公开(公告)号：US09667650B2

公开(公告)日：2017-05-30

申请号：US14713588

申请日：2015-05-15

Applicant: Cisco Technology, Inc.

Inventor： Shuxian Lou ,  Jie Chu ,  Michael Fingleton ,  Hsia R. Yu

IPC: H04L29/06

CPC classification number: H04L63/1466 ,  H04L63/0272 ,  H04L63/164

Abstract: Processes and systems to create a plurality of sequence number spaces in a security association at a transmission device. Each sequence number space corresponds to a respective class of traffic. Each sequence number space is identified by a unique selector value. For each sequence number space, a sequence number counter is created for counting a sequence of outbound packets of a class of traffic corresponding to the sequence number space. For an outbound packet of a particular class of traffic, a selector value of a sequence number space of the particular class of traffic is written into a first portion of a sequence number field in the outbound packet. Low-order bits of the current value of a sequence number counter, associated with the sequence number space of the particular class of traffic, is written into a second portion of the sequence number field. The sequence number counter is then incremented.

公开(公告)号：US20160337398A1

公开(公告)日：2016-11-17

申请号：US14713588

申请日：2015-05-15

Applicant: Cisco Technology, Inc.

Inventor： Shuxian Lou ,  Jie Chu ,  Michael Fingleton ,  Hsia R. Yu

IPC: H04L29/06

CPC classification number: H04L63/1466 ,  H04L63/0272 ,  H04L63/164

Abstract: Processes and systems to create a plurality of sequence number spaces in a security association at a transmission device. Each sequence number space corresponds to a respective class of traffic. Each sequence number space is identified by a unique selector value. For each sequence number space, a sequence number counter is created for counting a sequence of outbound packets of a class of traffic corresponding to the sequence number space. For an outbound packet of a particular class of traffic, a selector value of a sequence number space of the particular class of traffic is written into a first portion of a sequence number field in the outbound packet. Low-order bits of the current value of a sequence number counter, associated with the sequence number space of the particular class of traffic, is written into a second portion of the sequence number field. The sequence number counter is then incremented.

Abstract translation: 在传输设备的安全关联中创建多个序列号空间的过程和系统。 每个序列号空间对应于相应的业务类别。 每个序列号空间由唯一的选择器值标识。 对于每个序列号空间，创建一个序列号计数器，用于对与序列号空间相对应的业务类别的出站分组序列进行计数。 对于特定类别的流量的出站分组，将特定业务类别的序列号空间的选择器值写入出站分组中的序列号字段的第一部分。 与特定流量类别的序列号空间相关联的序列号计数器的当前值的低位被写入序列号字段的第二部分。 然后将序列号计数器递增。