US20110113134A1 - Server Access Processing System - Google Patents

Server Access Processing System Download PDF

Info

Publication number
US20110113134A1
US20110113134A1 US12/614,511 US61451109A US2011113134A1 US 20110113134 A1 US20110113134 A1 US 20110113134A1 US 61451109 A US61451109 A US 61451109A US 2011113134 A1 US2011113134 A1 US 2011113134A1
Authority
US
United States
Prior art keywords
server
client device
time period
set forth
zwps
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/614,511
Inventor
Adekunle Bello
Radhika Chirra
Nikhil Hegde
Aruna Yedavilli
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to US12/614,511 priority Critical patent/US20110113134A1/en
Assigned to INTERNATIONAL BUSINESS MACHINES CORPORATION reassignment INTERNATIONAL BUSINESS MACHINES CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BELLO, ADEKUNLE, CHIRRA, RADHIKA, HEGDE, NIKHIL, YEDAVILLI, ARUNA
Publication of US20110113134A1 publication Critical patent/US20110113134A1/en
Priority to US13/459,160 priority patent/US9516142B2/en
Priority to US15/331,330 priority patent/US9866636B2/en
Priority to US15/811,719 priority patent/US10432725B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/19Flow control; Congestion control at layers above the network layer
    • H04L47/193Flow control; Congestion control at layers above the network layer at the transport layer, e.g. TCP related
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/27Evaluation or update of window size, e.g. using information derived from acknowledged [ACK] packets
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/822Collecting or measuring resource availability data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/143Termination or inactivation of sessions, e.g. event-controlled end of session
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/163In-band adaptation of TCP data exchange; In-band control procedures

Definitions

  • the present invention relates generally to information processing systems and more particularly to a methodology and implementation for enabling an improved processing system for accessing servers.
  • NFS Network File System
  • An NFS server provides file system services to thousands of clients, typically running different operating systems. Since NFS configurations are star-based i.e., one server having multiple clients, one client overloading the server can cause serious degradation in file system access times for the other clients.
  • NFS is typically transmission control protocol (TCP) based, and uses sockets for server-client connection.
  • TCP transmission control protocol
  • NFS servers also have a limit on the number of concurrent threads that can service client requests. If one client is running an application that is unable to read from its end of the socket in a timely manner, the TCP stack on the client system might reach a point where it needs to send back TCP zero-window responses to the server. If this client has several requests to the server in this state, then the NFS server might not be able to service new client requests. The result of this is denial of file system access to the rest of the clients.
  • TCP transmission control protocol
  • a method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server.
  • an NFS server is configured to listen on a designated server port.
  • the server runs a separate daemon which “watches” client requests as they are received at the NFS server.
  • the server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. This information is maintained, for example, in a table.
  • the NFS server is enabled to do any one of several actions using the information, including, resetting the connection to the client with an appropriate response code.
  • a routine is called in the NFS server to stop responding to that client using a backoff algorithm.
  • the algorithm causes the NFS server to NOT respond to the next request (blackout time) for the next N seconds. If more zero-window requests are received, the blackout time increases by predetermined amounts, for example, to 2*N, 4*N, 8*N and so on until a user-defined limit is reached.
  • the server access process is enabled to start terminating connections to the clients starting from the ones with the oldest entry in the table.
  • FIG. 1 is an illustration of one embodiment of a system in which the present invention may be implemented
  • FIG. 2 is a block diagram showing several of the major components of an exemplary computer system or device using the present invention
  • FIG. 3 is a flow chart illustrating an exemplary sequence of operations which may be implemented in accordance with the present invention.
  • FIG. 4 is another flow chart illustrating an exemplary sequence of operations which may be implemented in accordance with the present invention.
  • FIG. 5 is another flow chart illustrating an exemplary sequence of operations which may be implemented in accordance with the present invention.
  • the present disclosure defines a method that will prevent the NFS server from denying access to a large number of clients due to a large number of concurrent requests from one or more clients that are not reading their data in a timely manner.
  • the disclosed methodology is also applicable to a case where the client is running an application that is intentionally attempting to freeze NFS services by not reading from its end of the socket connections.
  • the NFS server listens on a designated server port 2049 .
  • the server will run a separate daemon which will “watch” client requests as they are received at the NFS server. Specifically, the process will keep track of the number of times a client sends consecutive TCP zero window packets (ZWPs) in response to a data packet from the server.
  • ZWPs TCP zero window packets
  • a ZWP is a flow control mechanism that a TCP client uses to inform the server that it is not quite ready to receive more packets as it is still processing the earlier packets.
  • a ZWP is an indication, for example, that a client is having timing problems and as a result the client may tie-up server connection resources and make them unavailable to other clients who need to access the resources.
  • the number of consecutive ZWPs will be counted, incremented and maintained, for example, in a table.
  • the table is maintained by the process to keep a list of clients which have sent more than a predetermined number of consecutive TCP zero-window packets in the past. With this information, the NFS server can do any one of several possible actions.
  • the NFS server is enabled to selectively reset the connection to the client with an appropriate response code. If the number of zero-window packets crosses a user-defined threshold, then the daemon process is enabled to call a routine in the NFS server to stop responding to that client using a backoff algorithm. The algorithm will basically cause the NFS server to NOT respond to the next request (blackout time) for the next N seconds. If more zero-window requests are received, the blackout time increases by predetermined amounts, for example to 2*N, 4*N, 8*N and so on until a user-defined limit.
  • the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.
  • NFS servers can continue to provide uninterrupted services even in the presence of a resource-starved client.
  • the table can be made accessible to the administrator, so he/she can have a statistical view of the load from each client and reallocate resources appropriately.
  • the list of problem client machines could be exchanged between NFS servers to allow NFS servers to proactively take action against a hacker that has been identified in another portion of the network.
  • the exponential back off algorithm is used as a response to the alert from daemon, the advantage gained is that a client that temporarily slowed down is not penalized by cutting off communications abruptly
  • FIG. 1 illustrates an exemplary environment in which the present invention may be implemented.
  • an NFS server 101 may be accessed through an interconnection network 103 , such as the Internet, by a plurality of client devices including computer terminals 105 , 107 and 113 and other wireless devices 109 and 111 .
  • the client devices 105 , 107 and 113 may be laptop computers and the wireless client devices 109 and 111 may be personal wireless communication devices.
  • FIG. 2 illustrates several of the major components of a computer system which may be used to implement the present invention.
  • a processor system 201 is connected to a main bus 203 .
  • the main bus 203 is also coupled to, inter alia, system memory 205 , a local storage system 207 , a network interface 209 , and an input interface 211 .
  • the main bus is also connected to a display system 217 .
  • the input and/or display system may also comprise a touch-sensitive screen or optically-sensitive input pad (not shown). Additional devices and bus systems, which are not shown, may also be coupled to the system main bus 203 .
  • FIG. 3 there is shown a flow chart describing an exemplary operational sequence which may be implemented in code to accomplish the results described above.
  • the server is enabled to monitor or “watch” 301 server access requests and traffic from remote computer system client devices such as computers 105 and 107 and/or personal communication devices 111 and 113 , or other systems.
  • client devices such as computers 105 and 107 and/or personal communication devices 111 and 113 , or other systems.
  • ZWPs TCP Zero Window Packets
  • a total count is maintained 307 and may be kept in table form as discussed above.
  • a backoff routine as illustrated in FIG. 4 is accessed.
  • the next ZWP received 401 will cause a first “no response” 403 or “wait” period “N” to begin during which no response is sent from the server. If during this time period another ZWP is received from the same client 405 , then a second wait period is commenced 407 .
  • the second wait period is longer than the first wait period “N” and in the illustrated example, the second wait period is “2N” and the process goes to a resource conserve mode as shown in FIG. 5 .
  • a number of consecutive ZWPs received from a client is an indication that one client may, for example, be running an application that is unable to read from its end of the socket in a timely manner, and the TCP stack on the client system might reach a point where it needs to send back TCP zero-window responses to the server. If this client has several requests to the server in this state, then the NFS server might not be able to service new client requests with the result that there may be a denial of file system access to the rest of the clients. Thus, limits are set on the number of ZWPs returned to the server in order to detect and avoid this problem.
  • a ZWP is not received during the second wait period 501 , this is an indication that the client machine is again processing in a timely manner and the server process returns to monitor subsequent server access requests 301 .
  • the process determines if available server resources are less than a predetermined minimum 503 , and if so, clients are disconnected from the server on a predetermined priority basis 507 such as disconnecting the oldest connection first, then checking on the resource availability and if necessary, disconnecting others in order until the resource availability returns to a satisfactory level and is greater than a minimum level 509 .
  • the process returns to monitor subsequent server access requests 301 . If available server resources are not below a minimal level 503 , then a check is made to determine if the number of consecutive ZWPs received from the client is greater than a predetermined limit 505 , and if so, the above-discussed disconnect process 507 is implemented. If the total number of consecutive ZWPs received from a client is not greater than a predetermined number 505 , then the process returns to block 407 to set another wait time period to monitor and count subsequently received ZWPs from the client.
  • the termination of client connections can result either from receiving too many consecutive ZWPs from a client regardless of server resource level, or from receiving a lesser number of ZWPs when the server resource level is in a low condition, or a combination of both. Further, it is noted that there need not be two wait periods and that the disconnect process may be implemented in connection with only a single wait period if server resources need to be allocated in a more tightly controlled manner. Further, the predetermined times and/or levels of resource availability may be adjusted by the server to suit various situations and conditions.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the block may occur out of the order noted in the Figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
  • the disclosed methodology may also be implemented solely or partially in program code stored in any media, including any portable or fixed, volatile or non-volatile memory media device, including CDs, RAM and “Flash” memory, or other semiconductor, optical, magnetic or other memory media capable of storing code, from which it may be loaded and/or transmitted into other media and executed to achieve the beneficial results as described herein.
  • the disclosed methodology may also be implemented using any available input and/or display systems including touch-sensitive screens and optically-sensitive input pads. Accordingly, the present invention is not intended to be limited to the specific form set forth herein, but on the contrary, it is intended to cover such alternatives, modifications, and equivalents, as can be reasonably included within the spirit and scope of the invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. The server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. If the number of zero-window packets crosses a user-defined threshold, then a routine is called to stop responding to that client using a backoff algorithm. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table.

Description

    FIELD OF THE INVENTION
  • The present invention relates generally to information processing systems and more particularly to a methodology and implementation for enabling an improved processing system for accessing servers.
    • BACKGROUND OF THE INVENTION
  • The Network File System (NFS) is one of the most prevalent forms of remote file systems in a distributed environment today. Typically an NFS server provides file system services to thousands of clients, typically running different operating systems. Since NFS configurations are star-based i.e., one server having multiple clients, one client overloading the server can cause serious degradation in file system access times for the other clients.
  • NFS is typically transmission control protocol (TCP) based, and uses sockets for server-client connection. NFS servers also have a limit on the number of concurrent threads that can service client requests. If one client is running an application that is unable to read from its end of the socket in a timely manner, the TCP stack on the client system might reach a point where it needs to send back TCP zero-window responses to the server. If this client has several requests to the server in this state, then the NFS server might not be able to service new client requests. The result of this is denial of file system access to the rest of the clients.
  • Thus, there is a need to provide a network server access processing system which is enabled to avoid the problems set forth above.
    • SUMMARY OF THE INVENTION
  • A method, programmed medium and system are provided for preventing the denial of file system access to a plurality of clients accessing a NFS server. In one example, an NFS server is configured to listen on a designated server port. The server runs a separate daemon which “watches” client requests as they are received at the NFS server. In the example, the server processing system tracks the number of times a client sends consecutive TCP zero-window packets in response to a data packet from the server. This information is maintained, for example, in a table. The NFS server is enabled to do any one of several actions using the information, including, resetting the connection to the client with an appropriate response code. If the number of zero-window packets crosses a user-defined threshold, then a routine is called in the NFS server to stop responding to that client using a backoff algorithm. The algorithm causes the NFS server to NOT respond to the next request (blackout time) for the next N seconds. If more zero-window requests are received, the blackout time increases by predetermined amounts, for example, to 2*N, 4*N, 8*N and so on until a user-defined limit is reached. When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server access process is enabled to start terminating connections to the clients starting from the ones with the oldest entry in the table.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • A better understanding of the present invention can be obtained when the following detailed description of a preferred embodiment is considered in conjunction with the following drawings, in which:
  • FIG. 1 is an illustration of one embodiment of a system in which the present invention may be implemented;
  • FIG. 2 is a block diagram showing several of the major components of an exemplary computer system or device using the present invention;
  • FIG. 3 is a flow chart illustrating an exemplary sequence of operations which may be implemented in accordance with the present invention;
  • FIG. 4 is another flow chart illustrating an exemplary sequence of operations which may be implemented in accordance with the present invention; and
  • FIG. 5 is another flow chart illustrating an exemplary sequence of operations which may be implemented in accordance with the present invention.
    •  DETAILED DESCRIPTION
  • The various methods discussed herein may be implemented within a computer system which includes processing means, memory, storage means, input means and display means. Since the individual components of a computer system which may be used to implement the functions used in practicing the present invention are generally known in the art and composed of electronic components and circuits which are also generally known to those skilled in the art, circuit details beyond those shown are not specified to any greater extent than that considered necessary as illustrated, for the understanding and appreciation of the underlying concepts of the present invention and in order not to obfuscate or distract from the teachings of the present invention. Although the invention is illustrated in the context of a networked computer system using a laptop computer or other portable device, it is understood that disclosed methodology may also be applied in many other available and future devices and systems such as cell phones and personal wireless and other hand-held devices, including any input device, including touch-sensitive screens or touch-sensitive input pads, to achieve the beneficial functional features described herein.
  • The present disclosure defines a method that will prevent the NFS server from denying access to a large number of clients due to a large number of concurrent requests from one or more clients that are not reading their data in a timely manner. The disclosed methodology is also applicable to a case where the client is running an application that is intentionally attempting to freeze NFS services by not reading from its end of the socket connections. The NFS server listens on a designated server port 2049. The server will run a separate daemon which will “watch” client requests as they are received at the NFS server. Specifically, the process will keep track of the number of times a client sends consecutive TCP zero window packets (ZWPs) in response to a data packet from the server. A ZWP is a flow control mechanism that a TCP client uses to inform the server that it is not quite ready to receive more packets as it is still processing the earlier packets. Thus, a ZWP is an indication, for example, that a client is having timing problems and as a result the client may tie-up server connection resources and make them unavailable to other clients who need to access the resources. The number of consecutive ZWPs will be counted, incremented and maintained, for example, in a table. The table is maintained by the process to keep a list of clients which have sent more than a predetermined number of consecutive TCP zero-window packets in the past. With this information, the NFS server can do any one of several possible actions. For example, the NFS server is enabled to selectively reset the connection to the client with an appropriate response code. If the number of zero-window packets crosses a user-defined threshold, then the daemon process is enabled to call a routine in the NFS server to stop responding to that client using a backoff algorithm. The algorithm will basically cause the NFS server to NOT respond to the next request (blackout time) for the next N seconds. If more zero-window requests are received, the blackout time increases by predetermined amounts, for example to 2*N, 4*N, 8*N and so on until a user-defined limit.
  • When the server reaches a point where the number of available threads or any other relevant resource dips below a user-defined threshold, the server process starts terminating connections to the clients starting from the ones with the oldest entry in the table. Using the disclosed methodology, NFS servers can continue to provide uninterrupted services even in the presence of a resource-starved client. Further, the table can be made accessible to the administrator, so he/she can have a statistical view of the load from each client and reallocate resources appropriately. The list of problem client machines could be exchanged between NFS servers to allow NFS servers to proactively take action against a hacker that has been identified in another portion of the network. When the exponential back off algorithm is used as a response to the alert from daemon, the advantage gained is that a client that temporarily slowed down is not penalized by cutting off communications abruptly
  • FIG. 1 illustrates an exemplary environment in which the present invention may be implemented. As shown, an NFS server 101 may be accessed through an interconnection network 103, such as the Internet, by a plurality of client devices including computer terminals 105, 107 and 113 and other wireless devices 109 and 111. The client devices 105, 107 and 113 may be laptop computers and the wireless client devices 109 and 111 may be personal wireless communication devices.
  • FIG. 2 illustrates several of the major components of a computer system which may be used to implement the present invention. As shown, a processor system 201 is connected to a main bus 203. The main bus 203 is also coupled to, inter alia, system memory 205, a local storage system 207, a network interface 209, and an input interface 211. The main bus is also connected to a display system 217. The input and/or display system may also comprise a touch-sensitive screen or optically-sensitive input pad (not shown). Additional devices and bus systems, which are not shown, may also be coupled to the system main bus 203.
  • In FIG. 3, there is shown a flow chart describing an exemplary operational sequence which may be implemented in code to accomplish the results described above. As shown, when the process is initiated, the server is enabled to monitor or “watch” 301 server access requests and traffic from remote computer system client devices such as computers 105 and 107 and/or personal communication devices 111 and 113, or other systems. After a data packet is sent from the server to a client device 303 in response to a client request, it is determined when a total number of consecutive TCP Zero Window Packets (ZWPs) are received from the client. When consecutive ZWPs are detected as having been received from the client 305, a total count is maintained 307 and may be kept in table form as discussed above. Whenever the number of consecutive ZWPs received exceeds a predetermined number 309, a backoff routine as illustrated in FIG. 4 is accessed.
  • As shown in FIG. 4, after having received the predetermined number of ZWPs from a client, the next ZWP received 401 will cause a first “no response” 403 or “wait” period “N” to begin during which no response is sent from the server. If during this time period another ZWP is received from the same client 405, then a second wait period is commenced 407. The second wait period is longer than the first wait period “N” and in the illustrated example, the second wait period is “2N” and the process goes to a resource conserve mode as shown in FIG. 5. It is noted here that a number of consecutive ZWPs received from a client is an indication that one client may, for example, be running an application that is unable to read from its end of the socket in a timely manner, and the TCP stack on the client system might reach a point where it needs to send back TCP zero-window responses to the server. If this client has several requests to the server in this state, then the NFS server might not be able to service new client requests with the result that there may be a denial of file system access to the rest of the clients. Thus, limits are set on the number of ZWPs returned to the server in order to detect and avoid this problem.
  • As shown in FIG. 5, in the conserve resource routine, if a ZWP is not received during the second wait period 501, this is an indication that the client machine is again processing in a timely manner and the server process returns to monitor subsequent server access requests 301. However, when another ZWP is received 501, for example, during the second wait period, the process determines if available server resources are less than a predetermined minimum 503, and if so, clients are disconnected from the server on a predetermined priority basis 507 such as disconnecting the oldest connection first, then checking on the resource availability and if necessary, disconnecting others in order until the resource availability returns to a satisfactory level and is greater than a minimum level 509. When the resource level returns to a predetermined minimum level 509 the process returns to monitor subsequent server access requests 301. If available server resources are not below a minimal level 503, then a check is made to determine if the number of consecutive ZWPs received from the client is greater than a predetermined limit 505, and if so, the above-discussed disconnect process 507 is implemented. If the total number of consecutive ZWPs received from a client is not greater than a predetermined number 505, then the process returns to block 407 to set another wait time period to monitor and count subsequently received ZWPs from the client. It is noted that the termination of client connections can result either from receiving too many consecutive ZWPs from a client regardless of server resource level, or from receiving a lesser number of ZWPs when the server resource level is in a low condition, or a combination of both. Further, it is noted that there need not be two wait periods and that the disconnect process may be implemented in connection with only a single wait period if server resources need to be allocated in a more tightly controlled manner. Further, the predetermined times and/or levels of resource availability may be adjusted by the server to suit various situations and conditions.
  • The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the Figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
  • It is understood that the specific example presented herein is not intended to be limiting since the functional combinations disclosed herein may be implemented in many different environments and applications including, for example, applications involving the visualization of business processes and movement of emails, task lists, task list items and other system data components within an overall system data containment environment or application.
  • The method, system and apparatus of the present invention has been described in connection with a preferred embodiment as disclosed herein. The disclosed methodology may be implemented in a wide range of sequences, menus and screen designs to accomplish the desired results as herein illustrated. Although an embodiment of the present invention has been shown and described in detail herein, along with certain variants thereof, many other varied embodiments that incorporate the teachings of the invention may be easily constructed by those skilled in the art, and even included or integrated into a processor or CPU or other larger system integrated circuit or chip. The disclosed methodology may also be implemented solely or partially in program code stored in any media, including any portable or fixed, volatile or non-volatile memory media device, including CDs, RAM and “Flash” memory, or other semiconductor, optical, magnetic or other memory media capable of storing code, from which it may be loaded and/or transmitted into other media and executed to achieve the beneficial results as described herein. The disclosed methodology may also be implemented using any available input and/or display systems including touch-sensitive screens and optically-sensitive input pads. Accordingly, the present invention is not intended to be limited to the specific form set forth herein, but on the contrary, it is intended to cover such alternatives, modifications, and equivalents, as can be reasonably included within the spirit and scope of the invention.

Claims (25)

1. A method for server access processing, said method comprising:
determining when a data packet is sent from a server to a client device;
counting a number of zero window packets (ZWPs) received from said client device by said server following said data packet being sent to provide a ZWP count; and
using said ZWP count to control access to said server by said client device.
2. The method as set forth in claim 1 wherein said ZWP count includes a total count of consecutive ZWPs received by said server.
3. The method as set forth in claim 2 and further including:
disconnecting said client device from said server after said total count exceeds a first predetermined number.
4. The method as set forth in claim 2 and further including:
determining a resource availability level of said server when said total count exceeds a first predetermined number; and
disconnecting said client device from said server when said resource availability level is below a predetermined level or said total count exceeds a first predetermined number.
5. The method as set forth in claim 2 and further including:
disabling said server from responding to said client device for a first time period after said total count exceeds a first predetermined number;
6. The method as set forth in claim 5 and further including enabling said server to respond to said client device after said first time period if no ZWPs are received by said server from said client device during said first time period.
7. The method as set forth in claim 5 and further including:
disabling said server from responding to said client device for a second time period after said total count exceeds a second predetermined number at a completion of said first time period, said second time period being greater than said first time period.
8. The method as set forth in claim 7 and further including enabling said server to respond to said client device after said second time period if no ZWPs are received by said server from said client device during said second time period.
9. A computer program product for enabling server access processing, the computer program product comprising computer readable program code configured such that when such program code is read by said server, the server is effective for:
determining when a data packet is sent from said server to a client device;
counting a number of zero window packets (ZWPs) received from said client device by said server following said data packet being sent to provide a ZWP count; and
using said ZWP count to control access to said server by said client device.
10. The program product as set forth in claim 9 wherein said ZWP count includes a total count of consecutive ZWPs received by said server.
11. The program product as set forth in claim 10 and further including:
disconnecting said client device from said server after said total count exceeds a first predetermined number.
12. The program product as set forth in claim 10 and further including:
determining a resource availability level of said server when said total count exceeds a first predetermined number; and
disconnecting said client device from said server when said resource availability level is below a predetermined level and said total count exceeds a first predetermined number.
13. The program product as set forth in claim 10 and further including:
disabling said server from responding to said client device for a first time period after said total count exceeds a first predetermined number;
14. The program product as set forth in claim 13 and further including enabling said server to respond to said client device after said first time period if no ZWPs are received by said server from said client device during said first time period.
15. The program product as set forth in claim 13 and further including:
disabling said server from responding to said client device for a second time period after said total count exceeds a second predetermined number at a completion of said first time period, said second time period being greater than said first time period.
16. The program product as set forth in claim 15 and further including enabling said server to respond to said client device after said second time period if no ZWPs are received by said server from said client device during said second time period.
17. A server enabled to manage server access requests from a client device, said server comprising:
means for determining when a data packet is sent from said server to said client device;
means for counting a number of zero window packets (ZWPs) received from said client device by said server following said data packet being sent to provide a ZWP count; and
means for using said ZWP count to control access to said server by said client device.
18. The server as set forth in claim 17 wherein said ZWP count includes a total count of consecutive ZWPs received by said server.
19. The server as set forth in claim 18 and further including:
means for disconnecting said client device from said server after said total count exceeds a first predetermined number.
20. The server as set forth in claim 18 and further including:
means for determining a resource availability level of said server when said total count exceeds a first predetermined number; and
means for disconnecting said client device from said server when said resource availability level is below a predetermined level and said total count exceeds a first predetermined number.
21. The server as set forth in claim 18 and further including:
means for disabling said server from responding to said client device for a first time period after said total count exceeds a first predetermined number;
22. The server as set forth in claim 21 and further including means for enabling said server to respond to said client device after said first time period if no ZWPs are received by said server from said client device during said first time period.
23. The server as set forth in claim 21 and further including:
means for disabling said server from responding to said client device for a second time period after said total count exceeds a second predetermined number at a completion of said first time period, said second time period being greater than said first time period.
24. The server as set forth in claim 23 and further including means for enabling said server to respond to said client device after said second time period if no ZWPs are received by said server from said client device during said second time period.
25. A computer system including a server and at least one client device accessing said server, said server being enabled for managing access to said server by said client device, said server including:
means for determining when a data packet is sent from said server to said client device;
means for counting a number of zero window packets (ZWPs) received from said client device by said server following said data packet being sent to provide a ZWP count, said ZWP count including a total count of consecutive ZWPs received by said server;
means for disabling said server from responding to said client device for a first time period after said total count exceeds a first predetermined number;
means for enabling said server to respond to said client device after said first time period if no ZWPs are received by said server from said client device during said first time period;
means for determining a resource availability level of said server when said total count exceeds said first predetermined number;
means for disabling said server from responding to said client device for a second time period after said total count exceeds a second predetermined number at a completion of said first time period, said second time period being greater than said first time period;
means for enabling said server to respond to said client device after said second time period if no ZWPs are received by said server from said client device during said second time period; and
means for disconnecting said client device from said server when said resource availability level is below a predetermined level and said total count exceeds said second predetermined number after said second time period.
US12/614,511 2009-11-09 2009-11-09 Server Access Processing System Abandoned US20110113134A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US12/614,511 US20110113134A1 (en) 2009-11-09 2009-11-09 Server Access Processing System
US13/459,160 US9516142B2 (en) 2009-11-09 2012-04-28 Server access processing system
US15/331,330 US9866636B2 (en) 2009-11-09 2016-10-21 Server access processing system
US15/811,719 US10432725B2 (en) 2009-11-09 2017-11-14 Server access processing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12/614,511 US20110113134A1 (en) 2009-11-09 2009-11-09 Server Access Processing System

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/459,160 Continuation US9516142B2 (en) 2009-11-09 2012-04-28 Server access processing system

Publications (1)

Publication Number Publication Date
US20110113134A1 true US20110113134A1 (en) 2011-05-12

Family

ID=43974977

Family Applications (4)

Application Number Title Priority Date Filing Date
US12/614,511 Abandoned US20110113134A1 (en) 2009-11-09 2009-11-09 Server Access Processing System
US13/459,160 Expired - Fee Related US9516142B2 (en) 2009-11-09 2012-04-28 Server access processing system
US15/331,330 Expired - Fee Related US9866636B2 (en) 2009-11-09 2016-10-21 Server access processing system
US15/811,719 Expired - Fee Related US10432725B2 (en) 2009-11-09 2017-11-14 Server access processing system

Family Applications After (3)

Application Number Title Priority Date Filing Date
US13/459,160 Expired - Fee Related US9516142B2 (en) 2009-11-09 2012-04-28 Server access processing system
US15/331,330 Expired - Fee Related US9866636B2 (en) 2009-11-09 2016-10-21 Server access processing system
US15/811,719 Expired - Fee Related US10432725B2 (en) 2009-11-09 2017-11-14 Server access processing system

Country Status (1)

Country Link
US (4) US20110113134A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120215916A1 (en) * 2009-11-09 2012-08-23 International Business Machines Corporation Server Access Processing System
US20120290709A1 (en) * 2011-05-12 2012-11-15 Fluke Corporation Method and apparatus to determine the amount of delay in the transfer of data associated with a tcp zero window event or set of tcp zero window events
US10135750B1 (en) * 2014-10-09 2018-11-20 EMC IP Holding Company LLC Satisfaction-ratio based server congestion control mechanism
CN109299049A (en) * 2018-10-11 2019-02-01 郑州云海信息技术有限公司 A kind of processing method and processing device of file access request

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3674894A4 (en) * 2017-10-09 2020-10-28 Huawei Technologies Co., Ltd. Processing method and device
CN107769996B (en) * 2017-10-24 2021-02-09 新华三云计算技术有限公司 Method and device for detecting working state of server
CN111405126A (en) * 2020-03-20 2020-07-10 上海中通吉网络技术有限公司 Method, system, device, equipment and storage medium for dialing in dispatching link

Citations (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040064589A1 (en) * 2002-09-27 2004-04-01 Alacritech, Inc. Fast-path apparatus for receiving data corresponding to a TCP connection
US20040236802A1 (en) * 2003-05-22 2004-11-25 International Business Machines Corporation Method, apparatus, and program for informing a client when a server is busy in the transfer control protocol
US6965942B1 (en) * 2001-01-12 2005-11-15 3Com Corporation Method and system for improving throughput over wireless local area networks with a dynamic contention window
US7039679B2 (en) * 1996-12-13 2006-05-02 Visto Corporation System and method for globally and securely accessing unified information in a computer network
US20060200575A1 (en) * 2005-02-23 2006-09-07 Sherer W P Playout-dependent unicast streaming of digital video content
US20070050479A1 (en) * 2005-08-24 2007-03-01 Sony Corporation Content receiving apparatus and content receiving method
US20070214143A1 (en) * 2006-03-10 2007-09-13 Fujitsu Limited NFS server, NFS server control program and NFS server control method
US7277963B2 (en) * 2002-06-26 2007-10-02 Sandvine Incorporated TCP proxy providing application layer modifications
US20070245003A1 (en) * 2006-04-15 2007-10-18 Vivek Kashyap Connection maintenance when one node takes over for another node
US7340489B2 (en) * 2002-04-10 2008-03-04 Emc Corporation Virtual storage devices
US20080114889A1 (en) * 2006-11-09 2008-05-15 Deshpande Sachin G Methods and Systems for HTTP Streaming Using Server-Side Pacing
US20080195745A1 (en) * 2007-02-14 2008-08-14 Microsoft Corporation Adaptive bandwidth utilization
US20080229025A1 (en) * 2007-03-12 2008-09-18 Robert Plamondon Systems and methods of using the refresh button to determine freshness policy
US7535913B2 (en) * 2002-03-06 2009-05-19 Nvidia Corporation Gigabit ethernet adapter supporting the iSCSI and IPSEC protocols
US20090216909A1 (en) * 2008-02-26 2009-08-27 James Paul Schneider Setting time from a NFS server
US20090252047A1 (en) * 2008-04-02 2009-10-08 International Business Machines Corporation Detection of an unresponsive application in a high availability system
US7664868B2 (en) * 1998-04-27 2010-02-16 Alacritech, Inc. TCP/IP offload network interface device
US7730196B2 (en) * 2004-12-03 2010-06-01 Microsoft Corporation Efficient transfer of messages using reliable messaging protocols for web services
US20100144363A1 (en) * 2008-12-10 2010-06-10 At&T Mobility Ii Llc Load-based adaptive inactivity timers
US20110213890A1 (en) * 2005-10-17 2011-09-01 Ward David D Method for recovery of a controlled failover of a border gateway protocol speaker

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6324581B1 (en) 1999-03-03 2001-11-27 Emc Corporation File server system using file system storage, data movers, and an exchange of meta data among data movers for file locking and direct access to shared file systems
CN1193553C (en) * 2000-09-28 2005-03-16 皇家菲利浦电子有限公司 Network interface driver and method
US20030046394A1 (en) * 2000-11-03 2003-03-06 Steve Goddard System and method for an application space server cluster
US6779033B1 (en) * 2000-12-28 2004-08-17 Networks Associates Technology, Inc. System and method for transacting a validated application session in a networked computing environment
US20030022628A1 (en) * 2001-01-09 2003-01-30 Chiyo Mamiya Data communication system and wireless communication device
US20030128672A1 (en) * 2001-06-19 2003-07-10 Sridhar Komandur Transmission and flow control
US20030086395A1 (en) * 2001-11-07 2003-05-08 Vyankatesh Shanbhag System and method for efficient handover in wireless packet data network
WO2003040735A1 (en) * 2001-11-07 2003-05-15 Cyneta Networks Inc. Resource aware session adaptation system and method for enhancing network throughput
US20040033806A1 (en) * 2002-08-16 2004-02-19 Cellglide Technologies Corp. Packet data traffic management system for mobile data networks
US20040103314A1 (en) * 2002-11-27 2004-05-27 Liston Thomas F. System and method for network intrusion prevention
JP2004280283A (en) 2003-03-13 2004-10-07 Hitachi Ltd Distributed file system, distributed file system server, and access method to distributed file system
US20080037420A1 (en) * 2003-10-08 2008-02-14 Bob Tang Immediate ready implementation of virtually congestion free guaranteed service capable network: external internet nextgentcp (square waveform) TCP friendly san
KR100644637B1 (en) * 2004-10-11 2006-11-10 삼성전자주식회사 Apparatus and method for printing data using server message block protocol
US20060271680A1 (en) * 2005-05-31 2006-11-30 International Business Machines Corporation Method For Transmitting Window Probe Packets
US7797565B1 (en) * 2006-04-04 2010-09-14 Symantec Operating Corporation System and method for maintaining communication protocol connections during failover
US7640358B2 (en) * 2006-11-09 2009-12-29 Sharp Laboratories Of America, Inc. Methods and systems for HTTP streaming using an intelligent HTTP client
US20080228690A1 (en) * 2007-03-15 2008-09-18 Yair Horovitz System and method for calculating a metric of a sub-transaction on an IP network
US7958256B2 (en) * 2007-05-09 2011-06-07 Wayport, Inc. System and method for providing application categorization and quality of service in a network with multiple users
US7808998B2 (en) * 2008-01-31 2010-10-05 Cisco Technology, Inc. Disconnected transport protocol connectivity
JP4557028B2 (en) * 2008-03-19 2010-10-06 ソニー株式会社 Information processing apparatus, information processing method, client device, information processing system
CN101631065B (en) * 2008-07-16 2012-04-18 华为技术有限公司 Method and device for controlling congestion of wireless multi-hop network
US8195754B2 (en) * 2009-02-13 2012-06-05 Massachusetts Institute Of Technology Unsolicited message communication characteristics
US8898280B2 (en) * 2009-02-19 2014-11-25 Fluke Corporation Methods and apparatus for determining and displaying WAN optimization attributes for individual transactions
US8248934B2 (en) * 2009-02-20 2012-08-21 Fluke Corporation Methods and apparatus for determining and displaying a transaction reset metric
US20110022804A1 (en) 2009-07-24 2011-01-27 Arun Avanna Vijayakumar Method and system for improving availability of network file system service
US20110113134A1 (en) * 2009-11-09 2011-05-12 International Business Machines Corporation Server Access Processing System

Patent Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7039679B2 (en) * 1996-12-13 2006-05-02 Visto Corporation System and method for globally and securely accessing unified information in a computer network
US7664868B2 (en) * 1998-04-27 2010-02-16 Alacritech, Inc. TCP/IP offload network interface device
US6965942B1 (en) * 2001-01-12 2005-11-15 3Com Corporation Method and system for improving throughput over wireless local area networks with a dynamic contention window
US7535913B2 (en) * 2002-03-06 2009-05-19 Nvidia Corporation Gigabit ethernet adapter supporting the iSCSI and IPSEC protocols
US7340489B2 (en) * 2002-04-10 2008-03-04 Emc Corporation Virtual storage devices
US7277963B2 (en) * 2002-06-26 2007-10-02 Sandvine Incorporated TCP proxy providing application layer modifications
US20040064589A1 (en) * 2002-09-27 2004-04-01 Alacritech, Inc. Fast-path apparatus for receiving data corresponding to a TCP connection
US7483990B2 (en) * 2003-05-22 2009-01-27 International Business Machines Corporation Method, apparatus, and program for informing a client when a server is busy in the transfer control protocol
US20040236802A1 (en) * 2003-05-22 2004-11-25 International Business Machines Corporation Method, apparatus, and program for informing a client when a server is busy in the transfer control protocol
US7730196B2 (en) * 2004-12-03 2010-06-01 Microsoft Corporation Efficient transfer of messages using reliable messaging protocols for web services
US20060200575A1 (en) * 2005-02-23 2006-09-07 Sherer W P Playout-dependent unicast streaming of digital video content
US20070050479A1 (en) * 2005-08-24 2007-03-01 Sony Corporation Content receiving apparatus and content receiving method
US20110213890A1 (en) * 2005-10-17 2011-09-01 Ward David D Method for recovery of a controlled failover of a border gateway protocol speaker
US20070214143A1 (en) * 2006-03-10 2007-09-13 Fujitsu Limited NFS server, NFS server control program and NFS server control method
US20070245003A1 (en) * 2006-04-15 2007-10-18 Vivek Kashyap Connection maintenance when one node takes over for another node
US20080114889A1 (en) * 2006-11-09 2008-05-15 Deshpande Sachin G Methods and Systems for HTTP Streaming Using Server-Side Pacing
US20080195745A1 (en) * 2007-02-14 2008-08-14 Microsoft Corporation Adaptive bandwidth utilization
US20080229025A1 (en) * 2007-03-12 2008-09-18 Robert Plamondon Systems and methods of using the refresh button to determine freshness policy
US20090216909A1 (en) * 2008-02-26 2009-08-27 James Paul Schneider Setting time from a NFS server
US20090252047A1 (en) * 2008-04-02 2009-10-08 International Business Machines Corporation Detection of an unresponsive application in a high availability system
US20100144363A1 (en) * 2008-12-10 2010-06-10 At&T Mobility Ii Llc Load-based adaptive inactivity timers

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120215916A1 (en) * 2009-11-09 2012-08-23 International Business Machines Corporation Server Access Processing System
US9516142B2 (en) * 2009-11-09 2016-12-06 International Business Machines Corporation Server access processing system
US20170054804A1 (en) * 2009-11-09 2017-02-23 International Business Machines Corporation Server Access Processing System
US9866636B2 (en) * 2009-11-09 2018-01-09 International Business Machines Corporation Server access processing system
US20180069927A1 (en) * 2009-11-09 2018-03-08 International Business Machines Corporation Server Access Processing System
US10432725B2 (en) * 2009-11-09 2019-10-01 International Business Machines Corporation Server access processing system
US20120290709A1 (en) * 2011-05-12 2012-11-15 Fluke Corporation Method and apparatus to determine the amount of delay in the transfer of data associated with a tcp zero window event or set of tcp zero window events
US8849994B2 (en) * 2011-05-12 2014-09-30 Fluke Corporation Method and apparatus to determine the amount of delay in the transfer of data associated with a TCP zero window event or set of TCP zero window events
US10135750B1 (en) * 2014-10-09 2018-11-20 EMC IP Holding Company LLC Satisfaction-ratio based server congestion control mechanism
CN109299049A (en) * 2018-10-11 2019-02-01 郑州云海信息技术有限公司 A kind of processing method and processing device of file access request

Also Published As

Publication number Publication date
US20170054804A1 (en) 2017-02-23
US9866636B2 (en) 2018-01-09
US20120215916A1 (en) 2012-08-23
US10432725B2 (en) 2019-10-01
US20180069927A1 (en) 2018-03-08
US9516142B2 (en) 2016-12-06

Similar Documents

Publication Publication Date Title
US10432725B2 (en) Server access processing system
US8966487B1 (en) Application transaction wait time dynamic adjustment
US20120198254A1 (en) Capping power consumption in a data storage system
US20170155560A1 (en) Management systems for managing resources of servers and management methods thereof
US9237460B2 (en) Traffic control method and device
US10536322B2 (en) Resource management for services
CN107172171B (en) Service request processing method and device and computer readable storage medium
US11088931B2 (en) Network speed detection
US20160124833A1 (en) Analyzing physical machine impact on business transaction performance
US20130152196A1 (en) Throttling of rogue entities to push notification servers
CN113517985A (en) File data processing method and device, electronic equipment and computer readable medium
CN116483785A (en) File transmission scheduling method, device, equipment and computer readable storage medium
US8423833B2 (en) System and method for multivariate quality-of-service aware dynamic software rejuvenation
US11516276B1 (en) Dynamically switching between synchronous and asynchronous communication channels
US10348814B1 (en) Efficient storage reclamation for system components managing storage
CN114374657A (en) Data processing method and device
CN110933122B (en) Method, apparatus and computer storage medium for managing server
CN112306371A (en) Method, apparatus and computer program product for storage management
CN106484536B (en) IO scheduling method, device and equipment
CN114064362B (en) Data recovery method, system and computer readable storage medium for distributed storage
CN114185701A (en) Data processing method and device, electronic equipment and storage medium
CN116319942A (en) Slice management method, device, operating system and storage medium
CN117640754A (en) Request processing method, device, equipment and storage medium
CN113486029A (en) Data compensation method, system and equipment for service degradation
CN117708802A (en) Request processing method, device, computer equipment and readable storage medium

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BELLO, ADEKUNLE;CHIRRA, RADHIKA;HEGDE, NIKHIL;AND OTHERS;REEL/FRAME:023488/0369

Effective date: 20091028

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION