Method and system for controlling a policy-based network

US 7,003,578 B2
Filed: 04/26/2001
Issued: 02/21/2006
Est. Priority Date: 04/26/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method for controlling a policy-based network, comprising the steps of:

establishing a first policy within a policy server of the network, wherein the first policy includes at least a first function and a second function;

converting the first policy into at least a second policy and a third policy, wherein the second policy defines a virtual flow label and the third policy is associated with the virtual flow label, and wherein the second policy is associated with the first function and the third policy is associated with the second function;

distributing the second policy and the third policy within the network to at least one node; and

controlling the at least one node using the second policy and the third policy.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system are described for controlling a policy-based network. According to an exemplary embodiment of the present invention, a first policy is established within a policy server of the network, wherein the first policy includes at least a first function and a second function. The first policy is converted into at least a second policy and a third policy, wherein the second policy is associated with the first function and the third policy is associated with the second function. The second policy and the third policy are distributed within the network to at least one node. The at least one node is controlled using the second policy and the third policy.

277 Citations

14 Claims

1. A method for controlling a policy-based network, comprising the steps of:
- establishing a first policy within a policy server of the network, wherein the first policy includes at least a first function and a second function;
  
  converting the first policy into at least a second policy and a third policy, wherein the second policy defines a virtual flow label and the third policy is associated with the virtual flow label, and wherein the second policy is associated with the first function and the third policy is associated with the second function;
  
  distributing the second policy and the third policy within the network to at least one node; and
  
  controlling the at least one node using the second policy and the third policy.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the first policy includes at least a first policy rule having the first function in the first policy rule and a second policy rule having the second function in the second policy rule, andwherein the second policy includes at least a third policy rule having the first function and defines the virtual flow label in the third policy rule, andwherein the third policy includes at least a fourth policy rule having the second function in the fourth policy rule, the fourth policy rule being associated with the virtual flow label.
  - 3. The method of claim 1, wherein the first policy includes a list of condition parts of policy rules included in the first policy,wherein the second policy includes a list of condition parts of policy rules included in the second policy,wherein the third policy includes a list of condition parts of policy rules included in the third policy, andwherein the list of condition parts included in the first policy is equal to the list of condition parts included in the second policy and the list of condition parts included in the third policy.
  - 4. The method of claim 1, wherein the first policy includes at least a first policy rule having at least a first condition and a second condition in a condition part of the first policy rule, wherein the first condition and the second condition are coupled with a logical “
    - OR”
      
      operator,wherein the second policy includes at least a second policy rule having the first condition in a condition part of the second policy rule and a third policy rule having the second condition in a condition part of the third policy rule, andwherein the third policy includes at least a fourth policy rule having the first condition in a condition part of the fourth policy rule and a fifth policy rule having the second condition in a condition part of the fifth policy rule.
  - 5. The method of claim 1, wherein the first policy includes at least a first policy rule having at least a first condition and a second condition in a condition part of the first policy rule, wherein the first condition and the second condition are coupled with a logical “
    - OR”
      
      operator,wherein the second policy includes at least a second policy rule having the first condition in a condition part of the second policy rule and a third policy rule having the second condition in a condition part of the third policy rule, wherein the second policy rule includes, in an action part of the second policy rule, a marking action of a first value in a field in each of a plurality of data packets, wherein the third policy rule includes, in an action part of the third policy rule, a marking action of the first value in the field in each of the plurality of data packets, andwherein the third policy includes at least a fourth policy rule, and a condition part of the fourth policy rule determines whether the field in each of the plurality of data packets includes the first value.

6. A method for controlling a policy-based network, comprising the steps of:
- establishing a first policy within a policy server of the network, wherein the first policy includes at least a first function and a second function;
  
  converting the first policy into at least a second policy and a third policy, wherein the second policy is associated with the first function and the third policy is associated with the second function;
  
  distributing the second policy and the third policy within the network to at least one node; and
  
  controlling the at least one node using the second policy and the third policy, wherein the first policy includes at least a first policy rule having the first function in an action part of the first policy rule and a second policy rule having a first reference and having the second function in an action part of the second policy rule,wherein the first function modifies the contents of a field in each of a plurality of data packets,wherein the first reference refers to a value of the field modified by the first function,wherein the second policy includes at least a third policy rule having the first function and a virtual flow label value in an action part of the third policy rule and a fourth policy rule having the first reference in a condition part of the fourth policy rule, andwherein the third policy includes at least a fifth policy rule having a reference to the virtual flow label value in a condition part of the fifth policy rule and having the second function.

7. A method for controlling a policy-based network, comprising the steps of:
- establishing a first policy within a policy server of the network, wherein the first policy includes at least a first function and a second function;
  
  converting the first policy into at least a second policy and a third policy, wherein the second policy is associated with the first function and the third policy is associated with the second function;
  
  distributing the second policy and the third policy within the network to at least one node; and
  
  controlling the at least one node using the second policy and the third policy, wherein the first policy includes at least a first policy rule having a first reference in a condition part of the first policy rule and a second policy rule having a second reference and having a second function in an action part of the second policy rule,wherein the first reference refers to the contents of a field in each of a plurality of data packets,wherein the second reference refers to a value of the field modified by the first function,wherein the second policy includes at least a third policy rule having the first reference in a condition part of the third policy rule and a fourth policy rule having the second reference and a virtual flow label in a condition part of the fourth policy rule, andwherein the third policy includes at least a fifth policy rule having a reference to the virtual flow label in a condition part of the fifth policy rule and having the second function.

8. A method for controlling a policy-based network, comprising the steps of:
- establishing a first policy within a policy server of the network, wherein the first policy includes at least a first function and a second function;
  
  converting the first policy into at least a second policy and a third policy, wherein the second policy is associated with the first function and the third policy is associated with the second function;
  
  distributing the second policy and the third policy within the network to at least one node; and
  
  controlling the at least one node using the second policy and the third policy, wherein the first policy includes at least a first policy rule having at least a first condition and a second condition in a condition part of the first policy rule, wherein the first condition and the second condition are coupled with a logical “
  
  OR”
  
  operator,wherein the second policy includes at least a second policy rule having the first condition in a condition part of the second policy rule and a third policy rule having the second condition in a condition part of the third policy rule, wherein the second policy rule and the third policy rule each define a first virtual flow label value, andwherein the third policy includes at least a fourth policy rule, and a condition part of the fourth policy rule determines the first virtual flow label value.

9. A method for controlling a policy-based network, comprising the steps of:
- establishing at least a first policy and a second policy within a policy server of the network, wherein the first policy includes at least a first function and the second policy includes at least a second function, wherein the first policy defines a virtual flow label and the second policy is associated with the virtual flow label;
  
  converting the first policy and the second policy into a third policy, wherein the third policy is associated with the first function and the second function;
  
  distributing the third policy within the network to at least one node; and
  
  controlling the at least one node using the third policy.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9, wherein the first policy includes at least a first policy rule having the first function in an action part of the first policy rule, andwherein the second policy includes at least a second policy rule having the second function in an action part of the second policy rule, andwherein the third policy includes at least a third policy rule having the first function in an action part of the third policy rule and a fourth policy rule having the second function in an action part of the fourth policy rule.
  - 11. The method of claim 9, wherein the first policy includes at least a first policy rule having a first condition in a condition part of the first policy rule and having in an action part of the first policy rule a marking action of a first value of a field in each of a plurality of data packets,wherein the second policy includes at least a second policy rule, a condition part of the second policy rule determining whether the field in each of the plurality of data packets contains the first value, and having the first function in an action part of the second policy rule, andwherein the third policy includes at least a third policy rule and a fourth policy rule,wherein the third policy rule includes the first condition in a condition part of the third policy rule and the first function in an action part of the third policy rule, andwherein the fourth policy rule includes a condition part for determining whether the field in each of the plurality of data packets contains the first value, and includes the first function in an action part of the fourth policy rule.
  - 12. The method of claim 9, wherein the first policy includes at least a first policy rule and a second policy rule,wherein the first policy rule includes a first condition in a condition part of the first policy rule and includes in an action part of the first policy rule a marking action of a first value of a field in each of a plurality of data packets,wherein the second policy rule includes a second condition in a condition part of the second policy rule,wherein the second policy includes at least a third policy rule having a condition part determining whether the field in each of the plurality of data packets includes the first value, and having in an action part of the third policy rule the first function, andwherein the third policy includes at least a fourth policy rule and a fifth policy rule,wherein the fourth policy rule includes the first condition in a condition part of the fourth policy rule and the first function in an action part of the fourth policy rule, andwherein the fifth policy rule includes the second condition and a condition part for determining whether the field in each of the plurality of data packets contains the first value, and includes the first function in an action part of the fifth policy rule.

13. A system for controlling a policy-based network, comprising:
- a policy server for establishing policies;
  
  conversion means for converting at least one of a high-level policy into a plurality of low-level policies and a plurality of high-level policies into a low-level policy, wherein the high-level policies are based on virtual flow labels;
  
  distributing means for distributing within the network at least one of the low-level policy and the plurality of low-level-policies;
  
  a network node for receiving at least one of the low-level policy and the plurality of low-level-policies.
- View Dependent Claims (14)
- - 14. The system of claim 13, wherein the conversion means converts both the high-level policy into the plurality of low-level policies and the plurality of high-level policies into the low-level policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company), Hitachi, Ltd.
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Kanada, Yasusi, O'Keefe, Brian J.
Primary Examiner(s)
Wiley, David
Assistant Examiner(s)
Nguyen, Phuoc H.

Application Number

US09/842,130
Publication Number

US 20020194317A1
Time in Patent Office

1,762 Days
Field of Search

709/220, 709/221, 709/223, 709/224, 709/203, 709/225, 709/230
US Class Current

709/230
CPC Class Codes

H04L 47/10 Flow control; Congestion co...

H04L 47/2408 for supporting different se...

Method and system for controlling a policy-based network

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

277 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for controlling a policy-based network

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

277 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links