1. Field
Embodiments of the invention relate to the field of networking; and more specifically to the creation of dynamic service groups based on session attributes.
2. Background
A network element (e.g., a router, switch, bridge, etc.) is a piece of networking equipment, including hardware and software, that communicatively interconnects other equipment on the network (e.g., other network elements, end stations, etc.). Some network elements are “multiple services network elements” that provide support for multiple networking functions (e.g., routing, bridging, switching, Layer 2 aggregation, and/or subscriber management), and/or provide support for multiple application services (e.g., data, voice, and video). Subscriber end stations (e.g., servers, workstations, laptops, palm tops, mobile phones, smartphones, multimedia phones, voice over internet protocol (VOIP) phones, portable media players, GPS units, gaming systems, set-top boxes, etc.) access content/services provided over the Internet and/or content/services provided on virtual private networks (VPNs) overlaid on the Internet, intranets and/or other private networks. The content and/or services are typically provided by one or more end stations (e.g., server end stations belonging to a service or content provider, or end stations participating in a peer to peer service) and may include public webpages (free content, store fronts, search services, etc.), private webpages (e.g., username/password accessed webpages providing email services, etc.), corporate networks over VPNs, etc. Typically, subscriber end stations are coupled (e.g., through customer premise equipment coupled to an access network (wired or wirelessly)) to edge network elements, which are coupled (e.g., through one or more core network elements to other edge network elements) to the other end stations (e.g., server end stations).
Certain network elements (e.g., certain edge network elements) allow for manually creating a service group and manually determining its members (e.g., subscriber sessions). As used herein, a service group is a virtual construct that allows various sets of circuits (e.g., subscriber sessions, VLANs (Virtual Local Area Networks), ATM PVCs (Asynchronous Transfer Mode Permanent Virtual Circuits), etc.) to be grouped together for configuration purposes (e.g., collective rate enforcement, metering, policing, scheduling, common Access Control List configuration, etc.) and for a commonly maintained state (e.g., enforcing rate control or a stateful firewall where the actions/behavior of one session impacts enforcement for all members of the service group). A circuit is an internal construct in a network element that represents a distinguishable flow of packets being communicated forwarded by the network element using a protocol and may be identified by factors such as the physical interface and a unique combination of protocol encapsulations, addresses, VLAN, and session identifiers marked in those packet's headers.
Service groups can be manually created using a CLI or other provisioning interface of the network element. After the service group has been created, the members of the service group (e.g., the subscriber sessions) are also manually configured (e.g., by provisioning an attribute (e.g., a RADIUS or local attribute) that references the same service group name). Thus, provisioning service groups typically involved two manual steps: creation of the service group itself; and adding members to that service group. Manually configuring service groups and their membership can be tedious, time consuming, and subject to error.