||||||||||||||||||||||l|||l|||||||||||lll||||||
`
`
`
`|||||||||||||||||||||l|ll||||||||||||l|||
`
`US 20060233101A1
`
`(19) United States
`(12; Patent Application Publication (10) Pub. No.: US 2006/0233101 A1
`
`Loft er al. Oct. 19, 2006 (43) Pub. Date:
`
`
`(54) NETWORK ELEMENT ARCHI'I‘EC'I‘URE
`FOR DEEP PACKET INSPECTION
`
`{52) U.S. CI.
`
`............................................ 370.3229; 370400
`
`(76)
`
`Inventors: Siegfried Johannes Lufl, Vancouver
`(FA): Ping (Ihiang. Vancouver (CA)
`
`Correspondence Address:
`BLAKELY SOKOLOFF TAYLOR & ZAFMA-N'
`12400 WILSI—lIRE BOULEVARD
`SEVENTH FLOOR
`
`LOS ANGELES, (IA 90025-1030 (US)
`
`(21} Appl. No.2
`
`l1f106,172
`
`(22)
`
`Filed:
`
`Apr. 135 2005
`
`Publication Classification
`
`(51)
`
`Int. Cl.
`11041‘
`1104!.
`
`12/26
`12/56
`
`(2006.01 )
`(2006.01)
`
`ABSTRACT
`(57)
`A method and apparatus for an application aware traffic
`shaping service node architecture is described. One embodi-
`ment 0 l‘ the invention. the service node architecture includes
`
`a set ol‘one or more line cards. a set ol‘one or more processor
`cards and a Full mesh communication inl‘rastmcture coupling
`the sets of line and processor cards. Each link coupling the
`sets of line and processor cards is of equal capacity. A line
`card includes a physical interface and a set of one or policy
`network processors. with the network processsors performing
`deep packet
`inspection on incoming trallic and shaping
`outgoing traflic. Processors cards include a set 01 one or
`more policy generating processors. According to another
`embodiment of the invention. the service node generates a
`set of statistics based on the incoming traflic and continually
`updates. in real-time. traflic shaping policies based on the set
`of statistics.
`
`300
`
`Service
`
`.
`Subscriber
`Policy
`Manageds)
`m
`
`Application
`Aware Traffic
`
`Shaping Service
`Node
`E
`
`Access
`
`Network(s)
`105;
`
`Provider
`104A
`
`Smite
`row er
`L43.
`
`Service
`Provider
`
`104N
`
`.
`Subscriber
`108A
`
`Subscriber
`1083
`
`Subscriber
`
`M
`
`Microsoft
`
`Ex. 1024 - Page 1
`
`Microsoft
`Ex. 1024 - Page 1
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 1 0f17
`
`US 2006/0233101 A1
`
`19E
`
`
`
`
`
`Subscriber
`
`Policy
`Manager(s)
`
`110
`
`Subscriber
`1 08A
`
`Subscriber
`1 083
`
`
`
`
`Core
`
`Access
`
`Network(s)
`Network '
`102106
`
`
`
`Subscriber
`
`108M
`
`Figure 1
`(PRIOR ART)
`
`Microsoft
`
`Ex. 1024 - Page 2
`
`Microsoft
`Ex. 1024 - Page 2
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 2 0f17
`
`US 200610233101 A1
`
`Application Layer (Layer 7)
`fl
`
`Presentation Layer (Layer 6)
`&
`
`Session Layer (Layer_5)
`110
`
`&
`
`Transport Layer (Layer 4)
`&
`
`Network Layer (Layer 3)
`fl
`
`Data Link Layer (Layer 2)
`2.03
`
`Physcal Layer (Layer 1)
`
`Figure 2
`
`Microsoft
`
`Ex. 1024 - Page 3
`
`Microsoft
`Ex. 1024 - Page 3
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 3 0f 17
`
`US 2006/0233101 A1
`
`Subscriber
`
`Poii cy
`Manager(s)
`m
`
`Application
`Aware Traffic
`
`Shaping Service
`Node
`
`Service
`Provider
`104A
`
`Service
`Provider
`1 048
`
`Service
`Provider
`
`M
`
`3.92 Subscriber
`
`Subscriber
`108A
`
`1088
`
`Subscriber
`1 08M
`
`Microsoft
`
`Ex. 1024 - Page 4
`
`Microsoft
`Ex. 1024 - Page 4
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 4 MI?
`
`US 2006/0233101 A1
`
`\..
`
`0 1
`
`5:K
`I}m'D
`
`
`
`EdgeRouter
`
`
`
`9
`3
`.9
`LL
`
`3
`_°
`u.
`U
`
`E
`+-
`
`Q
`9
`:1
`.9:
`Ll.
`
`3
`2
`LL
`U
`
`*E
`i—
`
`Microsoft
`
`Ex. 1024 - Page 5
`
`LU 5
`
`on
`
`U0Z .
`
`3z
`3
`
`a
`
`0'0
`
`O E
`
`£3
`
`a
`‘éa!
`
`E 8
`
`Microsoft
`Ex. 1024 - Page 5
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 5 MI?
`
`US 2006/0233101 A1
`
`E'é
`e
`3
`.23
`LL
`
`32
`
`t
`E
`r—
`
`%
`2
`:I
`9
`LL
`
`3
`%
`E
`E
`
`2;;
`i a
`g a:
`2
`
`
`
`a
`
`-
`
`E -——.-
`
`31—.
`
`a—.
`
`E
`E g
`
`
`
`E
`a?
`
`Microsoft
`
`Ex. 1024 - Page 6
`
`Microsoft
`Ex. 1024 - Page 6
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 6 0f17
`
`US 200610233101 A1
`
`Microsoft
`
`Ex. 1024 - Page 7
`
`8
`a:
`‘5
`mu.
`
`3
`.9
`LL
`
`§9
`
`'—
`
`a
`
`a
`
`fifi
`8-3
`(g
`
` a
`
`Microsoft
`Ex. 1024 - Page 7
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 7 MI?
`
`US 200610233101 A1
`
`
`
`EdgeRoma!" 52$
`
`
`
`
`g
`.a
`
`[I
`
`Microsoft
`
`Ex. 1024 - Page 8
`
`
`
`
`e
`2%
`
`j
`
`e
`2%
`
`j
`
`1.2
`35
`
`‘r
`
`
`
`3
`
`E
`
`§§
`
`E
`
`g g
`Eié
`
`
`
`'E g
`:3 E
`
`E i
`
`
`a._.I
`
`
`
`
`
`E 8
`
`Microsoft
`Ex. 1024 - Page 8
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 8 MI?
`
`US 2006/0233101 A1
`
`Receive Data
`Packets
`
`m
`
`700
`
`
`
`Packet Available
`
`
`
`for Processing ?
`10.4;
`
`
`
`Yes
`
`Deep Packet Inspection
`and Classification
`
`
`
`@
`
`Update Statistics
`@
`
`Update Traffic Policy
`in Real-Time
`
`m
`
`Figure 7
`
`Transmit Data
`
`Packet
`
`m
`
`Microsoft
`
`Ex. 1024 - Page 9
`
`Microsoft
`Ex. 1024 - Page 9
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 9 of 17
`
`US 200610233101 A1
`
`' acket Associate .
`
`w! Subscriber?
`
`Identify the
`Subscriber
`
`BE
`
`Identify the
`Application
`fl
`
`fl
`
`Packet Associated
`
`w! Control Protocol?
`
`Identify the
`Control Protocol
`
`m
`
`identify the Instance
`of Application
`3_L2.
`
`Classify the Packet
`
`Figure 8
`
`Microsoft
`
`Ex. 1024 - Page 10
`
`Microsoft
`Ex. 1024 - Page 10
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 10 of 17
`
`US 200610233101 A1
`
`Update Global Long-
`' Term Subscriber
`Statistics
`
`&
`
`Update Application
`Specific Long—Te rm
`Subscriber Statistics
`
`%
`
`ELL)
`
`Determine Siiding
`Window for Short-
`Term Statistics
`
`fl
`
`Update Overall
`Subscriber Short-
`Term Data Rate
`
`%
`
`Update Application
`
`Specific Subscriber
`Short-Tenn Data
`Rates
`
`Figure 9
`
`Microsoft
`
`Ex. 1024 - Page 11
`
`Microsoft
`Ex. 1024 - Page 11
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 11 of 17
`
`US 200610233101 A1
`
`Retrieve
`
`Subscriber Policy
`1002
`
`Retrieve
`
`Statistics
`1 004
`
`Retrieve Current
`
`Network Condilio n
`
`1006
`
`1012
`
`Retrieve the Number of
`
`Instances of Application
`Associated with the Data
`Packet
`
`fl
`
`Retrieve Current
`Short-Tenn Subscriber
`Data Rate
`
`1010
`
`Update the Subscriber Traffic
`Policy in Real—Time
`
`Figure 10
`
`Microsoft
`
`Ex. 1024 - Page 12
`
`Microsoft
`Ex. 1024 - Page 12
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 12 of 17
`
`US 200610233101 A1
`
`
` Packet
`Classifyi ng
`Module
`
`fl
`
`
`
`Core
`Network
`
`Control Module
`1112
`
`
`Dala
`Core Network
`Statistics Module
`
`
`Packets Communications
`-1—1-0+6
`"
`’
`Module(s)
`1102
`
`
`
`Access Network
`Communications
`Module(s)
`11 13
`
`.
`I
`Access
`Network
`Data
`Packets
`
`Policy Module
`1108
`
`Traffic
`
`. Forwarding and
`Shaping
`Moduie(s)
`m
`
`
`
`Alarm Module
`1116
`
`Figure 11
`
`Microsoft
`
`Ex. 1024 - Page 13
`
`Microsoft
`Ex. 1024 - Page 13
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 13 of 17
`
`US 2006/0233101 A1
`
`‘,I/
`
`\ ,z’ .. 3’73 ._
`Nicki/11113 !
`R554!“ 7 -
`)ea
`
`
`
`12
`lg
`
`“X /
`
`L
`
`._
`
`_
`
`‘
`
`:r
`
`‘I-‘J
`
`4
`I
`
`:
`
`I
`
`1.2.0.2
`
`12
`
`X *
`4. K¥A? -g.’
`_r'
`.
`" ‘ “A9“? '
`_
`,-
`4’
`_
`3
`‘-
`.
`
`/ K “3 aflaflga
`_
`.
`/
`
`\ "
`_
`. a ' 5, Ag. '
`...L¢¢‘a‘§9..‘lfiyg';¢a¢’
`|
`NEE-E11533;
`,
`‘
`J
`l/
`l
`I
`|
`
`—
`121 '
`
`3
`l
`
`_
`
`_
`
`12;.
`
`Figure 12
`
`Microsoft
`
`EX. 1024 - Page 14
`
`Microsoft
`Ex. 1024 - Page 14
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 14 of 17
`
`US 2006/0233101 A1
`
`1300
`
`
`
`
`High Bandwidth
`of Statitics
`
`fl
`
`Continuous
`Feedback
`
`fl
`
`Backplane
`1314
`
`
`
`Egress Port
`1316
`
`High Packet Throughput
`
`Figure 13
`
`Microsoft
`
`Ex. 1024 - Page 15
`
`Microsoft
`Ex. 1024 - Page 15
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 15 of 17
`
`US 2006/0233101 A1
`
`14 2
`
`1404
`
`_1406
`
`
`
`Comm
`
`Comm
`
`
`
`
`
`Comm
`
`_helf1115; _426 _4_36Processor _helfProcessor _helfProcessor
`
`
`
`
`Ii:—"._';'—1]~
`LineCard(Jo-mm
`
`
`
`
`_ineCard Comm—_4__54
`
`
`
`1442
`
`
`
`Statistics
`Queue
`1450
`
`
`
`Host CPU
`1456
`
`Network
`Processor
`1 458
`
`Statistics
`Queue
`
`
`
`Physical
`Interface
`1460
`
`
`111.38.
`
`L
`
`Figure 14
`
`Microsoft
`
`Ex. 1024 - Page 16
`
`Microsoft
`Ex. 1024 - Page 16
`
`

`

`Patent Application Publication Oct. 19, 2006 Sheet 16 of 17
`
`US 200610233101 A1
`
`Data
`
`CSIXOverLVDS
`
`Figure15
`
`
`353'4-2NetworkProcessor
`
`
`(01'-
`IO
`1—
`
`1—
`ID‘-
`
`Microsoft
`
`Ex. 1024 - Page 17
`
`Microsoft
`Ex. 1024 - Page 17
`
`

`

`Patent Application Publication Oct 19, 2006 Sheet 1'? of 17
`
`w0m
`
`M
`
`\ m o
`
`.. Q
`
`Baa“.
`
`momtuE.
`
`a:
`
`RI
`5359
`
`h.—oEmELomwmoeaamusemE
`NwmwOZ...6:0oww_.
`
`
`
`
`
`
`tom25mflan.ton.
`
`
`52.5>EoEmEE..Fs..301.)4.5:«some
`
`%!
`
`a
`
`
`
`
`
`395:.325.3073
`
`
`
`:on.“comatom
`
`boEmE
`
`tom
`
`.vN._.o80
`
`m|Eln8282mm:9:9”.//
`
`S:9so“.$592U.COEm»Lomwmuea
`
`hammock“.huOEfi
`
`Microsoft
`
`Ex. 1024 - Page 18
`
`Microsoft
`Ex. 1024 - Page 18
`
`
`

`

`US 2006;023:3101 Al
`
`Oct. 19, 2006
`
`NETWORK ELEMENT ARCHITECTURE FOR
`DEEP PACKET INSPECTION
`
`(TROSS-Rlil“l-iRI.ENCI.i TO REI .A'lilil)
`APP]..I(.‘A'I‘IONS
`
`[0001] This patent application is related to the co-pending
`U.S. patent
`application,
`entitled AN APPLICATION
`AWARE TRAFFIC SHAPING SERVICE NODE POSI-
`TIONED BE’I‘WEEN TI-IE ACCESS AND CORE NET-
`WORKS. Set". No.
`
`BACKGROUND
`
`[0002]
`
`1. Field
`
`[0003] Embodiments of the invention relate to the field of
`computer networking; and more specifically. to shaping data
`tralfic in a computer network.
`
`[0004]
`
`2. Background
`
`[0005] A modern metro area network 100 is composed of
`two types of networks: a core network 102 and one of more
`access networks 106. The core network 102 communicates
`
`data trailic from one or more service providers 104A-104N
`in order to provide services to one or more subscribers
`108A—108M. Services supported by the core network 102
`include. but are riot limited to. (I) a branded service. such as
`a Voice over Internet Protocol
`(V'oIP),
`from a branded
`service provider". (2) a licensed service. such as Video on
`Demand (VoD), through a licensed service provider and (3]
`traditional Internet access through an Internet Service Pro-
`vider (ISP).
`
`[0006] The core network supports a variety of protocols
`(Synchronous Optical Networking (SONli'l‘). Internet Pro-
`tocol (1P). Packet over SONET (POS). Dense Wave Division
`Multiplexing (DWDM). OSPF. BGP. ISIS. etc.) using vari-
`ous types of equipment (core routers. SONET add-drop
`multiplexers (ADM). DWDM equipment. etc). Further-
`more, the core network conmtunicates data traflic froru the
`service providers 104A-104N to access network(s) 106
`across link(s) 112.
`I..ink(s} 112 may be a single optical.
`copper or wireless link or may comprise several such
`optical. copper or wireless Iink(s).
`
`the access network(s} .106
`[0007] On the other hand.
`complements the core network 102 by aggregating the data
`tralfic from the subscribers 108A~108M. Access network(s)
`106 may support data traffic to and from a variety of types
`of subscribers 108A-108M,
`(eg.
`residential; corporate.
`mobile, wireless. etc.). Although the access network(s) 106
`may not comprise of each of the types of subscriber (resi-
`dential. corporate. tnobile. etc). access(s) network 106 will
`comprise at
`least one subscriber. Typically, access net-
`work(s) 106 supports thousands of subscribers 108A~108M.
`Access network(s) 106 aggregates data traiiic from the
`subscribers over liuk(s) 112 connecting to the core network
`102. Access networks support a variety of protocols (1P.
`Asynchronous Transfer Mode (ATM), Frame Relay, Either-
`net. Digital Subscriber Line (DSIJ. Dynamic Host Configu-
`ration Protocol
`(DI-ICP). Point-to-Point Protocol
`(PPP).
`Point—to-Point Protocol over Ethemet (PPPOE). etc.) using
`various types of equipment (Edge router. Broadband Remote
`Access Servers (BRAS), Digital Subscriber Line Access
`Multiplexers (I)S[.AM). Switches. etc]. The access net-
`work(s} 106 ttses subscriber policy manager(s) 110 to set
`
`policies for individual ones andfor groups of subscribers.
`Policies stored in a subscriber policy manager(s) 110 allow
`subscribers access to difl‘erent ones of the service providers
`l04A-N. Examples of subscriber policies are bandwidth
`limitations.
`trallic [low characteristics, amount of data.
`allowable services. etc.
`
`[0008] Before discussing subscriber policies and the effect
`on services, it is worth noting that data traffic is transmitted
`in data packets. A data packet (also known as a “packet”) is
`a block of user data with necessary address and administra-
`tion information attached, usually in a packet header andfor
`footer that allows the data network to deliver the data packet
`to the correct destination. Examples of data packets include,
`but are not
`limited to. IP packets. ATM cells. Ethernet
`frames. SONE'I' frames and Frame Relay packets. Data
`packets are transmitted in a [low at a transmission rate. The
`transmission rate is determined by the packet size and the
`transmission gap (or “inter—packet gap") between each
`packet. In addition. the transmission rate of data packets is
`dependent on the capacity of the network connection and
`processor capability of the transmitting device.
`
`[0009] FIG. 2 represents the Open Systems Interconnect
`(081) model ol'a layered protocol stack for transmitting data
`packets 200. Each layer installs its own header in the data
`packet being transmitted to control the packet through the
`network. The physical layer (layer 1] 202 is used for the
`physical signaling. The next layer, data link layer (layer 2)
`204. enables transferring of data between network entities.
`The network layer (layer 3} 206 contains information for
`transferring variable length data packet between one or more
`networks. For example. IP addresses are contained in the
`network layer 206, which allows network devices to route
`the data packet. Layer 4. the transport layer 208. provides
`transparent data transfer between end users. The session
`layer (layer 5) 210. provides the ruechanistu for managing
`the dialogue between end-user applications. The presenta-
`tion layer (layer 6) 212 provides independence from differ—
`ence in data representation (e.g. encryption. data encoding.
`etc.). The final layer is the application layer (layer 7) 212.
`The layer contains the actual data used by the application
`sending or receiving the packet. While most protocol stacks
`do not exactly follow the OSI mode].
`it is commonly used
`to describe networks.
`
`[00.10] Returnng to FIG. 1. bandwidth sensitive services.
`such as VOIP or Vol). require a dedicated bandwidth over
`link(s) 112 to properly operate. However, because each
`access network 106 cart support thousands of subscribers.
`Iink(s} 112 can get overloaded and not provide enough
`bandwidth for these bandwidth sensitive services. Subse-
`
`quently, the quality of these services degrades or becomes
`interrupted altogether. One solution to this problem is to
`enforce a Quality of Service ((208) from the core 102 auditor
`access 106 networks. QoS allocates different bandwidth
`rates to difl'erent types of data traffic. For example. QoS can
`be set up to allocate a bandwidth of 20 Mbps for VoIP
`service over link(s) 112. In addition. QoS shapes the data
`t'ralfrc by re-transtnitting the data trafiic in a constant rate.
`However. for QoS to work properly. both the core and access
`networks must be set up to support the desired QoS policy.
`
`[0011] Devices that solely perform 008 can be catego—
`riaed. but not
`limited to. either traflic shapers or
`[low
`switches. A tralIic shaper is a device that classifies a packet
`
`Microsoft
`
`Ex. 1024 - Page 19
`
`Microsoft
`Ex. 1024 - Page 19
`
`

`

`US 2006023 101 Al
`
`Oct. 19, 2006
`
`by deep packet inspection and transmits the packet based on
`pre-detennined subscriber policies. Turning to FIG. 2. deep
`packet inspection examines the data contained in layers up
`to and including application layer 214 of each data packet
`200 to determine what quality or service should be used for
`the packet. For example and by way of illustration. deep
`packet inspection matches the structure of the application
`layer data with potentially hundreds of known application
`data types. This allows a traflic shaper to finely tune the
`quality of service enforced. For example. a traffic shaper
`may identify control packets for an adaptable video con fer-
`encing protocol to configure the network for an optimal
`video conferencing rate.
`
`[0012] Although existing traflic shapers are subscriber
`aware,
`these traflic shapers only enforce pre-determined
`subscriber policies. That is subscribers policies are set by the
`operator of the traffic sltaper and do not change until the
`operator modifies the subscriber policies. This does not
`allow subscriber policies to change in real—tiine based on
`existing network conditions. Furthermore, existing traiiic
`shapers cannot handle the high volume of data trailic that
`cross the core 102 and access 116 networks.
`
`flow switches are network
`[0013] On the other hand.
`devices that
`transmit data packets in connected flows,
`instead ofdiscrctc packets. Flow switches operate on groups
`of similar packets to provide QoS for an application. How-
`ever.
`flow switches have limited data traffic processing
`capability. are not subscriber aware. perform limited or no
`deep packet inspection. and cannot update subscriber poli-
`cies in realwtime.
`
`BRIEF SUMMARY
`
`[0014] A method and apparatus for an application aware
`traffic shaping service node architecture is described. One
`embodiment of the invention, the service node architecture
`includes a set of one or more line cards, a set of one or more
`processor cards and a hill mesh communication infrastruc~
`ttrre coupling the sets of line and processor cards. Iiach link
`coupling the sets of line and processor cards is of equal
`capacity. A line card includes a physical interface and a set
`of one or policy network processors. with the network
`processors perfomiing deep packet inspection on incoming
`traffic and shaping outgoing trafiic. Processors cards incltide
`a set of one or more policy generating processors. According
`to another embodiment of the invention. the service node
`generates a set of statistics based on the incoming traffic and
`continually updates,
`in realstime,
`traflic shaping policies
`based on the set of statistics.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0015] Embodiments of the invention may be best under-
`stood by referring to the following description and accom—
`panying drawings which illustrate such embodiments. The
`numbering scheme for the Figures included herein are such
`that the leading number for a given element in a Figure is
`associated with the number of the Figure. For example. core
`network 102 can be located in FIG. 1. However, element
`numbers are the same for those elements that are the same
`across different Figures. In the drawings:
`
`[0016] FIG. 1 (Prior Art) is illustrates one embodiment of
`a metro area network configuration.
`
`[0017] FIG. 2 (Prior Art) is a block diagram illustrating
`layers of the OSI protocol stack.
`
`[0018] FIG. 3 illustrates an exemplary network contigu-
`ration using a traffic shaping service node shaper in a metro
`area network according to one embodiment of the invention.
`
`[0019] FIG. 4A is a block diagram illustrating one
`embodiment of ttnshaped network data traffic flow originat-
`ing front the core network according to one embodiment of
`the invention.
`
`a block diagram illustrating one
`is
`[0020] FIG. 41}
`embodiment ofnetwork data traflic flow shaped by the traffic
`shaping service node according to one embodiment of the
`invention.
`
`[0021] FIG. 5A is a block diagram illustrating one
`embodiment of unshaped network data traffic flow originat-
`ing from subscribers.
`
`a block diagram illustrating one
`[0022] FIG. SB is
`embodiment of unshaped network data traflic flow from
`subscribers aggregated by the access multiplexer and edge
`router according to one embodiment of the invention.
`
`[0023] FIG. 5C is a block diagram illustrating one
`embodiment of network data traliic [low from subscribers
`shaped by the traffic shaping service node.
`
`[0024] FIG. 6 is an exemplary block diagram illustrating
`packet flow in the traffic shaping service node according to
`one embodiment of the invention.
`
`[0025] FIG. 7 is an exemplary flow diagram for shaping
`data tralIic according to one embodiment of the invention.
`
`[0026] FIG. 8 is an exemplary flow diagram for deep
`packet
`inspection and classification according to one
`embodiment of the invention.
`
`[0027] FIG. 9 is art exemplary flow diagram for updating
`statistics according to one embodiment of the invention.
`
`[0028] FIG. 10 is an exemplary flow diagram for updating
`traffic policy in real-time according to one embodiment of
`the invention.
`
`[0029] FIG. 11 is a block diagram illustrating of a traffic
`shaping service node according to one embodiment of the
`invention.
`
`[0030] FIG. 12 is a block diagram illustrating a mesh
`backplane used in the traflic shaping service node according
`to one embodiment of the invention.
`
`[0031] FIG. 13 is a block diagram illustrating communi-
`cation between a line and multiple C PUs according to one
`embodiment of the invention.
`
`[0032] FIG. 14 is a block diagram illustrating connections
`between line cards and processor card according to one
`embodiment of the invention.
`
`[0033] FIG. 15 is a block diagram illustrating architecture
`of a line card according to one embodiment of the invention.
`
`[0034] FIG. 16 is a block diagram illustrating architecture
`of a processor card according to one embodiment of the
`invention.
`
`Microsoft
`
`Ex. 1024 - Page 20
`
`Microsoft
`Ex. 1024 - Page 20
`
`

`

`US 2006;”0233 101 A1
`
`Oct. 19, 2006
`
`DETAIIEI) DESCRIPTION
`
`In the following description. numerous specific
`[0035]
`details such as application subscriber data traffic Iiow. trailic
`policy. data packet. processor card. line card. deep packet
`inspection and interrelationships of system components are
`set forth in order to provide a more thorough understanding
`of the invention.
`It will be appreciated. however. by one
`skilled in the art that the invention may be practiced without
`such specific details. In other instances. control stmctures.
`gate level circuits and full software instruction sequences
`have not been shown in detail in order not to obscure the
`
`in the art. with the
`invention. Those of ordinary skill
`included descriptions, will be able to implement appropriate
`functionality without tuidue experimentation.
`
`[0036] References in the specification to “one embodi-
`ment“. “an embodiment". “an example embodiment". etc._.
`indicate that
`the embodiment described may include a
`particular feature. structure. or characteristic, but every
`embodiment may not necessarily include the particular
`feature. structure. or characteristic. Moreover. such phrases
`are not necessarily referring to the satue embodiment. Fur-
`ther. when a particular feature. structure. or characteristic is
`described in connection with an embodiment. it is submitted
`that it is within the knowledge of one skilled in the art to
`effect such feature. structure. or characteristic in connection
`with other embodiments whether or not explicitly described.
`
`In the following description and claims. the term
`[003?]
`“coupled." along with its derivatives.
`is used. “Coupled“
`may mean that two or more elements are in direct physical
`or electrical contact. However. “coupled“ may also mean
`that two or more elements are not in direct contact with each
`
`other. but yet still co-operate or interact with each other.
`
`[0038] A method and apparatus for an application traiIic
`shaping service node positioned between the access and core
`networks is described. One embodiment of the invention
`
`enforces a per subscriber. per application traiiic policy for
`network traflic between subscribers and service providers.
`According to another embodiment of the invention enforce-
`ment of the per subscriber. per application traiiic policy
`comprises classifying the network traffic into application
`level subscriber flows. maintaining real-time statistics on the
`application level subscriber flows, updating, in real-time. the
`per subscriber. per application traffic policy based on the
`real~time statistics and shaping the application level sub—
`scriber flows as necessary to enforce the per subscriber. per
`application traffic policy. Yet another embodiment of the
`invention is a combined service node with integrated edge
`routing and traffic aggregator.
`
`[0039] Furthermore. embodiments of the tratIic shaping
`service node architecture are described. One architecture
`embodiment of the invention describes a high speed con~
`nection between a line card and a multiple CPU processor
`card. According to another architectural embodiment of the
`invention. a full mesh backplmie connects a plurality of line
`and multiple CPU processor cards. According to another
`embodiment of the invention.
`the line card comprise a
`network processor. host CPU. protocol queue. statistics
`queue and physical interface. According to another embodi-
`ment of the invention, the processor card comprises multiple
`CPUs connected via a very high capacity low latency
`(V'IICIJJ bus ooimecting the multiple (.‘PUs to the back-
`plane.
`
`[0040] Since each of the above embodiments is indepen-
`dent. ditt‘erent embodiments may implement difl'erent ones.
`diflerent combinations. or all of the above aspects of the
`invention. For cxzunple. certain embodiments of the inven-
`tion include a service node that enforces a per subscriber. per
`application trafiic policy for network traihc between sub~
`scribers and service providers where the service node
`employs an architecture with a full mesh backplane between
`the plurality of line and processor cards.
`
`[Exemplary embodiments of the invention will now
`[0041]
`be described with reference to FIGS. 3-16. In particular. the
`operations of the flow diagrams in FIGS. 6-10 will be
`described with reference to the exemplary embodiments of
`FIGS. 3-5 and 11-16. Ilowevcr. it should be understood that
`the operations of these flow diagrams can be performed by
`embodiments of the invention other than those discussed
`with reference to FIGS. 6-10. and dial the embodiments
`discussed with reference to FIGS. 6-10 can perform opera—
`tions difl'erent than those discussed with reference to these
`
`flow diagrams.
`
`Exemplary Traiiic Shaping Service Node
`
`[0042] FIG. 3 illustrates an exemplary network configu-
`ration using a traiiic shaping service node 302 in a metro
`area network according to one embodiment of the invention.
`In FIG. 3. traffic shaping service node 302 is communica-
`lively coupled between the core 102 and access 106 net-
`works. While one embodiment is described or which the
`traiiic shaping service node may shape trafiic traveling in
`either direction. alternative embodiments may shape in only
`one direction (cg, the service provider data traliic coming
`from the core network 102. 'I‘raflic shaping, a form of QoS,
`is the process of regulating and smoothing the flow of
`network data traflic within a computer network. Restricting
`the bandwidth of the traflic flow is one way to regulate data
`trafiic. There are a variety of ways to bring data traffic flow
`with a desired rate. including dropping or discarding data
`packets buffering received data packets and re-transtnitting
`the data packets at the desired rate, combinations of these
`(e.g.. bttlfering packets when there is space in the buffer and
`dropping packets when there is not). etc. Buflering the data
`traffic flow allows the traffic shaping service node to smooth
`the data traffic flow. Smoothing removes the bursts of data
`trafiic and shapes the data traffic into a constant flow of data
`traflic. Smoothing is advantageous for applications that
`depend on a constant flow of data trailic. For example.
`video-based applications. such Vol) or video conferencing,
`or realntitne voice applications (Vol?) benefit from a coil-
`stant flow of data traffic. An example of shaping service
`provider data traffic is further described in FIGS. 4A and
`4B. Shaping aggregated subscriber data trafiic coming from
`the access network(s) 106 is further described in the FIG.
`SA—SC. Referring back to FIG. 3. the tralIic shaping service
`node 302 uses the subscriber policies contained in subscriber
`policy manageris) 110 for instruction on how to shape the
`data traiiic from service providers 104Au104N andfor sub-
`scribers 108A-108M accordingly.
`
`[0043] FIG. 4A is a block diagram illustrating one
`embodiment of ttnshaped network data traific flow originat~
`ing from the core network. FIG. 4A is an embodiment
`coupling a core router 402 with a traffic shaping service node
`406 via link 406. "l‘ra'flic shaping service node 406. in turn.
`is coupled with edge router 410 via link 408. In FIG. 4A. by
`
`Microsoft
`
`Ex. 1024 - Page 21
`
`Microsoft
`Ex. 1024 - Page 21
`
`

`

`US 200620233 101 Al
`
`Oct. 19, 2006
`
`way of illustration. a core router 402 transmits several data
`packets over link 404 to the traflic shaping service node 406.
`Typically. the core router 402 transmits millions of packets
`per second. FIG. 4A is a conceptual drawing representing
`that each packet typically includes some identification of the
`application used (e.g.. an ID in the header. type of protocol
`used. etc). As such. each packet illustrated in FIG. 4 is
`labeled with the subscriber. the application used by the data
`packet. a number representing the ordered position of the
`data packet in a flow of similar packets. For example. data
`packet 412, labeled “EX-1.1". designates the packet is used by
`subscriber A. application 1 and is the first packet in a flow
`of packets used by subscriber A and application 1. As
`another example, packet 438, labeled “8-3.3". means the
`packet is for subscriber B. application 3 and is the third such
`packet in the flow for this application and subscriber.
`
`[0044] Furthermore. FIG. 4A illustrates application sub-
`scriber traffic flows. An application subscriber traflic flow is
`a flow of data packets that are particular to a unique
`combination of subscriber. application and instance of that
`application. For example. packets 412-416 are organized
`into an application subscriber traffic flow for subscriber A.
`application 1 (“packet llow A-l). Similarly. packets 420-424
`(packet
`flow “XX-3"), 426-432 (packet
`flow “Ii-2"} and
`434—442 (packet flow “B—3") are organized into different
`application subscriber traffic flows. Only four such flows are
`illustrated in FIG. 4. Typically. the traflie shaping service
`node 406 handles millions of application subscriber traffic
`flows at a time.
`
`[0045] However, the packets in the flows on link 404 are
`illustrated to indicate they are mixed together in disorderly
`f'loWs of packets. Disorderly means the packet flow is not a
`constant stream of packets within the flow. For example. in
`packet flow A-l, packet 412 (“A- t . l”) is relatively far away
`from packet 414 (“A-1.2”}. whereas packet 414 is relatively
`close to packets 416 (“A-1.3") and 418 (“A-1.4“}. The wide
`varying gaps between the packets can cause dropped packets
`and failed services. For example. if the gap between the
`packets is too large, then bandwidth sensitive services such
`as \z’ollJ or Vol) will fail because the steady flow of video
`becomes disrupted Conversely, if the packets are bunched
`too close together. then packets can be dropped because the
`rate of packets exceeds the bandwidth allocated to the
`subscriber or the capacity of the network. Dropped packets
`can severely disrupt video or
`real—time audio services.
`Packet flow A—3 (packets 420—424]. B-2 (packets 426—432]
`and packet flow 13-3 [packets 434-442) are similarly disor-
`derly arranged.
`
`a block diagram illustrating one
`[0046] FIG. 4B is
`embodiment ofnetwork data traffic flow shaped by the trafi‘ic
`shaping service node 406. Similar to FIG. 4A. core router
`402 is linked to traffic shaping service node 406 via link 404.
`Traffic shaping service node 406. in turn, is connected with
`edge router 410 via link 408. However in FIG. 4B. the same
`flow of packets from FIG. 4A are now ordered into appli-
`cation subscriber traflic [lows on link 408.
`
`sands of application subscriber traffic flows. One of the
`policies that may be applied to the traffic flows is to transmit
`each packet within a trafiic flow at a certain transmission
`rate. For example, in FIG. 4B. packets 412-418 in packet
`flow A-l are now transmitted at a regularly spaced interval.
`This is in contrast to FIG. 4A, where packets 412-418 are in
`a disorderly flow. Packet flows A-3 (packets 420-424). B-2
`(packets 426-432) and B-3 (packets 434-442) are likewise
`transmitted in regularly spaced intervals.
`
`It should be understood that different flows may
`[0048]
`transmit at different rates. In FIG. 4B, the spacing of packets
`is used to conceptually illustrate this in that inter—packet gaps
`are difl'erent for each pair of packets in the data flow. For
`example. packets 412-418 in packet flow A-l are transmitted
`at a higher rate than packets 420-424 in packet flow A-3
`because the inter-packet gap for packet 412-418 is smaller
`than for packets 420-424. Similarly. packets 426-432 in
`packet flow B—2 have the smallest inter—packet gap of the
`four application traffic flows and transmits at the fastest rate.
`Finally. packets 434442 in packet flow B»3 are transmitted
`at a lower rate than packets 426-432 in packet [low 13-2.
`although packet flow B-3 transmits at a higher rate than
`packets 412—418 and 410-424.
`
`[0049] As illustrated in FIG. 4B. traflic shaping service
`node 406 transmits different application subscriber traffic
`flows at different rates. The need for the different rates
`
`depends on the application and the subscriber p