Automatic filtering and creation of virtual LANs among a plurality of switch ports
First Claim
Patent Images
1. A method for forwarding data packets in a switch having a plurality of ports, said ports being adapted to transmit and receive data packets from hosts coupled thereto, said method comprising:
- receiving a first data packet at a first port;
firstly extracting flow identification information from said first data packet, said flow identification information indicating that said first data packet belongs to a first flow between certain of said hosts;
corresponding said flow identification information with stored configuration information;
creating flow processing information based on said corresponding stored configuration information, said flow processing information comprising at least one of a filter, a mirror, and a priority, said flow processing information further indicating at least a second port, wherein all data packets belonging to said first flow are forwarded between said first and second ports, said first and second ports being associated with said certain hosts;
storing a first record in a flow table containing said flow processing information;
receiving a second data packet at one of said first and second ports;
secondly extracting said flow identification information from said second data packet;
locating said stored first record in said flow table based on said extracted flow identification information; and
preparing to forward said second data packet to the other of said first and second ports based on said flow processing information contained in said stored first record, wherein said steps of firstly and secondly extracting said flow identification information each includes;
determining a protocol associated with said first flow;
if said protocol is IP or IPX, extracting Layer 3 header information as said flow identification information; and
if said protocol is not IP or IPX, extracting Layer 2 header information as said flow identification information.
3 Assignments
0 Petitions
Accused Products
Abstract
In a method and apparatus for performing multiprotocol switching and routing, incoming data packets are examined and the flow (i.e., source and destination) with which they are associated is determined. A flow table contains forwarding information that can be applied to all the packets belonging to the flow. If an entry is not present in the table for the particular flow, the packet is forwarded to the CPU to be processed. The CPU can then update the table with new forwarding information to be applied to all future packets of the same flow. When the forwarding information is already present in the table, packets can be forwarded at wire-speed. A dedicated ASIC is preferably employed to contain the table, as well as the engine for examining the packets and forwarding them according to the stored information. Decision-making tasks are thus more efficiently partitioned between the switch and the CPU so as to minimize processing overhead. Processes executing on the CPU maintain information regarding filters, mirrors, priorities, and VLANs. Such information is further integrated with the flow table forwarding information when flows corresponding to the established filters, mirrors, priorities and VLANs are detected. Accordingly, filters, mirrors, priorities and VLANs can be automatically implemented when forwarding decisions are made, which implementation is done at wire speeds. According to another aspect, VLANs are automatically created and updated based on the automatic detection of multicast groups existing among the hosts connected to the ports of the switch. After such VLANs are established, broadcast packets destined for the detected multicast groups are forwarded only along ports whose hosts are members thereof, thereby preventing needless and burdensome traffic from congesting other network segments and host connection.
-
Citations
14 Claims
-
1. A method for forwarding data packets in a switch having a plurality of ports, said ports being adapted to transmit and receive data packets from hosts coupled thereto, said method comprising:
-
receiving a first data packet at a first port;
firstly extracting flow identification information from said first data packet, said flow identification information indicating that said first data packet belongs to a first flow between certain of said hosts;
corresponding said flow identification information with stored configuration information;
creating flow processing information based on said corresponding stored configuration information, said flow processing information comprising at least one of a filter, a mirror, and a priority, said flow processing information further indicating at least a second port, wherein all data packets belonging to said first flow are forwarded between said first and second ports, said first and second ports being associated with said certain hosts;
storing a first record in a flow table containing said flow processing information;
receiving a second data packet at one of said first and second ports;
secondly extracting said flow identification information from said second data packet;
locating said stored first record in said flow table based on said extracted flow identification information; and
preparing to forward said second data packet to the other of said first and second ports based on said flow processing information contained in said stored first record, wherein said steps of firstly and secondly extracting said flow identification information each includes;
determining a protocol associated with said first flow;
if said protocol is IP or IPX, extracting Layer 3 header information as said flow identification information; and
if said protocol is not IP or IPX, extracting Layer 2 header information as said flow identification information. - View Dependent Claims (2, 3, 4)
preventing said second data packet from being forwarded to the other of said first and second ports in accordance with said filter.
-
-
3. A method as defined in claim 1, further comprising:
-
forwarding said second data packet to the other of said first and second ports; and
forwarding said second data packet on certain other of said ports in accordance with said mirror.
-
-
4. A method as defined in claim 1, further comprising:
-
forwarding said second data packet to the other of said first and second ports; and
prioritizing transmission of said second data packet to hosts associated with the other of said first and second ports in accordance with said priority.
-
-
5. A method of forwarding data packets between a plurality of switch ports, said method comprising:
-
receiving a data packet at one of said switch ports;
corresponding flow identification information in said data packet with stored flow processing information, said flow identification information including source and destination addresses, source and destination sockets, and a protocol, said stored flow processing information including a destination port, a filter tag and a broadcast enable, said corresponding including;
locating an address resolution hash record in an address resolution hash table according to a portion of said flow identification information, said address resolution hash record storing a link to an address resolution record;
locating said address resolution record in an address resolution record table in accordance with said address resolution hash record, said address resolution record storing said destination port and a link to a protocol entry;
locating said protocol entry in a protocol entry table in accordance with said address resolution record and said protocol, said protocol entry storing a link to said filter tag and a link to a network entry;
locating said network entry in a network entry table according to said protocol entry, said network entry storing said broadcast enable; and
locating said filter tag in a list of filter tags in accordance with said protocol entry; and
forwarding said data packet in accordance with said stored flow processing information. - View Dependent Claims (6, 7)
-
-
8. A method of forwarding data packets between a plurality of switch ports, said method comprising:
-
receiving a data packet at one of said switch ports;
corresponding flow identification information in said data packet with stored flow processing information, said flow identification information including source and destination addresses, source and destination sockets, and a protocol, said stored flow processing information including a destination port, a filter tag and a broadcast enable, said corresponding including;
locating an address resolution hash record in an address resolution hash table according to a portion of said flow identification information, said address resolution hash record storing a link to an address resolution record;
locating said address resolution record in an address resolution record table in accordance with said address resolution hash record, said address resolution record storing said destination port and a link to a protocol entry;
locating said protocol entry in a protocol entry table in accordance with said address resolution record and said protocol, said protocol entry storing a link to said filter tag and a link to a network entry;
locating said network entry in a network entry table according to said protocol entry, said network entry storing said broadcast enable; and
locating said filter tag in a list of filter tags in accordance with said protocol entry; and
forwarding said data packet in accordance with said stored flow processing information, wherein said stored flow processing information further includes a mirror tag, said protocol entry further storing a link to said mirror tag, said method further comprising locating said mirror tag in a list of mirror tags in accordance with said protocol entry.
-
-
9. A method of forwarding data packets between a plurality of switch ports, said method comprising:
-
receiving a data packet at one of said switch ports;
corresponding flow identification information in said data packet with stored flow processing information, said flow identification information including source and destination addresses, source and destination sockets, and a protocol, said stored flow processing information including a destination port, a filter tag and a broadcast enable, said corresponding including;
locating an address resolution hash record in an address resolution hash table according to a portion of said flow identification information, said address resolution hash record storing a link to an address resolution record;
locating said address resolution record in an address resolution record table in accordance with said address resolution hash record, said address resolution record storing said destination port and a link to a protocol entry;
locating said protocol entry in a protocol entry table in accordance with said address resolution record and said protocol, said protocol entry storing a link to said filter tag and a link to a network entry;
locating said network entry in a network entry table according to said protocol entry, said network entry storing said broadcast enable; and
locating said filter tag in a list of filter tags in accordance with said protocol entry; and
forwarding said data packet in accordance with said stored flow processing information, wherein said stored flow processing information further includes address swapping bits, said network entry further storing said address swapping bits.
-
-
10. A method of forwarding data packets between a plurality of switch ports, said method comprising:
-
receiving a data packet at one of said switch ports;
corresponding flow identification information in said data packet with stored flow processing information, said flow identification information including source and destination addresses, source and destination sockets, and a protocol, said stored flow processing information including a destination port, a filter tag and a broadcast enable, said corresponding including;
locating an address resolution hash record in an address resolution hash table according to a portion of said flow identification information, said address resolution hash record storing a link to an address resolution record;
locating said address resolution record in an address resolution record table in accordance with said address resolution hash record, said address resolution record storing said destination port and a link to a protocol entry;
locating said protocol entry in a protocol entry table in accordance with said address resolution record and said protocol, said protocol entry storing a link to said filter tag and a link to a network entry;
locating said network entry in a network entry table according to said protocol entry, said network entry storing said broadcast enable; and
locating said filter tag in a list of filter tags in accordance with said protocol entry; and
forwarding said data packet in accordance with said stored flow processing information, wherein said forwarding step includes routing said data packet to another network by swapping said source and destination addresses of said data packet in accordance with said address swapping bits.
-
-
11. An apparatus for forwarding data packets in a switch having a plurality of ports, said ports being adapted to transmit and receive data packets from hosts coupled thereto, said apparatus comprising:
-
means for receiving a first data packet at a first port;
means for firstly extracting flow identification information from said first data packet, said flow identification information indicating that said first data packet belongs to a first flow between certain of said hosts;
means for corresponding said flow identification information with stored configuration information;
means for creating flow processing information based on said corresponding stored configuration information, said flow processing information comprising at least one of a filter, a mirror, and a priority, said flow processing information further indicating at least a second port, wherein all data packets belonging to said first flow are forwarded between said first and second ports, said first and second ports being associated with said certain hosts;
means for storing a first record in a flow table containing said flow processing information;
means for receiving a second data packet at one of said first and second ports;
means for secondly extracting said flow identification information from said second data packet;
means for locating said stored first record in said flow table based on said extracted flow identification information; and
means for preparing to forward said second data packet to the other of said first and second ports based on said flow processing information contained in said stored first record, wherein said means for firstly and secondly extracting said flow identification information each includes;
means for determining a protocol associated with said first flow;
means, operative if said protocol is IP or IPX, for extracting Layer 3 header information as said flow identification information; and
means, operative if said protocol is not IP or IPX, for extracting Layer 2 header information as said flow identification information. - View Dependent Claims (12, 13, 14)
means for preventing said second data packet from being forwarded to the other of said first and second ports in accordance with said filter.
-
-
13. An apparatus as defined in claim 11, further comprising:
-
means for forwarding said second data packet to the other of said first and second ports; and
means for forwarding said second data packet on certain other of said ports in accordance with said mirror.
-
-
14. An apparatus as defined in claim 11, further comprising:
-
means for forwarding said second data packet to the other of said first and second ports; and
means for prioritizing transmission of said second data packet to hosts associated with the other of said first and second ports in accordance with said priority.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeIntel Corporation
-
Original AssigneeIntel Corporation
-
InventorsHegde, Gopal D.
-
Primary Examiner(s)Olms, Douglas
-
Assistant Examiner(s)Sam, Phirin
-
Application NumberUS09/172,723Time in Patent Office1,687 DaysField of Search370/389, 370/352, 370/353, 370/354, 370/356, 370/360, 370/390, 370/392, 370/396, 370/398, 370/395.3, 370/395.31, 370/395.42, 370/395.5, 370/395.53, 370/401, 370/413, 370/415, 370/417, 370/422, 370/428, 370/395.32, 370/432US Class Current370/389CPC Class CodesH04L 12/4645 Details on frame tagging ro...H04L 45/302 Route determination based o...H04L 45/52 Multiprotocol routersH04L 63/0236 Filtering by address, proto...
