Methods and Systems for Fragmentation and Reassembly for IP Tunnels in Hardware Pipelines
First Claim
1. A method for inline fragment reassembly of tunneled data, comprising the steps of:
- receiving an initial segment of a plurality of tunneled segments of a first fragmented packet;
processing the initial segment;
storing the initial segment in a memory;
receiving a last segment of the plurality of tunneled segments of the first fragmented packet;
processing the last segment;
storing the last segment in the memory;
moving the plurality of tunneled segments to an output queue; and
stitching together the plurality of tunneled segments to form a reassembled packet.
1 Assignment
0 Petitions
Accused Products
Abstract
A novel flow-through architecture for fragmentation and reassembly of tunnel packets in network devices is presented. The fragmentation and reassembly of tunneled packets are handled in the hardware pipeline to achieve line-rate processing of the traffic flow without the need for additional store and forward operations typically provided by a host processor or a co-processor. In addition, the hardware pipeline may perform fragmentation and reassembly of packets using encrypted tunnels by performing segment-by-segment crypto. A network device implementing fragment reassembly can include an ingress hardware pipeline that reassembles fragmented packets between a media access control (MAC) of the device and an output packet memory of the device, where the incoming fragmented packets can be encrypted and/or tunneled. A network device implementing packet fragmentation can include an egress hardware pipeline that fragments packets between an input packet memory of the device and the MAC, where the outgoing fragments can be encrypted and/or tunneled.
-
Citations
23 Claims
-
1. A method for inline fragment reassembly of tunneled data, comprising the steps of:
-
receiving an initial segment of a plurality of tunneled segments of a first fragmented packet;
processing the initial segment;
storing the initial segment in a memory;
receiving a last segment of the plurality of tunneled segments of the first fragmented packet;
processing the last segment;
storing the last segment in the memory;
moving the plurality of tunneled segments to an output queue; and
stitching together the plurality of tunneled segments to form a reassembled packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A device for inline fragment reassembly of tunneled data, comprising:
-
means for receiving an initial segment of a plurality of tunneled segments of a first fragmented packet;
means for processing the initial segment;
means for storing the initial segment in a memory;
means for receiving a last segment of the plurality of tunneled segments of the first fragmented packet;
means for processing the last segment;
means for storing the last segment in the memory;
means for moving the plurality of tunneled segments to an output queue; and
means for stitching together the plurality of tunneled segments to form a reassembled packet.
-
-
11. A method for inline fragmentation of tunneled data, comprising the steps of:
-
receiving a packet from a packet memory;
determining tunnel encapsulation is required for the packet;
determining fragmentation is required for the packet;
creating a header for an initial segment of a plurality of segments for the packet;
transmitting the header and the initial segment, wherein the initial segment is an initial piece of the packet that is of a certain size;
creating the header for a next segment of the plurality of segments for the packets; and
transmitting the header and the next segment, wherein the next segment is a next piece of the packet that is of the certain size. - View Dependent Claims (12)
-
-
13. A device for inline fragmentation of tunneled data, comprising:
-
means for receiving a packet from a packet memory;
means for determining tunnel encapsulation is required for the packet;
means for determining fragmentation is required for the packet;
means for creating a header for an initial segment of a plurality of segments for the packet;
means for transmitting the header and the initial segment, wherein the initial segment is an initial piece of the packet that is of a certain size;
means for creating the header for a next segment of the plurality of segments for the packets; and
means for transmitting the header and the next segment, wherein the next segment is a next piece of the packet that is of the certain size. - View Dependent Claims (14)
-
-
15. A device, comprising:
an ingress hardware pipeline that reassembles a plurality of incoming segments into a packet between a media access control (MAC) of the device and an output packet memory of the device. - View Dependent Claims (16, 17, 18, 19, 20)
-
21. A device, comprising:
an egress hardware pipeline that fragments a packets into a plurality of segments between an input packet memory of the device and the media access control (MAC) of the device. - View Dependent Claims (22, 23)
Specification