4625 results about "Router" patented technology

Content networking provides a content-based routing architecture, in which a virtual overlay network called the “virtual content network” is superimposed over the physical network. The content network contains content routers as the nodes and “pathways” as links. The content-based routers at the edge of the content network may be either a gateway to the client domain or a gateway to the server domain whereas the interior ones correspond to the content switches dedicated for steering content requests and replies. The pathways are virtual paths along the physical network that connect the corresponding content routers. The tags for tagging content requests at the ingress points are designed to incorporate several different attributes of the content in the routing process. The path chosen for routing the request is the optimal path and is chosen from multiple paths leading to the replicas of the content.

A computing environment with methods for monitoring access to an open network such as the Internet, is described. The system includes one or more client computers, each operating applications (e.g., Netscape Navigator or Microsoft Internet Explorer) requiring access to an open network, such as a WAN or the Internet, and a router or other equipment that serves a routing function (e.g., a cable modem) for the client computers. A centralized security enforcement module on the router maintains access rules for the client computers and verifies the existence and proper operation of a client-based security module on each client computer. The router-side security module periodically sends out a router challenge via Internet broadcast to the local computers on the network. If the client-side security module is installed and properly operating, the client-side security module responds to the router challenge. The responses received by the router-side security module are maintained in a table. Each time the router receives a request from a client computer to connect to the Internet, the router-side security module reviews the table and analyzes whether or not the computer requesting a connection to the Internet properly responded to the most recent router challenge. If it determines that the computer has properly responded to the router challenge, then it permits the computer to connect to the Internet. If a computer has not properly responded or if a computer has not answered the router challenge, then the computer is not allowed to connect to the Internet as requested.

The present invention relates to a switch for processing data units, such as IP data packets. The switch can be implemented as a router that includes a plurality of input ports, a plurality of output ports and a switch fabric capable of establishing logical pathways to interconnect a certain input port with a certain output port. A characterizing element of the router is its ability to control bandwidth usage on a basis of a logical pathway. This prevents congestion to occur in the switch fabric and also at the level of the output ports. For every active logical pathway the router sets-up a bandwidth control mechanism including at least one queue to hold data units received at an input port. The bandwidth control mechanism performs an accounting operation to determine the average bandwidth usage and if less than a threshold requests for releasing data units in the switch fabric are sent to the switch fabric controller. When the threshold is exceeded the bandwidth control mechanism stops sending requests for service to the switch fabric controller. The system also supports priorities. Instead of stopping the issuance of signals requesting release of data packets the priority level of the queue (reflected in a priority field in the signal requesting release of a data packet) changes from HI to LO. The switch fabric controller is designed to recognize priority requests and will accept LO priority requests only when there are no other HI priority requests pending. The present invention also provides a data transport device which includes a plurality of nodes interconnected by a physical link that establishes two ring-shaped paths on which data is transported on opposite directions. Each node is capable of sending a control message to the upstream node to advise the upstream node of the data carrying requirements of the node at which the message has originated. The upstream node can then throttle the introduction of data in the paths to preserve capacity that can be used by the downstream nodes.

An enterprise wide electronic commerce system allows trading partners to act as participants in a complex trading process. Participants communicate with one another by joining conversations that are hosted in a collaboration space and managed by a collaboration hub. In this manner, the enterprise workflow may have an effect on, or be affected by, local workflows. The invention provides a pluggable hub system for enterprise wide electronic collaboration. An embodiment of the invention includes a collaboration hub for use with a collaboration system, comprising a hub transport for receiving messages from participants and sending messages to participants, a hub router for routing messages from a first participant to a second participant, a hub scheduler for scheduling the flow of messages between the hub router and the hub transport, a conversation manager for managing the flow of messages between participants, and a repository for storing conversation management data.

A method has provides a router having an input, an output, and a shared memory. The router also has a forwarding path to forward a plurality of packets from the input to the output, and a service path to manage statistical data relating to packets forwarded through the forwarding path. The forwarding path has a counter to count aggregate packet information relating to the plurality of packets it forwards. Next, the method counts, using the counter(s), aggregate packet information relating to the packets forwarded through the forwarding path to produce count information. After producing the count information, the method uses the forwarding path to store the count information in the shared memory of the router, and then causes the service path to retrieve the count information from the shared memory. The service path ultimately produces statistical information using the count information retrieved from the shared memory.

A technique protects against failure of a tail-end node of a Traffic Engineering (TE) Label Switched Path (LSP) in a computer network. According to the protection technique, a node along the TE-LSP that is immediately upstream to the protected tail-end node and that is configured to protect the tail-end node (i.e., the “point of local repair” or PLR) learns reachable address prefixes (i.e., “protected prefixes”) of next-hop routers from the tail-end node (i.e., “next-next-hops,” NNHOPs to the protected prefixes from the PLR). The PLR creates a backup tunnel to each NNHOP that excludes the tail-end node, and associates each backup tunnel with one or more protected prefixes accordingly. When the tail-end node fails, Fast Reroute is triggered, and the protected prefix traffic (from the TE-LSP) is rerouted by the PLR onto an appropriate backup tunnel to a corresponding NNHOP. Notably, the PLR performs a penultimate hop popping (PHP) operation prior to forwarding the traffic along the backup tunnel(s).

An advanced data structure allows lookup based upon the most significant 16 bits and the following variable number of K bits of the IP destination address. This 16 / K scheme requires less than 2 MB memory to store the whole routing tables of present day backbone routers. A 16 / Kc version utilizes bitmaps to compress the table to less than 0.5 MB. For the 16 / K data structure each route lookup requires at most 2 memory accesses while the 16 / Kc requires at most 3 memory accesses. By configuring the processor properly and developing a few customized instructions to accelerate route lookup, one can achieve 85 million lookups per second (MLPS) in the typical case with the processor running at 200 MHz. Further, the lookup method can be implemented using pipelining techniques to perform three lookups for three incoming packets simultaneously. Using such techniques, 100 MLPS performance can be achieved.

PCT No. PCT / GB94 / 00429 Sec. 371 Date Oct. 18, 1995 Sec. 102(e) Date Oct. 18, 1995 PCT Filed Mar. 7, 1994 PCT Pub. No. WO94 / 23514 PCT Pub. Date Oct. 13, 1994An intemetwork system has several interlinked computer networks, each network having an associated element manager which is arranged to communicate with a router via a first network management protocol. Each element manager converts from the first network management protocol to a second protocol and also communicates via the network manager. The network manager allows a user of the system to control a router by issuing a command at the network manager and / or to view information on the status, configuration and / or performance of the router.

Limiting or controlling access to various services thereby performing a firewall function. An access router may permit or deny a packet based on at least a portion of a unique bit string (or context information) which replaced layer 2 header information (e.g., the layer 2 (e.g., MAC) address). Further, a particular quality of service may be indicated by at least a part of the unique bit string (or context information). The service provided to a group of customers, that group of customers being defined by at least a portion of the unique bit string (or context information), may be monitored. Multicast groups may be supported by checking at least a part of the unique bit string (or context information) to determine whether or not a customer associated with that port is permitted to join the multicast group.

The present invention relates to a method and system for implementing protocol redundancy in a router. In particular, the invention relates to providing redundancy of multi protocol label switching (MPLS). In one aspect, the present invention provides MPLS redundancy wherein all protocol states are mirrored. An active processor provides MPLS operations. In the present invention, a standby processor is coupled to the active processor. During the initial synchronization, all protocol information from the active processor is forwarded to the standby processor. The protocol information can include event information and state information. Thereafter, any updates of protocol information are immediately forwarded to the standby processor in an orderly and controlled manner. Upon failure of the active processor, the standby processor takes over as the active processor. All MPLS protocol operations are performed on the new active processor.