WO2001029676A1 - On-switch policy rule caching for data communication switch - Google Patents

On-switch policy rule caching for data communication switch Download PDF

Info

Publication number
WO2001029676A1
WO2001029676A1 PCT/US2000/028966 US0028966W WO0129676A1 WO 2001029676 A1 WO2001029676 A1 WO 2001029676A1 US 0028966 W US0028966 W US 0028966W WO 0129676 A1 WO0129676 A1 WO 0129676A1
Authority
WO
WIPO (PCT)
Prior art keywords
data communication
communication switch
qos
policy rule
flow
Prior art date
Application number
PCT/US2000/028966
Other languages
French (fr)
Inventor
Alan K. Bartky
Thomas Des Jardins
D. Brian Edginton
L. Michele Goodwin
Christopher Martin
Michael E. See
Original Assignee
Alcatel Internetworking, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alcatel Internetworking, Inc. filed Critical Alcatel Internetworking, Inc.
Priority to JP2001532402A priority Critical patent/JP2003512799A/en
Priority to EP00975303A priority patent/EP1166208A4/en
Publication of WO2001029676A1 publication Critical patent/WO2001029676A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2441Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]

Definitions

  • the present invention relates generally to data communication switches, and more
  • QoS qualities of service
  • a simple policy rule may take the form “treat all flows in group 2 at priority level 3", in which case the flow condition is "group 2" and the QoS
  • the present invention provides on-switch policy rule caching for facilitating QoS provisioning on a data communication switch.
  • Policy rules downloaded from a directory server are cached on the switch for a determinate duration to enable their application in provisioning QoS for multiple flows.
  • Policy rules are retained on-switch until aged-out. Aging-out occurs in response to a time limit associated with a cached policy rule meeting an expiration condition.
  • a fresh policy rule may be downloaded from the directory server in response to aging-out of a stale policy rule.
  • a time limit associated with a cached policy rule may be extended in response to application of the policy rule to a new flow.
  • the on-switch policy rule caching method may be applied in conjunction with in-band or out-of-band QoS provisioning.
  • Figure 1 shows a network in which an on-switch policy rule caching method and apparatus of the present invention is operative in a first embodiment
  • Figure 2 shows the rule cache of Figure 1 in greater detail
  • Figure 3 shows a network in which an on-switch policy rule caching method and apparatus of the present invention is operative in a second embodiment
  • Figure 4A and 4B are flow diagrams describing a QoS provisioning method in accordance with the first embodiment
  • Figures 5A and 5B are flow diagrams describing a QoS provisioning method in accordance with the second embodiment.
  • Figure 6 is a flow diagram describing an on-switch policy rule caching method of present invention operative in conjunction with the first and second embodiments.
  • Figure 1 shows a network in which on-switch policy rule caching is operative in conjunction with in-band QoS provisioning.
  • Provisioning conducted in connection with a path set-up protocol such as, for example, Resource Reservation Protocol (RSVP) may include provisioning conducted in connection with the data packet forwarding process.
  • the network includes switch 140 having switching modules 150, 160, and 170 supporting external devices including end stations 110 and 112, devices in backbone network 120, and directory server 130.
  • Switch 140 includes management module 180 linked to switching modules 150, 160, and 170 via data bus 187 for transmitting data traffic.
  • Management module 180 is also linked to switching modules 150, 160, and 170 via management bus 188 for transmitting management traffic including QoS information for various flows.
  • Management module 180 includes QoS mapper-classifier 181, QoS manager 182, policy manager 183, QoS driver 184, source learning module 185 and rule cache 186 for facilitating in-band QoS provisioning.
  • QoS mapper classifier 181, QoS manager 182, policy manager 183, QoS driver 184, and source learning module 185 are preferably software modules. Alternatively, implementation of the system may be accomplished in a combination of hardware, firmware (such as, e.g., application specific integrated circuits (“ASICS”) or other customized circuits), and/or software or by any method known in the art.
  • ASICS application specific integrated circuits
  • Switch 140 preferably supports in-band QoS provisioning with on-switch policy rule cachings.
  • a data packet received on switch 140 from end station 110 and having an unknown source address is captured off data bus 187 by management module 180.
  • the unknown source address data packet is forwarded to source learning module 185 for learning the association between the source address and the switching module 150 on which the packet arrived.
  • a conventional media access control (MAC) address is contemplated.
  • source learning module 185 notifies QoS manager 182 of the arrival of the unknown source address data packet, which may constitute, for example, a new flow.
  • QoS manager 182 requests a QoS assignment for the new flow from policy manager 183.
  • policy manager 183 determines whether an applicable policy rule is stored in rule cache 186. If an applicable policy rule is found in rule cache 186, policy manager 183 returns a policy response for the flow to QoS manager 182, including a flow identifier and QoS action. In response to receiving
  • QoS manager 182 preferably divides the policy response into flow identifier and QoS action parts and forwards the parts to QoS mapper-classifier 181.
  • Mapper-classifier 181 preferably associates the flow identifier with an output queue supporting the QoS action and notifies QoS driver 184 of the association.
  • QoS driver 184 preferably makes a flow identifier-output queue
  • policy manager 183 If an applicable policy rule is not found in rule cache 186, policy manager 183 requests an j r, applicable policy rule from directory server 130. Policy manager 183 preferably transmits a request to directory server 130 for an applicable policy rule using Lightweight Directory Access Protocol (LDAP). In response to the request, directory server 130 returns an applicable policy rule to policy manager 183. QoS provisioning on switch 140 then proceeds as described above, except policy
  • LDAP Lightweight Directory Access Protocol
  • rule cache 186 may preferably include an entry for each policy rule including a flow condition component 210 and a QoS
  • the flow condition component may preferably include a VLAN identifier (virtual local area network (VLAN) identifier) or some other logical group identifier and the QoS action component preferably includes a priority level and a maximum bandwidth level.
  • VLAN virtual local area network
  • policy manager 183 determines whether an entry in rule cache 186 has the VLAN identifier as a flow condition component. If an entry in rule cache 186 has the VLAN identifier as a flow condition component, policy manager 183 preferably returns a policy response for the flow to QoS manager 182 including a flow identifier and the priority level and maximum bandwidth level from the QoS action fields of the corresponding entry. In response to receiving a policy response, QoS manager 182 preferably divides the policy response into flow identifier and QoS action parts and forwards the parts to QoS mapper-classifier 181. A flow identifier is preferably sufficient to
  • Mapper-classifier 181 preferably associates the flow with an output queue supporting the QoS actions and forwards the association to QoS driver 184, which
  • out-of-band QoS provisioning which may include, provisioning conducted in connection with a path set-up protocol such as, for example, Resource Reservation Protocol (RSVP), which includes provisioning conducted in connection with the data packet forwarding process.
  • RVP Resource Reservation Protocol
  • the network includes switch 340 having elements 350, 360, 370, 380, 387, and 388 corresponding to
  • switch 340 includes RSVP module 385.
  • Switch 340 supports external devices, including end stations 310, 312, devices in backbone network 320 and directory server 330.
  • management module 380 includes QoS mapper-classifier 381, QoS
  • RSVP module 185 for facilitating out-of-band QoS provisioning with on-switch policy rule caching as follows.
  • An RSVP Reservation (Resv) message packet received on switch 340 from end station 310 is captured off data bus 387 by management module 380.
  • the Resv message packet is forwarded to RSVP module 385,
  • QoS manager 382 requests from policy manager 383 a QoS assignment for the flow identified in the Resv message packet per the QoS actions identified in the Resv message packet.
  • a QoS assignment preferably includes a VLAN identifier, a requested priority level and a requested maximum bandwidth level.
  • policy manager 383 determines whether an applicable policy rule, preferably a policy rule having the VLAN identifier as a flow condition component, is stored in rule cache 386.
  • policy manager 383 applies the QoS actions indicated by the applicable rule, preferably a priority level and a maximum bandwidth level, as limits against the QoS actions requested in the QoS assignment. If none of the requested QoS actions exceeds a corresponding QoS action limit, policy manager 383 provides to QoS manager 382 notification that the reservation has been accepted and a policy response including a flow identifier and the requested QoS actions. In response to receiving the notification and policy response, QoS manager 382 divides the policy response into flow identifier and QoS action parts and forwards the parts to QoS mapper-classifier 381.
  • Mapper-classifier 381 preferably associates the flow with an output queue supporting the QoS action and forwards the association to QoS driver 384, which configures the flow ID-queue ID association on one or more of network interfaces 350, 360, 370 via management bus 388.
  • rule cache 386 If an applicable policy rule is found in rule cache 386, but one or more of the requested QoS actions exceeds a corresponding QoS action limit, QoS manager 382 is notified that the request has been rejected and the flow ID-queue ID association is not configured on switch 340.
  • policy manager 383 If an applicable policy rule is not found in rule cache 386, policy manager 383 requests an applicable policy rule from directory server 330. Policy manager 183 transmits a request to directory server 330 for an applicable policy rule using Lightweight Directory Access Protocol (LDAP). In response to the request, directory server 330 returns an applicable policy rule to policy manager 383. Processing of the QoS assignment request on switch 340 then proceeds as described above, except policy manager 383 preferably stores the downloaded policy rule in rule cache 386 for future reference, for example, in provisioning QoS in response to a subsequent Resv message packet received on switch 340 from end station 312 for a different flow subject to the same policy rule.
  • LDAP Lightweight Directory Access Protocol
  • Resv message packets are preferably forwarded upstream to the "next hop" on the flowpath via backbone network 320 in accordance with RSVP convention.
  • the present invention preferably attempts to ensure that "stale" policy rules are not applied on switch 140, in the case of in-band QoS provisioning, and switch 340, in the case of out-of-band QoS provisioning.
  • each policy rule downloaded from a directory server 130, 330 to a switch 140, 340 has associated therewith a time-to-live value that triggers aging-out of the rule after a determinate duration.
  • the policy manager 183, 383 preferably maintains a list of entries including rule cache indices and associated time-to-live values for active policy rules.
  • the policy manager 183, 383 preferably checks the list periodically to reduce the time- to-live values and determine whether the time-to-live of any active policy rule has expired. In response to a determination that a time-to-live of an active policy rule has expired, the policy manager 183, 383 preferably takes a series of actions. The policy manager 183, 383 preferably uses the rule cache index associated with the policy rule for which the time-to-live has expired to flush the "stale" policy rule from the rule cache 183, 383. The policy manager 183, 383 also preferably requests a "fresh" policy rule from the directory server 130, 330 having the same flow condition component as the flushed policy rule.
  • the policy manager 183, 383 may also instruct the QoS manager 182, 382 to disable flow ID-queue ID associations configured on switching modules 150, 160. 170 or 350, 360, 370 pursuant to application of the now-"stale" policy rule.
  • the policy manager 183, 383 may "grandfather"-in previously configured associations such that the associations may continue to be applied on the switch 140, 340.
  • a time-to-live value for an active policy rule may be increased, if desired, in response to application of the policy rule to a new flow. In this way, rule "staleness" may be determined in relation to the frequency of application on switch 140. 340.
  • a flow diagram describes in-band QoS provisioning on switch 140.
  • a data packet originated on end station 110 is received at switching module 150 (405) and a source address is checked to see if it is known or unknown on switch 140 (410). If the source address is known, no QoS provisioning action is taken. If, however, the source address is unknown, the data packet is forwarded to source learning module 185 over data bus 187 (415).
  • QoS manager 182 is notified of a new flow (420). QoS manager 182 requests a QoS assignment for the new flow from policy manager 183 (425).
  • policy manager 183 In response to receipt of the request for a QoS assignment, policy manager 183 searches rule cache 186 for an applicable policy rule (430). The applicable policy rule is found in rule cache 186 or, if not found in rule cache 186, is located in and downloaded from directory server 130 (435). In either event, the rule is applied to determine a policy response for the new flow on switch 140 (440). Turning now to Figure 4B, policy manager 183 transmits the policy response for the new flow to QoS manager 182 (445). QoS manager 182 separates the policy response into flow ID and QoS action components (450) and transmits the components to QoS mapper-classifier 181.
  • the QoS action component is transmitted to the QoS mapper for a queue ID determination (455), whereas the flow ID component is transmitted to the QoS classifier (460).
  • QoS driver 184 configures the flow ID-queue ID association on one or more of switching modules 150, 160, 170 by initiating a control flow over management bus 188 (465) to complete QoS provisioning for the new flow.
  • a packet originated on end station 310 is received at switching module 350 (505) and a check is made to determine if the packet is an RSVP message packet (510). If the packet is not an RSVP message packet, no QoS provisioning action is taken. If the packet is an RSVP message packet, the packet is forwarded to RSVP module 385 over data bus 387 (515). A check is made to determine if the packet is an RSVP Resv message packet (520). If the packet is not a Resv message packet, the packet is preferably processed in accordance with RSVP convention per the packet' s RSVP message type. If the packet is an Resv message packet, QoS manager 382 is notified of a RSVP Resv request (525).
  • QoS manager 382 requests a QoS assignment for the new flow from policy manager 383 in accordance with the Resv request (530).
  • policy manager 383 searches rule cache 386 for an applicable policy rule (535).
  • the applicable policy rule is found in rule cache 386 or, if not found in rule cache 386 is located in and downloaded from directory server 330 (540). In either event, the QoS action component of the rule is applied as a limit against the requested QoS action (545).
  • Figure 5B if a requested QoS action exceeds a corresponding limit (550), QoS manager 382 is notified that the Resv request has been rejected (555) and processing continues per RSVP convention.
  • policy manager 383 determines a policy response for the flow per the Resv request and notifies QoS manager 382 that the Resv request has been accepted (560).
  • QoS manager 382 parses the policy response into flow ID and QoS action components (565) and transmits the components to QoS mapper-classifier 381.
  • the QoS action component is preferably transmitted to the QoS mapper for a queue ID determination (570) and the flow ID component is preferably transmitted to the QoS classifier (575).
  • QoS driver 384 configures the flow ID-queue ID association on one or more of switching modules 350, 360, 370 through a control flow conducted over management bus 388 (580) to complete QoS provisioning for the RSVP-signaled flow.
  • FIG. 6 a flow diagram describing an on-switch QoS rule caching method of the present invention is shown to be operative in conjunction with in-band and out-of-band QoS provisioning.
  • a policy rule and an associated time-to-live value are downloaded from a directory server 130, 330 in response to a QoS assignment request initiated on a switch 140, 340 which could not be addressed locally by reference to the policy rules active in an on-switch rule cache 186, 386 (610).
  • the downloaded QoS rule is cached and the time-to-live value is stored on the switch 140, 340 in association therewith (620).
  • the time-to-live value is decremented (640) and a check is made to determine if the time-to-live has expired (650). If the time-to-live has not expired, the algorithm returns to Step 630. However, if the time-to-live has expired, the "stale" policy rule is removed from the rule cache 186. 386 (660) and a "fresh" policy rule is downloaded from the directory server 130, 330 for the same flow condition as the "stale" policy rule (670).

Abstract

On-switch rule caching for facilitating quality of service (QoS) provisioning. Policy rules downloaded from a directory server (330) are cached on a switch (340) for a determinate duration to enable application in provisioning QoS for multiple flows. Active policy rules are aged-out in response to expiration of a time-to-live value associated with a policy rule. If the time-to-live has expired, a 'stale' policy rule is removed from a rule cache (386), and a 'fresh' policy rule is downloaded from the directory server (330). A time-to-live value may be increased in response to each application of a policy rule. On-switch rule caching may be applied in conjunction with out-of-band QoS provisioning, i.e. QoS provisioning conducted in connection with a path set-up protocol such as Resource Reservation Protocol (RSVP) (385), or in-band QoS provisioning, i.e. QoS provisioning conducted in connection with the data packet forwarding process.

Description

ON-SWITCH POLICY RULE CACHING FOR DATA COMMUNICATION SWITCH
CROSS REFERENCE TO RELATED APPLICATIONS
This application claims the benefit of U.S. provisional patent application serial numbers 60/160.560 entitled "QUALITY OF SERVICE POLICY MANAGER", 60/160.520 entitled "QUALITY OF SERVICE SYSTEM ARCHITECTURE" and 60/160,483 entitled "QUALITY OF SERVICE MANAGER", all filed October 20, 1999, the contents of all of which are hereby
10 incorporated by reference. FIELD OF THE INVENTION
The present invention relates generally to data communication switches, and more
, particularly to on-switch policy rule caching for a data communication switch.
BACKGROUND OF THE INVENTION
Data communication switches are becoming more intelligent. Whereas legacy data communication switches often provided indiscriminate first in, first out (FIFO) delivery of packets,
20 more recent vintage data communication switches regularly depart from FIFO packet ordering in connection with providing different qualities of service (QoS) for different flows. QoS first became popularized in cell-switched ATM networks, but is rapidly migrating to packet-switched networks and protocols, including bridged (Layer 2, or "L2") and routed (Layer 3, or "L3") networks and
25 protocols.
Common QoS system features are emerging in L2/L3 switching environments. One such feature involves configuring policy "rules" on a directory server for subsequent application in provisioning QoS to flows seen on a switch. Policy rules typically have a flow condition component
30 and a QoS action component, and answer the question of "what" QoS action should be applied to packets satisfying the flow condition. For instance, a simple policy rule may take the form "treat all flows in group 2 at priority level 3", in which case the flow condition is "group 2" and the QoS
-,c action is "priority level 3". Conventionally, policy rules have been applied to provision QoS for flows seen on a switch by "pulling" the rules down from a directory server "on demand", i.e. upon seeing the new flow on the switch. Because the same rules may apply to different flows seen on the switch, however, the requirement of engaging a directory server and downloading a policy rule for each flow is highly inefficient. It would be desirable to download rules to the switch once and apply them to provision QoS for several flows, while safeguarding against application of "stale" rules to new flows. SUMMARY OF THE INVENTION
The present invention provides on-switch policy rule caching for facilitating QoS provisioning on a data communication switch. Policy rules downloaded from a directory server are cached on the switch for a determinate duration to enable their application in provisioning QoS for multiple flows. Policy rules are retained on-switch until aged-out. Aging-out occurs in response to a time limit associated with a cached policy rule meeting an expiration condition. A fresh policy rule may be downloaded from the directory server in response to aging-out of a stale policy rule. A time limit associated with a cached policy rule may be extended in response to application of the policy rule to a new flow. The on-switch policy rule caching method may be applied in conjunction with in-band or out-of-band QoS provisioning.
These and other aspects of the invention may be better understood by reference to the following detailed description taken in conjunction with the accompanying drawings briefly described below.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 shows a network in which an on-switch policy rule caching method and apparatus of the present invention is operative in a first embodiment;
Figure 2 shows the rule cache of Figure 1 in greater detail;
Figure 3 shows a network in which an on-switch policy rule caching method and apparatus of the present invention is operative in a second embodiment;
Figure 4A and 4B are flow diagrams describing a QoS provisioning method in accordance with the first embodiment; Figures 5A and 5B are flow diagrams describing a QoS provisioning method in accordance with the second embodiment; and
Figure 6 is a flow diagram describing an on-switch policy rule caching method of present invention operative in conjunction with the first and second embodiments. DETAILED DETAILED DESCRIPTION
Figure 1 shows a network in which on-switch policy rule caching is operative in conjunction with in-band QoS provisioning. Provisioning conducted in connection with a path set-up protocol such as, for example, Resource Reservation Protocol (RSVP), may include provisioning conducted in connection with the data packet forwarding process. The network includes switch 140 having switching modules 150, 160, and 170 supporting external devices including end stations 110 and 112, devices in backbone network 120, and directory server 130. Switch 140 includes management module 180 linked to switching modules 150, 160, and 170 via data bus 187 for transmitting data traffic. Management module 180 is also linked to switching modules 150, 160, and 170 via management bus 188 for transmitting management traffic including QoS information for various flows. Management module 180 includes QoS mapper-classifier 181, QoS manager 182, policy manager 183, QoS driver 184, source learning module 185 and rule cache 186 for facilitating in-band QoS provisioning. QoS mapper classifier 181, QoS manager 182, policy manager 183, QoS driver 184, and source learning module 185 are preferably software modules. Alternatively, implementation of the system may be accomplished in a combination of hardware, firmware (such as, e.g., application specific integrated circuits ("ASICS") or other customized circuits), and/or software or by any method known in the art.
Switch 140 preferably supports in-band QoS provisioning with on-switch policy rule cachings. In operation, according to a one embodiment, a data packet received on switch 140 from end station 110 and having an unknown source address is captured off data bus 187 by management module 180. The unknown source address data packet is forwarded to source learning module 185 for learning the association between the source address and the switching module 150 on which the packet arrived. A conventional media access control (MAC) address is contemplated. In addition to performing source learning, source learning module 185 notifies QoS manager 182 of the arrival of the unknown source address data packet, which may constitute, for example, a new flow. In response to receiving notification, QoS manager 182 requests a QoS assignment for the new flow from policy manager 183. In response to receiving the request for a QoS assignment, policy manager 183 determines whether an applicable policy rule is stored in rule cache 186. If an applicable policy rule is found in rule cache 186, policy manager 183 returns a policy response for the flow to QoS manager 182, including a flow identifier and QoS action. In response to receiving
10 the policy response, QoS manager 182 preferably divides the policy response into flow identifier and QoS action parts and forwards the parts to QoS mapper-classifier 181. Mapper-classifier 181 preferably associates the flow identifier with an output queue supporting the QoS action and notifies QoS driver 184 of the association. QoS driver 184 preferably makes a flow identifier-output queue
15 identifier association on one or more of switching modules 150, 160, 170 via management bus 188 to enforce the QoS action on switch 140.
If an applicable policy rule is not found in rule cache 186, policy manager 183 requests an jr, applicable policy rule from directory server 130. Policy manager 183 preferably transmits a request to directory server 130 for an applicable policy rule using Lightweight Directory Access Protocol (LDAP). In response to the request, directory server 130 returns an applicable policy rule to policy manager 183. QoS provisioning on switch 140 then proceeds as described above, except policy
25 manager 183 stores the downloaded policy rule in rule cache 186 for future reference, such as in provisioning QoS for a subsequent flow initiated by end station 112 subject to the same policy rule. Referring now to Figure 2, rule cache 186 is shown in greater detail. Rule cache 186 may preferably include an entry for each policy rule including a flow condition component 210 and a QoS
30 action component 220. The flow condition component may preferably include a VLAN identifier (virtual local area network (VLAN) identifier) or some other logical group identifier and the QoS action component preferably includes a priority level and a maximum bandwidth level. Each QoS assignment requested by QoS manager 182 for a new flow preferably includes a VLAN identifier
35 associated with the flow. In response to receiving a request for a QoS assignment including a VLAN identifier, policy manager 183 determines whether an entry in rule cache 186 has the VLAN identifier as a flow condition component. If an entry in rule cache 186 has the VLAN identifier as a flow condition component, policy manager 183 preferably returns a policy response for the flow to QoS manager 182 including a flow identifier and the priority level and maximum bandwidth level from the QoS action fields of the corresponding entry. In response to receiving a policy response, QoS manager 182 preferably divides the policy response into flow identifier and QoS action parts and forwards the parts to QoS mapper-classifier 181. A flow identifier is preferably sufficient to
10 distinguish the flow to which it applies from other flows and may include, by way of example, one or more of a source address, destination address, source port, destination port, time of day, week, month or year and VLAN identifier. Mapper-classifier 181 preferably associates the flow with an output queue supporting the QoS actions and forwards the association to QoS driver 184, which
15 configures flow identifier-output queue association on one or more of switching modules 150, 160, 170 via management bus 188.
Referring now to Figure 3, a network in which on-switch policy rule caching is operative in
~r. conjunction with out-of-band QoS provisioning, which may include, provisioning conducted in connection with a path set-up protocol such as, for example, Resource Reservation Protocol (RSVP), which includes provisioning conducted in connection with the data packet forwarding process. The network includes switch 340 having elements 350, 360, 370, 380, 387, and 388 corresponding to
25 respective elements 150, 160, 170, 180, 187, and 188 on switch 140, except switch 340 includes RSVP module 385. Switch 340 supports external devices, including end stations 310, 312, devices in backbone network 320 and directory server 330.
More particularly, management module 380 includes QoS mapper-classifier 381, QoS
30 manager 382, policy manager 383, QoS driver 384, RSVP module 185 and rule cache 186 for facilitating out-of-band QoS provisioning with on-switch policy rule caching as follows. An RSVP Reservation (Resv) message packet received on switch 340 from end station 310 is captured off data bus 387 by management module 380. The Resv message packet is forwarded to RSVP module 385,
35 prompting notification of QoS manager 382 of the arrival of an Resv message packet. In response to receiving notification of the Resv message packet, QoS manager 382 requests from policy manager 383 a QoS assignment for the flow identified in the Resv message packet per the QoS actions identified in the Resv message packet. A QoS assignment preferably includes a VLAN identifier, a requested priority level and a requested maximum bandwidth level. In response to receiving the request for a QoS assignment, policy manager 383 determines whether an applicable policy rule, preferably a policy rule having the VLAN identifier as a flow condition component, is stored in rule cache 386. If an applicable policy rule is found in rule cache 386, policy manager 383 applies the QoS actions indicated by the applicable rule, preferably a priority level and a maximum bandwidth level, as limits against the QoS actions requested in the QoS assignment. If none of the requested QoS actions exceeds a corresponding QoS action limit, policy manager 383 provides to QoS manager 382 notification that the reservation has been accepted and a policy response including a flow identifier and the requested QoS actions. In response to receiving the notification and policy response, QoS manager 382 divides the policy response into flow identifier and QoS action parts and forwards the parts to QoS mapper-classifier 381. Mapper-classifier 381 preferably associates the flow with an output queue supporting the QoS action and forwards the association to QoS driver 384, which configures the flow ID-queue ID association on one or more of network interfaces 350, 360, 370 via management bus 388.
If an applicable policy rule is found in rule cache 386, but one or more of the requested QoS actions exceeds a corresponding QoS action limit, QoS manager 382 is notified that the request has been rejected and the flow ID-queue ID association is not configured on switch 340.
If an applicable policy rule is not found in rule cache 386, policy manager 383 requests an applicable policy rule from directory server 330. Policy manager 183 transmits a request to directory server 330 for an applicable policy rule using Lightweight Directory Access Protocol (LDAP). In response to the request, directory server 330 returns an applicable policy rule to policy manager 383. Processing of the QoS assignment request on switch 340 then proceeds as described above, except policy manager 383 preferably stores the downloaded policy rule in rule cache 386 for future reference, for example, in provisioning QoS in response to a subsequent Resv message packet received on switch 340 from end station 312 for a different flow subject to the same policy rule.
In addition to on-switch processing of Resv message packets received on switch 340, Resv message packets are preferably forwarded upstream to the "next hop" on the flowpath via backbone network 320 in accordance with RSVP convention.
The present invention preferably attempts to ensure that "stale" policy rules are not applied on switch 140, in the case of in-band QoS provisioning, and switch 340, in the case of out-of-band QoS provisioning. To prevent application of "stale" policy rules, each policy rule downloaded from a directory server 130, 330 to a switch 140, 340 has associated therewith a time-to-live value that triggers aging-out of the rule after a determinate duration. The policy manager 183, 383 preferably maintains a list of entries including rule cache indices and associated time-to-live values for active policy rules. The policy manager 183, 383 preferably checks the list periodically to reduce the time- to-live values and determine whether the time-to-live of any active policy rule has expired. In response to a determination that a time-to-live of an active policy rule has expired, the policy manager 183, 383 preferably takes a series of actions. The policy manager 183, 383 preferably uses the rule cache index associated with the policy rule for which the time-to-live has expired to flush the "stale" policy rule from the rule cache 183, 383. The policy manager 183, 383 also preferably requests a "fresh" policy rule from the directory server 130, 330 having the same flow condition component as the flushed policy rule. The policy manager 183, 383 may also instruct the QoS manager 182, 382 to disable flow ID-queue ID associations configured on switching modules 150, 160. 170 or 350, 360, 370 pursuant to application of the now-"stale" policy rule. Alternatively, the policy manager 183, 383 may "grandfather"-in previously configured associations such that the associations may continue to be applied on the switch 140, 340.
In addition to periodic reduction of time-to-live values, a time-to-live value for an active policy rule may be increased, if desired, in response to application of the policy rule to a new flow. In this way, rule "staleness" may be determined in relation to the frequency of application on switch 140. 340.
Turning now to Figures 4A and 4B, and first to 4A, a flow diagram describes in-band QoS provisioning on switch 140. A data packet originated on end station 110 is received at switching module 150 (405) and a source address is checked to see if it is known or unknown on switch 140 (410). If the source address is known, no QoS provisioning action is taken. If, however, the source address is unknown, the data packet is forwarded to source learning module 185 over data bus 187 (415). In response to arrival of the data packet at source learning module 185, QoS manager 182 is notified of a new flow (420). QoS manager 182 requests a QoS assignment for the new flow from policy manager 183 (425). In response to receipt of the request for a QoS assignment, policy manager 183 searches rule cache 186 for an applicable policy rule (430). The applicable policy rule is found in rule cache 186 or, if not found in rule cache 186, is located in and downloaded from directory server 130 (435). In either event, the rule is applied to determine a policy response for the new flow on switch 140 (440). Turning now to Figure 4B, policy manager 183 transmits the policy response for the new flow to QoS manager 182 (445). QoS manager 182 separates the policy response into flow ID and QoS action components (450) and transmits the components to QoS mapper-classifier 181. Particularly, the QoS action component is transmitted to the QoS mapper for a queue ID determination (455), whereas the flow ID component is transmitted to the QoS classifier (460). In response, QoS driver 184 configures the flow ID-queue ID association on one or more of switching modules 150, 160, 170 by initiating a control flow over management bus 188 (465) to complete QoS provisioning for the new flow. Turning now to Figures 5A and 5B, and first to 5 A, a flow diagram describes out-of-band
QoS provisioning on switch 340 for a flow, particularly an RSVP-signaled flow. A packet originated on end station 310 is received at switching module 350 (505) and a check is made to determine if the packet is an RSVP message packet (510). If the packet is not an RSVP message packet, no QoS provisioning action is taken. If the packet is an RSVP message packet, the packet is forwarded to RSVP module 385 over data bus 387 (515). A check is made to determine if the packet is an RSVP Resv message packet (520). If the packet is not a Resv message packet, the packet is preferably processed in accordance with RSVP convention per the packet' s RSVP message type. If the packet is an Resv message packet, QoS manager 382 is notified of a RSVP Resv request (525). QoS manager 382 requests a QoS assignment for the new flow from policy manager 383 in accordance with the Resv request (530). In response to receipt of the request for a QoS assignment, policy manager 383 searches rule cache 386 for an applicable policy rule (535). The applicable policy rule is found in rule cache 386 or, if not found in rule cache 386 is located in and downloaded from directory server 330 (540). In either event, the QoS action component of the rule is applied as a limit against the requested QoS action (545). Turning now to Figure 5B, if a requested QoS action exceeds a corresponding limit (550), QoS manager 382 is notified that the Resv request has been rejected (555) and processing continues per RSVP convention. If no requested QoS action exceeds a limit, however, policy manager 383 determines a policy response for the flow per the Resv request and notifies QoS manager 382 that the Resv request has been accepted (560). QoS manager 382 parses the policy response into flow ID and QoS action components (565) and transmits the components to QoS mapper-classifier 381. Particularly, the QoS action component is preferably transmitted to the QoS mapper for a queue ID determination (570) and the flow ID component is preferably transmitted to the QoS classifier (575). In response, QoS driver 384 configures the flow ID-queue ID association on one or more of switching modules 350, 360, 370 through a control flow conducted over management bus 388 (580) to complete QoS provisioning for the RSVP-signaled flow.
Turning finally to Figure 6, a flow diagram describing an on-switch QoS rule caching method of the present invention is shown to be operative in conjunction with in-band and out-of-band QoS provisioning. A policy rule and an associated time-to-live value are downloaded from a directory server 130, 330 in response to a QoS assignment request initiated on a switch 140, 340 which could not be addressed locally by reference to the policy rules active in an on-switch rule cache 186, 386 (610). The downloaded QoS rule is cached and the time-to-live value is stored on the switch 140, 340 in association therewith (620). After a fixed interval (630), the time-to-live value is decremented (640) and a check is made to determine if the time-to-live has expired (650). If the time-to-live has not expired, the algorithm returns to Step 630. However, if the time-to-live has expired, the "stale" policy rule is removed from the rule cache 186. 386 (660) and a "fresh" policy rule is downloaded from the directory server 130, 330 for the same flow condition as the "stale" policy rule (670).
It will be appreciated by those of ordinary skill in the art that the invention can be embodied in other specific forms without departing from the spirit or essential character hereof. The present invention is therefore considered in all respects illustrative and not restrictive. The scope of the invention is indicated by the appended claims, and all changes that come within the meaning and range of equivalents thereof are intended to be embraced therein.

Claims

We claim:
1. A QoS provisioning method for a data communication switch, comprising the steps of: receiving a packet within a data flow; reviewing a source address in said packet; and establishing a QoS for said data flow on said data communication switch if said source address is not recognized, the establishing step further comprising the step of determining a QoS action for application to said data flow from a policy rule stored on said data communication switch if a flow condition associated with said data flow matches a flow condition of said policy rule.
2. The QoS provisioning method according to claim 1, further comprising the step of: determining said QoS action for application to said data flow from a policy rule stored on a directory server external to said data communication switch if said flow condition associated with said data flow does not match a flow condition of any policy rule stored on said data communication switch.
3. The QoS provisioning method according to claim 1 wherein said source address is a media access control (MAC) address.
4. The QoS provisioning method according to claim 2, further comprising the step of downloading said policy rule stored on said directory server to said data communication switch and stored on said data communication switch for a determinate duration.
5. The data communication switch according to claim 4, wherein said determinate duration is determined by a time limit associated with said policy rule.
6. The data communication switch according to claim 5 , wherein said time limit is stored on said directory server in association with said policy rule.
7. A QoS provisioning method for a data communication switch, comprising the step of: receiving a control packet, said control packet requesting establishment of a QoS for application to said data flow on said data communication switch and including a requested QoS action; determining a limit QoS action for application against said requested QoS action from a policy rule stored on said data communication switch if a flow condition associated with said data flow matches a flow condition of said policy rule; applying said limit QoS action against said requested QoS action; and establishing said requested QoS for said data flow on said data communication switch if said requested QoS action does not exceed said limit QoS action.
8. The QoS provisioning method according to claim 7, further comprising the step of: determining a QoS action for application as a limit against said requested QoS action from a policy rule stored on a directory server external to said data communication switch if said flow condition associated with said data flow does not match a flow condition of any policy rule stored on said data communication switch.
9. The QoS provisioning method according to claim 7, wherein said control packet is a Resource Reservation Protocol (RSVP) Reservation (Resv) message packet.
10. The QoS provisioning method according to claim 8, further comprising the step of downloading said policy rule stored on said directory server to said data communication switch and storing on said data communication switch for a determinate duration.
11. The data communication switch according to claim 10, wherein said determinate duration is determined by a time limit associated with said policy rule.
12. The data communication switch according to claim 11 , wherein said time limit is stored on said directory server in association with said policy rule.
13. A data communication switch comprising quality of service (QoS) provisioning system wherein QoS actions are applied to data flows based on flow identifiers associated with said data flows, characterized in that said QoS provisioning system determines a said QoS action for application to a said data flow from a policy rule stored on said data communication switch if a flow condition associated with said data flow matches a flow condition of said policy rule.
14. The data communication switch according to claim 13. wherein said QoS provisioning system determines said QoS action for application to said data flow from a policy rule stored on a directory server external to said data communication switch if said flow condition associated with said data flow does not match a flow condition of any policy rule stored on said data communication switch.
15. The data communication switch according to claim 14, wherein said policy rule stored on said directory server is downloaded from said directory server to said data communication switch and stored on said data communication switch for a determinate duration.
16. The data communication switch according to claim 15, wherein in response to lapsing 0 of said determinate duration, a second policy rule stored on said directory server is downloaded from said directory server to said communication switch and stored on said data communication switch for a determinate duration, said second policy rule and said policy rule previously downloaded and stored having a common flow condition. 5
17. The data communication switch according to claim 15, wherein said determinate duration is determined by a time limit associated with said policy rule.
18. The data communication switch according to claim 17, wherein said time limit is stored fl on said directory server in association with said policy rule.
19. The data communication switch according to claim 13, wherein said QoS action includes a priority level.
20. The data communication switch according to claim 13, wherein said QoS action 5 includes a bandwidth level.
21. The data communication switch according to claim 13, wherein said flow condition includes a virtual network identifier.
22. The data communication switch according to claim 13, wherein said flow identifier 0 includes one or more of a source address, a destination address and a virtual network identifier.
23. A data communication switch configured with QoS, the switch comprising: means for receiving a packet within a data flow; 5 means for reviewing a source address in said packet; and means for establishing a QoS for said data flow on said data communication switch if said source address is not recognized, the establishing means further comprising means for determining a QoS action for application to said data flow from a policy rule stored on said data communication switch wherein the determining means determine said QoS if a flow condition associated with said data flow matches a flow condition of said policy rule.
24. The data communication switch according to claim 23, further comprising: means for determining said QoS action for application to said data flow from a policy rule stored on a directory server external to said data communication switch if said flow condition associated with said data flow does not match a flow condition of any policy rule stored on said data communication switch.
25. The data communication switch according to claim 23 wherein said source address is a media access control (MAC) address.
26. The data communication switch according to claim 24, further comprising means for downloading said policy rule stored on said directory server to said data communication switch and storing on said data communication switch for a determinate duration.
27. The data communication switch according to claim 26, wherein said determinate duration is determined by a time limit associated with said policy rule.
28. The data commumcation switch according to claim 27, wherein said time limit is stored on said directory server in association with said policy rule.
29. A data communication switch configured with QoS provisioning, the switch comprising: means for receiving a control packet, said control packet requesting establishment of a QoS for application to said data flow on said data communication switch and including a requested QoS action; means for determining a limit QoS action for application against said requested QoS action from a policy rule stored on said data communication switch if a flow condition associated with said data flow matches a flow condition of said policy rule; means for applying said limit QoS action against said requested QoS action; and means for establishing said requested QoS for said data flow on said data communication switch if said requested QoS action does not exceed said limit QoS action.
30. The data communication switch according to claim 29, further comprising: means for determining a QoS action for application as a limit against said requested QoS action from a policy rule stored on a directory server external to said data communication switch if said flow condition associated with said data flow does not match a flow condition of any policy rule stored on said data communication switch.
31. The data communication switch according to claim 29, wherein said control packet is a Resource Reservation Protocol (RSVP) Reservation (Resv) message packet.
32. The data communication switch according to claim 30, further comprising means for downloading said policy rule stored on said directory server to said data communication switch and storing on said data commumcation switch for a determinate duration.
33. The data communication switch according to claim 32, wherein said determinate duration is determined by a time limit associated with said policy rule.
34. The data communication switch according to claim 33, wherein said time limit is stored on said directory server in association with said policy rule.
PCT/US2000/028966 1999-10-20 2000-10-20 On-switch policy rule caching for data communication switch WO2001029676A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2001532402A JP2003512799A (en) 1999-10-20 2000-10-20 On-switch policy rule caching for data communication switches
EP00975303A EP1166208A4 (en) 1999-10-20 2000-10-20 On-switch policy rule caching for data communication switch

Applications Claiming Priority (8)

Application Number Priority Date Filing Date Title
US16048399P 1999-10-20 1999-10-20
US16056099P 1999-10-20 1999-10-20
US16052099P 1999-10-20 1999-10-20
US60/160,520 1999-10-20
US60/160,483 1999-10-20
US60/160,560 1999-10-20
US66085400A 2000-09-13 2000-09-13
US09/660,854 2000-09-13

Publications (1)

Publication Number Publication Date
WO2001029676A1 true WO2001029676A1 (en) 2001-04-26

Family

ID=27496427

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/028966 WO2001029676A1 (en) 1999-10-20 2000-10-20 On-switch policy rule caching for data communication switch

Country Status (4)

Country Link
EP (1) EP1166208A4 (en)
JP (1) JP2003512799A (en)
CN (1) CN100363909C (en)
WO (1) WO2001029676A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1303079A2 (en) * 2001-10-10 2003-04-16 Alcatel Central policy based traffic management
EP1311083A2 (en) * 2001-11-07 2003-05-14 Alcatel Policy rule management for Qos provisioning
EP1750394A2 (en) 2005-08-03 2007-02-07 Novell, Inc. Autonomous policy discovery
US9426061B2 (en) 2010-05-28 2016-08-23 Nec Corporation Communication system, node, control device, communication method, and program
US10171352B2 (en) 2011-12-21 2019-01-01 Nec Corporation Communication system, node, control device, communication method, and program

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2857807B1 (en) * 2003-07-18 2005-12-02 Cit Alcatel TRANSACTION METHOD FOR PROVIDING RULES IN A MANAGED NETWORK BASED ON RULES
CN1981278B (en) * 2004-03-12 2010-11-03 诺基亚公司 Method and apparatus for providing quality of service support in a wireless communications system.
CN1327657C (en) * 2004-04-29 2007-07-18 北京邮电大学 A control method realizing comprehensive and accurate determination of data flow
CN100403728C (en) * 2004-07-30 2008-07-16 国家数字交换系统工程技术研究中心 Method for keeping aliver of list item in routing list, and distributing realization system based on multicast protocol of router
TWI382713B (en) * 2005-01-21 2013-01-11 Koninkl Philips Electronics Nv Measuring and monitoring qos in service differentiated wireless networks
CN101005455B (en) * 2006-12-30 2012-06-27 中国科学院计算技术研究所 Flow control method based on by-path interference
CN101527682B (en) * 2009-01-21 2011-09-28 普天信息技术研究院有限公司 Method for guaranteeing network storage service quality and system thereof
US9007909B2 (en) * 2011-03-09 2015-04-14 International Business Machines Corporation Link layer reservation of switch queue capacity
JP5772246B2 (en) * 2011-06-03 2015-09-02 日本電気株式会社 Filter processing management device, filter processing management method, filter processing management program
US9118571B2 (en) * 2013-07-08 2015-08-25 Telefonaktiebolaget L M Ericsson (Publ) Methods of operating load balancing switches and controllers using matching patterns with unrestricted characters
CN106576260B (en) * 2015-06-08 2020-06-26 华为技术有限公司 Strategy coordination method and device in NFV system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5982748A (en) * 1996-10-03 1999-11-09 Nortel Networks Corporation Method and apparatus for controlling admission of connection requests

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2104753C (en) * 1992-10-29 1999-02-16 Kotikalapudi Sriram Bandwidth allocation, transmission scheduling, and congestion avoidance in broadband atm networks
SE508050C2 (en) * 1995-11-09 1998-08-17 Ericsson Telefon Ab L M Device and method of packet delivery
US5781624A (en) * 1996-02-16 1998-07-14 Lucent Technologies Inc. Method for sharing network resources by virtual partitioning
US5842040A (en) * 1996-06-18 1998-11-24 Storage Technology Corporation Policy caching method and apparatus for use in a communication device based on contents of one data unit in a subset of related data units

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5982748A (en) * 1996-10-03 1999-11-09 Nortel Networks Corporation Method and apparatus for controlling admission of connection requests

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1303079A2 (en) * 2001-10-10 2003-04-16 Alcatel Central policy based traffic management
EP1303079A3 (en) * 2001-10-10 2004-08-11 Alcatel Central policy based traffic management
EP1311083A2 (en) * 2001-11-07 2003-05-14 Alcatel Policy rule management for Qos provisioning
EP1311083A3 (en) * 2001-11-07 2004-01-28 Alcatel Policy rule management for Qos provisioning
EP1750394A2 (en) 2005-08-03 2007-02-07 Novell, Inc. Autonomous policy discovery
EP1750394A3 (en) * 2005-08-03 2007-02-21 Novell, Inc. Autonomous policy discovery
US7774822B2 (en) 2005-08-03 2010-08-10 Novell, Inc. Autonomous policy discovery
US9426061B2 (en) 2010-05-28 2016-08-23 Nec Corporation Communication system, node, control device, communication method, and program
US10171352B2 (en) 2011-12-21 2019-01-01 Nec Corporation Communication system, node, control device, communication method, and program

Also Published As

Publication number Publication date
JP2003512799A (en) 2003-04-02
CN1391674A (en) 2003-01-15
EP1166208A1 (en) 2002-01-02
CN100363909C (en) 2008-01-23
EP1166208A4 (en) 2008-03-26

Similar Documents

Publication Publication Date Title
US9009812B2 (en) System, method and apparatus that employ virtual private networks to resist IP QoS denial of service attacks
WO2001029676A1 (en) On-switch policy rule caching for data communication switch
US6563793B1 (en) Method and apparatus for providing guaranteed quality/class of service within and across networks using existing reservation protocols and frame formats
US7447151B2 (en) Virtual private network (VPN)-aware customer premises equipment (CPE) edge router
JP3151103B2 (en) Communication system and communication method
CN100555991C (en) The method of message access control, forwarding engine device and communication equipment
US20050066053A1 (en) System, method and apparatus that isolate virtual private network (VPN) and best effort traffic to resist denial of service attacks
KR20050083685A (en) Operations method in an ethernet passive optical network that includes a network unit with multiple entities
WO2005104738A2 (en) Method and apparatus for l3-aware switching in an ethernet passive optical network
JP2004260832A (en) Method for providing service with guaranteed quality of service in ip access network
US20030033467A1 (en) Method and apparatus for resource allocation in network router and switch
US20060165224A1 (en) Apparatus and method for managing network resources
EP1927217A1 (en) Aggregated resource reservation for data flows
US20040174889A1 (en) Network system and communication band control method thereof
AU2034000A (en) Providing desired service policies to subscribers accessing internet
Ghanwani et al. A framework for integrated services over shared and switched IEEE 802 LAN technologies
US7181532B1 (en) Scalable policy server
CN112099871B (en) Service quality configuration method and device
JP2002344531A (en) Method for requesting securing and release of communication band
Basturk et al. Design and implementation of a QoS capable switch-router
US8305918B2 (en) Method of configuring the quality-of-service profile of a given stream at an access node of a packet communications network
Cisco VoIP Interoperability with Cisco Express Forwarding and Policy Based Routing
EP1049297A2 (en) Method of providing quality of service agreement across network boundaries
JP2002057668A (en) Packet communication system
JP2002526979A (en) On-demand network bandwidth

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 00803190.8

Country of ref document: CN

AK Designated states

Kind code of ref document: A1

Designated state(s): CN JP

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 2001 532402

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2000975303

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2000975303

Country of ref document: EP