WO1999063727B1 - Distributed filtering and monitoring system for a computer internetwork - Google Patents

Distributed filtering and monitoring system for a computer internetwork

Info

Publication number
WO1999063727B1
WO1999063727B1 PCT/US1999/010272 US9910272W WO9963727B1 WO 1999063727 B1 WO1999063727 B1 WO 1999063727B1 US 9910272 W US9910272 W US 9910272W WO 9963727 B1 WO9963727 B1 WO 9963727B1
Authority
WO
WIPO (PCT)
Prior art keywords
packets
loads
internetwork
packet
computer
Prior art date
Application number
PCT/US1999/010272
Other languages
French (fr)
Other versions
WO1999063727A1 (en
Inventor
Amit Gupta
Radia Joy Perlman
Dah-Ming Chiu
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Priority to AU40738/99A priority Critical patent/AU4073899A/en
Publication of WO1999063727A1 publication Critical patent/WO1999063727A1/en
Publication of WO1999063727B1 publication Critical patent/WO1999063727B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/046Network management architectures or arrangements comprising network management agents or mobile agents therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Abstract

A system efficiently distributes processing-intensive loads among a plurality of intermediate stations in a computer internetwork. The intermediate stations include routers, bridges, switches and/or firewalls configured with monitoring and filtering agents that communicate via a defined protocol to implement the system. Those stations configured with agents and having available resources cooperate to execute the loads which generally comprise verification operations on digital signatures appended to frame and/or packet traffic traversing paths of the computer internetwork. Techniques associated with the system are directed to efficiently detecting and filtering unauthorized traffic over portions of the internetwork protected as trust domains as well as unprotected portions of the internetwork.

Claims

2 1AMENDED CLAIMS[received by the International Bureau on 30 November 1999 (30 1 1 99), original claims 1 -34 replaced by new claims 1 - 15 (5 pages)]
1. A method for efficiently distributing processing-intensive loads among a plurality of intermediate stations in a computer inteπietwork, the method comprising the steps of: configuring at least one intermediate station with a monitoring and filtering agent process adapted to execute the loads on data traffic traversing paths of the computer internetwork; and at the configured intermediate station, independently processing a selection of data traffic to thereby share the loads among the intermediate stations.
2. The metliod of Claim 1 wherein the data traffic comprises packets and wherein the selection of packets processed by each intermediate station is randomly assigned according to a (i) fractional spot-checking function or (ii) hash function.
3. The method of Claim 2 where packet selection is assigned according a hash function, further comprising the step of invoking the hash function to distinguish the packets based on contents of a field of each packet, wherein the contents comprise a destination address:
apportioning the packets according to even and odd destination addresses; and assigning packets having even destination addresses to one intermediate station and packets having odd destination addresses to another intermediate station.
4. The method of Claim 3 further comprising the steps of, wherein the contents comprise a sequence number: apportioning the packets according to even and odd sequence numbers; and assigning packets having even sequence numbers to one intermediate station and packets having odd sequence numbers to another intermediate station. 22
5. The method of Claim 3 further comprising the steps of, wherein the contents comprise an address: decoding predetermined address bits into distinct values; apportioning the packets according to the distinct values; assigning packets to the intermediate stations based on the distinct values; and reassigning certain of the previously-assigned packets to certain of the intermediate stations to thereby balance the load among the stations.
6. The method of Claim 2 further comprising the steps of, wherein the data traffic comprises packets and wherein processing of the loads comprises verification operations on digital signatures appended to the packets: in response to identifying an unauthorized packet, filtering the unauthorized packet; and altering the random fractional spot-checking of packets by each intermediate station on a per flow basis, wherein a flow comprises source and destination addresses, source and destination ports and a flow label of a packet, further wherein the step of altering comprises the step of spot-checking an increased fraction of the packets.
7. The method of Claim 2 further comprising the step of, wherein the data traffic comprises packets: in response to identifying a change in traffic pattern, altering the random fractional spot-checking of packets by each intermediate station on a per flow basis, wherein a flow comprises source and destination addresses, source and destination ports and a flow label of a packet,
8. The method of Claim 1 further comprising the step of, wherein a portion of the internetwork is protected as a trust domain having trusted switches: employing a flag within a header of a packet to indicate whether the packet has been verified by a trusted switch configured with the monitoring and filtering agent, wherein the flag may be contained within one of an unused field of the header and a mini-header appended to the packet, the method further comprising the step of, if a state of the flag indicates that the packet has not been verified by an upstream trusted switch along a path of the computer internetwork:
enabling a downstream trusted switch to process the unverified packet depending upon its available capacity.
9. The method of Claim 1 further comprising the steps of: calculating an optimal path for the packets over the computer internetwork; determining whether intermediate stations located along the optimal path are configured with the monitoring and filtering agents; and changing the optimal path of the packets to a non-optimal path that includes additional intermediate stations configured with the monitoring and filtering agents adapted to execute the verification operations on the packets,
10. The method of Claim 1 wherein the intermediate station comprises an element chosen from a switch, a router, a bridge and a firewall.
11. Apparatus for efficiently distributing processing-intensive loads among a plurality of intermediate stations in a computer internetwork, the apparatus comprising: means for configuring at least one intermediate station with a monitoring and filtering agent process adapted to execute the loads on data traffic traversing paths of the computer internetwork; and means for independently processing a selection of data traffic at the configured intermediate station to thereby share the loads among the intermediate stations.
12. A computer readable medium containing executable program instructions for efficiently distributing processing-intensive loads directed to verification operations on digital signatures appended to packets transferred among a plurality of 24
intermediate stations in a computer internetwork, the executable program instructions comprising program instructions for: configuring at least one intermediate station with a monitoring and filtering agent process adapted to execute the loads on the packets traversing paths of the computer internetwork; and at the configured intermediate station, independently processing a selection of the packets assigned to the station according to a hash function that enables checking of the digital signatures to identify one of authorized and unauthorized packets, thereby enabling sharing of the loads among the intermediate stations.
13. The computer readable medium of Claim 12 wherein said executable program instructions further comprise program instructions for invoking the hash function to distinguish the packets based on contents of a field of each packet, wherein further said executable program instructions further comprise program instructions for, wherein the contents comprise an address:
decoding predetermined address bits into distinct values; apportioning the packets according to the distinct values; assigning packets to the intermediate stations based on the distinct values; and reassigning certain of the previously-assigned packets to certain of the intermediate stations to thereby balance the load among the stations.
14. A computer data signal embodied in a carrier wave and representing sequences of instructions for efficiently distributing processing-intensive loads directed to verification operations on digital signatures appended to packets transferred among a plurality of intermediate stations in a computer internetwork, the instructions comprising instructions for; configuring at least one intermediate station with a monitoring and filtering agent process adapted to execute the loads on the packets traversin paths of the computer internetwork; and 25
at the configured intermediate station, independently processing a selection of the packets assigned to the station according to a hash function that enables checking of the digital signatures to identify one of authorized and unauthorized packets, thereby enabling sharing of the loads among the intermediate stations.
15. A system for efficiently distributing processing-intensive loads among a plurality of intermediate stations in a computer internetwork, the system comprising: a plurality of memory devices containing software programs organized as monitoring and filtering agents adapted to execute the loads on data traffic traversing paths of the computer internetwork; and a plurality of processing elements coupled to respective ones of the memory devices, each processing element configured to execute a respective agent to independently process a selection of data traffic lo thereby share the loads a . mong the intermediate stations.
PCT/US1999/010272 1998-06-01 1999-05-11 Distributed filtering and monitoring system for a computer internetwork WO1999063727A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU40738/99A AU4073899A (en) 1998-06-01 1999-05-11 Distributed filtering and monitoring system for a computer internetwork

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/088,348 1998-06-01
US09/088,348 US6658565B1 (en) 1998-06-01 1998-06-01 Distributed filtering and monitoring system for a computer internetwork

Publications (2)

Publication Number Publication Date
WO1999063727A1 WO1999063727A1 (en) 1999-12-09
WO1999063727B1 true WO1999063727B1 (en) 2000-01-27

Family

ID=22210854

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1999/010272 WO1999063727A1 (en) 1998-06-01 1999-05-11 Distributed filtering and monitoring system for a computer internetwork

Country Status (3)

Country Link
US (1) US6658565B1 (en)
AU (1) AU4073899A (en)
WO (1) WO1999063727A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9143518B2 (en) 2005-08-18 2015-09-22 The Trustees Of Columbia University In The City Of New York Systems, methods, and media protecting a digital data processing device from attack
US9495541B2 (en) 2011-09-15 2016-11-15 The Trustees Of Columbia University In The City Of New York Detecting return-oriented programming payloads by evaluating data for a gadget address space address and determining whether operations associated with instructions beginning at the address indicate a return-oriented programming payload

Families Citing this family (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6321338B1 (en) 1998-11-09 2001-11-20 Sri International Network surveillance
US6885657B1 (en) 1998-11-30 2005-04-26 Broadcom Corporation Network telephony system
FR2787265B1 (en) * 1998-12-14 2001-02-16 France Telecom METHOD FOR TRANSPORTING PACKETS BETWEEN AN ACCESS INTERFACE OF A SUBSCRIBER INSTALLATION AND A SHARED NETWORK, AND ACCESS INTERFACE IMPLEMENTING SUCH A METHOD
US6954775B1 (en) * 1999-01-15 2005-10-11 Cisco Technology, Inc. Parallel intrusion detection sensors with load balancing for high speed networks
FR2793367B1 (en) * 1999-05-03 2004-09-10 Jean Luc Stehle AUTHENTICATION AND SECURITY DEVICE FOR A COMPUTER NETWORK
US20020108059A1 (en) * 2000-03-03 2002-08-08 Canion Rodney S. Network security accelerator
US7299489B1 (en) * 2000-05-25 2007-11-20 Lucent Technologies Inc. Method and apparatus for host probing
US6928482B1 (en) * 2000-06-29 2005-08-09 Cisco Technology, Inc. Method and apparatus for scalable process flow load balancing of a multiplicity of parallel packet processors in a digital communication network
JP2002063084A (en) * 2000-08-21 2002-02-28 Toshiba Corp Packet-transferring device, packet-transferring method, and storage medium stored with program therefor
US6801503B1 (en) * 2000-10-09 2004-10-05 Arbor Networks, Inc. Progressive and distributed regulation of selected network traffic destined for a network node
US7020713B1 (en) * 2000-10-10 2006-03-28 Novell, Inc. System and method for balancing TCP/IP/workload of multi-processor system based on hash buckets
NL1016533C2 (en) * 2000-11-02 2002-05-07 Industree B V Restricting data transfer in data communication network, by restricting transfer to network from end station based on data transfer characteristics determined by analysis
JP3629516B2 (en) * 2000-11-02 2005-03-16 インターナショナル・ビジネス・マシーンズ・コーポレーション Proxy server, electronic signature system, electronic signature verification system, network system, electronic signature method, electronic signature verification method, and storage medium
US7681032B2 (en) * 2001-03-12 2010-03-16 Portauthority Technologies Inc. System and method for monitoring unauthorized transport of digital content
US7356689B2 (en) * 2001-07-09 2008-04-08 Lucent Technologies Inc. Method and apparatus for tracing packets in a communications network
TW576061B (en) * 2001-08-13 2004-02-11 Via Tech Inc Device and method for load balancing of packet switching
EP1433066B1 (en) * 2001-09-14 2010-08-11 Nokia Inc. Device and method for packet forwarding
US6851062B2 (en) * 2001-09-27 2005-02-01 International Business Machines Corporation System and method for managing denial of service attacks
JP3864743B2 (en) * 2001-10-04 2007-01-10 株式会社日立製作所 Firewall device, information device, and information device communication method
US7719980B2 (en) * 2002-02-19 2010-05-18 Broadcom Corporation Method and apparatus for flexible frame processing and classification engine
US7254603B2 (en) * 2002-05-03 2007-08-07 Sonics, Inc. On-chip inter-network performance optimization using configurable performance parameters
US7194566B2 (en) 2002-05-03 2007-03-20 Sonics, Inc. Communication system and method with configurable posting points
US7356633B2 (en) 2002-05-03 2008-04-08 Sonics, Inc. Composing on-chip interconnects with configurable interfaces
FR2846171B1 (en) * 2002-10-21 2005-03-04 France Telecom CAPTURE OF DATA ON A COMPUTER LINK WITH SAMPLING
US7603441B2 (en) 2002-12-27 2009-10-13 Sonics, Inc. Method and apparatus for automatic configuration of multiple on-chip interconnects
US8239942B2 (en) * 2002-12-30 2012-08-07 Cisco Technology, Inc. Parallel intrusion detection sensors with load balancing for high speed networks
BR0318136A (en) * 2003-02-25 2006-02-07 Siemens Ag Separation process of specific group-conjugable ip packets and specific ip-packet
US7970006B1 (en) * 2003-03-10 2011-06-28 Ciena Corporation Dynamic configuration for a modular interconnect
JP3758661B2 (en) * 2003-11-17 2006-03-22 株式会社インテリジェントウェイブ Fraud monitoring program, fraud monitoring method and fraud monitoring system
US8291448B2 (en) 2004-09-15 2012-10-16 Nokia Corporation Providing zapping streams to broadcast receivers
WO2006042424A1 (en) * 2004-10-19 2006-04-27 Eidgenössische Technische Hochschule Zürich Distributed internet traffic control system
US8320242B2 (en) 2004-12-24 2012-11-27 Net Optics, Inc. Active response communications network tap
US7760859B2 (en) * 2005-03-07 2010-07-20 Net Optics, Inc. Intelligent communications network tap port aggregator
JP2008537267A (en) 2005-04-18 2008-09-11 ザ トラスティーズ オブ コロンビア ユニヴァーシティ イン ザ シティ オブ ニューヨーク System and method for detecting and deterring attacks using honeypots
US7930748B1 (en) 2005-12-29 2011-04-19 At&T Intellectual Property Ii, L.P. Method and apparatus for detecting scans in real-time
US8763103B2 (en) 2006-04-21 2014-06-24 The Trustees Of Columbia University In The City Of New York Systems and methods for inhibiting attacks on applications
US8205252B2 (en) * 2006-07-28 2012-06-19 Microsoft Corporation Network accountability among autonomous systems
US7822027B2 (en) * 2006-10-05 2010-10-26 Cisco Technology, Inc. Network routing to the socket
US7974286B2 (en) * 2006-12-04 2011-07-05 International Business Machines Corporation Reduced redundant security screening
US7779143B2 (en) * 2007-06-28 2010-08-17 Alcatel-Lucent Usa Inc. Scalable methods for detecting significant traffic patterns in a data network
US7903576B2 (en) 2007-08-07 2011-03-08 Net Optics, Inc. Methods and arrangement for utilization rate display
US8094576B2 (en) * 2007-08-07 2012-01-10 Net Optic, Inc. Integrated switch tap arrangement with visual display arrangement and methods thereof
US7898984B2 (en) 2007-08-07 2011-03-01 Net Optics, Inc. Enhanced communication network tap port aggregator arrangement and methods thereof
US7773529B2 (en) * 2007-12-27 2010-08-10 Net Optic, Inc. Director device and methods thereof
US20110145572A1 (en) * 2009-12-15 2011-06-16 Christensen Kenneth J Apparatus and method for protecting packet-switched networks from unauthorized traffic
US9306959B2 (en) 2010-02-26 2016-04-05 Ixia Dual bypass module and methods thereof
US9813448B2 (en) 2010-02-26 2017-11-07 Ixia Secured network arrangement and methods thereof
US9749261B2 (en) 2010-02-28 2017-08-29 Ixia Arrangements and methods for minimizing delay in high-speed taps
US8755293B2 (en) * 2010-02-28 2014-06-17 Net Optics, Inc. Time machine device and methods thereof
US8902735B2 (en) 2010-02-28 2014-12-02 Net Optics, Inc. Gigabits zero-delay tap and methods thereof
FR2992445B1 (en) * 2012-06-22 2014-07-04 Snecma METHOD FOR SYNCHRONIZING ALGORITHM DATA OF ASYNCHRONOUS AIRCRAFT COMPUTERS
WO2014108173A1 (en) * 2013-01-08 2014-07-17 Telefonaktiebolaget L M Ericsson (Publ) Distributed traffic inspection in a telecommunications network
US9998213B2 (en) 2016-07-29 2018-06-12 Keysight Technologies Singapore (Holdings) Pte. Ltd. Network tap with battery-assisted and programmable failover
US10050937B1 (en) * 2016-12-29 2018-08-14 Juniper Networks, Inc. Reducing impact of network attacks in access networks
US11228431B2 (en) * 2019-09-20 2022-01-18 General Electric Company Communication systems and methods for authenticating data packets within network flow
US11418491B2 (en) * 2020-02-26 2022-08-16 Cisco Technology, Inc. Dynamic firewall discovery on a service plane in a SDWAN architecture
CN113595957B (en) * 2020-04-30 2022-11-08 华为技术有限公司 Network defense method and security detection equipment

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4621359A (en) 1984-10-18 1986-11-04 Hughes Aircraft Company Load balancing for packet switching nodes
US5455865A (en) * 1989-05-09 1995-10-03 Digital Equipment Corporation Robust packet routing over a distributed network containing malicious failures
US5495426A (en) * 1994-01-26 1996-02-27 Waclawsky; John G. Inband directed routing for load balancing and load distribution in a data communication network
US5511122A (en) 1994-06-03 1996-04-23 The United States Of America As Represented By The Secretary Of The Navy Intermediate network authentication
NZ306846A (en) 1995-06-05 2000-01-28 Certco Llc Digital signing method using partial signatures
US5680461A (en) 1995-10-26 1997-10-21 Sun Microsystems, Inc. Secure network protocol system and method
JP3688830B2 (en) * 1995-11-30 2005-08-31 株式会社東芝 Packet transfer method and packet processing apparatus
JPH09252323A (en) * 1996-01-11 1997-09-22 Sony Corp Communication system and communication equipment
US5892754A (en) * 1996-06-07 1999-04-06 International Business Machines Corporation User controlled adaptive flow control for packet networks
US6173364B1 (en) * 1997-01-15 2001-01-09 At&T Corp. Session cache and rule caching method for a dynamic filter
US6229806B1 (en) * 1997-12-30 2001-05-08 Motorola, Inc. Authentication in a packet data system
US6111877A (en) * 1997-12-31 2000-08-29 Cisco Technology, Inc. Load sharing across flows
JP3966598B2 (en) * 1998-03-04 2007-08-29 富士通株式会社 Server selection system
US6055236A (en) * 1998-03-05 2000-04-25 3Com Corporation Method and system for locating network services with distributed network address translation

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9143518B2 (en) 2005-08-18 2015-09-22 The Trustees Of Columbia University In The City Of New York Systems, methods, and media protecting a digital data processing device from attack
US9544322B2 (en) 2005-08-18 2017-01-10 The Trustees Of Columbia University In The City Of New York Systems, methods, and media protecting a digital data processing device from attack
US9495541B2 (en) 2011-09-15 2016-11-15 The Trustees Of Columbia University In The City Of New York Detecting return-oriented programming payloads by evaluating data for a gadget address space address and determining whether operations associated with instructions beginning at the address indicate a return-oriented programming payload

Also Published As

Publication number Publication date
AU4073899A (en) 1999-12-20
US6658565B1 (en) 2003-12-02
WO1999063727A1 (en) 1999-12-09

Similar Documents

Publication Publication Date Title
WO1999063727B1 (en) Distributed filtering and monitoring system for a computer internetwork
CN109565500B (en) On-demand security architecture
US7146421B2 (en) Handling state information in a network element cluster
US11652798B2 (en) Dynamic, user-configurable virtual private network
US6687222B1 (en) Backup service managers for providing reliable network services in a distributed environment
Diguet et al. NOC-centric security of reconfigurable SoC
JP3568850B2 (en) How the data packet filter works
Bates et al. Detecting co-residency with active traffic analysis techniques
US6754214B1 (en) Communication network having packetized security codes and a system for detecting security breach locations within the network
Bays et al. Virtual network security: threats, countermeasures, and challenges
US7886145B2 (en) Method and system for including security information with a packet
US20140153435A1 (en) Tiered deep packet inspection in network devices
US20010014912A1 (en) Distributed security system for a communication network
US20090028045A1 (en) System and method for traffic load balancing to multiple processors
US8713628B2 (en) Method and system for providing cloud based network security services
IL161112A (en) Method and apparatus for implementing a layer 3/layer 7 firewall in an l2 device
EP0743777A3 (en) System for packet filtering of data packets at a computer network interface
US20070168452A1 (en) Method of processing data, a network analyser card, a host and an intrusion detection system
EP1540921B1 (en) Method and apparatus for inspecting inter-layer address binding protocols
CN111865806B (en) Prefix-based fat flows
US10841840B2 (en) Processing packets in a computer system
JP2003505934A (en) Secure network switch
KR20090006632A (en) Virtual firewall system and the control method for using based on commonness security policy
Gold et al. A virtualized link layer with support for indirection
DE60207515D1 (en) Method for increasing the throughput of data in a gateway, and routers

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AU BA BB BG BR CA CN CU CZ EE GD GE HR HU ID IL IN IS JP KP KR LC LK LR LT LV MG MK MN MX NO NZ PL RO SG SI SK SL TR TT UA UZ VN YU

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: B1

Designated state(s): AL AU BA BB BG BR CA CN CU CZ EE GD GE HR HU ID IL IN IS JP KP KR LC LK LR LT LV MG MK MN MX NO NZ PL RO SG SI SK SL TR TT UA UZ VN YU

AL Designated countries for regional patents

Kind code of ref document: B1

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase