1. Field of the Invention
The present invention relates generally to the field of network communication, more specifically, the present invention relates to a method for classifying packets.
2. Description of the Related Art
With recent development of multimedia data processing in the Internet and the World Wide Web, such as, speech, sound, and imaging processing, new techniques for managing and transferring data packets over network communications are needed. Data packets are commonly referred to as small blocks of data sent across a packet switching network.
In network communications utilizing Internet protocol (xe2x80x9cIPxe2x80x9d), a data packet, which may contain audio and video (xe2x80x9cAVxe2x80x9d) data, is typically transmitted using a conventional network protocol, such as, for example, TCP/IP (xe2x80x9cTransmission Control Protocol/Internet Protocolxe2x80x9d). TCP/IP is a standard network protocol that allows a packet to pass across the Internet with the best-effort packet delivery service.
In order to send a packet across a network, each packet must be classified so that the network administrator knows how to treat the packet while it travels across the network. Packet classification is a process that identifies the packets, such as, for example, TCP/IP packets. Once a packet is classified, the packet classification is used to determine what type of packet treatment, such as, for example, security requirements or quality of service, (xe2x80x9cQOSxe2x80x9d), should be used according to the policy of the network. The policy typically includes various rules.
To determine a proper packet treatment, a network administrator typically identifies rules according to the packet classification. Once the rules are found, a typical low-level packet processing method for comparing fields of the rules with fields of the packet is used. The fields of the packet usually include a 5-tuple where a typical 5-tuple consists of source address, source port, destination address, destination port, and protocol. For example, a low-level packet processing method compares the 5-tuple defined in the rule with the 5-tuple listed in the packet. If there is a match, a rule or rules may be fetched from a rule database for the packet treatment.
The conventional low-level packet processing method for implementing a policy is not an optimal process for a network administrator. A problem with the current method is that the method is difficult to maintain and update. Another problem with the low-level packet processing method is that the method makes it difficult to add and delete a machine or system. Accordingly, there is a need for a high-level packet processing method that simplifies the process for implementing a network policy.
At least one source address is grouped in a source group and at least one destination address is grouped in a destination group. In addition, at least one source port, one destination port, and one protocol are grouped in a protocol group. In this embodiment, at least one rule is identified according to the source group, destination group, or protocol group. After identifying the rule or rules, specific treatment for the packet is determined according to the rule. After identifying the rule, specific treatment for the packet during the network transmission is identified in response to the rule or rules.