CN103973591A - Solution method for intelligent network traffic congestion - Google Patents
Solution method for intelligent network traffic congestion Download PDFInfo
- Publication number
- CN103973591A CN103973591A CN201410244679.9A CN201410244679A CN103973591A CN 103973591 A CN103973591 A CN 103973591A CN 201410244679 A CN201410244679 A CN 201410244679A CN 103973591 A CN103973591 A CN 103973591A
- Authority
- CN
- China
- Prior art keywords
- network
- application
- priority
- flow
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a solution method for intelligent network traffic congestion, which relates to the field of network security. The solution method provided by the invention is embedded in a system kernel, and intelligent limit is carried out on processes and the bandwidth of IP (Internet protocol) by a strategy of adopting priorities on the processes and IP address; traffic management is carried out on networks with different Qos (quality of service) requirements by algorithms; the bandwidth is automatically adjusted when the networks go wrong or the traffics are abnormal; users are notified by means of alarm, graphical display and the like; the networks after intelligent control are superior to the previous networks; the problems of load and traffic are effectively solved; the Qos parameters of network application are effectively guaranteed.
Description
technical field
the present invention relates to a kind of intelligent network flow congestion solution, adopt the method for IP address, process and applied business classification being given to different priorities authority.Network application business is done to control and management at the aspect such as flow and bandwidth.User management, by administrative center's distributing policy, obtains traffic statistics information and audit information.
Background technology
Be accompanied by rapid development of information technology, next generation network is to IPv4/IPv6 protocol stack compatibility.The mass data such as multimedia video, file service access application, impels the development of network flow management product.Network bandwidth management can effectively improve network service efficiency, and network traffics are to weigh the important parameter of the normal operation of network.Country network is more and more paid attention to, safety with the intelligence of network traffics is reliably controlled, can avoid occurring network congestion.Ensure the throughput of network and the health status of the whole network operation of reflection.Monitoring of tracking, adress analysis and IP agreement by the quantity to online link, session number etc., finds in time and reports to the police exception flow of network.Whether discovery has the exceptional communication of hacker's network sweep, discovery specific protocol etc.
For raising the efficiency, regular coupling is adopted to regular expression engine.To obtaining the performance parameter of agreement, IPv4/IPv6 protocol suite is done to exception monitoring in transport layer.Intelligent network flow need to do bandwidth and traffic monitoring management to user or IP address, in the time that network congestion is busy, associated user is dynamically controlled.The effective utilization guaranteeing network bandwidth.
Intelligent flow management system provides patterned data analysis for user.Application and flow bandwidth are done to effective control, with the method for content monitoring technology and active and passive detection network node data, network condition is made to effective statistics and analysis.
Flow management system generally adopts multicore architecture, monitoring and managing network flow.There is higher throughput and forward rate.As a rule, P2P application and Internet video flow have occupied most bandwidth.
Flow management system adopts based on snmp management agreement, and network traffics are measured.Adoption Network Driving technique is the monitoring of the traffic class based on application to server host.Along with the high request of country to information network security, network management comprises that intelligent monitoring of network traffics etc. also becomes more and more important.Cloud computing data center and distributed node are done to the control of network traffics, network traffics are done to monitoring and the model analysis based on communication data.
Based on developing rapidly of Internet Internet bandwidth and types of applications.In the time of the online IP of server and flow excess load, crowded, obstruction that network can occur.Qos (Qulity of Service service quality) parameter directly affects network performance.Network bandwidth shortage can cause packet loss to increase, and has a strong impact on network quality.
Summary of the invention
Reference of the present invention and according to the network traffics standard in ethernet test standard, national information safety product monitoring standards such as " information system security audit product technology require and test evaluation method ".To network traffics should be used as prioritization, the method comprises that the operation that system management end sends detection packet detection network server asks condition.Packet on collection network does analytic statistics.
Adopt the content detection technique to network traffics; Network flow is distinguished to its application type, comprise the application scenarioss such as P2P application, Internet video; Adopt the method for transport layer port and characteristic character pattern matching; Network package length, quantity forwarded etc. are monitored and analyzed; The parameters such as network flow forward rate, Mean Speed are obtained to network state.
The object of the present invention is to provide a kind of intelligent network flow congestion solution.For realizing this purpose, technical solution of the present invention is: adopt active data bag to send and measure and passive packet measuring technique, network condition is surveyed and analyzed.Adopt the precedence scheme based on application and network address node.Network application is served and according to priority determined bandwidth and application strategy as P2P, video and file etc.Network rate to uplink and downlink limits.Guarantee handling up and forward rate of network traffics, do not occur network congestion.
Particular content of the present invention is as follows:
Following ITU-T E.800 in the specification about service quality, network service quality (Qos) is done to function and performance provision.
Network flow data bag method of measurement is as follows:
A. operating system load networks driver module, to Modeling Network Traffic.User and protocal analysis are set up to rule;
B. adopt application layer and drive layer mutual, under driving, send instructions.Network-driven initiatively sends detection packet to network;
C.ping sends the parameters of ICMP class packet under given network, comprises throughput, forward rate and delay etc.;
D. obtain the network analysis result under abnormal conditions, obtain the parameters such as network performance.
E. passive measurement, by the function of packet sniffer, is analyzed network or multiple network segment network flow statistic.Obtain network condition.
F. passive measurement can be made application identification, identify the network that has threat; To congested effective processing.
Network traffics are not according to priority done up-downgoing restriction to application bandwidth and address etc., and guaranteeing has the parameters such as good network throughput and forward rate under variety of network environments:
A. when system loads drives layer, the priority policy of load application and the network address;
B. obtain title and the complete trails of communication process at the high level driving;
C. use NDIS to drive the communication flows statistical analysis to agreement and address;
D. when the application program of specifying and address communication flow are while exceeding requirement, change the parameter such as priority and window value of Transmission Control Protocol, communication speed is limited.
1), combine the traffic identification ability of network layer, transport layer and application layer, network traffics are analyzed and are monitored:
A. to the network application Break Link being illegally connected into, control and management also sends a warning message;
B. the traffic identification ability of network application;
C. network flow managing system network layer information, effectively reviews and examines to threaten to security threat and originate;
D. to disparate networks application identification as effective in dos such as P2P, video, download and network games and management and control.
2), the network bandwidth is done to orderly management, by tactful priority, network is done to management and control:
A. network packet stream is done to traffic behavior analysis, strengthened intellectual analysis ability;
B. rule base can real-time update, ensures the accuracy of flow analysis;
C. according to dimensions such as user, application process and times, to effectively management such as online link bandwidth;
D. system can be done assignment of traffic and control to every IP address.
The invention has the beneficial effects as follows:
Network application on server is adopted to the methods such as address and application type, network traffics and bandwidth are done to priority restriction.In the time there is the clear conditions such as network congestion, according to priority policy, network is done to intelligent management and control.Adopt the methods such as queue and priority management, alleviate network problem.Improve network performance.Network management is realized to Qos management and control.Accomplish to make rational planning for network and intelligent flow management function.Adopt tactful safe class technology to do intelligent flow management to the webserver.Effectively solve the problem of load and flow.Effectively ensure the Qos parameter of network application.
Brief description of the drawings
Fig. 1 is intelligent network flow congestion solution schematic diagram.
Embodiment
By specific embodiment and accompanying drawing, the present invention is described in detail below.
The present invention is a kind of intelligent network flow congestion solution, at network or multiple network segment.The method that adopts Active Networks monitoring and Passive Network Monitoring, sends probe data packet.To network monitor.Obtain performance data and parameter, data on flows and other data are performed an analysis.Obtain network safe state.In tuples such as server end application programs and IP addresses, the bandwidth value of network priority and up-downgoing is set according to network safe state and rule etc.Application this method can effectively manage and control intelligent network flow congestion.
Action of the present invention:
1.:
A. Active Networks monitoring and Passive Network Monitoring combine, and obtain throughput, packet loss and the time delay etc. of network;
B. the content of giving out a contract for a project comprises PING type i CMP package, the application layer data bags such as FTP;
C. passive network using, to network monitoring and the method for smelling spy, obtains the network information of the network segment and performs an analysis;
D. to the network traffic analysis based on agreement and address, obtain ASSOCIATE STATISTICS information and parameter.
2.:
A. the webserver loads monitoring software system, the corresponding priority of load networks and application program and bandwidth rule;
B. according to the security information of active and the acquisition of passive network, change the upstream and downstream bandwidth numerical value of network traffics rule;
C. obtain process and network application information at network-driven bottom, complete the traffic statistics based on process and IP address;
D. network traffics are analyzed, according to the upstream and downstream bandwidth and the network priority that arrange.Prevent network congestion.
Claims (3)
1. an intelligent network flow congestion solution, the application identification technology by network traffics of it is characterized in that is to flow control; According to protocol type, port and behavioural characteristic etc., do the control of classification priority; According to the parameter such as priority and process, arrange its network traffics.
2. a kind of intelligent network flow congestion solution according to claim 1, is characterized in that:
Adopt active data bag to send and measure and passive packet measuring technique, network condition is surveyed and analyzed; Adopt the precedence scheme based on application and network address node; Network application is served and according to priority determined bandwidth and application strategy as P2P, video and file etc.; Network rate to uplink and downlink limits.
3. a kind of intelligent network flow congestion solution as claimed in claim 2, is characterized in that:
Network flow data bag method of measurement is as follows:
A. operating system load networks driver module, to Modeling Network Traffic; User and protocal analysis are set up to rule;
B. adopt application layer and drive layer mutual, under driving, send instructions; Network-driven initiatively sends detection packet to network;
C.ping sends the parameters of ICMP class packet under given network, comprises throughput, forward rate and delay etc.;
D. obtain the network analysis result under abnormal conditions, obtain the parameters such as network performance;
E. passive measurement, by the function of packet sniffer, is analyzed network or multiple network segment network flow statistic, obtains network condition;
F. passive measurement can be made application identification, identify the network that has threat; To congested effective processing;
Network traffics are not according to priority done up-downgoing restriction to application bandwidth and address etc., and guaranteeing has the parameters such as good network throughput and forward rate under variety of network environments:
A. when system loads drives layer, the priority policy of load application and the network address;
B. obtain title and the complete trails of communication process at the high level driving;
C. use NDIS to drive the communication flows statistical analysis to agreement and address;
D. when the application program of specifying and address communication flow are while exceeding requirement, change the parameter such as priority and window value of Transmission Control Protocol, communication speed is limited.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410244679.9A CN103973591A (en) | 2014-06-04 | 2014-06-04 | Solution method for intelligent network traffic congestion |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410244679.9A CN103973591A (en) | 2014-06-04 | 2014-06-04 | Solution method for intelligent network traffic congestion |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103973591A true CN103973591A (en) | 2014-08-06 |
Family
ID=51242650
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410244679.9A Pending CN103973591A (en) | 2014-06-04 | 2014-06-04 | Solution method for intelligent network traffic congestion |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103973591A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016169328A1 (en) * | 2015-04-24 | 2016-10-27 | 中兴通讯股份有限公司 | Method for implementing flow control, and client |
| WO2016197727A1 (en) * | 2015-06-11 | 2016-12-15 | 华为技术有限公司 | Data transmission method and device |
| CN109587007A (en) * | 2018-12-27 | 2019-04-05 | 湖南宸睿通信科技有限公司 | A kind of communication equipment detecting device and its detection method |
| CN109951399A (en) * | 2019-03-25 | 2019-06-28 | 网宿科技股份有限公司 | Processing method, server and the interchanger of request of data |
| CN110352584A (en) * | 2016-12-28 | 2019-10-18 | 谷歌有限责任公司 | Across the automatic priority ranking of the equipment flow of local network |
| CN111385239A (en) * | 2018-12-27 | 2020-07-07 | 茂杉信息技术(上海)有限公司 | Network security online monitoring system |
| CN115996197A (en) * | 2023-03-17 | 2023-04-21 | 之江实验室 | Distributed computing flow simulation system and method with preposed flow congestion |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100654908B1 (en) * | 2006-02-14 | 2006-12-06 | 주식회사 이노와이어리스 | Service quality measuring system for internet phone |
| CN1968198A (en) * | 2006-06-16 | 2007-05-23 | 华为技术有限公司 | Wireless access loaded packet data service QoS management method. |
| CN101562534A (en) * | 2009-05-26 | 2009-10-21 | 中山大学 | Network behavior analytic system |
| CN101640634A (en) * | 2009-04-13 | 2010-02-03 | 山石网科通信技术(北京)有限公司 | Method for controlling network flow |
-
2014
- 2014-06-04 CN CN201410244679.9A patent/CN103973591A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100654908B1 (en) * | 2006-02-14 | 2006-12-06 | 주식회사 이노와이어리스 | Service quality measuring system for internet phone |
| CN1968198A (en) * | 2006-06-16 | 2007-05-23 | 华为技术有限公司 | Wireless access loaded packet data service QoS management method. |
| CN101640634A (en) * | 2009-04-13 | 2010-02-03 | 山石网科通信技术(北京)有限公司 | Method for controlling network flow |
| CN101562534A (en) * | 2009-05-26 | 2009-10-21 | 中山大学 | Network behavior analytic system |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016169328A1 (en) * | 2015-04-24 | 2016-10-27 | 中兴通讯股份有限公司 | Method for implementing flow control, and client |
| CN106161266A (en) * | 2015-04-24 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method realizing flow-control and client |
| WO2016197727A1 (en) * | 2015-06-11 | 2016-12-15 | 华为技术有限公司 | Data transmission method and device |
| CN106302230A (en) * | 2015-06-11 | 2017-01-04 | 华为技术有限公司 | A kind of data transmission method and device |
| CN106302230B (en) * | 2015-06-11 | 2019-11-26 | 华为技术有限公司 | A kind of data transmission method and device |
| CN110352584A (en) * | 2016-12-28 | 2019-10-18 | 谷歌有限责任公司 | Across the automatic priority ranking of the equipment flow of local network |
| CN110352584B (en) * | 2016-12-28 | 2022-01-25 | 谷歌有限责任公司 | Method and system for automatic prioritization of device traffic across local networks |
| CN109587007A (en) * | 2018-12-27 | 2019-04-05 | 湖南宸睿通信科技有限公司 | A kind of communication equipment detecting device and its detection method |
| CN111385239A (en) * | 2018-12-27 | 2020-07-07 | 茂杉信息技术(上海)有限公司 | Network security online monitoring system |
| CN109951399A (en) * | 2019-03-25 | 2019-06-28 | 网宿科技股份有限公司 | Processing method, server and the interchanger of request of data |
| CN115996197A (en) * | 2023-03-17 | 2023-04-21 | 之江实验室 | Distributed computing flow simulation system and method with preposed flow congestion |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103973591A (en) | Solution method for intelligent network traffic congestion | |
| Lee et al. | Network monitoring: Present and future | |
| ES2574788T3 (en) | Method to configure ACL on network device based on flow information | |
| US8789135B1 (en) | Scalable stateful firewall design in openflow based networks | |
| Basat et al. | Memento: Making sliding windows efficient for heavy hitters | |
| US20030225549A1 (en) | Systems and methods for end-to-end quality of service measurements in a distributed network environment | |
| Tahaei et al. | A multi-objective software defined network traffic measurement | |
| JP2007336512A (en) | Statistical information collecting system, and apparatus thereof | |
| US20210036942A1 (en) | Systems and methods for identifying persistently congested queues | |
| KR20220029142A (en) | Sdn controller server and method for analysing sdn based network traffic usage thereof | |
| Jia et al. | A lightweight DDoS detection scheme under SDN context | |
| WO2020027250A1 (en) | Infection spread attack detection device, attack origin specification method, and program | |
| Taherizadeh et al. | Runtime network-level monitoring framework in the adaptation of distributed time-critical cloud applications | |
| EP3596884B1 (en) | Communications network performance | |
| CN104618128A (en) | Multi-thread based node network detecting and analyzing method and system | |
| Pekar et al. | Towards threshold‐agnostic heavy‐hitter classification | |
| CN114465743A (en) | Data flow monitoring and analyzing method | |
| Pekár et al. | Issues in the passive approach of network traffic monitoring | |
| Nguyen et al. | A Comprehensive P4-based Monitoring Framework for L4S leveraging In-band Network Telemetry | |
| US20240031264A1 (en) | Monitoring performance of applications with respect to software defined wide area network edge devices | |
| JP4246238B2 (en) | Traffic information distribution and collection method | |
| Zhang et al. | Identifying high-rate flows based on bayesian single sampling | |
| CN111800311B (en) | Real-time sensing method for decentralized computing state | |
| CN108809765A (en) | Network quality test method and device | |
| CN105704057B (en) | The method and apparatus for determining the type of service of burst port congestion packet loss |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140806 |