Method and apparatus for traffic probing
US-2024430168-A1 · Dec 26, 2024 · US
Technologies for filtering network packets on ingress
US10554513B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10554513-B2 |
| Application number | US-201816024772-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 30, 2018 |
| Priority date | Jun 30, 2018 |
| Publication date | Feb 4, 2020 |
| Grant date | Feb 4, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Technologies for filtering network packets on ingress include a network interface controller (NIC) to retrieve classification filters based on packet classification identifying information of a network packet received by the NIC, wherein each of the classification filters is usable to identify rules for identifying any operations to be performed on at least a portion of the received network packet. The NIC is further configured to compare the first classification filter to the packet classification identifying information to determine whether the determined packet classification identifying information meets criteria of the first classification filter. Additionally, the NIC is configured to associate a classification filter identifier of the first classification filter with the received network packet and send the received network packet and the classification filter identifier of the first classification filter to a processor of an apparatus associated with the NIC. Other embodiments are described herein.
First claim
Opening claim text (preview).
The invention claimed is: 1. A network interface controller (NIC) for filtering network packets on ingress, the NIC comprising: classification filter comparator circuitry to: determine packet classification identifying information of a network packet received by the NIC, retrieve a plurality of classification filters, wherein each of the plurality of classification filters includes one or more criterion, and wherein each of the plurality of classification filters is associated with a classification filter identifier usable to identify rules for the determination of one or more operations that are to be performed on at least a portion of the received network packet, and compare the one or more criterion of a first classification filter to the determined packet classification identifying information to determine whether the determined packet classification identifying information meets the one or more criterion of the first classification filter; and classification filter identifier insertion circuitry to associate, in response to a determination that the comparison indicated that the determined packet classification identifying information meets the one or more criterion of the first classification filter, a classification filter identifier of the first classification filter with the received network packet. 2. The NIC of claim 1 , wherein the NIC further includes host interface management circuitry to send the received network packet and the classification filter identifier of the first classification filter to a processor of an apparatus associated with the NIC. 3. The NIC of claim 1 , wherein to associate the classification filter identifier of the first classification filter with the received network packet comprises to insert the classification filter identifier of the first classification filter into a descriptor associated with the received network packet. 4. The NIC of claim 1 , wherein to associate the classification filter identifier of the first classification filter with the received network packet comprises to insert the classification filter identifier at an offset in a payload of the received network packet, and wherein the classification filter is usable by an interpreting component to identify the rules and bypass inspection of the received network packet. 5. The NIC of claim 1 , wherein to determine the packet classification identifying information comprises to determine the packet classification identifying information based on at least a portion of the data of the received network packet. 6. The NIC of claim 1 , wherein to determine the packet classification identifying information comprises to determine the packet classification identifying information based on at least one characteristic of the received network packet. 7. The NIC of claim 6 , wherein the at least one characteristic of the received network packet includes an encrypted state of the received network packet, a protocol associated with the received network packet, a source of the received network packet, and a destination of the received network packet. 8. The NIC of claim 1 , wherein the classification filter comparator circuitry is further to compare one or more criterion of a second classification filter to the determined packet classification identifying information to determine whether the determined packet classification identifying information meets the one or more criterion of the second classification filter, and wherein the classification filter identifier insertion circuitry is further to associate, in response to a determination that the comparison indicated that the determined packet classification identifying information meets the one or more criterion of the second classification filter, a classification filter identifier of the second classification filter with the received network packet. 9. The NIC of claim 1 , wherein the classification filter comparator circuitry is further to: compare one or more criterion of a second classification filter to the determined packet classification identifying information to determine whether the determined packet classification identifying information meets the one or more criterion of the second classification filter, and determine, in response to a determination that the comparison indicated that the determined packet classification identifying information meets the one or more criterion of the second classification filter, a priority level of the first classification filter and a priority level of the second classification filter; and wherein the classification filter identifier insertion circuitry is further to associate, in response to a determination that the priority level of the second classification filter is higher than the priority level of the first classification filter, a classification filter identifier of the second classification filter with the received network packet, and wherein to associate the classification filter identifier of the second classification filter with the received network packet comprises to replace the classification filter identifier of the first classification filter with the classification filter identifier of the second classification filter. 10. The NIC of claim 1 , wherein to associate the classification filter identifier of the first classification filter with the received network packet comprises to insert the classification filter identifier into a field in a header of the received network packet. 11. One or more non-transitory, machine-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, cause a network interface controller (NIC) to: determine packet classification identifying information of a network packet received by the NIC; retrieve a plurality of classification filters, wherein each of the plurality of classification filters includes one or more criterion, and wherein each of the plurality of classification filters is associated with a classification filter identifier usable to identify rules for the determination of one or more operations that are to be performed on at least a portion of the received network packet; compare the one or more criterion of a first classification filter to the determined packet classification identifying information to determine whether the determined packet classification identifying information meets the one or more criterion of the first classification filter; and associate, in response to a determination that the comparison indicated that the determined packet classification identifying information meets the one or more criterion of the first classification filter, a classification filter identifier of the first classification filter with the received network packet. 12. The one or more non-transitory, machine-readable storage media of claim 11 , wherein the plurality of instructions further cause the NIC to send the received network packet and the classification filter identifier of the first classification filter to a processor of an apparatus associated with the NIC. 13. The one or more non-transitory, machine-readable storage media of claim 11 , wherein to associate the classification filter identifier of the first classification filter with the received network packet comprises to insert the classification filter identifier of the first classification filter into a descriptor associated with the received network packet. 14. The one or more non-transitory, machine-readable storage media of claim 11 , wherein to associate the classification filter identifier of the first classification filter with the received network packet comprises to insert the class
Assignees
Inventors
Classifications
Virtual switches · CPC title
Parsing or analysis of headers · CPC title
- H04L43/028Primary
by filtering · CPC title
relying on flow classification, e.g. using integrated services [IntServ] · CPC title
the monitoring system or the monitored elements being virtualised, abstracted or software-defined entities, e.g. SDN or NFV · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10554513B2 cover?
- Technologies for filtering network packets on ingress include a network interface controller (NIC) to retrieve classification filters based on packet classification identifying information of a network packet received by the NIC, wherein each of the classification filters is usable to identify rules for identifying any operations to be performed on at least a portion of the received network pac…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L43/028. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 04 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).