US 20060072457Al
`
`(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2006/0072457 A1
`(43) Pub. Date: Apr. 6, 2006
`
`Noble
`
`(54) PEER SIGNALING PROTOCOL AND
`SYSTEM FOR DECENTRALIZED TRAFFIC
`MANAGEMENT
`
`(75)
`
`Inventor: Alan Noble, South Australia (AU)
`
`Correspondence Address:
`AKERMAN SENTERFITT
`P.O. BOX 3188
`WEST PALM BEACH, FL 33402-3188 (US)
`
`(73) Assignee: Netpriva Pty Ltd., South Australia (AU)
`
`(21) Appl. No.:
`
`11/242,540
`
`(22)
`
`Filed:
`
`Oct. 3, 2005
`
`(30)
`
`Foreign Application Priority Data
`
`Oct. 6, 2004
`
`(AU) ...................................... 2004905742
`
`Publication Classification
`
`(51)
`
`Int. Cl.
`(2006.01)
`H04L 12/26
`(52) U.S.Cl.
`.............................................................. 370/230
`
`(57)
`
`ABSTRACT
`
`A network communications protocol to allow and points In
`a computer to communicate their respective requirements
`for access to a network resource to each other, and to
`communicate a policy for access to the network resource by
`said endpoints, and to allow negotiation of access to the
`network resource for the respective endpoint in accordance
`with the policy and the requirements information commu-
`nicated by other endpoints. The network resource may be
`access to a WAN connection or an lntemet connection, or
`may be a device such as a network printer or network
`attached storage.
`
`10
`
`APPLICATIONS
`
`APPLICATIONS
`
`
`
`
`
`APPLICATIONS
`
`Microsoft
`
`Ex. 1026 - Page 1
`
`Microsoft
`Ex. 1026 - Page 1
`
`

`

`Patent Application Publication Apr. 6, 2006 Sheet 1 0f 4
`
`US 2006/0072457 A1
`
`13
`
`coed
`
`Microsoft
`
`Ex. 1026 - Page 2
`
`Microsoft
`Ex. 1026 - Page 2
`
`

`

`Patent Application Publication Apr. 6, 2006 Sheet 2 0f 4
`
`US 2006/0072457 A1
`
`APPLICA'HONS
`
`APPL!CA110NS
`
`2
`
`APPLICATIONS
`
`14
`
`‘7
`AL
`
`‘7'
`AL
`
`15
`
`13
`
`Fig 2
`
`Microsoft
`
`Ex. 1026 - Page 3
`
`Microsoft
`Ex. 1026 - Page 3
`
`

`

`Patent Application Publication Apr. 6, 2006 Sheet 3 of 4
`
`US 2006/0072457 A1
`
`Informational
`
`
`
`Indicates that an endpoint is transmitting.
`
`w- Optionally includespriority,requestedbandwidthandother
`
`
`
`I- Request to set a policy or other information, such as WAN
`
`m- Request to get information, such as network statistics or
`
`m Command
`Re uest to ause transmissions.
`
`
`
`
`
`
`information.
`
`as network statistics or the WAN data rate;
`
`
`
`data rate.
`
`cached data.
`
`Figure 3
`
`Microsoft
`
`Ex. 1026 - Page 4
`
`Microsoft
`Ex. 1026 - Page 4
`
`

`

`Patent Application Publication Apr. 6, 2006 Sheet 4 of 4
`
`US 2006/0072457 A1
`
`
`
`
`
`
`
`
`
`
`
`
`:
`
`8-bitunsi edinteer
`l
`
`
`
`
`
`Figure 4
`
`
`
`
`
`
`
`
`
`
`
`Signal time slots
`
`Endpoint 1 signals
`
`Endpoint 2 signals
`
`Endpoint N signals
`
`Figure 5
`
`Microsoft
`
`Ex. 1026 - Page 5
`
`Microsoft
`Ex. 1026 - Page 5
`
`

`

`US 2006/0072457 A1
`
`Apr. 6, 2006
`
`PEER SIGNALING PROTOCOL AND SYSTEM
`FOR DECENTRALIZED TRAFFIC MANAGEMENT
`
`[0001] The present invention relates to a method and a
`signalling protocol for decentralized ac management in a
`computer network.
`
`Small networks, comprising multiple endpoint
`[0002]
`devices, such as desktop computers, notebook computers
`and handheld computers, usually share a link to the external
`network, such as the Internet or Wide Area Network (WAN),
`Via a common access device, such as a DSL modem and/or
`router.
`
`[0003] A common problem is that one endpoint can often
`occupy more than its fair share of the available bandwidth.
`This is particularly true when one or more endpoint users are
`downloading large files, while another endpoint user is
`attempting to use delay-sensitive networked applications,
`such as voice over IP (VolP), Video streaming or online
`games.
`
`It is known to solve these problems by deploying a
`[0004]
`so-called traffic management appliance in series with the
`access device. These appliances are hardware devices that
`optimize network performance, through one or more of the
`following functions: traffic shaping, also known as band-
`width management or quality of service (QoS), compres-
`sion, caching and protocol optimization. Alternatively, traf-
`fic management functions may be integrated into an existing
`networking device, such as a router, obviating the need for
`a separate device. However, traffic management hardware
`devices are expensive. Routers that implement traffic man-
`agement functions are also expensive.
`
`[0005] Network access devices found in small networks,
`however, are relatively inexpensive products lacking quality
`of service (QoS) capabilities. The cost of installing the
`additional hardware or more sophisticated network access
`devices that can implement traffic management
`is often
`prohibitive and also introduces another point of failure into
`the network.
`
`It is an object of the present invention to provide a
`[0006]
`method and a signalling protocol for traffic management that
`overcomes or at least substantially amellorates the problems
`associated with the prior art
`
`[0007] Other objects and advantages of the present inven-
`tion will become apparent from the following description,
`taken in connection with the accompanying drawings,
`wherein, by way of illustration and example, embodiments
`of the present invention are disclosed.
`
`In one form of this invention there is proposed a
`[0008]
`network traffic management sylvan for managing traffic
`flows to a network resource including
`
`a plurality of endpoints adapted to send traffic to
`[0009]
`the network resource, means to set and communicate a
`policy for access to the network resource by said
`endpoints,
`
`a software agent associated with each of said
`[0010]
`endpoints adapted to communicate with each other said
`agent, and to negotiate access to the network resource
`for the respective endpoint
`in accordance with the
`policy and the information communicated by each
`other agent.
`
`In a further form the invention may be said to reside
`[0011]
`in a method of shaping traffic presented to a network
`resource in a local area network including the steps of
`
`providing are agents at each of a plurality of
`[0012]
`network endpoints on a local area network, said agents
`being adapted to communicate with each other agent by
`signals passed over the local area network;
`rov1 in at eac en
`omt means to re u atet e
`'d'g
`h dp'
`gl
`h
`p
`0013
`traffic presented to the network resource by that end-
`point;
`
`providing and communicating to each agent a
`[0014]
`policy for the allocation of use of the network resource
`among the plurality of endpoints;
`
`each agent communicating with each other agent
`[0015]
`to negotiate access to the network resource according to
`the policy and the communicated traffic requirements
`of each endpoint.
`
`In a yet further form, the invention may be said to
`[0016]
`reside in a network communications protocol adapted to
`allow endpoints in a local area network to communicate
`their respective requirements for access to a shared network
`resource to each other.
`
`includes means for
`the protocol
`In preference,
`[0017]
`endpoints to identify each others presence on the network.
`
`In preference, the protocol includes means to com-
`[0018]
`municate relative priority information between endpoints.
`
`In preference, the protocol includes means to com-
`[0019]
`municate a policy for access to the shared network resource
`among all endpoints.
`
`In preference, there resides on the local area net-
`[0020]
`work at least one endpoint adapted to set and communicate
`said policy for access. This endpoint is called a manager.
`
`In preference, the protocol includes means to com-
`[0021]
`municate any or all of an endpoint’s requested bandwidth,
`the data rate of the network resource, network statistics or
`network data.
`
`includes means to
`the protocol
`In preference,
`[0022]
`implement a distributed cache amongst a plurality of end-
`points.
`
`In preference, the network endpoints are comput-
`[0023]
`ing devices.
`
`the network endpoints are client
`In preference,
`[0024]
`devices such as desktop computers, laptop computers and
`handheld computers.
`
`[0025]
`
`In preference an endpoint is a computer server.
`
`In preference an endpoint is a computer peripheral,
`[0026]
`such as a printer or sca1mer.
`
`In preference the network resource is an access
`[0027]
`point to a wide area network.
`
`In preference, the network resource is an access
`[0028]
`point to the Internet.
`
`In preference, the policy for allocation of access to
`[0029]
`the network resource is a policy for allocation of a portion
`of bandwidth on a wide area network or Internet connection
`
`Microsoft
`
`Ex. 1026 - Page 6
`
`Microsoft
`Ex. 1026 - Page 6
`
`

`

`US 2006/0072457 A1
`
`Apr. 6, 2006
`
`to each endpoint calculated as total available bandwidth
`available on the link divided by the number of endpoints.
`
`In preference, the policy for allocation of access to
`[0030]
`the network resource is a policy for allocation of a portion
`of bandwidth on a wide area network or Internet connection
`
`to each endpoint, based on pre-set or communicated relative
`priority of each endpoint.
`
`In preference, each endpoint includes means to
`[0031]
`implement the requirements of the policy by rate limiting.
`
`In preference, the local area network may be a
`[0032]
`wireless network or a 3G network.
`
`[0033] For a better understanding of this invention it will
`now be described with respect to preferred embodiments
`which shall be described herein with the assistance of
`
`drawings wherein;
`
`[0034] FIG. 1 is diagram of a local area network upon
`which the method and a signalling protocol for decentralized
`traffic management of the invention is implemented; and
`
`[0035] FIG. 2 is a diagram of the network of FIG. 1,
`showing data flows when the invention is implemented; and
`
`[0043] Essentially, the fast LAN is used as a signalling
`channel to control access to the much slower WAN. Signal-
`ling is the exchange of information been peer endpoints on
`a fast LAN to control access to a slower WAN. The large
`disparity in speed means that the bandwidth used by the
`signalling does not have a detrimental effect on the data rate
`presented to the WAN.
`
`[0044]
`FIG. 1.
`
`FIG. 2 is a logical block diagram of the system of
`
`[0045] As illustrated in FIG. 2, each endpoint includes
`software modules 21 to implement a decentralized traffic
`management system. These software modules communicate
`by sending data signals 23 to each other across the LAN 14.
`This data comprises signals 23 which implement the Peer
`Signalling Protocol (PSP) of the invention. Each endpoint so
`equipped 10, 11, 12 is referred to as a PSP host, and all PSP
`hosts are peers. There is a distributed system in which
`endpoints emulate and perform the functions of a centralized
`traffic management appliance.
`
`[0046] Applications running on the endpoints communi-
`cate data 25 which is carried by the WAN and also data 26
`which is carried only by the LAN.
`
`[0036] FIG. 3 is a table showing a basic set of protocol
`signals for an embodiment of the Peer Signalling Protocol of
`the invention; and
`
`[0047] Endpoints signal their network traffic requirements
`to their peers, and each endpoint listens for the PSP signals
`from other peers.
`
`[0037] FIG. 4 is a table setting out the header fields of the
`Protocol a the invention; and
`
`In order to send and receive data over the WAN,
`[0048]
`each endpoint must gain access to the WAN bandwidth.
`
`[0038] FIG. 5 illustrates time slicing for a synchronous
`embodiment of the invention.
`
`[0039] Now referring to the illustrations, and in particular
`to FIG. 1, there is shown a desktop computer 10, a server
`computer 11 and a laptop computer 12 These are network
`endpoints, which share access to an external network 13 via
`a local area network (LAN) 14 and a common access device,
`being a DSL modem and router 15. In other embodiments
`(not shown) the endpoints may be any computing devices
`and the common access device may be a router, cable
`modem or network switch. The external network 13 shown
`
`as a corporate wide area network (WAN), may be the
`Internet.
`
`[0040] The network endpoints on the Local Area Network
`(LAN) signal each other so as negotiate access to the shared
`external network. The system thereby implements a virtual
`centralized traffic manager, by means of decentralized traffic
`management.
`
`[0041] This is possible because of the large disparity
`between LAN and WAN data rates, which is typically 2 or
`3 orders of magnitude. LAN data rates are between 100
`Mbps and 10 Gbps, whereas WAN data rates are typically
`under 45 Mbps (T3) for a corporate WAN, or 1 Mbps for a
`typical DSL Internet link. In the time it takes to transmit l
`Mbyte of data over a 1 Mbps WAN link, 100 Mbytes of data
`can be transmitted over a 100 Mbps LAN, which is equiva-
`lent to one million lOO-byte messages.
`
`[0049] Endpoints negotiate their use of WAN bandwidth
`according to a policy. In policy-based networking such as
`this, a policy is a formal set of statements that define how the
`network’s resources are to be allocated among network
`users, hosts, applications and other devices. The policy may
`be static and pre-configured, or dynamic and communicated
`via the signalling protocol or another mechanism.
`
`[0050] One or more of the endpoints may be designated
`managers. These determine and broadcast the policy in
`effect to their peers.
`
`In the absence of a manager, there may be a default
`[0051]
`(pre-defined) policy, such as, “highest priority host gets 50%
`of the bandwidth”. Note that while the use of a manager
`centralizes the policy control,
`the policy enforcement is
`decentralized. Each endpoint controls the rate at which it
`send data to the WAN itself, in response to the set policy.
`This control is performed by a rate limiter 28.
`
`[0052] The major signals of this protocol are shown in
`FIG. 3, but many more may be contemplated. As shown in
`the figure the signals are as follows:
`transmit
`
`[0053]
`
`[0054] There are two defined time periods, TransmitPeriod
`and TransmitWait All PSP hosts, while attempting to trans-
`mit traffic regularly broadcast a transmit messages every
`TransmitPeriod milliseconds, providing another host with
`higher priority has not transmitted during the last Transmit-
`Period milliseconds. A PSP host will refrain from broad-
`
`[0042] The high data rates of the LAN make it feasible to
`implement a signalling protocol between endpoints that
`enables endpoints to negotiate access to the WAN and adjust
`on the fly what they are transmitting over the WAN.
`
`casting transmit messages if another host with higher pri-
`ority is
`transmitting. A transmit message may not be
`broadcast less than TransmitWait milliseconds prior to the
`last message.
`
`Microsoft
`
`Ex. 1026 - Page 7
`
`Microsoft
`Ex. 1026 - Page 7
`
`

`

`US 2006/0072457 A1
`
`Apr. 6, 2006
`
`[0055] The body of to transmit message may specify
`parameters, such as the requested bandwidth, priority, and
`other information as required, or it may be empty.
`
`[0056]
`
`set
`
`[0057] The set operation is sent out by a PSP Manager to
`establish a policy. A PSP Manager is an endpoint configured
`to load and deploy policies. The body of the set message
`contains the policy to be established.
`
`In the illustrated embodiment, the default policy is
`[0058]
`for a lower priority host to simply back off in the presence
`of traffic from a higher priority host
`
`[0059]
`
`info
`
`[0060] The info operation indicates that an endpoint has
`new information to share, such as network statistics or the
`WAN data rate.
`
`get
`
`where there are N endpoints, Ri is the rate of endpoint l and
`RWAN is the WAN data rate. The system attempts to maintain
`the equality of the left and right sides of the rate equation in
`both send and receive directions at all times. Each endpoint
`enforces its rate, Ri, by means of a bidirectional rate limiter
`28 that controls the maximum rate of traffic sent and
`
`received. The rate limiter need only limit traffic 25 sent to or
`received from the WAN, not traffic 26 that is internal to the
`LAN.
`
`If the sum of the endpoint rates is less than the
`[0068]
`actual WAN data rate means that WAN bandwidth is under
`
`utilized. If the sum is greater than the actual WAN data rate
`that means that the WAN link is over utilized or congested.
`A congested WAN link means that endpoints are competing
`for bandwidth, rather than negotiating a guaranteed share of
`the bandwidth.
`
`[0069] For example, a fair, static partitioning across N
`endpoints simply limits each endpoint to precisely l/NLh of
`the WAN data rate, i.e.:
`
`[0061] This is sent as a request to get information, such as
`network statistics or cached data.
`
`R1=R2=R3 .
`
`.
`
`. =Rn=<RWANW>
`
`[0070] An unfair, static portioning allocates different rates
`to each endpoint, while nevertheless maintaining the equal-
`ity of the rate equation.
`
`[0071] Static partitioning can be implemented without any
`form of signalling but results in wasted bandwidth whenever
`one or more of the endpoints require less than their share.
`
`[0072] A dynamic partitioning scheme allocates band-
`width across the subset of endpoints that are actually trans-
`mitting at any given time.
`
`[0073] Endpoints can determine what other endpoints are
`transmitting either implicity by sniffing what
`is on the
`physical network or explicitly via signalling. In the inven-
`tion, endpoints broadcast or multicast PSP transmit signals
`periodically whenever they are transmitting. By counting the
`number of transmitters present during a given interval, the
`system can determine the total number of endpoints that are
`currently transmitting and partition bandwidth accordingly.
`
`[0074] Further, by including a host priority the transmit
`signal, lower-priority endpoints can be configured to back
`off transmitting either partially or completely in the presence
`ofhigh—priority traflic. This can be used to implement a form
`of priority queuing.
`
`[0075] A further embodiment includes an application pri-
`ority in the transmit signal to enable priority queuing by
`software application, either in combination with host prior-
`ity or independently.
`
`includes an endpoint’s
`[0076] A further embodiment
`requested bandwidth in the transmit message. The requested
`bandwidth can be pre-configured or can be computed
`dynamically by summing the minimum required bandwidth
`required for each networked application running on a given
`endpoint. The minimum required bandwidth for each appli-
`cation can be specified in the policy. Prior art techniques,
`such as windows-based traffic management, can be used to
`determine what networked application are running on a
`given endpoint at a given time. The system will then attempt
`to allocate each endpoint its requested bandwidth in order of
`priority. Each endpoint first sums the requested bandwidth
`from each transmit signal. If more bandwidth is requested
`
`Microsoft
`
`Ex. 1026 - Page 8
`
`pause
`
`[0062] This is sent to request an endpoint or endpoints to
`pause transmissions.
`
`In the illustrated embodiment, PSP is a UDP-based
`[0063]
`broadcast protocol. The PSP header is shown in FIG. 4.
`
`[0064] All integers are in standard network representation.
`
`the minimum PSP packet
`[0065] Over Ethernet,
`bytes (560 bits), broken down as follows:
`
`is 70
`
`OSI Layer
`
`Header
`
`Layer 5
`Layer 4
`Layer 3
`Layer 2
`
`PSP header
`UDP header
`IP header
`Ethernet frame
`
`Size
`
`30 bytes
`8 bytes
`20 bytes
`12 bytes
`
`It can be seen, for example, that 100 hosts broad-
`[0066]
`casting 10 times/second generate 560 kbps of LAN traflic,
`i.e., less than 1% of the capacity of a 100 Mbps LAN. The
`transmission time for each signal is 5.6 microseconds. The
`usage of LAN resources does not therefore impact on the
`capacity of the LAN to present data to the WAN at the full
`speed which the WAN can accept.
`
`[0067] The system flexibly partitions the WAN bandwidth
`among the endpoints. The exact partitioning of bandwidth
`depends on the installed policy, and may be fair or unfair,
`static or dynamic. The goal of the system is to ensure that the
`sum of the endpoint data rates is always equal to the overall
`WAN data rate, RWAN, as specified by the following rate
`equation.
`
`Ri = Rm
`
`N Z
`
`[:1
`
`Microsoft
`Ex. 1026 - Page 8
`
`

`

`US 2006/0072457 A1
`
`Apr. 6, 2006
`
`than is available, endpoints will renegotiate their bandwidth
`requirements according to the installed policy and re-trans-
`mit accordingly. For example, one policy could require
`endpoints to proportionally reduce their requested band-
`width,
`i.e.,
`in a pro rata fashion. Another, policy could
`require low-priority endpoints to temporarily stop transmit-
`ting.
`
`[0077] A further embodiment specifies a minimum guar-
`anteed bandwidth for each endpoint, but permits endpoints
`to burst above their minimum if not all of the WAN link is
`
`being utilized. Endpoints signal their intent to use additional
`bandwidth, to avoid multiple endpoints from attempting to
`overallocate bandwidth.
`
`[0078] An embodiment with improved efficiency can be
`implemented by synchronizing the system time of each
`endpoint and assigning each endpoint a unique signalling
`time slot, as described in FIG. 5. For example, if there are
`100 endpoints transmitting 10 times/second (i.e., every 100
`milliseconds) then signals can be spread out every millisec—
`ond. Synchronization can be performed via a standard
`synchronization protocol, such as Network Time Protocol
`(NTP).
`
`time. Endpoints receiving a pause interpret may elect to
`delay or ignore the pause request. Therefore the tester must
`wait until all other endpoints cease transmitting, or give up
`and try again later if transmissions continue unabated. Once
`the network is quiet the tester performs a speed test, possibly
`in both directions. Upon computing the WAN data rate,
`which typically takes no more than a couple of seconds, the
`tester communicates the results via the info or set signal.
`
`In a system with a designated manager, the man-
`[0086]
`ager listens for info signals and will set the new WAN data
`rate.
`
`is
`the speed test
`In the piggyback speed test,
`[0087]
`performed by clocking part of an exiting data transfer. Any
`endpoint can perform the test providing the following two
`conditions are met:
`
`1) no other endpoints transmit during the speed
`[0088]
`test (determined by absence of other transmit signals)
`
`[0089]
`
`2) the data transfer saturates the WAN data link
`
`[0090] Upon successfully completing the speed test, the
`results are communicated via the info or set signal.
`
`[0079] Endpoints periodically determine the WAN data
`rate, i.e., the speed of the WAN link. The WAN data rate may
`be dynamic (vary over time).
`
`[0091] For example, a piggyback speed test may be com-
`bined with downloading an operating system update or
`updating a local cache.
`
`it is first
`In order to share the WAN bandwidth,
`[0080]
`necessary for the system to know the WAN data rate (WAN
`link speed). Further, certain WAN technologies, such as
`Frame Relay, have variable data rates. In such cases the
`system must distinguish between the minimum guaranteed
`rate, sometimes called the Committed Information Rate
`(CIR), and the maximum access rate, sometimes called the
`Excess Information Rate (EIR).
`
`[0081] When the WAN data rate is static and known ahead
`of time, endpoints can be simply pre-configured with this
`information via the installed policy.
`
`[0082] When the WAN data rate is dynamic or static but
`unknown, it must be computed. The system computes the
`data rate by performing a speed test. Prior art describes
`speed testing for a single host. The method herein is for
`performing speed testing in a distributed system. The speed
`test involves transferring data to or from one or more known
`fast servers, herein known as speed test servers. (On the
`Internet, there are pubic speed test servers, such as DSLre-
`ports.com. It is also possible to set up and use a speed test
`server on a corporate network.)
`
`[0083] The data rate is computed by clocking the data
`transfer and dividing the data size in bits by the transfer time
`in seconds minus connection/disconnection time (If using
`TCP or another connection-oriented protocol. The key
`requirement
`is that there is sufficient data and both the
`sending and receiving hosts are sufficiently fast to com-
`pletely saturate the WAN link.
`
`Several methods may be used to compute the WAN
`[0084]
`data rate in a peer signalling system,
`two of which are
`described below.
`
`In the dedicated speed test, a designated endpoint,
`[0085]
`known as the tester, requests other endpoints to briefly pause
`transmitting,
`then performs a speed test. The tester first
`sends a pause signal to the other endpoints to request quiet
`
`[0092] There is a variety of prior-art techniques for deter-
`mining when a WAN link is saturated. For example, one
`active measurement technique involves injecting multiple
`Internet Control Message Protocol (ICMP) ‘ping’ packets
`into the WAN and measuring inner-packet delay, round trip
`times, and packet losses. The speed test server may also be
`utilized for performing active measurements.
`
`[0093] Endpoints that implement the peer signalling pro-
`tocol are referred to as signalling devices. In a fully managed
`LAN, all endpoints should be configured to be signalling, to
`ensure that the traffic contributed by all endpoints is taken
`into account. Traffic originating from signaling devices can
`be identified by signing packets, namely, adding a signature
`to each packet.
`
`[0094] One signing technique is packet colouring or
`packet marking, i.e., writing specific packet header fields,
`for example,
`the IP Layer 3 Type of Service (ToS) or
`Differentiated Services (Difi‘Serv)
`field. Marks may be
`altered dynamically to minimize the risk of spoofing by
`non-signaling devices.
`
`[0095] Another signing technique is encapsulation, which
`involves encapsulating the entire packet within another
`protocol, for example, by using Generic Routing Encapsu-
`lation (GRE). While the main use of GRE is to route IP
`packets between private IP networks across an internet, It is
`also feasible to encapsulate packets over a LAN. Further, the
`encapsulation may include a digital signature for strong
`security.
`
`[0096] Conversely, non-signalling endpoints will not sign
`packets, and can therefore be identified by the absence of a
`packet signature, i.e., the correct packet mark or encapsu-
`lation.
`
`[0097] Each endpoint in the system may be optionally
`configured to store data that is requested from a data source
`via the WAN, thereby creating a distributed cache. End-
`
`Microsoft
`
`Ex. 1026 - Page 9
`
`Microsoft
`Ex. 1026 - Page 9
`
`

`

`US 2006/0072457 A1
`
`Apr. 6, 2006
`
`points requesting data Via the WAN can first request if data
`is available from one of their peers Via a get signal. If a peer
`already has the data, the data can fetched quickly Via the
`LAN, thereby eliminating redundant data transfers Via the
`slower WAN.
`
`[0098] Each endpoint in the system may optionally store
`numerous network statistics, such as bandwidth, round—trip
`time, latency, etc. Statistics for the system as a whole can
`then be aggregated to one or more designated reporter,
`specified by the policy. The reporter may be local to the
`LAN or accessible Via the WAN. A possible aggregation
`method is Push-based aggregation wherein each endpoint
`will periodically push statistics to the reporter Via an info
`signal.
`
`[0099] AltematiVely Query-based aggregation may be
`used wherein The reporter will periodically query each
`endpoint with a get signal and request the latest statistics.
`
`[0100] Each endpoint in the system may be optionally
`configured Via the installed policy to detect and respond to
`anomalous network conditions. For example, so-called port
`scanning or Denial of Service (DOS) style attacks, resulting
`in hosts creating and destroying large numbers of c01mec-
`tions per second, are characteristic of network Viruses. Such
`conditions can be detected and trigger self-policing behaV-
`ior, for example, rate limiting some or all trafiic originating
`from the infected host.
`
`[0101] Although the inVention has been herein shown and
`described in what is conceiVed to be the most practical and
`preferred embodiment, it is recognised that departures can
`be made within the scope of the inVention, which is not to
`be limited to the details described herein but
`is to be
`
`accorded the full scope of the appended claims so as to
`embrace any and all equiValent deVices and apparatus.
`
`1. A network communications protocol for use in a
`computer network including a shared network resource and
`a plurality of endpoints adapted to send traffic to the network
`resource,
`
`said protocol adapted to allow endpoints in the network to
`communicate their respectiVe requirements for access
`to the network resource to each other;
`
`and to communicate a policy for access to the network
`resource by said endpoints,
`
`and to allow negotiation of access to the network resource
`for the respectiVe endpoint
`in accordance with the
`policy and the requirements information communicated
`by other endpoints.
`2. The protocol of claim 1 wherein the protocol includes
`means for endpoints to identify each other’s presence on the
`network.
`
`3. The protocol of claim 1 wherein the protocol includes
`means to communicate relatiVe priority information between
`endpoints.
`4. The protocol of claim 1 wherein the protocol includes
`means to communicate any or all of an endpoints requested
`bandwidth, the data rate of the network resource, network
`statistics and network data.
`
`5. The protocol of claim 1 wherein the protocol includes
`means to implement a distributed cache amongst a plurality
`of endpoints.
`
`6. The protocol of claim 1 wherein the network resource
`is an access point to a wide area network.
`7. The protocol of claim 1 wherein the network resource
`is an access point to the internet.
`8. The protocol of claim 1 wherein Om policy for allo-
`cation to the network resource is a policy for allocation of a
`portion of bandwidth on a wide area network or intemet
`connection to each endpoint, calculated as total aVailable
`bandwidth aVailable on the link diVided by the number of
`endpoints.
`9. The protocol of claim 1 wherein the policy for alloca-
`tion of access to the network resource is a policy for
`allocation of a portion of bandwidth on a wide area network
`or intemet connection to each endpoint, based on pre-set or
`communicated relatiVe priority of each endpoint.
`10. A network traffic management system for managing
`traffic flows to a network resource including
`
`a plurality of endpoints adapted to send traffic to the
`network resource, means to set and communicate a
`policy for access to the network resource by said
`endpoints,
`
`a software agent associated with each of said endpoints
`adapted to communicate with each other said agent,
`and to negotiate access to the network resource for the
`respectiVe endpoint in accordance with the policy and
`the information communicated by each other agent.
`11. The network traffic management system of claim 10
`whereii the network endpoints are computing deVices.
`12. The network traffic management system of claim 10
`whereii the network endpoints are client deVices such as
`desktop computers, laptop computers and handheld comput-
`ers
`
`
`
`13. The network traffic management system of claim 10
`whereii an endpoint is a computer server.
`14. The network traffic management system of claim 10
`whereii an endpoint is a computer peripheral, such as a
`printer or scanner.
`15. The network traffic management system of claim 10
`whereii each endpoint includes means to implement the
`requirements of the policy by rate limiting.
`16. The network traffic management system of claim 10
`whereii each endpoint includes means to implement the
`requirement of the policy by rate limiting.
`17. The network trafiic management system of claim 10
`wherei 1 the local area network is a wireless network or a 3G
`
`mobile telephony network.
`18. A method of shaping traffic presented to a network
`resource in a local area network including the steps of
`
`pr0Viding software agents at each of a plurality of net-
`work endpoints on a local area network, said agents
`being adapted to communicate with each other agent by
`signals passed 0Ver the local area network;
`
`pr0Viding at each endpoint means to regulate toe traffic
`presented to the network resource by that endpoint;
`
`pr0Viding and communicating to each agent a policy for
`the allocation of use of the network resource among the
`plurality of endpoints;
`
`to
`each agent communicating with each other agent
`negotiate access to the network resource according to
`the policy and the communicated traffic requirements
`of each endpoint.
`
`Microsoft
`
`Ex. 1026 - Page 10
`
`Microsoft
`Ex. 1026 - Page 10
`
`

`

`US 2006/0072457 A1
`
`Apr. 6, 2006
`
`19. The method of claim 18 wherein there resides on the
`local area network at least one endpoint adapted to set and
`communicate said policy for access.
`20. The method of claim 18 wherein each endpoint
`includes means to implement to requirements of the policy
`by rate limiting.
`
`21. The method of claim 18 wherein the local area
`network is a wireless network or a 3G mobile telephony
`network.
`
`Microsoft
`
`Ex. 1026 - Page 11
`
`Microsoft
`Ex. 1026 - Page 11
`
`