ATE490628T1 - Vorrichtung und verfahren zur zweistufigen paketklassifikation unter verwendung von höchst spezifischer filteranpassung und transport-ebenen-sharing - Google Patents
Vorrichtung und verfahren zur zweistufigen paketklassifikation unter verwendung von höchst spezifischer filteranpassung und transport-ebenen-sharingInfo
- Publication number
- ATE490628T1 ATE490628T1 AT05732332T AT05732332T ATE490628T1 AT E490628 T1 ATE490628 T1 AT E490628T1 AT 05732332 T AT05732332 T AT 05732332T AT 05732332 T AT05732332 T AT 05732332T AT E490628 T1 ATE490628 T1 AT E490628T1
- Authority
- AT
- Austria
- Prior art keywords
- stage
- packet
- level
- packet classification
- highly specific
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2441—Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/822,034 US7525958B2 (en) | 2004-04-08 | 2004-04-08 | Apparatus and method for two-stage packet classification using most specific filter matching and transport level sharing |
| PCT/US2005/010924 WO2005101761A1 (en) | 2004-04-08 | 2005-03-31 | Apparatus and method for two-stage packet classification using most specific filter matching and transport level sharing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ATE490628T1 true ATE490628T1 (de) | 2010-12-15 |
Family
ID=34964762
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AT05732332T ATE490628T1 (de) | 2004-04-08 | 2005-03-31 | Vorrichtung und verfahren zur zweistufigen paketklassifikation unter verwendung von höchst spezifischer filteranpassung und transport-ebenen-sharing |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US7525958B2 (de) |
| EP (1) | EP1738543B1 (de) |
| JP (1) | JP4482584B2 (de) |
| CN (1) | CN1957573B (de) |
| AT (1) | ATE490628T1 (de) |
| DE (1) | DE602005025103D1 (de) |
| WO (1) | WO2005101761A1 (de) |
Families Citing this family (66)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7525994B2 (en) | 2003-01-30 | 2009-04-28 | Avaya Inc. | Packet data flow identification for multiplexing |
| US7447211B1 (en) * | 2004-03-23 | 2008-11-04 | Avaya Inc. | Method and apparatus of establishing a communication channel using protected network resources |
| US7525958B2 (en) | 2004-04-08 | 2009-04-28 | Intel Corporation | Apparatus and method for two-stage packet classification using most specific filter matching and transport level sharing |
| US7486672B2 (en) * | 2004-04-20 | 2009-02-03 | Samsung Electronics Co., Ltd. | Apparatus and method for searching trie trees using masks with non-symbol boundaries and flooding default routes in a massively parallel router |
| US7680100B1 (en) | 2004-09-30 | 2010-03-16 | Avaya Inc. | Internet protocol appliance manager |
| US7646779B2 (en) * | 2004-12-23 | 2010-01-12 | Intel Corporation | Hierarchical packet scheduler using hole-filling and multiple packet buffering |
| US7474654B2 (en) * | 2005-01-26 | 2009-01-06 | Cisco Technology, Inc. | Method and system for classification of packets based on meta-rules |
| US20060187936A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Table searching techniques in a network device |
| US7826418B2 (en) * | 2005-06-27 | 2010-11-02 | Qualcomm Incorporated | Block-based assignment of quality of service precedence values |
| US7869411B2 (en) * | 2005-11-21 | 2011-01-11 | Broadcom Corporation | Compact packet operation device and method |
| US7849362B2 (en) * | 2005-12-09 | 2010-12-07 | International Business Machines Corporation | Method and system of coherent design verification of inter-cluster interactions |
| US8873555B1 (en) * | 2006-02-02 | 2014-10-28 | Marvell Israel (M.I.S.L.) Ltd. | Privilege-based access admission table |
| US7817629B2 (en) * | 2006-05-12 | 2010-10-19 | Agere Systems Inc. | Methods and apparatus for performing network operations on packets of data in response to content of particular user-specified protocol header fields |
| WO2007147170A2 (en) * | 2006-06-16 | 2007-12-21 | Bittorrent, Inc. | Classification and verification of static file transfer protocols |
| DE602006016932D1 (de) | 2006-06-19 | 2010-10-28 | Packetfront Systems Ab | Hyperkubisches paketflussweiterleiten in Paketnetzwerken |
| JP2008104027A (ja) * | 2006-10-19 | 2008-05-01 | Fujitsu Ltd | パケット情報収集装置およびパケット情報収集プログラム |
| US7885268B2 (en) * | 2006-11-10 | 2011-02-08 | Broadcom Corporation | Method and system for hash table based routing via table and prefix aggregation |
| US20090010259A1 (en) * | 2007-07-08 | 2009-01-08 | Alexander Sirotkin | Device, system, and method of classification of communication traffic |
| US8091007B2 (en) | 2007-09-13 | 2012-01-03 | Dell Products L.P. | Detection of duplicate packets |
| US8838817B1 (en) * | 2007-11-07 | 2014-09-16 | Netapp, Inc. | Application-controlled network packet classification |
| KR100920518B1 (ko) * | 2007-11-27 | 2009-10-09 | 한국전자통신연구원 | 패킷 분류 장치 및 방법 |
| TWI363532B (en) * | 2008-01-21 | 2012-05-01 | Univ Nat Taiwan | Method and system for packet classificiation with reduced memory space and enhanced access speed |
| US8566833B1 (en) | 2008-03-11 | 2013-10-22 | Netapp, Inc. | Combined network and application processing in a multiprocessing environment |
| US8114117B2 (en) * | 2008-09-30 | 2012-02-14 | Tyco Healthcare Group Lp | Compression device with wear area |
| US8675648B1 (en) | 2008-09-30 | 2014-03-18 | Juniper Networks, Inc. | Methods and apparatus for compression in packet classification |
| US7738454B1 (en) * | 2008-09-30 | 2010-06-15 | Juniper Networks, Inc. | Methods and apparatus related to packet classification based on range values |
| US8804950B1 (en) | 2008-09-30 | 2014-08-12 | Juniper Networks, Inc. | Methods and apparatus for producing a hash value based on a hash function |
| US7796541B1 (en) | 2008-09-30 | 2010-09-14 | Juniper Networks, Inc. | Methods and apparatus for range matching during packet classification based on a linked-node structure |
| US8798057B1 (en) | 2008-09-30 | 2014-08-05 | Juniper Networks, Inc. | Methods and apparatus to implement except condition during data packet classification |
| US7961734B2 (en) | 2008-09-30 | 2011-06-14 | Juniper Networks, Inc. | Methods and apparatus related to packet classification associated with a multi-stage switch |
| US7835357B2 (en) * | 2008-09-30 | 2010-11-16 | Juniper Networks, Inc. | Methods and apparatus for packet classification based on policy vectors |
| US8488588B1 (en) | 2008-12-31 | 2013-07-16 | Juniper Networks, Inc. | Methods and apparatus for indexing set bit values in a long vector associated with a switch fabric |
| US8111697B1 (en) * | 2008-12-31 | 2012-02-07 | Juniper Networks, Inc. | Methods and apparatus for packet classification based on multiple conditions |
| US7889741B1 (en) | 2008-12-31 | 2011-02-15 | Juniper Networks, Inc. | Methods and apparatus for packet classification based on multiple conditions |
| US9413662B1 (en) * | 2009-01-13 | 2016-08-09 | Juniper Networks, Inc. | Intra-term logical or operation in a network filter |
| US8051167B2 (en) * | 2009-02-13 | 2011-11-01 | Alcatel Lucent | Optimized mirror for content identification |
| US8271635B2 (en) * | 2009-06-17 | 2012-09-18 | Microsoft Corporation | Multi-tier, multi-state lookup |
| US8379639B2 (en) * | 2009-07-22 | 2013-02-19 | Cisco Technology, Inc. | Packet classification |
| US8953603B2 (en) | 2009-10-28 | 2015-02-10 | Juniper Networks, Inc. | Methods and apparatus related to a distributed switch fabric |
| AU2010322819B2 (en) | 2009-11-30 | 2014-11-27 | Bae Systems Plc | Processing network traffic |
| US8677030B2 (en) * | 2009-12-09 | 2014-03-18 | Oracle America, Inc. | Apparatus and method for managing packet classification tables |
| US8750144B1 (en) * | 2010-10-20 | 2014-06-10 | Google Inc. | System and method for reducing required memory updates |
| US9282060B2 (en) | 2010-12-15 | 2016-03-08 | Juniper Networks, Inc. | Methods and apparatus for dynamic resource management within a distributed control plane of a switch |
| US8856203B1 (en) * | 2011-02-08 | 2014-10-07 | Pmc-Sierra Us, Inc. | System and method for algorithmic TCAM packet classification |
| US20120310941A1 (en) * | 2011-06-02 | 2012-12-06 | Kindsight, Inc. | System and method for web-based content categorization |
| US9049200B2 (en) * | 2012-07-27 | 2015-06-02 | Cisco Technology, Inc. | System and method for improving hardware utilization for a bidirectional access controls list in a low latency high-throughput network |
| US9210082B2 (en) * | 2013-02-19 | 2015-12-08 | Avago Technologies General Ip (Singapore) Pte. Ltd. | High speed network bridging |
| US9124552B2 (en) | 2013-03-12 | 2015-09-01 | Centripetal Networks, Inc. | Filtering network data transfers |
| ES2719541T3 (es) | 2014-01-28 | 2019-07-11 | Huawei Tech Co Ltd | Procedimiento y aparato de modificación de reglas de procesamiento |
| US9571411B1 (en) | 2014-12-29 | 2017-02-14 | Juniper Networks, Inc. | Using a firewall filter to select a member link of a link aggregation group |
| CN105488020B (zh) * | 2015-12-01 | 2018-09-04 | 交控科技股份有限公司 | 一种数据处理方法及系统 |
| US11418632B2 (en) * | 2015-12-15 | 2022-08-16 | Intel Corporation | High speed flexible packet classification using network processors |
| US10095720B2 (en) * | 2016-02-05 | 2018-10-09 | Amadeus S.A.S. | Database table index |
| WO2017167385A1 (en) * | 2016-03-31 | 2017-10-05 | Nec Europe Ltd. | Software-enhanced stateful switching architecture |
| CN106096022B (zh) * | 2016-06-22 | 2020-02-11 | 杭州迪普科技股份有限公司 | 多域网包分类规则的划分方法及装置 |
| JP6880402B2 (ja) * | 2017-05-10 | 2021-06-02 | 富士通株式会社 | メモリアクセス制御装置及びその制御方法 |
| US10892985B2 (en) * | 2018-06-05 | 2021-01-12 | Nec Corporation | Method and system for performing state-aware software defined networking |
| CN113347090B (zh) * | 2020-02-18 | 2023-06-20 | 华为技术有限公司 | 报文处理方法、转发设备以及报文处理系统 |
| US11522917B2 (en) * | 2020-06-10 | 2022-12-06 | Arista Networks, Inc. | Scalable network processing segmentation |
| DE102020212586A1 (de) * | 2020-10-06 | 2022-04-07 | Robert Bosch Gesellschaft mit beschränkter Haftung | Verfahren und Vorrichtung zum Verarbeiten von mit über ein Bussystem übertragbaren Nachrichten assoziierten Daten |
| KR102319089B1 (ko) * | 2020-11-02 | 2021-10-29 | 주식회사 윈스 | 모바일 엣지 컴퓨팅의 슬라이싱 서비스에서 트래픽 보안 처리를 위한 장치 및 방법 |
| CN112732241B (zh) * | 2021-01-08 | 2022-04-01 | 烽火通信科技股份有限公司 | 一种多级并行高速处理下的可编程解析器及其解析方法 |
| TWI766558B (zh) * | 2021-01-25 | 2022-06-01 | 國立陽明交通大學 | 一種具有兩階層優先權之頻寬管理系統 |
| CN112995362B (zh) * | 2021-05-11 | 2021-08-10 | 长扬科技(北京)有限公司 | 一种数据包和协议规则的匹配方法和装置 |
| WO2023017315A1 (en) * | 2021-08-12 | 2023-02-16 | Marvell Israel (M.I.S.L) Ltd. | Network device that utilizes tcam configured to output multiple match indices |
| CN117113103B (zh) * | 2023-09-08 | 2025-08-01 | 合肥市传秀科技有限公司 | 一种基于双重无偏函数的事件规则匹配方法 |
Family Cites Families (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6147976A (en) | 1996-06-24 | 2000-11-14 | Cabletron Systems, Inc. | Fast network layer packet filter |
| US6341130B1 (en) | 1998-02-09 | 2002-01-22 | Lucent Technologies, Inc. | Packet classification method and apparatus employing two fields |
| US6289013B1 (en) | 1998-02-09 | 2001-09-11 | Lucent Technologies, Inc. | Packet filter method and apparatus employing reduced memory |
| US6182228B1 (en) | 1998-08-17 | 2001-01-30 | International Business Machines Corporation | System and method for very fast IP packet filtering |
| US6920146B1 (en) * | 1998-10-05 | 2005-07-19 | Packet Engines Incorporated | Switching device with multistage queuing scheme |
| CA2287689C (en) | 1998-12-03 | 2003-09-30 | P. Krishnan | Adaptive re-ordering of data packet filter rules |
| US6529508B1 (en) | 1999-02-01 | 2003-03-04 | Redback Networks Inc. | Methods and apparatus for packet classification with multiple answer sets |
| US6567408B1 (en) | 1999-02-01 | 2003-05-20 | Redback Networks Inc. | Methods and apparatus for packet classification with multi-level data structure |
| US6587466B1 (en) | 1999-05-27 | 2003-07-01 | International Business Machines Corporation | Search tree for policy based packet classification in communication networks |
| US6252872B1 (en) | 2000-05-24 | 2001-06-26 | Advanced Micro Devices, Inc. | Data packet filter using contents addressable memory (CAM) and method |
| US6665495B1 (en) * | 2000-10-27 | 2003-12-16 | Yotta Networks, Inc. | Non-blocking, scalable optical router architecture and method for routing optical traffic |
| US7193997B2 (en) * | 2001-03-19 | 2007-03-20 | International Business Machines Corporation | Packet classification |
| KR100398281B1 (ko) | 2001-04-17 | 2003-09-19 | 시큐아이닷컴 주식회사 | 패킷 차단방식 방화벽 시스템에서의 고속 정책 판별 방법 |
| US20030172189A1 (en) * | 2001-07-02 | 2003-09-11 | Globespanvirata Incorporated | Communications system using rings architecture |
| US20030167348A1 (en) * | 2001-07-02 | 2003-09-04 | Globespanvirata, Inc. | Communications system using rings architecture |
| US20030074458A1 (en) | 2001-09-18 | 2003-04-17 | Gokhale Maya B. | Hybrid hardware/software packet filter |
| DE10147750A1 (de) * | 2001-09-27 | 2003-04-17 | Siemens Ag | Vorrichtung und Verfahren zur Vermittlung einer Mehrzahl von Signalen unter Verwendung einer mehrstufigen Protokollverarbeitung |
| US7200144B2 (en) * | 2001-10-18 | 2007-04-03 | Qlogic, Corp. | Router and methods using network addresses for virtualization |
| US6754213B2 (en) | 2001-12-27 | 2004-06-22 | Institute For Information Industry | Flexible and high-speed network packet classifying method |
| US7367052B1 (en) * | 2002-12-04 | 2008-04-29 | Cisco Technology, Inc. | Access list key compression |
| US7916739B2 (en) * | 2003-06-24 | 2011-03-29 | Ntt Docomo, Inc. | Location privacy for internet protocol networks using cryptographically protected prefixes |
| US7408932B2 (en) * | 2003-10-20 | 2008-08-05 | Intel Corporation | Method and apparatus for two-stage packet classification using most specific filter matching and transport level sharing |
| US7525958B2 (en) | 2004-04-08 | 2009-04-28 | Intel Corporation | Apparatus and method for two-stage packet classification using most specific filter matching and transport level sharing |
-
2004
- 2004-04-08 US US10/822,034 patent/US7525958B2/en not_active Expired - Fee Related
-
2005
- 2005-03-31 AT AT05732332T patent/ATE490628T1/de not_active IP Right Cessation
- 2005-03-31 EP EP05732332A patent/EP1738543B1/de not_active Expired - Lifetime
- 2005-03-31 DE DE602005025103T patent/DE602005025103D1/de not_active Expired - Lifetime
- 2005-03-31 WO PCT/US2005/010924 patent/WO2005101761A1/en not_active Ceased
- 2005-03-31 JP JP2007507375A patent/JP4482584B2/ja not_active Expired - Fee Related
- 2005-03-31 CN CN200580016984.1A patent/CN1957573B/zh not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| WO2005101761A1 (en) | 2005-10-27 |
| US20050226235A1 (en) | 2005-10-13 |
| CN1957573B (zh) | 2011-10-05 |
| JP2007533207A (ja) | 2007-11-15 |
| US7525958B2 (en) | 2009-04-28 |
| DE602005025103D1 (de) | 2011-01-13 |
| EP1738543A1 (de) | 2007-01-03 |
| CN1957573A (zh) | 2007-05-02 |
| JP4482584B2 (ja) | 2010-06-16 |
| EP1738543B1 (de) | 2010-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| ATE490628T1 (de) | Vorrichtung und verfahren zur zweistufigen paketklassifikation unter verwendung von höchst spezifischer filteranpassung und transport-ebenen-sharing | |
| ATE413751T1 (de) | Verfahren und vorrichtung zur zweistufigen paketklassifikation unter verwendung einer spezifischen filteranpassung und gemeinsamen benutzung auf transportebene | |
| DE602004008776D1 (de) | Vorrichtung und verfahren zur konfiguration von sprachlesern unter verwendung semantischer analyse | |
| ATE548706T1 (de) | Videoszenenhintergrundaufrechterhaltung durch verwendung von änderungsdetektion und - klassifikation | |
| DE60326664D1 (de) | Vorrichtung zur Durchführung von Netzwerkverarbeitungsfunktionen | |
| GB2367714B (en) | Method of, and system for, processing email | |
| ATE481804T1 (de) | Intelligente quarantäne zur abwehr von unangeforderten nachrichten | |
| ATE295760T1 (de) | Verfahren und vorrichtung zur bearbeitung von postsendungen | |
| ATE551670T1 (de) | Verfahren und vorrichtung zur filterung von emailnachrichten | |
| ATE535074T1 (de) | Verfahren und vorrichtung für intelligentes sortieren und prozessbestmmung von datenpaketen, die für eine zentrale verarbeitungseinheit eines routers oder servers aus einem datenpaketnetzwerk bestimmt sind | |
| DE602004013492D1 (de) | Verfahren und Vorrichtung zur Spamentdeckung | |
| EP1895460A3 (de) | Verfahren und Vorrichtung zur Verwaltung von RFID- und anderen Daten | |
| DE602004021994D1 (de) | Vorrichtung, Verfahren und Software zur Verfolgung von Gegenständen | |
| ATE224078T1 (de) | Verfahren und gerät für anschriftenanalysefunktion in einem netzwerk unter verwendung von booleanlogik und programmierbare strukturen für vollständige bestimmungsanschriftenanalyse | |
| DE602004022105D1 (de) | Vorrichtung, Verfahren und Software zur Verfolgung von Gegenständen | |
| WO2006000027A8 (en) | A network optimisation system | |
| ATE400870T1 (de) | Verfahren und system zur klassifizierung eines audiosignals | |
| DE60214850D1 (de) | Für eine benutzergruppe spezifisches musterverarbeitungssystem | |
| ATE366492T1 (de) | Verfahren und vorrichtung zur unterstützung von transaktionen | |
| DE60303444D1 (de) | Ablaufsteuerung unter verwendung von quantumwerten und defizitwerten | |
| ATE313959T1 (de) | Verfahren und einrichtung zur behandlung von geflügelteilen | |
| ATE488101T1 (de) | Verfahren und vorrichtung zur auswahl eines klangalgorithmus | |
| DE60227473D1 (de) | Vorrichtung, System und Verfahren zur Verarbeitung von digitalen Inhalten, und digitales Rundfunksystem | |
| ATE483724T1 (de) | Verfahren zur erhöhung der ausbreitung von b- zellen | |
| ATE445960T1 (de) | Verfahren und vorrichtung zur aggregation von webdiensten |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| RER | Ceased as to paragraph 5 lit. 3 law introducing patent treaties |