-
公开(公告)号:US06490615B1
公开(公告)日:2002-12-03
申请号:US09196944
申请日:1998-11-20
IPC分类号: G06F1516
CPC分类号: H04L67/1008 , H04L67/1002 , H04L67/1012 , H04L67/1019 , H04L67/2819 , H04L67/2842 , H04L69/18
摘要: Requests for objects are received from one or more clients in a system comprised of a plurality of nodes. One of the requests is sent from one of the clients. The request is received from a first node of said plurality of nodes by a second node of said plurality of nodes. A requested object is returned from the second node of the plurality of nodes using one of a plurality of protocols. The method may be applied to a scalable and highly available cache array. The cache array may enhance the performance and throughput of Web servers connected to a network such as the Internet. A network dispatcher may send requests to a cache node of a cache array. The cache node selected by the network dispatcher may either serve the request, handoff the request to another cache node of a cache array, or communicate via one of a variety of protocols with another cache node of the cache array to cooperatively serve the request. A network dispatcher, operating in a special mode, may also function as a content based router. Thus, it is also possible for a network dispatcher to route requests using a combination of content-based and non-content-based routing in order to further improve system performance.
摘要翻译: 从由多个节点组成的系统中的一个或多个客户端接收对象的请求。 其中一个请求是从其中一个客户端发送的。 所述多个节点的第二节点从所述多个节点的第一节点接收所述请求。 使用多个协议之一从多个节点的第二节点返回所请求的对象。 该方法可以应用于可扩展且高度可用的高速缓存阵列。 缓存阵列可以增强连接到诸如因特网的网络的Web服务器的性能和吞吐量。 网络调度员可以将请求发送到高速缓存阵列的高速缓存节点。 由网络调度器选择的高速缓存节点可以服务该请求,将请求切换到高速缓存阵列的另一高速缓存节点,或者通过各种协议之一与高速缓存阵列的另一个高速缓存节点进行通信,以协作地提供该请求。 以特殊模式运行的网络调度器也可以用作基于内容的路由器。 因此,网络调度员也可以使用基于内容和非基于内容的路由的组合路由请求,以进一步提高系统性能。
-
2.发明授权公开(公告)号:US08312541B2
公开(公告)日:2012-11-13
申请号:US11826594
申请日:2007-07-17
IPC分类号: H04L29/06
CPC分类号: H04W12/12 , H04L45/745 , H04L63/1416 , H04L63/1458 , H04W80/04
摘要: In one embodiment, a method comprises initiating neighbor discovery in response to detecting an absence of an IP destination address of a received data packet within a neighbor cache, including outputting a neighbor solicitation message targeting the IP destination address into a network served by the router, generating a hash index value based on the IP destination address combined with a randomized token stored in the router, and storing the data packet in a selected one of a plurality of pending message queues in the router based on the corresponding hash index value, each pending message queue configured for storing stored data packets having the corresponding hash index value and awaiting respective solicited neighbor advertisement messages from the network; and detecting whether the router is encountering a neighbor discovery denial of service attack based on a determined distribution of the stored data packets among the pending message queues.
摘要翻译: 在一个实施例中,一种方法包括响应于检测到相邻高速缓存中接收到的数据分组的IP目的地地址的不存在而启动邻居发现,包括将针对该IP目的地地址的邻居请求消息输出到由路由器服务的网络中, 基于与存储在路由器中的随机化标记组合的IP目的地地址生成散列索引值,并且基于相应的散列索引值将数据分组存储在路由器中的多个未决消息队列中的所选择的一个中,每个等待 消息队列,用于存储具有相应哈希索引值的存储数据分组,并且等待来自网络的相应的被请求的相邻广告消息; 以及基于所确定的等待消息队列中存储的数据分组的分布来检测路由器是否遇到邻居发现拒绝服务攻击。
-
公开(公告)号:US20080304457A1
公开(公告)日:2008-12-11
申请号:US11808362
申请日:2007-06-08
IPC分类号: H04Q7/24
CPC分类号: H04L63/062 , H04L29/12216 , H04L29/12915 , H04L61/2007 , H04L61/6059 , H04L63/12 , H04W12/04 , H04W12/10
摘要: In one embodiment, a method comprises receiving by an agent a request from a network node for generation of a secure IPv6 address for use by the network node, the request including a selected subset of parameters selected by the network node and required for generation of the secure IPv6 address according to a prescribed secure address generation procedure, the selected subset including at least a public key owned by the network node; dynamically generating by the agent at least a second of the parameters required for generation of the secure IPv6 address; generating by the agent the secure IPv6 address based on the selected subset and the second of the parameters required for generation of the secure IPv6 address; and outputting, to the network node, an acknowledgment to the request and that includes the secure IPv6 address, and the parameters required for generation of the secure IPv6 address.
摘要翻译: 在一个实施例中,一种方法包括由代理接收来自网络节点的用于生成由网络节点使用的安全IPv6地址的请求,所述请求包括由网络节点选择的所选择的参数子集,并且需要用于生成 安全的IPv6地址根据规定的安全地址生成过程,所选择的子集至少包括由网络节点拥有的公钥; 由所述代理动态产生生成所述安全IPv6地址所需的至少二分之一的参数; 由代理生成基于选择的子集的安全IPv6地址和产生安全IPv6地址所需的第二参数; 以及向所述网络节点输出对所述请求的确认,并且包括所述安全IPv6地址以及所述安全IPv6地址的生成所需的参数。
-
公开(公告)号:US20080137659A1
公开(公告)日:2008-06-12
申请号:US11636433
申请日:2006-12-11
IPC分类号: H04L12/56
CPC分类号: H04L47/10 , H04L45/00 , H04L47/2408 , H04L47/245 , H04L63/0823 , H04L63/12
摘要: In one embodiment, a method includes receiving, by an access router, an Internet Protocol version 6 (IPv6) packet that specifies a request for executing a preemptive service for data packets specifying a prescribed flow label field value identified in the request. The method further includes attempting authentication of the request by the access router based on a prescribed secure authentication protocol. The method further includes implementing the preemptive service by the access router based on the authentication of the request, including passing any IPv6 data packet received from a host node and having an IPv6 header specifying the prescribed flow label field value and satisfying a prescribed security condition, and limiting transfer of any data packet that does not specify the prescribed flow label field value or satisfy the prescribed security condition.
摘要翻译: 在一个实施例中,一种方法包括由接入路由器接收因特网协议版本6(IPv6)分组,所述互联网协议版本6(IPv6)分组指定执行针对请求中标识的规定流标签字段值的数据分组的抢占服务的请求。 该方法还包括基于规定的安全认证协议来尝试对接入路由器的请求进行认证。 该方法还包括基于该请求的认证来实现接入路由器的抢占业务,包括通过从主机节点接收的任何IPv6数据分组,并具有指定规定流标签字段值的IPv6报头并满足规定的安全条件, 并且限制不指定规定流标签字段值或满足规定安全条件的任何数据分组的传送。
-
公开(公告)号:US09088502B2
公开(公告)日:2015-07-21
申请号:US13113113
申请日:2011-05-23
IPC分类号: H04L12/28 , H04L12/721 , H04L12/705
CPC分类号: H04L45/18 , H04L41/0803 , H04L45/02 , H04L45/14
摘要: In one embodiment, a method comprises creating, in a computing network, a loop-free routing topology comprising a plurality of routing arcs for reaching a destination device, each routing arc comprising a first network device as a first end of the routing arc, a second network device as a second end of the routing arc, and at least a third network device configured for routing any network traffic along the routing arc toward the destination device via any one of the first or second ends of the routing arc; and causing the network traffic to be forwarded along at least one of the routing arcs to the destination device.
摘要翻译: 在一个实施例中,一种方法包括在计算网络中创建包括用于到达目的地设备的多个路由弧的无环路由拓扑,每个路由弧包括作为路由电弧的第一端的第一网络设备, 第二网络设备作为路由电弧的第二端,以及至少第三网络设备,被配置为经由所述路由电弧的所述第一或第二端中的任何一个沿着所述路由电弧将任何网络业务路由到目的地设备; 并且使得网络业务沿着至少一个路由弧被转发到目的地设备。
-
公开(公告)号:US08266427B2
公开(公告)日:2012-09-11
申请号:US11808362
申请日:2007-06-08
IPC分类号: H04L29/06
CPC分类号: H04L63/062 , H04L29/12216 , H04L29/12915 , H04L61/2007 , H04L61/6059 , H04L63/12 , H04W12/04 , H04W12/10
摘要: In one embodiment, a method comprises receiving by an agent a request from a network node for generation of a secure IPv6 address for use by the network node, the request including a selected subset of parameters selected by the network node and required for generation of the secure IPv6 address according to a prescribed secure address generation procedure, the selected subset including at least a public key owned by the network node; dynamically generating by the agent at least a second of the parameters required for generation of the secure IPv6 address; generating by the agent the secure IPv6 address based on the selected subset and the second of the parameters required for generation of the secure IPv6 address; and outputting, to the network node, an acknowledgment to the request and that includes the secure IPv6 address, and the parameters required for generation of the secure IPv6 address.
摘要翻译: 在一个实施例中,一种方法包括由代理接收来自网络节点的用于生成由网络节点使用的安全IPv6地址的请求,所述请求包括由网络节点选择的所选择的参数子集,并且需要用于生成 安全的IPv6地址根据规定的安全地址生成过程,所选择的子集至少包括由网络节点拥有的公钥; 由所述代理动态产生生成所述安全IPv6地址所需的至少二分之一的参数; 由代理生成基于选择的子集的安全IPv6地址和产生安全IPv6地址所需的第二参数; 以及向所述网络节点输出对所述请求的确认,并且包括所述安全IPv6地址以及所述安全IPv6地址的生成所需的参数。
-
7.发明授权Secure neighbor discovery router for defending host nodes from rogue routers 有权安全邻居发现路由器,用于为流氓路由器保护主机节点公开(公告)号:US08219800B2
公开(公告)日:2012-07-10
申请号:US11808059
申请日:2007-06-06
IPC分类号: H04L29/06
CPC分类号: H04L45/00 , H04L45/02 , H04L63/0823 , H04L63/1416 , H04L63/1466
摘要: In one embodiment, a method comprises receiving, by a router in a network, a router advertisement message on a network link of the network; detecting within the router advertisement message, by the router, an advertised address prefix and an identified router having transmitted the router advertisement message within the network; determining, by the router, whether the identified router is authorized to at least one of advertise itself as a router, or advertise the advertised address prefix on the network link; and selectively initiating, by the router, a defensive operation against the identified router based on the router determining the identified router is not authorized to advertise itself as a router, or advertise the advertised address prefix on the network link.
摘要翻译: 在一个实施例中,一种方法包括由网络中的路由器接收网络的网络链路上的路由器通告消息; 在路由器通告消息内检测由路由器发布的地址前缀和已经在网络内发送了路由器通告消息的已识别路由器; 由所述路由器确定所识别的路由器是否被授权至少一个将自身公告为路由器,或者在所述网络链路上通告所通告的地址前缀; 并且由路由器选择性地启动基于确定所识别的路由器的路由器对所识别的路由器的防御性操作,所述路由器不被授权将其自身作为路由器进行通告,或者在网络链路上通告所通告的地址前缀。
-
8.发明授权Label distribution and route installation in a loop-free routing topology using routing arcs 有权使用路由弧在无环路由拓扑中标签分发和路由安装公开(公告)号:US09246794B2
公开(公告)日:2016-01-26
申请号:US13566029
申请日:2012-08-03
IPC分类号: H04L12/28 , H04L12/705 , H04L12/723 , H04L12/751 , H04L12/721 , H04L12/707 , H04L12/703
CPC分类号: H04L45/18 , H04L45/02 , H04L45/12 , H04L45/1283 , H04L45/22 , H04L45/28 , H04L45/507
摘要: In one embodiment, a method comprises creating, in a computing network, a loop-free routing topology for reaching a destination device, the loop-free routing topology comprising distinct paths for reaching the destination device; generating a set of serialized representations describing the loop-free routing topology, each serialized representation describing a corresponding one of the paths; and propagating the set of serialized representations from the destination device to network nodes in the computing network, enabling the network nodes to establish loop-free label switched paths for reaching the destination device via the loop-free routing topology.
摘要翻译: 在一个实施例中,一种方法包括在计算网络中创建用于到达目的地设备的无环路由拓扑,所述无环路由拓扑包括用于到达目的地设备的不同路径; 生成描述无环路由拓扑的一系列序列化表示,每个序列化表示描述对应的一个路径; 并将该集合的序列化表示从目的地设备传播到计算网络中的网络节点,使得网络节点能够建立无循环标签交换路径,以经由无环路由拓扑到达目的地设备。
-
9.发明申请公开(公告)号:US20090024758A1
公开(公告)日:2009-01-22
申请号:US11826594
申请日:2007-07-17
IPC分类号: G06F15/16
CPC分类号: H04W12/12 , H04L45/745 , H04L63/1416 , H04L63/1458 , H04W80/04
摘要: In one embodiment, a method comprises initiating neighbor discovery in response to detecting an absence of an IP destination address of a received data packet within a neighbor cache, including outputting a neighbor solicitation message targeting the IP destination address into a network served by the router, generating a hash index value based on the IP destination address combined with a randomized token stored in the router, and storing the data packet in a selected one of a plurality of pending message queues in the router based on the corresponding hash index value, each pending message queue configured for storing stored data packets having the corresponding hash index value and awaiting respective solicited neighbor advertisement messages from the network; and detecting whether the router is encountering a neighbor discovery denial of service attack based on a determined distribution of the stored data packets among the pending message queues.
摘要翻译: 在一个实施例中,一种方法包括响应于检测到相邻高速缓存中接收到的数据分组的IP目的地地址的不存在而启动邻居发现,包括将针对该IP目的地地址的邻居请求消息输出到由路由器服务的网络中, 基于与存储在路由器中的随机化标记组合的IP目的地地址生成散列索引值,并且基于相应的散列索引值将数据分组存储在路由器中的多个未决消息队列中的所选择的一个中,每个等待 消息队列,用于存储具有相应哈希索引值的存储数据分组,并且等待来自网络的相应的被请求的相邻广告消息; 以及基于所确定的等待消息队列中存储的数据分组的分布来检测路由器是否遇到邻居发现拒绝服务攻击。
-
10.发明授权Recursive load balancing in a loop-free routing topology using routing arcs 有权使用路由弧在无循环路由拓扑中的递归负载平衡公开(公告)号:US08897135B2
公开(公告)日:2014-11-25
申请号:US13371065
申请日:2012-02-10
IPC分类号: G01R31/08
CPC分类号: H04L47/125 , H04L41/0663 , H04L45/02 , H04L45/18 , H04L45/22
摘要: In one embodiment, a method comprises creating, in a computing network, a loop-free routing topology comprising a plurality of routing arcs for reaching a destination device, each routing arc comprising a first network device as a first end of the routing arc, a second network device as a second end of the routing arc, and at least a third network device configured for routing any network traffic along the routing arc toward the destination device via any one of the first or second ends of the routing arc; and load balancing the network traffic along the routing arcs based on traffic metrics obtained at the first and second ends of the routing arcs, including selectively sending a backpressure command to a first one of the routing arcs supplying at least a portion of the network traffic to a congested one of the routing arcs.
摘要翻译: 在一个实施例中,一种方法包括在计算网络中创建包括用于到达目的地设备的多个路由弧的无环路由拓扑,每个路由弧包括作为路由电弧的第一端的第一网络设备, 第二网络设备作为路由电弧的第二端,以及至少第三网络设备,被配置为经由所述路由电弧的所述第一或第二端中的任何一个沿着所述路由电弧将任何网络业务路由到目的地设备; 以及基于在所述路由弧的第一和第二端处获得的流量度量来沿着所述路由弧负载平衡网络流量,包括选择性地向所述路由弧中的所述路由弧中的第一个提供所述网络业务的至少一部分, 拥塞的一个路由弧。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.023 秒)
