-
公开(公告)号:US20120215916A1
公开(公告)日:2012-08-23
申请号:US13459160
申请日:2012-04-28
申请人: Adekunle Bello , Radhika Chirra , Nikhil Hegde , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Nikhil Hegde , Aruna Yedavilli
IPC分类号: G06F15/173
CPC分类号: H04L67/1097 , H04L43/16 , H04L47/193 , H04L47/27 , H04L47/822 , H04L63/1458 , H04L67/143 , H04L69/16 , H04L69/163
摘要: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.
摘要翻译: 提供了一种编程介质和系统的方法,用于防止文件系统访问访问NFS服务器的多个客户机的访问。 在一个示例中,NFS服务器配置为在服务器端口上侦听。 服务器运行一个单独的守护进程,它在NFS服务器上收到客户端请求。 服务器处理系统跟踪客户端响应于来自服务器的数据分组发送连续的TCP零窗口分组的次数。 如果零窗口数据包的数量跨越用户定义的阈值,则调用例程以使用退避算法停止对该客户端的响应。 当服务器达到可用线程数或任何其他相关资源下降到低于用户定义阈值的点时,服务器进程将从具有表中最早条目的服务器开始终止与客户端的连接。
-
公开(公告)号:US09516142B2
公开(公告)日:2016-12-06
申请号:US13459160
申请日:2012-04-28
申请人: Adekunle Bello , Radhika Chirra , Nikhil Hegde , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Nikhil Hegde , Aruna Yedavilli
IPC分类号: H04L29/08 , H04L29/06 , H04L12/801 , H04L12/807 , H04L12/26
CPC分类号: H04L67/1097 , H04L43/16 , H04L47/193 , H04L47/27 , H04L47/822 , H04L63/1458 , H04L67/143 , H04L69/16 , H04L69/163
摘要: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.
摘要翻译: 提供了一种编程介质和系统的方法,用于防止文件系统访问访问NFS服务器的多个客户机的访问。 在一个示例中,NFS服务器配置为在服务器端口上侦听。 服务器运行一个单独的守护进程,它在NFS服务器上收到客户端请求。 服务器处理系统跟踪客户端响应于来自服务器的数据分组发送连续的TCP零窗口分组的次数。 如果零窗口数据包的数量跨越用户定义的阈值,则调用例程以使用退避算法停止对该客户端的响应。 当服务器达到可用线程数或任何其他相关资源下降到低于用户定义阈值的点时,服务器进程将从具有表中最早条目的服务器开始终止与客户端的连接。
-
公开(公告)号:US20110066851A1
公开(公告)日:2011-03-17
申请号:US12558744
申请日:2009-09-14
IPC分类号: H04L9/00 , G06F15/173
CPC分类号: H04L63/04 , H04L45/42 , H04L63/08 , H04L63/105
摘要: A computer implemented method and computer program product for obtaining a secure route. A trusted host sets a node security association for a trusted host. The trusted host receives, at the trusted host, a client communication request directed to a destination host. The trusted host builds a secure route query comprising a trusted host address, a destination host address, and at least one security level, to form at least one secure route. The trusted host sends packets from the trusted host to the destination host based on the at least one secure route. The packets are responsive to the client communication request, and the packets each have a security label that matches the security level.
摘要翻译: 一种用于获得安全路线的计算机实现的方法和计算机程序产品。 可信主机为可信主机设置节点安全关联。 可信主机在受信任的主机处接收指向目的地主机的客户端通信请求。 可信主机构建包括可信主机地址,目的主机地址和至少一个安全级别的安全路由查询,以形成至少一个安全路由。 可信主机基于至少一个安全路由将信息包从可信主机发送到目的地主机。 分组响应于客户端通信请求,并且分组各自具有与安全级别匹配的安全标签。
-
公开(公告)号:US08914456B2
公开(公告)日:2014-12-16
申请号:US13313088
申请日:2011-12-07
申请人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
IPC分类号: G06F15/16 , G06F15/177
CPC分类号: G06F11/2005 , G06F17/30203
摘要: A computer implemented method, system and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.
摘要翻译: 一种用于重新启动具有多个网络接口的主机的计算机实现的方法,系统和装置。 服务器通过停止主机上的NFS服务器进程重新启动主机。 服务器向合并通知表中标识的多个客户端发送至少一个综合通知,其中合并通知包括主机的网络接口的至少两个地址。 服务器确定从多个客户端中的每一个接收到确认。 响应于确定从多个客户端中的每一个接收到确认,服务器停止重新发送合并的通知。
-
公开(公告)号:US20130151828A1
公开(公告)日:2013-06-13
申请号:US13313088
申请日:2011-12-07
申请人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
IPC分类号: G06F15/177
CPC分类号: G06F11/2005 , G06F17/30203
摘要: A computer implemented method, system and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.
摘要翻译: 一种用于重新启动具有多个网络接口的主机的计算机实现的方法,系统和装置。 服务器通过停止主机上的NFS服务器进程重新启动主机。 服务器向合并通知表中标识的多个客户端发送至少一个综合通知,其中合并通知包括主机的网络接口的至少两个地址。 服务器确定从多个客户端中的每一个接收到确认。 响应于确定从多个客户端中的每一个接收到确认,服务器停止重新发送合并的通知。
-
公开(公告)号:US08095628B2
公开(公告)日:2012-01-10
申请号:US12605880
申请日:2009-10-26
申请人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
IPC分类号: G06F15/177 , G06F15/173
摘要: A computer implemented method and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.
摘要翻译: 一种用于重新启动具有多个网络接口的主机的计算机实现的方法和装置。 服务器通过停止主机上的NFS服务器进程重新启动主机。 服务器向合并通知表中标识的多个客户端发送至少一个综合通知,其中合并通知包括主机的网络接口的至少两个地址。 服务器确定从多个客户端中的每一个接收到确认。 响应于确定从多个客户端中的每一个接收到确认,服务器停止重新发送合并的通知。
-
公开(公告)号:US20110099253A1
公开(公告)日:2011-04-28
申请号:US12605880
申请日:2009-10-26
申请人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Aruna Yedavilli
IPC分类号: G06F15/177
摘要: A computer implemented method and apparatus for rebooting a host having a plurality of network interfaces. A server reboots the host by stopping an NFS server process on the host. The server sends at least one consolidated notification to a plurality of clients identified in a consolidated notification table, wherein the consolidated notification comprises at least two addresses of network interfaces of the host. The server determines that an acknowledgement is received from each of the plurality of clients. The server halts resending of consolidated notifications, responsive to determining that an acknowledgement is received from the each of the plurality of clients.
摘要翻译: 一种用于重新启动具有多个网络接口的主机的计算机实现的方法和装置。 服务器通过停止主机上的NFS服务器进程重新启动主机。 服务器向合并通知表中标识的多个客户端发送至少一个综合通知,其中合并通知包括主机的网络接口的至少两个地址。 服务器确定从多个客户端中的每一个接收到确认。 响应于确定从多个客户端中的每一个接收到确认,服务器停止重新发送合并的通知。
-
公开(公告)号:US20110113134A1
公开(公告)日:2011-05-12
申请号:US12614511
申请日:2009-11-09
申请人: Adekunle Bello , Radhika Chirra , Nikhil Hegde , Aruna Yedavilli
发明人: Adekunle Bello , Radhika Chirra , Nikhil Hegde , Aruna Yedavilli
IPC分类号: G06F15/173
CPC分类号: H04L67/1097 , H04L43/16 , H04L47/193 , H04L47/27 , H04L47/822 , H04L63/1458 , H04L67/143 , H04L69/16 , H04L69/163
摘要: A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.
摘要翻译: 提供了一种编程介质和系统的方法,用于防止文件系统访问访问NFS服务器的多个客户机的访问。 在一个示例中,NFS服务器配置为在服务器端口上侦听。 服务器运行一个单独的守护进程,它在NFS服务器上收到客户端请求。 服务器处理系统跟踪客户端响应于来自服务器的数据分组发送连续的TCP零窗口分组的次数。 如果零窗口数据包的数量跨越用户定义的阈值,则调用例程以使用退避算法停止对该客户端的响应。 当服务器达到可用线程数或任何其他相关资源下降到低于用户定义阈值的点时,服务器进程将从具有表中最早条目的服务器开始终止与客户端的连接。
-
公开(公告)号:US08356099B2
公开(公告)日:2013-01-15
申请号:US13459193
申请日:2012-04-29
IPC分类号: G06F15/16
CPC分类号: G06F9/5038 , G06F2209/5021
摘要: A method, programmed medium and system are disclosed which provide for end-to-end QoS for a set of processes that comprise a workload over nfs. A set of processes that comprise a workload such as the processes of a WPAR, or an entire LPAR are given a class designation and assigned priority/limits. The data are then passed to the server which allocates resources based on the sum total of all the current classes and their priorities and/or limits. This requires re-engineering the nfs client code to be workload-aware and the nfs server code to accommodate the resource allocation and prioritization needs of the nfs clients.
摘要翻译: 公开了一种方法,编程介质和系统,其为包括nfs上的工作负载的一组进程提供端到端QoS。 给出了一组包含WPAR或整个LPAR的工作负载的进程,并给出了类别指定和分配的优先级/限制。 然后将数据传递给服务器,该服务器根据所有当前类及其优先级和/或限制的总和来分配资源。 这需要重新设计nfs客户端代码以使工作负载感知和nfs服务器代码适应nfs客户端的资源分配和优先级排序。
-
10.发明授权Remote procedure call (RPC) bind service with physical interface query and selection 有权远程过程调用(RPC)绑定服务与物理接口查询和选择公开(公告)号:US09021510B2
公开(公告)日:2015-04-28
申请号:US13584359
申请日:2012-08-13
IPC分类号: G06F15/173 , G06F9/54
CPC分类号: G06F9/547
摘要: A service module that provides for discovery of one or more network interfaces connecting a prospective remote procedure call (RPC) client, facilitates the provision of RPC programs in a network including multi-horned systems. When a request for a network address to an RPC application providing an RPC program is received from the RPC client, the RPC bind daemon discovers from the module, using the client response address, over which interface(s) the client is accessible. The daemon then selects an address of a network path to the RPC application that the prospective client can access and returns the corresponding network address. The service module monitors the network stack for RPC get address requests and builds tables of client address entries with corresponding network interface identifiers. The entries are retired according to an aging policy.
摘要翻译: 提供用于发现连接预期远程过程调用(RPC)客户端的一个或多个网络接口的服务模块,有助于在包括多角度系统的网络中提供RPC程序。 当从RPC客户端接收到提供RPC程序的RPC应用程序的网络地址的请求时,RPC绑定守护程序使用客户端响应地址从模块发现客户端可访问哪个接口。 守护程序然后选择预期客户端可以访问的RPC应用程序的网络路径的地址,并返回相应的网络地址。 服务模块监视网络堆栈以获取RPC获取地址请求,并使用相应的网络接口标识符构建客户端地址表的表。 这些条目根据老龄化政策退休。
-
-
-
-
-
-
-
-
-
搜索结果
34 条记录 (耗时 0.017 秒)
