Computer networks have grown increasingly complex with the use of distributed client/server applications, mixed platforms and multiple protocols all in a single physical backbone. The control of traffic on networks is likewise moving from centralized information systems departments to distributed work groups. The growing utilization of computer networks is not only causing a move to new, high speed technologies, but is, at the same time, making the operation of computer networks more critical to day to day business operations. The use of quality of service (QoS) criteria for managing and/or contracting communication service level agreements (SLAs) is becoming increasingly common in networks, such as networks supporting Internet protocol (IP) communications.
The Internet Engineering Task Force (IETF) has proposed a set of policy schemas (object oriented models of policy classes and policy attributes) and a policy framework for managing future networks. The IETF proposed policy based networking technology is described in the Internet draft entitled “Policy Core LDAP Schema,” draft-IETF-policy-core-schema-07.text, Jul. 14, 2000 (“IETF proposal”). Among other things, the IETF proposal includes three policy classes referred to as policy Rule, policy Action and policy Condition respectively. A policy rule (class policy rule) has the following semantics: “If Condition then Action.” In other words, the actions (class policy action) specified by a policy rule are to be performed/executed only if the policy condition (class policy condition) evaluates to TRUE (i.e., is met).
Stated differently, the IETF proposal provides policy conditions which represent a set of criteria that are used to identify various groupings, such as host(s), routing, application(s), based on which, if the condition evaluates to TRUE, appropriate actions are performed. The application condition group, for example, includes, among other things, an attribute that is used to identify the content of the application data to be used in the policy condition evaluation. This data, for Web requests, generally represents the Universal Resource Indicator (URI) portion of the Universal Resource Locator (URL) or the directory where the object of the request is located.
Implementation of such policy rule based operations in time sensitive environments, such as a high speed network environment, can place time critical demands on processing capabilities of various network communication server devices. Rapid detection of the application data type or other aspects of a communication packet processed by a communication server may be critical, for example, where service differentiation by different data types is utilized to guarantee SLAs related to QoS.
As an example, in the environment of the worldwide Web (Web or Internet), each hypertext transport protocol (HTTP) type request can result in a different data type(s) being sent to a requesting client device from a server device. For example, an HTTP request may call for video/audio data streaming, transaction oriented data, File Transfer Protocol (FTP) data, etc. Different data types may require different service levels to be assigned while the data is being transmitted to the client. For instance, FTP type data generally requires low loss but is not highly sensitive to delays whereas video/audio data will typically be sensitive to delay but not to loss. Additionally, application specific information other than a URL, for example, the requesting user associated with a request, may be associated with a desired QoS.
Conventional systems implementing QoS criteria typically process requests with a type of service which is network based (as contrasted with endpoint (i.e., server or client based) or utilize unique TCP/IP port numbers to differentiate types of service required. Such an approach may fail to integrate all the desired elements to achieve consistent response time, for example, when processing web-based transactions which benefit from prioritization to achieve consistent response times. For example, such web-based requests are all typically managed at the same priority level which may result in downloads, browses and business transactions being managed at the same priority level with both network and server resources being applied equally across what may preferably be treated as three different priorities of workload. Such a result may be encountered in conventional systems as all such web-based requests typically travel through the network and arrive at the server using the same port (generally port 80 or port 443 if secured socket layer (SSL) communications are being used).
An example of such a QoS product is the Web Traffic Express product available from IBM corporation of Armonk, N.Y. which generally provides web associated quality of service in a separate device positioned between the server/client (endpoint) device and the communication network. This separate device may then determine network qualities of service, for example, using content based routing or based on network characteristics. Similar web QoS products are also available from Hewlett Packard Corporation and Cisco Corporation.
For content based routing (CBR) which may provide transactional QoS, such nodes typically rely on knowledge of the data content of communications by evaluating the communications. Such an evaluation of each communication may present scalability problems as the rate of communications grows if the contents of each communication is to be evaluated. Furthermore, when applications use secure communications, such as Secure Socket Layer (SSL) communications, data content of the communications are encrypted. Thus, network nodes will, typically, not be able to peer into the contents of the data without knowing the encryption/decryption keys. Gaining knowledge of these keys may compromise end-to-end security and present further scalability issues if data content must be decrypted, evaluated and encrypted as it passes through, for example, a routing node.