Frame filtering of fibre channel packets

US 20020176433A1
Filed: 04/17/2002
Published: 11/28/2002
Est. Priority Date: 04/18/2001
Status: Active Grant

First Claim

Patent Images

1. A Fibre Channel device for use in a Fibre Channel fabric for filtering data packets, the fabric coupling a plurality of internal devices, the Fibre Channel device comprising:

a data packet register for storing portions of a data packet;

a first memory storing filtering information relating to a first portion of a data packet;

a first comparator coupled to said first memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;

a second memory storing filtering information relating to a second portion of the data packet;

a second comparator coupled to said second memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;

a third memory coupled to said first comparator indicating group information based on said first comparator output;

a fourth memory coupled to said second comparator indicating group information based on said second comparator output; and

a comparison circuit coupled to said third and fourth memories to determine the presence of any overlap in said indicated group information and providing an output indicative thereof.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a system and a method for filtering a plurality of frames sent between devices coupled to a fabric by Fiber Channel connections. Frames are reviewed against a set of individual frame filters. Each frame filter is associated with an action, and actions selected by filter matches are prioritized. Groups of devices are “zoned” together and frame filtering ensures that restrictions placed upon communications between devices within the same zone are enforced. Zone group filtering is also used to prevent devices not within the same zone from communicating. Zoning may also be used to create LUN-level zones, protocol zones, and access control zones. In addition, individual frame filters may be created that reference selected portions of frame header or frame payload fields.

35 Citations

View as Search Results

66 Claims

1. A Fibre Channel device for use in a Fibre Channel fabric for filtering data packets, the fabric coupling a plurality of internal devices, the Fibre Channel device comprising:
- a data packet register for storing portions of a data packet;
  
  a first memory storing filtering information relating to a first portion of a data packet;
  
  a first comparator coupled to said first memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;
  
  a second memory storing filtering information relating to a second portion of the data packet;
  
  a second comparator coupled to said second memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;
  
  a third memory coupled to said first comparator indicating group information based on said first comparator output;
  
  a fourth memory coupled to said second comparator indicating group information based on said second comparator output; and
  
  a comparison circuit coupled to said third and fourth memories to determine the presence of any overlap in said indicated group information and providing an output indicative thereof.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- - 2. The Fibre Channel device of claim 1, wherein said first memory and said first comparator form a content addressable memory;
    - and said second memory and said second comparator form a content addressable memory.
  - 3. The Fibre Channel device of claim 1, wherein said first portion of the data packet includes the source device address.
  - 4. The Fibre Channel device of claim 3, wherein said second portion of the data packet includes the destination device address.
  - 5. The Fibre Channel device of claim 4, wherein said second portion of the data packet further includes the logical unit number.
  - 6. The Fibre Channel device of claim 1, wherein said second portion of the data packet includes the destination device address.
  - 7. The Fibre Channel device of claim 6, wherein said second portion of the data packet further includes the logical unit number.
  - 8. The Fibre Channel device of claim 1, wherein said second portion of the data packet includes the logical unit number.
  - 9. The Fibre Channel device of claim 8, further comprising:
    - a logical unit number register including information defining the location of the logical unit number in the data packet.
  - 10. The Fibre Channel device of claim 1, further comprising:
    - a data value register including information defining the location of the data values in the data packet, and wherein said second portion includes values whose locations are defined by said register.
  - 11. The Fibre Channel device of claim 1, further comprising:
    - a field data value register defining a third portion of a data packet and comparison values for that third portion; and
      
      a third comparator coupled to said field data value register and said data packet register comparing said field data value register comparison values and the data packet and providing an output indicative thereof.
  - 12. The Fibre Channel device of claim 11, wherein said comparison circuit and said third comparator provide a plurality of alternatives in the respective outputs, the Fibre Channel device further comprising:
    - a comparison output circuit selecting at least one of said plurality of comparison circuit output alternatives;
      
      a field value output circuit selecting at least one of said plurality of third comparator output alternatives; and
      
      a combination circuit coupled to said comparison output circuit, said field value output circuit, said comparison circuit and said third comparator, said combination circuit combining said selected comparison circuit output alternatives and third comparator output alternatives and producing an output indicative thereof.
  - 13. The Fibre Channel device of claim 12, further comprising:
    - an action circuit coupled to said combination circuit selecting an action output based on said combination circuit output.
  - 14. The Fibre Channel device of claim 13, wherein said first and second memories have a plurality of entries and wherein said third and fourth memories have a plurality of entries, one for each entry, respectively, in said first and second memories, said Fibre Channel device further comprising:
    - a plurality of field data value registers and associated third comparators; and
      
      a plurality of comparison output circuits, field value output circuits and associated combination circuits, and wherein said action circuit is coupled to said plurality of associated combination circuits and provides an action output based on said plurality of combination circuit outputs.
  - 15. The Fibre Channel device of claim 14, wherein said action circuit includes determining the priority of said plurality of combination circuit outputs.
  - 16. The Fibre Channel device of claim 1, wherein said comparison circuit output indicates a plurality of alternatives of the third and fourth memory comparisons.
  - 17. The Fibre Channel device of claim 16, wherein said third and fourth memories are organized into portions and said comparison circuit output further indicates a plurality of alternatives of third and fourth memory comparisons of said portions.
  - 19. The Fibre Channel switch of claim 18, wherein said first memory and said first comparator form a content addressable memory;
    - and said second memory and said second comparator form a content addressable memory.
  - 20. The Fibre Channel switch of claim 18, wherein said first portion of the data packet includes the source device address.
  - 21. The Fibre Channel switch of claim 20, wherein said second portion of the data packet includes the destination device address.
  - 22. The Fibre Channel switch of claim 21, wherein said second portion of the data packet further includes the logical unit number.
  - 23. The Fibre Channel switch of claim 18, wherein said second portion of the data packet includes the destination device address.
  - 24. The Fibre Channel switch of claim 23, wherein said second portion of the data packet further includes the logical unit number.
  - 25. The Fibre Channel switch of claim 18, wherein said second portion of the data packet includes the logical unit number.
  - 26. The Fibre Channel switch of claim 25, said Fibre Channel device further including:
    - a logical unit number register including information defining the location of the logical unit number in the data packet.
  - 27. The Fibre Channel switch of claim 18, said Fibre Channel device further including:
    - a data value register including information defining the location of the data values in the data packet, and wherein said second portion includes values whose locations are defined by said register.
  - 28. The Fibre Channel switch of claim 18, said Fibre Channel device further including:
    - a field data value register defining a third portion of a data packet and comparison values for that third portion; and
      
      a third comparator coupled to said field data value register and said data packet register comparing said field data value register comparison values and the data packet and providing an output indicative thereof.
  - 29. The Fibre Channel switch of claim 28, wherein said comparison circuit and said third comparator provide a plurality of alternatives in the respective outputs, the Fibre Channel device further including:
    - a comparison output circuit selecting at least one of said plurality of comparison circuit output alternatives;
      
      a field value output circuit selecting at least one of said plurality of third comparator output alternatives; and
      
      a combination circuit coupled to said comparison output circuit, said field value output circuit, said comparison circuit and said third comparator, said combination circuit combining said selected comparison circuit output alternatives and third comparator output alternatives and producing an output indicative thereof.
  - 30. The Fibre Channel switch of claim 29, said Fibre Channel device further including:
    - an action circuit coupled to said combination circuit selecting an action output based on said combination circuit output.
  - 31. The Fibre Channel switch of claim 30, wherein said first and second memories have a plurality of entries and wherein said third and fourth memories have a plurality of entries, one for each entry, respectively, in said first and second memories, said Fibre Channel device further including:
    - a plurality of field data value registers and associated third comparators; and
      
      a plurality of comparison output circuits, field value output circuits and associated combination circuits, and wherein said action circuit is coupled to said plurality of associated combination circuits and provides an action output based on said plurality of combination circuit outputs.
  - 32. The Fibre Channel switch of claim 31, wherein said action circuit includes determining the priority of said plurality of combination circuit outputs.
  - 33. The Fibre Channel switch of claim 18, wherein said comparison circuit output indicates a plurality of alternatives of the third and fourth memory comparisons.
  - 34. The Fibre Channel switch of claim 33, wherein said third and fourth memories are organized into portions and said comparison circuit output further indicates a plurality of alternatives of third and fourth memory comparisons of said portions.
  - 36. The Fibre Channel fabric of claim 35, wherein said first memory and said first comparator form a content addressable memory;
    - and said second memory and said second comparator form a content addressable memory.
  - 37. The Fibre Channel fabric of claim 35, wherein said first portion of the data packet includes the source device address.
  - 38. The Fibre Channel fabric of claim 37, wherein said second portion of the data packet includes the destination device address.
  - 39. The Fibre Channel fabric of claim 38, wherein said second portion of the data packet further includes the logical unit number.
  - 40. The Fibre Channel fabric of claim 35, wherein said second portion of the data packet includes the destination device address.
  - 41. The Fibre Channel fabric of claim 40, wherein said second portion of the data packet further includes the logical unit number.
  - 42. The Fibre Channel fabric of claim 35, wherein said second portion of the data packet includes the logical unit number.
  - 43. The Fibre Channel fabric of claim 42, said Fibre Channel device further including:
    - a logical unit number register including information defining the location of the logical unit number in the data packet.
  - 44. The Fibre Channel fabric of claim 35, said Fibre Channel device further including:
    - a data value register including information defining the location of the data values in the data packet, and wherein said second portion includes values whose locations are defined by said register.
  - 45. The Fibre Channel fabric of claim 35, said Fibre Channel device further including:
    - a field data value register defining a third portion of a data packet and comparison values for that third portion; and
      
      a third comparator coupled to said field data value register and said data packet register comparing said field data value register comparison values and the data packet and providing an output indicative thereof.
  - 46. The Fibre Channel fabric of claim 45, wherein said comparison circuit and said third comparator provide a plurality of alternatives in the respective outputs, the Fibre Channel device further including:
    - a comparison output circuit selecting at least one of said plurality of comparison circuit output alternatives;
      
      a field value output circuit selecting at least one of said plurality of third comparator output alternatives; and
      
      a combination circuit coupled to said comparison output circuit, said field value output circuit, said comparison circuit and said third comparator, said combination circuit combining said selected comparison circuit output alternatives and third comparator output alternatives and producing an output indicative thereof.
  - 47. The Fibre Channel fabric of claim 46, said Fibre Channel device further including:
    - an action circuit coupled to said combination circuit selecting an action output based on said combination circuit output.
  - 48. The Fibre Channel fabric of claim 47, wherein said first and second memories have a plurality of entries and wherein said third and fourth memories have a plurality of entries, one for each entry, respectively, in said first and second memories, said Fibre Channel device further including:
    - a plurality of field data value registers and associated third comparators; and
      
      a plurality of comparison output circuits, field value output circuits and associated combination circuits, and wherein said action circuit is coupled to said plurality of associated combination circuits and provides an action output based on said plurality of combination circuit outputs.
  - 49. The Fibre Channel fabric of claim 48, wherein said action circuit includes determining the priority of said plurality of combination circuit outputs.
  - 50. The Fibre Channel fabric of claim 35, wherein said comparison circuit output indicates a plurality of alternatives of the third and fourth memory comparisons.
  - 51. The Fibre Channel fabric of claim 50, wherein said third and fourth memories are organized into portions and said comparison circuit output further indicates a plurality of alternatives of third and fourth memory comparisons of said portions.

18. A Fibre Channel switch for use in a Fibre Channel fabric for filtering data packets, the fabric coupling a plurality of internal devices, the Fibre Channel switch comprising:
- a microprocessor;
  
  local memory connected to said microprocessor; and
  
  a Fibre Channel device connected to and controlled by said microprocessor, wherein said Fibre Channel device includes;
  
  a data packet register for storing portions of a data packet;
  
  a first memory storing filtering information relating to a first portion of a data packet;
  
  a first comparator coupled to said first memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;
  
  a second memory storing filtering information relating to a second portion of the data packet;
  
  a second comparator coupled to said second memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;
  
  a third memory coupled to said first comparator indicating group information based on said first comparator output;
  
  a fourth memory coupled to said second comparator indicating group information based on said second comparator output; and
  
  a comparison circuit coupled to said third and fourth memories to determine the presence of any overlap in said indicated group information and providing an output indicative thereof.

35. A Fibre Channel fabric comprising:
- a plurality of external devices;
  
  a first Fibre Channel switch coupled to a first portion of said plurality of external devices; and
  
  a second Fibre Channel switch coupled to a second portion of said plurality of external devices and coupled to said first Fibre Channel switch, wherein the fabric is configured into at least two zones, where said external devices are allowed to exchange data packets only with external devices in the same zone and wherein said first and second Fibre Channel switches enforce the zones in hardware, each of said first and second Fibre Channel switches including;
  
  ;
  
  a microprocessor;
  
  local memory connected to said microprocessor; and
  
  a Fibre Channel device connected to and controlled by said microprocessor, wherein said Fibre Channel device includes;
  
  a data packet register for storing portions of a data packet;
  
  a first memory storing filtering information relating to a first portion of a data packet;
  
  a first comparator coupled to said first memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;
  
  a second memory storing filtering information relating to a second portion of the data packet;
  
  a second comparator coupled to said second memory and said data packet register comparing said information to the data packet and providing an output indicative thereof;
  
  a third memory coupled to said first comparator indicating group information based on said first comparator output;
  
  a fourth memory coupled to said second comparator indicating group information based on said second comparator output; and
  
  a comparison circuit coupled to said third and fourth memories to determine the presence of any overlap in said indicated group information and providing an output indicative thereof.

52. A method device for filtering Fibre Channel data packets, the method comprising the steps of:
- storing portions of a data packet;
  
  storing filtering information relating to a first portion of a data packet;
  
  comparing said filtering information relating to the first portion of the data packet to said stored portions of the data packet and providing an output indicative thereof;
  
  storing filtering information relating to a second portion of the data packet;
  
  comparing said filtering information relating to the second portion of the data packet to said stored portions of the data packet and providing an output indicative thereof;
  
  indicating group information based on said first comparison output;
  
  indicating group information based on said second comparison output; and
  
  determining the presence of any overlap in said indicated group information and providing an output indicative thereof.
- View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66)
- - 53. The method of claim 52, wherein said storing first portion filtering information and said first portion comparison are performed using a content addressable memory;
    - and said storing second portion filtering information and said second portion comparison are performed using a content addressable memory.
  - 54. The method of claim 52, wherein said first portion of the data packet includes the source device address.
  - 55. The method of claim 54, wherein said second portion of the data packet includes the destination device address.
  - 56. The method of claim 55, wherein said second portion of the data packet further includes the logical unit number.
  - 57. The method of claim 52, wherein said second portion of the data packet includes the destination device address.
  - 58. The method of claim 57, wherein said second portion of the data packet further includes the logical unit number.
  - 59. The method of claim 52, wherein said second portion of the data packet includes the logical unit number.
  - 60. The method of claim 59, further comprising:
    - storing information defining the location of the logical unit number in the data packet.
  - 61. The method of claim 52, further comprising:
    - storing information defining the location of the data values in the data packet, and wherein said second portion of the data packet includes values whose locations are defined by said stored information.
  - 62. The method of claim 52, further comprising:
    - storing information defining a third portion of a data packet and comparison values for that third portion; and
      
      comparing said third portion comparison values and the data packet and providing an output indicative thereof.
  - 63. The method of claim 62, wherein said group information overlap determining step and said third portion comparing step provide a plurality of alternatives in the respective outputs, the method further comprising:
    - selecting at least one of said plurality of group information overlap determining step output alternatives;
      
      selecting at least one of said plurality of third portion comparing step output alternatives; and
      
      combining said group information overlap determining step output alternatives and third portion comparing step output alternatives and producing an output indicative thereof.
  - 64. The method of claim 63, further comprising:
    - selecting an action output based on said combining step output.
  - 65. The method of claim 52, wherein said overlap determining step output indicates a plurality of alternatives.
  - 66. The method of claim 65, wherein said indications of group information based on said first and second comparison outputs are organized into portions and said overlap determining step output further indicates a plurality of alternatives.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Brocade Communications Systems, Inc. (Broadcom, Inc.)
Inventors
Yu, Shunjia, Banks, David C., Zhu, Jieming, Wu, Ding Long

Granted Patent

US 7,151,778 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/422
CPC Class Codes

H04L 49/103   using a shared central buff...

H04L 49/3018   Input queuing

H04L 49/3027   Output queuing

H04L 49/3036   Shared queuing

H04L 49/357   Fibre channel switches

Frame filtering of fibre channel packets

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

66 Claims

Specification

Solutions

Use Cases

Quick Links

Frame filtering of fibre channel packets

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

66 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links