MAINTAINING PACKET ORDER USING HASH-BASED LINKED-LIST QUEUES
Granted: September 30, 2010
Application Number:
20100246584
Ordering logic ensures that data items being processed by a number of parallel processing units are unloaded from the processing units in the original per-flow order that the data items were loaded into the parallel processing units. The ordering logic includes a pointer memory, a tail vector, and a head vector. Through these three elements, the ordering logic keeps track of a number of “virtual queues” corresponding to the data flows. A round robin arbiter unloads data items from…
IDENTIFYING AND PROCESSING CONFIDENTIAL INFORMATION ON NETWORK ENDPOINTS
Granted: September 30, 2010
Application Number:
20100250514
An automated method for identifying confidential information may include inputting a search term based on a set of policy rules into a search engine, and causing the search engine to perform a search based on the search term. The method may also include analyzing search results obtained from the search engine against the policy rules to identify the search results containing confidential information.
SYSTEMS AND METHODS FOR CONNECTING LARGE NUMBERS OF CABLE MODEMS
Granted: September 30, 2010
Application Number:
20100251317
Identifiers are assigned to devices communicating via a number of virtual channels. If additional identifiers are needed, one or more new virtual channels are created and the identifiers are reused for the new virtual channel.
AUTOMATIC SWITCHOVER MECHANISM IN A NETWORK DEVICE
Granted: September 30, 2010
Application Number:
20100246392
A system comprises a plurality of processing modules, one of which is designated to be the primary processing module and the others are designated to be secondary processing modules. During operation, state is maintained in the primary processing module and at least one of the secondary processing modules. A switchover controller causes outputs from the secondary modules to be discarded. When the switchover controller receives an indication that the primary processing module has failed,…
DATA TRANSFER SYSTEM AND METHOD
Granted: September 23, 2010
Application Number:
20100238947
A transmission source bridge collects packets sent from nodes connected to a serial bus in accordance the IEEE1394 Standards, into one packet in an order they are to be transmitted and then sends them onto an ATM network, so that a transmission destination bridge receives this packet and divides it into a plurality of smaller packets and transfers them, in the order they were sent, to nodes connected to the serial bus in accordance with the IEEE1394 Standards.
PACKET SWITCHING SYSTEM AND METHOD
Granted: September 23, 2010
Application Number:
20100238948
A packet switching system capable of ensuring the sequence and continuity of packets and further compensating for delays in transmission is disclosed. Each of two redundant switch sections has a high-priority queue and a low-priority queue for each of output ports. A high-priority output selector selects one of two high-priority queues corresponding to respective ones of the two switch sections to store an output of the selected one into a high-priority output queue. A low-priority…
USE OF GROUP POLL SCHEDULING FOR BROADBAND COMMUNICATION SYSTEMS
Granted: September 23, 2010
Application Number:
20100238950
A group poll mechanism (GPM) that schedules upstream bandwidth for cable modems by pointing a request opportunity normally reserved for a single service flow to more than one service flow. Essentially, instead of using the seldom-used poll requests one per service flow, this same request opportunity is pointed to multiple service flows. In such kind of a scheme the GPM gives the same mini-slot to multiple service flows. The GPM implements the use of place-holder SIDs and novel mapping of…
INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE FOR HIGH-AVAILABILITY APPLICATIONS
Granted: September 23, 2010
Application Number:
20100242093
Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.
SESSION-CACHE-BASED HTTP ACCELERATION
Granted: September 16, 2010
Application Number:
20100235522
A method performed by a device includes receiving a first Hyper-Text Transfer Protocol (HTTP) packet, creating a first session based on the HTTP packet, and creating a session cache entry for the first session. The method also includes receiving a second HTTP packet, performing a session cache lookup to identify a match of the second HTTP packet with the session cache entry, and creating a second HTTP session based on the match of the second HTTP packet with the session cache entry.
SERVER PROTECTION FROM DISTRIBUTED DENIAL OF SERVICE ATTACKS
Granted: September 16, 2010
Application Number:
20100235902
A network device connects between a client and a server. The network device is configured to store information regarding an application operating on the server; receive a first message, from the client, intended for the server; generate a second message in response to the first message; send the second message to the client; receive a third message from the client; generate, based on the information regarding the application on the server, a fourth message, that includes the information…
SYSTEMS AND METHODS FOR SCHEDULING APPLICATIONS
Granted: September 16, 2010
Application Number:
20100235512
A system allocates resources in a network. The system receives an allocation request for a first flow and a second flow from an application and identifies the application based on the allocation request. The system schedules resources for the first flow based on the identification of the application and the second flow.
PACKET SWITCHING EQUIPMENT AND SWITCHING CONTROL METHOD
Granted: September 16, 2010
Application Number:
20100232428
A packet switching equipment and a switch control system employing the same performs operation of the switch core portion independent of content of decision of an arbiter portion and overall equipment can be constructed with simple control structure. The packet switching equipment includes input buffer portions temporarily storing packets arriving to the input ports and outputting packets with adding labels indicative of destination port numbers, a switch core portion for switching the…
NODE APPARATUS
Granted: September 9, 2010
Application Number:
20100226371
To satisfy a quality required for each traffic and perform switching for a packet segmented into cells without packet reassembly, there is provided a node apparatus including a header processing section (2) for determining an output destination of an incoming packet and a quality class from the header information of the packet, a route table (3), and a quality description table (4), and storing the packet in an output queue (6) determined by the determined output destination and quality…
TRACKING FRAGMENTED DATA FLOWS
Granted: September 9, 2010
Application Number:
20100226373
A device may receive a fragment of a fragmented data unit, determine a flow identifier that identifies a data flow with which the fragment is associated, and create a flow entry, based on the flow identifier, to store information associated with the data flow. The device may also determine a fragment key associated with the fragment, store a pointer to the flow entry based on the fragment key, correlate the fragment and another fragment, associated with the data flow, based on the…
ROUTING FRAMES IN A TRILL NETWORK USING SERVICE VLAN IDENTIFIERS
Granted: September 9, 2010
Application Number:
20100226381
Methods, apparatus, and products are disclosed for routing frames in a TRILL network using service VLAN identifiers by: receiving a frame from an ingress bridge node for transmission through the TRILL network to a destination node that connects to the TRILL network through an egress node, the received frame including a customer VLAN identifier, a service VLAN identifier uniquely assigned to the ingress bridge node, and a destination node address for the destination node, the received…
HYBRID REPRESENTATION FOR DETERMINISTIC FINITE AUTOMATA
Granted: September 9, 2010
Application Number:
20100229238
A method includes receiving a data unit, determining whether a current state, associated with a deterministic finite automata (DFA) that includes a portion of states in a bitmap and a remaining portion of states in a DFA table, is a bitmap state or not, and determining whether a value corresponding to the data unit is greater than a threshold value, when it is determined that the current state is not a bitmap state. The method further includes determining whether the current state is…
SYSTEMS AND METHODS FOR DROPPING DATA USING A DROP PROFILE
Granted: September 2, 2010
Application Number:
20100220590
A system selectively drops data from queues. The system includes a drop table that stores drop probabilities. The system selects one of the queues to examine and generates an index into the drop table to identify one of the drop probabilities for the examined queue. The system then determines whether to drop data from the examined queue based on the identified drop probability.
ATM CELL TRANSFER APPARATUS WITH HARDWARE STRUCTURE FOR OAM CELL GENERATION
Granted: September 2, 2010
Application Number:
20100220598
An ATM (asynchronous transfer mode) cell transfer apparatus includes an input interface, a switch block, and an OAM cell processing hardware block having a memory unit. The input interface receives an SDH/SONET signal on each of a plurality of first transfer paths to output an input OAM cell corresponding to the SDH/SONET signal to one of a plurality of input ports of the switch block corresponding to the first transfer path for the SDH/SONET signal to be transferred. The switch block…
PACKET PROCESSING IN A MULTIPLE PROCESSOR SYSTEM
Granted: September 2, 2010
Application Number:
20100220727
Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.
LOAD BALANCING NETWORK TRAFFIC ON A LABEL SWITCHED PATH USING RESOURCE RESERVATION PROTOCOL WITH TRAFFIC ENGINEERING
Granted: August 26, 2010
Application Number:
20100214913
Techniques are describe for establishing an overall label switched path (LSP) for load balancing network traffic being sent across a network using the a resource reservation protocol such as Resource Reservation Protocol with Traffic Engineering (RSVP-TE). The techniques include extensions to the RSVP-TE protocol that enable a router to send Path messages for establishing a tunnel that includes a plurality of sub-paths for the overall LSP. The tunnel may comprise a single RSVP-TE Label…
