The communications industry is rapidly changing to adjust to emerging technologies and ever increasing customer demand. This customer demand for new applications and increased performance of existing applications is driving communications network and system providers to employ networks and systems having greater speed and capacity (e.g., greater bandwidth). In trying to achieve these goals, a common approach taken by many communications providers is to use packet switching technology. Increasingly, public and private communications networks are being built and expanded using various packet technologies, such as Internet Protocol (IP). Note, nothing described or referenced in this document is admitted as prior art to this application unless explicitly so stated.
Traffic rate-limiting mechanisms are used to ensure packet traffic conforms to certain predetermined rates. These can be used to protect systems from attacks (e.g., denial-of-service) and to ensure packet traffic conforms to subscribed rates.
Traditional rate limiters are implemented with two rate-limiting states. FIG. 1A illustrates one such prior approach wherein when a rate limiter is in an in-profile forwarding state 100, packets are forwarded normally. In response to the rate exceeding threshold value, the state of the rate limiter switches to an out-of-profile rate-limiting state 102, wherein packets are rate-limited, such as, but not limited to being dropped or redirected to another location or processor. When the rate drops below the threshold (e.g., the rate over time decreases or a new measuring time period commences), the state switches back to in-profile forwarding state 100.
FIG. 1B illustrates a prior art system using a rate limiter for limiting multiple different types and/or streams of traffic. Packets are first classified by classification mechanism 110 (e.g., an associative memory such as a ternary content-addressable memory) to identifying which set of rate-limiting parameters to use. Rate-limiting mechanism 112 retrieves the corresponding parameters 114 based on the rate-limiter indication and performs the appropriative forwarding or rate-limiting operation based on its current state as illustrated by and described in relation to FIG. 1A. Clock or timer 116 provides the timing references as the current rate of a classification of traffic is determined based on a number of packets received in a given time period or over time.
A problem with these prior art rate-limiting systems is that they provide minimal information about the traffic (e.g., statistics of the number of packets dropped) or they redirect all the out-of-profile packets to a processing mechanism, which can be overwhelmed by the number of packets.