Application integrated gateway
First Claim
1. A method for allowing a network application to be stateless in an IP network, the method comprising:
- receiving, at the network application in a network device, state information for a session for a user device, wherein the state information comprises a service route header and identification information for the user device;
sending, from the network device, the state information to a user-plane application through a network interface coupled to the network device, wherein the user-plane application comprises a gateway configured to route communications for the user device, the user-plane application being located in a network associated with the user device on an opposite side of the network interface from the network device, and wherein the user-plane application is configured to store the state information in a cache having the service route header associated with the user device identification information, and perform a stateful operation for the network application using the stored state information to offload the stateful operation from the network application of the network device to allow the network application to be stateless with respect to the offloaded stateful operation;
when the stateful operation is a security operation;
receiving in the network device, a message from the user device;
generating security information based on the received message; and
communicating with the user-plane application to have a crypto pointer allocated by the user-plane application for the security information, wherein the crypto pointer is stored in the cache associated with the user-plane application; and
upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, communicating with the user-plane application to receive the state information and the crypto pointer from the cache associated with the user-plane application for continuing the session with the re-initialized network application without needing to establish a new session for the user device.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a network application may offload stateful operations to a user-plane application. In one embodiment, the network application receives state information for a user device. The network application then sends the state information to a user-plane application, which can maintain the state information. The network application may then offload a stateful operation to the user-plane application. For example, the network application may have the user-plane application perform stateful operations. Also, the network application may use the state information maintained at the user-plane application for error recovery after the network application fails. For example, the network application may recover the state information from the user-plane application after failure.
73 Citations
36 Claims
-
1. A method for allowing a network application to be stateless in an IP network, the method comprising:
-
receiving, at the network application in a network device, state information for a session for a user device, wherein the state information comprises a service route header and identification information for the user device; sending, from the network device, the state information to a user-plane application through a network interface coupled to the network device, wherein the user-plane application comprises a gateway configured to route communications for the user device, the user-plane application being located in a network associated with the user device on an opposite side of the network interface from the network device, and wherein the user-plane application is configured to store the state information in a cache having the service route header associated with the user device identification information, and perform a stateful operation for the network application using the stored state information to offload the stateful operation from the network application of the network device to allow the network application to be stateless with respect to the offloaded stateful operation; when the stateful operation is a security operation; receiving in the network device, a message from the user device; generating security information based on the received message; and communicating with the user-plane application to have a crypto pointer allocated by the user-plane application for the security information, wherein the crypto pointer is stored in the cache associated with the user-plane application; and upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, communicating with the user-plane application to receive the state information and the crypto pointer from the cache associated with the user-plane application for continuing the session with the re-initialized network application without needing to establish a new session for the user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for allowing a network application to be stateless in an IP network, the method comprising:
-
receiving, at a user-plane application in a computing device, state information for a session for a user device, the state information required for communications to and from the user device and received through a network interface, wherein the user-plane application is located in a network associated with the user device on an opposite side of the network interface from the network application, wherein the computing device comprises a gateway configured to route communications for the user device; storing the state information with the user-plane application associated with the user device, wherein the state information comprises a service route header and address for the user device, wherein the user-plane application stores the service route header and the address in a cache having the service route header associated with the user device address; performing, using the computing device, a stateful operation using the state information for the network application, the stateful operation being offloaded from being performed by the network application to allow the network application to be stateless with respect to the offloaded stateful operation; when the stateful operation is a security operation; receiving a message from the network application to have a crypto pointer allocated in the computing device, wherein the crypto pointer allocation is based on security information from the received message; storing the crypto pointer in the cache associated with the user-plane application for the security information associated with identification information for the network application; and sending the crypto pointer to the network application; upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, receiving a request from the network device for the state information and the crypto pointer; and sending the state information and the crypto pointer retrieved from the cache associated with the user-plane application to the re-initialized network application in the network device for continuing the session with the network application without needing to establish a new session for the user device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus configured to allow a network application to be stateless in an IP network, the apparatus comprising:
-
one or more computer processors in a network device; and a non-transitory computer-readable storage medium containing instructions that, when executed by the one or more computer processors, cause the one or more computer processors to perform a set of steps comprising; receiving, at the network application in the network device, state information for a session for a user device, wherein the state information comprises a service route header and identification information for the user device; sending, from the one or more computer processors, the state information to a user-plane application through a network interface coupled to the network device, wherein the user-plane application comprises a gateway configured to route communications for the user device, the user-plane application being located in a network associated with the user device on an opposite side of the network interface from the network device, and wherein the user-plane application is configured to store the state information in a cache having the service route header associated with the user device identification information, and perform a stateful operation for the network application using the stored state information to offload the stateful operation from the network application of the network device to allow the network application to be stateless with respect to the offloaded stateful operation; when the stateful operation is a security operation; receiving in the network device, a message from the user device; generating security information based on the received message; and communicating with the user-plane application to have a crypto pointer allocated by the user-plane application for the security information, wherein the crypto pointer is stored in the cache associated with the user-plane application; and upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, communicating with the user-plane application to receive the state information and the crypto pointer from the cache associated with the user-plane application for continuing the session with the re-initialized network application without needing to establish a new session for the user device. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. An apparatus configured to allow a network application to be stateless in an IP network, the apparatus comprising:
-
one or more computer processors; and a non-transitory computer-readable storage medium containing instructions that, when executed by the one or more computer processors, cause the one or more computer processors to perform a set of steps comprising; receiving, in a gateway at a user-plane application from a network device, state information for a session for a user device, the state information required for communications to and from the user device and received through a network interface, wherein the user-plane application is located in a network associated with the user device on an opposite side of the network interface from the network application of the network device, wherein the gateway having the user-plane application is configured to route communications for the user device; storing the state information with the user-plane application associated with the user device, wherein the state information comprises a service route header and address for the user device, wherein the user-plane application stores the service route header and the address in a cache having the service route header associated with the user device address; performing, using the one or more computer processors, a stateful operation using the state information for the network application, the stateful operation being offloaded from being performed by the network application to allow the network application to be stateless with respect to the offloaded stateful operation; when the stateful operation is a security operation; receiving a message from the network application to have a crypto pointer allocated in the computing device, wherein the crypto pointer allocation is based on security information from the received message; storing the crypto pointer in the cache associated with the user-plane application for the security information associated with identification information for the network application; and sending the crypto pointer to the network application; upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, receiving a request from the network device for the state information and the crypto pointer; and sending the state information and the crypto pointer retrieved from the cache associated with the user-plane application to the re-initialized network application in the network device for continuing the session with the network application without needing to establish a new session for the user device. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34)
-
-
35. An apparatus configured to allow a network application to be stateless in an IP network, the apparatus comprising:
-
a computer processor; means for receiving, at the network application in a network device, state information for a session for a user device, wherein the state information comprises a service route header and identification information for the user device; means for sending from the computer processor, the state information to a user-plane application through a network interface coupled to the network device, wherein the user-plane application comprises a gateway configured to route communications for the user device, the user-plane application being located in a network associated with the user device on an opposite side of the network interface from the network device, and wherein the user-plane application is configured to store the state information in a cache having the service route header associated with the user device identification information, and perform a stateful operation for the network application using the stored state information to offload the stateful operation from the network application of the network device to allow the network application to be stateless with respect to the offloaded stateful operation; when the stateful operation is a security operation; means for receiving in the network device, a message from the user device; means for generating security information based on the received message; and means for communicating with the user-plane application to have a crypto pointer allocated by the user-plane application for the security information, wherein the crypto pointer is stored in the cache associated with the user-plane application; and upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, communicating with the user-plane application to receive the state information and the crypto pointer from the cache associated with the user-plane application for continuing the session with the re-initialized network application without needing to establish a new session for the user device.
-
-
36. An apparatus configured to allow a network application to be stateless in an IP network, the apparatus comprising:
-
a computer processor; means for receiving, in a gateway at a user-plane application, state information for a session for a user device, the state information required for communications to and from the user device and received through a network interface, wherein the user-plane application is located in a network associated with the user device on an opposite side of the network interface from the network application, wherein the gateway having the user-plane application is configured to route communications for the user device; means for storing the state information with the user-plane application associated with the user device, wherein the state information comprises a service route header and address for the user device, wherein the user-plane application stores the service route header and the address in a cache having the service route header associated with the user device address; means for performing, using the computer processor, a stateful operation using the state information for the network application, the stateful operation being offloaded from being performed by the network application to allow the network application to be stateless with respect to the offloaded stateful operation; when the stateful operation is a security operation; means for receiving a message from the network application to have a crypto pointer allocated in the computing device, wherein the crypto pointer allocation is based on security information from the received message; means for storing the crypto pointer in the cache associated with the user-plane application for the security information associated with identification information for the network application; and means for sending the crypto pointer to the network application; upon a failure of the network application that causes the network device to lose the state information and the crypto pointer, and re-initialization of the network application in the network device after the failure, receiving a request from the network device for the state information and the crypto pointer; and means for sending the state information and the crypto pointer retrieved from the cache associated with the user-plane application to the re-initialized network application in the network device for continuing the session with the network application without needing to establish a new session for the user device.
-
Specification