EP1303952A1 - Procede et dispositif de protection contre la surcharge pour des services faisant intervenir la transmission de donnees - Google Patents

Procede et dispositif de protection contre la surcharge pour des services faisant intervenir la transmission de donnees

Info

Publication number
EP1303952A1
EP1303952A1 EP01955262A EP01955262A EP1303952A1 EP 1303952 A1 EP1303952 A1 EP 1303952A1 EP 01955262 A EP01955262 A EP 01955262A EP 01955262 A EP01955262 A EP 01955262A EP 1303952 A1 EP1303952 A1 EP 1303952A1
Authority
EP
European Patent Office
Prior art keywords
service provider
provider computer
computer
signaling
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP01955262A
Other languages
German (de)
English (en)
Inventor
Joachim Charzinski
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Solutions and Networks GmbH and Co KG
Original Assignee
Siemens AG
Nokia Siemens Networks GmbH and Co KG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Nokia Siemens Networks GmbH and Co KG filed Critical Siemens AG
Publication of EP1303952A1 publication Critical patent/EP1303952A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5003Managing SLA; Interaction between SLA and QoS
    • H04L41/5019Ensuring fulfilment of SLA
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/122Avoiding congestion; Recovering from congestion by diverting traffic away from congested entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/26Flow control; Congestion control using explicit feedback to the source, e.g. choke packets

Definitions

  • the invention relates to a method for overload protection in services with data transmission.
  • a data use packet is sent from a service usage computer sending data packets to a service delivery computer, which contains a signaling message according to a signaling protocol for controlling the transmission of user data.
  • the data packet is forwarded by network nodes between the service use computer and the service provider computer without a connection.
  • Connectionless means that no connection establishment phase related to the data packets to be transported is required for the forwarding of the data packet or packets and that no switching capacities are permanently reserved for the forwarding.
  • Such a method is carried out, for example, in the transmission of data packets on the Internet or in a network operating in accordance with the Internet protocol.
  • the lower three protocol layers of the OSI model work without a connection.
  • the bottom three layers are the physical layer, the data link layer and the network layer.
  • connections are used from the transport layer onwards.
  • the signaling protocol TCP Transmission Control Protocol
  • TCP Transmission Control Protocol
  • a disadvantage of the known method is that the measures used to prevent overload are inadequate.
  • a WWW service provider computer World Wide Web
  • the overload operation manifests itself in such a way that inquiries from service use computers, also called clients, no longer or only after a very long response time, for example after one minute or after two minutes.
  • a program used on the service usage computer for example a WWW data viewing program, also called a browser, displays an error message to the user when a predetermined time is exceeded.
  • FTP File Transfer Protocol
  • an FTP service provider computer monitors the number of FTP connections established at the same time. When a new connection is set up, a message is transmitted to a service usage program running on the service usage computer, with the aid of which the maximum number of connections that can be processed simultaneously and how many are communicated
  • an associated device and a program, a data carrier and a data network message are to be specified with this program.
  • the invention is based on the knowledge that long waiting times for the user can be avoided if measures are taken in good time that prevent a decline in the processing power of the service user computer when processing signaling messages. Therefore, in the method according to the invention, before the protocol-based processing of the signaling messages to be carried out by the service provider computer, it is checked whether the service provider computer works in an overload mode in which the processing of the signaling message would only be possible to a limited extent. Then in overload operation Countermeasures are automatically taken to prevent a decline in the processing power of the service usage computer when transmitting user data. The automatic execution of the countermeasures relieves the user. It is also possible to quickly send the user a message that indicates the overload operation.
  • the test step and the countermeasures are carried out in the service provider computer. This means that part of the computing power available in the service provider computer is required for the test step and the countermeasures.
  • processes can easily be included that run in the service provider computer. For example, it is easy to query data that allow conclusions to be drawn about overload operation or underload operation.
  • the test step and the countermeasures are carried out when a user program is run or when the operating system is run in the service provider computer.
  • the service provider computer is either a single computer or an input computer for a group of service provider computers, which is also referred to as a server farm.
  • test step and the countermeasures are carried out in a unit upstream of the service provider computer and preferably also other service provider computers, which preferably contains its own processor.
  • the test step and the countermeasures are carried out either when a user program is run or when the operating system of the upstream computer is run.
  • circuit arrangements that are not programmable can also be used.
  • customary service delivery computers can be used without change. This makes it possible to use the method according to the invention independently of the Server manufacturers.
  • the upstream unit does not further claim the service provider computer by executing the method according to the invention and can fully use its computing power for the provision of the actual services.
  • the countermeasure is that the signaling message or the data packet containing this message is discarded without processing the signaling information.
  • the processing of the signaling information therefore requires no additional computing power. This leads to the fact that the service provider computer is relieved and a reduction in the processing power is prevented in overload operation. The processing performance would decrease in particular if a large number of connections were only set up without user data being transmitted.
  • the countermeasure in a next embodiment is to process the signaling message with a delay compared to signaling messages that arrived earlier.
  • a fast overload of the service provider computer can be avoided in this way.
  • the signaling message can still be processed in a shorter time than would be the case without a countermeasure.
  • the signaling messages can be stored, for example, according to the queue principle until they are processed.
  • the countermeasure consists in forwarding the signaling message to another service provider computer.
  • the user data following the signaling message and further signaling messages of the same connection are also forwarded to another service provider computer which can provide the same service.
  • the service use computer is informed of the discarding, the delayed processing or the forwarding of the signaling message. For example, a standard page is transferred in accordance with the HTTP (Hyper Text Transfer Protocol) protocol.
  • HTTP Hyper Text Transfer Protocol
  • the countermeasure is to change the processing priority for different types of signaling messages. For example, the processing order of at least one specific type of signaling message can be changed.
  • underload operation for example, connection setup messages are processed preferentially.
  • Signaling messages that control the transmission are processed with a medium priority.
  • Signaling messages for disconnection are processed later in comparison to other signaling messages.
  • the priority is then changed so that signaling messages for connection clearing are processed preferentially.
  • Signaling messages for controlling the transmission of the user data are still processed with a medium priority.
  • Signaling messages for connection establishment are deferred.
  • the service provider computer is, for example, a WWW server.
  • the service provider computer can also be an H.323 gateway, as has been standardized in ITU-T (International Telecommunications Union Section Telecommunication).
  • Other application examples for the service provider computer are signaling servers for service control on the Internet or servers as are used in so-called e-commerce applications on the Internet.
  • So-called SIP servers Session Initiation Protocol
  • SIP is a protocol defined in RFC 2543 (Request for Commend) by the IETF (Internet Engineering Taskforce) and an alternative to
  • the data transmission network is in particular the Internet or a network operating in accordance with the Internet Protocol IP.
  • the overload operation is determined with the aid of a threshold value.
  • the threshold value specifies the number of signaling messages that can be processed per unit of time, of at least one type of signaling message, for example signaling messages for establishing a connection.
  • the threshold value specifies the number of signaling messages that can be processed per unit of time, of at least one type of signaling message, for example signaling messages for establishing a connection.
  • a threshold value is set for the mean response time of the service provider computer a signaling message of at least one type is specified, for example on connection setup messages.
  • the mean response time of the service provider computer to signaling messages of the specified type is then determined and compared with the target value.
  • the mean response time is determined from the time between a signaling message and the associated response.
  • the service provider computer signals the overload operation itself. In an upstream unit, no further measures then have to be taken to detect the overload operation.
  • the invention also relates to a device for overload protection, in particular a data processing system.
  • circuit arrangements without a processor can also be used to prevent overload.
  • the device according to the invention is suitable for executing the method according to the invention or one of its developments. Thus the technical effects mentioned above also apply to the device according to the invention.
  • the invention also relates to a program for overload protection, with an instruction sequence which enables the method according to the invention or one of its developments to be carried out.
  • a data carrier with such a program is affected by the invention.
  • the data carrier is, for example, a memory chip, for example a RAM (Random Access Memory), a hard disk, a floppy disk or a compact disk, or CD for short.
  • the transmission of messages containing the program is protected in a data network, for example on the Internet.
  • the effects mentioned for the method and its further developments also apply to the program, the data carrier and the data network message. Exemplary embodiments of the method according to the invention are explained below with reference to the accompanying drawings. In it show:
  • FIG. 1 shows a diagram for representing throughput curves of a service provider computer
  • FIG. 2 signaling processes in the Internet when establishing a TCP connection
  • FIG. 3 shows an overload protection unit upstream of a service provision computer
  • FIG. 4 method steps for overload protection carried out in an overload protection unit.
  • FIG. 1 shows a diagram to show throughput curves 10, 12 and 14 of a service provider computer 54, see FIGS. 2 and 3.
  • An abscissa axis 16 serves to represent the requests to the service provider computer with the aid of signaling messages for establishing a connection.
  • On an ordinate axis 18 is the amount of time per unit of time, e.g. per hour, transmitted user data.
  • the maximum throughput of user data is represented by a dashed line 20.
  • the throughput line 10 runs linearly from the origin of the diagram shown in FIG. 1 to the maximum throughput and thus represents a desirable mode of operation of the service provider computer.
  • the throughput curve 12 applies without countermeasures with regard to an overload the throughput curve 12 coincides with the throughput curve 10. If the number of requests increases, the service provider computer operates in an overload area 24 in which the throughput of user data no longer increases as much as with the throughput curve 10 with an increasing number of requests per hour increases. From a certain number of requests per hour, the throughput of user data drops sharply without taking countermeasures. This is due, among other things, to the fact that the storage resources of the service provider computer are fully occupied or that only new requests are accepted without being processed.
  • the throughput curve 14 can, however, be achieved by taking the defense measures mentioned in the introduction.
  • the course of the throughput curve 14 coincides with the course of the throughput curve 10.
  • the throughput curve 14 is only slightly below the throughput curve 10 and finally reaches the maximum throughput.
  • a throughput curve 15 arises in the method for overload protection explained below with reference to FIG. 4.
  • the throughput curve 15 arises when signaling messages for connection establishment are rejected as a countermeasure.
  • FIG. 2 shows signaling processes in the Internet 50 when using a TCP connection 52 (Transport Control Protocol).
  • TCP connection 52 Transport Control Protocol
  • the user data is transmitted and forwarded in data packets without a connection.
  • the data packets each contain a packet header and a packet trunk.
  • the package header includes entered the destination address of a computer receiving the data packet, e.g. of a service provider computer 54 with the Internet address IP-ADR B.
  • the address of the computer that originally sent the package e.g. the Internet address IP-ADR A of a service use computer 56.
  • the user data is located in the packet trunk.
  • the data packets are transmitted without a connection on the Internet 50.
  • Higher protocol layers work in a connection-oriented manner, for example the TCP protocol layer, the functions of which in the computer 54 are controlled by a TCP Program 58 and in the computer 56 are provided by a TCP program 60.
  • the IP protocol layer (Internet Protocol) lies below the TCP protocol layer.
  • An IP program 62 in the computer 54 and an IP program 64 in the computer 56 perform the functions of the IP protocol layer.
  • the computer 54 is connected to the Internet 50 via a network access unit 66 and a transmission link 68.
  • the computer 56 contains a network access unit 70 which is connected to the Internet 50 via a transmission link 72.
  • the computer 56 sends a signaling message to the computer 54.
  • the Internet address IP-ADR B of the computer 54 is contained in the signaling message for establishing the connection.
  • a port number for a port 74 is specified in the signaling message, as required by the TCP protocol, e.g. port number 21 for an FTP service (File Transfer Protocol).
  • the signaling message for establishing a connection also contains the number of a port 76 of the computer 56, e.g. number 1162.
  • the signaling message is transmitted as a data packet over the Internet 50. After receiving the signaling message for establishing the connection, the receipt is confirmed by the computer 54 in a signaling message which is sent from the computer 54 to the computer 56 according to the TCP protocol.
  • User data is transmitted in accordance with the TCP protocol by exchanging further messages.
  • signaling messages are sent from the computer 56 to the computer 54 in order to terminate the connection.
  • FIG. 3 shows an overload protection unit 100 connected upstream of the computer 54, which connects to the Internet 50 via a transmission link 102 to the
  • Computer 54 is connected, which has the function of a web server, for example.
  • the computer 54 is thus a service been rendered computer.
  • the method steps carried out in the overload protection unit 100 are explained below with reference to FIG. 4.
  • the overload protection unit 100 is a separate computer which can be reached from the Internet 50 at the Internet address IP-ADR B originally occupied by the computer 54. Data packets coming from the computer 54 are forwarded unchanged to the Internet 50 by the overload protection unit 100 and distributed there.
  • FIG. 4 shows method steps for overload protection carried out in the overload protection unit 100.
  • the method begins in a method step 150.
  • a threshold value for the average response time of the service provider computer 54 to signaling messages for establishing the connection is specified.
  • a method step 154 is carried out when a data packet from the Internet 50 arrives at the overload protection unit 100.
  • the data packet is received and the data in the packet header are read.
  • a method step 156 it is checked whether it is a signaling message. If this is not the case, the method is continued in a step 158 with the transmission of the message to the service provider computer 54. The overload protection unit 100 then waits for the arrival of further data packets from the Internet 50. If, on the other hand, there is a signaling message, a method step 160 is carried out immediately after method step 156.
  • method step 160 the data in the packet header is used to check whether the data packet contains a message for establishing a connection at the TCP level. If this is not the case, method step 158 follows and the data packet becomes Service calculator 54 transmitted. If, on the other hand, it is a message for establishing the connection, method step 162 follows immediately after method step 160.
  • step 162 it is checked whether the service provider computer is operating in the overload area 24.
  • the threshold value specified in method step 152 is compared with the current average response time of the service provider computer 54 to messages transmitted by the overload protection unit 100 for establishing the connection. The average response time is continuously calculated in the overload protection unit 100. If the current average response time is less than the threshold value, the service provider computer 54 operates in the underload area 22, see FIG. 1, and the message is forwarded by the overload protection unit 100 to the service provider computer 54, see method step 158. On the other hand, if the current average response time is the same the threshold value or greater than the threshold value, the service provider computer 54 operates in the overload region 24, see FIG. 1. In this case, a method step 164 follows immediately after method step 162.
  • the received data packet is discarded, i.e. it is received by the overload protection unit 100, but is not transmitted to the service provider computer 54.
  • the overload protection unit 100 waits for further data packets.
  • the throughput curve 15 shown in FIG. 1 occurs in the method explained with reference to FIG. In the underload area 22, the course of the throughput curve 15 coincides with the course of the throughput curve 10. In the overload zone 24, the throughput then remains at a constant value even with an increasing number of signaling messages for establishing a connection.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne entre autres un procédé de protection contre la surcharge lors de la transmission de données. Avant le traitement d'un paquet de données transmis sans connexion via Internet (50), ledit traitement étant réalisé par un ordinateur prestataire de services (54), avec un message de signalisation, une unité de protection contre la surcharge (100) vérifie si un ordinateur prestataire de services (54) fonctionne dans un état de surcharge. Si c'est le cas, des mesures de protection sont automatiquement prises pour empêcher une diminution de la capacité de traitement de l'ordinateur prestataire de services (54) lors de la transmission de données utiles.
EP01955262A 2000-07-27 2001-07-17 Procede et dispositif de protection contre la surcharge pour des services faisant intervenir la transmission de donnees Withdrawn EP1303952A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE10036688 2000-07-27
DE10036688 2000-07-27
PCT/DE2001/002737 WO2002011372A1 (fr) 2000-07-27 2001-07-17 Procede et dispositif de protection contre la surcharge pour des services faisant intervenir la transmission de donnees

Publications (1)

Publication Number Publication Date
EP1303952A1 true EP1303952A1 (fr) 2003-04-23

Family

ID=7650454

Family Applications (1)

Application Number Title Priority Date Filing Date
EP01955262A Withdrawn EP1303952A1 (fr) 2000-07-27 2001-07-17 Procede et dispositif de protection contre la surcharge pour des services faisant intervenir la transmission de donnees

Country Status (2)

Country Link
EP (1) EP1303952A1 (fr)
WO (1) WO2002011372A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4566589B2 (ja) * 2004-03-18 2010-10-20 富士通株式会社 Sipサーバ

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1997045792A1 (fr) * 1996-05-24 1997-12-04 Bell Communications Research Inc. Dispositif et procede servant a empecher la surcharge d'un serveur de reseau
US6128279A (en) * 1997-10-06 2000-10-03 Web Balance, Inc. System for balancing loads among network servers
JP3270012B2 (ja) * 1998-09-08 2002-04-02 富士通株式会社 ネットワークサーバ負荷検出装置、割当装置および方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0211372A1 *

Also Published As

Publication number Publication date
WO2002011372A1 (fr) 2002-02-07

Similar Documents

Publication Publication Date Title
DE102005045346B4 (de) Bidirektionale asynchrone Datenkommunikation
DE60005396T2 (de) Verfahren und vorrichtung zur durchführung von netzwerkoperationen
DE602004011689T2 (de) Verfahren und System zur Handhabung der Übermittlung von Inhalten in Kommunikationsnetzen
DE60114097T2 (de) Verfahren und System zur Verbesserung der Netzleistungsfähigkeit unter Verwendung eines leistungssteigernden Proxies
DE60133241T2 (de) Mehranwendung-sicherheitsrelais
DE69927457T2 (de) Verfahren und Vorrichtung zur Cache-Speicherung von Informationen im Netzwerk
EP1451980A1 (fr) Procede de transmission de donnees d'application avec une qualite differente
WO2004043045A2 (fr) Procedes de pre-transmission de quantites de donnees structurees entre un dispositif client et un dispositif serveur
DE10125052A1 (de) Verfahren zum Abrechnen von in einem Rechnernetzwerk bereitgestellten Diensten
DE60006821T2 (de) Zugangskontrolle in einem gateway-server
EP1282280B1 (fr) Methode, dispositif de commande et un module de logiciel pour commande et guidage de flux de données de connexion de communication entre deux utilisateurs de réseau de donnée par paquet
DE60218185T2 (de) Verfahren und Vorrichtung zum Wiederauffinden von Informationen in einem Netzwerk
DE60307374T2 (de) Selbstverwaltender Verzeichnis-Dienst für Sprache über IP Netzwerk
EP1317820B1 (fr) Procede pour etablir des liaisons avec des qualites de service predefinies dans un reseau de communication oriente paquet, a l'aide d'un gestionnaire de ressources
EP1305936B1 (fr) Dispositif et procede de transfert d'appel dans des reseaux de telecommunication
DE102019210225A1 (de) Verfahren und Vorrichtung zur Analyse dienste-orientierter Kommunikation
EP1303952A1 (fr) Procede et dispositif de protection contre la surcharge pour des services faisant intervenir la transmission de donnees
EP2815558B1 (fr) Transfert des flux de donnees entre un terminal et un module de securite
DE60021522T2 (de) Vefahren und vorrichtung zur erzeugung von daten für die rechnungsstellung an einen benutzer für den zugang über eine verbindung zu einem kommunikationsnetzwerk
DE20122358U1 (de) Telekommunikationssystem mit verteilten Remote-Breitbandzugangs-Servern
EP1867111A1 (fr) Decision pour allouer au moins un flux de donnees a au moins une liaison utiles et attribuer les ressources requises
DE10327545A1 (de) Verfahren und Vorrichtung zur Verarbeitung von Echtzeitdaten
EP2649751B1 (fr) Procédé et système de surveillance d'un système de communication
DE60201899T2 (de) Anordnung zur verarbeitung von client-anforderungen
DE102006060037B4 (de) Verfahren zur paketorientierten Kommunikation asynchroner Ereignismeldungen

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20030214

AK Designated contracting states

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

RBV Designated contracting states (corrected)

Designated state(s): CH DE FR GB IT LI

17Q First examination report despatched

Effective date: 20061219

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NOKIA SIEMENS NETWORKS GMBH & CO. KG

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NOKIA SIEMENS NETWORKS S.P.A.

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NOKIA SIEMENS NETWORKS GMBH & CO. KG

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20080129