| 发明名称 |
Rule Lookup Using Predictive Tuples Based Rule Lookup Cache in the Data Plane |
| 摘要 |
This disclosure describes an approach to handle packets that arrive at a network security device, such as a router. At a data plane of the security device, packet identifiers included in an incoming packet not currently belonging to an IP session of the device are compared to packet identifiers stored in a table stored in a memory of the security device. The incoming packet identifiers includes a source IP, a destination IP, a protocol, a destination port, and a source port while the identifiers stored in the table do not include the source port. A new session is established for the incoming packet in response to the set of packet identifiers matching one of the entries in the table. |
| 申请公布号 |
US2017093914(A1) |
申请公布日期 |
2017.03.30 |
| 申请号 |
US201514865674 |
申请日期 |
2015.09.25 |
| 申请人 |
Freescale Semiconductor, Inc. |
发明人 |
Venkataramanan Subhashini A.;Addepalli Srinivasa R. |
| 分类号 |
H04L29/06;H04L29/08;G06F17/30 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of establishing network sessions by a network security device, the method comprising:
comparing, at a data plane of the security device, a set of packet identifiers included in an incoming packet with a plurality of sets of identifiers stored in a table stored in a memory of the security device, wherein each of the plurality of sets of identifiers corresponds to an entry in the table, and wherein the incoming packet does not belong to an existing session currently being handled by the security device; and establishing a new session corresponding to the incoming packet in response to the set of packet identifiers matching one of the entries in the table. |
| 地址 |
Austin TX US |
