SERVICE PROCESSING SWITCH
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing IP services. A packet is received at a line interface/network module and forwarded to a virtual routing engine The virtual routing engine determines if the packet requires processing by a virtual services engine. If the packet requires processing by the virtual services engine, the packet is routed to the virtual services engine for processing.
159 Citations
11 Claims
-
1-4. -4. (canceled)
-
5. A system for providing Internet Protocol (IP) services, comprising:
-
a switch fabric; a line interface/network module coupled to the switch fabric; a plurality of virtual routing engines (VREs) coupled to the switch fabric; and a virtual services engine (VSE) coupled to the switch fabric; wherein the line interface/network module receives packets and steers ingress packets across the switch fabric to a selected VRE of the plurality of VREs and transmits egress packets according to their relative priority; wherein the selected VRE determines if a packet associated with a packet flow requires processing by the VSE by performing flow-based packet classification on the packet and evaluating forwarding state information associated with previously stored flow learning results based on a previously received packet of the packet flow; and if the packet is determined to require processing by the VSE, then steering the packet across the switch fabric to the VSE for processing. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A method for providing Internet Protocol (IP) services comprising:
-
providing within a flow manager of a switch a steering table mapping virtual local area networks (VLANS) to one or more of a plurality of virtual routing engines (VREs) of the switch; receiving a packet associated with a VLAN at a line interface/network module of a plurality of line interface/network modules of the switch; the flow manager steering the packet across a fabric of the switch to a VRE of the plurality of VREs based on a result of a steering table lookup of the VLAN in the steering table; the VRE identifying a packet flow with which the packet is associated by performing deep packet classification; the VRE determining if the packet requires processing by a virtual services engine (VSE) of the switch by consulting a flow cache; if the packet requires processing by the VSE, transferring the packet across the fabric to the VSE for processing; and the VSE transferring the processed packet back to the VRE for forwarding.
-
-
11. A system for providing Internet Protocol (IP) services, comprising:
-
a fabric; a line interface/network module coupled to the fabric; a plurality of virtual routing engines (VREs) coupled to the fabric; and an advanced security engine (ASE) coupled to the fabric; wherein the line interface/network module receives packets and steers the packets to a selected VRE of the plurality of VREs based on a result of a steering table lookup; wherein the selected VRE determines if a packet associated with a packet flow requires processing by the ASE by performing flow-based packet classification on the packet and evaluating forwarding state information associated with previously stored flow learning results based on a previously received packet of the packet flow; and if the packet is determined to require processing by the ASE, then steering the packet to the ASE for processing.
-
Specification