Stateful packet inspection and classification
First Claim
Patent Images
1. A system, comprising:
- a processor configured to;
determine, for a first packet associated with a network traffic flow and originating from an application, a first differentiated services header value (DSHV) to associate with the first packet, wherein the first DSHV is determined based at least in part by determining a context in which the application is used, and wherein determining the context in which the application is used includes evaluating a user identifier associated with an originator of the first packet;
use the first DSHV to perform a lookup of a first quality of service treatment associated with the first DSHV and apply the first quality of service treatment to the first packet;
determine that the context in which the application is used has changed, and in response, determine, for a second packet associated with the network traffic flow originating from the application, a second DSHV to associate with the second packet, wherein the second DSHV is different from the first DSHV;
use the second DSHV to perform a lookup of a second quality of service treatment associated with the second DSHV and apply the second quality of service treatment to the second packet, wherein the first quality of service treatment and the second quality of service treatment are different; and
a memory coupled to the processor and configured to provide the processor with instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Stateful inspection and classification of packets is disclosed. For a first packet associated with a network traffic flow, a differentiated services header value is determined. The differentiated services header value is used to perform a lookup of a quality of service treatment associated with the differentiated services header value. The treatment is applied to the first packet. A return traffic packet is received. A differentiated services header value is written in the header of the return traffic packet.
-
Citations
20 Claims
-
1. A system, comprising:
-
a processor configured to; determine, for a first packet associated with a network traffic flow and originating from an application, a first differentiated services header value (DSHV) to associate with the first packet, wherein the first DSHV is determined based at least in part by determining a context in which the application is used, and wherein determining the context in which the application is used includes evaluating a user identifier associated with an originator of the first packet; use the first DSHV to perform a lookup of a first quality of service treatment associated with the first DSHV and apply the first quality of service treatment to the first packet; determine that the context in which the application is used has changed, and in response, determine, for a second packet associated with the network traffic flow originating from the application, a second DSHV to associate with the second packet, wherein the second DSHV is different from the first DSHV; use the second DSHV to perform a lookup of a second quality of service treatment associated with the second DSHV and apply the second quality of service treatment to the second packet, wherein the first quality of service treatment and the second quality of service treatment are different; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
determining, for a first packet associated with a network traffic flow and originating from an application, a first differentiated services header value (DSHV) to associate with the first packet, wherein the first DSHV is determined based at least in part by determining a context in which the application is used, and wherein determining the context in which the application is used includes evaluating a user identifier associated with an originator of the first packet; using the first DSHV to perform a lookup of a first quality of service treatment associated with the first DSHV and applying the first quality of service treatment to the first packet; determining that the context in which the application is used has changed, and in response, determining, for a second packet associated with the network traffic flow originating from the application, a second DSHV to associate with the second packet, wherein the second DSHV is different from the first DSHV; and using the second DSHV to perform a lookup of a second quality of service treatment associated with the second DSHV and applying the second quality of service treatment to the second packet, wherein the first quality of service treatment and the second quality of service treatment are different. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification