1. Technical Field
The present invention relates to computer networks, and more particularly to a method and system in an IP network for optimally dispatching IP datagrams comprising socks traffic among a plurality of Socks Servers.
2. Description of the Related Art
Internet
The Internet is a global network of computers and computers networks (the “Net”). The Internet connects computers that use a variety of different operating systems or languages, including UNIX, DOS, Windows, Macintosh, and others. To facilitate and allow the communication among these various systems and languages, the Internet uses a language referred to as TCP/IP (“Transmission Control Protocol/Internet Protocol”). TCP/IP protocol supports three basic applications on the Internet:                transmitting and receiving electronic mail,        logging into remote computers (the “Telnet”), and        transferring files and programs from one computer to another (“FTP” or “File Transfer Protocol”).TCP/IP        
The TCP/IP protocol suite is named for two of the most important protocols:                a Transmission Control Protocol (TCP), and        an Internet Protocol (IP).        
Another name for it is the Internet Protocol Suite. The more common term TCP/IP is used to refer to the entire protocol suite. The first design goal of TCP/IP is to build an interconnection of networks that provide universal communication services: an internetwork, or internet. Each physical network has its own technology dependent communication interface, in the form of a programming interface that provides basic communication functions running between the physical network and the user applications. The architecture of the physical networks is hidden from the user. The second goal of TCP/IP is to interconnect different physical networks to form what appears to the user to be one large network.
TCP is a transport layer protocol providing end to end data transfer. It is responsible for providing a reliable exchange of information between 2 computer systems. Multiple applications can be supported simultaneously over one TCP connection between two computer systems.
IP is an internetwork layer protocol hiding the physical network architecture below it. Part of the communicating messages between computers is a routing function that ensures that messages will be correctly directed within the network to be delivered to their destination. IP provides this routing function. An IP message is called an IP Datagram.
Application Level protocols are used on top of TCP/IP to transfer user and application data from one origin computer system to one destination computer system. Such Application Level protocols are for instance File Transfer Protocol (FTP), Telnet, Gopher, Hyper Text Transfer Protocol (HTTP).
IP Router
A router interconnects networks at the internetwork layer level (IP) and routes messages between them. Routers are able to select the best transmission path between networks. The basic routing function is implemented in the IP layer of the TCP/IP protocol stack, so any host (or computer) or workstation running TCP/IP over more than one interface could, in theory, forward the messages between networks. However, dedicated network hardware devices called “Routers” provide more sophisticated routing functions than the minimum functions implemented in IP. Because IP implements the basic routing functions, the term “IP Router” is often used.
World Wide Web
With the increasing size and complexity of the Internet, tools have been developed to help find information on the network, often called navigators or navigating systems. Navigation systems that have been developed include standards such as Archie, Gopher and WAIS. The World Wide Web (“WWW” or “the Web”) is a recent superior navigation system. The Web is:                an Internet-based navigation system,        an information distribution and management system for the Internet, and        a dynamic format for communicating on the Internet.        
The Web seamlessly, for the use, integrates format of information, including still images, text, audio and video. A user on the Web using a graphical user interface (“GUI”, pronounced “gooey”) may transparently communicate with different host computers on the system, and different system applications (including FTP and Telnet), and different information formats for files and documents including, for example, text, sound and graphics.
Hypermedia
The Web uses hypertext and hypermedia. Hypertext is a subset of hypermedia and refers to computer-based “documents” in which readers move from one place to another in a document, or to another document, in a non-linear manner. To do this, the Web uses a client-server architecture. The Web servers enable the user to access hypertext and hypermedia information through the Web and the user's computer. (The user's computer is referred to as a client computer of the Web Server computers.) The clients send requests to the Web Servers, which react, search and respond. The Web allows client application software to request and receive hypermedia documents (including formatted text, audio, video and graphics) with hypertext link capabilities to other hypermedia documents, from a Web file server.
The Web, then, can be viewed as a collection of document files residing on Web host computers that are interconnected by hyperlinks using networking protocols, forming a virtual “web” that spans the Internet.
Uniform Resource Locators
A resource of the Internet is unambiguously identified by a Uniform Resource Locator (URL), which is a pointer to a particular resource at a particular location. A URL specifies the protocol used to access a server (e.g. HTTP, FTP, . . . ), the name of the server, and the location of a file on that server.
Hyper Text Transfer Protocol
Each Web page that appears on client monitors of the Web may appear as a complex document that integrates, for example, text, images, sounds and animation. Each such page may also contain hyperlinks to other Web documents so that a user at a client computer using a mouse may click on icons and may activate hyperlink jumps to a new page (which is a graphical representation of another document file) on the same or a different Web server.
A Web server is a software program on a Web host computer that answers requests from Web clients, typically over the Internet. All Web use a language or protocol to communicate with Web clients which is called Hyper Text Transfer Protocol (“HTTP”). All types of data can be exchanged among Web servers and clients using this protocol, including Hyper Text Markup Language (“HTML”), graphics, sound and video. HTML describes the layout, contents and hyperlinks of the documents and pages. Web clients when browsing:                convert user specified commands into HTTP GET requests,        connect to the appropriate Web server to get information, and        wait for a response. The response from the server can be the requested document or an error message.        
After the document or an error message is returned, the connection between the Web client and the Web server is closed.
First version of HTTP is a stateless protocol. That is with HTTP, there is no continuous connection between each client and each server. The Web client using HTTP receives a response as HTML data or other data. This description applies to version 1.0 of HTTP protocol, while the new version 1.1 break this barrier of stateless protocol by keeping the connection between the server and client alive under certain conditions.
Browser
After receipt, the Web client formats and presents the data or activates an ancillary application such a sound player to present the data. To do this, the server or the client determines the various types of data received. The Web Client is also referred to as the Web Browser, since it in fact browses documents retrieved from the Web Server.
Domain Names
The host or computers names (like www.entreprise.com) are translated into numeric Internet addresses (like 194.56.78.3), and vice versa, by using a method called DNS (“Domain Name Service”). DNS is supported by network-resident servers, also known as domain name servers or DNS servers.
Intranet
Some companies use the same mechanism as the Web to communicate inside their own corporation. In this case, this mechanism is called an “Intranet”. These companies use the same networking/transport protocols and locally based Web servers to provide access to vast amount of corporate information in a cohesive fashion. As this data may be private to the corporation, and because the members of the company still need to have access to public Web information, to avoid that people not belonging to the company can access to this private Intranet coming from the public Internet, they protect the access to their network by using a special equipment called a Firewall.
Firewall
A Firewall protects one or more computers with Internet connections from access by external computers connected to the Internet. A Firewall is a network configuration, usually created by hardware and software, that forms a boundary between networked computers within the Firewall from those outside the Firewall. The computers within the Firewall form a secure sub-network with internal access capabilities and shared resources not available from the outside computers.
Often, a single machine, on which the Firewall is, allows access to both internal and external computers. Since the computer, on which the Firewall is, directly interacts with the Internet, strict security measures against unwanted access from external computers are required.
A Firewall is commonly used to protect information such as electronic mail and data files within a physical building or organization site. A Firewall reduces the risk of intrusion by unauthorized people from the Internet, however, the same security measures can limit or require special software for those inside the Firewall who wish to access information on the outside. A Firewall can be configured using “Proxies” or “Socks” to designate access to information from each side of the Firewall.
Proxy Server
A HTTP Proxy is a special server that typically runs in conjunction with Firewall software and allows an access to the Internet from within a Firewall. The Proxy Server:                waits for a request (for example a HTTP request) from inside the Firewall,        forwards the request to the remote server outside the Firewall,        reads the response, and sends the response back to the client.        
A single computer can run multiple servers, each server connection identified with a port number. A Proxy server, like an HTTP Server or a FTP Server, occupies a port. Typically, a connection uses standardized port numbers for each protocol (for example, HTTP=80 and FTP=21). That is why an end user has to select a specific port number for each defined Proxy Server. Web Browsers usually let the end user set the host name and port number of the Proxy Servers in a customizable panel. Protocols such as HTTP, FTP, Gopher, WAIS, and Security can usually have designated Proxies. Proxies are generally preferred over Socks for their ability to perform caching, high-level logging, and access control, because they provide a specific connection for each network service protocol.
Socks and Socks Server
Socks is a protocol which does some form of encapsulation of Application Level protocols (for instance FTP, Telnet, Gopher, HTTP). Using Socks, the Application Level traffic between a system running a Socks Client software and a system running a Socks Server software is encapsulated in a virtual Socks tunnel between both systems. Socks is mainly used by systems within an Intranet in order to gain a secure access to systems located outside the Intranet.
A Socks Server acts as a relay between the systems within the Intranet and the systems outside the Intranet, thus hiding the internal systems from the external Internet. It is considered as one form of Firewall.
A Socks Server (also called Socks Gateway) is a software that allows computers inside a Firewall to gain access to the Internet. A Socks Server is usually installed on a server positioned either inside or on the Firewall. Computers within the Firewall access the Socks Server as Socks Clients to reach the Internet. Web Browsers usually let the end user set the host name and port number of the Socks Servers in a customizable panel. On some Operating Systems, the Socks Server is specified in a separate file (e.g. socks.conf file). As the Socks Server acts a layer underneath the protocols (HTTP, FTP, . . . ), it cannot cache data (as Proxy does), because it doesn't decode the protocol to know what kind of data it transfers.
Dispatcher System
When multiple Firewalls are used to gain access to systems outside the Intranet, a dedicated device called “Dispatcher System” is often used within the Intranet for dispatching the traffic to these multiple Firewalls. The main goal of the Dispatcher System is to balance the load across the multiple Firewalls. For instance when a very powerful Firewall and a smaller Firewall are available, more traffic should be dispatched on the very powerful Firewall than on the smaller one. Such Dispatcher Systems are either dedicated hardware devices, or software components installed on existing network device (such as an IP Router).
More explanations about the technical field presented in the above sections can be found in the following publications incorporated herewith by reference:                TCP/IP Tutorial and Technical Overview” by Martin W. Murhammer, Orcun Atakan, Stefan Bretz, Larry R. Pugh, Kazunari Suzuki, David H. Wood, International Technical Support Organization, October 1998, GG24-3376-05.        “Java Network Programming by Elliotte Rusty Harold, published by O'Reilly, February 1997.        Internet in a Nutshell” by Valerie Quercia, published by O'Reilly, October 1997.        Building Internet Firewalls” by Brent Chapman and Elizabeth Zwichky, published by O'Reilly, September 1995.Problem        
The problem to solve is to provide an optimized system and method for dispatching Socks traffic within a TCP/IP network. By nature, the Socks protocol is a form of encapsulation of Application Level traffic such as HTTP, FTP, Telnet. When Socks Servers are used within an Intranet to provide secure access to systems located outside the Intranet, IP routers and network devices within this Intranet only see and handle Socks traffic. As a consequence, all Application Level protocols encapsulated by Socks are treated alike within the TCP/IP network.
When multiple Socks Servers are used within the Intranet to access systems outside the Intranet, a dedicated device called “Dispatcher System” is often used for dispatching the traffic on these multiple Socks Servers. The purpose of such Dispatcher System is mainly to balance the load across the multiple Socks Servers. For instance when a very powerful Socks Server and a smaller Socks Servers are available, more traffic can be dispatched on the very powerful Socks Server than on the smaller one.
In a Socks environment, the problem is that Dispatcher System usually only sees and process Socks traffic and does not see the Application Level traffic which is encapsulated by Socks. As a consequence, all Application Level protocols such as HTTP, FTP, Telnet, are then treated alike by the Dispatcher System. There is no differentiation between the Application Level connections. For instance, an interactive Telnet traffic is processed with the same priority than a batch FTP traffic. The Telnet traffic should be dispatched on a very powerful Socks Server while the FTP traffic should be dispatched on a smaller Socks Server.
The current solutions address this problem partially:                The dispatching of Socks traffic can be done based on the IP address of the origin computer system or/and based on the IP address of the destination computer system. The main drawbacks of this solution are:                    For a given origin or destination system, Socks traffic is always processed the same way. IP Routers and Dispatcher Systems only see always the same Socks traffic without differentiating the Application Level protocols. For instance, an interactive Telnet connection and a batch FTP connection from the same origin will be handled with the same priority. Thus, the high priority interactive Telnet connection may be slowed down by the low priority batch connection.            All Socks Servers handle indifferently all Application Level protocols since a Socks Server cannot be selected by the Dispatcher System according to the Application Level protocol criteria. For instance, it is not possible to have a high capacity Socks Server handling all Application Level protocols and another Socks Server with lower capacity only handling FTP traffic because the Dispatcher System has not the knowledge of the Application Level protocol (HTTP, FTP, . . . ) encapsulated in the Socks traffic.                        The dispatching of Socks traffic can be done according to the Type Of Service (TOS) field comprised in the IP Datagram Header. The main drawbacks of this solution are:                    The TOS field must be set in the Datagrams that the Dispatcher System receives:                            either by the origin workstation system (the system which creates the IP Datagram with the TOS field),                or by some network devices within the Intranet (for instance an IP Router which has the possibility of altering the TOS field of the IP Datagram it routes).                                                In an Intranet where the TOS field cannot be set nor used, the dispatching of Socks traffic cannot be based on the value of the TOS field.        The TOS field of IP Datagrams set by some workstations or devices within the Intranet may be used for other purposes and may not reflect the actual priority and Application Level protocol of the IP Datagrams.        
3. Objects of the Invention
An object of the present invention is to dispatch Socks traffic among a plurality of Socks Servers according to some Application Level protocol and priority criteria.
It is a further object of the present invention to optimize the performance of WEB access via Socks Servers, by integrating Application Level protocol and priority factors to the Socks Server selection.
It is another object of the present invention to minimize the interruption of WEB access via Socks Servers and to insure a better WEB access availability, by dropping low priority traffic in case of congestion.