Access list key compression
First Claim
1. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
- obtaining an IP source address from the IP source address field of the packet;
obtaining an IP destination address from the IP destination address field of the packet;
generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address;
generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address;
composing the access list key from the modified IP source address and the modified IP destination address;
identifying an entry in the access list using the access list key that has been composed; and
routing the packet according to information in the entry in the access list.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for implementing an access list key for accessing information associated with a packet from an access list are disclosed. The packet includes an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits (e.g., 128 bits in the case of IPv6). An IP source address is obtained from the IP source address field of the packet and an IP destination address is obtained from the IP destination address field of the packet. A modified IP source address is generated from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address. In addition, a modified IP destination address is generated from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address. The access list key is then composed from the modified IP source address and the modified IP destination address.
-
Citations
41 Claims
-
1. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; routing the packet according to information in the entry in the access list; and classifying the packet prior to composing the access list key, thereby enabling the access list key to be composed according to an access list key format; wherein classifying the packet comprises; determining whether the packet is compatible with one of a first set of protocols including TCP, UDP, and SCTP, a second set of protocols including ICMP, or a third set of protocols including ESP; wherein composing the access list key is performed according to an access list key format, the access list key format being a first format when the packet is compatible with one of the first set of protocols or the third set of protocols, a second format when the packet is compatible with one of the second set of protocols, or a third format when the packet is not classified as being compatible with one of the first, second, or third set of protocols.
-
-
29. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list, wherein the modified IP destination address comprises a zone_ID. - View Dependent Claims (30, 31, 32)
-
-
33. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list, wherein the modified IP destination address includes a multicast-unicast bit that indicates whether the modified IP destination address is multicast or unicast.
-
-
34. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list; wherein the modified IP source address and modified IP destination address each include two bits used to indicate whether the corresponding address is a link-local, site local, or global scoped address.
-
-
35. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list; wherein the modified IP source address comprises a zone_ID.
-
-
36. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list, wherein the modified IP source address includes a zone_ID, wherein the zone_ID replaces a local use prefix of the obtained IP source address when the IP source address is a local use unicast address.
-
-
37. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list, wherein the modified IP source address includes a zone_ID and wherein the zone_ID identifies a link local zone or a site local zone.
-
-
38. A method of composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list, the access list key including a key bit indicating whether the access list key is a policy access list key or a QoS access list key.
-
-
39. A computer-readable medium storing thereon computer-readable instructions for composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
instructions for obtaining an IP source address from the IP source address field of the packet; instructions for obtaining an IP destination address from the IP destination address field of the packet; instructions for generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; instructions for generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; instructions for composing the access list key from the modified IP source address and the modified IP destination address; instructions for identifying an entry in the access list using the access list key that has been composed; and instructions for routing the packet according to information in the entry in the access list.
-
-
40. An apparatus for composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
a processor; and a memory, at least one of the processor and the memory being adapted for; obtaining an IP source address from the IP source address field of the packet; obtaining an IP destination address from the IP destination address field of the packet; generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list.
-
-
41. An apparatus for composing an access list key for accessing information associated with a packet from an access list, the packet having an IP source address field and an IP destination address field, the IP source address field including an IP source address and the IP destination address field including an IP destination address, the IP source address and the IP destination address each having a number of bits, comprising:
-
means for obtaining an IP source address from the IP source address field of the packet; means for obtaining an IP destination address from the IP destination address field of the packet; means for generating a modified IP source address from the obtained IP source address such that the number of bits in the modified IP source address is less than the number of bits in the obtained IP source address, wherein generating the modified IP source address includes removing one or more bits from the obtained IP source address; means for generating a modified IP destination address from the obtained IP destination address such that the number of bits in the modified IP destination address is less than the number of bits in the obtained IP destination address, wherein generating the modified IP destination address includes removing one or more bits from the obtained IP destination address; means for composing the access list key from the modified IP source address and the modified IP destination address; identifying an entry in the access list using the access list key that has been composed; and routing the packet according to information in the entry in the access list.
-
Specification