Controlling non-congestion controlled flows

US 9,596,182 B2
Filed: 02/12/2013
Issued: 03/14/2017
Est. Priority Date: 02/12/2013
Status: Active Grant

First Claim

Patent Images

1. A machine-implemented method, comprising:

receiving a packet;

identifying a flow comprising a plurality of packets based on the received packet;

identifying an access control (“

AC”

) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;

tracking the flow in the flow set by at least the identified AC policy;

marking the flow as being out of a virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination; and

marking the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A packet is received. A flow associated with the packet is determined. An access control (“AC”) policy for the flow is determined. The flow in a flow set is organized for transmission based at least on the AC policy. A bandwidth for the flow is monitored. The flow is marked for transmission based on the monitoring.

Citations

42 Claims

1. A machine-implemented method, comprising:
- receiving a packet;
  
  identifying a flow comprising a plurality of packets based on the received packet;
  
  identifying an access control (“
  
  AC”
  
  ) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;
  
  tracking the flow in the flow set by at least the identified AC policy;
  
  marking the flow as being out of a virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination; and
  
  marking the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprisingassigning the access control policy to the flow.
  - 3. The method of claim 1, further comprisingmonitoring the bandwidth for the flow, whereinthe flow comes in and out of the virtual penalty box based on the monitoring.
  - 4. The method of claim 1, wherein the AC policy is further associated with the bandwidth.
  - 5. The method of claim 1, wherein the flow is defined based on at least one of an Internet Protocol (“
    - IP”
      
      ) source address, an IP destination address, a source port address, a destination port address;
      
      a Media Access Control (“
      
      MAC”
      
      ) source address, a MAC destination address; and
      
      type of service (“
      
      TOS”
      
      ) data.
  - 6. The method of claim 1, further comprisingdetermining an arrival time for the flow;
    - andorganizing the flow in the flow set based on the arrival time.
  - 7. The method of claim 1, further comprisingremoving the flow from the flow set.

8. A machine-implemented method to control non-congestion controlled flows, comprising:
- monitoring a number of flows in a flow set, wherein each of the flows that comprises a plurality of packets is identified by a unique identifier;
  
  matching the number of flows against an access control (“
  
  AC”
  
  ) policy threshold number;
  
  if the number of flows is greater than the AC polity threshold number, marking a flow as being in a virtual penalty box based on a priority rank of the flow relative to other flows in the flow set;
  
  dropping a packet associated with the flow that has been marked as being in the penalty box; and
  
  marking the flow as being out of the virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the flow comes in and out of the virtual penalty box based on the monitoring.
  - 10. The method of claim 8, further comprisingdetermining an arrival time for a flow in the flow set, wherein the packet is transmitted based on the arrival time.
  - 11. The method of claim 8, further comprisingdiscarding the packet.
  - 12. The method of claim 8, wherein the flows are defined based on at least one of an Internet Protocol (“
    - IP”
      
      ) source address, an IP destination address, a source port address, a destination port address;
      
      a Media Access Control (“
      
      MAC”
      
      ) source address, a MAC destination address, and type of service (“
      
      TOS”
      
      ) data.
  - 13. The method of claim 8, wherein the AC policy is further associated with the bandwidth.
  - 14. The method of claim 8, further comprisingmonitoring the bandwidth for the flow set.

15. A non-transitory machine readable storage medium that has stored instructions which when executed cause a data processing system to perform operations comprising:
- receiving a packet;
  
  identifying a flow comprising a plurality of packets based on the received packet;
  
  identifying an access control (“
  
  AC”
  
  ) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;
  
  tracking the flow in the flow set by at least the identified AC policy;
  
  marking the flow as being out of a virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination; and
  
  marking the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The non-transitory machine readable storage medium of claim 15, further comprisinginstructions which when executed cause the data processing system to perform operations comprisingassigning the access control policy to the flow.
  - 17. The non-transitory machine readable storage medium of claim 15, further comprisinginstructions which when executed cause the data processing system to perform operations comprisingmonitoring the bandwidth for the flow, whereinthe flow comes in and out of the virtual penalty box based on the monitoring.
  - 18. The non-transitory machine readable storage medium of claim 15, wherein the AC policy is further associated with the bandwidth.
  - 19. The non-transitory machine readable storage medium of claim 15, wherein the flow is defined based on at least one of an Internet Protocol (“
    - IP”
      
      ) source address, an IP destination address, a source port address, a destination port address;
      
      a Media Access Control (“
      
      MAC”
      
      ) source address, a MAC destination address, and type of service (“
      
      TOS”
      
      ) data.
  - 20. The non-transitory machine readable storage medium of claim 15, further comprising:
    - instructions which when executed cause the data processing system to perform operations comprising;
      
      determining an arrival time for the flow; and
      
      organizing the flow in the flow set based on the arrival time.
  - 21. The non-transitory machine readable storage medium of claim 15, further comprising:
    - instructions which when executed cause the data processing system to perform operations comprisingremoving the flow from the flow set.

22. A non-transitory machine readable storage medium that has stored instructions which when executed cause a data processing system to perform operations to control non-congestion controlled flows, comprising:
- monitoring a number of flows in a flow set, wherein each of the flows that comprises a plurality of packets is identified by a unique identifier;
  
  matching the number of flows against an access control (“
  
  AC”
  
  ) policy threshold number;
  
  if the number of flows is greater than the AC polity threshold number, marking a flow as being in a virtual penalty box based on a priority rank of the flow relative to other flows in the flow set;
  
  dropping a packet associated with the flow that has been marked as being in the penalty box; and
  
  marking the flow as being out of the virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The non-transitory machine readable storage medium of claim 22, wherein the flow comes in and out of the virtual penalty box based on the monitoring.
  - 24. The non-transitory machine readable storage medium of claim 22, further comprising:
    - instructions which when executed cause the data processing system to perform operations comprising;
      
      determining an arrival time for a flow in the flow set, wherein the packet is transmitted based on the arrival time.
  - 25. The non-transitory machine readable storage medium of claim 22, further comprising:
    - instructions which when executed cause the data processing system to perform operations comprising;
      
      discarding the packet.
  - 26. The non-transitory machine readable storage medium of claim 22, wherein the flows are defined based on at least one of an Internet Protocol (“
    - IP”
      
      ) source address, an IP destination address, a source port address, a destination port address;
      
      a Media Access Control (“
      
      MAC”
      
      ) source address, a MAC destination address, and type of service (“
      
      TOS”
      
      ) data.
  - 27. The non-transitory machine readable storage medium of claim 22, wherein the AC policy is further associated with the bandwidth.
  - 28. The non-transitory machine readable storage medium of claim 22, further comprising:
    - instructions which when executed cause the data processing system to perform operations comprising monitoring the bandwidth for the flow set.

29. An apparatus comprising:
- a memory; and
  
  a processing unit coupled to the memory, wherein the processing unit is configured;
  
  to receive a packet;
  
  to identify a flow comprising a plurality of packets based on the received packet;
  
  to identify an access control (“
  
  AC”
  
  ) policy based on the flow, wherein the AC policy comprises a priority rank of the flow relative to other flows in a flow set;
  
  to track the flow in the flow set by at least the identified AC policy;
  
  to mark the flow as being out of a virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination, andto mark the flow as being in the virtual penalty box, if the bandwidth for the flow is not available, wherein for the flow that is marked as being in the virtual penalty box, every packet is dropped.
- View Dependent Claims (30, 31, 32, 33, 34, 35)
- - 30. The apparatus of claim 29, wherein the processing unit is further configured toassign the access control policy to the flow.
  - 31. The apparatus of claim 29, wherein the processing unit is further configured to monitor the bandwidth for the flow wherein the flow comes in and out of the virtual penalty box based on the monitoring.
  - 32. The apparatus of claim 29, wherein the AC policy is further associated with the bandwidth.
  - 33. The apparatus of claim 29, wherein the flow is defined based on at least one of an Internet Protocol (“
    - IP”
      
      ) source address, an IP destination address, a source port address, a destination port address;
      
      a Media Access Control (“
      
      MAC”
      
      ) source address, a MAC destination address, and type of service (“
      
      TOS”
      
      ) data.
  - 34. The apparatus of claim 29, wherein the processing unit is further configured todetermine an arrival time for the flow;
    - and to organize the flow in the flow set based on the arrival time.
  - 35. The apparatus of claim 29, wherein the processing unit is further configured toremove the flow from the flow set.

36. An apparatus to control non-congestion controlled flows, comprising:
- a memory; and
  
  a processing unit coupled to the memory, wherein the processing unit is configured to monitor a number of flows in a flow set, wherein each of the flows that comprises a plurality of packets is identified by a unique identifier;
  
  to match the number of flows against an access control (“
  
  AC”
  
  ) policy threshold number;
  
  if the number of flows is greater than the AC polity threshold number, to mark a flow as being in a virtual penalty box based on a priority rank of the flow relative to other flows in the flow set; and
  
  to drop a packet associated with the flow that has been marked as being in the penalty box; and
  
  to mark the flow as being out of the virtual penalty box, if a bandwidth for the flow is available, wherein for the flow that is marked as being out of the virtual penalty box, every packet is forwarded to a destination.
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. The apparatus of claim 36, whereinthe flow comes in and out of the virtual penalty box based on the monitoring.
  - 38. The apparatus of claim 36, wherein the processing unit is further configured todetermine an arrival time for a flow in the flow set, wherein the packet is transmitted based on the arrival time.
  - 39. The apparatus of claim 36, wherein the processing unit is further configured to discard the packet.
  - 40. The apparatus of claim 36, wherein the flows are defined based on at least one of an Internet Protocol (“
    - IP”
      
      ) source address, an IP destination address, a source port address, a destination port address;
      
      a Media Access Control (“
      
      MAC”
      
      ) source address, a MAC destination address, and type of service (“
      
      TOS”
      
      ) data.
  - 41. The apparatus of claim 36, wherein the AC policy is further associated the bandwidth.
  - 42. The apparatus of claim 36, wherein the processing unit is further configured tomonitor the bandwidth for the flow set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ADARA Networks, Inc.
Original Assignee
ADARA Networks, Inc.
Inventors
Stewart, Randall
Primary Examiner(s)
Jaroenchonwanit, Bunjob

Application Number

US13/765,586
Publication Number

US 20140226469A1
Time in Patent Office

1,491 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 47/12   Avoiding congestion; Recove...

H04L 47/19   at layers above the network...

H04L 47/20   Traffic policing

H04L 47/32   by discarding or delaying d...

Controlling non-congestion controlled flows

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling non-congestion controlled flows

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links