1. Field of the Invention
This invention relates generally to providing a redundancy scheme for deep packet inspection engines.
2. Description of Related Art
Telecommunication service providers often advertise the reliability of their services by listing the percentage of time per year that their equipment provides full service. For example, many service providers guarantee “6-nines” availability, which translates to around thirty seconds of system downtime per year. In order to ensure high levels of customer satisfaction and retention, it is imperative that service providers adhere to the guaranteed level of service.
Given the stringent requirements faced by service providers, equipment manufacturers strive to produce reliable hardware and software that minimize system downtime. However, because a typical service provider simultaneously operates thousands of pieces of equipment, hardware and software failure are inevitable. In an attempt to minimize the effect of such failures on service availability, service providers frequently utilize redundancy schemes, whereby a backup piece of equipment may be quickly activated upon failure of a primary piece of equipment.
Service providers use several variations of a redundancy scheme, depending on cost restraints, availability requirements, and a number of other factors. In a 1+1 redundancy scheme, one piece of redundant equipment is provided for each piece of active equipment. This scheme maximizes reliability, such that the system may reliably handle failure of multiple devices at once. Alternatively, to allow for cost savings at the expense of reliability, a service provider may utilize one redundant device for each set of N active devices. A compromise between the 1+1 and 1:N redundancy scheme may be reached by utilizing N redundant devices for every M active devices, where N is less than M.
Regardless of the redundancy scheme selected, the service provider must also determine whether to use hot redundancy, warm redundancy, or a combination thereof. In a hot redundant system, the redundant device maintains configuration data, equipment availability, and state information. Accordingly, in the event of failure of the active device, the redundant device is ready to immediately resume operation with no service outage. In contrast, a redundant device implementing warm redundancy stores configuration data and equipment availability, but does not store state information. Accordingly, upon failure of the active device, the warm redundant device may resume operation without having to boot-up, but must learn state information, thereby introducing a slight impact on the provided service.
As is apparent from the above description, redundancy schemes are complex and require a significant amount of planning, configuration, and maintenance for successful implementation. With the ever-increasing complexity of network infrastructures, redundancy schemes are experiencing a corresponding increase in complexity. This increase in complexity is well-illustrated by the problem of providing redundancy for deep packet inspection (DPI) devices.
DPI devices are increasingly deployed in telecommunications networks. These devices examine packets in a particular flow and identify an application associated with the flow. Using information about the application identified by the DPI device, service providers may, inter alia, increase the quality of service and more fairly bill customers based on their network usage. Thus, although DPI engines provide significant benefits to service providers, they also introduce significant expenses and complexities in high availability systems for which redundancy is required.
Current redundancy schemes fail to minimize the costs associated with a high-availability scheme when DPI devices are used by the service provider. In particular, a conventional approach to high-availability mandates 1+1 hot redundancy, such that the service provider needs to purchase a backup DPI device for each primary DPI device and must modify its network such that both devices always process the entirety of the traffic to learn and maintain state information. This is very costly, given the complexity of DPI devices, especially given that, in many situations, only a subset of applications is important enough to require hot redundant support. Thus, current solutions fail to effectively provide redundancy for the DPI-based application engines in an efficient, cost-effective manner.
Accordingly, there is a need for a redundancy scheme for DPI-based application engines that eliminates the need for 1+1 hot redundancy. In particular, there is a need for an M:N redundancy scheme, where N is less than or equal to M, that maximizes efficiency in providing redundancy by considering application information known by the DPI engine. Additionally, there is a need for a M:N redundancy scheme with a reduced complexity of implementation.
The problems described above are illustrative of those that are addressed by the various exemplary embodiments and are not intended to be exhaustive or limiting of the possible problems addressed or solved. Furthermore, the foregoing objects and advantages of the invention are merely illustrative and are not intended to be exhaustive or limiting of the possible advantages that can be realized. Thus, these and other objects and advantages of the various exemplary embodiments will be apparent from the description herein or can be learned from practicing the various exemplary embodiments, both as embodied herein or as modified in view of any variation that may be apparent to those skilled in the art. Accordingly, the present invention resides in the novel methods, arrangements, combinations, and improvements herein shown and described in various exemplary embodiments.