CN100433715C - Method for providing different service quality tactics to data stream - Google Patents
Method for providing different service quality tactics to data stream Download PDFInfo
- Publication number
- CN100433715C CN100433715C CNB2005100909049A CN200510090904A CN100433715C CN 100433715 C CN100433715 C CN 100433715C CN B2005100909049 A CNB2005100909049 A CN B2005100909049A CN 200510090904 A CN200510090904 A CN 200510090904A CN 100433715 C CN100433715 C CN 100433715C
- Authority
- CN
- China
- Prior art keywords
- acl
- data flow
- layers
- rule
- template
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/50—Network service management, e.g. ensuring proper service fulfilment according to agreements
- H04L41/5003—Managing SLA; Interaction between SLA and QoS
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0894—Policy-based network configuration management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention provides a method for providing different service quality tactics to data streams, which mainly comprises that: an ACL (access control list) mould plate containing each layer of partial segment information is customized; the data streams are classified by making use of the ACL mould plate, and different QoS (service quality) tactics are provided to the data streams. The method of the present invention can flexibly select ACL types according to user needs and can realize the classification processing of the data streams with fine graininess, and corresponding and different QoS tactics are provided to the data streams.
Description
Technical field
The present invention relates to communication field, relating in particular to a kind ofly provides different QoS (service quality) method of strategy to data flow.
Background technology
In network, need carry out traffic classification to data stream, promptly data stream is discerned, classified.Then, according to the result of traffic classification, different data flow is taked different QoS (service quality) strategy, qos policy is also referred to as " action ", comprises operations such as abandoning, change priority, bandwidth constraints.
Traditional traffic classification method is according to the standard quintuple of data flow message data stream to be classified, and this five-tuple is five territories of data flow IP message: the protocol number in source IP address, purpose IP address, the message IP head, TCP (transmission control protocol) or UDP (User Datagram Protoco (UDP)) source port number, TCP or UDP destination slogan.This method at first needs to extract the five-tuple of message and constitutes a key (keyword), and then, the data flow that the key value is satisfied certain condition is classified as a class.
Increase and user's improving constantly along with network traffic to the QoS demanding criteria, traditional sorting technique based on five-tuple can not meet the demands, need carry out more fine-grained division to data stream, therefore, data stream is carried out the branch time-like increased other territory again, as source/purpose MAC (medium access control) address, EtherType, VLAN (VLAN) priority, TOS (COS), segmentation marker, TCP synchronous mark etc.
At present, in data communications equipment, data stream is classified and moved and realize by ACL (Access Control List (ACL)) usually, ACL is rule and motion combination, rule promptly is used to distinguish the feature of certain bar data flow, and for example { source MAC=2222.2222.2222AND purpose IP=1.1.1.1} can constitute a rule.The handling process of ACL as shown in Figure 1.
In data communications equipment, the flow classification techniques of practical application mainly contains following several:
1, non-structure mates in proper order: similar chained list, mate key and rule one by one.
2, HASH (Hash) hash: earlier the key value is carried out one-level Hash hash, matched rule again.
3, precompile quick A CL: utilize various tree computings, navigate to certain or some regular nodes fast.
4, TCAM (Ternary Content Addressable Memory) technology: the matching process of finishing key and rule by hardware.
First three is planted and realizes finishing by software, and it is excessive that maximum problem is that consume match time.Current network transmission and router forwarding speed are in continuous improve, and this just requires in the message processing procedure, and the seek rate of acl rule table also will correspondingly improve, and therefore, the TCAM technology is the main flow classification techniques of using in the present data communications equipment.
TCAM is applied in during ACL realizes usually, and the characteristics of TCAM are for finishing the searching of rule list, matching process by hardware.Its concrete processing procedure is: at first deposit user configured various rule in TCAM, wherein each bar rule all is associated with certain action.Then, the five-tuple of the data flow message that extraction need be classified or polynary group constitute a key, search the rule list of in TCAM, depositing according to this key, with every coupling the in the rule list, successfully after coupling (hitting) rule, TCAM just returns corresponding action index.
The TCAM biggest advantage is that seek rate is fast, and it is irrelevant to search time and list item quantity, and therefore when the table capacity was very big, this advantage was particularly outstanding, but TCAM price comparison costliness, in actual applications, the TCAM capacity has certain restriction.Defined several list item length at present in the TCAM hardware specification: 72bits, 144bits and 288bits, a rule among the ACL can be regarded a TCAM list item as, and regular length equals key value length, therefore, has following relation:
TCAM capacity=key length (regular length) * TCAM list item number.
For the five-tuple that solves standard can not satisfy the problem of the demand of existing network, a solution is in the prior art: newly-increased two layers of fields (as source/target MAC (Media Access Control) address, EtherType and VLAN ID etc.) at Ethernet message, three layers of fields and four layers of fields in ACL key (as the TCP synchronous mark etc.).Owing to be subjected to the restriction of TCAM list item length, all fields (two layers, three layers and four layers) can't be placed among the key simultaneously, so-called two layers of ACL and three layers of ACL (IPv4/IPv6 ACL) have therefore appearred, the content that in three layers of ACL, has comprised above-mentioned three layers and four layers of fields, wherein the key structure of two layers of ACL as shown in Figure 2, the key structure of three layers of ACL of IPv4 as shown in Figure 3, the key structure of three layers of ACL of Ipv6 is as shown in Figure 4.
Wherein the key length of two layers of ACL and IPv4 ACL is 144 bits, and the key of IPv6 ACL is 288 bits, and the rule list of three kinds of ACL takies different TCAM zones respectively.
According to above-mentioned two layers of ACL and three layers of ACL, the user has dual mode available when concrete configuration ACL:
1, in above-mentioned two layers of ACL and three layers of ACL, selects a kind of ACL type: two layers of ACL or three layers of ACL.Then, realize that module can carry out respective handling according to the data flow type of message that selected ACL type and needs are handled, concrete handling process as shown in Figure 5, concrete processing procedure simply is described below:
If the user selects to use two layers of ACL, then from data flow message to be classified, extract the content of two layers of fields, then, mate with the rule list of two layers of ACL, if rule of match hit, then return the action of this rule correspondence, carry out this action the data stream packet is handled accordingly;
If the user selects to use three layers of ACL, then from data flow message to be classified, extract the content of three layers and four layers of fields, then, mate with the rule list of three layers of ACL, if rule of match hit, then return the action of this rule correspondence, carry out this action the data stream packet is handled accordingly.
2, if the user needs two, three layers of field of matching message simultaneously, can realize, at first dispose first ACL (two layers of ACL), and its action is appointed as " carrying out three layers of ACL ", real qos policy is appointed as in the action of three layers of ACL by twice ACL.Handling process as shown in Figure 6, concrete processing procedure simply is described below:
At first from data flow message to be classified, extract the content of two layers of fields, then, mate with the rule list of two layers of ACL, if rule of match hit then continues from this message to extract the content of three layers and four layers of fields, then, mate with the rule list of three layers of ACL, if rule of match hit is then returned the action of this rule correspondence, carry out this action the data stream packet is handled accordingly.
The shortcoming of above-mentioned prior art solutions is: in first kind of mode of this scheme, the user can only select one type ACL in two layers of ACL and three layers of ACL, i.e. two, three layers of field of matching message simultaneously.Therefore, can't realize fine-grained flow division, limit user's result of use.
In the second way of this scheme, though coupling when can realize two, three layers of field, but need secondary visit TCAM, carry out the operation of secondary matched rule table, even also need many SRAM of visit (static memory) to search action, therefore, bandwidth to peripheral hardware has proposed very high requirement, and in routing device, the peripheral hardware bandwidth resources are very limited usually, thereby the execution of twice ACL becomes the performance bottleneck of forwarding unit probably.
In addition, in actual applications, when the user disposes acl rule, seldom the field in the rule list all can be used, as for ether IPv4 data flow, the user may only want to identify source MAC and purpose IP satisfies the message of certain condition, and is indifferent to other field.Therefore, in actual applications, a lot of fields are not used in the structure of the regular list item of this scheme, cause the waste of TCAM resource.
Summary of the invention
In view of above-mentioned existing in prior technology problem, the purpose of this invention is to provide a kind of method that different quality of service policy is provided to data flow, thereby can realize selecting the ACL type flexibly according to user's needs, realize more fine-grained data flow classification processing, and provide corresponding different qos policy to data flow.
The objective of the invention is to be achieved through the following technical solutions:
A kind ofly provide the method for different quality of service policy, comprising to data flow:
A, customization comprise the access control list ACL template of each layer segment field information;
B, select an ACL template, dispose the rule of described ACL template, described rule and data flow are carried out matching treatment, corresponding QoS policy is provided for described data flow according to the result of coupling according to pending data flow.
Described steps A specifically comprises:
According to user's request, customization comprises two layers of the fields of part of message and the ACL template of three layers of fields of part,
And/or,
According to user's request, customization comprises two layers of the fields of part of message and the ACL template of four layers of fields of part,
And/or,
According to user's request, customization comprises three layers of the fields of part of message and the ACL template of four layers of fields of part.
The length of described ACL template is no more than the list item length that defines in the three-state content addressable memory TCAM specification.
Described steps A also comprises:
The ACL template of described customization is kept in the ATL, and the user can increase in this ATL, deletion, retouching operation.
The rule of the described ACL template of described configuration specifically comprises:
Dispose the rule of described ACL template by the matching condition of specifying each field in the described ACL template.
Described described rule and data flow are carried out matching treatment, provide corresponding QoS policy specifically to comprise for described data flow according to the result of coupling:
According to the definition of described ACL template, from pending data flow message, extract corresponding field contents, and the field contents that extracts is constituted keyword key;
The rule of the ACL template of described key and described configuration is carried out matching treatment, corresponding qos policy is provided for this data flow according to the result of coupling.
Described result according to coupling provides corresponding qos policy specifically to comprise for this data flow:
If the rule match of the ACL template of described key and described configuration is hit, then carry out the pairing action of this rule and provide corresponding qos policy to data flow; Otherwise, data stream is transmitted according to normal forwarding process.
As seen from the above technical solution provided by the invention, the present invention passes through to some acl rule templates of customization, compares with prior art to have following advantage:
1, the present invention need not to increase the TCAM hardware investment, by the acl rule template is provided to the user, can select the ACL type as required flexibly when making user's configuration flow classifying rules, realizes more fine-grained traffic classification processing.
2, the present invention only needs to carry out an ACL and can satisfy user's requirement, thereby can save the peripheral hardware bandwidth resources when the user needs two, three layers of field of while matching message.
3, the present invention can reduce the hashed field among the TCAM, improves the utilance of TCAM resource.
Description of drawings
Fig. 1 is the concrete process chart of ACL;
Fig. 2 is the key structural representation of two layers of ACL;
Fig. 3 is the key structural representation of three layers of ACL of Ipv4;
Fig. 4 is the key structural representation of three layers of ACL of Ipv6;
Fig. 5 is for enabling the concrete process chart of the processing method of two layers of ACL or three layers of ACL in the prior art;
Fig. 6 is for enabling the concrete process chart of the processing method of two layers of ACL and three layers of ACL simultaneously in the prior art;
Fig. 7 is the concrete process chart of the method for the invention;
Fig. 8 is an Ipv4 acl rule template embodiment schematic diagram of the present invention;
Fig. 9 is an IPv6 acl rule template embodiment schematic diagram of the present invention;
Figure 10 is the concrete process chart of processing method based on two layers of ACL, three layers of ACL and ACL template of the present invention.
Embodiment
The invention provides a kind of method that different quality of service policy is provided to data flow.Core of the present invention is: under the prerequisite that does not increase TCAM key length, by some acl rule templates commonly used are provided to the user, both can realize fine-grained traffic classification when making the user dispose ACL, and can not exert an influence to forwarding performance again.
Describe the present invention in detail below in conjunction with accompanying drawing, the concrete handling process of the method for the invention comprises the steps: as shown in Figure 7
Step 7-1, according to user's demand, customize some ACL template.
Among the present invention, at first need the demand according to the user, customize some ACL template, this ACL template can comprise two layers of ACL information of part, three layers of ACL information of part and four layers of ACL information of part simultaneously, also can comprise some out of Memory.The length of this template can not exceed the list item length that defines in the existing TCAM specification.Therefore, can not comprise all two layers of ACL and three layers of ACL information in the ACL template of customization, but therefore the customization of template can satisfy most of users' demand based on configuration commonly used in the actual use of user.
For example, can give the ACL template of the such identification IPv4 message of customization:<source MAC, source IP address, purpose IP address, TOS, protocol number 〉, the structure of this template is as shown in Figure 8.
For IPv6 ACL, because the particularity of its IP address can adopt similar approach to construct some ACL template equally.Present IPv6 ACL has only realized the unicast stream classification processing of IPv6, and IPv6 unicast address (also being global address) comprises two parts: high 64 address and the address of hanging down 64.Wherein high 64 bit address are represented network prefix, and low 64 bit address are represented interface index.
Therefore, we can customize some different IPv6 ACL template according to user's demand.Promptly choose high 64 bit address of IPv6 address or the part in low 64 bit address respectively, the common IPv6 of the composition ACL template that combines with two layers of ACL of part is realized more fine-grained IPv6 ACL.For example, the IPv6 ACL template that can be constructed as follows:<source MAC, source IP (low 64bits), purpose IP, protocol number 〉
Step 7-2, with the customization ACL template be kept in the ATL of router.
After the demand according to the user has customized some ACL template, the present invention need safeguard an ATL in router, and some ACL template of above-mentioned customization are kept in this ATL operations such as the user can increase according to actual needs, deletion, modification in this ATL.
Step 7-3, carry out traffic classification when operation, therefrom select an ACL template and specify matching condition at needs.
When the user need carry out sort operation to a concrete data flow according to the ACL template of above-mentioned customization, just select the ACL template of needs from above-mentioned ATL.Specify the matching condition of each field in the ACL template of selecting then, promptly dispose a concrete ACL template rule, be stored among the TCAM.
Such as, according to ACL template shown in Figure 8 recited above, can dispose following rule:
{ source MAC=00e0.fcfa.0000, source IP=2.2.2.2/24, purpose IP=4.4.4.4/24, TOS=0x4c, protocol number=6}.
According to ACL template shown in Figure 9 recited above, can dispose following rule:
{ source MAC=00e0.fcfa.0000, VLAN ID=0x3, source IP (low 64bits)=0:0:C934:12FE, purpose IP=2008::1, Traffic Class=0xc, protocol number=17}
Step 7-4, according to the ACL template of selecting, from message, extract corresponding field contents and constitute Key.
Definition according to the ACL template of above-mentioned selection extracts corresponding field contents from pending data flow message, such as, can extract the partial content in two, three layers of message and four layers of the fields, then, the content that extracts is constituted a key.
Whether step 7-5, Key and acl rule mate.
The key of described formation and the acl rule of configuration are mated, if successfully mate (hitting), then execution in step 7-6; Otherwise, execution in step 7-7.
The action of step 7-6, execution and this acl rule correspondence.
If the ACL template rule of described key and configuration can be mated, then TCAM can return corresponding action index, finds corresponding action according to this action index, carries out this action and provides corresponding qos policy to data flow.
Step 7-7, message is normally transmitted.
If the ACL template rule of described key and configuration can not be mated,, treat the deal with data stream packet and normally transmit then according to normal forwarding process.
The method of the invention can combine with existing processing method based on two layers of ACL and three layers of ACL, when promptly the user disposes acl rule, can select the ACL type as required: two layers of ACL, three layers of ACL or ACL template.Concrete handling process as shown in figure 10.Concrete processing procedure simply is described below:
If the user selects to enable simultaneously two layers of ACL and three layers of ACL, then at first from data flow message to be classified, extract the content of two layers of fields, then and the rule list of two layers of ACL mate, if rule of match hit, then continue from this message to extract the content of three layers and four layers of fields, then and the rule list of three layers of ACL mate, if rule of match hit, then return the action of this rule correspondence, carry out this action the data stream packet is handled accordingly.
If the user selects to enable three layers of ACL, then from data flow message to be classified, extract the content of three layers and four layers of fields, then, mate with the rule list of three layers of ACL, if rule of match hit, then return the action of this rule correspondence, carry out this action the data stream packet is handled accordingly.
If the user selects to enable ACL template, then specify the matching condition of each field in the ACL template of selecting, dispose a concrete ACL template rule, definition according to the ACL template of selecting, the ACL template rule of the content of two layers, three layers of extractions and four layers of fields and configuration is mated from data flow message to be classified, if match hit, then return the action of this rule correspondence, carry out this action the data stream packet is handled accordingly.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (7)
1, a kind ofly provide the method for different quality of service policy, it is characterized in that, comprising to data flow:
A, customization comprise the access control list ACL template of each layer segment field information;
B, select an ACL template, dispose the rule of described ACL template, described rule and data flow are carried out matching treatment, corresponding QoS policy is provided for described data flow according to the result of coupling according to pending data flow.
2, provide the method for different quality of service policy according to claim 1 is described to data flow, it is characterized in that described steps A specifically comprises:
According to user's request, customization comprises two layers of the fields of part of message and the ACL template of three layers of fields of part,
And/or,
According to user's request, customization comprises two layers of the fields of part of message and the ACL template of four layers of fields of part,
And/or,
According to user's request, customization comprises three layers of the fields of part of message and the ACL template of four layers of fields of part.
3, provide the method for different quality of service policy according to claim 1 is described to data flow, it is characterized in that the length of described ACL template is no more than the list item length that defines in the three-state content addressable memory TCAM specification.
4, provide the method for different quality of service policy according to claim 1 is described to data flow, it is characterized in that described steps A also comprises:
The ACL template of described customization is kept in the ATL, and the user can increase in this ATL, deletion, retouching operation.
5, describedly provide the method for different quality of service policy according to claim 1,2,3 or 4, it is characterized in that the rule of the described ACL template of described configuration specifically comprises to data flow:
Dispose the rule of described ACL template by the matching condition of specifying each field in the described ACL template.
6, according to the described method that different quality of service policy is provided to data flow of claim 5, it is characterized in that, described described rule and data flow are carried out matching treatment, provide corresponding QoS policy specifically to comprise for described data flow according to the result of coupling:
According to the definition of described ACL template, from pending data flow message, extract corresponding field contents, and the field contents that extracts is constituted keyword key;
The rule of the ACL template of described key and described configuration is carried out matching treatment, corresponding qos policy is provided for this data flow according to the result of coupling.
7, provide the method for different quality of service policy according to claim 6 is described to data flow, it is characterized in that described result according to coupling provides corresponding qos policy specifically to comprise for this data flow:
If the rule match of the ACL template of described key and described configuration is hit, then carry out the pairing action of this rule and provide corresponding qos policy to data flow; Otherwise, data stream is transmitted according to normal forwarding process.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005100909049A CN100433715C (en) | 2005-08-19 | 2005-08-19 | Method for providing different service quality tactics to data stream |
PCT/CN2006/001080 WO2007019755A1 (en) | 2005-08-19 | 2006-05-24 | Method for providing the different quality of service for data stream |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005100909049A CN100433715C (en) | 2005-08-19 | 2005-08-19 | Method for providing different service quality tactics to data stream |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1863142A CN1863142A (en) | 2006-11-15 |
CN100433715C true CN100433715C (en) | 2008-11-12 |
Family
ID=37390472
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2005100909049A Expired - Fee Related CN100433715C (en) | 2005-08-19 | 2005-08-19 | Method for providing different service quality tactics to data stream |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN100433715C (en) |
WO (1) | WO2007019755A1 (en) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1964325B (en) * | 2006-11-24 | 2010-08-18 | 中兴通讯股份有限公司 | A method for quickly carrying out equivalence partition in packet classification |
CN101141284B (en) | 2007-01-31 | 2011-01-19 | 中兴通讯股份有限公司 | Service bandwidth configuring method and network management system |
CN101399747B (en) * | 2007-09-27 | 2011-03-16 | 中兴通讯股份有限公司 | ACL configuration implementation method |
US8295198B2 (en) * | 2007-12-18 | 2012-10-23 | Solarwinds Worldwide Llc | Method for configuring ACLs on network device based on flow information |
CN101447917B (en) * | 2008-03-04 | 2011-09-21 | 中兴通讯股份有限公司 | Policy control method and device thereof |
CN101594556B (en) * | 2008-05-28 | 2012-08-29 | 工业和信息化部电信传输研究所 | Remote management device for data stream classification in GPON system |
CN101651623B (en) * | 2009-09-07 | 2012-05-23 | 中兴通讯股份有限公司 | Generation method and device for access control list application |
CN101895467A (en) * | 2010-07-08 | 2010-11-24 | 中兴通讯股份有限公司 | Method and device for filtering message |
TWI489825B (en) * | 2010-08-24 | 2015-06-21 | Gemtek Technolog Co Ltd | Routing apparatus and method for processing network packet thereof |
CN103685058B (en) * | 2012-09-11 | 2017-05-17 | 北京信息科技大学 | Method for controlling QoS (Quality of Service) of stream data, and OpenFlow controller |
EP2993821B1 (en) * | 2013-04-28 | 2018-11-21 | Huawei Technologies Co., Ltd. | Stream classifier, service routing trigger, and message processing method and system |
CN104579940B (en) * | 2013-10-10 | 2017-08-11 | 新华三技术有限公司 | Search the method and device of accesses control list |
CN105591914B (en) * | 2014-10-21 | 2020-07-03 | 中兴通讯股份有限公司 | Openflow flow table lookup method and device |
CN107124366B (en) * | 2016-02-24 | 2020-12-11 | 中兴通讯股份有限公司 | Method, device and system for realizing service quality control |
CN106301970A (en) * | 2016-10-27 | 2017-01-04 | 盛科网络(苏州)有限公司 | A kind of chip implementing method using forward table convergence to consume with minimizing TCAM list item |
CN109194665B (en) * | 2018-09-17 | 2020-10-20 | 盛科网络(苏州)有限公司 | Message lookup key value generation method and device |
CN109547502A (en) * | 2019-01-22 | 2019-03-29 | 成都亚信网络安全产业技术研究院有限公司 | Firewall ACL management method and device |
CN112073357A (en) * | 2019-06-10 | 2020-12-11 | 中兴通讯股份有限公司 | Method and device for issuing access control list |
CN114785534B (en) * | 2022-01-06 | 2023-10-27 | 新华三技术有限公司 | Communication method and device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1403952A (en) * | 2002-09-24 | 2003-03-19 | 武汉邮电科学研究院 | Ethernet confirming access method |
CN1411218A (en) * | 2002-04-23 | 2003-04-16 | 华为技术有限公司 | Network addressing control method of zone message |
CN1414757A (en) * | 2002-05-08 | 2003-04-30 | 华为技术有限公司 | Method of automatic sequential arranging access control list rule and its application |
US20050076138A1 (en) * | 2003-10-07 | 2005-04-07 | Alcatel | Access control listing mechanism for routers |
-
2005
- 2005-08-19 CN CNB2005100909049A patent/CN100433715C/en not_active Expired - Fee Related
-
2006
- 2006-05-24 WO PCT/CN2006/001080 patent/WO2007019755A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1411218A (en) * | 2002-04-23 | 2003-04-16 | 华为技术有限公司 | Network addressing control method of zone message |
CN1414757A (en) * | 2002-05-08 | 2003-04-30 | 华为技术有限公司 | Method of automatic sequential arranging access control list rule and its application |
CN1403952A (en) * | 2002-09-24 | 2003-03-19 | 武汉邮电科学研究院 | Ethernet confirming access method |
US20050076138A1 (en) * | 2003-10-07 | 2005-04-07 | Alcatel | Access control listing mechanism for routers |
Also Published As
Publication number | Publication date |
---|---|
CN1863142A (en) | 2006-11-15 |
WO2007019755A1 (en) | 2007-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100433715C (en) | Method for providing different service quality tactics to data stream | |
US8730967B1 (en) | Policy-based virtual routing and forwarding (VRF) assignment | |
US7525958B2 (en) | Apparatus and method for two-stage packet classification using most specific filter matching and transport level sharing | |
JP4303753B2 (en) | Method and apparatus for two-stage packet classification using optimal filter matching and transport level sharing | |
US7028098B2 (en) | Selective routing of data flows using a TCAM | |
CA2870326C (en) | Chaining of inline services using software defined networking | |
US7149216B1 (en) | M-trie based packet processing | |
US10432509B2 (en) | Flow classification for information centric network protocols | |
KR100920518B1 (en) | Apparatus and methdo for packet classification | |
CN104579940B (en) | Search the method and device of accesses control list | |
US20150131666A1 (en) | Apparatus and method for transmitting packet | |
EP3278513B1 (en) | Transforming a service packet from a first domain to a second domain | |
CN102487374B (en) | Access control list realization method and apparatus thereof | |
CN108809830A (en) | Realize the message sequence in the software defined network of OpenFlow | |
CN104821890A (en) | Realization method for OpenFlow multi-level flow tables based on ordinary switch chip | |
CN108234318A (en) | The choosing method and device of message forwarding tunnel | |
Wette et al. | Which flows are hiding behind my wildcard rule? adding packet sampling to OpenFlow | |
US6970971B1 (en) | Method and apparatus for mapping prefixes and values of a hierarchical space to other representations | |
CN106487769B (en) | Method and device for realizing Access Control List (ACL) | |
Lim et al. | Two-dimensional packet classification algorithm using a quad-tree | |
WO2010031354A1 (en) | Method, apparatus and system for processing frame | |
FI124398B (en) | Method and apparatus for determining implementation of a search table for a network element of software-defined network | |
US10205658B1 (en) | Reducing size of policy databases using bidirectional rules | |
Ruan et al. | An energy-efficient TCAM-based packet classification with decision-tree mapping | |
CN104348729A (en) | Internet streaming classification method combining software and hardware |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20081112 Termination date: 20190819 |