Scalable packet filter for a network device
First Claim
1. A network device for network communications, said network device comprising:
- at least one data port interface, said at least one data port interface supporting at least one data port transmitting and receiving data;
a CPU interface, said CPU interface configured to communicate with a CPU;
a memory, said memory communicating with said at least one data port interface;
a memory management unit, said memory management unit including a memory interface for communicating data from said at least one data port interface and said memory;
a communication channel, said communication channel for communicating data and messaging information between said at least one data port interface, the CPU interface, said memory, and said memory management unit; and
a fast filtering processor, said fast filtering processor filtering packets coming into the at least one data port interface, and taking selective filter action on a particular packet of said packets based upon specified packet field values;
wherein said specified packet field values are obtained by applying a filter mask, obtained from a field table, to the particular packet and the selective filter action is obtained from a policy table based on the specified packet field values.
4 Assignments
0 Petitions
Accused Products
Abstract
A network device for network communications is disclosed. The device includes at least one data port interface, the at least one data port interface supporting at least one data port transmitting and receiving data and a CPU interface, the CPU interface configured to communicate with a CPU. The network device also includes a memory communicating with the at least one data port interface, a memory management unit, the memory management unit including a memory interface for communicating data from the at least one data port interface and the memory and a communication channel, the communication channel for communicating data and messaging information between the at least one data port interface, the CPU interface, the memory, and the memory management unit. The network device also includes a fast filtering processor, the fast filtering processor filtering packets coming into the at least one data port interface, and taking selective filter action on a particular packet of the packets based upon specified packet field values. The specified packet field values are obtained by applying a filter mask, obtained from a field table, to the particular packet and the selective filter action is obtained from a policy table based on the specified packet field values.
-
Citations
22 Claims
-
1. A network device for network communications, said network device comprising:
-
at least one data port interface, said at least one data port interface supporting at least one data port transmitting and receiving data;
a CPU interface, said CPU interface configured to communicate with a CPU;
a memory, said memory communicating with said at least one data port interface;
a memory management unit, said memory management unit including a memory interface for communicating data from said at least one data port interface and said memory;
a communication channel, said communication channel for communicating data and messaging information between said at least one data port interface, the CPU interface, said memory, and said memory management unit; and
a fast filtering processor, said fast filtering processor filtering packets coming into the at least one data port interface, and taking selective filter action on a particular packet of said packets based upon specified packet field values;
wherein said specified packet field values are obtained by applying a filter mask, obtained from a field table, to the particular packet and the selective filter action is obtained from a policy table based on the specified packet field values. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of handling data packets in a network device, said method comprising:
-
placing incoming packets into an input queue;
applying the input data packets to an address resolution logic engine;
performing a lookup to determine whether certain packet fields are stored in a lookup table;
filtering the incoming packet through a fast filtering processor based on specified packet field values obtained from the incoming packets to obtain a selective filter action; and
discarding, forwarding, or modifying the packet based upon the filtering; and
wherein the selective filter action is obtained from a policy table based on the specified packet field values. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A network device for handling data packets, said network device comprising:
-
placing means for placing incoming packets into an input queue;
applying means for applying the input data packets to an address resolution logic engine;
performing means for performing a lookup to determine whether certain packet fields are stored in a lookup table;
filtering means for filtering the incoming packet through a fast filtering processor based on specified packet field values obtained from the incoming packets to obtain a selective filter action; and
means for discarding, forwarding, or modifying the packet based upon the filtering; and
wherein the selective filter action is obtained from a policy table based on the specified packet field values. - View Dependent Claims (18, 19, 20, 21, 22)
-
Specification
-
- Resources
-
Current AssigneeAvago Technologies General IP PTE Limited (Broadcom, Inc.)
-
Original AssigneeBroadcom Corporation (Broadcom, Inc.)
-
InventorsKalkunte, Mohan, Sampath, Srinivas
-
Application NumberUS10/351,487Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current370/401CPC Class CodesH04L 47/10 Flow control; Congestion co...H04L 47/2408 for supporting different se...H04L 47/2433 Allocation of priorities to...H04L 47/2441 relying on flow classificat...H04L 47/31 by tagging of packets, e.g....H04L 47/32 by discarding or delaying d...
