Method and apparatus for limiting session number

A technology for restricting groups and establishing sessions, which is applied in the field of communication and can solve problems such as occupying session resources, occupying the number of sessions, and being difficult to control

Active Publication Date: 2007-12-05
北京华三通信技术有限公司
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

In this new technology, there are two ways that users have more connections than usual when they use these apps on their devices. One way is for them to limit how much data it uses while another means to prevent others from accessing important resources like memory space. Another option involves reducing the impacts caused by malware such as worms.

Problems solved by technology

The technical problem addressed in this patented technology relates to increasing the usability of networks with limited numbers of conversations without overloading their capabilities. Existing solutions like Network Address Port translators have limitations because they cannot handle many types of non controllables applications while still supporting high usage rates.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for limiting session number
  • Method and apparatus for limiting session number
  • Method and apparatus for limiting session number

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] (1) To configure the maximum number of sessions and counters for various applications, each type of application corresponds to a restriction group, then multiple restriction groups can form a session restriction configuration table.

[0036] See Table 1, which is a typical example of the session restriction configuration table formed by setting the ACL by using "protocol type, destination IP and destination port".

[0037] Table 1

[0038] Restricted group number

[0039] Wherein, each restriction group number represents a restriction group, that is, an application. Each restriction group can contain one ACL, such as restriction group 1; it can also contain multiple ACLs, for example, restriction group 2, which consists of "protocol type: TCP, destination port: 80" and "protocol type: TCP, destination port : 443" consists of two ACLs. Assume that the ACL contained in the restriction group 2 represents the HTTP protocol, that is, only the data flows that meet th

Embodiment 2

[0081] In this embodiment, on the basis of the first embodiment, the implementation of deleting a session is added.

[0082] There are two situations where a session needs to be deleted. One is that the user actively requests deletion, for example, the session is deleted after receiving a TCP delete control packet; the other is that the NAT session table is aging, and then the session needs to be deleted.

[0083] Wherein, the NAT session table mentioned above is a session table generally referred to in the art, and it is for recording the NAT transformation relationship of a data flow, and establishes a positive and negative session record in both directions, as long as it meets the positive and negative of the session Address translation is performed in a unified manner to the data stream. Usually, the NAT session table uses the IP quintuple before conversion as an index (key), and uses the IP quintuple after conversion as a result.

[0084] On the basis of understanding the N

Embodiment 3

[0118] The first and second embodiments mentioned above limit the number of sessions for a single user, but this embodiment limits the number of sessions for a virtual private network (Virtual Private Network, VPN) that supports multiple instances.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method includes following steps: the method collocates multiple restriction groups, and each restriction group contains one or more access control list as well as the method sets up counter and maximal value of session number; receiving and parsing request for building session, and carrying out matching between requests and restriction groups; determining whether value of the counter for counting matched number between requests and restriction groups is smaller than or equal to maximal value of session number; if yes, establishing session, and increasing value of the counter; otherwise, prohibiting establishing session. The invention can effectively prevent the issue that other applications are unable to carry out caused by a sort of application uses a great number of session. The invention also provides a device for restricting number of session.

Description

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Owner 北京华三通信技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap