Switch for local area network
First Claim
1. A method for processing data packets in a computer network, the data packets including information from one or more of Layers 2 through 7 of the OSI Model, comprising:
- configuring a packet filter engine to process data packets at wire-speed based on one or more user defined packet policies, each user defined packet policy specifying information for one or more of Layers 4 through 7;
receiving a data packet, the received data packet having a sequence of bytes;
examining the data packet;
determining if there is a match between the data packet and one or more of the packet policies, each packet policy having on or more policy action fields;
if no matching packet policy is found, routing the data packet;
if a matching packet policy is found, processing the data packet based on the policy action fields of the matching policy.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus, including computer program products, implement techniques for processing data packets in a computer network. A packet filter engine is configured to process data packets at wire-speed based on or more user defined packet policies. A received data packet is examined to determine if there is a match between the data packet and one or more packet policies. If no matching packet policies are found, the packet is routed. If a matching packet policy is found, the data packet is processed based on the policy action fields of the matching policy.
141 Citations
39 Claims
-
1. A method for processing data packets in a computer network, the data packets including information from one or more of Layers 2 through 7 of the OSI Model, comprising:
-
configuring a packet filter engine to process data packets at wire-speed based on one or more user defined packet policies, each user defined packet policy specifying information for one or more of Layers 4 through 7;
receiving a data packet, the received data packet having a sequence of bytes;
examining the data packet;
determining if there is a match between the data packet and one or more of the packet policies, each packet policy having on or more policy action fields;
if no matching packet policy is found, routing the data packet;
if a matching packet policy is found, processing the data packet based on the policy action fields of the matching policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer implemented method, comprising:
-
receiving a request at a first network switch to transfer switch data from the first network switch to a second network switch, the switch data being operable to control operation of the first network switch and the second network switch; and
transferring the switch data from the first network switch to the second network switch. - View Dependent Claims (16, 17)
-
-
18. A computer program product tangibly embodied in an information carrier, the computer program product comprising instructions operable to cause data processing equipment to:
-
configure a packet filter engine to process data packets at wire-speed based on one or more user defined packet policies, each user defined packet policy specifying information for one or more of Layers 4 through 7;
receive a data packet, the received data packet having a sequence of bytes;
examine the data packet;
determine if there is a match between the data packet and one or more of the packet policies, each packet policy having on or more policy action fields;
if no matching packet policy is found, route the data packet;
if a matching packet policy is found, process the data packet based on the policy action fields of the matching policy. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A computer program product tangibly embodied in an information carrier, the computer program product comprising instructions operable to cause data processing equipment to:
-
receive a request at a first network switch to transfer switch data from the first network switch to a second network switch, the switch data being operable to control operation of the first network switch and the second network switch; and
transfer the switch data from the first network switch to the second network switch. - View Dependent Claims (33, 34)
-
-
35. An apparatus for processing data packets, comprising:
-
a packet policy repository containing one or more requested packet policies, each requested packet policy having a policy byte pattern and one or more policy action fields;
a time triggered action unit operable to specify at least one of a start time and an end time associated with a requested packet policy of the one or more requested packet policies, generate a start time trigger event if the start time is specified, generate an end time trigger event if the end time is specified;
a packet filter engine that applies one or more activated packet policies for each received packet, the packet filter engine operating at wire-speed, the packet filter engine being operable to detect received packets matching an activated packet policy of the one or more activated packet policies, and process the packet according to the policy action fields of the matching packet policy; and
a packet policy manager, the packet policy manager detecting the start time trigger event and adding the associated requested packet policy to the one or more activated packet policies applied by the packet filter engine, the packet policy manager detecting the end time trigger event and deleting the associated requested packet policy from the one or more activated packet policies applied by the packet filter engine. - View Dependent Claims (36)
-
-
37. An apparatus for processing data packets, comprising:
-
a plurality of network switches, each network switch including a central management unit, the central management unit including a central management client and a central management server;
a first network switch being operable to transfer data from the first network switch to a second network switch;
a third network switch being operable to receive requests from the user for a transfer of switch data from the first network switch to the second network switch, the third network switch configuring the first network switch and the second network switch to complete the transfer of data requested by the user, the switch data being operable to control the operation of the first network switch and the second network switch. - View Dependent Claims (38, 39)
-
Specification