-
1.发明授权
公开(公告)号:US6092115A
公开(公告)日:2000-07-18
申请号:US961122
申请日:1997-10-30
CPC分类号: H04L47/522 , H04L12/5693 , H04L47/52 , H04L47/525 , H04L47/621 , H04L47/623 , H04L47/6255 , H04L49/90 , H04L49/9036 , H04L49/9084 , H04L69/163 , H04L47/10 , H04L69/16
摘要: A per-flow queuing method and apparatus for IP networks carrying traffic from feedback controlled TCP connections enables flow of information packets from one or more sources to a destination through a link and comprises a buffer of predetermined size partitioned into a plurality of queues, each queue being allocated an occupancy b.sub.i for receiving and temporarily storing packets of information; a scheduler for removing packets from each buffer according to a predetermined rate and transmitting the packets over a network; and a control device for determining availablilty of queues in the buffer capable of receiving the packet and inputting the packet into a queue if the queue is available, the control device further selecting a queue and releasing a packet from the selected queue to accommodate input of the received packet when the queue is not available. Increased fairness and packet throughput through the link is achieved when the queue for dropping a packet is selected in accordance with a longest queue first or random drop scheme and, when a drop from front strategy for ACK packets is employed.
摘要翻译: 用于从反馈控制的TCP连接承载流量的IP网络的每流排队方法和装置使得能够通过链路从一个或多个源到目的地的信息分组流动,并且包括划分成多个队列的预定大小的缓冲器,每个队列 被分配用于接收和临时存储信息包的占用; 调度器,用于根据预定速率从每个缓冲器去除分组,并通过网络发送分组; 以及控制装置,用于确定能够接收分组的缓冲器中的队列的可用性,并且如果队列可用则将分组输入到队列中,则控制装置进一步选择队列并从所选择的队列中释放分组以适应 当队列不可用时收到数据包。 当根据最长队列第一或随机丢弃方案选择丢弃分组的队列时,并且当采用来自用于ACK分组的前策略的丢弃时,通过链路增加公平性和分组吞吐量。
-
公开(公告)号:US06594268B1
公开(公告)日:2003-07-15
申请号:US09266622
申请日:1999-03-11
IPC分类号: H04L1228
CPC分类号: H04L47/10 , H04L45/04 , H04L45/302 , H04L47/2408
摘要: A packet network employs routers that determine network routing based on quality of service (QoS) provisioning parameters and network topology information. QoS provisioning parameters are provided to each router from a network management database, and the network topology information is determined from a link state database of the router. The link state database may include network topology information collected by the router in accordance with the open shortest path protocol (OSPF). A network link, router, or other node failure initiates a new path-selection process. First, a temporary set of provisioning entries may be determined with a shortest path first (SPF) routing method. Then, the network packet flows may be classified into packet flows, real-time and non-real-time, and then as packet flows that require reserved bandwidth or that may be multiplexed. A multicommodity flow (MCF) routing method is then employed to determine an optimized set of candidate provisioning entries for the packet flows that may be multiplexed. The MCF routing method determines new routing for the packet flows based on QoS provisioning commitments as parameters. The MCF routing method determines the new routing based on an optimization criterion, such as maximized revenue. Once the new routing is determined, routing of network traffic is enabled by converting the provisioning entries into filter rules, which are then loaded into the packet classifier of the router.
摘要翻译: 分组网络使用基于服务质量(QoS)提供参数和网络拓扑信息来确定网络路由的路由器。 从网络管理数据库向每个路由器提供QoS配置参数,并从路由器的链路状态数据库确定网络拓扑信息。 链路状态数据库可以包括根据开放最短路径协议(OSPF)由路由器收集的网络拓扑信息。 网络链路,路由器或其他节点故障启动新的路径选择过程。 首先,可以用最短路径优先(SPF)路由方法来确定一组临时配置条目。 然后,网络分组流可以被分类为分组流,实时和非实时,然后作为需要预留带宽或可以被多路复用的分组流。 然后使用多业务流(MCF)路由方法来确定可以被复用的分组流的优化的候选供应条目集合。 MCF路由方法基于QoS配置承诺来确定分组流的新路由作为参数。 MCF路由方法基于优化标准(如最大收入)来确定新路由。 一旦确定了新路由,就可以通过将配置条目转换为过滤规则来启用网络通信的路由,然后将其过滤到规则中,然后将其加载到路由器的分组分类器中。
-
公开(公告)号:US06289013B1
公开(公告)日:2001-09-11
申请号:US09145433
申请日:1998-09-02
IPC分类号: H04L900
CPC分类号: H04L49/602 , H04L49/205
摘要: A packet filter method and apparatus for a router employs an algorithm that decomposes a set of n filter rules of a k-dimensional space into sets of rule segments associated with non-overlapping intervals in each dimension. Such packet filter may be employed for layer four switching applications. Bit-parallel processing may be employed to compare each interval with corresponding fields of a packet received by the router. Bitmaps defined by the sets of rule segments, and so related to the corresponding filter rules are associated with the intervals. The interval bitmaps are combined to form a filter rule bitmap that identifies and associates one or more filter rules with the packet. For a case storing complete bitmaps for all intervals, the packet filter employs k*n2+O(n) bits of memory for each dimension, [log(2n)]+1 comparisons per dimension which may be performed in parallel, and [n/w] memory accesses for a pairwise combining operation, where w is a width of a bitmap used to identify the filter rule. Incremental memory read operations are employed to reduce memory space requirements of this packet filter case, allowing the packet-filter operation to be optimized in accordance with time complexity and memory space. Since a dominant contributing factor of execution time is off-chip memory accesses, availability of on-chip memory and the use of modified bitmap storage using interval bitmap pointers for incremental memory read operations significantly increases the number of filter rules that may be searched and applied within a given time constraint. For this algorithm employing incremental memory read operations, memory requirements may be reduced to O(n log n) bits while increasing the execution time by only a constant value, when log n≦w.
摘要翻译: 用于路由器的分组过滤方法和装置采用将k维空间的一组n个滤波器规则分解为与每个维度中的非重叠间隔相关联的规则分段的集合的算法。 这种分组过滤器可以用于第四层交换应用。 可以采用位并行处理来将每个间隔与由路由器接收的分组的相应字段进行比较。 由规则段集合定义的位图以及与相应的过滤规则相关的位图与间隔相关联。 间隔位图被组合以形成一个过滤器规则位图,用于标识和关联一个或多个过滤器规则与数据包。 对于存储所有间隔的完整位图的情况,分组过滤器对于可以并行执行的每个维度的每个维度[log(2n)] + 1比较采用k * n2 + O(n)个比特的存储器,并且[n / w]成对组合操作的存储器访问,其中w是用于标识过滤规则的位图的宽度。 采用增量存储器读取操作来减少该分组过滤器情况的存储空间需求,允许根据时间复杂度和存储器空间优化分组过滤器操作。 由于执行时间的主要贡献因素是片外存储器访问,片上存储器的可用性以及使用间隔位图指针进行增量存储器读取操作的修改位图存储的使用显着增加了可以搜索和应用的过滤器规则的数量 在给定的时间限制内。 对于采用增量存储器读取操作的该算法,当log n <= w时,存储器需求可以减少到O(nlog n)位,同时将执行时间仅增加一个恒定值。
-
公开(公告)号:US09141420B2
公开(公告)日:2015-09-22
申请号:US12939627
申请日:2010-11-04
申请人: Yuh-Jye Chang , Adiseshu Hari , Pramod Koppol , Antony Martin , Thanos Stathopoulos , Dimitrios Stiliadis
发明人: Yuh-Jye Chang , Adiseshu Hari , Pramod Koppol , Antony Martin , Thanos Stathopoulos , Dimitrios Stiliadis
IPC分类号: G06F9/455
CPC分类号: G06F9/45558 , G06F2009/4557
摘要: Provided is a method and devices for overload control in a cloud computing environment. The method includes receiving a first message from a network element associated with the cloud computing environment. The first message includes information associated with a target virtual machine and a list of sessions from the one or more sessions to move from the serving virtual machine to the target virtual machine. Associating one or more client addresses with an address associated with the target virtual machine based on the list of sessions. And, treating the target virtual machine as the serving virtual machine if processing sessions associated with the list of sessions.
摘要翻译: 提供了一种云计算环境中过载控制的方法和装置。 该方法包括从与云计算环境相关联的网络元件接收第一消息。 第一消息包括与目标虚拟机相关联的信息以及来自一个或多个会话的从服务虚拟机移动到目标虚拟机的会话列表。 基于会话列表,将一个或多个客户端地址与与目标虚拟机相关联的地址相关联。 并且,如果处理与会话列表相关联的会话,则将目标虚拟机视为服务虚拟机。
-
公开(公告)号:US08493856B2
公开(公告)日:2013-07-23
申请号:US12642380
申请日:2009-12-18
CPC分类号: H04L47/28 , H04L47/2425 , H04L47/564
摘要: A system and method of rate adaptation is disclosed for energy efficiency. The system and method of rate adaptation for energy efficiency provides for parsing a heterogeneous network into rate-adaptation domains that are fully isolated with respect to the control of their operating states. The system and method is particularly useful for creating the conditions for the incremental introduction of rate-adaptive devices in existing networks; combining the best properties of sleep-state exploitation and rate scaling techniques by defining a class of state-setting policies for rate adaptation schemes that enforce tight deterministic bounds on the extra delay that the schemes may cause to network traffic at every node where they are deployed.
摘要翻译: 公开了一种能量效率的系统和速率适应方法。 用于能量效率的速率适配的系统和方法提供了将异构网络解析为相对于其操作状态的控制而被完全隔离的速率适配域。 该系统和方法对于创建用于在现有网络中增量引入速率自适应设备的条件特别有用; 结合睡眠状态利用的最佳属性和速率缩放技术,通过定义一类用于速率适配方案的状态设置策略,这些策略强制执行紧密的确定性边界,以使得方案可能导致其部署在其每个节点处的网络流量的额外延迟 。
-
6.发明授权Method and apparatus for providing secure remote access to enterprise networks 有权用于提供对企业网络的安全远程访问的方法和装置公开(公告)号:US08286002B2
公开(公告)日:2012-10-09
申请号:US11293843
申请日:2005-12-02
CPC分类号: H04L63/0281 , H04L12/2856 , H04L63/0272 , H04L63/164 , H04W12/02 , H04W12/06 , H04W76/10
摘要: The invention includes a method and apparatus for providing secure remote access to enterprise networks. An apparatus includes a network interface module adapted for maintaining a secure network connection with a network device independent of a power state of a host computer associated with the apparatus a storage module for storing information associated with the secure connection, and a processor coupled to the network interface and the memory where the processor is adapted for automatically initiating the secure connection without user interaction.
摘要翻译: 本发明包括用于向企业网络提供安全远程访问的方法和装置。 一种装置包括网络接口模块,适于维持与网络设备的安全网络连接,独立于与该设备相关联的主计算机的电源状态,存储模块用于存储与该安全连接相关联的信息;以及处理器,耦合到该网络 接口和存储器,其中处理器适于在没有用户交互的情况下自动启动安全连接。
-
公开(公告)号:US07649882B2
公开(公告)日:2010-01-19
申请号:US10402589
申请日:2003-03-28
申请人: Dimitrios Stiliadis
发明人: Dimitrios Stiliadis
CPC分类号: H04L12/1881 , H04L12/5601 , H04L49/104 , H04L49/201 , H04L49/90 , H04L49/901 , H04L2012/5642
摘要: A communications switch or router employs a replication server to perform batch processing of multicast connections. The replication server performs three distinct forms of processing using staging queues: packet arrival processing, packet replication processing, and per-interface transmission processing. Packet arrival processing queues arriving packets in session queues, adds new multicast sessions to a replication set, and assigns a counter equivalent to the fan-out of the multicast session. Packet replication processing assigns a descriptor to packets of each session in the replication set, and copies the descriptor to each per-interface queue. Per-interface transmission processing examines each descriptor in the per-interface queue, copies the corresponding packets for transmission by the interface, adjusts the counter as each packet is copied, and clears the packet in the switch based on the adjusted counter.
摘要翻译: 通信交换机或路由器使用复制服务器来执行组播连接的批处理。 复制服务器使用分段队列执行三种不同形式的处理:分组到达处理,分组复制处理和每接口传输处理。 分组到达处理将到达的分组队列到会话队列中,将新的多播会话添加到复制集合,并且向多播会话的扇出分配等于的计数器。 分组复制处理为复制集中的每个会话的分组分配描述符,并将描述符复制到每个接口队列。 每接口传输处理检查每接口队列中的每个描述符,复制相应的数据包以进行传输,在每个数据包被复制时调整计数器,并根据调整后的计数器清除交换机中的数据包。
-
8.发明授权Scheduling of guaranteed-bandwidth low-jitter traffic in input-buffered switches 失效在输入缓冲交换机中调度保证带宽低抖动流量公开(公告)号:US07359384B2
公开(公告)日:2008-04-15
申请号:US10348385
申请日:2003-01-21
IPC分类号: H04L12/56
CPC分类号: H04L47/521 , H04L47/28 , H04L47/50 , H04L47/56 , H04L49/254
摘要: A switch schedules guaranteed-bandwidth, low-jitter-traffic characterized by a guaranteed rate table (GRT) method. A rate matrix generated from collected provisioning information is decomposed into schedule tables by a low jitter (LJ) decomposition method. The LJ decomposition method imposes a set of constraints for the schedule tables: schedule tables are partial permutation matrices, weighted sum of the partial permutation matrices is greater than or equal to the weighted sum of the rate matrix, and each entry in the rate matrix belongs to one element of the LJ decomposition schedule matrices. An integer LJ decomposition programming problem is employed to generate the schedule tables that are scheduled for each time slot of the period of the switch. Schedule tables are selected in turn based upon selecting eligible tables having the earliest finishing time. If necessary, the rate matrix is updated prior to decomposition for a subsequent period.
摘要翻译: 交换机调度保证带宽,低抖动流量,其特征在于保证速率表(GRT)方法。 从收集的配置信息生成的速率矩阵通过低抖动(LJ)分解方法分解为调度表。 LJ分解方法对调度表施加一组约束:调度表是部分置换矩阵,部分置换矩阵的加权和大于或等于速率矩阵的加权和,并且速率矩阵中的每个条目都属于 到LJ分解调度矩阵的一个元素。 采用整数LJ分解编程问题来生成为交换周期的每个时隙调度的调度表。 根据选择具有最早完成时间的合格表,依次选择计划表。 如果需要,速率矩阵在分解之前在随后的时间段内被更新。
-
公开(公告)号:US08479290B2
公开(公告)日:2013-07-02
申请号:US12816439
申请日:2010-06-16
IPC分类号: G06F11/00
CPC分类号: H04W12/12 , G06F21/554 , H04L63/102 , H04L63/145
摘要: A method of remotely treating malicious mobile terminals connected to a mobile communications network. In one embodiment, when a malicious mobile terminal is detected by the intrusion-detection services of the network, the network changes the subscriber profile associated with the mobile terminal to operate the latter in a quarantine mode. The packet-switched subsystem of the network then links the quarantined mobile terminal to a remediation manager. The remediation manager remotely treats the mobile terminal, e.g., to repair or reinstall any corrupted software, terminate any active malicious processes, delete or quarantine any malware, and restore the operating system, configuration, and/or memory of the mobile terminal to a clean operational state. After the treatment, the network reverts the subscriber profile back to the initial state and removes the mobile terminal from the quarantine.
摘要翻译: 一种远程处理连接到移动通信网络的恶意移动终端的方法。 在一个实施例中,当由网络的入侵检测服务检测到恶意移动终端时,网络改变与移动终端相关联的用户简档,以使其以隔离模式操作。 然后,网络的分组交换子系统将隔离的移动终端链接到修复管理器。 修复经理远程处理移动终端,例如修复或重新安装任何损坏的软件,终止任何主动恶意进程,删除或隔离任何恶意软件,并将移动终端的操作系统,配置和/或内存恢复到干净 运行状态 治疗后,网络将用户简档恢复到初始状态,并将移动终端从隔离区移除。
-
公开(公告)号:US20120117563A1
公开(公告)日:2012-05-10
申请号:US12939627
申请日:2010-11-04
申请人: Yuh-Jye Chang , Adiseshu Hari , Pramod Koppol , Antony Martin , Thanos Stathopoulos , Dimitrios Stiliadis
发明人: Yuh-Jye Chang , Adiseshu Hari , Pramod Koppol , Antony Martin , Thanos Stathopoulos , Dimitrios Stiliadis
CPC分类号: G06F9/45558 , G06F2009/4557
摘要: Provided is a method and devices for overload control in a cloud computing environment. The method includes receiving a first message from a network element associated with the cloud computing environment. The first message includes information associated with a target virtual machine and a list of sessions from the one or more sessions to move from the serving virtual machine to the target virtual machine. Associating one or more client addresses with an address associated with the target virtual machine based on the list of sessions. And, treating the target virtual machine as the serving virtual machine if processing sessions associated with the list of sessions.
摘要翻译: 提供了一种云计算环境中过载控制的方法和装置。 该方法包括从与云计算环境相关联的网络元件接收第一消息。 第一消息包括与目标虚拟机相关联的信息和来自一个或多个会话的从服务虚拟机移动到目标虚拟机的会话列表。 基于会话列表,将一个或多个客户端地址与与目标虚拟机相关联的地址相关联。 并且,如果处理与会话列表相关联的会话,则将目标虚拟机视为服务虚拟机。
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.032 秒)
