A new framework for enterprise, small cell and outdoor access points

Share on linkedin
Share on twitter
Share on facebook
Share on google

Policy frameworks usually can vary broadly from one system vendor to the next, from a no-rules approach to performing deep packet inspection-based classification.

However, all policies need to be based on

  • Mobility policies per user ID
  • Applications like SIP, H.323, Skype, MSN Messenger
  • AP and station location
  • Port’s subnet
  • SSID of the wireless network

It is also essential that the policy framework should be unified across the wired and wireless Layer-2/Layer-3 across the LAN (Ethernet and Wi-Fi) to provide services such as VoWi-Fi and Video over Wi-Fi, which need end-to-end QoS. The Wi-Fi will have additional constraints and policies based on location and the SSID. The markings and mappings would be taken from the DiffServ, 802.1p and extended to WMM (or 802.11e)

2-1-Wired and Wireless Stack ComponentsWired and wireless stack components

However, these policies would still map to a traditional 5 tuple or 6 tuple based on SRC-IP, DST-IP, SPORT, DPORT, PROTOCOL, SSID/VLAN.

The policies can be implemented in a slow path and fast path architecture similar to the open flow architecture. The host processor handles all the control packets, connection tracking and initial packets as part of the slow path, and sets up the flow action entries for the fast path. The flow action entry has the edit and action fields as mentioned below with appropriate packet headers like MAC header data etc.

The host processor code has protocol helpers that allow connection tracking code to understand protocols, which use multiple network connections (e.g. FTP, H.323, SIP and similar) and mark the ‘child’ connections as being related to the initial connection, usually by reading the related address out of the data stream.

Once the flows are established the packets do not need to go to the host processor for any further processing and they are sent to the Ethernet/WLAN ports directly.

2-2-Fast Path or Slow Path FrameworkFast path and slow path frameworks


To process the Wi-Fi and Ethernet packets related to policy frameworks, a system must implement three main stages in the fast path after the initial parsing.


Classification parses the incoming packets, extracts the fields like MAC-addresses, source/destination IP address, source/destination ports, protocol, VLAN fields. In addition, this part of the process performs the basic checks for the IP version, TTL etc. A hash value is computed based on the 5/6 tuple and flow action entry is fetched based on the hash value. The flow action entry has the action fields and packet edit options.

Packet edit

The packet edit options in the Flow-Action-Entry field specify the packet modifications to be performed on the packet.

  • 11 to 802.3 conversion
  • Tunnelling options
  • MAC address addition (for route)


The actions in in the Flow-Action-Entry field specify whether to drop, forward or capture the packet. These options are used to implement the firewall and other additional functionality.

In addition, the action field also specifies the TOS mapping and QoS rules to apply on the packet. (The slow path of the framework defines the actual mapping, and the action is executed here.)

The packets are then forwarded to the QoS engine, that implement the scheduling and rate shaping algorithms on a per AC per station basis.

2-3-Stages in Policy FrameworkThe stages of the policy framework

Coming up next

Stay tuned to our blog – in our final article in this networking-focused miniseries, we will present the architecture to support this new framework.

Please leave a comment below

Comment policy: We love comments and appreciate the time that readers spend to share ideas and give feedback. However, all comments are manually moderated and those deemed to be spam or solely promotional will be deleted. We respect your privacy and will not publish your personal details.

Search by Tag

Search for posts by tag.

Search by Author

Search for posts by one of our authors.

Featured posts
Popular posts

Blog Contact

If you have any enquiries regarding any of our blog posts, please contact:

United Kingdom

Tel: +44 (0)1923 260 511

Related blog articles

Product and event round-up from the experts in GPU and AI

It’s certainly been a busy few months for Imagination. Towards the latter end of last year, we released a raft of new products and initiatives, and a new CEO took the helm giving us real momentum for 2019. At the

How AI is conducting the future of music technology

“We tend to think of technological advances as destroying what’s gone before, but that doesn’t usually happen. This could lead to a different way of making music.” – Jarvis Cocker, former Pulp frontman, solo artist, writer and broadcaster In recent

Why you should join Imagination at Embedded World 2019

Our technology is focussed entirely on offering SoC manufacturers low power, high-performance options for building groundbreaking products in a range of markets, from automotive to smart devices such as smart speakers to the latest smartphones. Embedded World is one of

Stay up-to-date with Imagination

Sign up to receive the latest news and product updates from Imagination straight to your inbox.

  • This field is for validation purposes and should be left unchanged.