Abstract: A Random Early Detection (RED) policer in accordance with the invention does not tail-drop arriving packets as being non-conforming. For instance, because the RED policer uses a running estimate such as an exponential weighted moving average (EWMA), for example, it allows the policer to absorb traffic bursts. The policer uses randomization in choosing which packets to drop; with this method, the probability of dropping a packet from a particular sending node is roughly proportional to the node's bandwidth share, hence the packets of different flows are fairly dropped.

Abstract: A method detects a change in TCP receive window size while preventing fragmentation of data. A TCP stack receives a segment that advertises a receive window size of zero. If data needs to be sent, and only if so, a timer is started. When the timer expires, a TCP segment that contains a first sequence number value equal to second sequence number representing sent but unacknowledged data minus one, and a segment length value of zero, is sent. Without sending a fragment of data, this triggers a peer TCP process to send an updated window size. A TCP ACK segment is received and contains an updated receive window size. If the updated receive window size is greater than a specified value, then the data is sent. Otherwise, a counter is incremented, and the steps are re-performed if the counter is less than a specified value.

Abstract: A system and method supporting synchronization of replicated transport layer connections in a redundant processor telecommunications network element. One method involves receiving, at a network element comprising an active transport protocol process coupled to a standby transport protocol process, information identifying a newly created transport layer connection maintained at the active transport protocol process; assigning a unique connection identifier to the transport layer connection; sending the unique connection identifier, in association with other, protocol-specific connection identifying information, to the standby protocol process; and sending, to the standby transport protocol process, one or more messages comprising one or more properties or statistics associated with the transport layer connection, wherein the messages identify the transport layer connection using the unique connection identifier.

Abstract: A system and method supporting efficient, scalable stateful switchover of transport layer connections in a telecommunications network element. One method involves receiving, at a network element comprising an active transport protocol process coupled to a standby protocol process, a request to configure a first transport layer connection maintained at the active transport protocol process for stateful switchover; receiving an event associated with the first transport layer connection; creating a message containing replicated event information based on the received event; sending the message to the standby transport protocol process; and processing the message at the standby transport protocol process, wherein the standby transport protocol process replicates state information for the first connection.

Abstract: A method is disclosed for upgrading network protocol software, comprising receiving a new version of Border Gateway Protocol (BGP) software on a standby route processor that is coupled to an active route processor in a redundant arrangement; transferring, from the active route processor to the standby route processor, one or more transport protocol connections that are associated with one or more active BGP sessions of the active route processor; transferring, from the active route processor to the standby route processor, BGP session information representing the active BGP sessions; progressively shutting down an active BGP process of the active route processor; and switching control of BGP data processing to the standby route processor. The route processors may be placed in a stateful switchover mode of operation temporarily only during the transferring, shutting down, and switching. Thus a hitless BGP upgrade approach is provided.

Abstract: Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, mechanisms, and means for withdrawing routes based on a query defined in a withdraw message. One or more route update messages identifying multiple routes with associated attributes and Type-Length-Value (TLV) values are received, and a routing database is updated to include the routes and their associated attributes and TLVs. A particular message associated with a route withdraw operation is received, with the particular message including an indication of at least two specified values and an operator, with each of the specified values being an attribute or a TLV. One or more routes are withdrawn from the routing database matching a query defined based on the specified values and the operator. In one embodiment, each of said attributes is a Border Gateway Protocol attribute. One embodiment includes sending a message including an advertisement of supporting MP_AGGREGATE_WITHDRAW capability.

Abstract: Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms, for scheduling items in a system, such as, but not limited to a computer or communications system. For example, in one implementation, each of the items in a set of items has an associated deficit and mini-deficit. A next particular item is selected from the set of items currently having enough deficit to process the particular item. One or more entities associated with the particular item is processed a commensurate amount corresponding to the mini-deficit associated with the particular item. This processing is repeatedly performed until there are no more entities associated with the particular item or until the deficit associated with the particular item does not allow any further processing at the current time.

Abstract: A method for detecting unavailable network connections comprises, at a first data processing node that is hosting a transport protocol connection that uses a plurality of sequence values to identify messages sent to a peer node, wherein the first node is communicatively coupled to a second data processing node serving as a redundant backup, periodically sending a checkpoint sequence value to the second node; detecting that either the transport protocol connection or a process using the transport protocol connection is unavailable, without use of a timeout; and in response thereto, sending a notification to the peer node, wherein the notification includes the checkpoint sequence value. One embodiment provides for rapidly detecting and responding to failure of a TCP process without using long timeouts as conventionally provided in long-lived applications that run on top of TCP.

Abstract: Methods and apparatus are disclosed for scheduling items (e.g., packets, processes, etc.) in a system, such as, but not limited to a computer or communications system (e.g., router, switch, etc.) In one implementation, multiple sets of items requiring processing to be performed are maintained. A current set of the multiple sets of items is identified. Each of the items in the current set is processed. In one implementation, this processing includes identifying a particular item in the current set, adding a quantum to a deficit of the particular item, processing an entity corresponding to the particular item, decreasing the deficit of the particular item by a value, determining if the deficit allows the particular item to be further processed, and moving the particular item from the current set to another of the multiple sets of items after said determining if deficit allows the particular item to be further processed.

Abstract: A method for improving resistance of network protocols running on transmission control protocol (TCP), such as BGP. For example, a method comprises receiving, from a TCP application, a request to ignore all TCP segments with an RST bit set, except for solicited RST segments; establishing a filter that blocks all but solicited TCP RST segments; receiving a TCP segment with a SYN bit set and a sequence number value within an allowed window for a TCP connection matching the received segment, and for a session of the TCP application; re-configuring the filter to allow TCP RST segments for the connection associated with the received segment; requesting the TCP application to initiate an event that will induce a legitimate sender of the received segment to send a valid TCP RST segment in response; and closing the connection only when a TCP RST segment is received in response.

Abstract: A system and method for performing stateful switchover with reduced data, such as only metadata about a TCP window state. The metadata comprises a size of TCP packets used to send BGP messages, and which of those have been acknowledged by a neighbor networking device. The networking device comprises a BGP module to establish a BGP session between the networking device and a neighbor networking device. An active transport module within the networking device synchronizes with a standby transport module within the networking device by sending the metadata. A fault detector within the networking device initiates a stateful switchover from the active transport module to the standby transport module responsive to detecting a failure of a process and/or processor. The standby transport module uses the metadata to determine stateful metadata for preserving current BGP and TCP sessions of the networking device with dummy TCP packets having the same size ad sent TCP packets and containing safe BGP message data.

Abstract: A method is disclosed for rapidly detecting a protocol failure. In one embodiment, the method includes receiving an indication that a first process has failed. The first process having been engaged in communications over one or more network connections with a second process. A packet is formed, such that the packet appears to have been formed by the first process. The packet includes one or more data values, which, when received and processed by the second process, will cause the second process to close the network connection. The packet is sent to the second process. When the second process receives the packet, the second process to closes the network connection.

Abstract: Methods and apparatus for efficiently enabling routing states to be recovered after a failover or during a software upgrade in a system which supports graceful restart and stateful switchover are disclosed. According to one aspect of the present invention, a method for restarting a network device which has a plurality of routers and is in communication with a first peer being arranged to support graceful restart and a second peer includes performing a graceful restart with respect to the first peer. A peer transparent failover is performed with respect to the second peer. The graceful restart and the peer transparent failover are performed in response to a failure associated with the network device.

Abstract: A method of monitoring congestion within a data path having a queuing node located therein and a plurality of downstream nodes positioned downstream of the queuing node. The method includes monitoring congestion at the plurality of downstream nodes and setting a congestion notification flag by one of the downstream nodes when the node is congested. The transmission of data packets from the queuing node is stopped and packets received at the queuing node are queued when the flag is set. The method further includes transmitting packets from the queuing node when the congestion notification flag is cleared. A system for monitoring congestion on a data path is also disclosed.

Abstract: Methods and apparatus are disclosed for scheduling items (e.g., packets, processes, etc.) in a system, such as, but not limited to a computer or communications system (e.g., router, switch, etc.) In one implementation, multiple sets of items requiring processing to be performed are maintained. A current set of the multiple sets of items is identified. Each of the items in the current set is processed. In one implementation, this processing includes identifying a particular item in the current set, adding a quantum to a deficit of the particular item, processing an entity corresponding to the particular item, decreasing the deficit of the particular item by a value, determining if the deficit allows the particular item to be further processed, and moving the particular item from the current set to another of the multiple sets of items after said determining if deficit allows the particular item to be further processed.