Configuration rule generation with compressed address sets
First Claim
1. A method for generating one or more network application configuration rules, comprising:
- receiving, at a processing system, a plurality of input addresses;
generating, at the processing system, an acyclic tree having leaf nodes corresponding to the plurality of input addresses, each input address having an input address size measurable in bits and the acyclic tree comprising a binary tree with a depth of at least the input address size; and
generating, at the processing system, based at least in part on the tree and a tolerance value, one or more rules, wherein the one or more rules reference the plurality of input addresses and zero or more additional addresses, the number of the additional addresses referenced being controlled based at least in part on the tolerance value, and each of the one or more rules comprises a Classless Internet Domain Routing (CIDR) expression determined based at least in part on a depth of a corresponding node in the acyclic tree.
10 Assignments
0 Petitions
Accused Products
Abstract
Techniques for compressing a set of input addresses to generate a set of one or more rules for various network applications and tools such as routers, firewalls, and others. A tree is generated based upon a set of input addresses. A set of one or more rules may be generated based upon the generated tree and a tolerance value. The set of one or more rules may identify one or more address segments that include the input addresses and may also include one or more additional addresses. In one embodiment, the set of one or more rules may be one or more Classless Internet Domain Routing (CIDR) expressions. The set of one or more rules may be provided to various network applications and tools for further processing.
20 Citations
21 Claims
-
1. A method for generating one or more network application configuration rules, comprising:
-
receiving, at a processing system, a plurality of input addresses; generating, at the processing system, an acyclic tree having leaf nodes corresponding to the plurality of input addresses, each input address having an input address size measurable in bits and the acyclic tree comprising a binary tree with a depth of at least the input address size; and generating, at the processing system, based at least in part on the tree and a tolerance value, one or more rules, wherein the one or more rules reference the plurality of input addresses and zero or more additional addresses, the number of the additional addresses referenced being controlled based at least in part on the tolerance value, and each of the one or more rules comprises a Classless Internet Domain Routing (CIDR) expression determined based at least in part on a depth of a corresponding node in the acyclic tree. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium storing a plurality of instructions that, when executed, cause one or more computers to collectively, at least:
-
receive a plurality of input addresses; generate an acyclic tree having leaf nodes corresponding to the plurality of input addresses, each input address having an input address size measurable in bits and the acyclic tree comprising a binary tree with a depth of at least the input address size; and generate, based at least in part upon the generated tree and a tolerance value, one or more rules, wherein the one or more rules reference the plurality of input addresses and zero or more additional addresses, the number of additional addresses referenced being controlled based at least in part on the tolerance value, and each of the one or more rules comprises a Classless Internet Domain Routing (CIDR) expression determined based at least in part on a depth of a corresponding node in the acyclic tree. - View Dependent Claims (18, 19)
-
-
20. A system for generating one or more network application configuration rules, the system comprising:
-
a memory configured at least to store a plurality of input addresses; and a processor communicatively coupled to the memory, wherein the processor is configured to facilitate, at least; receiving a plurality of input addresses; generating an acyclic tree having leaf nodes corresponding to the plurality of input addresses, each input address having an input address size measurable in bits and the acyclic tree comprising a binary tree with a depth of at least the input address size; and generating, based at least in part upon the tree and a tolerance value, one or more rules, wherein the one or more rules reference the plurality of input addresses and zero or more additional addresses, the number of the additional addresses referenced being controlled based at least in part on the tolerance value, and each of the one or more rules comprises a Classless Internet Domain Routing (CIDR) expression determined based at least in part on a depth of a corresponding node in the acyclic tree. - View Dependent Claims (21)
-
Specification