Method and apparatus for identifying network data traffic flows and for applying quality of service treatments to the flows
First Claim
1. A network entity configured to communicate with a local policy enforcer through a computer network, the network entity having at least one application program executing thereon for generating a traffic flow for transmission to a second network entity through the network, the network entity comprising:
- a flow declaration component in communicating relation with the at least one application program for receiving one or more network and transport layer parameters and one or more application-level parameters identifying the traffic flow, the flow declaration component comprising;
a memory for storing a traffic flow data structure corresponding to the traffic flow, the traffic flow data structure storing the one or more network and transport layer and one or more application-level parameters identified by the at least one application program, and a message generator for formulating and transmitting one or more messages to the local policy enforcer, at least one message including information from the traffic flow data structure, whereby, in response to the at least one message from the flow declaration component, a respective service treatment is declared for the traffic flow from the at least one application program.
1 Assignment
0 Petitions
Accused Products
Abstract
A system within a computer network identifies specific traffic flows originating from a given network entity and requests and applies appropriate policy rules or service treatments to the traffic flows. A network entity includes a flow declaration component that communicates with one or more application programs executing on the entity. The flow declaration component includes a message generator and an associated memory for storing one or more traffic flow data structures. For a given traffic flow, the application program issues one or more calls to the flow declaration component providing it with information identifying the traffic flows. The flow declaration component then opens a flow management session with a local policy enforcer that obtains policy rules or service treatments for the identified flow from a policy server and applies those rules or treatments to the specific traffic flows from the network entity.
350 Citations
47 Claims
-
1. A network entity configured to communicate with a local policy enforcer through a computer network, the network entity having at least one application program executing thereon for generating a traffic flow for transmission to a second network entity through the network, the network entity comprising:
-
a flow declaration component in communicating relation with the at least one application program for receiving one or more network and transport layer parameters and one or more application-level parameters identifying the traffic flow, the flow declaration component comprising;
a memory for storing a traffic flow data structure corresponding to the traffic flow, the traffic flow data structure storing the one or more network and transport layer and one or more application-level parameters identified by the at least one application program, and a message generator for formulating and transmitting one or more messages to the local policy enforcer, at least one message including information from the traffic flow data structure, whereby, in response to the at least one message from the flow declaration component, a respective service treatment is declared for the traffic flow from the at least one application program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
a first area carrying the specified one or more network and transport layer parameters; and
one or more policy data objects carrying the specified one or more application-level parameters.
-
-
11. The network entity of claim 10 wherein the first area of the Resource reSerVation Protocol (RSVP) Path message includes a session object and a sender template object.
-
12. A network entity configured to communicate with a policy server through a computer network, the network entity having at least one application program executing thereon for generating a traffic flow for transmission to a second network entity through the network, the network entity comprising:
-
a flow declaration component in communicating relation with the at least one application program for receiving one or more network and transport layer parameters and one or more application-level parameters identifying the traffic flow, the flow declaration component having a memory for storing a traffic flow data structure corresponding to the traffic flow, the traffic flow data structure storing the one or more network and transport layer and the one or more application-level parameters identified by the at least one application program; and
a traffic flow state machine engine in communication with the flow declaration component, the traffic flow state machine engine including a communication engine for formulating and transmitting one or more messages to the policy server carrying information from the traffic flow data structure and for receiving one or more policy decision rules from the policy server to be applied to the traffic flow. - View Dependent Claims (13, 14)
-
-
15. In a computer network having a first network entity, a local policy enforcer, a policy server and a second network entity, the first network entity having a flow declaration component and at least one application program that are in communicating relation, the at least one application program configured to generate a traffic flow for transmission through the network to the second network entity, a method for obtaining and applying policy rules to the traffic flow comprising the steps of:
-
specifying one or more network and transport layer parameters for the traffic flow to the flow declaration component;
specifying one or more application-level parameters that describes an aspect of the traffic flow to the flow declaration component;
forwarding at least one message carrying the specified network and transport layer parameters and the specified application-level parameters from the flow declaration component to the local policy enforcer;
at the local policy enforcer, requesting a policy rule decision for application to the traffic flow from the policy server based on the specified network and transport layer parameters and the specified application-level parameters; and
at the local policy enforcer, applying the policy rule decision to the traffic flow as it moves through the network. - View Dependent Claims (16, 17, 18, 19)
a first area carrying the specified one or more network and transport layer parameters; and
one or more policy data objects carrying the specified one or more application-level parameters.
-
-
19. The method of claim 18 wherein the first area of the Resource reSerVation Protocol (RSVP) Path message includes a session object and a sender template object.
-
20. A computer readable medium containing executable program instructions for declaring a service treatment for a plurality of network messages issued by an application program running on a network entity connected to a computer network, the network messages corresponding to a specific traffic flow, the computer network including a policy enforcer and a policy server and defining transport and network communication layers, the executable program instructions comprising program instructions for:
-
receiving from the application program a plurality of network and transport layer parameters corresponding to the traffic flow;
receiving from the application program one or more application-level parameters corresponding to the traffic flow;
loading the received network and transport layer parameters and the application-level parameters into one or more flow start messages; and
sending the one or more flow start messages to the policy enforcer, wherein, in response to the one or more flow start message a service treatment is obtained for and applied to the traffic flow from the application program. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
receiving a notification from the application program indicating that the program has completed its sending of messages corresponding to the traffic flow, and issuing a flow end message to the policy enforcer signaling the end of the traffic flow.
-
-
23. The computer readable medium of claim 22 wherein the application-level parameters specify one or more of the following characteristics:
- the size of a file being transmitted, a video segment name, a video segment viewer, a user name, a user department, an application module identifier, a transaction type, a transaction name, an application state, a calling party, a called party, a compression method, a service level, a uniform resource locator (URL) and a mime type.
-
24. The computer readable medium of claim 23 further comprising program instructions for loading the received network and transport layer parameters and the received application level-parameters into a traffic flow data structure associated with the application program.
-
25. The computer readable medium of claim 20 wherein the one or more flow start messages contain one or more policy bindings, the policy bindings representing encoded versions of the network and transport layer parameters received from the application program.
-
26. The computer readable medium of claim 25 wherein the policy bindings further represent encoded versions of the application-level parameters received from the application program.
-
27. The computer readable medium of claim 26 wherein each policy binding includes a policy identifier (PID) element and an encoded policy instance element.
-
28. The computer readable medium of claim 27 wherein the PID is used to specify a type of class of the network and transport layer parameters and/or the application-level parameters.
-
29. The computer readable medium of claim 27 wherein the PID elements comply with the COPS Usage for Differentiated Services specification standard.
-
30. The computer readable medium of claim 26 further comprising program instructions for translating the application-level parameters into a machine independent format.
-
31. The computer readable medium of claim 30 wherein the machine independent format is Abstract Syntax Notation One (ASN.1).
-
32. The computer readable medium of claim 20 further comprising programming instructions for providing the service treatments to the application program through a callback function.
-
33. The computer readable medium of claim 20 further comprising programming instructions for sending one or more client open messages to the policy enforcer in order to open a communication session with the policy enforcer, the client open messages carrying a keep alive timer value.
-
34. The computer readable medium of claim 33 further comprising programming instructions for receiving one or more client accept messages from the policy enforcer, the Client Accept messages carrying a keep alive timer value.
-
35. The computer readable medium of claim 34 further comprising programming instructions for issuing one or more keep alive messages to the policy enforcer while the application program continues to send network messages corresponding to the traffic flow, the keep alive message sent substantially in accordance with the keep alive timer valve received from the policy enforcer.
-
36. The computer readable medium of claim 33 wherein a separate communication session is opened with the policy enforcer for each application program for which a service treatment is to be declared.
-
37. The computer readable medium of claim 21 further comprising program instructions for receiving from the application program a change in the application-level parameters for the network messages corresponding to the traffic flow.
-
38. The computer readable medium of claim 37 further comprising program instructions for:
-
receiving a notification from the application program indicating that the program is ready to begin sending the network messages corresponding to the changed application-level parameters; and
issuing one or more flow update messages to the policy enforcer, the flow update messages containing the changed application-level parameters.
-
-
39. The computer readable medium of claim 38 wherein a new service treatment is obtained for and applied to the network messages corresponding to the changed application-level parameters from the application program.
-
40. The computer readable medium of claim 24 wherein the service treatment is obtained in response to the policy enforcer sending one or more request policy messages to the policy server.
-
41. The computer readable medium of claim 40 wherein the request policy messages comply in substantial part with the Common Open Policy Service (COPS) Protocol.
-
42. The computer readable medium of claim 41 wherein the policy server, in response to the request policy messages, issues one or more policy decision messages to the policy enforcer, the policy decision messages containing the service treatment for the traffic flow from the application program.
-
43. The computer readable medium of claim 42 wherein the policy enforcer establishes a flow state for the traffic flow from the application program, the flow state including the declared network and transport layer parameters and the service treatment returned by the policy server.
-
44. The computer readable medium of claim 43 wherein the policy enforcer
compares messages originated by the application program with the declared network and transport layer parameters, and applies the service treatment to messages matching the network and transport layer parameters. -
45. The computer readable medium of claim 44 wherein the policy enforcer, in applying the service treatment, performs one or more of:
-
setting a Differentiated Services (DS) codepoint field of matching network messages from the application program, setting a Type of Service (ToS) field of matching network messages from the application program, and setting a user_priority field of matching messages from the application program.
-
-
46. The computer readable medium of claim 43 further comprising program instructions for discarding the contents of the traffic flow data structure in response to receiving the notification from the application program that the program has completed its sending of messages.
-
47. The computer readable medium of claim 46 wherein the policy enforcer, in response to the flow end message, erases the traffic flow state established for the traffic flow from the application program.
Specification