The present invention relates to a data transfer apparatus which can monitor a bandwidth for each flow to determine appropriate processing for a received packet.
In IP (Internet Protocol) networks represented by the Internet, packets from a large number of users are communicated through the same line, so that the cost can be kept low per bandwidth. For this reason, enterprise users replace speech data networks (telephone networks) and key business networks with the IP networks with the intention of reducing the communication cost. From the background as mentioned above, an IP-VPN (Virtual Private Network) and a wide-band Ethernet (Ethernet is a registered trademark) service have been introduced for provision of the communication quality (QoS: Quality of Service) which had been provided by the speech data networks and key business networks based on dedicated lines.
In the IP-VPN and wide-band Ethernet services, a contract is made between an enterprise user and a carrier for a bandwidth for connecting hub sites such as the main office, branch offices and the like of the enterprise user to a network of the carrier (hereinafter called the “connection bandwidth”). In this event, the network of the carrier must be controlled such that a band through which each hub site transmits to the network of the carrier and a bandwidth through which each hub site receives from the network of the carrier do not exceed the connection bandwidth. For this reason, an edge node on the network of the carrier must be provided with a bandwidth monitoring function for limiting input/output packets to the connection bandwidth. The bandwidth monitoring function performs bandwidth monitoring which involves measuring the bandwidth of inputted or outputted packets, and determining as compliance when the measured bandwidth is within the connection bandwidth, and as violation when the measured bandwidth exceeds the connection bandwidth. This function monitors packets inputted from the respective hub sites and packets outputted to the respective hub sites for the bandwidth to limit bandwidth through which the respective hub sites make transmissions/receptions to the connection band.
In the bandwidth monitoring function, an algorithm for determining the compliance/violation is known, for example, from a leaky bucket algorithm described in Section 4.4.2 of The ATM Forum Approved Specifications Traffic Management 4.0. This algorithm is represented by a model of a leaky bucket which has a certain capacity and a hole. While the bucket contains water, water leaks in an amount proportional to the bandwidth under monitoring, and when a packet arrives at the bucket, an amount of water corresponding to the length of the packet is poured into the bucket. The bucket has the capacity for allowing fluctuations in arrival of packet and burst. An input packet is determined as compliance (within the bandwidth under monitoring) before the bucket overflows, and as violation (exceeding the bandwidth under monitoring) when the bucket overflows. FIG. 8 illustrates a flow cart of the leaky bucket algorithm. This algorithm employs variables: a packet arrival time LCT, and a counter value C corresponding to the amount stored in the bucket. As a packet k arrives at a time ta(k) (step 801), the algorithm calculates difference (corresponding to the amount of water leaking from the bucket) between the arrival time LCT of a packet which was updated when the packet was determined as compliance the last time and the arrival time ta(k). This value is subtracted from X to calculate X′ (step 802), it is determined whether or not X′ is negative (step 803), and X′ is modified to 0′ when X′ is negative (step 804). Then, X′ is compared with a limit L (corresponding to the capacity of the bucket) (step 805), and the input packet is determined as violation when X′≧L, followed by termination of the processing without changing the values of X and LCT (step 806). When X′≦L, the input packet is determined as compliance, and the sum of X′ and a fixed value I determined by the bandwidth under monitoring (corresponding to the amount of water converted from one packet) is saved as X, and the arrival time of the cell is saved as LTC (step 807). When the first packet arrives, X is initialized to “0” while LCT to the arrival time of the first packet.
Also, Diffserv (Differentiated Service) (S. Blake, et al., “An Architecture for Differential Services,” IETF, RFC 2475, December 1998) described in RFC2475 of IETF (Internet Engineering Task Force) is a technique for ensuring QoS such as a low delay time, a low discard ratio and the like for data transfers within a network. In a Diffserv-based network, an edge node classifies packets in accordance with source/destination IP addresses and source/destination port numbers within a packet header, a protocol, and the like, and rewrites a priority value of DSCP (Differentiated Service Code Point) within the packet header in accordance with the class. A node within the network performs a transfer operation associated with the priority value of DSCP. The edge node rewrites DSCP of a packet which requires a low delay time and a low discard ratio to a higher priority, and nodes within the network preferentially transfer packets with higher priorities to accomplish the low delay time and low discard ratio of packets.
Further, recently, there is another tendency of not only substituting IP-VAN and wide area Ethernet for networks built with dedicated lines, but also integrating general data networks for accessing web sites and communicating electronic mails and the like to further reduce the communication cost. In order to accomplish the integration while ensuring QoS, the bandwidth monitoring function must be provided with a bandwidth allocation function for ensuring a bandwidth for each of data type such that certain particular data fully occupies a connection bandwidth of each hub site.
JP-A-2000-349812 (U.S. Patent Publication No. 2004/0228274A1) describes a bandwidth allocation function for preferentially allocating a connection bandwidth to key business data. A bandwidth monitoring function which employs the preferential bandwidth allocation function gives a high priority to a key business data packet equal to or less than a bandwidth under monitoring, and gives the high priority to general data packets as well to an extent that the bandwidth under monitoring is not exceeded only when the key business data packets are less than the bandwidth under monitoring.
Another bandwidth allocation function is a group policer described in Yuichi Ishikawa et al., “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function,” The Institute of Electronics, Information and Communication Engineers (IECE), RCS2004-20 CQ2004-20, April 2004. A bandwidth monitoring function which employs the group policer sets, in addition to a connection bandwidth, a guaranteed bandwidth for key business data and a guaranteed bandwidth for general data. A key business data packet and a general data packet which are determined to be equal to or less than the respective guaranteed bandwidths are given a high priority and a middle priority, respectively. Also, similar priorities are given when a total bandwidth of the key business data and general data are determined to be equal to or less than the connection bandwidth though they exceed their respective guaranteed bandwidths. When the total bandwidth of the key business data and general data is determined to exceed the connection bandwidth, associated packets are discarded. With the foregoing bandwidth monitoring operation, the bandwidth monitoring function which employs the group policer can allocate the connection bandwidth such that certain bandwidths can be ensured for respective data types such as general data, key business data and the like, while limiting a transmission/reception bandwidth of each hub site to the connection bandwidth or less.
Problems associated with the prior art will be described with reference to FIG. 2 which shows an example of wide area Ethernet service and IP-VPN service. Assume that a certain enterprise X has three hub sites X-0, X-1, X-2, and an intra-office networks 200, 201, 202 have been built in the respective hub sites. This enterprise X has built an integrated network for key business data and general data using a bandwidth monitoring function to which the group policer described in “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function” is applied. Here, the key business data refers to data which includes VoIP (Voice over Internet Protocol), video data, visual teleconference data, telephone conference data and the like.
The carrier has concluded a contract with the enterprise X that the carrier guarantees connection bandwidths of 100 Mbps, 60 Mbps, and 70 Mbps for the respective hub sites X-0, X-1, X-2 of the enterprise X for connection with a network 240 of the carrier, and guarantees bandwidths of 70 Mbps, 30 Mbps, and 40 Mbps for the key business data in the respective connection bandwidths, and guarantees the bandwidth of the remaining 30 Mbps for general data in the respective connection bandwidths.
Gateway nodes 210, 211, 212 are installed at inlet/outlet ports of the intra-office networks 200, 201, 202, respectively. These nodes are provided with the bandwidth monitoring function described in “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function” to limit packets transmitted by the respective hub sites X-0, X-1, X-2 to the aforementioned connection bandwidths or less. In addition, the connection bandwidths are allocated to satisfy the guaranteed bandwidths for the key business data and general data. A high priority key business packet and a middle priority general packet, which have been permitted to be communicated, are sent out to access lines 220, 221, 222. The network 240 of the carrier transfers the key business packet, which has been given the high priority, with a higher priority, and transfers the general packet, which has given the middle priority, with a lower priority. Upon receipt of packets which should be transferred to the access lines 220, 221, 222, the edge nodes 230, 231, 232 monitor the bandwidths in a manner as described in “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function” in a manner similar to the gateway nodes 210, 211, 212, to limit packets to the respective hub sites to their connection bandwidths or less and to allocate the bandwidths to ensure a certain bandwidth for each type of data.
Giving the bandwidth monitoring in the node 210 as an example, a description will be given of a problem associated with the baseband monitoring in accordance with the “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function” applied to the bandwidth monitoring. Assume that the bandwidth monitoring function of the node 210 involves setting three monitoring policies shown below, and conducing the bandwidth monitoring based on these monitoring policies. A first monitoring policy is Monitoring Policy A which limits packets transmitted by the hub site X-0 to the hub sites X-1, X-2 to the connection bandwidth 100 Mbps or less. Assume herein that a condition under which the hub site X-0 detects packets transmitted toward the hub sites X-1, X-2 is called the “flow detection condition A.” A second and a third monitoring policy include Monitoring Policy B1 which monitors key business data packets transmitted by the hub site X-0 to the hub sites X-1, X-2 for a guaranteed bandwidth of 70 Mbps, and Monitoring Policy B2 which monitors general data packets transmitted by the hub site X-0 to the hub sites X-1, X-2 for a guaranteed bandwidth of 30 Mbps. FIG. 14 shows a Venn diagram which represents the relationship among the flow detection condition A, a flow detection condition B1 for detecting key business data packets transmitted by the hub site X-0 to the hub sites X-1, X-2, and a flow detection condition B2 for detecting general data packets transmitted by the hub site X-0 to the hub sites X-1, X-2. The flow detection condition A is in a relationship of encompassing the flow detection conditions B1, B2 (hereinafter this relationship is called the “unilateral comprehensive relationship”).
Assume that while the bandwidth monitoring is under way at the node 210 in accordance with “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function,” the hub site X-0 has transmitted key business data at 50 Mbps and 50 Mbps to the hub site X-1, X-2, respectively, and has transmitted general data at 100 Mbps to the hub site X-1. Since the hub site X-0 is guaranteed a bandwidth of 70 Mbps for key business data, the node 210 transmits a total of data at 65 Mbps which is a combination of key business data at 35 Mbps and general data at 30 Mbps, and transmits key business data at 35 Mbps to the hub site X-2. In other words, the data destined to the hub site X-2 is allocated a disadvantageous bandwidth over the data destined to the hub site X-1. Consequently, the enterprise X fails to accomplish an impartial bandwidth allocation between the hub sites X-1 and X2.
To prevent such a partial bandwidth allocation, the bandwidth monitoring function of the node 210 is required to perform the bandwidth monitoring by monitoring the packets transmitted by the hub site X-0 to the hub site X-1 based on Monitoring Policy C1 which monitors packets to check whether they exceed 50 Mbps, and monitoring the packets transmitted by the hub site X-0 to the hub site X-2 based on Monitoring Policy C2 which monitors packets to check whether they exceed 50 Mbps.
FIG. 15 shows a Venn diagram which represents the relationship among the flow detection conditions C1 and C2 for detecting packets transmitted by the hub site X-0 to the hub site X-1, X2 respectively, and the flow detection conditions A, B1, B2. The flow detection conditions B1, B2 and flow detection conditions C1, C2 are in a relationship that they share part of condition items (hereinafter, this relationship is called the “mutual comprehensive relationship”). While JP-A-2000-349812 (U.S. Patent Publication No. 2004/0228274A1), “The ATM Forum Approved Specifications Traffic Management 4.0,” “An architecture for Differentiated Services,” and “Proposal and Evaluation of the Group Policer with Bandwidth Guaranteeing and Sharing Function” include descriptions on the band monitoring for a flow which is detected from a plurality of flow detection conditions in the unilateral comprehensive relationship, they do not include descriptions on the bandwidth monitoring of a flow which is detected from a plurality of flow detection conditions in the mutual comprehensive relationship, so that a bandwidth monitoring apparatus which employs these prior art techniques have a problem of the inabilities to prevent such partial bandwidth allocation.