Hereinafter, an embodiment of the present invention will now be described with reference to the drawings.
Configuration of a band control device according to the embodiment will be described first.
The packet buffer 11 is a buffer to hold temporarily a packet which has arranged at the band control device, and also performs buffering for band control. The received packet analysis section 12 analyzes the packet having arrived at the packet buffer 11, and obtains packet information as information contained in the packet. The received packet analysis section 12 further sends the packet information to the band control determination section 21. The packet information contains, for example, a sending source address, a sending source port, a destination address, a destination port, a receipt time, and a protocol type.
The band control setting information storage section 22 stores band control setting information.
The band control content describes the contents of band control performed on an identified traffic flow by the band control execution section 13, and indicates, for example, setting about pass allowed/inhibited, priority, assigned bandwidth, or the like.
Hence, an access pattern can be expressed by defining an identification expression object which links plural identification condition objects or identification expression objects by a logical expression. The arrival packet itself can be assigned by specifying −1 as the identification condition object ID. A content of an identification condition as will be described later can be specified in place of an identification condition object ID. As the logical expression, OR, NOT, AND, XOR, and TRUE can be used. TRUE outputs the result of the identification condition object without changes. If TRUE is set as the logical expression, only one identification condition object ID is specified, the other identification condition object IDs are set to NULL.
The identification condition is a parameter or constant used for identification, and can use any of the following items.
Further, the identification processing condition expresses timing for identification and can define one of the following items.
The session table 23 contains a table maintaining session information.
The band control determination section 21 instructs the band control execution section 13 about band control, based on packet information obtained from the received packet analysis section 12, band control setting information obtained from the band control setting information storage section 22, and session information obtained from the session table 23. Also, the band control determination section 21 stores determined instructions about band control, into the session table 23. The band control execution section 13 receives, from the band control determination section 21, an instruction as to how to deal with a corresponding packet. The band control execution section 13 performs band control in accordance with this instruction.
Described next will be operation of the band control device according to the present embodiment.
Now, the band control determination section 21 firstly obtains packet information from the received packet analysis section 12 (S21). The band control determination section 21 searches the session table 23 for related session information as session information relevant to the packet information, and determines whether relevant session information exists or not (S22). If relevant session information exists (S22, Y), the processing goes to a processing step S31. Otherwise, if no relevant session information exists (S22, N), the band control determination section 21 creates new session information and adds this information to the session table 23 (S23).
Next, the band control determination section 21 searches an identification table of traffic identification information of band control setting information stored in advance in the band control setting information storage section 22, for an identification expression object which the packet information satisfies, and determines whether such an identification expression object exists or not (S24). If such an identification expression object does not exist (S24, N), the band control determination section 21 instructs the band control execution section 13 to perform normal processing on the packet (S25), and this flow is terminated. Otherwise, if such an identification expression object exists (S24, Y), the band control determination section 21 stores the identification expression object ID into corresponding session information (S26), and instructs the band control execution section 13 about contents of band control corresponding to the identification expression object (S27). Then, this flow is terminated.
In the processing S31, the band control determination section 21 updates the relevant session information (S31). In the relevant session information, the status, final passage time, the total number of packets, and total transfer size are updated. Next, the band control determination section 21 verifies band control setting information obtained in the processing step S22, and determines whether new band control is needed or not (S32). If new band control is not needed (S32, N), the band control determination section 21 instructs the band control execution section 13 to continue processing as has been performed up to now (S33), and this flow is terminated. Otherwise, if new band control is needed (S32, Y), the band control determination section 21 instructs the band control execution section 13 to perform new processing according to a band condition contained in the band control setting information (S34). This flow is then terminated.
Next, several specific examples of traffic identification information will be described.
At first, a specific example of first traffic identification information will be described.
The following two identification condition objects are defined by the first traffic identification information.
Also, the following identification expression object is defined.
According to this kind of traffic identification information, a traffic flow is identified by the sending IP address, sending port, receiving IP address, and receiving port. Simultaneously, plural traffic flows are defined, linked to each other by a logical expression. As a result, plural traffic flows can be identified as one band control target.
In this example, an OR operation is used as a logical expression with respect to two identification conditions. Another operation may be effected on two identification conditions, or a NOT operation may be effected on one identification condition.
Described next will be a specific example of second traffic identification information.
In the second traffic identification information, the following two identification condition objects are defined.
The following identification expression object is defined.
According to the traffic identification information as described above, a traffic flow and existence time thereof are defined, linked to each other by a logical expression. In this manner, time conditions can be specified in identification of a band control target.
Described next will be a specific example of third traffic identification information.
The following four identification condition objects are defined by the third traffic identification information.
Also, the following identification expression object is defined.
That is, this traffic identification information is to identify a traffic flow within 60 seconds from occurrence of a session. According to this traffic identification information, a traffic flow and communication status thereof (session status) are defined, linked to each other by a logical expression. In this manner, communication status can be specified in identification of a band control target.
Described next will be a specific example of fourth traffic identification information.
The following two identification condition objects are defined by the fourth traffic identification information.
The following identification expression object is defined.
According to the traffic identification information as described above, a traffic flow and a communication content thereof are defined, linked to each other by a logical expression. In this manner, the communication content can be specified in identification of a band control target.
Described next will be a specific example of fifth traffic identification information.
The following five identification condition objects are defined by the fifth traffic identification information.
Also, the following identification expression object is defined.
That is, this traffic identification information is to identify a traffic flow which accesses a particular URL within 60 seconds from occurrence of a session. According to this traffic identification information, a traffic flow and communication status thereof are defined, linked to each other by a logical expression. In this manner, communication status and a communication content can be specified in identification of a band control target.
Described next will be a specific example of sixth traffic identification information.
The following five identification condition objects are defined by the sixth traffic identification information.
Also, the following two identification expression objects are defined.
That is, in this traffic identification information, the identification expression objects (classes) switch from one to another at the boundary of 60 seconds from occurrence of a session. In addition, band control contents are defined corresponding to identification expression objects. Therefore, the band control contents switch as well. According to this traffic identification information, a traffic flow and communication status thereof are defined, linked to each other by a logical expression, and identification processing conditions are defined. Further, logical expressions are defined to be switched depending on the communication status. In this manner, depending on the communication status, different band control targets can be identified, and the band control contents can be switched.
In the above description, identification conditions and logical expressions are set with respect to traffic, time conditions, communication status (session status), and communication contents. However, identification conditions and logical expressions may be set or used in combination with each other, with respect to other information obtained from a packet.
The band control device according to the present embodiment can be easily applied to a network relay device, so that performance of the network relay device can be improved more. The network relay device may be a bridge, router, proxy server, or the like.
Further, a program by which a computer constituting a band control device is let execute the processing steps described above may be provided as a band control program. The program mentioned may be stored in recording media readable by computers. Then, the computer constituting a band control device can execute the program. The recording media readable by computers may include an internal storage device equipped in a computer, such as a ROM or RAM, a portable recording medium such as a CD-ROM, flexible disk, DVD disk, magneto-optical disk, or IC card, a database storing a computer program, another computer and a database thereof, and transfer media on lines.
Determination conditions correspond to identification condition objects in the embodiment. Determination expressions correspond to identification expression objects in the embodiment. A packet information obtaining section and a packet information obtaining step correspond to the received packet analysis section in the embodiment. A band control determination section and a band control determination step correspond to the band control determination section in the embodiment.
Number | Date | Country | Kind |
---|---|---|---|
2006-059423 | Jun 2006 | JP | national |