Method and apparatus for defining and implementing high-level quality of service policies in computer networks
First Claim
1. In a policy server for connection to a computer network having a plurality of intermediate network devices each supporting a respective set of network services, whereby at least some of the network services differ among the intermediate network devices, a method for implementing high-level, device-independent traffic management policies within the computer network, the method comprising the steps of:
- receiving one or more high-level policies;
translating the one or more high-level policies into a plurality of executable rules;
receiving a request for traffic management policies from an intermediate network device, wherein the request specifies a set of network services that are supported by the particular network device that issued the request;
selecting, in response to the request, one or more rules that are compatible with the network services specified by the intermediate network device; and
forwarding the selected one or more rules to the intermediate network device, wherein different rules are selected and forwarded to at least some of the intermediate network devices as a result of the differing network services that they support.
0 Assignments
0 Petitions
Accused Products
Abstract
A computer network having multiple, dissimilar network devices includes a system for implementing high-level, network policies. The high-level policies, which are generally device-independent, are translated by one or more policy servers into a set of rules that can be put into effect by specific network devices. Preferably, a network administrator selects an overall traffic template for a given domain and may assign various applications and/or users to the corresponding traffic types of the template. Location-specific policies may also be established by the network administrator. The policy server translates the high-level policies inherent in the selected traffic template and location-specific policies into a set of rules, which may include one or more access control lists, and may combine several related rules into a single transaction. Intermediate network devices, which may have one or more roles assigned to their interfaces, are configured to request traffic management information from the policy server which replies with a particular set of transactions and rules. The rules, which may correspond to the particular roles assigned to the interfaces, are then utilized by the intermediate devices to configure their particular services and traffic management mechanisms. Other rules are utilized by the intermediate devices to classify packets with a particular priority and/or service value and to treat classified packets in a particular manner so as to realize the selected high-level policies within the domain.
-
Citations
33 Claims
-
1. In a policy server for connection to a computer network having a plurality of intermediate network devices each supporting a respective set of network services, whereby at least some of the network services differ among the intermediate network devices, a method for implementing high-level, device-independent traffic management policies within the computer network, the method comprising the steps of:
-
receiving one or more high-level policies; translating the one or more high-level policies into a plurality of executable rules; receiving a request for traffic management policies from an intermediate network device, wherein the request specifies a set of network services that are supported by the particular network device that issued the request; selecting, in response to the request, one or more rules that are compatible with the network services specified by the intermediate network device; and forwarding the selected one or more rules to the intermediate network device, wherein different rules are selected and forwarded to at least some of the intermediate network devices as a result of the differing network services that they support. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. In an intermediate network device, a method for implementing high-level traffic management policies, the method comprising the steps of:
-
identifying one or more network services that the network device supports; issuing a request for traffic management policies, the request specifying the one or more identified network services that are supported; receiving one or more rules for managing network traffic at the intermediate network device; and utilizing the one or more rules to configure the one or more network services so as to realize the high-level traffic management policies. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A policy server for use in implementing high-level, device-independent traffic management policies within a computer network having a plurality of intermediate network devices and one or more information resources, the intermediate network devices each supporting a respective set of network services, whereby at least some of the network services differ among the intermediate network devices, the policy server comprising:
-
a policy translator that is configured to receive the high-level traffic management policies including one or more corresponding data structures, and to access the one or more information resources for inserting information in the data structures; a policy rule generating engine coupled to the policy translator and configured to translate the data structures into one or more executable traffic management rules; a device-specific filter entity coupled to the policy rule generating engine and configured to select a subset of the one or more traffic management rules in response to a request from a respective intermediate network device having particular traffic management resources and services; and a communication engine coupled to the device-specific filter entity for exchanging requests from intermediate network devices and selected subsets of the one or more traffic management rules, wherein the device-specific filter entity selects different rule subsets for transmission to the intermediate network devices as a result of the differing network services that they support. - View Dependent Claims (26, 27, 28, 29, 30, 31)
-
-
32. A network device for use in forwarding network messages in a computer network, the network device comprising:
-
a plurality of interfaces from which the network messages may be received and sent; a plurality of network services coupled to the interfaces for use in examining and processing the network messages; and a traffic management controller operatively coupled to the network services, wherein the traffic management controller issues a request for traffic management policies, receives one or more policies in response to the request, and configures the network services so as to realize the received policies wherein the traffic management controller issues a request for traffic management policies, receives one or more policies in response to the request, and configures the network services so as to realize the received policies wherein the request specifies one or more of the network device'"'"'s network services so that the received policies will be compatible therewith.
-
-
33. A method for setting traffic management policies in a computer network, comprising:
-
receiving one or more high-level policies, wherein the one or more high-level policies include one or more corresponding data structures; translating the one or more high-level policies into a plurality of executable rules by translating the one or more data structures into executable rules; receiving a request for traffic management policies from an intermediate network device, wherein the request specifies a set of network services that are supported by the particular network device that issued the request; in response to the request, selecting, by filtering, one or more rules that are compatible with the network services specified by the intermediate network device; and forwarding the selected one or more rules to the intermediate network device, wherein a process on the intermediate device selects different rules and forwards the rules to at least some of the plurality of intermediate network devices as a result of the differing network services that they support.
-
Specification