The present invention relates to a method to be used in a telecommunication network for policing data traffic to a data traffic policer realizing such a method and to a telecommunication network including such a data traffic policer.
Such a method for policing data traffic, such a data traffic policer and such a telecommunication network are already known in the art, e.g. from the article xe2x80x9cThe Spacer-controller: an efficient UPC/NPC for ATM networksxe2x80x9d, by P. E. Boyer et al., ISS 1992, October 1992, Vol. 2, paper A9.3, pp. 316-320. Referring to the introductory part it is described that asynchronous transfer mode ATM cells are inserted by a user on the network access multiplex, called hereafter a common data communication link, according to any arbitrary timing. Therefore, the allocation of network resources to a connection can only be based upon traffic parameters declared by the user. Call admission implies the negotiation of a Traffic Contract that describes as well as can be the traffic that will be offered at the network entry point. A policing function is used by the network in order to ascertain that the negotiated values are actually met during the connection. On the other hand, the network is bounded to meet the Quality Of Service requested in the Traffic contract by properly allocating resources to the connection. The mentioned article further addresses the integration of a policer and a shaper into the same hardware device.
It is well know to a person skilled in the art that an essential step to be executed by such a known policer is, upon reception of a data packet, determining the lower order identifier that is associated to the data packet, whereby that lower order identifier identifies a lower order data flow e.g. in an ATM network determining the predefined virtual channel identifier that is associated to the ATM cell whereby this virtual channel identifier identifies the ATM virtual connection. Indeed, within a predefined higher order data flow being identified by a higher order identifier e.g. within a predefined virtual path being identified by a predefined virtual path identifier, it is an essential step to identify the traffic contract associated to this particular received data packet. This step is executed by the policer by means of a first determining means. Furthermore the policer checks the conformance of the data packet according to predefined lower order conformance rules i.e. a traffic contract associated to the lower order identifier. This function is executed by a first control means whereto the lower order identifier is forwarded by the first determining means. The first control means provides hereby a lower order conformance result that is lower order conforming or lower order non-conforming.
A problem outstanding with this kind of policers is that the known policing units, e.g. such as described above in an ATM network, perform policing at Virtual Channel level i.e. at lower order identifier level or at Virtual Path level i.e. at higher order identifier level. This means that policing is performed only at a single identifier level. The resources that are reserved for some predetermined lower order data flow with a lower order identifier, but which are not actually used are wasted. This is not desirable, especially for quality of services QOS such as Variable Bit Rate VBR and guaranteed Frame Rate GFR, the available bandwidth could be useful to other active lower order data flows of this higher order data flow.
This will become more clear with the following example of two Local Area Networks LAN""s from different companies A and B, using different Guaranteed Virtual Channels VCA1, VCA2 and VCB1, VCB2, respectively, which are multiplexed in order to share one single ATM link. Presume that VCA1 is used to transport mission critical traffic from company A, VCA2 is used to transport best-effort traffic from company A, VCB1 and VCB2 are used to transport best effort-traffic from company B with two different priorities. Different ways of sharing the available bandwidth of the common link are possible. Under the assumption that a VC is active or inactive and that an active VC is always greedy and in the event when the VCA1 is inactive, the bandwidth that is unused by this VCA1 is distributed among VCA2, VCB1 and VCB2. However, such a distribution of the available bandwidth is not appropriate from a user""s point of view e.g. company A, especially as in many networks the charging is done on the basis of the amount of reserved bandwidth.
An object of the present invention is to provide a data traffic policer such as the above know policers but with an improved and fair use of the available bandwidth.
This object is achieved by the method for policing data traffic as described in claim 1, by the data traffic policer that is realizing such a method that is described in claim 6, and by the telecommunication network that includes such a policer that is described in claim 7.
Indeed, the invention is based on the insight that left-over available bandwidth of a predefined higher order data flow can be shared among all the active lower order data flows being part of this higher order data flow e.g. left-over bandwidth of a virtual path can be shared to all the active virtual channels included inside this virtual path.
The higher order identifier associated to the data packet is also determined by a second determining means of the policer. This higher order identifier is forwarded to a second control means that checks a conformance of the data packet according to predefined higher order conformance rules. The control means provides thereby a higher order conformance result that equals higher order conforming or higher order non-conforming. Furthermore the policer includes declaring means that is coupled between the first control means, the second control means and an output of the policer. The declaring means declares, in the event when the lower order conformance result provided by the first control means is lower order non-conforming, but the higher order conformance result provided by the second control means is higher order conforming, the data packet as conforming. This means that the data packet is allowed to use some leftover resources within this higher order data flow. The leftover resources includes e.g. left-over bandwidth from another lower order data flow within the same higher order data flow and buffer space previously assigned to another lower order data flow within the same higher order data flow.
According to the above mentioned example, company A would clearly prefer that the bandwidth that is not used by VCA1 would automatically be allocated to VCA2 instead of being allocated to VCA2, VCB1 and VCB2. This is realized by also defining a traffic contract with predefined higher order conformance rules for a higher order data flow that includes the lower order data flows VCA1 and VCA2 but not the lower order data flows VCB1 and VCB2. In the event when a data packet of the VCA2 connection arrives and that this data packet has a lower order non-conforming conformance result but a higher order conforming conformance result, the VCA2 data packet is declared as conforming. In this way, the VCA2 connection borrows some leftover bandwidth from the VCA1 connection.
It has to be remarked that according to the above described example in an ATM network, such a higher order data flow is not necessarily a global virtual path that includes the virtual channels VCA1 and VCA2. It should be clear that a higher order data flow might as well be a predefined set of virtual channels whereby bandwidth guarantees are associated to this set of virtual channels so that when one virtual channel is inactive the other virtual channels of the predefined set of virtual channels can benefit from the unused bandwidth. In a similar way and according to the wording of the claims, a higher order data flow can be implemented by a predefined plurality of lower order data flows or by a predefined aggregate of lower order data flows according to the basic principles of the present telecommunication network. In practice it is in fact expected that the invention will be more applied to a logical group of lower order data flows instead of a complete predefined aggregate such as e.g. a virtual path according to the basic principles of ATM networks.
It has to be remarked that although for e.g. guaranteed frame rate GFR service category a virtual path policing is not defined yet, existing variable bit rate VBR traffic policers are presently implemented at the level of a virtual channel identifier VC but also at the level of a virtual path identifier. However, such an implementation for a virtual path is a stand-alone implementation whereby the results of an eventual virtual channel traffic contract are not taken into account and whereby no bandwidth can be borrowed from one included lower order data flow to another included lower order data flow.
It has to be explained that declaring a data packet as being conforming means that according to the strategy of the present operator the data packet is discarded or is marked as non-conforming i.e. tagging a data packet.
Furthermore, it has to be understood that although the declaring means declares the data packet as conforming in the event when the lower order conformance result is lower order non-conforming and the higher order conformance result is higher order conforming, it is not excluded that the policer of the present invention might declare a data packet as conforming in other situations. Indeed, for example, in the event when already the lower order conformance result equals conforming the data packet might be declared immediately as conforming and no bandwidth has to be borrowed by a another lower order data flow that is part of its higher order data flow.
A further feature of the present invention is that the step of checking a conformance of the data packet according to the predefined higher order conformance rules is only executed in the event when the lower order conformance result is lower order non-conforming. This is described in claim 2. Indeed, in order not to overload the actual working of the present policer it might be convenient to implement the policer such that first the checking of the lower order conformance is executed and secondly, only in the event when the lower order checking is non-conforming, the higher order conformance will be checked. However, in the event when the higher order conformance checking implies a modification of some variables upon reception of each data packet, it has to be remarked that although, in the event that a data packet is conforming according to the lower order checking, the policer still needs to increment these variables.
A further characteristic feature is that the step of checking a conformance according to predefined lower order conformance rules includes one or more lower order sub-steps and that the step of checking a conformance according to predefined higher order conformance rules includes one or more higher order sub-steps and that the lower order sub-steps and the higher order sub-steps are executed according to a mixed sequence. The different sub-steps are in fact integrated with each other. This is described in claim 3. Indeed, it should be explained that in order to check a conformance of a data packet, different options are possible to test the data packet according to cell based conformance rules or even more to test the data packet according to frame based conformance rules. For instance e.g. a Guaranteed Frame Rate GFR conformance definition is taking into account packet related features such as the Cell Loss Priority bit, the Peak cell Rate and the Cell Delay Variation Tolerance, and also frame related features such as the Maximum Frame Size. Furthermore, more than one conformance test is executed in order to complete a lower order conformance check or a higher order conformance check according to the present invention, whereby a predefined structure is brought into the sequence of the different conformance tests. In order to avoid complexity the different steps of the higher order conformance check and different steps of the lower order conformance check are executed in a mixed order. It should also be clear that a lower order conformance check includes similar tests as a higher order conformance check. These similar tests should not be repeated for a second time in the event when both conformance checks are to be executed. It should also be clear that it might be convenient to control first e.g. a few higher order conformance tests and later on some lower order conformance tests in order to return thereafter again to control typical higher order conformance tests. For example, it is clear that in the event when for a GFR Guaranteed Frame Rate contract a predefined maximum frame size MFS for the higher order traffic contract and for the lower order traffic contract are equal, that once this test is executed the result of the test is valid as well for the lower order conformance check as for the higher order conformance check.
Furthermore, it should be explained that a telecommunication network that includes a data traffic policer according to the present invention supports different kinds of Quality Of Service Categories whereby the conformance is checked according to the conformance definitions of the supported service category. Such a supported service category is e.g. the unspecified Bit Rate service category or the Guaranteed Frame Rate Service Category.
Two possible implementations of a telecommunication network of the present inventions are described in claim 4 and 5. Claim 4 describes an asynchronous transfer mode network whereby the lower order identifier is a virtual channel identifier and claim 5 describes an internet network that is working with an hierarchy of identifiers.
Another example is Multi-Protocol Label Switching MPLS as described in e.g. in the book xe2x80x9cSwitching in Ip Networks IP Switching Tag Switching, and Related Technologiesxe2x80x9d written by Bruce Davie, Paul Doolan, Ytakov Rekhter and published by The Morgan Kaufmann Series in Networking, David Clark, Series Editor in May 1998 with ref. ISBN 1-55860-505-3.
Referring to the internet network and Multi Protocol Label Switching MPLS, a possible implementation of the present invention is that the internet network is using a principle whereby the lower order identifier is a lower order label.
With the example of this multi-protocol label switching implementation and also the example described in a following paragraph the next remark becomes clear. Indeed, it is remarked that the present invention is not restricted to the use of only one lower order conformance check and only one higher order conformance check. Indeed, a higher order data flow can on its turn be part of a third order data flow whereby it is possible to borrow bandwidth from one higher order data flow to another higher order data flow as long that they both are part of the same third order data flow wherefore the result of the conformance check is conforming. Multi-protocol label switching is working with labels that are short, fixed length, physically contiguous and locally significant identifiers that are each identifying a data stream. The essential point about labels is that all the data packets with the same label will receive a same forwarding treatment i.e. forwarded on the same port, with the same next hop label, if any, and using the same encapsulation. The granularity of elements associated with labels can vary widely. On one hand a label can represent Internet Traffic flows, explicit routes or host routes. On the other hand, it could represent an egress identifier or an egress router in case of IP unicast or it could represent a multicast tree in case of IP multicast. Another example of the granularity of a conformance check is again in an ATM network with at the lowest order a virtual channel conformance traffic contract, hereafter within a virtual path, a logical group of virtual channels conformance traffic contract and at a third order a virtual path conformance traffic contract. In this way it is clear that the present invention can be applied for a predefined granularity of identifiers of different orders.
Another possible implementation in an internet network with a granularity of identifiers is realized according to the following hierarchy:
a higher order data flow being identified by a source address and a destination address, that includes
one or more first lower order data flows being identified by source address, destination address and transport protocol, that includes:
one or more second lower order data flows being identified by source address, destination address, transport protocol and source port, that includes:
one or more third lower order data flows being identified by source address, destination address, transport protocol, source port and destination port, that includes
one ore more fourth order data flows being identified by source address, destination address, transport protocol, source port, destination port and file type such as an html file or a video file.
It should be noticed that the term xe2x80x9cincludingxe2x80x9d, used in the claims, should not be interpreted as being limitative to the means listed thereafter. Thus the scope of the expression xe2x80x9ca device including means A and Bxe2x80x9d should not be limited to devices consisting only of components A and B. It means that with respect to the present invention, the only relevant components of the device are A and B.
Similarly, it is to be noted that the term xe2x80x9ccoupledxe2x80x9d, also used in the claims, should not be interpreted as being limitative to direct connections only. Thus, the scope of the expression xe2x80x9ca device A coupled to a device Bxe2x80x9d should not be limited to devices or systems wherein an output of device A is directly connected to an input of device B. It means that there exists a path between an output of A and in input of B which may be a path including other devices or means.