Method and apparatus for limiting session number

A technology for restricting groups and establishing sessions, applied in the field of communications, and can solve the problems of occupying sessions, occupying session resources, and loss, etc.

Active Publication Date: 2010-12-15
北京华三通信技术有限公司
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, in actual operation, users may use some uncontrollable applications that occupy a large number of sessions, such as peer-to-peer (P2P) applications, which are highly flexible and intelligent It can quickly and continuously try to establish new connections and choose more and better connections, thus occupying a lot of session resources. Once the upper limit of user sessions is reached, the user can no longer use other network services
It can be seen that the right to use other applications may be lost due to an accidental click on a P2P application, which is unacceptable to users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for limiting session number
  • Method and apparatus for limiting session number
  • Method and apparatus for limiting session number

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] (1) To configure the maximum number of sessions and counters for various types of applications, each type of application corresponds to a restriction group, then multiple restriction groups can form a session restriction configuration table.

[0036] Refer to Table 1, which is a typical example of a session restriction configuration table formed by setting ACL with "protocol type, destination IP and destination port".

[0037] Table 1

[0038]

[0039] Among them, each restriction group number represents a restriction group, that is, an application. Each restriction group can contain one ACL, such as restriction group 1; it can also contain multiple ACLs, such as restriction group 2, which consists of "protocol type: TCP, destination port: 80" and "protocol type: TCP, destination port" : 443" composed of two ACLs. Assuming that the ACL included in the restriction group 2 represents the HTTP protocol, that is, only the data flow that meets the above conditions (the ...

Embodiment 2

[0081] On the basis of the first embodiment, this embodiment adds the implementation of the deletion of the session.

[0082] There are two situations in which the session needs to be deleted. One is that the user actively requests deletion, for example, the session is deleted after receiving a TCP deletion control packet; the other is that the NAT session table is aging, and then the session needs to be deleted.

[0083] Among them, the NAT session table mentioned above is generally referred to in the art as a session table. It is used to record the NAT transformation relationship of a data stream, and establishes a forward and reverse session record, as long as it conforms to the forward and reverse of the session Address translation is performed in a uniform manner to the data stream. Usually, the NAT session table uses the pre-translation IP quintuple as an index (key), and uses the translated IP quintuple as the result.

[0084] Based on the understanding of the NAT sess...

Embodiment 3

[0118] The above-mentioned first and second embodiments both limit the number of sessions for a single user, and this embodiment limits the number of sessions for a virtual private network (Virual Private Network, VPN) that supports multiple instances.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method includes following steps: the method collocates multiple restriction groups, and each restriction group contains one or more access control list as well as the method sets up counter and maximal value of session number; receiving and parsing request for building session, and carrying out matching between requests and restriction groups; determining whether value of the counter for counting matched number between requests and restriction groups is smaller than or equal to maximal value of session number; if yes, establishing session, and increasing value of the counter; otherwise, prohibiting establishing session. The invention can effectively prevent the issue that other applications are unable to carry out caused by a sort of application uses a great number of session. The invention also provides a device for restricting number of session.

Description

technical field [0001] The present invention relates to the field of communication technologies, and in particular, to a method and device for limiting the number of sessions. Background technique [0002] For routers, network address translation devices (Network Address Translation, NAT), and firewall devices, the number of sessions is an important performance indicator. [0003] Taking NAT as an example, it is based on address and port translation, so that one IP address can be shared by multiple users at the same time, thus improving the address utilization rate. NAT is based on Layer 4 ports, and is usually converted in the form of sessions of Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). Therefore, the number of sessions that NAT can support is an important indicator in NAT. It is difficult for a single user to consume all the egress bandwidth of the NAT, but it is easy to consume all the session resources of the NAT, so that other users cannot a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/02
Inventor 卢胜文
Owner 北京华三通信技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap