336 results about "Traffic type" patented technology

A computer network having multiple, dissimilar network devices includes a system for implementing high-level, network policies. The high-level policies, which are generally device-independent, are translated by one or more policy servers into a set of rules that can be put into effect by specific network devices. Preferably, a network administrator selects an overall traffic template for a given domain and may assign various applications and / or users to the corresponding traffic types of the template. Location-specific policies may also be established by the network administrator. The policy server translates the high-level policies inherent in the selected traffic template and location-specific policies into a set of rules, which may include one or more access control lists, and may combine several related rules into a single transaction. Intermediate network devices, which may have one or more roles assigned to their interfaces, are configured to request traffic management information from the policy server which replies with a particular set of transactions and rules. The rules, which may correspond to the particular roles assigned to the interfaces, are then utilized by the intermediate devices to configure their particular services and traffic management mechanisms. Other rules are utilized by the intermediate devices to classify packets with a particular priority and / or service value and to treat classified packets in a particular manner so as to realize the selected high-level policies within the domain.

A novel fast reroute (FRR) technique is provided for quickly and efficiently rerouting selected types of network traffic in response to a node or link failure at the edge of a computer network. According to the technique, the network includes first and second edge devices that function as “FRR mates,” such that network traffic originally destined for one FRR mate may be quickly rerouted to the other without having to wait for conventional network convergence. When an edge device receives rerouted packets originally destined for its FRR mate, the device responds by forwarding only those rerouted packets matching the selected traffic types; rerouted packets that do not match the selected traffic types are dropped or otherwise discarded. The first and second edge devices may be statically configured as FRR mates, e.g., by a network administrator, or they may be configured to automatically detect their compatibility as FRR mates.

A method, mobile station, and software product are used to select an access point in a wireless local area network (WLAN) for access by the mobile station. This is accomplished by calculating a preference value for each of a plurality of the access points, based upon information regarding current communication characteristics of the access points. That information includes physical signal characteristics of the access points, and current channel loads of the access points, and also the traffic type affecting the current channel loads of the respective access points. The information about channel loads is weighted differently based upon the corresponding traffic types, and may also be calculated differently depending upon whether or not the mobile station is set up to utilize multimedia traffic.

Systems and methods that network interface are provided. In one embodiment, a data center may be provided that may include, for example, a first tier, a second tier and a third tier. The first tier may include, for example, a first server. The second tier may include, for example, a second server. The third tier may include, for example, a third server. At least one of the first server, the second server and the third server may handle a plurality of different traffic types over a single fabric.

An intrusion detection system (IDS) is capable of identifying the source of traffic, filtering the traffic to classify it as either safe or suspect and then applying sophisticated detection techniques such as stateful pattern recognition, protocol parsing, heuristic detection or anomaly detection either singularly or in combination based on the traffic type. In a network environment, each traffic source is provided with at least one IDS sensor that is dedicated to monitoring a specific type of traffic such as RPC, HTTP, SMTP, DNS, or others. Traffic from each traffic source is filtered to remove known safe traffic to improve efficiency and increase accuracy by keeping each IDS sensor focused on a specific traffic type.

A wireless Internet access system and method supports the transmission and reception of multiple types of traffic between mobile subscriber units and existing networks. A frame structure is used that can support the transmission of multiple types of traffic and adapt to changes in the traffic types needed and the amount of data for a particular traffic type. In addition, data transmission is performed using orthogonal frequency division multiplexing and differential phase shift keying to avoid inter-symbol interference. Receiving units in the mobile subscriber units and existing works include antenna arrays to provide a multipath transmission.

A network and associated methods and apparatus are described. The network includes a wireless access node which is operable to receive first packets from a plurality of wireless computing devices attempting to access the network. Each of the first packets corresponds to one of a plurality of traffic types. At least one of the traffic types corresponds to an encrypted wireless protocol. The wireless access node is configured to associate one of a plurality of identifiers with each of the first packets. Each of the plurality of identifiers corresponds to one of the plurality of traffic types. The wireless access node is further configured to transmit all first packets received from the wireless computing devices to a gateway on the network regardless of destination addresses associated with the first packets. The gateway is operable to determine that a particular one of the first packets from a first one of the wireless computing devices is directed to a second computing device on the network. The gateway is further operable to prevent the particular first packet from reaching the second computing device in response to determining that the particular first packet is directed to the second computing device.

A wireless Internet access system and method supports the transmission and reception of multiple types of traffic between mobile subscriber units and existing networks. A frame structure is used that can support the transmission of multiple types of traffic and adapt to changes in the traffic types needed and the amount of data for a particular traffic type. In addition, data transmission is performed using orthogonal frequency division multiplexing and differential phase shift keying to avoid intersymbol interference. Receiving units in the mobile subscriber units and existing networks include antenna arrays to provide a multipath transmission.

A flow admission control module for IP traffic types monitors network topology and usage. A new flow is not admitted if it is determined that the flow would push the utilization of available bandwidth reserved for the traffic type on a link in the associated path beyond a predetermined threshold. The admission control module may, as a result of dynamic changes to network topology capacity, re-compute the link utilization for effected active flows. The admission control module may also account for protection regimes in flow admission calculations.

Systems and methods for detecting a domain name in a mobile network session for use in applying mobile policy and enforcement functions based on the domain name. A computing device receives a packet associated with a request from a user equipment to access a domain at a server. The computing device determines a traffic type associated with the packet, the traffic type including one of Hypertext Transfer Protocol (HTTP) traffic, Hypertext Transfer Protocol Secure (HTTPS) traffic, and non HTTP or HTTPS traffic. The computing device determines a domain name based on the traffic type and determines a service to apply to the packet based on the domain name.

A method and apparatus for traffic arbitration in a system are provided. In the system, a first module operating in a first protocol and a second module operating in a second protocol share one communication channel. An arbitration circuit schedules medium accesses thereof, in which a quota table maintains a utilization value updated in accordance with the amount of time slots consumed by a particular traffic type, and a time counter periodically resets the utilization value to a default value. When the arbitration circuit receives a request for medium access of the particular traffic type, the arbitration circuit grants the request according to the utilization value, such that the first module or the second module are not activated at the same time.

A method and apparatus to reduce the transaction overhead involved with packet I / O on a host bus without sacrificing the latency of packets of important traffic types is described. This involves determining whether a packet is to be aggregated in response to receiving the packet in a receive buffer. If it is determined that the packet should not be aggregated, a host system may be interrupted to indicate availability of the received packet. Subsequently, the packet may be forwarded to an interrupted system via a local bus directly from a receiving buffer without being stored in a local storage. If it is determined that a packet is to be aggregated, it may be stored in a queue in local storage. Subsequently, it may be sent to a host system with a group of other frames using a single bus transaction to eliminate overhead.

According to one aspect of the invention, packets of a first type within a first data flow are routed to a destination through a packet core network. In response to a detection that packets of a second type are to be routed while routing the first data flow, a second data flow is created which is a sub-flow of the first data flow. Packets of the second type are routed via the second data flow to the destination without traversing the packet core network, while packets of the first type are routed via the first data flow traversing the packet core network.

Communication traffic type determination devices and methods are disclosed. A received block of communication traffic is concurrently analyzed relative to multiple traffic type definitions, and indications of whether the received block of communication traffic conforms to the traffic type definitions are provided. Concurrent analysis of the same traffic block relative to different traffic type definitions can reduce the amount of time that might otherwise be involved in determining a type of the traffic block. Evaluation of traffic against multiple definitions may also allow traffic to be classified or verified more specifically than would be possible based solely on explicit type indications provided in traffic overhead.

The present application is directed towards policy based routing for intelligent traffic management via multiple next hops. In some embodiments, the systems and methods disclosed herein may provide management of inbound and outbound traffic across multiple network links, and may further provide reliability in case of link failure, and provide balancing of traffic, responsive to the latency and bandwidth requirements of various applications. Accordingly, these systems and methods may provide intelligent policy-based routing and network and port address translation, sensitive to application traffic types, protocols, source IP addresses and ports, destination IP addresses and ports, or any combination thereof, and can balance traffic loads among multiple available paths based on multiple traffic characteristics. The routing may performed on a packet-by-packet basis, a transaction-by-transaction basis, or a session-by-session basis, and the systems and methods may include capabilities for application-aware health monitoring of available network paths.