Controlling non-congestion controlled flows
First Claim
Patent Images
1. A machine-implemented method, comprising:
- receiving a packet;
identifying a flow comprising a plurality of packets based on the received packet;
identifying an access control (“
AC”
) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;
tracking the flow in the flow set by at least the identified AC policy;
marking the flow as being out of a virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination; and
marking the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped.
2 Assignments
0 Petitions
Accused Products
Abstract
A packet is received. A flow associated with the packet is determined. An access control (“AC”) policy for the flow is determined. The flow in a flow set is organized for transmission based at least on the AC policy. A bandwidth for the flow is monitored. The flow is marked for transmission based on the monitoring.
-
Citations
42 Claims
-
1. A machine-implemented method, comprising:
-
receiving a packet; identifying a flow comprising a plurality of packets based on the received packet; identifying an access control (“
AC”
) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;tracking the flow in the flow set by at least the identified AC policy; marking the flow as being out of a virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination; and marking the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A machine-implemented method to control non-congestion controlled flows, comprising:
-
monitoring a number of flows in a flow set, wherein each of the flows that comprises a plurality of packets is identified by a unique identifier; matching the number of flows against an access control (“
AC”
) policy threshold number;if the number of flows is greater than the AC polity threshold number, marking a flow as being in a virtual penalty box based on a priority rank of the flow relative to other flows in the flow set; dropping a packet associated with the flow that has been marked as being in the penalty box; and marking the flow as being out of the virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine readable storage medium that has stored instructions which when executed cause a data processing system to perform operations comprising:
-
receiving a packet; identifying a flow comprising a plurality of packets based on the received packet; identifying an access control (“
AC”
) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;tracking the flow in the flow set by at least the identified AC policy; marking the flow as being out of a virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination; and marking the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A non-transitory machine readable storage medium that has stored instructions which when executed cause a data processing system to perform operations to control non-congestion controlled flows, comprising:
-
monitoring a number of flows in a flow set, wherein each of the flows that comprises a plurality of packets is identified by a unique identifier; matching the number of flows against an access control (“
AC”
) policy threshold number;if the number of flows is greater than the AC polity threshold number, marking a flow as being in a virtual penalty box based on a priority rank of the flow relative to other flows in the flow set; dropping a packet associated with the flow that has been marked as being in the penalty box; and marking the flow as being out of the virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. An apparatus comprising:
-
a memory; and a processing unit coupled to the memory, wherein the processing unit is configured; to receive a packet; to identify a flow comprising a plurality of packets based on the received packet; to identify an access control (“
AC”
) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;
to track the flow in the flow set by at least the identified AC policy;to mark the flow as being out of a virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination, and to mark the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped. - View Dependent Claims (30, 31, 32, 33, 34, 35)
-
-
36. An apparatus to control non-congestion controlled flows, comprising:
a memory; and a processing unit coupled to the memory, wherein the processing unit is configured to monitor a number of flows in a flow set, wherein each of the flows that comprises a plurality of packets is identified by a unique identifier;
to match the number of flows against an access control (“
AC”
) policy threshold number;
if the number of flows is greater than the AC polity threshold number, to mark a flow as being in a virtual penalty box based on a priority rank of the flow relative to other flows in the flow set; and
to drop a packet associated with the flow that has been marked as being in the penalty box; and
to mark the flow as being out of the virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination.- View Dependent Claims (37, 38, 39, 40, 41, 42)
Specification