The apparatus of claim 64, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 69. The apparatus of claim 64, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 70. The apparatus of claim 64, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 71. The apparatus of claim 64, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 72. The apparatus of claim 50, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node does not have historical data.
  - 73. The apparatus of claim 72, wherein the random selection component is at least substantially limited to randomly selecting from the second subplurality.
  - 74. The apparatus of claim 72, wherein the random selection component is limited to randomly selecting from the second subplurality.
  - 75. The apparatus of claim 72, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 76. The apparatus of claim 72, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 77. The apparatus of claim 72, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 78. The apparatus of claim 72, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 79. The apparatus of claim 50, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data having a first characteristic, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data having a second characteristic.
  - 80. The apparatus of claim 79, wherein the random selection component is at least substantially limited to randomly selecting from the second subplurality.
  - 81. The apparatus of claim 79, wherein the random selection component is limited to randomly selecting from the second subplurality.
  - 82. The apparatus of claim 79, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 83. The apparatus of claim 79, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 84. The apparatus of claim 79, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 85. The apparatus of claim 79, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 86. The apparatus of claim 50, wherein the apparatus successfully handshakes between the first network node and each of a plurality of network nodes, and stores a network identifier of each of the plurality of network nodes.
  - 87. The apparatus of claim 86, wherein successfully handshaking comprises completing three-way handshaking.
  - 88. The apparatus of claim 86, wherein the network identifier comprises an Internet Protocol address.
  - 89. The apparatus of claim 86, wherein the network identifier comprises a Transmission Control Protocol port number.
  - 90. The apparatus of claim 50, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises at least one or more pending network connections started in response to a handshake message comprising a network identifier corresponding to a stored identifier, and the second subplurality comprises one or more pending network connections started in response to a handshake message comprising a network identifier not corresponding to a stored identifier.
  - 91. The apparatus of claim 90, wherein the random selection component randomly selects at least substantially from the second subplurality.
  - 92. The apparatus of claim 90, wherein the random selection component randomly selects from the second subplurality.
  - 93. The apparatus of claim 90, wherein the network identifier corresponds to the stored identifier if the network identifier maps to the stored identifier.
  - 94. The apparatus of claim 90, wherein the network identifier corresponds to the stored identifier if the stored identifier maps to the network identifier.
  - 95. The apparatus of claim 90, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 96. The apparatus of claim 90, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 97. The apparatus of claim 90, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 98. The apparatus of claim 90, wherein a total of the plurality of pending network connections equals a total of the second subplurality.

99. An apparatus for limiting connection resources at a first network node, comprising:
- means for detecting, at a second network node, a handshake message sent via at least a first network from a third network node toward the first network node;
  
  means for randomly selecting one of a plurality of pending network connections at the first network node, the plurality of pending network connections started in response to a plurality of handshake messages sent toward the first network node via at least a second network, wherein the means for randomly selecting is coupled to the means for detecting; and
  
  means for sending from the second network node a message to end the randomly selected pending network connection, wherein the means for sending is coupled to the means for detecting.
- View Dependent Claims (100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147)
- - 100. The apparatus of claim 99, wherein the handshake message and the plurality of handshake messages comprise Transmission Control Protocol data comprising a synchronize flag having a set value.
  - 101. The apparatus of claim 99, wherein each of the plurality of pending network connections waits, to complete handshaking, for Transmission Control Protocol data comprising an acknowledge flag having a set value.
  - 102. The apparatus of claim 99, wherein the means for detecting comprises sniffing.
  - 103. The apparatus of claim 99, wherein the message to end the randomly selected pending network connection comprises Transmission Control Protocol data comprising a reset flag having a set value.
  - 104. The apparatus of claim 99, wherein the first network is a local area network.
  - 105. The apparatus of claim 99, wherein the first network is a wide area network.
  - 106. The apparatus of claim 99, wherein the first network is an internetwork.
  - 107. The apparatus of claim 99, wherein the second network is an internetwork.
  - 108. The apparatus of claim 99, wherein the means for randomly selecting follows a probability distribution across the plurality of pending network connections.
  - 109. The apparatus of claim 108, wherein the probability distribution is uniform.
  - 110. The apparatus of claim 108, wherein the probability distribution is nonuniform.
  - 111. The apparatus of claim 99, wherein the message to end the randomly selected pending network connection comprises a spoofed network identifier of the third network node.
  - 112. The apparatus of claim 99, wherein the message to end the randomly selected pending network connection is sent if, in response to the detecting the handshake message, adding another pending network connection to the plurality of pending network connections causes a total of the plurality of pending network connections to exceed a threshold.
  - 113. The apparatus of claim 99, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes with which the first node has successfully handshaked, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes with which the first node has not successfully handshaked.
  - 114. The apparatus of claim 113, wherein the successfully handshaking comprises completing three-way handshaking.
  - 115. The apparatus of claim 113, wherein the means for randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
  - 116. The apparatus of claim 113, wherein the means for randomly selecting is limited to randomly selecting from the second subplurality.
  - 117. The apparatus of claim 113, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 118. The apparatus of claim 113, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 119. The apparatus of claim 113, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 120. The apparatus of claim 113, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 121. The apparatus of claim 99, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node does not have historical data.
  - 122. The apparatus of claim 121, wherein the means for randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
  - 123. The apparatus of claim 121, wherein the means for randomly selecting is limited to randomly selecting from the second subplurality.
  - 124. The apparatus of claim 121, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 125. The apparatus of claim 121, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 126. The apparatus of claim 121, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 127. The apparatus of claim 121, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 128. The apparatus of claim 99, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data having a first characteristic, and the second subplurality comprises one or more pending network connections each started in response to one or more handshake messages sent from network nodes about which the first node has historical data having a second characteristic.
  - 129. The apparatus of claim 128, wherein the means for randomly selecting is at least substantially limited to randomly selecting from the second subplurality.
  - 130. The apparatus of claim 128, wherein the means for randomly selecting is limited to randomly selecting from the second subplurality.
  - 131. The apparatus of claim 128, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 132. The apparatus of claim 128, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 133. The apparatus of claim 128, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 134. The apparatus of claim 128, wherein a total of the plurality of pending network connections equals a total of the second subplurality.
  - 135. The apparatus of claim 99, wherein the apparatus successfully handshakes between the first network node and each of a plurality of network nodes, and stores a network identifier of each of the plurality of network nodes.
  - 136. The apparatus of claim 135, wherein successfully handshaking comprises completing three-way handshaking.
  - 137. The apparatus of claim 135, wherein the network identifier comprises an Internet Protocol address.
  - 138. The apparatus of claim 135, wherein the network identifier comprises a Transmission Control Protocol port number.
  - 139. The apparatus of claim 135, wherein the plurality of pending network connections comprises at least one of a first subplurality and a second subplurality, wherein the first subplurality comprises at least one or more pending network connections started in response to a handshake message comprising a network identifier corresponding to a stored identifier, and the second subplurality comprises one or more pending network connections started in response to a handshake message comprising a network identifier not corresponding to a stored identifier.
  - 140. The apparatus of claim 139, wherein the means for randomly selecting randomly selects at least substantially from the second subplurality.
  - 141. The apparatus of claim 139, wherein the means for randomly selecting randomly selects from the second subplurality.
  - 142. The apparatus of claim 139, wherein the network identifier corresponds to the stored identifier if the network identifier maps to the stored identifier.
  - 143. The apparatus of claim 139, wherein the network identifier corresponds to the stored identifier if the stored identifier maps to the network identifier.
  - 144. The apparatus of claim 139, wherein a total of the plurality of pending network connections exceeds a total of the first subplurality.
  - 145. The apparatus of claim 139, wherein a total of the plurality of pending network connections exceeds a total of the second subplurality.
  - 146. The apparatus of claim 139, wherein a total of the plurality of pending network connections equals a total of the first subplurality.
  - 147. The apparatus of claim 139, wherein a total of the plurality of pending network connections equals a total of the second subplurality.

148. A system apparatus for limiting connection resources, comprising:
- a first network node of one or more servers;
  
  a packet sniffer component coupled to the first network node, wherein the packet sniffer detects a handshake message sent via at least the first network from a second network node toward the first network node;
  
  a random selection component coupled to the packet sniffer, wherein the random selection component randomly selects one of a plurality of pending network connections at the first network node, and the plurality of pending network connections are started in response to a plurality of handshake messages sent toward the first network node via at least a second network; and
  
  a sending component coupled to the first network node, wherein the sending component sends a message to end the randomly selected pending network connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Virtual Instruments Worldwide, Inc.
Original Assignee
Netzentry Incorporated
Inventors
Ricciulli, Livio
Primary Examiner(s)
Barot, Bharat

Application Number

US09/789,477
Time in Patent Office

1,358 Days
Field of Search

709/200-202, 709/223-229, 709/237-242, 709/248-249, 718/102, 718/104, 370/216-217, 370/235-238, 370/241-245, 370/351, 370/400-401, 370/408
US Class Current

709/237
CPC Class Codes

H04L 41/0896   Bandwidth or capacity manag...

H04L 63/1458   Denial of Service

H04L 67/14   Session management for real...

H04L 69/163   In-band adaptation of TCP d...

Method and apparatus for limiting network connection resources

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

148 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for limiting network connection resources

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

148 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links