Network address filter device
First Claim
Patent Images
1. An address filtering device coupled to a host machine for rendering decisions about forwarding data frames that are transported through a network to the host machine, the device comprising:
- a hash function device for receiving incoming addresses corresponding to the data frame and forming respective index values;
a lookup table having status entries indexed according to the index values and providing a initial address status;
an address table having entries indexed according to the index values, each entry having address status indicators and an entry address;
a forwarding device which uses the index value to retrieve the corresponding address table entry and verify the data frame;
frame status indicators which are set by the the forwarding device, wherein the frame status indicators are used by the host machine to direct actions on the data frames.
5 Assignments
0 Petitions
Accused Products
Abstract
A device and method for filtering addresses being transported through a high performance network, and rendering forwarding decisions for data frames corresponding to the address. Such data frames might correspond to multicast addresses wherein filtering is needed to prevent undesired data frames from being uploaded and processed by a receiving machine. The incoming address is hashed into an index for retrieving values from a table with a frame status. If the frame is valid, the same index is used to retrieve a table entry having address and address status information. If multiple data frames have been hashed into the same index, then further filtering is performed by the host machine or a processing device. Otherwise, the incoming address is compared with the address in the table entry. If a match occurs then the data frame is uploaded, and if no match then the frame is discarded. Frame status indicators in a bit register are used to direct actions performed on the frame. Further filtering, uploading, or discarding of the frames can be handled by a host driver, or by an on-board processor on a network interface device or card, via direction from the frame status indicators.
79 Citations
25 Claims
-
1. An address filtering device coupled to a host machine for rendering decisions about forwarding data frames that are transported through a network to the host machine, the device comprising:
-
a hash function device for receiving incoming addresses corresponding to the data frame and forming respective index values;
a lookup table having status entries indexed according to the index values and providing a initial address status;
an address table having entries indexed according to the index values, each entry having address status indicators and an entry address;
a forwarding device which uses the index value to retrieve the corresponding address table entry and verify the data frame;
frame status indicators which are set by the the forwarding device, wherein the frame status indicators are used by the host machine to direct actions on the data frames. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An address filtering device coupled to a host machine for rendering decisions about forwarding data frames that are transported through a network to the host machine, the device comprising:
-
a hash function device for receiving incoming addresses corresponding to the data frame and forming respective index values;
a lookup table having status entries indexed according to the index values and providing a initial address status;
an address table having entries indexed according to the index values, each entry having address status indicators and an entry address;
a forwarding device which uses the index value to retrieve the corresponding address table entry and verify the data frame;
frame status indicators including a validity flag which is set by the forwarding device if the data frame is valid, and a multiple/single (M/S) flag which is set by the forwarding device when multiple data frames have been hashed into the same index value. - View Dependent Claims (10, 11, 12, 13, 14, 15)
if the status entry is not set, then the data frame is not valid, the validity flag is cleared, and the data frame is discarded, and if the entry is set, then the data frame is valid and further processing is performed. -
11. The address filtering device of claim 10, which further includes a comparison device coupled to receive and compare the incoming address and the address from the indexed entry in the address table.
-
12. The address filtering device of claim 11, wherein the address status includes a validity flag and a multiple/single (M/S) flag.
-
13. The address filtering device of claim 12, wherein if the validity flag is set, then the M/S flag is verified, and if the M/S flag is not set, then the comparison device is used to compare the addresses;
- and
if the addresses match, then the frame status validity flag is set and the frame status M/S flag is cleared; and
if the addresses do not match, then the frame status validity flag is cleared and the frame status data frame is discarded.
- and
-
14. The address filtering device of claim 13, wherein the frame status indicators are used by a host machine driver to:
-
discard the data frame if the validity flag is clear;
upload the data frame if the validity flag is set and the M/S flag is clear; and
invoke further address filtering if the validity flag is set, and the M/S flag is set.
-
-
15. The address filtering device of claim 13, wherein the frame status indicators are used by an on-board processor on a network interface device to:
-
discard the data frame if the validity flag is clear;
upload the data frame if the validity flag is set and the M/S flag is clear; and
invoke further address filtering if the validity flag is set, and the M/S flag is set.
-
-
-
16. An address filtering method for use with devices coupled to a host machine, the method providing for decisions about forwarding incoming data frames having a destination address which are transported through a network to a host machine, the steps comprising:
-
retrieving address status and address information from a plurality of table entries;
using the address status to verify whether;
the data frame is invalid, wherein it should be discarded;
multiple data frames correspond to a table entry, wherein further filtering is needed;
multiple data frames do not correspond to a table entry, wherein the destination address is compared with the address information, and if the addresses match, uploading the data frame;
if the addresses do not match, discarding the data frame. - View Dependent Claims (17, 18, 19, 20)
initializing a table with entries having a data frame address and associated address status indicators.
-
-
18. The address filtering method of claim 17, wherein further included are the steps of:
-
performing a hash function on a portion of the destination address;
using the hash function result as an index to the entry;
using the address status to verify whether multiple data frames exist for an index; and
if multiple data frames, then invoking further data frame filtering;
if not multiple data frames, then comparing the destination address with the address table address.
-
-
19. The address filtering method of claim 18, wherein further included are the steps of:
-
verifying whether the compared addresses match;
if the addresses match, then directing for upload of the data frame;
if the addresses do not match, then directing for discarding the data frame.
-
-
20. The address filtering method of claim 19, wherein the directing steps are achieved via setting frame status indicators which are accessed by the host machine.
-
21. An address filtering method for use with devices coupled to a host machine, the method providing for decisions about forwarding incoming data frames having a destination address which are transported through a network to a host machine, the steps comprising:
-
initializing a hash lookup table containing status entries;
initializing an address table containing address entries and associated address status indicators including a validity flag and multiplicity flag;
receiving a new data frame and associated destination address;
performing a hash function on a portion of the destination address to generate an index value to the table entries;
checking the hash lookup table entry;
if the entry is not set, then clearing a validity flag in a frame status indicator;
if the entry is set, then using the index value to retrieve the address table entry; and
checking the validity flag in the address status indicators;
if the flag is not set, then clearing the frame status indicator validity bit;
if the flag is set, then checking the address status indicator multiplicity flag;
if the multiplicity flag is set, then setting both the multiplicity flags and validity flags in the frame status indicator;
if the multiplicity flag is not set, then comparing the received destination address with the address table entry address;
if the addresses match, then setting the validity flag and clearing the multiplicity flag in the frame status indicator;
if the addresses do not match, then clearing the validity flag in the frame status indicator. - View Dependent Claims (22, 23, 24, 25)
discarding the data frame if the validity flag is clear;
uploading the data frame if the validity flag is set and the M/S flag is clear;
invoking further address filtering if the validity flag is set, and the M/S flag is set.
-
-
24. The address filtering method of claim 21, wherein the frame status indicators are used by an on-board processor associated with a network interface device to further process the data frame.
-
25. The address filtering method of claim 24, wherein the further processing includes:
-
discarding the data frame if the validity flag is clear;
uploading the data frame if the validity flag is set and the M/S flag is clear;
invoking further address filtering if the validity flag is set, and the M/S flag is set.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
Original Assignee3Com Corporation (HP Inc.)
-
InventorsTraber, Richard, Yang, Li-Jau (Steven)
-
Primary Examiner(s)HSU, ALPUS
-
Application NumberUS09/247,197Time in Patent Office1,260 DaysField of Search370/235, 370/236, 370/389, 370/390, 370/392, 370/400, 370/401, 370/428, 370/429, 370/432, 709/232, 709/236, 709/238, 709/245, 711/202, 711/206, 711/211, 711/216US Class Current370/390CPC Class CodesH04L 12/18 for broadcast or conference...H04L 45/745 Address table lookup; Addre...
