Generally, communication protocols have been adopted to connect client systems with server systems on the Internet. One of the main protocols for transmitting data over networks to the transmission control protocol/internet protocol (TCP/IP). While the internet protocol (IP) deals typically with the transfer of packets, the transmission control protocol (TCP) enables two computer systems to establish a connection and exchange streams of data. TCP ensures dependable delivery of the data and guarantees that data packets will be delivered in the same order as originally sent.
A TCP connection between a client and a server may be split at various points, such as at domain boundaries or at Internet service provider (ISP) servers. Many web-based services utilize split-connection proxies, such as firewalls, gateways for mobile hosts, and stream transducers. In traditional implementation, proxy servers utilize application modules to transfer data between the client and server connections. Unfortunately, such application modules required substantial overhead for handling the significant number of active TCP connections within the user space.
To lower the overhead of split-connection proxies, a TCP splice module was introduced, thereby eliminating the duplicative copying of data between buffers at network and application layers that incurred for each packet exchanged between corresponding client and server endpoints. The utilization of the TCP splice module conserves the usage of state management resources by closing connection sockets in the application after the TCP splice is established. The TCP splice module transfers data from the server to the client directly through the IP-layer or the socket layer in the network kernel space.
In a basic interaction mode, an HTTP proxy application can exploit TCP splice by receiving and processing the client request (e.g., HTTP GET or HTTP CONNECT), establishing the connection to the server, forwarding the request to the server, and invoking the TCP splice for the two connections. Typically, the TCP splice module or service provides for the bidirectional transfer of data between the two connections, until one of the endpoints (e.g., the client or the server) closes its connection.
Although the TCP splice module provides advantages for many web-based services, there currently is not efficient way to enable TCP splice for a content-based charging (CBC) proxy. A CBC proxy generally extends the traditional split-connection proxies with additional services that provide for accounting the volume (or time) of data transferred through the proxy for each client or user and redirecting a client request (GET or CONNECT) if the volume (or time) of transferred data exceeds the limit allowed by the user's prepay account.
Applying the TCP splice module or service to a CBC proxy introduces several issues, because the use of content-based charging requires the CBC proxy to control redirecting of a client request, for example, when accessing a website with an access charge or when an account balance of a customer falls below a predetermined threshold. Existing TCP splice solutions are either (1) connection-based, as the splicing is established after the socket connections become available and the application relinquishes control of the connections completely after splicing, or (2) request-based, as the splicing of the TCP connections occurs on a request-by-request basis. Unfortunately, a connection-based TCP splice module does not provide a mechanism or facility to allow the CBC proxy to regain control of the connections for processing a redirection request, for example, at the application layer, while a request-based TCP splice module does not provide for the optimization of state management resources, such as file descriptors for opened-stock connections.
What is needed is a system and method of enabling TCP splice connections with a content-based charging proxy, while allowing the CBC proxy to regain control of the connections if a particular triggering event occurs. It is to such a system and method that the present invention is primarily directed.