Congestion avoidance and control
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Scheduling TCP in the Nemesis Operating System
PfHSN '99 Proceedings of the IFIP TC6 WG6.1 & WG6.4 / IEEE ComSoc TC on on Gigabit Networking Sixth International Workshop on Protocols for High Speed Networks VI
Analysis of a Denial of Service Attack on TCP
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
QoS's downfall: at the bottom, or not at all!
RIPQoS '03 Proceedings of the ACM SIGCOMM workshop on Revisiting IP QoS: What have we learned, why do we care?
Deployment experience with differentiated services
RIPQoS '03 Proceedings of the ACM SIGCOMM workshop on Revisiting IP QoS: What have we learned, why do we care?
Solaris Internals (2nd Edition)
Solaris Internals (2nd Edition)
Stateful DDoS attacks and targeted filtering
Journal of Network and Computer Applications
An autonomic network-aware scheduling architecture for grid computing
Proceedings of the 5th international workshop on Middleware for grid computing: held at the ACM/IFIP/USENIX 8th International Middleware Conference
Crossbow: from hardware virtualized NICs to virtualized networks
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
End-to-end quality of service for high-end applications
Computer Communications
Crossbow: from hardware virtualized NICs to virtualized networks
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Crossbow virtual wire: network in a box
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Hi-index | 0.00 |
This paper describes a new architecture which addresses Quality of Service (QoS) by creating unique flows for applications, services, or subnets. A flow is a dedicated and independent path from the NIC hardware to the socket layer in which the QoS layer is integrated into the protocol stack instead of being implemented as a separate layer. Each flow has dedicated hardware and software resources allowing applications to meet their specified quality of service within the host. The architecture efficiently copes with Distributed Denial of Service (DDoS) attacks by creating zero or limited band-width flows for the attacking traffic. The unwanted packets can be dropped by the NIC hardware itself at no cost. A collection of flows on more than one host can be assigned the same Differentiated Services Code Point (DSCP) label which forms a path dedicated to a service across the enterprise network and enables end-to-end QoS within the data center.