SYSTEMS AND METHODS FOR PROVIDING QUALITY ASSURANCE
Granted: November 25, 2010
Application Number:
20100299411
A network includes a media server and a service activation device. The media server may receive a request for content from a subscriber device and transmit a message. The message may identify the subscriber device and include information relating to the content. The service activation device may receive the message from the media server, identify, in response to receiving the message, bandwidth and quality of service requirements for the content, determine whether resources needed to…
NETWORK ROUTING USING INDIRECT NEXT HOP DATA
Granted: November 25, 2010
Application Number:
20100296517
A router maintains routing information including (i) route data representing destinations within a computer network, (ii) next hop data representing interfaces to neighboring network devices, and (iii) indirect next hop data that maps a subset of the routes represented by the route data to a common one of the next hop data elements. In this manner, routing information is structured such that routes having the same next hop use indirect next hop data structures to reference common next…
HIERARCHICAL POLICERS FOR ENFORCING DIFFERENTIATED TRAFFIC BEHAVIOR
Granted: November 18, 2010
Application Number:
20100290342
A hierarchical traffic policer may include a first policer configured to pass first packets when a first condition is met. The first policer also may alter selection information within the passed first packets. A second policer may be configured to pass second packets when a second condition is met. The second policer may be further configured to pass all of the passed first packets from the first policer based on the altered selection information within the passed first packets.
PACKET SPRAYING FOR LOAD BALANCING ACROSS MULTIPLE PACKET PROCESSORS
Granted: November 11, 2010
Application Number:
20100284271
A network device includes multiple packet processing engines implemented in parallel with one another. A spraying component distributes incoming packets to the packet processing engines using a spraying technique that load balances the packet processing engines. In particular, the spraying component distributes the incoming packets based on queue lengths associated with the packet processing engines and based on a random component. In one implementation, the random component is a random…
MEDIA PATH OPTIMIZATION FOR MULTIMEDIA OVER INTERNET PROTOCOL
Granted: November 11, 2010
Application Number:
20100284399
Methods for optimizing the media path between multimedia endpoints in a network are described. One embodiment allows avoiding having to relay the media traffic through a central device, such as a border controller's media controller element, and lets endpoints communicate directly under various conditions.
SCALABLE ROUTING POLICY CONSTRUCTION USING DYNAMIC REDEFINITION OF ROUTING PREFERENCE VALUE
Granted: November 11, 2010
Application Number:
20100284403
In general, techniques are described to dynamically redefine a preference value used during route resolution. A network device, such as a router, may implement the techniques to improve a usability aspect of the router. The router may comprise an interface card that receives messages describing one or more of a plurality of routes. The router may also include a control unit that stores data defining a policy. The policy may comprise rules by which the router determines the preference…
SWITCH WITH FUNCTION FOR ASSIGNING QUEUE BASED ON A DECLARED TRANSFER RATE
Granted: November 11, 2010
Application Number:
20100284406
In an asynchronous transfer mode switch, a plurality of queues is provided for accumulating transfer cells, and a queue assignment processing section, receives a message for establishing a connection and assigns to the connection one of the queues having a forwarding rate close to a declared rate included in the message and not exceeding the declared rate.
NEXTHOP TO A FORWARDING TABLE
Granted: November 11, 2010
Application Number:
20100284407
A router receives destination address information for a packet and determines, among entries in a first forwarding table, a closest match for the received destination address information. The router receives a pointer to a second forwarding table in accordance with the closest match determined in the first forwarding table and determines, among entries in the second forwarding table, a closest match for the received destination address information.
METHOD AND APPARATUS FOR IMPLEMENTING A LAYER 3/LAYER 7 FIREWALL IN AN L2 DEVICE
Granted: November 4, 2010
Application Number:
20100281533
Methods and apparatus for transferring packets in a packet switched communication system. A system is provided that includes an L2 device including a controller determining for each packet received whether the received packet is to be inspected, an inspection device operable to inspect and filter packets identified by the controller including using a zone specific policy and an L2 controller for transferring inspected packets in accordance with L2 header information using L2 protocols.
FIREWALL INCLUDING LOCAL BUS
Granted: November 4, 2010
Application Number:
20100281532
A gateway for screening packets transferred over a network. The gateway includes a plurality of network interfaces, a memory and a memory controller. Each network interface receives and forwards messages from a network through the gateway. The memory temporarily stores packets received from a network. The memory controller couples each of the network interfaces and is configured to coordinate the transfer of received packets to and from the memory using a memory bus. The gateway includes…
POINT-TO-MULTI-POINT/NON-BROADCASTING MUTLI-ACCESS VPN TUNNELS
Granted: November 4, 2010
Application Number:
20100278181
A system establishes a virtual private network (VPN) tunnel to a destination and determines a next hop for the VPN tunnel. The system inserts the next hop, and an address associated with the destination, into an entry of a first table. The system inserts the next hop, and a tunnel identifier corresponding to the established VPN tunnel, into an entry of a second table. The system associates one or more security parameters, used to encrypt traffic sent via the VPN tunnel, with the tunnel…
MPOA SYSTEM AND ITS SHORTCUT COMMUNICATION CONTROL METHOD, AND SHORTCUT COMMUNICATION CONTROL PROGRAM
Granted: October 28, 2010
Application Number:
20100272112
An MPOA system for establishing communication by using layer 3 protocol on an ATM network, in which data about the layer 3 address of a source of data packets is added to an address resolution request packet which is transmitted in order to establish a shortcut VCC toward a destination of the data packets in each communication node and hence transmitted to the destination, and in the case of accepting the address resolution request packets to be transmitted in order to establish the…
BANDWIDTH ALLOCATION TO SUPPORT FAST BUFFERING
Granted: October 28, 2010
Application Number:
20100274919
A system delivers a media stream to a client using a delivery bandwidth. The system adjusts an amount of the bandwidth used to deliver the media stream based on a state of a buffer associated with the client that receives and buffers the delivered media stream.
CONTROLLING DATA LINK LAYER ELEMENTS WITH NETWORK LAYER ELEMENTS
Granted: October 21, 2010
Application Number:
20100265947
A network layer device controls provision of data link layer functionality by a data link layer device to provide a requested multimedia service to a subscriber. For example, the network layer device may control the performance of multicast elaboration by the data link layer device, or the queuing and forwarding of packets by the data link layer device to facilitate transmission of packets according to a Quality of Service class. The network layer device may send control messages to the…
PACKET FRAGMENT HANDLING
Granted: October 21, 2010
Application Number:
20100265967
A packet header processing engine includes a packet processing unit that is configured to generate the packet header information based on the packet header data. A checksum generating unit is connected to the packet processing unit. The checksum generating unit is configured to compute and store a partial checksum for a packet header being processed by the packet processing unit. After all packet header information for a packet is stored in the buffer, the checksum generating unit…
EVENT PROBLEM REPORT BUNDLES IN XML FORMAT
Granted: October 21, 2010
Application Number:
20100268819
A network device may include logic configured to detect that an event has occurred in the network device, determine an XML document structure based on the detected event, and generate an XML document with the determined structure including information relating to the detected event.
ROUTING INSTANCES FOR NETWORK SYSTEM MANAGEMENT AND CONTROL
Granted: October 21, 2010
Application Number:
20100268845
A network system uses a management routing instance to route management information between elements involved in management of the system. The system registers each element in the management routing instance when the element comes on line. Based on the management routing instance, the system creates management forwarding tables. The system then uses the management forwarding tables to route management information between the elements. Multiple systems, for example systems connected by a…
METHOD AND SYSTEM FOR PROVIDING SECURE ACCESS TO PRIVATE NETWORKS
Granted: October 14, 2010
Application Number:
20100263035
Improved approaches for providing secure access to resources maintained on private networks are disclosed. The secure access can be provided through a public network using a standard network browser. Multiple remote users are able to gain restricted and controlled access to at least portions of a private network through a common access point. The solution provided by the invention is not only easily set up and managed, but also able to support many remote users in a cost-effective…
POLICY ANALYZER
Granted: October 7, 2010
Application Number:
20100257264
Systems and methods are provided for analyzing policy rules defined for a subscriber and determining packet treatment in a network. Definitions are retrieved pertaining to policy rules for a subscriber. At least one policy point in a network is determined based on the retrieved definitions. The packet treatment is determined at each of the at least one policy point. The packet treatment is shown for each of the at least one policy point. Packets may be injected into the network at…
BEHAVIOR-BASED TRAFFIC PROFILING BASED ON ACCESS CONTROL INFORMATION
Granted: October 7, 2010
Application Number:
20100257580
A method includes receiving one or more of user information, role information, or authorization information associated with a user accessing a network, selecting a traffic flow to monitor that is associated with the one or more of user information, role information, or authorization information, monitoring the traffic flow, determining whether an anomaly exists with respect to the traffic flow based on a traffic behavior pattern associated with the one or more of user information, role…
