利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

16 条记录 (耗时 0.022 秒)

    System and method for reassembling packets in a network element
    1.
    发明授权
    System and method for reassembling packets in a network element 有权
    用于在网络元件中重新组装数据包的系统和方法

    公开(公告)号:US07254112B2

    公开(公告)日:2007-08-07

    申请号:US10294630

    申请日:2002-11-15

    申请人: Jerome Cornet John C. Fischer Jason Sterne Peter Donovan

    发明人: Jerome Cornet John C. Fischer Jason Sterne Peter Donovan

    IPC分类号: H04L12/28 H04L12/66 H04J1/16 H04J3/22 H04J3/24

    CPC分类号: H04L12/5601 H04L45/30 H04L49/258 H04L49/3081 H04L49/9094 H04L2012/5653 H04L2012/5665

    摘要: A method and apparatus for sending packets from traffic flows to queues in a network element is provided. Each traffic flow has a packet size parameter indicating a sizing constraint for its packets. The method includes the step of grouping the traffic flows into groups utilizing the packet size parameter of each traffic flow. The method further includes the step of sending packets only from traffic flows of one group to at least one designated queue. Traffic flows of the one group are identified utilizing the packet size parameter of each traffic flow.

    摘要翻译: 提供了一种从网络元件将流量从数据包发送到队列的方法和装置。 每个流量具有指示其分组的大小约束的分组大小参数。 该方法包括利用每个业务流的分组大小参数将业务流分组成组的步骤。 该方法还包括仅从一个组的业务流发送分组到至少一个指定队列的步骤。 使用每个业务流的分组大小参数来识别一组的业务流。

    System and method for providing gaps between data elements at ingress to a network element
    2.
    发明授权
    System and method for providing gaps between data elements at ingress to a network element 有权
    在网络元素入口处的数据元素之间提供间隙的系统和方法

    公开(公告)号:US07525913B2

    公开(公告)日:2009-04-28

    申请号:US10195492

    申请日:2002-07-16

    申请人: Mark Jason Thibodeau John William Galway Jason Sterne Michael Wayne Mitchell Peter Donovan

    发明人: Mark Jason Thibodeau John William Galway Jason Sterne Michael Wayne Mitchell Peter Donovan

    IPC分类号: H04L12/26 H04L12/56

    CPC分类号: H04L12/5601 H04L47/263 H04L47/30 H04L49/506 H04L2012/5635 H04L2012/5674 H04L2012/5679 H04L2012/5681

    摘要: The invention provides a system and method of controlling timing of release of traffic for a communication switch. The traffic originates from at least one source, is directed to a common ingress point of the switch and is directed to a common egress point in the switch. The egress point has a maximum egress transmission rate. The traffic has at least one datastream. Each datastream has a requested transmission rate. The method comprises, for each datastream, establishing a maximum cell release rate such that a sum of each of the maximum cell release rate does not exceed the maximum egress transmission rate and utilizing the maximum cell release rate to govern release of local traffic in the datastream from the ingress point.

    摘要翻译: 本发明提供了一种用于控制通信交换机的业务释放定时的系统和方法。 交通源自至少一个源,被引导到交换机的公共入口点,并被引导到交换机中的公共出口点。 出口点具有最大出口传输速率。 流量至少有一个数据流。 每个数据流都有一个请求的传输速率。 该方法包括:对于每个数据流,建立最大小区释放速率,使得每个最大小区释放速率的总和不超过最大出口传输速率,并利用最大小区释放速率来管理数据流中本地业务的释放 从入口点。

    Method and system for using a queuing device as a lossless stage in a network device in a communications network
    3.
    发明申请
    Method and system for using a queuing device as a lossless stage in a network device in a communications network 有权
    在通信网络中的网络设备中使用排队设备作为无损阶段的方法和系统

    公开(公告)号:US20070217336A1

    公开(公告)日:2007-09-20

    申请号:US11377578

    申请日:2006-03-17

    申请人: Jason Sterne Robert Johnson Aaron MacDonald Richard Grieve James Schriel

    发明人: Jason Sterne Robert Johnson Aaron MacDonald Richard Grieve James Schriel

    IPC分类号: H04J1/16 H04L12/56

    CPC分类号: H04L47/10 H04L47/266 H04L47/30 H04L47/32 H04L49/90 Y02D50/10

    摘要: A method for incorporating a queuing device as a lossless processing stage in a network device in a communications network, comprising: monitoring a depth of a queue in the queuing device, the queue for receiving packets from an upstream device within the network device, the queuing device acting as a discard point by discarding packets when the queue is full; and, if the depth passes a predetermined threshold, sending a message to the upstream device to reduce a rate at which packets are sent to the queuing device to prevent the queue from filling and thereby preventing packet discarding and loss by the queuing device.

    摘要翻译: 一种在通信网络中的网络设备中将排队设备作为无损处理级并入的方法,包括:监视队列设备中的队列的深度,用于从网络设备内的上游设备接收分组的队列,排队 设备在队列满时通过丢弃报文作为丢弃点; 并且如果深度通过预定阈值,则向上游设备发送消息以降低分组被发送到排队设备的速率,以防止队列填满,从而防止排队设备丢包和丢失。

    Metering packet flows for limiting effects of denial of service attacks
    4.
    发明申请
    Metering packet flows for limiting effects of denial of service attacks 有权
    计费数据包流,限制拒绝服务攻击的影响

    公开(公告)号:US20050157647A1

    公开(公告)日:2005-07-21

    申请号:US10760277

    申请日:2004-01-21

    申请人: Jason Sterne Adrian Grah Shay Nahum Predrag Kostic Herman Liu

    发明人: Jason Sterne Adrian Grah Shay Nahum Predrag Kostic Herman Liu

    IPC分类号: H04L1/00 H04L29/06

    CPC分类号: H04L63/0227 H04L63/101 H04L63/1458

    摘要: The packet rate limiting method and system is used for detecting and blocking the effects of DoS attacks on IP networks. The method uses an ACL counter that stores an action parameter in the first 3 most significant bits and uses 13 bits as a packet counter. A rate limit is enforced by setting the packet counter to an initial value, and resetting this value at given intervals of time. The action parameter enables the ACL to accept or deny packets based on this rate limit. If the number of packets in the incoming flow saturates the packet counter before the reset time, the packets are denied access to the network until the counter is next reset. The denied packets may be just discarded or may be extracted for further examination.

    摘要翻译: 分组速率限制方法和系统用于检测和阻止DoS攻击对IP网络的影响。 该方法使用ACL计数器,其存储动作参数在前3个最高有效位中,并使用13位作为数据包计数器。 通过将分组计数器设置为初始值来实现速率限制,并在给定的时间间隔重置该值。 该操作参数使ACL能够根据此速率限制接受或拒绝数据包。 如果传入流中的数据包数量在复位时间之前使数据包计数器饱和,则数据包将被拒绝访问网络,直到下一次重置计数器为止。 被拒绝的数据包可能被丢弃或可能被提取用于进一步检查。

    Method and apparatus for monitoring buffer contents in a data communication system
    5.
    发明申请
    Method and apparatus for monitoring buffer contents in a data communication system 有权
    用于监视数据通信系统中的缓冲器内容的方法和装置

    公开(公告)号:US20050163139A1

    公开(公告)日:2005-07-28

    申请号:US10915250

    申请日:2004-08-10

    申请人: Robert Robotham Denny Lee Brent Duckering Jason Sterne

    发明人: Robert Robotham Denny Lee Brent Duckering Jason Sterne

    IPC分类号: H04L12/26 H04L12/56 H04Q11/00

    CPC分类号: H04L12/5601 H04L43/00 H04L43/0817 H04L43/0847 H04L43/16 H04L47/11 H04L47/30 H04L49/90 H04L2012/5636 H04L2012/5682

    摘要: A method and apparatus for buffering data units in a communication switch that allows for configurable monitoring of the buffer contents is presented. Such an apparatus includes a context table that stores a plurality of independent group identifiers for each connection. Although the group identifiers may include a partition group identifier and a loss group identifier that is dependent on the partition group identifier, additional group identifiers are included in the context table for each connection that are independent of other group identifiers in the context table. Such a context table may be dynamically reconfigured in order to group connections for buffer monitoring operations related to congestion detection, traffic shaping, and data admission with respect to buffering. When a data unit is received corresponding to a particular connection, the context table is referenced to retrieve the set of group identifiers corresponding to that connection. As a cell is stored in the buffer, count values corresponding to at least some of the group identifiers included in the set of group identifiers for that connection are incremented. Similarly, when data is dequeued from the buffer for forwarding, the set of group identifiers for that particular data unit is determined and the counters corresponding to at least some of those groups are decremented. As such, the count value corresponding to each of the groups can be referenced to determine the number of data units corresponding to that group that are currently stored within the buffer.

    摘要翻译: 提出一种用于缓冲通信交换机中的数据单元的方法和装置,其允许缓冲器内容的可配置监视。 这种装置包括存储用于每个连接的多个独立组标识符的上下文表。 虽然组标识符可以包括取决于分区组标识符的分区组标识符和丢失组标识符,但是对于与上下文表中的其他组标识符无关的每个连接,附加组标识符被包括在上下文表中。 这样的上下文表可以被动态地重新配置,以便分组与针对缓冲的拥塞检测,流量整形和数据准入相关的缓冲器监视操作的连接。 当接收到对应于特定连接的数据单元时,引用上下文表以检索对应于该连接的组标识符集。 当单元被存储在缓冲器中时,对应于包括在该连接的组标识符集合中的至少一些组标识符的计数值递增。 类似地,当数据从用于转发的缓冲器中出来时,确定该特定数据单元的组标识符集,并且减少对应于那些组中的至​​少一些的计数器。 因此,可以引用与每个组对应的计数值来确定当前存储在缓冲器中的与该组对应的数据单元的数量。

    Method and apparatus for providing integral cell payload integrity verification in ATM Telecommunication devices
    6.
    发明授权
    Method and apparatus for providing integral cell payload integrity verification in ATM Telecommunication devices 失效
    在ATM电信设备中提供整体小区有效载荷完整性验证的方法和装置

    公开(公告)号:US06639899B1

    公开(公告)日:2003-10-28

    申请号:US09417834

    申请日:1999-10-14

    申请人: Randall Allan Law Steven Douglas Margerm Andre Poulin Robert Morton Steve Driediger Jason Sterne Pual Nadj

    发明人: Randall Allan Law Steven Douglas Margerm Andre Poulin Robert Morton Steve Driediger Jason Sterne Pual Nadj

    IPC分类号: G01R3108

    CPC分类号: H04L49/3081 H04L49/30 H04L49/3009 H04L49/555 H04L2012/5625 H04L2012/5628 H04L2012/5652 H04Q11/0478

    摘要: A method for verifying the integrity of data payloads of ATM cells passing through a switching device involves computing a payload integrity verification code for the payload portion of an ATM cell. The payload integrity verification code may be generated according to any error detection or error correction scheme. Preferably, the payload integrity verification code is stored in a portion of the standard ATM cell header which is not used while the cell is passing through the switching device. Preferably the payload integrity verification code is stored in all, or a portion of, the virtual path identifier or virtual connection identifier fields. The invention allows for the immediate identification of cells having corrupted payload data. Different actions may be taken on the detection of errors in the ATM cell header and ATM cell payloads respectively.

    摘要翻译: 用于验证通过交换设备的ATM信元的数据有效载荷的完整性的方法包括计算ATM信元的有效载荷部分的净荷完整性验证码。 有效载荷完整性验证码可以根据任何错误检测或纠错方案生成。 优选地,有效载荷完整性验证码存储在标准ATM信元报头的一部分中,该小区在小区通过交换设备时未被使用。 优选地,净荷完整性验证码存储在虚拟路径标识符或虚拟连接标识符字段的全部或部分中。 本发明允许立即识别具有损坏的有效载荷数据的小区。 可以分别对ATM信元报头和ATM信元有效载荷中的错误的检测采取不同的动作。

    Metering packet flows for limiting effects of denial of service attacks
    8.
    发明授权
    Metering packet flows for limiting effects of denial of service attacks 有权
    计费数据包流,限制拒绝服务攻击的影响

    公开(公告)号:US07436770B2

    公开(公告)日:2008-10-14

    申请号:US10760277

    申请日:2004-01-21

    申请人: Jason Sterne Adrian Grah Shay Nahum Predrag Kostic Herman Ho Ming Liu

    发明人: Jason Sterne Adrian Grah Shay Nahum Predrag Kostic Herman Ho Ming Liu

    IPC分类号: H04J3/14

    CPC分类号: H04L63/0227 H04L63/101 H04L63/1458

    摘要: The packet rate limiting method and system is used for detecting and blocking the effects of DoS attacks on IP networks. The method uses an ACL counter that stores an action parameter in the first 3 most significant bits and uses 13 bits as a packet counter. A rate limit is enforced by setting the packet counter to an initial value, and resetting this value at given intervals of time. The action parameter enables the ACL to accept or deny packets based on this rate limit. If the number of packets in the incoming flow saturates the packet counter before the reset time, the packets are denied access to the network until the counter is next reset. The denied packets may be just discarded or may be extracted for further examination.

    摘要翻译: 分组速率限制方法和系统用于检测和阻止DoS攻击对IP网络的影响。 该方法使用ACL计数器,其存储动作参数在前3个最高有效位中,并使用13位作为数据包计数器。 通过将分组计数器设置为初始值来实现速率限制,并在给定的时间间隔重置该值。 该操作参数使ACL能够根据此速率限制接受或拒绝数据包。 如果进入流中的数据包数量在复位时间之前使数据包计数器饱和,则数据包将被拒绝访问网络,直到下一次重置计数器为止。 被拒绝的数据包可能被丢弃或可能被提取用于进一步检查。

    Access control listing mechanism for routers
    9.
    发明授权
    Access control listing mechanism for routers 有权
    路由器的访问控制列表机制

    公开(公告)号:US07509674B2

    公开(公告)日:2009-03-24

    申请号:US10679288

    申请日:2003-10-07

    申请人: Jason Sterne

    发明人: Jason Sterne

    IPC分类号: G06F17/00

    CPC分类号: H04L45/00 H04L45/308 H04L45/60 H04L45/7453 H04L47/20 H04L47/2425 H04L47/2441 H04L63/06 H04L63/101

    摘要: A method and apparatus are provided for maintaining access control lists (ACLs) within TCAM on a line card in a data packet router, the rules being applied to incoming data packets. Each interface may be associated with multiple ACLs, and multiple interfaces may be associated with single shared ACLs. The shared ACLs include rules applicable to more than one interface. Other ACLs are specific to a particular interface. When searching for a rule to apply to an incoming data packet, the filter searches both the specific ACL and the shared ACLs associated with the interface over which the data packet arrived. Using the shared ACLs, duplication of common rules is reduced, thereby reducing the total number of rules stored on the line card and saving memory storage space. The invention is also applicable to sets of rules other than ACLs.

    摘要翻译: 提供了一种方法和装置,用于在数据分组路由器的线路卡上维护TCAM内的访问控制列表(ACL),该规则被应用于输入的数据分组。 每个接口可以与多个ACL相关联,并且多个接口可以与单个共享ACL相关联。 共享ACL包括适用于多个接口的规则。 其他ACL特定于特定接口。 当搜索适用于传入数据包的规则时,过滤器将搜索与数据包到达的接口相关联的特定ACL和共享ACL。 使用共享ACL,减少了常规规则的重复,从而减少了存储在线卡上的规则总数,并节省了存储空间。 本发明也适用于除ACL之外的规则集。