In the field of packet-switched communications, which includes, but is not limited to: X-25, Internet Protocol (IP), Frame Relay (FR), Asynchronous Transfer Mode (ATM), Synchronous Optical NETwork (SONET)/Synchronous Digital Hierarchy (SDH), etc. networking, it is important to limit the acceptance rate at which content is being accepted from a source, typically but not limited to a communications network node, to ensure: that the transport infrastructure of a communications network is not overburdened, that no single source makes excessive use of communications network resources to the detriment of other entities making use thereof, that Service Level Agreements (SLAs) are enforced, etc.
Packet-switched communications concern the conveyance of content segments encapsulated in Protocol Data Units (PDUs) between communications network nodes. Each PDU has an internal make-up, referred to as a “frame”, which includes a start-of-frame marker, and a payload holding at least one content segment. PDU frame headers and trailers are populated with network addressing information, and (possibly) control information, to direct each PDU onto a corresponding transport path traversed in the communication network(s) between source and destination communications network nodes.
A novel approach has been undertaken in a related field concerning controlling the rate at which content is being conveyed in communications networks:
A prior art U.S. Pat. No. 5,313,454 entitled “Congestion Control for Cell Networks” which issued May 17, 1994, to Bustini et al., describes a feedback control mechanism for connection-session-based congestion prevention wherein network nodes traversed in a transport path of a corresponding virtual connection, report, using bandwidth reserved for the virtual connection, cell level system buffer occupancies to the destination network node associated with the virtual connection for interpretation, a feedback signal being sent, using bandwidth reserved for the virtual connection, to the source network node associated with the virtual connection which is expected to adjust the source network node transmission rate accordingly. Although inventive, the proposed solution is: limited to ATM content transport characterized by an end-to-end preprovisioned connection, the virtual connection incurs bandwidth overhead in conveying reports and feedback signals, involves virtual connection specific report tracking and interpretation at the destination network node, requires feedback signal interpretation at the source network node, and most importantly hinges on the cooperation of the source network node which in practice may not always be relied upon. An assessment regarding compliance with a customer SLA directly addresses issues related to a source network node's adherence to SLA agreed upon content transmission rates.
Other developments concentrate on output port rate limiting techniques to prevent output port buffers from overloading. These approaches to content conveyance rate control do not address input port congestion and therefore do not address limiting content acceptance rates in a communications network:
A prior art U.S. Pat. No. 6,205,155 entitled “Apparatus and Method for Limiting Data Bursts in ATM Switch Utilizing Shared Bus” which issued on Mar. 20th, 2001 to Parrella et al., describes an ATM cell-filtering approach to content conveyance rate control based on destination addresses to ensure that output port buffers do not overflow. While inventive in addressing output port congestion in ATM switches, no provisions are made for assessing adherence to SLAs in receiving content at a network node. Because the solution is destination address specific, it does not address denial of service attacks which flood traffic to multiple network addresses and/or setup a large numbers of virtual connections, both scenarios placing high demands on the network node input port resources before the content is switched and output port queued.
Another prior art U.S. Pat. No. 5,604,867 entitled “System for Transmitting Data between Bus and Network having Device Comprising First Counter for Providing Transmitting Rate and Second Counter for Limiting Frames Exceeding Rate” which issued Feb. 18th, 2003 to Harwood, describes a system for limiting the number of multicast and broadcast frames generated by a network node from already accepted content to ensure that a shared bus and output port buffers are not overloaded. The two counter implementation also addresses issues related to content conveyance rate limiting while allowing some content bursting. Although inventive, the presented approach does not address issues concerning adherence to SLAs. Further SLAs concern all types of traffic generated by a source network node not just multicast and broadcast traffic.
Output port transmission rate limiting control as described in the above two prior art patents, would be beneficial in limiting content acceptance rates in communications networks, if such output port transmission rate limiting control was exercised at customer premise equipment. However, as customer premise equipment is not necessarily under the span of control of a service provider, managing an associated communications network, coupled with a disincentive for a customer to correctly and actively limit upstream output port rates, the presented solutions cannot be relied upon and are therefore insufficient. Therefore despite these prior advances, output port limiting employed on edge equipment aggregating upstream content traffic does not address issues related to input port contention for resources at edge network nodes.
Further, content generated by a source network node may be conveyed as connection specific traffic and connection less traffic. A lot of stack processing is involved in imposing conveyance rate limits at the connection level (typically supported by a higher layer content transport protocol) especially if the underlying content transport protocol employed is not a connection oriented content transport protocol.
FIG. 1 is exemplary of interconnected communications network equipment providing communications services to customers 100. Each customer 100, associated with a customer network 101 and/or a customer node 102, is provided with access to communications services via a customer premise transceiver 104 and an access link 106. Each access link 106 is physically connected to a port 108 of a line card (interface card) 110 of an access node 120 designated as an edge of a communications network 130.
In accordance with an exemplary approach, the content conveyed may be regarded by a particular network node receiving thereof for processing as a content stream (audio, video, ticker tape data, etc.), which is segmented into content segments, at least one content segment being conveyed packetized in payloads of individual PDUs conveyed. Content-stream-aware rate limiting control enforced at the particular network node (120): relates to a stream-aware content transport protocol such as, but not limited to: ATM; requires extensive tracking of the PDUs being conveyed in the context of each tracked content stream, thus employing large amounts of memory storage; and therefore is typically implemented at the network layer or above.
In accordance with another exemplary approach, conveyance rate limiting control enforced at a particular network node (120) may address the fact that a particular customer's source network node 102 makes excessive use of shared communications network resources to the detriment of other customers' 102 and 101/102. The content conveyed may be redirected around failure affected communications network infrastructure via redundant access links 106 as shown to be employed by the customer network 101. From the particular point of view of a network node 120 effecting rate limiting control, conveyed content originating from such a rogue source network node 102, may be received at the network node 120 via multiple redundant interconnecting links 106. It is understood that if the rogue source network node 102 makes use of communications services via a customer's network 101, depending on the implementation of the customer's network 101, the entire customer network 101 may have to be labeled as a rogue customer network 101, if the particular rogue customer network node 102 cannot be identified distinctively (network addressing translation etc.) Source-network-node-based rate limiting control: requires extensive tracking of network node addressing and of PDUs received therefrom thus employing large amounts of memory storage; and therefore is typically implemented at the network layer or above.
Network or higher layer implementations suffer from an intensive protocol stack processing necessary in inspecting each received PDU. Making reference to a typical prior art implementation shown in FIG. 2, in connection with both of the above presented exemplary approaches, central processing resources of the communications network node 120 including, but not limited to: system (typically, but not limited to, access node) central processor 122, bandwidth on the system data bus 124, central memory storage 126, etc are employed. Attempts at network and higher layer rate limiting control include software-based solutions which, although flexible and customizable, lack defined response time guarantees. The lack of defined response time guarantees leads to variable delays in processing received PDUs at communications network nodes 120 in the transport path, which leads to further overuse of processing resources including, but not limited to: memory storage overheads, processing bandwidth reductions, excessive content transport delays, excessively varying PDU inter-arrival time periods (jitter), etc.
With rate limiting control effected on received PDUs after the received PDUs have been stored in the central storage 126, a rogue source network node 102 may create contention for bandwidth on the system data bus 124 by sending a large number of PDUs at high rates, the contention unfairly drowning out content traffic received via other physical ports 108 associated with well behaving network nodes 102, before the system processor 122 has a chance to assess the degree to which the latter are affected.
There therefore is a need to solve the above mentioned issues in effecting content traffic control.