Automatic filter overlap processing and related systems and methods
First Claim
1. A network packet forwarding device having automatic filter overlap processing, comprising:
- one or more input ports configured to receive packets from one or more source devices;
a plurality of output ports configured to send packets to two or more destination devices;
packet forwarding circuitry coupled between the input ports and the output ports and configured to forward packets from the input ports to the output ports;
at least one filter engine coupled to the packet forwarding circuitry and configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports;
a filter interface configured to allow a user to define a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; and
a dynamic filter processor configured to analyze the user-defined filters, to automatically identify filters having different forwarding actions for packets from a single input port as overlapping filters, to automatically generate filter rules for the filter engine to provide for the different forwarding actions, and to automatically apply the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters;
wherein the at least one filter engine comprises;
at least one ingress filter engine configured to provide a single forwarding action per packet and to use ingress filter rules to determine at least in part how packets are forwarded from input ports to output ports; and
at least one egress filter engine configured to use egress filter rules to determine at least in part which packets received by the output ports are actually sent out by the output ports to destination devices;
wherein the dynamic filter processor is configured to generate ingress and egress filters rules for the ingress and egress filter engines and to apply the ingress and egress filter rules to the ingress and egress filter engines so that the ingress and egress filter engines are configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed that allow for improved management and control of packet forwarding in network systems. Network devices and tool optimizers and a related systems and methods are disclosed for improved packet forwarding between input ports and output ports. The input ports and output ports are configured to be connected to source devices and destination devices, for example, network sources and destination tools in a network monitoring environment. The network devices and tool optimizers disclosed can use a packet processing system whereby forwarding behavior is governed by matching packets in parallel against multiple user-specified packet filtering criteria, and by performing forwarding actions associated with all such matching filter criteria. The multi-action packet forwarding can be implemented using hardware configured to directly provide multi-action packet forwarding and/or hardware configured to provide single-packet-forwarding that has been subsequently configured using filter engines to provide multi-action packet forwarding.
114 Citations
23 Claims
-
1. A network packet forwarding device having automatic filter overlap processing, comprising:
-
one or more input ports configured to receive packets from one or more source devices; a plurality of output ports configured to send packets to two or more destination devices; packet forwarding circuitry coupled between the input ports and the output ports and configured to forward packets from the input ports to the output ports; at least one filter engine coupled to the packet forwarding circuitry and configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports; a filter interface configured to allow a user to define a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; and a dynamic filter processor configured to analyze the user-defined filters, to automatically identify filters having different forwarding actions for packets from a single input port as overlapping filters, to automatically generate filter rules for the filter engine to provide for the different forwarding actions, and to automatically apply the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters; wherein the at least one filter engine comprises; at least one ingress filter engine configured to provide a single forwarding action per packet and to use ingress filter rules to determine at least in part how packets are forwarded from input ports to output ports; and at least one egress filter engine configured to use egress filter rules to determine at least in part which packets received by the output ports are actually sent out by the output ports to destination devices; wherein the dynamic filter processor is configured to generate ingress and egress filters rules for the ingress and egress filter engines and to apply the ingress and egress filter rules to the ingress and egress filter engines so that the ingress and egress filter engines are configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A network packet forwarding device having automatic filter overlap processing, comprising:
-
one or more input ports configured to receive packets from one or more source devices; a plurality of output ports configured to send packets to two or more destination devices; packet forwarding circuitry coupled between the input ports and the output ports and configured to forward packets from the input ports to the output ports; at least one filter engine coupled to the packet forwarding circuitry and configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports; a filter interface configured to allow a user to define a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; and a dynamic filter processor configured to analyze the user-defined filters, to automatically identify filters having different forwarding actions for packets from a single input port as overlapping filters, to automatically generate filter rules for the filter engine to provide for the different forwarding actions, and to automatically apply the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters; wherein the packets comprise a plurality of fields, each field having one or more values, and wherein the interface is configured to allow the user to define filters using filter parameters associated with the fields and values; and wherein the dynamic filter processor is further configured to identify overlapping filters by determining if two filters have common fields selected by their respective filter parameters and then by determining if values selected by their respective filter parameters are overlapping. - View Dependent Claims (10, 11, 12)
-
-
13. A network packet forwarding device having automatic filter overlap processing, comprising:
-
one or more input ports configured to receive packets from one or more source devices; a plurality of output ports configured to send packets to two or more destination devices; packet forwarding circuitry coupled between the input ports and the output ports and configured to forward packets from the input ports to the output ports; at least one filter engine coupled to the packet forwarding circuitry and configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports; a filter interface configured to allow a user to define a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; and a dynamic filter processor configured to analyze the user-defined filters, to automatically identify filters having different forwarding actions for packets from a single input port as overlapping filters, to automatically generate filter rules for the filter engine to provide for the different forwarding actions, and to automatically apply the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters; wherein the dynamic filter processor is configured to implement filter rules for a first overlapping filter without affecting operation of filter rules for a second overlapping filter.
-
-
14. A method for automatic filter overlap processing, comprising:
-
providing one or more input ports configured to receive packets from one or more source devices; providing a plurality of output ports configured to send packets to two or more destination devices; forwarding packets between the input ports and the output ports using packet forwarding circuitry; controlling the packet forwarding using at least one filter engine configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports; allowing a user to define through an interface a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; analyzing the user-defined filters; automatically identifying filters having different forwarding actions for packets from a single input port as overlapping filters; automatically generating filter rules for the filter engine to provide for the different forwarding actions; automatically applying the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters; and forwarding packets according to the user-defined filters; wherein the controlling step comprises; using at least one ingress filter engine to provide a single forwarding action per packet and to determine at least in part how packets are forwarded from input ports to output ports; using at least one egress filter engine to determine at least in part which packets received by the output ports are actually sent out by the output ports to destination devices; automatically generating ingress and egress filters rules for the ingress and egress filter engines; and automatically applying the ingress and egress filter rules to the ingress and egress filter engines so that the ingress and egress filter engines are configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A method for automatic filter overlap processing, comprising:
-
providing one or more input ports configured to receive packets from one or more source devices; providing a plurality of output ports configured to send packets to two or more destination devices; forwarding packets between the input ports and the output ports using packet forwarding circuitry; controlling the packet forwarding using at least one filter engine configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports; allowing a user to define through an interface a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; analyzing the user-defined filters; automatically identifying filters having different forwarding actions for packets from a single input port as overlapping filters; automatically generating filter rules for the filter engine to provide for the different forwarding actions; automatically applying the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters; and forwarding packets according to the user-defined filters; wherein the packets comprise a plurality of fields, each field having one or more values, and wherein the allowing step comprising allowing the user to define filters using filter parameters associated with the fields and values; and wherein automatically identifying step comprises identifying overlapping filters by determining if two filters have common fields selected by their respective filter parameters and then by determining if values selected by their respective filter parameters are overlapping. - View Dependent Claims (20, 21, 22)
-
-
23. A method for automatic filter overlap processing, comprising:
-
providing one or more input ports configured to receive packets from one or more source devices; providing a plurality of output ports configured to send packets to two or more destination devices; forwarding packets between the input ports and the output ports using packet forwarding circuitry; controlling the packet forwarding using at least one filter engine configured to use filter rules to control at least in part how packets are forwarded by the packet forwarding circuitry from the input ports to the output ports; allowing a user to define through an interface a plurality of filters representing how packets are desired to be forwarded from input ports to output ports; analyzing the user-defined filters; automatically identifying filters having different forwarding actions for packets from a single input port as overlapping filters; automatically generating filter rules for the filter engine to provide for the different forwarding actions; automatically applying the filter rules to the filter engine so that the filter engine is configured to cause packets from the single input port to be forwarded according to the different forwarding actions provided by the overlapping filters; and forwarding packets according to the user-defined filters; further comprising generating and applying filter rules for a first overlapping filter without affecting operation of filter rules for a second overlapping filter.
-
Specification