Method for optimizing a route cache
First Claim
1. A method for sending a network-packet having a packet-source-address and a packet-destination-address, comprising:
- establishing a route-cache comprising entries containing at least an entry-source-address, an entry-destination-address, and an entry-reference to a network-interface;
designating the network-interface with a front-interface;
associating the network-interface with a front-interface-IP-address;
creating an off-link destination-entry in the route-cache containing an entry-source-address identical to the front-interface IP-address, and a forwarding-address, wherein the off-link destination-entry does not include the packet-destination-address;
determining if the packet destination-address is an off-link address;
if the packet-destination-address is determined to be an off-link address, then finding in the route-cache the off-link destination-entry having the same source-address as the packet-source-address and having the forwarding-address, wherein finding in the route-cache the off-link source-entry comprises;
calculating a search-hash-value based on at least the packet-source-address; and
finding, in the route-cache, an entry containing a hash-value identical to the search-hash-value; and
sending the packet to the forwarding-address via the front-interface.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for managing a route cache to reduce the risk of disruption from denial of service attacks. All traffic arriving on a front interface from local (on-link) nodes (e.g., neighbor nodes) can be treated normally. However, for packets arriving from remote (off-link) sources addressed to a given destination IP address, a single, shared route cache entry can be used. The source-address field in this entry can be zeroed-out since it will not be used for traffic coming from any one source. Similarly, for all packets going to off-link destinations through the front-interface, another single shared route cache entry can be created and used. The destination-address field in this entry can be zeroed out since it will not be used for traffic going to any one destination.
60 Citations
27 Claims
-
1. A method for sending a network-packet having a packet-source-address and a packet-destination-address, comprising:
-
establishing a route-cache comprising entries containing at least an entry-source-address, an entry-destination-address, and an entry-reference to a network-interface; designating the network-interface with a front-interface; associating the network-interface with a front-interface-IP-address; creating an off-link destination-entry in the route-cache containing an entry-source-address identical to the front-interface IP-address, and a forwarding-address, wherein the off-link destination-entry does not include the packet-destination-address; determining if the packet destination-address is an off-link address; if the packet-destination-address is determined to be an off-link address, then finding in the route-cache the off-link destination-entry having the same source-address as the packet-source-address and having the forwarding-address, wherein finding in the route-cache the off-link source-entry comprises; calculating a search-hash-value based on at least the packet-source-address; and finding, in the route-cache, an entry containing a hash-value identical to the search-hash-value; and sending the packet to the forwarding-address via the front-interface. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for receiving a network packet having a packet-source-address and a packet-destination-address, comprising:
-
establishing a route-cache comprising entries containing at least an entry-source-address, an entry-destination-address, and an entry-reference to a physical network-interface; designating the physical network-interface as a front-interface; associating the physical network-interface with a front-interface IP-address; creating an off-link source entry in the route-cache containing an entry-destination-address identical to the front-interface IP-address, wherein the off-link source entry does not include the packet-source-address; determining if the packet-source-address is an off-link address; if the packet-source-address is determined to be an off-link address, then finding in the route-cache the off-link source entry having the same destination-address as the packet-destination-address; and forwarding the packet to a local socket. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method for forwarding a network packet having a packet-source-address and a packet-destination-address, comprising:
-
establishing a route-cache comprising entries containing information about how to process a packet wherein at least one entry contains an entry-source-address, an entry-destination-address, and an entry reference to a physical network-interface; creating an off-link source entry in the route-cache, wherein the off-link entry does not include the packet-source-address and the off-link source entry does not contain the packet-destination-address; determining if the packet-source-address is an off-link address; if the packet-source-address is determined to be an off-link address, then finding in the route-cache the off-link source entry; and forwarding the packet to the packet-destination-address. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A method for forwarding a network packet having a packet-source-address and a packet-destination-address, comprising:
-
establishing a route-cache comprising entries containing information about how to process a packet wherein at least one entry contains an entry-source-address, an entry-destination-address, and an entry reference to a physical network-interface; creating an off-link destination entry in the route-cache, wherein the off-link entry does not include the packet-source-address and the off-link destination entry does not contain the packet-destination-address, wherein creating an off-link destination entry in the route-cache further comprises marking the entry such that it is only used for packets where the packet source address is an on-link address; determining if the packet-destination-address is an off-link address; if the packet-destination-address is determined to be an off-link address, then finding in the route-cache the off-link destination entry, wherein finding in the route-cache the off-link destination entry comprises verifying that the packet source address is an on-link address; and forwarding the packet to the packet-destination-address. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A method for forwarding a network-packet having a packet-source-address and a packet-destination-address using a route-cache having entries containing at least an entry-source-address, an entry-destination-address, an entry-reference to a source physical network-interface and an entry-reference to a destination physical network-interface, comprising:
-
creating a first shared entry in the route-cache containing an entry-reference to a source physical network-interface and data to determine whether a destination IP address matched the entry, wherein the first shared entry does not include a packet-destination-address and does not include a packet-source-address; receiving a packet containing a destination IP address on a physical network interface; and finding in the route-cache an entry containing an entry-reference to the source physical network-interface on which the packet was received and containing data indicating that the packet destination IP address matches the entry.
-
Specification