Distributed service level management for network traffic

US 7,475,141 B1
Filed: 07/31/2001
Issued: 01/06/2009
Est. Priority Date: 07/31/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

determining by a first network management device, separate and distinct from a first router of a network, whether the first router is meeting a service level for a first group of network traffic of the network serviced by the first router; and

regulating a second group of network traffic of the network, also being serviced by said first router, by blocking the second group to assist the first router in meeting the service level for the first group of network traffic and nullify a denial of service attack involving the first router, the second group of network traffic being separate and distinct from said first group of network traffic;

wherein said first group of network traffic comprises network traffic destined for/sourced from first one or more network nodes of said network, and said second group of network traffic comprises network traffic destined for/sourced from second one or more network nodes of said network that are separate and distinct from said first one or more network nodes.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One or more networking apparatuses are employed to practice a networking method that improves a first networking device'"'"'s likelihood in meeting its service level goals/commitments for a first group of network traffic serviced by the first networking device. Determination is made, away from the networking device, on whether the first network device is meeting the service level goals/commitments for the first group of network traffic. Determination may include monitoring the first group of network traffic at or away from the networking device. If the service level goals/commitments are not being met, a second group of network traffic (also serviced by the first networking device) is regulated. Regulation may be made at the networking device or away from the network device. Additionally, if the condition for regulation is no longer presents, regulation may be moderated or removed. Further, the service level goals/commitments may include reliability and/or performance goals/commitments.

35 Citations

View as Search Results

19 Claims

1. A method comprising:
- determining by a first network management device, separate and distinct from a first router of a network, whether the first router is meeting a service level for a first group of network traffic of the network serviced by the first router; and
  
  regulating a second group of network traffic of the network, also being serviced by said first router, by blocking the second group to assist the first router in meeting the service level for the first group of network traffic and nullify a denial of service attack involving the first router, the second group of network traffic being separate and distinct from said first group of network traffic;
  
  wherein said first group of network traffic comprises network traffic destined for/sourced from first one or more network nodes of said network, and said second group of network traffic comprises network traffic destined for/sourced from second one or more network nodes of said network that are separate and distinct from said first one or more network nodes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein said method further comprises monitoring one or more network traffic metrics associated with said first group of network traffic that are at least partially indicative of whether the first router is meeting said service level for said first group of network traffic.
  - 3. The method of claim 2, wherein said service level comprises a selected one of a reliability service level and a performance service level.
  - 4. The method of claim 2, wherein said monitoring is performed at said first networking device.
  - 5. The method of claim 2, wherein said monitoring is performed away from said first networking device.
  - 6. The method of claim 1, wherein said method further comprises determining by a second network management device, away from said first router, whether said second group of network traffic substantially contributes to said first router'"'"'s non-meeting of said service level for said first group of network traffic, and said regulating of said second group of network traffic is conditionally performed, upon determining said second group of network traffic substantially contributes to said first router is not meeting of said service level for said first group of network traffic.
  - 7. The method of claim 6, wherein said first and second network management devices are separate and distinct network management devices.
  - 8. The method of claim 6, wherein said first and second network management devices are the same network management device.
  - 9. The method of claim 1, wherein said service level is a selected one of a service level goal and a service level commitment of said first router for said first group of network traffic of the network serviced by said first router.
  - 10. The method of claim 1, wherein said first group of network traffic comprises network traffic destined for/sourced from a first client of a first network node of said network, and said second group of network traffic comprises network traffic destined for/sourced from a second client of the same first network node of said network.
  - 11. The method of claim 1, wherein said method further comprises determining by a second network management device, away from said first router, where said regulating is to be performed.
  - 12. The method of claim 1, wherein said regulating comprises regulating said first router with respect to services provided by said first router to said second group of network traffic.
  - 13. The method of claim 1, wherein said regulating comprises regulating a second router of said network with respect to services provided by said second router to said second group of network traffic.
  - 14. The method of claim 1, wherein said method further comprises determining by a second network management device, whether said second group of network traffic are being regulated, and if said second group of network traffic are being regulated, whether the regulation is to be moderated.
  - 15. The method of claim 1, wherein said method further comprises:
    - monitoring packet drop rate associated with said first group of network traffic; and
      
      determining whether the first router is meeting said service level for said first group of network traffic based on the packet drop rate.
  - 16. The method of claim 1, wherein said method further comprises:
    - monitoring a volume of data transmitted by the first router; and
      
      determining whether the first router is meeting said service level for said first group of network traffic based on the volume.
  - 17. The method of claim 1, wherein said method further comprises:
    - monitoring an average turn-around time of packets transmitted by the first router; and
      
      determining whether the first router is meeting said service level for said first group of network traffic based on the average turn-around time of the packets.

18. A method comprising:
- determining by a network management device, separate and distinct from a router of a network, whether the router is meeting a service level for a first group of network traffic of the network serviced by the router;
  
  regulating a second group of network traffic of the network, also being serviced by said router, by blocking the second group to assist the router in meeting the service level for the first group of network traffic and nullify a denial of service attack involving the router, the second group of network traffic being separate and distinct from said first group of network traffic;
  
  determining by a second network management device, away from said router, whether said second group of network traffic substantially contributes to said router'"'"'s non-meeting of said service level for said first group of network traffic, and said regulating of said second group of network traffic is conditionally performed, upon determining said second group of network traffic substantially contributes to said router not meeting of said service level for said first group of network traffic; and
  
  determining by the second network management device, whether said second group of network traffic are being regulated, and if said second group of network traffic are being regulated, whether the regulation is to be moderated to unblock the second group.

19. A system comprising:
- a managed networking device transmitting network traffic to and from other networking devices;
  
  a sensor, located away from a managed networking device, that determines whether the managed networking device is meeting a service level for a first group of the network traffic serviced by the managed networking device by monitoring a packet drop rate associated with said first group of network traffic;
  
  a director, located away from a managed networking device, that determines whether a second group of network traffic substantially contributes to said managed networking device failure to meet the said service level for said first group of network traffic, the second group of network traffic being also serviced by the managed networking device, but separate and distinct from said first group of network traffic, wherein said first group of network traffic comprises network traffic destined for/sourced from first one or more network nodes of said network, and said second group of network traffic comprises network traffic destined for/sourced from second one or more network nodes of said network that are separate and distinct from said first one or more network nodes, wherein the director regulates the second group of network traffic of the network by signaling the second networking device to block the second group of network traffic to assist the managed networking device in meeting the service level for the first group of network traffic and nullify a denial of service attack involving the managed networking device, if said second group of network traffic is determined to substantially contribute to a failure to meet the service level for said first group of network traffic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arbor Networks Incorporated (NetScout Systems Incorporated)
Original Assignee
Arbor Networks Incorporated (NetScout Systems Incorporated)
Inventors
Savage, Stefan R., Anderson, Thomas E., Wetherall, David J.
Primary Examiner(s)
Cardone; Jason D
Assistant Examiner(s)
NGUYEN, MINH CHAU

Application Number

US09/920,335
Time in Patent Office

2,716 Days
Field of Search

709/226, 709/238, 709/243, 709/200, 709/230, 709/229, 370/229, 370/232, 370/230
US Class Current

709/226
CPC Class Codes

H04L 41/5003   Managing SLA; Interaction b...

H04L 41/5009   Determining service level p...

H04L 41/5025   by proactively reacting to ...

Distributed service level management for network traffic

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Distributed service level management for network traffic

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links