Two-Layer Switch Apparatus To Avoid First Layer Inter-Switch Link Data Traffic In Steering Packets Through Bump-In-The-Wire Service Applications

US 20100303083A1
Filed: 05/27/2009
Published: 12/02/2010
Est. Priority Date: 05/27/2009
Status: Active Grant

First Claim

Patent Images

1. A method of link-level data communications,the method carried out in link-level data communications switching apparatus, the switching apparatus comprising modular link-level data communications switches disposed within a modular computer cabinet, the modular computer cabinet also having disposed within it a plurality of modular computer systems;

the switching apparatus configured as two layers of link-level data communications switches, a first layer and a second layer, the first layer switches coupled for data communications to data communications networks, the first layer switches also coupled to one another for link-level data communications by inter-switch links, each first layer switch also coupled for link-level data communications to each of the second layer switches, each second layer switch coupled for link-level data communications to at least one of the modular computer systems so that each second layer switch provides data communications connections to the switching apparatus only for service applications in the modular computer system to which a second layer switch is coupled;

all the switches stacked by a stacking protocol that shares administrative configuration information among the switches through the inter-switch links and presents all the switches in the switching apparatus to the networks and to the modular computer systems as a single logical switch;

the switching apparatus further comprises a plurality of data communications ports, at least two of the ports coupling the switching apparatus to at least two data communications networks, at least two additional ports connected to service applications on at least two of the modular computer systems that carry out transparent, bump-in-the-wire data processing of data communications packets traveling among the networks, each service application associated with a unique, link-level identifier;

the switching apparatus further comprises rules governing the steering of data communications among service applications and networks connected to the switching apparatus, each rule comprising an association of an ingress port and a switch egress;

the method comprising;

receiving, in the switching apparatus through an ingress port from a source network, data communications packets directed to a destination network, each packet containing a source network address that identifies the source of the packet in the source network, each packet optionally also containing a destination network address that identifies a destination of the packet in the destination network; and

steering by the switching apparatus each packet among the applications and through an egress port to the destination network, such steering carried out only in accordance with the rules, without using the link-level identifier of any service application, steering none of the packets through any of the inter-switch links among the first layer switches.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Link-level data communications carried out in a link-level data communications switching apparatus that includes modular link-level data communications switches; the switching apparatus is configured as two layers of link-level data communications switches; all the switches stacked by a stacking protocol that shares administrative configuration information among the switches and presents the switches as a single logical switch; the switching apparatus includes data communications ports coupling the switching apparatus to data communications networks and to service applications, each service application associated with a unique, link-level identifier; the switching apparatus includes rules governing the steering of packets among service applications and networks; including receiving, in the switching apparatus, packets directed to a destination network; and steering each packet among the service applications to the destination network in accordance with the rules, without using the link-level identifier of any service application.

141 Citations

21 Claims

1. A method of link-level data communications,the method carried out in link-level data communications switching apparatus, the switching apparatus comprising modular link-level data communications switches disposed within a modular computer cabinet, the modular computer cabinet also having disposed within it a plurality of modular computer systems;
- the switching apparatus configured as two layers of link-level data communications switches, a first layer and a second layer, the first layer switches coupled for data communications to data communications networks, the first layer switches also coupled to one another for link-level data communications by inter-switch links, each first layer switch also coupled for link-level data communications to each of the second layer switches, each second layer switch coupled for link-level data communications to at least one of the modular computer systems so that each second layer switch provides data communications connections to the switching apparatus only for service applications in the modular computer system to which a second layer switch is coupled;
  
  all the switches stacked by a stacking protocol that shares administrative configuration information among the switches through the inter-switch links and presents all the switches in the switching apparatus to the networks and to the modular computer systems as a single logical switch;
  
  the switching apparatus further comprises a plurality of data communications ports, at least two of the ports coupling the switching apparatus to at least two data communications networks, at least two additional ports connected to service applications on at least two of the modular computer systems that carry out transparent, bump-in-the-wire data processing of data communications packets traveling among the networks, each service application associated with a unique, link-level identifier;
  
  the switching apparatus further comprises rules governing the steering of data communications among service applications and networks connected to the switching apparatus, each rule comprising an association of an ingress port and a switch egress;
  
  the method comprising;
  
  receiving, in the switching apparatus through an ingress port from a source network, data communications packets directed to a destination network, each packet containing a source network address that identifies the source of the packet in the source network, each packet optionally also containing a destination network address that identifies a destination of the packet in the destination network; and
  
  steering by the switching apparatus each packet among the applications and through an egress port to the destination network, such steering carried out only in accordance with the rules, without using the link-level identifier of any service application, steering none of the packets through any of the inter-switch links among the first layer switches.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein at least some of the first layer switches are incorporated in one or more link aggregation groups for data communications with the networks, each link aggregation group presenting to at least one of the networks multiple physical links as a single logical link.
  - 3. The method of claim 1 wherein:
    - the switching apparatus is configured, for at least some of the service applications, with two ports coupled to each such service application, one port for egress of packets from the switching apparatus to such service applications and another port for ingress of packets from such service applications; and
      
      steering each packet among the service applications further comprises steering each packet from the switching apparatus to such a service application through a separate egress port, each such service application carrying out its data processing related to each packet and then returning each packet to the switching apparatus through a separate ingress port.
  - 4. The method of claim 1 wherein:
    - the switching apparatus is configured, for at least some of the service applications, with only one port coupled to each such service application; and
      
      steering each packet among the service applications further comprises steering each packet from the switching apparatus to such a service application through the one port coupling such a service application to the switching apparatus, each such service application carrying out its data processing related to each packet and then returning each packet to the switching apparatus through the one port.
  - 5. The method of claim 1 wherein steering each packet among the applications further comprises, upon receiving a packet through an ingress port from a source network, selecting, in dependence upon the ingress port through which the packet was received, a rule that governs steering the packet to a switch egress.
  - 6. The method of claim 1 wherein:
    - the rules include at least one rule that further includes at least one network code that identifies two networks between which packets may travel through the switching apparatus and a direction of travel between the two networks;
      
      each packet further comprises a link-level source identifier that identifies a link-level source for each packet in the source network;
      
      the switching apparatus further comprises orientation records that associate, for each packet received from a source network, the packet'"'"'s link-level source identifier and a network code specifying for each packet a direction of travel between two networks;
      
      steering each packet among the service applications further comprises, for each packet received through an ingress port from a service application;
      
      identifying, from the orientation records in dependence upon the packet'"'"'s link-level source identifier, the packet'"'"'s network code for a direction of travel between networks; and
      
      selecting, in dependence upon the packet'"'"'s network code and the ingress port through which the packet was received from the service application, a rule that governs steering the packet to a next switch egress.
  - 7. The method of claim 1 wherein:
    - the rules, in addition to an ingress port and a switch egress, also include additional packet attributes, the additional packet attributes defining a plurality of paths among the service applications; and
      
      steering each packet among the service applications further comprises steering each packet along one of the plurality of paths among the service applications defined by the additional packet attributes.

8. Apparatus for link-level data communications, the apparatus comprising:
- a link-level data communications switching apparatus, the switching apparatus comprising modular link-level data communications switches disposed within a modular computer cabinet, the modular computer cabinet also having disposed within it a plurality of modular computer systems;
  
  the switching apparatus configured as two layers of link-level data communications switches, a first layer and a second layer, the first layer switches coupled for data communications to data communications networks, the first layer switches also coupled to one another for link-level data communications by inter-switch links, each first layer switch also coupled for link-level data communications to each of the second layer switches, each second layer switch coupled for link-level data communications to at least one of the modular computer systems so that each second layer switch provides data communications connections to the switching apparatus only for service applications in the modular computer system to which a second layer switch is coupled;
  
  all the switches stacked by a stacking protocol that shares administrative configuration information among the switches through the inter-switch links and presents all the switches in the switching apparatus to the networks and to the modular computer systems as a single logical switch;
  
  the switching apparatus further comprises a plurality of data communications ports, at least two of the ports coupling the switching apparatus to at least two data communications networks, at least two additional ports connected to service applications on at least two of the modular computer systems that carry out transparent, bump-in-the-wire data processing of data communications packets traveling among the networks, each service application associated with a unique, link-level identifier;
  
  the switching apparatus further comprises rules governing the steering of data communications among service applications and networks connected to the switching apparatus, each rule comprising an association of an ingress port and a switch egress;
  
  the apparatus configured to carry out the steps of;
  
  receiving, in the switching apparatus through an ingress port from a source network, data communications packets directed to a destination network, each packet containing a source network address that identifies the source of the packet in the source network, each packet optionally also containing a destination network address that identifies a destination of the packet in the destination network; and
  
  steering by the switching apparatus each packet among the applications and through an egress port to the destination network, such steering carried out only in accordance with the rules, without using the link-level identifier of any service application, steering none of the packets through any of the inter-switch links among the first layer switches.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8 wherein at least some of the first layer switches are incorporated in one or more link aggregation groups for data communications with the networks, each link aggregation group presenting to at least one of the networks multiple physical links as a single logical link.
  - 10. The apparatus of claim 8 wherein:
    - the switching apparatus is configured, for at least some of the service applications, with two ports coupled to each such service application, one port for egress of packets from the switching apparatus to such service applications and another port for ingress of packets from such service applications; and
      
      steering each packet among the service applications further comprises steering each packet from the switching apparatus to such a service application through a separate egress port, each such service application carrying out its data processing related to each packet and then returning each packet to the switching apparatus through a separate ingress port.
  - 11. The apparatus of claim 8 wherein:
    - the switching apparatus is configured, for at least some of the service applications, with only one port coupled to each such service application; and
      
      steering each packet among the service applications further comprises steering each packet from the switching apparatus to such a service application through the one port coupling such a service application to the switching apparatus, each such service application carrying out its data processing related to each packet and then returning each packet to the switching apparatus through the one port.
  - 12. The apparatus of claim 8 wherein steering each packet among the applications further comprises, upon receiving a packet through an ingress port from a source network, selecting, in dependence upon the ingress port through which the packet was received, a rule that governs steering the packet to a switch egress.
  - 13. The apparatus of claim 8 wherein:
    - the rules include at least one rule that further includes at least one network code that identifies two networks between which packets may travel through the switching apparatus and a direction of travel between the two networks;
      
      each packet further comprises a link-level source identifier that identifies a link-level source for each packet in the source network;
      
      the switching apparatus further comprises orientation records that associate, for each packet received from a source network, the packet'"'"'s link-level source identifier and a network code specifying for each packet a direction of travel between two networks;
      
      steering each packet among the service applications further comprises, for each packet received through an ingress port from a service application;
      
      identifying, from the orientation records in dependence upon the packet'"'"'s link-level source identifier, the packet'"'"'s network code; and
      
      selecting, in dependence upon the packet'"'"'s network code and the ingress port through which the packet was received from the service application, a rule that governs steering the packet to a next switch egress.
  - 14. The apparatus of claim 9 wherein:
    - the rules, in addition to an ingress port and a switch egress, also include additional packet attributes, the additional packet attributes defining a plurality of paths among the service applications for a direction of travel between networks; and
      
      steering each packet among the service applications further comprises steering each packet along one of the plurality of paths among the service applications defined by the additional packet attributes.

15. A computer program product for link-level data communications carried out in link-level data communications switching apparatus, the computer program product disposed in recordable medium for machine-readable information,the switching apparatus comprising modular link-level data communications switches disposed within a modular computer cabinet, the modular computer cabinet also having disposed within it a plurality of modular computer systems;
- the switching apparatus configured as two layers of link-level data communications switches, a first layer and a second layer, the first layer switches coupled for data communications to data communications networks, the first layer switches also coupled to one another for link-level data communications by inter-switch links, each first layer switch also coupled for link-level data communications to each of the second layer switches, each second layer switch coupled for link-level data communications to at least one of the modular computer systems so that each second layer switch provides data communications connections to the switching apparatus only for service applications in the modular computer system to which a second layer switch is coupled;
  
  all the switches stacked by a stacking protocol that shares administrative configuration information among the switches through the inter-switch links and presents all the switches in the switching apparatus to the networks and to the modular computer systems as a single logical switch;
  
  the switching apparatus further comprises a plurality of data communications ports, at least two of the ports coupling the switching apparatus to at least two data communications networks, at least two additional ports connected to service applications on at least two of the modular computer systems that carry out transparent, bump-in-the-wire data processing of data communications packets traveling among the networks, each service application associated with a unique, link-level identifier;
  
  the switching apparatus further comprises rules governing the steering of data communications among service applications and networks connected to the switching apparatus, each rule comprising an association of an ingress port and a switch egress;
  
  the computer program product comprising computer program instructions which, when executed by a data communications processor, cause the switching apparatus to carry out the steps of;
  
  receiving, in the switching apparatus through an ingress port from a source network, data communications packets directed to a destination network, each packet containing a source network address that identifies the source of the packet in the source network, each packet optionally also containing a destination network address that identifies a destination of the packet in the destination network; and
  
  steering by the switching apparatus each packet among the applications and through an egress port to the destination network, such steering carried out only in accordance with the rules, without using the link-level identifier of any service application, steering none of the packets through any of the inter-switch links among the first layer switches.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer program product of claim 15 wherein at least some of the first layer switches are incorporated in one or more link aggregation groups for data communications with the networks, each link aggregation group presenting to at least one of the networks multiple physical links as a single logical link.
  - 17. The computer program product of claim 15 wherein:
    - the switching apparatus is configured, for at least some of the service applications, with two ports coupled to each such service application, one port for egress of packets from the switching apparatus to such service applications and another port for ingress of packets from such service applications; and
      
      steering each packet among the service applications further comprises steering each packet from the switching apparatus to such a service application through a separate egress port, each such service application carrying out its data processing related to each packet and then returning each packet to the switching apparatus through a separate ingress port.
  - 18. The computer program product of claim 15 wherein:
    - the switching apparatus is configured, for at least some of the service applications, with only one port coupled to each such service application; and
      
      steering each packet among the service applications further comprises steering each packet from the switching apparatus to such a service application through the one port coupling such a service application to the switching apparatus, each such service application carrying out its data processing related to each packet and then returning each packet to the switching apparatus through the one port.
  - 19. The computer program product of claim 15 wherein steering each packet among the applications further comprises, upon receiving a packet through an ingress port from a source network, selecting, in dependence upon the ingress port through which the packet was received, a rule that governs steering the packet to a switch egress.
  - 20. The computer program product of claim 15 wherein:
    - the rules include at least one rule that further includes at least one network code that identifies two networks between which packets may travel through the switching apparatus and a direction of travel between the two networks;
      
      each packet further comprises a link-level source identifier that identifies a link-level source for each packet in the source network;
      
      the switching apparatus further comprises orientation records that associate, for each packet received from a source network, the packet'"'"'s link-level source identifier and a network code specifying for each packet a direction of travel between two networks;
      
      steering each packet among the service applications further comprises, for each packet received through an ingress port from a service application;
      
      identifying, from the orientation records in dependence upon the packet'"'"'s link-level source identifier, the packet'"'"'s network code; and
      
      selecting, in dependence upon the packet'"'"'s network code and the ingress port through which the packet was received from the service application, a rule that governs steering the packet to a next switch egress.
  - 21. The computer program product of claim 15 wherein:
    - the rules, in addition to an ingress port and a switch egress, also include additional packet attributes, the additional packet attributes defining a plurality of paths among the service applications for a direction of travel between networks; and
      
      steering each packet among the service applications further comprises steering each packet along one of the plurality of paths among the service applications defined by the additional packet attributes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Belanger, Matthew T., Shippy, Gary R.

Granted Patent

US 8,170,038 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/401
CPC Class Codes

H04L 49/602 Multilayer or multiprotocol...

Two-Layer Switch Apparatus To Avoid First Layer Inter-Switch Link Data Traffic In Steering Packets Through Bump-In-The-Wire Service Applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

141 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Two-Layer Switch Apparatus To Avoid First Layer Inter-Switch Link Data Traffic In Steering Packets Through Bump-In-The-Wire Service Applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

141 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links