Network switch device for routing network traffic through an inline tool

US 10,009,263 B1
Filed: 10/09/2015
Issued: 06/26/2018
Est. Priority Date: 10/09/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a first network port of a network device, a packet from a first network node external to the network device, the packet being destined for a second network node external to the network device; and

routing the packet, without modifying the packet, from the first network port to a first tool port of the network device for transmission to an external inline tool, wherein routing the packet from the first network port to the first tool port includes applying a MAC address learning mechanism to the packet received at the first network port, wherein the MAC address learning mechanism associates a MAC address corresponding to the packet with the first network port, and not applying a packet forwarding mechanism to the packet received at the first network port, and subsequently routing the packet from a second tool port of the network device to a second network port of the network device for transmission to the second network node, and wherein routing the packet to the second network node includes not applying the MAC address learning mechanism to the packet received at the second tool port and applying the packet forwarding mechanism to the packet received at the second tool port, wherein the packet forwarding mechanism is a mechanism for forwarding packets based on MAC addresses associated with the first network port.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Introduced here is a technique for using a network switch device, which may include commodity switching fabric, to route packets through an inline tool, without introducing any additional information to the packets. The introduced technique modifies standard capability of packet forwarding and learning port-to-MAC address associations to route data packets through the inline tool. The technique may include applying two override settings to the network device. A first override setting involves a forwarding rule that is based on the arrival port and the content of the packet. A second override setting involves disabling the MAC address learning mechanism for the packet received from the inline tool via the second tool port of the network device.

47 Citations

View as Search Results

16 Claims

1. A method comprising:
- receiving, at a first network port of a network device, a packet from a first network node external to the network device, the packet being destined for a second network node external to the network device; and
  
  routing the packet, without modifying the packet, from the first network port to a first tool port of the network device for transmission to an external inline tool, wherein routing the packet from the first network port to the first tool port includes applying a MAC address learning mechanism to the packet received at the first network port, wherein the MAC address learning mechanism associates a MAC address corresponding to the packet with the first network port, and not applying a packet forwarding mechanism to the packet received at the first network port, and subsequently routing the packet from a second tool port of the network device to a second network port of the network device for transmission to the second network node, and wherein routing the packet to the second network node includes not applying the MAC address learning mechanism to the packet received at the second tool port and applying the packet forwarding mechanism to the packet received at the second tool port, wherein the packet forwarding mechanism is a mechanism for forwarding packets based on MAC addresses associated with the first network port.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1,wherein routing the packet to the first tool port comprises applying a first override setting to a packet transmission configuration associated with the first network port of the network device, the first override setting causing the network device to transmit the packet, received at the first network port, to the first tool port;
    - andwherein routing the packet to the second network port comprises applying a second override setting to a packet transmission configuration associated with the second tool port of the network device, the second override setting causing the network device to transmit the packet, received at the second tool port, to the second network port.
  - 3. The method of claim 2, wherein the packet transmission configuration includes the MAC address learning mechanism and the packet forwarding mechanism for use when a particular packet is received at a given port of the network device, the given port being a network port or a tool port.
  - 4. The method of claim 3,wherein the first override setting is configured to execute the MAC address learning mechanism while overriding the packet forwarding mechanism with a custom packet forwarding mechanism for the packet received at the first network port;
    - andwherein the second override setting is configured to execute the packet forwarding mechanism and to disable the MAC address learning mechanism for the packet received at the second tool port.
  - 5. The method of claim 2, wherein applying a second override setting comprises:
    - assigning the second network port and the second tool port to a same class; and
      
      configuring a class priority associated with the second network port to be higher than a class priority associated with the second tool port;
      
      wherein said configuring of the class priority disables an automatic MAC learning mechanism associated with the second tool port, and wherein the packet is routed to the second network port based on the disabled automatic MAC learning mechanism associated with the second tool port.
  - 6. The method of claim 1, wherein routing the packet, received at the second tool port, to the second network port comprises:
    - accessing a data structure including recorded associations between MAC addresses and ports of the network device;
      
      identifying the second network port for transmission of the packet to the second network node, based on an association between the second network port and a destination MAC address of the packet, the association recorded in the data structure based on the MAC address learning mechanism associated with the second network port.
  - 7. The method of claim 1, further comprising:
    - identifying whether an association between the first network port and the MAC address is recorded in a data structure maintained by the network device; and
      
      if the association is not recorded in the data structure, routing the packet to the second network port without transmission to the inline tool.
  - 8. The method of claim 1, further comprising:
    - identifying whether the packet is associated with a unicast transmission based on a destination MAC address of the packet; and
      
      in response to determining that the packet is not associated with the unicast transmission;
      
      routing a first copy of the packet, received at the first network port, to the first tool port; and
      
      disabling said routing of the first copy of the packet from the inline tool to the second network port of the network device.
  - 9. The method of claim 8, further comprising:
    - in response to determining that the packet is not associated with the unicast transmission, routing a second copy of the packet to the second network port for transmission to the second network node.

10. A network device comprising:
- a plurality of network ports through which to receive and transmit a packet between network nodes external to the network device;
  
  a plurality of tool ports through which to communicate with an inline tool;
  
  a switching fabric coupled to each of the network ports and each of the tool ports; and
  
  a processing unit coupled to the network ports and the tool ports, the processing unit configured to control the network device to;
  
  receive, at a first network port of the network ports, a packet from a first network node of the network nodes, the packet being for transmission to a second network node of the network nodes;
  
  route the packet from the first network port to a first tool port of the network device and from the first tool port to a second tool port of the network device, wherein routing the packet from the first network port to the first tool port includes applying a MAC address learning mechanism to the packet received at the first network port that associates a MAC address corresponding to the packet with the first network port and not applying a packet forwarding mechanism to the packet received at the first network port; and
  
  route the packet to a second network port of the network ports from the second tool port of the network device for transmission to the second network node, wherein routing the packet to the second network node includes not applying the MAC address learning mechanism to the packet received at the second tool port and applying the packet forwarding mechanism to the packet received at the second tool port, wherein the packet forwarding mechanism forwards the packet based on the MAC address being associated with the first network port;
  
  wherein the packet is transmitted from the first network node, through the inline tool, and to the second network node without modifying information in the packet.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The network device of claim 10, wherein the processing unit is further configured to control the network device to receive the packet from the inline tool for routing to the second network port.
  - 12. The network device of claim 10, wherein the processing unit is further configured to control the network device to:
    - apply a first override setting to a packet transmission configuration associated with the first network port, the packet transmission configuration including the MAC address learning mechanism and the packet forwarding mechanism;
      
      wherein the first override setting is configured to execute the MAC address learning mechanism while overriding the packet forwarding mechanism with a custom packet forwarding mechanism for the packet received at the first network port.
  - 13. The network device of claim 10, wherein the processing unit is further configured to control the network device to:
    - apply a second override setting to a packet transmission configuration associated with the second tool port, from which the packet is received for forwarding to the second network port, the packet transmission configuration including the MAC address learning mechanism and the packet forwarding mechanism;
      
      wherein the second override setting is configured to execute the packet forwarding mechanism and to disable the MAC address learning mechanism for the packet received at the second tool port.
  - 14. The network device of claim 10, wherein the processing unit is further configured to control the network device to:
    - assign the second network port and the second tool port to a same class; and
      
      configure a class priority associated with the second network port to be higher than a class priority associated with the second tool port;
      
      wherein said configuring of the class priority disables an automatic MAC learning mechanism associated with the second tool port, wherein the packet is routed to the second network port based on the disabled automatic MAC learning mechanism associated with the second tool port.
  - 15. The network device of claim 10, wherein the processing unit is further configured to control the network device to:
    - identify whether the packet is associated with a unicast transmission based on a destination MAC address of the packet; and
      
      if the packet is not associated with the unicast transmission;
      
      routing a first copy of the packet, received at the first network port, to the first tool port;
      
      routing a second copy of the packet to the second network port for transmission to the second network node; and
      
      disabling said routing of the first copy of the packet from the inline tool to the second network port of the network device.
  - 16. The network device of claim 10, wherein the processing unit is further configured to control the network device:
    - identify whether the packet is associated with a unicast transmission based on a destination MAC address of the packet; and
      
      if the packet is associated with the unicast transmission;
      
      identify whether an association between the first network port and a MAC address is recorded in a data structure maintained by the network device; and
      
      if the association is not recorded in the data structure, route the packet to the second network port without transmission to the inline tool.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gigamon Incorporated (Elliott Capital Advisors LP)
Original Assignee
Gigamon Incorporated (Elliott Capital Advisors LP)
Inventors
Sufleta, Zbigniew, Kumar, Anant
Primary Examiner(s)
Cheng, Peter

Application Number

US14/880,036
Time in Patent Office

991 Days
Field of Search

370389
US Class Current
CPC Class Codes

H04L 45/74   Address processing for routing

H04L 49/30   Peripheral units, e.g. inpu...

H04L 49/354   for supporting virtual loca...

Network switch device for routing network traffic through an inline tool

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Network switch device for routing network traffic through an inline tool

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others