KR20170074082A - Network device and method for session processing control thereof - Google Patents

Network device and method for session processing control thereof Download PDF

Info

Publication number
KR20170074082A
KR20170074082A KR1020150183140A KR20150183140A KR20170074082A KR 20170074082 A KR20170074082 A KR 20170074082A KR 1020150183140 A KR1020150183140 A KR 1020150183140A KR 20150183140 A KR20150183140 A KR 20150183140A KR 20170074082 A KR20170074082 A KR 20170074082A
Authority
KR
South Korea
Prior art keywords
session
processing
input
application
cpu
Prior art date
Application number
KR1020150183140A
Other languages
Korean (ko)
Other versions
KR101794740B1 (en
Inventor
김동준
Original Assignee
주식회사 시큐아이
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 시큐아이 filed Critical 주식회사 시큐아이
Priority to KR1020150183140A priority Critical patent/KR101794740B1/en
Publication of KR20170074082A publication Critical patent/KR20170074082A/en
Application granted granted Critical
Publication of KR101794740B1 publication Critical patent/KR101794740B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/148Migration or transfer of sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • H04L67/32

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to a network device and a session processing control method thereof.
According to another aspect of the present invention, there is provided a method for controlling a CPU, comprising the steps of: monitoring a CPU usage; stopping session processing of an input session if the CPU usage is greater than or equal to a preset threshold; And performing a session processing of the input session if it is not equal to or greater than a predetermined value, and a network apparatus performing the session processing method.

Description

[0001] The present invention relates to a network device and a session control method thereof,

The present invention relates to a network device and a session processing control method thereof.

The network device relays network communication between the client device and the server, processes the session input from the client device, and transmits the processed session to the server. The session processing is performed by the CPU of the network device. If the amount of session inflow is large, the overhead of the CPU is increased, so that the processing speed of the CPU is slowed down.

Nonetheless, a typical client device handles all sessions regardless of overloading the CPU for security reasons. This causes delays in transferring data from the client device to the server.

However, in an intranet such as an in-house network in a variety of network environments, the risk associated with security is so low that it may be more important for the network device to send data to the server faster than to process the session.

Therefore, when the CPU usage is high and the session processing speed is slow, a method for preventing delays in delivering the session to the server is required.

The present invention relates to a network device for controlling whether or not to process a session based on a CPU usage amount of a network device and a session processing control method therefor.

According to another aspect of the present invention, there is provided a method of processing a session, the method comprising: monitoring a CPU usage; stopping session processing of an input session if the CPU usage is greater than a predetermined threshold; And performing session processing of the input session if the CPU usage is not equal to or greater than a preset threshold value as a result of the monitoring.

According to another aspect of the present invention, there is provided a network device including: a communication unit for receiving a session or transmitting the session to a user; a CPU for performing session processing of the input session; A CPU for controlling the session processing of the input session to be terminated if the CPU usage is greater than or equal to a preset threshold value and if the CPU usage is not equal to or greater than a preset threshold value as a result of the monitoring, And a monitoring unit.

The network device and the session processing control method according to the present invention can prevent the delay in the network equipment from occurring when network traffic is excessive by immediately forwarding the session to the server without processing the session when the CPU usage exceeds the threshold value do.

1 is a diagram illustrating a network system in which a network device according to the present invention operates.
2 is a block diagram showing the structure of a network device according to the present invention.
3 is a diagram for explaining a method of processing a network session according to the present invention in software.
4 is a flowchart illustrating a network session processing method of a network device according to the present invention.

In the description of the embodiments of the present invention, if it is determined that a detailed description of known configurations or functions related to the present invention can not be applied to the present invention, detailed description thereof may be omitted.

Quot ;, " include, "" include," as used herein. And the like are intended to indicate the presence of disclosed features, operations, components, etc., and are not intended to limit the invention in any way. Also, in this specification, "include." Or "have." , Etc. are intended to designate the presence of stated features, integers, steps, operations, components, parts, or combinations thereof, may be combined with one or more other features, steps, operations, components, It should be understood that they do not preclude the presence or addition of combinations thereof.

As used herein, the singular forms "a", "an" and "the" include plural referents unless the context clearly dictates otherwise.

Hereinafter, the present invention will be described with reference to the accompanying drawings.

1 is a diagram illustrating a network system in which a network device according to the present invention operates.

Referring to FIG. 1, a network device 100 according to the present invention can communicate with a client device 200 and a server 300 that provides a service to the client device 200. Specifically, the network device 100 processes a session (which may correspond to a traffic or a packet) input from the client device 200 and transmits the processed session to the server 300. For example, the network device 100 may perform session processing such as data parsing, encryption / decryption processing, security management, and socket processing for a session input from the client device 200. [ Such a session process can be performed through a CPU provided in the network device 200. [

The session processing speed of the network device 200 is affected by the session amount (network traffic). Accordingly, if the amount of session input to the network device 200 is large, that is, if the amount of CPU usage is large, the speed of the session processing of the CPU becomes slow, which causes delay in transferring the session to the server 300.

In various embodiments of the present invention, the network device 200 monitors CPU usage and, if the CPU usage is determined to be greater than or equal to the predetermined threshold, skips session processing and immediately delivers the entered session to the server 300.

Hereinafter, specific operations of the network device 100 according to the present invention will be described with reference to the drawings.

2 is a block diagram showing the structure of a network device according to the present invention.

Referring to FIG. 2, a network device 100 according to the present invention includes a communication unit 110, a CPU 120, and a CPU monitoring unit 130.

The communication unit 110 performs data communication with at least one client device 200 and at least one host server 300. The communication unit 110 may receive a session input from at least one client apparatus 200 or may transmit a session processed by the network apparatus 100 to at least one host server 300.

The CPU 120 can control the processing of the session input through the communication unit 110 and transmission to the outside (for example, a server) through the communication unit 110. [ Specifically, the CPU 120 can perform session processing such as data parsing, encryption / decryption processing, security management, and socket processing for an input session.

Such session processing may be performed through a software component of the CPU 120. [ Referring to FIG. 3, a software component of the CPU 120 includes a kernel 121 responsible for routing and an application layer 122 responsible for session processing.

The kernel 121 delivers a session input from the outside to the application layer 122 corresponding to the session. The application layer 122 processes the delivered session and delivers it to the kernel 121 again. The kernel 121 sends the processed session to the outside in the application layer 122.

In various embodiments of the present invention, the kernel 121 immediately forwards the entered session to the outside without forwarding the session to the application layer 122 if the CPU 120 usage is above a predetermined threshold. For this, the network device 100 according to the present invention may include a CPU monitoring unit 130.

The CPU monitoring unit 130 monitors the usage amount of the CPU in real time. For example, the CPU monitoring unit 130 may monitor a session amount input to the network device 100, a session amount processed by the CPU, and the like. If it is determined that the CPU usage amount is equal to or greater than the preset threshold value, the CPU monitoring unit 130 may transmit a message to the kernel 121 to control the session processing to be interrupted. For example, the CPU monitoring unit 130 may send an information message containing information on the CPU usage amount equal to or higher than a preset threshold value to the kernel 121, a notification message to notify that the CPU usage amount is equal to or greater than a preset threshold value, And the like.

The kernel 121, which receives the message from the CPU monitoring unit 130, stops the session processing by the application layer 122 in response. The kernel 121 immediately forwards the incoming session to the outside without forwarding it to the application layer 122.

In various embodiments of the invention, the threshold may be set at 30% of the CPU's total usable capacity. Further, in various embodiments of the invention, the thresholds may be set differently for each application. That is, the threshold value of the CPU usage may be set differently for an application that needs to perform session processing.

Thereafter, if the CPU monitoring unit 130 continuously monitors the CPU usage and determines that the CPU usage amount is not equal to or greater than the preset threshold value, the CPU monitoring unit 130 may transmit a message to the kernel 121 to control the session processing to resume. For example, the CPU monitoring unit 130 may request an information message containing information on a CPU usage amount less than a preset threshold value, a notification message notifying that the CPU usage amount is less than a predetermined threshold value, Request message, and the like.

The kernel 121 receiving the message from the CPU monitoring unit 130 resumes session processing by the application layer 122 in response. Accordingly, the kernel 121 of the CPU 120 transfers the input session to the application layer 122 and the processed session in the application layer 122 to the outside.

The above-described components are logically divided to facilitate understanding of the present invention, and may be physically composed of one or more control units. For example, the CPU 120 and the CPU monitoring unit 130 may be constituted by one control unit. Or as an example, the CPU 120 may be a single control itself.

4 is a flowchart illustrating a network session processing method of a network device according to the present invention.

Referring to FIG. 4, the network device 100 according to the present invention monitors the CPU usage (401). The network device 100 can monitor the amount of sessions input to the network device 100, the amount of sessions processed by the CPU, and the like.

The network device 100 determines whether the CPU usage is greater than or equal to a preset threshold value (402).

If the CPU usage is greater than or equal to the predetermined threshold value, the network device 100 stops the session processing (403). Specifically, the network device 100 does not perform the application processing for the input session, but immediately delivers the session to the outside.

On the other hand, if the CPU usage is not equal to or greater than the predetermined threshold value, the network device 100 performs a session process on the input packet (404).

The network device 100 determines whether the system is to be terminated (405) and repeats the above-described operation until the system is terminated.

It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. It is to be understood that both the foregoing general description and the following detailed description of the present invention are exemplary and explanatory and are intended to provide further explanation of the invention as claimed. Accordingly, the scope of the present invention should be construed as being included in the scope of the present invention, all changes or modifications derived from the technical idea of the present invention.

100: Network device
110:
120: CPU
121: Kernel
122: Application layer
130: CPU monitoring section
200: Client device
300: server

Claims (12)

As a session processing method of a network device,
Monitoring CPU usage;
Stopping session processing of an input session if the CPU usage is greater than or equal to a preset threshold; And
And performing session processing of the input session if the CPU usage is not equal to or greater than a preset threshold value as a result of the monitoring. 2. The method of claim 1, wherein stopping session processing of the incoming session comprises:
And immediately transmitting the input session to the outside. 2. The method of claim 1, wherein performing the session processing of the input session comprises:
Performing application processing corresponding to the input session with respect to the input session; And
And transmitting the application processed session to the outside. 4. The method according to claim 3,
Data parsing, encryption / decryption processing, security management, and socket processing. 4. The method of claim 3, wherein performing the application processing further comprises:
Passing the input session to an application layer via a kernel;
Performing the application processing at the application layer;
Passing the application processed session to the kernel; And
And sending the application processed session through the kernel to the outside. 2. The method of claim 1,
Is 30% of the total usable capacity of the CPU. A network device that performs session processing,
A communication unit for receiving a session or transmitting the session to the outside;
A CPU for performing session processing of a session input through the communication unit; And
Monitoring the CPU usage and stopping session processing of an input session if the CPU usage is greater than or equal to a predetermined threshold as a result of the monitoring and if the CPU usage is not greater than a preset threshold value, And a CPU monitoring unit for controlling the session monitoring unit to perform session processing of the session. 8. The system according to claim 7,
As soon as the session processing is terminated, immediately transmits the input session to the outside without performing application processing corresponding to the input session. 8. The system according to claim 7,
Performs the application processing corresponding to the input session with respect to the input session as the session processing is performed, and transmits the application processed session to the outside. 8. The method according to claim 7,
Data parsing, encryption / decryption processing, security management, and socket processing. 8. The system according to claim 7,
The kernel responsible for session routing; And
And an application layer responsible for the session processing. 12. The system according to claim 11,
The session is transmitted through the kernel to the application layer, the application layer performs the application processing, the application-processed session is transmitted to the kernel, and the kernel And transmits the application processed session to the outside.
KR1020150183140A 2015-12-21 2015-12-21 Network device and method for session processing control thereof KR101794740B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150183140A KR101794740B1 (en) 2015-12-21 2015-12-21 Network device and method for session processing control thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150183140A KR101794740B1 (en) 2015-12-21 2015-12-21 Network device and method for session processing control thereof

Publications (2)

Publication Number Publication Date
KR20170074082A true KR20170074082A (en) 2017-06-29
KR101794740B1 KR101794740B1 (en) 2017-11-08

Family

ID=59280078

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150183140A KR101794740B1 (en) 2015-12-21 2015-12-21 Network device and method for session processing control thereof

Country Status (1)

Country Link
KR (1) KR101794740B1 (en)

Also Published As

Publication number Publication date
KR101794740B1 (en) 2017-11-08

Similar Documents

Publication Publication Date Title
CN110418376B (en) Data transmission method and device
CA2454868C (en) User bandwidth monitor and control management system and method
US11716313B2 (en) Methods, systems, and computer readable media for implementing bandwidth limitations on specific application traffic at a proxy element
CN106790221B (en) Internet protocol security IPSec protocol encryption method and network equipment
CN105516081A (en) Method and system for issuing safety strategy by server and message queue middleware
CN109104273B (en) Message processing method and receiving end server
CN104283801A (en) Method and system for processing service data
CN106817267B (en) Fault detection method and equipment
KR20210131963A (en) System and method for supporting between heterogeneous networks communication using unidirectional communication
CN109729144A (en) Offline Transmission system and method
CN106534331B (en) A kind of data transmission method and system based on dynamic port switching
KR101794740B1 (en) Network device and method for session processing control thereof
JP2023089118A (en) Core network node and communication method for the same
CN105100681B (en) Video matrix cascade Mach-Zehnder interferometer method, apparatus and system
CN109962821A (en) Connection relationship detection method and device
CN103414637B (en) A kind of method of traffic forwarding and relevant apparatus
CN105721334B (en) Method and equipment for determining transmission path and updating ACL
KR102024267B1 (en) Elastic intrusion detection system and method for managing the same
CN107196984B (en) Metadata sharing method, metadata source equipment and network intermediate equipment
US10555033B2 (en) Relay device, terminal device, communication system, PDU relay method, PDU reception method, and program
KR101785385B1 (en) Method of managing network route and network entity enabling the method
CN113422716B (en) Mail security control method and system
KR101933175B1 (en) Mediatioin appratus mediating communication betwwen server and client
US20030084166A1 (en) Server computer, its connection close method and computer program product therefor
CN104753956A (en) Method and device for processing data

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant