WO1999000750A1 - Hardware-assisted central processing unit access to a forwarding database - Google Patents
Hardware-assisted central processing unit access to a forwarding database Download PDFInfo
- Publication number
- WO1999000750A1 WO1999000750A1 PCT/US1998/013206 US9813206W WO9900750A1 WO 1999000750 A1 WO1999000750 A1 WO 1999000750A1 US 9813206 W US9813206 W US 9813206W WO 9900750 A1 WO9900750 A1 WO 9900750A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- command
- forwarding database
- forwarding
- memory
- switch fabric
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/30—Peripheral units, e.g. input or output ports
- H04L49/3009—Header conversion, routing tables or routing tags
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/25—Routing or path finding in a switch fabric
- H04L49/253—Routing or path finding in a switch fabric using establishment or release of connections between ports
- H04L49/254—Centralised controller, i.e. arbitration or scheduling
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99931—Database or file accessing
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99941—Database schema or data structure
- Y10S707/99944—Object-oriented database structure
- Y10S707/99945—Object-oriented database structure processing
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99941—Database schema or data structure
- Y10S707/99948—Application of database or data structure, e.g. distributed, multimedia, or image
Definitions
- the invention relates generally to the field of computer networking devices. More particularly, the invention relates to a switch search engine architecture providing efficient hardware-assisted central processing unit access to a forwarding database.
- One of the critical aspects for achieving a cost-effective high-performance switch implementation is the architecture of the forwarding database search engine, which is the centerpiece of every switch design.
- Optimal partitioning of functions between hardware and software and efficient interaction between the search engine and its "clients" e.g., switch input ports and the central processing unit
- a central processing unit may remove or invalidate aged Layer 3 flows in the forwarding database.
- the CPU may be used to update entries in the forwarding database or reorder the entries. If the CPU is to assist the search engine in maintaining the forwarding database, there must be a mechanism for the
- One approach is to provide the CPU with direct access to the forwarding database.
- the CPU updates the forwarding database using programmed input/output (PIO) instructions.
- PIO programmed input/output
- the direct access to the forwarding database will typically include glue logic of some sort, such as an arbitor or the like, with this approach both cost and complexity are increased.
- the search engine may be forced to wait for an indeterminate amount of time for the CPU PIO accesses to complete before its accesses will be serviced. Therefore, the relatively slow speed of PIOs may cause inefficient utilization of the search engine's bandwidth.
- the CPU will ultimately have to execute the raw instructions to gain access to the forwarding database. Since the relative amount of time required for forwarding database maintenance is dependent in part upon the number of instructions the CPU must execute during the maintenance, it should be apparent that this direct access approach is inefficient. Moreover, in the context of a distributed switching device in which multiple forwarding databases may be maintained, the above inefficiencies are multiplied by the number of distributed forwarding databases. Based on the foregoing, it is desirable to centralize the forwarding database access mechanism. More specifically, it is desirable to provide the switch's CPU with hardware- assisted efficient access to the forwarding database to more efficiently utilize the switch fabric bandwidth and reduce the amount of time required for forwarding database maintenance.
- a switch fabric provides access to a forwarding database on behalf of a processor.
- the switch fabric includes a memory access interface configured to arbitrate accesses to a forwarding database memory.
- the switch fabric also includes a search engine coupled to the memory access interface and to multiple input ports. The search engine is configured to schedule and perform accesses to the forwarding database memory and to transfer forwarding decisions retrieved therefrom to the input ports.
- the switch fabric further includes command execution logic that is configured to interface with the processor for performing forwarding database accesses requested by the processor.
- one or more commands are provided to implement the following functions: (1) learning a supplied address; (2) reading associated data corresponding to a supplied search key; (3) aging forwarding database entries; (4) invalidating entries; (5) accessing mask data, such as mask data that may be stored in a mask per bit (MPB) content addressable memory (CAM), corresponding to a particular search key; (6) replacing forwarding database entries; and (7) accessing search keys in the forwarding database.
- MPB mask per bit
- CAM mask per bit
- the CPU is provided with a condensed set of commands without loss of functionality and the CPU is shielded from the raw instruction set of the particular forwarding database memory.
- Figure 1 illustrates a switch according to one embodiment of the present invention.
- Figure 2 is a simplified block diagram of an exemplary switch element that may be utilized in the switch of Figure 1.
- FIG 3 is a block diagram of the switch fabric of Figure 2 according to one embodiment of the present invention.
- Figure 4 illustrates the portions of a generic packet header that are operated upon by the pipelined header preprocessing subblocks of Figure 5 according to one embodiment of the present invention.
- Figure 5 illustrates pipelined header preprocessing subblocks of the header processing logic of Figure 3 according to one embodiment of the present invention.
- Figure 6 illustrates a physical organization of the forwarding memory of Figure 2 according to one embodiment of the present invention.
- Figure 7 is a flow diagram illustrating the forwarding database memory search supercycle decision logic according to one embodiment of the present invention.
- Figures 8A-C are timing diagrams illustrating three exemplary forwarding database memory search supercycles.
- FIG. 9 is a flow diagram illustrating generalized command processing for typical forwarding database memory access commands according to one embodiment of the present invention.
- a search engine architecture providing hardware-assisted CPU access to a forwarding database is described.
- numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without some of these specific details. In other instances, well-known structures and devices are shown in block diagram form.
- the present invention includes various steps, which will be described below. While, according to one embodiment of the present invention, the steps are performed by the hardware components described below, the steps may alternatively be embodied in machine-executable instructions, which may be used to cause a general-purpose or special- purpose processor programmed with the instructions to perform the steps. Further, embodiments of the present invention will be described with reference to a high speed Ethernet switch. However, the method and apparatus described herein are equally applicable to other types of network devices.
- FIG. 1 An overview of one embodiment of a network element that operates in accordance with the teachings of the present invention is illustrated in Figure 1.
- the network element is used to interconnect a number of nodes and end-stations in a variety of different ways.
- an application of the multi-layer distributed network element would be to route packets according to predefined routing protocols over a homogenous data link layer such as the IEEE 802.3 standard, also known as the Ethernet. Other routing protocols can also be used.
- the MLDNE's distributed architecture can be configured to route message traffic in accordance with a number of known or future routing algorithms.
- the MLDNE is configured to handle message traffic using the Internet suite of protocols, and more specifically the Transmission Control Protocol (TCP) and the Internet Protocol (IP) over the Ethernet LAN standard and medium access control (MAC) data link layer.
- TCP Transmission Control Protocol
- IP Internet Protocol
- the TCP is also referred to here as a Layer 4 protocol, while the IP is referred to repeatedly as a Layer 3 protocol.
- a network element is configured to implement packet routing functions in a distributed manner, i.e., different parts of a function are performed by different subsystems in the MLDNE, while the final result of the functions remains transparent to the external nodes and end-stations.
- the MLDNE has a scalable architecture which allows the designer to predictably increase the number of external connections by adding additional subsystems, thereby allowing greater flexibility in defining the MLDNE as a stand alone router.
- the MLDNE 101 contains a number of subsystems 1 10 that are fully meshed and interconnected using a number of internal links 141 to create a larger switch. At least one internal link couples any two subsystems.
- Each subsystem 110 includes a switch element 100 coupled to a forwarding and filtering database 140, also referred to as a forwarding database.
- the forwarding and filtering database may include a forwarding memory 113 and an associated memory 1 14.
- the forwarding memory (or database) 1 13 stores an address table used for matching with the headers of received packets.
- the associated memory (or database) stores data associated with each entry in the forwarding memory that is used to identify forwarding attributes for forwarding the packets through the MLDNE.
- each subsystem supports multiple Gigabit Ethernet ports, Fast Ethernet ports and Ethernet ports.
- Internal ports also having input and output capability in each subsystem couple the internal links 141. Using the internal links, the MLDNE can connect multiple switching elements together to form a multigigabit switch.
- the MLDNE 101 further includes a central processing system (CPS) 160 that is coupled to the individual subsystem 1 10 through a communication bus 151 such as the peripheral components interconnect (PCI).
- the CPS 160 includes a central processing unit (CPU) 161 coupled to a central memory 163.
- Central memory 163 includes a copy of the entries contained in the individual forwarding memories 1 13 of the various subsystems.
- the CPS has a direct control and communication interface to each subsystem 110 and provides some centralized communication and control between switch elements.
- AN EXEMPLARY SWITCH ELEMENT Figure 2 is a simplified block diagram illustrating an exemplary architecture of the switch element of Figure 1.
- the switch element 100 depicted includes a central processing unit (CPU) interface 215, a switch fabric block 210, a network interface 205, a cascading interface 225, and a shared memory manager 220.
- CPU central processing unit
- Ethernet packets may enter or leave the network switch element 100 through any one of the three interfaces 205, 215, or 225.
- the network interface 205 operates in accordance with a corresponding Ethernet protocol to receive Ethernet packets from a network (not shown) and to transmit Ethernet packets onto the network via one or more external ports (not shown).
- An optional cascading interface 225 may include one or more internal links (not shown) for interconnecting switching elements to create larger switches.
- each switch element 100 may be connected together with other switch elements in a full mesh topology to form a multi-layer switch as described above.
- a switch may comprise a single switch element 100 with or without the cascading interface 225.
- the CPU 161 may transmit commands or packets to the network switch element 100 via the CPU interface 215.
- one or more software processes running on the CPU 161 may manage entries in an external forwarding and filtering database 140, such as adding new entries and invalidating unwanted entries.
- the CPU 161 may be provided with direct access to the forwarding and filtering database 140.
- the CPU port of the CPU interface 215 resembles a generic input port into the switch element 100 and may be treated as if it were simply another external network interface port.
- MAC media access control
- Input packet processing may be performed by one or more input ports of the network interface 205.
- Input packet processing includes the following: ( 1) receiving and verifying incoming Ethernet packets, (2) modifying packet headers when appropriate, (3) requesting buffer pointers from the shared memory manager 220 for storage of incoming packets, (4) requesting forwarding decisions from the switch fabric block 210, (5) transferring the incoming packet data to the shared memory manager 220 for temporary storage in an external shared memory 230, and (5) upon receipt of a forwarding decision, forwarding the buffer pointer(s) to the output port(s) indicated by the forwarding decision.
- Output packet processing may be performed by one or more output ports of the network interface 205.
- Output processing includes requesting packet data from the shared memory manager 220, transmitting packets onto the network, and requesting deallocation of buffer(s) after packets have been transmitted.
- the network interface 205, the CPU interface 215, and the cascading interface 225 are coupled to the shared memory manager 220 and the switch fabric block 210.
- critical functions such as packet forwarding and packet buffering are centralized as shown in Figure 2.
- the shared memory manager 220 provides an efficient centralized interface to the external shared memory 230 for buffering of incoming packets.
- the switch fabric block 210 includes a search engine and learning logic for searching and maintaining the forwarding and filtering database 140 with the assistance of the CPU 161.
- the centralized switch fabric block 210 includes a search engine that provides access to the forwarding and filtering database 140 on behalf of the interfaces 205, 215, and 225.
- Packet header matching, Layer 2 based learning, Layer 2 and Layer 3 packet forwarding, filtering, and aging are exemplary functions that may be performed by the switch fabric block 210.
- Each input port is coupled with the switch fabric block 210 to receive forwarding decisions for received packets.
- the forwarding decision indicates the outbound port(s) (e.g., external network port or internal cascading port) upon which the corresponding packet should be transmitted. Additional information may also be included in the forwarding decision to support hardware routing such as a new MAC destination address (DA) for MAC DA replacement. Further, a priority indication may also be included in the forwarding decision to facilitate prioritization of packet traffic through the switch element 100.
- DA new MAC destination address
- Ethernet packets are centrally buffered and managed by the shared memory manager 220.
- the shared memory manager 220 interfaces every input port and output port and performs dynamic memory allocation and deallocation on their behalf, respectively.
- one or more buffers are allocated in the external shared memory 230 and an incoming packet is stored by the shared memory manager 220 responsive to commands received from the network interface 205, for example.
- the shared memory manager 220 retrieves the packet from the external shared memory 230 and deallocates buffers that are no longer in use.
- the shared memory manager 220 preferably also tracks buffer ownership.
- INPUT PORT/SWITCH FABRIC INTERFACE Before describing the internal details of the switch fabric 210, the interface between the input ports (e.g., any port on which packets may be received) and the switch fabric 210 will now briefly be discussed. Input ports in each of the CPU interface 215, the network interface 205, and the cascading interface 225 request forwarding decisions for incoming packets from the switch fabric 210. According to one embodiment of the present invention, the following interface is employed:
- These forward request signals are output by the input ports to the switch fabric 210. They have two purposes. First, they serve as an indication to the switch fabric 210 that the corresponding input port has received a valid packet header and is ready to stream the packet header to the switch fabric. A header transfer grant signal (see Hdr_Xfr_Gnt[N:0] below) is expected to be asserted before transfer of the packet header will begin. Second, these signals serve as a request for a forwarding decision after the header transfer grant is detected. The forward request signals are deasserted in the clock period after a forwarding decision acknowledgment is detected from the switch fabric 210 (see Fwd_Ack[N:0] below).
- header transfer grant signals are output by the switch fabric 210 to the input ports. More specifically, these signals are output by the switch fabric's header preprocessing logic that will be described further below. At any rate, the header transfer signal indicates the header preprocessing logic is ready to accept the packet header from the corresponding input port. Upon detecting the assertion of the header transfer grant, the corresponding input port will begin streaming continuous header fields to the switch fabric 210.
- the header bus is a dedicated X-bit wide bus from each input port to the switch fabric 210.
- X is 16, thereby allowing the packet header to be transferred as double bytes.
- These forwarding decision acknowledgment signals are generated by the switch fabric 210 in response to corresponding forwarding request signals from the input ports (see Fwd_Req[N:0] above). These signals are deasserted while the forwarding decision is not ready. When a forwarding decision acknowledgment signal does become asserted, the corresponding input port should assume the forwarding decision bus (see Fwd_Decision[Y:0] below) has a valid forwarding decision. After detecting its forwarding decision acknowledgment, the corresponding input port may make another forwarding request, if needed.
- This forwarding decision bus is shared by all input ports. It indicates the output port number(s) on which to forward the packet.
- the forwarding decision may also include data indicative of the outgoing packet's priority, VID insertion, DA replacement, and other information that may be useful to the input ports.
- FIG. 3 a block diagram of an exemplary switch fabric 210 is depicted.
- the switch fabric 210 is responsible for directing packets from an input port to an output port.
- the goal of the switch fabric 210 is to generate forwarding decisions to the input ports in the shortest time possible to keep the delay though the switch low and to achieve wire speed switching on all ports.
- the primary functions of the switch fabric are performing real-time packet header matching, Layer 2 (L2) based learning, L2 and Layer 3 (L3) aging, forming L2 and L3 search keys for searching and retrieving forwarding information from the forwarding database memory 140 on behalf of the input ports, and providing a command interface for software to efficiently manage entries in the forwarding database memory 140.
- Layer 2 based learning is the process of constantly updating the MAC address portion of the forwarding database 140 based on the traffic that passes through the switching device. When a packet enters the switching device, an entry is created (or an existing entry is updated) in the database that correlates the MAC source address (SA) of the packet with the input port upon which the packet arrived. In this manner, a switching device "learns" on which subnet a node resides.
- SA MAC source address
- Aging is carried out on both link and network layers. It is the process of time stamping entries and removing expired entries from the forwarding database memory 140.
- the former is for Layer 2 aging and the latter aids in removal of inactive Layer 3 flows. Thus, aging helps reclaim inactive flow space for new flows.
- an aging field is set in the forwarding database entries. Entries that are found during MAC SA or MAC DA searching will have their aging fields cleared. Thus, active entries will have an aged bit set to zero, for example.
- software or hardware may remove the inactive (expired) entries from the forwarding database memory 140; thereby allowing for more efficient database management. Aging also enables connectivity restoration to a node that has "moved and kept silent" since it was learned. Such a node can only be reached through flooding.
- packets are broadly categorized in one of two groups, either L2 entries or L3 entries.
- the L3 entries may be further classified as being part of one of several header classes.
- Exemplary header classes include: (1) an Address Resolution Protocol (ARP) class indicating the packet header is associated with an ARP packet; (2) a reverse ARP (RARP) class indicating the packet header is associated with a RARP packet; (3) a PIM class indicating the packet header is associated with a PIM packet; (4) a Reservation Protocol (RSVP) class indicating the packet header is associated with an RSVP packet; (5) an Internet Group Management Protocol (IGMP) class indicating the packet header is associated with a IGMP packet; (6) a Transmission Control Protocol (TCP) flow class indicating the packet header is associated with a TCP packet; (7) a non-fragmented User Datagram Protocol (UDP) flow class indicating the packet header is associated with a non-fragmented UDP packet; (8) a fragmented UDP flow class indicating the packet header is associated with a fragmented UDP packet; (9) a hardware routable Internet Protocol (IP) class indicating the packet header is associated with a hardware routable IP packet; and (10) an IP version six
- search keys are formed based upon an encoding of the header class and selected information from the incoming packet's header.
- L2 search keys may be formed based upon the header class, the L2 address and the VID.
- L3 search keys may be formed based upon the header class, an input port list, and selectable L3 header fields based upon the header class, for example.
- Masks may be provided on a per header class basis in local switch element 100 memory to facilitate the header field selection, in one embodiment.
- the switch fabric 210 includes a header preprocess arbitor 360, packet header preprocessing logic 305, a search engine 370, learning logic 350, a software command execution block 340, and a forwarding database memory interface 310.
- the header preprocess arbitor 360 is coupled to the packet header preprocessing logic 305 and to the input ports of the network interface 205, the cascading interface 225, and the CPU interface 215.
- the input ports transfer packet headers to the switch fabric 210 and request forwarding decisions in the manner described above, for example.
- the switch fabric 210 may support mixed port speeds by giving priority to the faster network links.
- the header preprocess arbitor 360 may be configured to arbitrate between the forwarding requests in a prioritized round robin fashion giving priority to the faster interfaces by servicing each fast interface (e.g., Gigabit Ethernet port) for each N slower interfaces (e.g., Fast Ethernet ports).
- the header preprocess arbitor 360 Upon selecting a forward request to service, the header preprocess arbitor 360 transfers the corresponding packet header to the header preprocess logic 305.
- the header preprocessing logic 305 performs L2 encapsulation filtering and alignment, and L3 header comparison and selection logic.
- the search engine 370 is coupled to the forwarding database memory interface 310 for making search requests and to the header preprocessing logic 305 for information for generating search keys.
- the search engine 370 is also coupled to the learning logic 350 to trigger the learning processing.
- the search engine 370 contains logic for scheduling and performing accesses into the forwarding database memory 140 and executes the forward and filter algorithm including performing search key formation, merging L2 and L3 results retrieved from the forwarding database memory 140, filtering, and generating forwarding decisions to the requesting input ports, etc.
- updated forwarding database entry information such as a cleared age bit or a modified output port list, is provided by the learning logic 350 at the appropriate time during the searching cycle for update of the forwarding database memory 140.
- the search engine 370 when search results become available from the forwarding database memory 140, the search engine 370 generates and transfers a forwarding decision to the requesting input port.
- the forwarding database memory interface 310 accepts and arbitrates access requests to the forwarding database memory 140 from the search engine 370 and the software command execution block 340.
- the software command execution block 340 is coupled to the CPU bus.
- Programmable command, status, and internal registers may be provided in the software command execution block 340 for exchanging information with the CPU 161.
- the switch fabric 210 shields the CPU from the tens or hundreds of low-level instructions that may be required depending upon the forwarding database memory implementation. For example, in an architecture providing the CPU with direct access to a content addressable memory, for example, a great deal of additional software would be required to access the forwarding database memory. This additional software would be unnecessarily redundant, in light of the fact that the switch fabric 210 already has knowledge of the forwarding database memory 140 interface.
- the software command execution block 340 may provide a predetermined set of commands to the software for efficient access to and maintenance of the forwarding database memory 140.
- the predetermined set of commands described below have been defined in such a way so as to reduce overall PIOs. These commands as well as the programmable registers will be discussed in further detail below.
- An exemplary set of registers includes the following: (1) a command and status register for receiving commands from the CPU 161 and indicating the status of a pending command; (2) a write new entry register for temporarily storing a new entry to be written to the forwarding database 140; (3) a write key register for storing the key used to locate the appropriate forwarding database entry; (4) a write data register for storing data to be written to the forwarding database 140; (5) an address counter register for storing the location in the forwarding database memory to read or update; (6) a read entry register for storing the results of a read entry operation; and (7) a read data register for storing the results of other read operations.
- an address counter register is used to facilitate access to the forwarding database memory 140.
- the software only needs to program the address register with the start address of a sequence of reads/writes prior to the initial read/write of the sequence. After the initial memory access, the address register will be automatically incremented for subsequent accesses.
- additional PIOs are saved, because the software is not required to update the address prior to each memory access.
- the software command execution block 340 is further coupled to the forwarding database memory interface 310. Commands and data are read from the programmable registers by the software command execution block 340 and appropriate forwarding database memory access requests and events are generated as described in further detail with reference to Figure 9.
- the software command execution block 340 may also provide status of the commands back to the software via status registers. In this manner, the software command execution block 340 provides hardware assisted CPU access to the forwarding database memory 140.
- PACKET HEADER PROCESSING Figure 4 illustrates the portions of a generic packet header that are operated upon by the pipelined header preprocessing subblocks of Figure 5 according to one embodiment of the present invention.
- a packet header 499 is partitioned into four portions, an L2 header portion 475, an L2 encapsulation portion 480, an L3 address independent portion 485, and an L3 address dependent portion 490.
- the L2 header portion 475 may comprise a MAC SA field and a MAC DA field.
- the L2 encapsulation portion may include a virtual local area network (VLAN) tag or an 802.3 type/length field and an LLC SNAP field.
- the L3 address independent portion 485 may comprise an IP flags/fragment offset field and a protocol field.
- the L3 address dependent portion 490 may comprise an IP source field, an IP destination field, a TCP source port, and a TCP destination port. Note that the relative position of fields in the L3 address independent portion 485 and the L3 address dependent portion 490 may be different depending upon the type of encapsulation in the L2 encapsulation portion 480.
- Figure 5 illustrates pipelined header preprocessing subblocks according to one embodiment of the present invention.
- the header preprocessing logic 305 may be implemented as a four stage pipeline. Each stage in the pipeline operates on a corresponding portion of the packet header 499.
- the pipeline depicted includes four stage arbitors 501-504, an address accumulation block 510, an encapsulation block 520, an L3 header class matching block 530, and an L3 address dependent block 540.
- the header preprocessing logic 305 may simultaneously process packet headers from four input ports.
- the address accumulation block 510 may be processing the L2 header portion 475 of a packet from a first input port
- the encapsulation block 520 may be processing the L2 encapsulation portion 480 of a packet from a second input port
- the L3 header class matching block 530 may be processing the L3 address independent portion 485 of a third input port
- the L3 address dependent block 540 may be processing the L3 address dependent portion 490 of a packet from a forth input port.
- header portions depicted in Figure 4 has been selected for convenience. The boundaries for these header portions 475-490 are readily identifiable based upon known characteristics of the fields within each of the exemplary header portions 475-490. Further, the header portions 475-490 can be processed in approximately equal times.
- the arbitors 501-504 coordinate access to the stages of the pipeline. The arbitors 501-504 function so as to cause a given packet to be sequentially processed one stage at a time starting with the address accumulation block 510 and ending with the L3 address dependent block 540.
- the first stage of the pipeline is configured to extract the MAC S A and MAC DA from the L2 header portion 475 of the packet header.
- the address accumulation block 510 then transfers the extracted information to the search engine for use as part of the L2 search key 545.
- the encapsulation block 520 is configured to determine the type of encapsulation of the L2 encapsulation portion 480 of the packet header. As indicated above, the relative positioning of fields following the L2 encapsulation portion varies depending upon the type of encapsulation employed. Therefore, the encapsulation block further calculates an offset from the start of the L2 encapsulation portion 480 to the start of the L3 address independent portion 485. The offset may then be used by the subsequent stages to align the packet header appropriately.
- the L3 header class matching block 530 is configured to determine the class of the L3 header by comparing the packet header to a plurality of programmable registers that may contain predetermined values known to facilitate identification of the L3 header class. Each programmable register should be set such that only one header class will match for any given packet. Once a given register has been determined to match, a class code is output to the search engine for use as part of the L3 search key.
- the L3 address dependent block 540 is configured to extract appropriate bytes of the L3 address dependent portion 490 for use in the L3 search key 555. This extraction may be performed by employing M CPU programmable byte and bit masks, for example.
- the programmable byte and bit mask corresponding to the header class, determined by the L3 header class matching block 530, may be used to mask off the desired fields.
- pipelining the header preprocess logic 305 saves hardware implementation overhead. For example, multiple packet headers may be processed simultaneously in a single processing block rather than four processing blocks that would typically be required to implement the logic of Figure 5 in a non-pipelined fashion. Note that additional parallelism may be achieved by, further pipelining the above header preprocessing with forwarding database memory 140 accesses.
- L2 searches may be initiated as soon as a packet header completes the first stage and an L2 search key becomes available from the search engine 370. Subsequent L2 searches may be initiated as new L2 search keys become available and after the previous forwarding database memory access has completed.
- FORWARDING DATABASE MEMORY Figure 6 illustrates a physical organization of the forwarding database memory of Figure 2 according to one embodiment of the present invention.
- the forwarding database memory 140 includes two cascaded fully associative content addressable memories (CAMs), 610 and 620, and a static random access memory (SRAM) 630.
- CAMs fully associative content addressable memories
- SRAM static random access memory
- the switch fabric 210 in collaboration with the CPU 161, maintains a combined link layer (also referred to as "Layer 2") and network layer (also referred to as "Layer 3”) packet header field-based forwarding and filtering database 140.
- the forwarding and filtering database 140 is stored primarily in off-chip memory (e.g., one or more CAMs and SRAM) and contains information for making real-time packet forwarding and filtering decisions.
- L2 database Layer 2 (L2) entries and Layer 3 (L3) entries
- L3 database Layer 3 database
- L2 database the group of L2 entries
- L3 database the group of L3 entries
- the L2 database and L3 database may span CAMs. That is, either CAM may contain L2 and/or L3 entries. Both Layer 2 and Layer 3 forwarding databases are stored in the CAM-RAM chip set.
- the data contained in the CAM portion of the forwarding database memory 140 will be referred to as "associative data,” while the data contained in the SRAM portion of the forwarding database memory 140 will be referred to as "associated data.”
- entries may be retrieved from the L2 database using a key of a first size and entries may be retrieved from the L3 database using a key of a second size. Therefore, in one embodiment, the switching element 100 may mix CAMs of different widths.
- the logical view to the switch fabric 210 and the CPU 161 should be a contiguous memory that accepts bit match operations of at least two different sizes, where all or part of the memory is as wide as the largest bit match operation.
- both CAMs 610 and 620 may be the same width, while in other embodiments the CAMs 610 and 620 may have different widths.
- both CAMs 610 and 620 may be 128-bits wide and 2K deep or the first CAM 610 may be 128-bits wide and the second CAM 620 may be 64-bits wide. Since L2 entries are typically narrower than L3 entries, in the mixed CAM width embodiments, it may be advantageous to optimize the narrower CAM width for L2 entries. In this case, however, only L2 entries can be stored in the narrower CAM. However, both L2 and L3 entries may still reside in the wider CAM.
- MPB mask per bit
- L2 and L3 databases may use more or less CAMs than depicted above.
- the L2 and L3 databases may be combined in a single memory in alternative embodiments.
- One or more lines of the SRAM 630 may be associated with each entry in the CAM portion. It should be noted that a portion of the CAM could have been used as RAM. However, one of the goals of partitioning the associative data and the associated data is to produce a minimum set of associative data for effective searching while storing the rest of the associated data in a separate memory, a cheaper RAM, for example. As will be discussed below, with respect to Figures 8A-C, separating the associative data and the associated data allows the forwarding database memory 140 to be more efficiently searched and updated. Additional advantages are achieved with an efficient partitioning between associative data and associated data.
- the associative data is the data with which the search key is matched.
- the associative data may contain one or more of the following fields depending upon the type of entry (e.g., L2 or L3):
- MAC media access control
- VLAN virtual local area network
- VIP virtual local area network identifier
- IP Internet Protocol
- the associative data may also contain variable bits of the above by employing a mask per bit (MPB) CAM as described above.
- the associated data generally contains information such as an indication of the output port(s) to which the packet may be forwarded, control bits, information to keep track of the activeness of the source and destination nodes, etc.
- the associated data includes the MAC address for MAC DA replacement and the VID for tagging.
- the associated data may contain one or more of the following fields:
- a port mask indicating the set of one or more ports the packet may be forwarded to
- next hop destination address field defining the next hop L2 DA to be used to replace the original DA
- new VID field that may be used as a new tag for the packet when routing between VLANs requires an outgoing tag different than the incoming tag, for example
- an aged source indication for determining which L2 entries are active in the forwarding database, and which may be removed;
- an aged destination indication for implementing IEEE 802. Id type address aging to determine which L2 or L3 entries are active in the forwarding database, and which may be removed.
- an L2 override indication for instructing the merge function to use the L2 result for forwarding even when an L3 result is available
- a static indication for identifying static entries in the forwarding database that are not subject to automatic L2 learning or aging
- FIG. 7 is a flow diagram illustrating the forwarding database memory search supercycle decision logic according to one embodiment of the present invention.
- step 702 depending upon whether the packet is being received on an internal link or an external link, processing continues with step 704 or step 706, respectively.
- Internal link specific processing includes steps 704, 712, 714, 720, 722, and 724.
- step 704 since the packet has been received from an internal link, a check is performed to determine if the packet is part of a distributed flow. If so, processing continues with step 714. If the packet is not part of a distributed flow, then processing continues with step 712.
- an L3 search is performed to retrieve a forwarding decision for the incoming packet.
- a determination is made as to whether a matching L3 entry was found during the search of step 714. If not, then, at step 722, the class action defaults are applied (e.g., forwarding the packet or the packet header to the CPU 161) and processing continues at step 780. If a matching L3 was found, then, at step 724, the associated data corresponding to the matching entry is read from the forwarding database 140 and processing continues at step 780.
- Step 708 Layer 2 learning is performed. After the learning cycle the header class is determined and, at step 716, the header class is compared against the L3 unicast route header class. If there is a match at step 716, processing continues with step 726; otherwise, another test is performed at step 718. At step 718, the header class is compared to the remaining L3 header classes.
- Specific processing for packets associated with headers classified as L2 includes steps 728 and 738. If the header class was determined not to be an L3 header class, then at step 728, a DA search is performed for an L2 forwarding decision. At step 738, the L2 decision algorithm is applied and processing continues at step 780.
- Specific processing for packets associated with headers classified as L3 route includes steps 726, 732, 734, 736, 748, 750, 754, 756, 752, 758, and 760.
- step 726 an L3 search is performed on the forwarding database 140. If a matching L3 entry is found (step 732), then the associated data corresponding to the matching entry is read from the forwarding database 140 (step 736). Otherwise, at step 734, the class action options are applied and processing continues with step 780.
- step 748 If the packet is a multicast packet (step 748), then the Time_To_Live (TTL) counter is tested against zero or one (step 750), otherwise processing continues at step 752. If TTL was determined to be zero or one, in step 750, then the packet is forwarded to the CPU 161 prior to continuing with step 780. Otherwise, at step 754, a destination address search is performed to retrieve an L2 forwarding entry from the forwarding database 140 and the L2 decision algorithm is applied (step 756). If the packet was determined to be a unicast packet in step 748, then TTL is tested against zero or one (step 752). If TTL was determined to be zero or one, then the packet is forwarded to the CPU 161. Otherwise the L3 match is employed at step 760 and processing continues with step 780.
- TTL Time_To_Live
- Specific processing for packets associated with headers classified as L3 includes steps 730, 740, 742, 762, 764, 766, 744, 746, 768, and 770.
- an L3 search is requested from the forwarding database 140. If a matching L3 entry is found (step 740), then the associated data corresponding to the matching entry is read from the forwarding database 140 (step 744). Otherwise, when no matching L3 entry is found, at step 742 a DA search is performed to find a matching L2 entry in the forwarding database 140.
- step 762 If the forwarding decision indicates the L2 decision should be used (step 762), then the L2 decision algorithm is applied at step 770. Otherwise, the class action options are applied (step 764). If the class action options indicate the packet is to be forwarded using the L2 results (step 766), then processing continues at step 770. Otherwise, the processing branches to step 780.
- a destination address search is performed on the forwarding database 140 using the packet's destination address. If the forwarding decision indicates the L2 decision should be used (step 768), then processing continues with step 770. Otherwise, the associated data retrieved at step 744 will be employed and processing continues with step 780. At step 770, the L2 decision algorithm is applied and processing continues with step 780. Finally, the forwarding decision is assembled (step 780).
- packet processing for packets arriving on external links typically requires two to four associative lookups (i.e., two or more of the following: L2 SA match, L2 learning, Unicast route class match, L2 DA match).
- the L2 DA match may be eliminated whenever a port update access is needed for L2 learning.
- the elimination of the L2 DA match may result in flooding one extra packet when a topology change occurs, the port update access is a relatively rare event.
- the number of associative lookups is normally limited to a maximum of three per packet, without compromising functionality.
- Figures 8A-C are timing diagrams illustrating the three worst case content addressable memory search supercycles.
- the partitioning of data among the CAM-RAM architecture described with respect to Figure 4 allows forwarding database memory accesses to be pipelined.
- the switch fabric saves valuable cycles by hiding RAM reads and writes within CAM accesses. For example, RAM reads and writes can be at least partially hidden within the slower CAM accesses for each of the supercycles depicted.
- the first CAM short search represents the L2 S A search of the CAMs 410 and 420 for purposes of L2 learning.
- the associated data in the SRAM 630 may immediately be updated (e.g., RAM read and RAM write) while the next CAM short search (L2 DA search) is taking place.
- Figure 8B illustrates a case in which L2 and L3 searches are combined.
- the first CAM short search represents an L2 SA search.
- the CAM long search represents a search of the forwarding database 140 for a matching L3 entry.
- the SRAM read and write may be performed during the following CAM access. If a matching L3 entry is found, then the RAM burst read of the associated data corresponding to the matching entry can be performed during the second CAM short search which represents an L2 DA search.
- Figure 8C illustrates another case in which L2 and L3 searches are combined.
- the second CAM access is not performed.
- the pipelining of the CAM and SRAM effectively decouples the speed of the memories.
- the partitioning between the CAM(s) and the SRAM should now be appreciated. Because CAM accesses are slower than the accesses to the SRAM, it is desirable to allocate as much of the forwarding information as possible to the SRAM. Observing the gaps between the completion of the RAM writes and the completion of the second CAM access, it is apparent that increasing the speed of the CAM(s) can reduce these gaps.
- FIG. 9 is a flow diagram illustrating generalized command processing for typical forwarding database memory access commands according to one embodiment of the present invention.
- the CPU programs appropriate data registers in the software command execution block 340 using PIOs. For example, certain forwarding database access commands are operable upon a specified address that should be supplied by the CPU 161 prior to issuing the command.
- the CPU 161 issues the desired command. This may be accomplished by writing a command code corresponding to the desired command to a command register.
- the CPU 161 polls a status register until the command issued in step 920 is complete (step 930).
- the CPU 161 need not poll the status register, rather the CPU 161 is free to perform other functions and may check the status register at a time when the command is expected to be complete.
- Another alternative is to provide an interrupt mechanism for the switch fabric to notify the CPU 161 when the requested command is complete.
- the CPU may act on the result(s).
- the results may be provided in memory mapped registers in the software command execution block 340, for example.
- the CPU 161 may retrieve the result(s) with a PIO read if necessary.
- the issuance of the command by the CPU 161 triggers logic in the software command execution block 340, for example, to load the appropriate command parameters. These command parameters are assumed to have been previously provided by the CPU 161 at step 910.
- the software command execution block 340 issues the appropriate forwarding database memory specific command(s) to perform the requested task. In this manner, the CPU 161 requires no knowledge of the underlying raw instruction set for the particular memory or memories used to implement the forwarding database 140.
- the software command execution block 340 updates the result(s) in appropriate interface registers.
- the software command execution block 340 sets one or more command status flag(s) to indicate to the CPU 161 that the command is complete.
- one or more additional status flags may be provided to indicate whether or not the command completed successfully, whether or not an error occurred, and/or other information that may be useful to the CPU 161.
- one or more commands may be provided for accessing entries in the forwarding database 140.
- it may be useful to read a newly learned Layer 2 (L2) entry.
- L2 entry the CPU 161 first programs counters in the switch fabric 210 for addressing the forwarding database memory 140. Subsequently, the CPU 161 writes the Read_CAM_Entry command to a command register in the switch fabric 210. When it is the CPU's turn to be serviced by the switch fabric, the switch fabric will read the counters and perform access the forwarding database memory 140 to retrieve the newly learned L2 entry.
- the switch fabric 210 then writes the L2 entry to an output register that is accessible by the CPU 161 and sets the command status done flag. After the command is complete, and assuming the command was successful, the CPU 161 may read the L2 entry from the output register.
- the Read_CAM_Entry command in combination with the address counter register are especially useful for burst reads in connection with updating the software's image of the entire forwarding database, for example. Because the hardware will automatically increment the address counter register at the completion of each memory access. The software only needs to program the address register prior to the first memory access. In this manner, the software may read the entire forwarding database 140 very efficiently. Similarly, it will be apparent that other forwarding memory accesses are also simplified such as sequences of writes during L3 entry initialization. The mechanism for writing entries to the forwarding database memory 140 will now be described.
- the CPU 161 may be able to write an entry to the forwarding database memory.
- it may be useful to initialize all L3 entries in the forwarding database with a predetermined filler (or dummy) value.
- This command may also be useful for invalidation of L3 entries or before performing a mask update in a mask per bit (MPB) content associative memory (CAM), for example.
- MPB mask per bit
- a Write_CAM_Entry command is provided for this purpose.
- the CPU 161 should first program the appropriate counters in the switch fabric 210.
- the CPU 161 also provides the L3 key to be written to the forwarding database memory 140. After these steps, the CPU 161 may issue the Write_CAM_Entry command using a PIO write to the command register.
- the CPU 161 may then begin polling the command status.
- the switch fabric 210 reads the parameters provided by the CPU 161 and initializes the corresponding L3 entry to a predetermined filler (or dummy). After the write is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. Commands may also be provided for accessing associated data. According to one embodiment of the present invention the following operations are provided: (1) learning a supplied address; (2) reading associated data corresponding to a supplied search key; (3) aging forwarding database entries; (4) invalidating entries; (5) accessing mask data, such as mask data that may be stored in a MPB CAM, corresponding to a particular search key; and (6) replacing forwarding database entries.
- L2 source address learning may be performed by a Learn_L2_SA command.
- the CPU 161 programs the appropriate registers in the switch fabric 210 with an L2 search key and a new entry to insert or a modified entry. Then, CPU 161 issues the Learn_L2_SA command and begins polling the command status.
- the switch fabric 210 reads the data provided by the CPU 161. If an entry is not found in the forwarding database 140 that matches the supplied address, then the new entry will be inserted into the forwarding database. After the insertion is complete or upon verifying a matching entry already exists, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. It is also convenient for the CPU 161 to be able to perform aging.
- Age_SA and Age_DA commands are provided for this purpose.
- the CPU 161 writes the appropriate key and the modified age field to the switch fabric interface. Then, CPU 161 issues either the Age_SA command or the Age_DA command.
- the Age_SA command sets the source address age field in the L2 entry corresponding to the provided search key.
- the Age_DA command sets the destination address age field for the L2 or L3 entry corresponding to the provided search key.
- the CPU 161 may begin polling the command status.
- the switch fabric 210 reads the data provided by the CPU 161 and updates the appropriate age field in the matching entry. After aging is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag.
- the CPU 161 may also need to have the ability to invalidate forwarding database entries such as aged L2 entries, for example.
- the Invalidate_L2_Entry command is provided for this purpose. Prior to issuing the Invalidate_L2_Entry command, the CPU 161 programs the appropriate address counters in the switch fabric 210. After issuing the command, the CPU 161 may begin polling the command status. The switch fabric 210 reads the data provided by the CPU 161 and resets the validity bit at the address counter location specified. After the entry invalidation is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. In embodiments employing MPB CAMs, typically the CAM stores alternating sets of data and masks.
- Each set of data has a corresponding mask.
- the masks allow programmable selection of portions of data from the corresponding CAM line.
- the Update_Mask command is provided for this purpose.
- the CPU 161 programs the address counter register and programs the new mask into the appropriate register. Then, CPU 161 issues the Update_Mask command and may begin polling the command status.
- the switch fabric 210 reads the parameters provided by the CPU 161 and updates the mask data corresponding to the specified address.
- the switch fabric 210 After the mask data update is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag.
- the CPU 161 may also read mask data in a similar fashion by employing a Read_Mask command and providing the appropriate address.
- the Replace_L3 command is provided for this purpose.
- the CPU 161 provides an L3 search key to the switch fabric 210 and provides the new valid L3 entry. Then, the CPU 161 issues the Replace_L3 command and may begin polling the command status.
- the switch fabric 210 reads the parameters provided by the CPU 161 and performs a search of the forwarding database 140 for the matching L3 entry. After locating the matching L3 entry, the associated data corresponding to the matching entry is replaced with the new valid L3 entry provided by the CPU 161. After the L3 entry has been replaced, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag.
Abstract
A switch fabric (210) provides access to a forwarding database (140) on behalf of a processor (161). The switch fabric (210) includes a memory access interface configured to arbitrate access to a forwarding database (140) memory. The switch fabric (210) also includes a search engine coupled to the memory access interface and to multiple input ports (140). The search engine is configured to schedule and perform accesses to the forwarding database (140) memory and to transfer forwarding decisions retrieved therefrom to the input ports (205). The switch fabric (210) further includes command execution logic that is configured to interface with the processor (161) for performing forwarding database (140) accesses requested by the processor. One or more commands are provided for 1) learning a supplied address; 2) reading associated data corresponding to a search key; 3) ageing forwarding database (140) entries; 4) invalidating entries; (5) accessing mask data; 6) replacing forwarding database (140) entries; and 7) accessing entries in the forwarding database (140).
Description
HARD WARE- ASSISTED CENTRAL PROCESSING UNIT ACCESS TO A FORWARDING
DATABASE
FIELD OF THE INVENTION
The invention relates generally to the field of computer networking devices. More particularly, the invention relates to a switch search engine architecture providing efficient hardware-assisted central processing unit access to a forwarding database.
BACKGROUND OF THE INVENTION
One of the critical aspects for achieving a cost-effective high-performance switch implementation is the architecture of the forwarding database search engine, which is the centerpiece of every switch design. Optimal partitioning of functions between hardware and software and efficient interaction between the search engine and its "clients" (e.g., switch input ports and the central processing unit) play a crucial role in the overall performance of the switching fabric.
Typically, assistance from a central processing unit (CPU) is necessary for maintaining a switch's forwarding database. For example, the CPU may remove or invalidate aged Layer 3 flows in the forwarding database. Also, the CPU may be used to update entries in the forwarding database or reorder the entries. If the CPU is to assist the search engine in maintaining the forwarding database, there must be a mechanism for the
CPU to read, update, and otherwise manipulate entries in the forwarding database.
One approach is to provide the CPU with direct access to the forwarding database. Using this approach, the CPU updates the forwarding database using programmed input/output (PIO) instructions. Since, the direct access to the forwarding database will
typically include glue logic of some sort, such as an arbitor or the like, with this approach both cost and complexity are increased. Further, the search engine may be forced to wait for an indeterminate amount of time for the CPU PIO accesses to complete before its accesses will be serviced. Therefore, the relatively slow speed of PIOs may cause inefficient utilization of the search engine's bandwidth.
This approach is further complicated in view of the fact that the memories typically employed for forwarding databases may provide tens or hundreds of low-level instructions for data manipulation. In this situation, a great deal of software must be developed for performing these low-level calls. While a forwarding database memory driver may be written to provide a layer of abstraction between the CPU 161 and these low-level calls, at some level the software must always know each and every raw instruction that is to be utilized.
Further, even with this layer of abstraction, the CPU will ultimately have to execute the raw instructions to gain access to the forwarding database. Since the relative amount of time required for forwarding database maintenance is dependent in part upon the number of instructions the CPU must execute during the maintenance, it should be apparent that this direct access approach is inefficient. Moreover, in the context of a distributed switching device in which multiple forwarding databases may be maintained, the above inefficiencies are multiplied by the number of distributed forwarding databases. Based on the foregoing, it is desirable to centralize the forwarding database access mechanism. More specifically, it is desirable to provide the switch's CPU with hardware- assisted efficient access to the forwarding database to more efficiently utilize the switch fabric bandwidth and reduce the amount of time required for forwarding database maintenance. It would also be advantageous to make use of the switch fabric's knowledge
of the low-level instructions for accessing the forwarding database to avoid duplicating interface logic to the forwarding database. Further, it is desirable to provide a relatively small set of independent forwarding database commands to assure bounded service time and reduced overall PIOs.
SUMMARY OF THE INVENTION
A method and apparatus for providing hardware-assisted CPU access to a forwarding database is described. According to one aspect of the present invention, a switch fabric provides access to a forwarding database on behalf of a processor. The switch fabric includes a memory access interface configured to arbitrate accesses to a forwarding database memory. The switch fabric also includes a search engine coupled to the memory access interface and to multiple input ports. The search engine is configured to schedule and perform accesses to the forwarding database memory and to transfer forwarding decisions retrieved therefrom to the input ports. The switch fabric further includes command execution logic that is configured to interface with the processor for performing forwarding database accesses requested by the processor.
According to another aspect of the invention one or more commands are provided to implement the following functions: (1) learning a supplied address; (2) reading associated data corresponding to a supplied search key; (3) aging forwarding database entries; (4) invalidating entries; (5) accessing mask data, such as mask data that may be stored in a mask per bit (MPB) content addressable memory (CAM), corresponding to a particular search key; (6) replacing forwarding database entries; and (7) accessing search keys in the forwarding database. In this manner, the CPU is provided with a condensed set of commands without loss of functionality and the CPU is shielded from the raw instruction set of the particular forwarding database memory.
Other features of the present invention will be apparent from the accompanying drawings and from the detailed description which follows.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which:
Figure 1 illustrates a switch according to one embodiment of the present invention. Figure 2 is a simplified block diagram of an exemplary switch element that may be utilized in the switch of Figure 1.
Figure 3 is a block diagram of the switch fabric of Figure 2 according to one embodiment of the present invention.
Figure 4 illustrates the portions of a generic packet header that are operated upon by the pipelined header preprocessing subblocks of Figure 5 according to one embodiment of the present invention.
Figure 5 illustrates pipelined header preprocessing subblocks of the header processing logic of Figure 3 according to one embodiment of the present invention.
Figure 6 illustrates a physical organization of the forwarding memory of Figure 2 according to one embodiment of the present invention.
Figure 7 is a flow diagram illustrating the forwarding database memory search supercycle decision logic according to one embodiment of the present invention. Figures 8A-C are timing diagrams illustrating three exemplary forwarding database memory search supercycles.
Figures 9 is a flow diagram illustrating generalized command processing for typical forwarding database memory access commands according to one embodiment of the present invention.
DET AILED DESCRIPTION
A search engine architecture providing hardware-assisted CPU access to a forwarding database is described. In the following description, for the purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without some of these specific details. In other instances, well-known structures and devices are shown in block diagram form. The present invention includes various steps, which will be described below. While, according to one embodiment of the present invention, the steps are performed by the hardware components described below, the steps may alternatively be embodied in machine-executable instructions, which may be used to cause a general-purpose or special- purpose processor programmed with the instructions to perform the steps. Further, embodiments of the present invention will be described with reference to a high speed Ethernet switch. However, the method and apparatus described herein are equally applicable to other types of network devices.
AN EXEMPLARY NETWORK ELEMENT An overview of one embodiment of a network element that operates in accordance with the teachings of the present invention is illustrated in Figure 1. The network element is used to interconnect a number of nodes and end-stations in a variety of different ways. In particular, an application of the multi-layer distributed network element (MLDNE) would be to route packets according to predefined routing protocols over a homogenous data link layer such as the IEEE 802.3 standard, also known as the Ethernet. Other routing protocols can also be used.
The MLDNE's distributed architecture can be configured to route message traffic in accordance with a number of known or future routing algorithms. In a preferred embodiment, the MLDNE is configured to handle message traffic using the Internet suite of protocols, and more specifically the Transmission Control Protocol (TCP) and the Internet Protocol (IP) over the Ethernet LAN standard and medium access control (MAC) data link layer. The TCP is also referred to here as a Layer 4 protocol, while the IP is referred to repeatedly as a Layer 3 protocol.
In one embodiment of the MLDNE, a network element is configured to implement packet routing functions in a distributed manner, i.e., different parts of a function are performed by different subsystems in the MLDNE, while the final result of the functions remains transparent to the external nodes and end-stations. As will be appreciated from the discussion below and the diagram in Figure 1, the MLDNE has a scalable architecture which allows the designer to predictably increase the number of external connections by adding additional subsystems, thereby allowing greater flexibility in defining the MLDNE as a stand alone router.
As illustrated in block diagram form in Figure 1, the MLDNE 101 contains a number of subsystems 1 10 that are fully meshed and interconnected using a number of internal links 141 to create a larger switch. At least one internal link couples any two subsystems. Each subsystem 110 includes a switch element 100 coupled to a forwarding and filtering database 140, also referred to as a forwarding database. The forwarding and filtering database may include a forwarding memory 113 and an associated memory 1 14. The forwarding memory (or database) 1 13 stores an address table used for matching with the headers of received packets. The associated memory (or database) stores data associated with each entry in the forwarding memory that is used to identify forwarding
attributes for forwarding the packets through the MLDNE. A number of external ports (not shown) having input and output capability interface the external connections 1 17. In one embodiment, each subsystem supports multiple Gigabit Ethernet ports, Fast Ethernet ports and Ethernet ports. Internal ports (not shown) also having input and output capability in each subsystem couple the internal links 141. Using the internal links, the MLDNE can connect multiple switching elements together to form a multigigabit switch.
The MLDNE 101 further includes a central processing system (CPS) 160 that is coupled to the individual subsystem 1 10 through a communication bus 151 such as the peripheral components interconnect (PCI). The CPS 160 includes a central processing unit (CPU) 161 coupled to a central memory 163. Central memory 163 includes a copy of the entries contained in the individual forwarding memories 1 13 of the various subsystems. The CPS has a direct control and communication interface to each subsystem 110 and provides some centralized communication and control between switch elements.
AN EXEMPLARY SWITCH ELEMENT Figure 2 is a simplified block diagram illustrating an exemplary architecture of the switch element of Figure 1. The switch element 100 depicted includes a central processing unit (CPU) interface 215, a switch fabric block 210, a network interface 205, a cascading interface 225, and a shared memory manager 220.
Ethernet packets may enter or leave the network switch element 100 through any one of the three interfaces 205, 215, or 225. In brief, the network interface 205 operates in accordance with a corresponding Ethernet protocol to receive Ethernet packets from a network (not shown) and to transmit Ethernet packets onto the network via one or more external ports (not shown). An optional cascading interface 225 may include one or more internal links (not shown) for interconnecting switching elements to create larger switches. For example, each switch element 100 may be connected together with other switch elements in a full mesh topology to form a multi-layer switch as described above. Alternatively, a switch may comprise a single switch element 100 with or without the cascading interface 225.
The CPU 161 may transmit commands or packets to the network switch element 100 via the CPU interface 215. In this manner, one or more software processes running on the CPU 161 may manage entries in an external forwarding and filtering database 140, such as adding new entries and invalidating unwanted entries. In alternative embodiments, however, the CPU 161 may be provided with direct access to the forwarding and filtering database 140. In any event, for purposes of packet forwarding, the CPU port of the CPU interface 215 resembles a generic input port into the switch element 100 and may be treated as if it were simply another external network interface port. However, since access to the
CPU port occurs over a bus such as a peripheral components interconnect (PCI) bus, the CPU port does not need any media access control (MAC) functionality.
Returning to the network interface 205, the two main tasks of input packet processing and output packet processing will now briefly be described. Input packet processing may be performed by one or more input ports of the network interface 205. Input packet processing includes the following: ( 1) receiving and verifying incoming Ethernet packets, (2) modifying packet headers when appropriate, (3) requesting buffer pointers from the shared memory manager 220 for storage of incoming packets, (4) requesting forwarding decisions from the switch fabric block 210, (5) transferring the incoming packet data to the shared memory manager 220 for temporary storage in an external shared memory 230, and (5) upon receipt of a forwarding decision, forwarding the buffer pointer(s) to the output port(s) indicated by the forwarding decision. Output packet processing may be performed by one or more output ports of the network interface 205. Output processing includes requesting packet data from the shared memory manager 220, transmitting packets onto the network, and requesting deallocation of buffer(s) after packets have been transmitted.
The network interface 205, the CPU interface 215, and the cascading interface 225 are coupled to the shared memory manager 220 and the switch fabric block 210. Preferably, critical functions such as packet forwarding and packet buffering are centralized as shown in Figure 2. The shared memory manager 220 provides an efficient centralized interface to the external shared memory 230 for buffering of incoming packets. The switch fabric block 210 includes a search engine and learning logic for searching and maintaining the forwarding and filtering database 140 with the assistance of the CPU 161.
The centralized switch fabric block 210 includes a search engine that provides access to the forwarding and filtering database 140 on behalf of the interfaces 205, 215, and 225. Packet header matching, Layer 2 based learning, Layer 2 and Layer 3 packet forwarding, filtering, and aging are exemplary functions that may be performed by the switch fabric block 210. Each input port is coupled with the switch fabric block 210 to receive forwarding decisions for received packets. The forwarding decision indicates the outbound port(s) (e.g., external network port or internal cascading port) upon which the corresponding packet should be transmitted. Additional information may also be included in the forwarding decision to support hardware routing such as a new MAC destination address (DA) for MAC DA replacement. Further, a priority indication may also be included in the forwarding decision to facilitate prioritization of packet traffic through the switch element 100.
In the present embodiment, Ethernet packets are centrally buffered and managed by the shared memory manager 220. The shared memory manager 220 interfaces every input port and output port and performs dynamic memory allocation and deallocation on their behalf, respectively. During input packet processing, one or more buffers are allocated in the external shared memory 230 and an incoming packet is stored by the shared memory manager 220 responsive to commands received from the network interface 205, for example. Subsequently, during output packet processing, the shared memory manager 220 retrieves the packet from the external shared memory 230 and deallocates buffers that are no longer in use. To assure no buffers are released until all output ports have completed transmission of the data stored therein, the shared memory manager 220 preferably also tracks buffer ownership.
INPUT PORT/SWITCH FABRIC INTERFACE Before describing the internal details of the switch fabric 210, the interface between the input ports (e.g., any port on which packets may be received) and the switch fabric 210 will now briefly be discussed. Input ports in each of the CPU interface 215, the network interface 205, and the cascading interface 225 request forwarding decisions for incoming packets from the switch fabric 210. According to one embodiment of the present invention, the following interface is employed:
(1) Fwd_Req[N:0] - Forward Request Signals
These forward request signals are output by the input ports to the switch fabric 210. They have two purposes. First, they serve as an indication to the switch fabric 210 that the corresponding input port has received a valid packet header and is ready to stream the packet header to the switch fabric. A header transfer grant signal (see Hdr_Xfr_Gnt[N:0] below) is expected to be asserted before transfer of the packet header will begin. Second, these signals serve as a request for a forwarding decision after the header transfer grant is detected. The forward request signals are deasserted in the clock period after a forwarding decision acknowledgment is detected from the switch fabric 210 (see Fwd_Ack[N:0] below).
(2) Hdr_Xfr_Gnt[N:0] - Header Transfer Grant Signals
These header transfer grant signals are output by the switch fabric 210 to the input ports. More specifically, these signals are output by the switch fabric's header preprocessing logic that will be described further below. At any rate, the header transfer signal indicates the header preprocessing logic is ready to accept the packet header from the corresponding input port. Upon detecting the assertion of the header transfer grant, the
corresponding input port will begin streaming continuous header fields to the switch fabric 210.
(3) Hdr_ Bus[X: 1][N:0] - The Dedicated Header Bus
The header bus is a dedicated X-bit wide bus from each input port to the switch fabric 210. In one embodiment, X is 16, thereby allowing the packet header to be transferred as double bytes.
(4) Fwd_Ack[N:0] - Forwarding Decision Acknowledgment Signals
These forwarding decision acknowledgment signals are generated by the switch fabric 210 in response to corresponding forwarding request signals from the input ports (see Fwd_Req[N:0] above). These signals are deasserted while the forwarding decision is not ready. When a forwarding decision acknowledgment signal does become asserted, the corresponding input port should assume the forwarding decision bus (see Fwd_Decision[Y:0] below) has a valid forwarding decision. After detecting its forwarding decision acknowledgment, the corresponding input port may make another forwarding request, if needed.
(5) Fwd_Decision[Y:0] - Shared Forwarding Decision Bus
This forwarding decision bus is shared by all input ports. It indicates the output port number(s) on which to forward the packet. The forwarding decision may also include data indicative of the outgoing packet's priority, VID insertion, DA replacement, and other information that may be useful to the input ports.
SWITCH FABRIC OVERVIEW Having described the interface between the input ports and the switch fabric 210, the internal details of the switch fabric 210 will now be described. Referring to Figure 3, a
block diagram of an exemplary switch fabric 210 is depicted. In general, the switch fabric 210 is responsible for directing packets from an input port to an output port. The goal of the switch fabric 210 is to generate forwarding decisions to the input ports in the shortest time possible to keep the delay though the switch low and to achieve wire speed switching on all ports. The primary functions of the switch fabric are performing real-time packet header matching, Layer 2 (L2) based learning, L2 and Layer 3 (L3) aging, forming L2 and L3 search keys for searching and retrieving forwarding information from the forwarding database memory 140 on behalf of the input ports, and providing a command interface for software to efficiently manage entries in the forwarding database memory 140. Layer 2 based learning is the process of constantly updating the MAC address portion of the forwarding database 140 based on the traffic that passes through the switching device. When a packet enters the switching device, an entry is created (or an existing entry is updated) in the database that correlates the MAC source address (SA) of the packet with the input port upon which the packet arrived. In this manner, a switching device "learns" on which subnet a node resides.
Aging is carried out on both link and network layers. It is the process of time stamping entries and removing expired entries from the forwarding database memory 140. There are two types of aging: (1) aging based on MAC SA, and (2) aging based on MAC destination address (DA). The former is for Layer 2 aging and the latter aids in removal of inactive Layer 3 flows. Thus, aging helps reclaim inactive flow space for new flows. At predetermined time intervals, an aging field is set in the forwarding database entries. Entries that are found during MAC SA or MAC DA searching will have their aging fields cleared. Thus, active entries will have an aged bit set to zero, for example. Periodically, software or hardware may remove the inactive (expired) entries from the forwarding
database memory 140; thereby allowing for more efficient database management. Aging also enables connectivity restoration to a node that has "moved and kept silent" since it was learned. Such a node can only be reached through flooding.
Before discussing the exemplary logic for performing search key formation, the process of search key formation will now briefly be described. According to one embodiment of the present invention, packets are broadly categorized in one of two groups, either L2 entries or L3 entries. The L3 entries may be further classified as being part of one of several header classes. Exemplary header classes include: (1) an Address Resolution Protocol (ARP) class indicating the packet header is associated with an ARP packet; (2) a reverse ARP (RARP) class indicating the packet header is associated with a RARP packet; (3) a PIM class indicating the packet header is associated with a PIM packet; (4) a Reservation Protocol (RSVP) class indicating the packet header is associated with an RSVP packet; (5) an Internet Group Management Protocol (IGMP) class indicating the packet header is associated with a IGMP packet; (6) a Transmission Control Protocol (TCP) flow class indicating the packet header is associated with a TCP packet; (7) a non-fragmented User Datagram Protocol (UDP) flow class indicating the packet header is associated with a non-fragmented UDP packet; (8) a fragmented UDP flow class indicating the packet header is associated with a fragmented UDP packet; (9) a hardware routable Internet Protocol (IP) class indicating the packet header is associated with a hardware routable IP packet; and (10) an IP version six (IP V6) class indicating the packet header is associated with an IP V6 packet.
In one embodiment of the present invention, search keys are formed based upon an encoding of the header class and selected information from the incoming packet's header. L2 search keys may be formed based upon the header class, the L2 address and the VID.
L3 search keys may be formed based upon the header class, an input port list, and selectable L3 header fields based upon the header class, for example. Masks may be provided on a per header class basis in local switch element 100 memory to facilitate the header field selection, in one embodiment. In the embodiment depicted in Figure 3, the switch fabric 210 includes a header preprocess arbitor 360, packet header preprocessing logic 305, a search engine 370, learning logic 350, a software command execution block 340, and a forwarding database memory interface 310.
The header preprocess arbitor 360 is coupled to the packet header preprocessing logic 305 and to the input ports of the network interface 205, the cascading interface 225, and the CPU interface 215. The input ports transfer packet headers to the switch fabric 210 and request forwarding decisions in the manner described above, for example.
The switch fabric 210 may support mixed port speeds by giving priority to the faster network links. For example, the header preprocess arbitor 360 may be configured to arbitrate between the forwarding requests in a prioritized round robin fashion giving priority to the faster interfaces by servicing each fast interface (e.g., Gigabit Ethernet port) for each N slower interfaces (e.g., Fast Ethernet ports).
Upon selecting a forward request to service, the header preprocess arbitor 360 transfers the corresponding packet header to the header preprocess logic 305. The header preprocessing logic 305 performs L2 encapsulation filtering and alignment, and L3 header comparison and selection logic.
The search engine 370 is coupled to the forwarding database memory interface 310 for making search requests and to the header preprocessing logic 305 for information for generating search keys. The search engine 370 is also coupled to the learning logic 350 to
trigger the learning processing. The search engine 370 contains logic for scheduling and performing accesses into the forwarding database memory 140 and executes the forward and filter algorithm including performing search key formation, merging L2 and L3 results retrieved from the forwarding database memory 140, filtering, and generating forwarding decisions to the requesting input ports, etc. For purposes of learning, updated forwarding database entry information such as a cleared age bit or a modified output port list, is provided by the learning logic 350 at the appropriate time during the searching cycle for update of the forwarding database memory 140. Finally, as will be discussed further below, when search results become available from the forwarding database memory 140, the search engine 370 generates and transfers a forwarding decision to the requesting input port.
The forwarding database memory interface 310 accepts and arbitrates access requests to the forwarding database memory 140 from the search engine 370 and the software command execution block 340. The software command execution block 340 is coupled to the CPU bus.
Programmable command, status, and internal registers may be provided in the software command execution block 340 for exchanging information with the CPU 161. Importantly, by providing a relatively small command set to the CPU, the switch fabric 210 shields the CPU from the tens or hundreds of low-level instructions that may be required depending upon the forwarding database memory implementation. For example, in an architecture providing the CPU with direct access to a content addressable memory, for example, a great deal of additional software would be required to access the forwarding database memory. This additional software would be unnecessarily redundant, in light of
the fact that the switch fabric 210 already has knowledge of the forwarding database memory 140 interface.
Additional efficiency considerations are also addressed by the present invention with respect to architectures having distributed forwarding databases. For example, in a distributed architecture, it may be desirable to keep an image of the entire forwarding database in software. If this is the case, presumably, periodically the software will need to read all entries from each of the individual forwarding databases. Since the forwarding database(s) may be very large, many inefficient programmed input/outputs (PIOs) may be required by an architecture providing the CPU with direct access to the forwarding database(s).
Thus, it would be advantageous to employ the switch fabric 210 as an intermediary between the CPU 161 and the forwarding database 140 as discussed herein. According to one embodiment of the present invention, the software command execution block 340 may provide a predetermined set of commands to the software for efficient access to and maintenance of the forwarding database memory 140. The predetermined set of commands described below have been defined in such a way so as to reduce overall PIOs. These commands as well as the programmable registers will be discussed in further detail below.
An exemplary set of registers includes the following: (1) a command and status register for receiving commands from the CPU 161 and indicating the status of a pending command; (2) a write new entry register for temporarily storing a new entry to be written to the forwarding database 140; (3) a write key register for storing the key used to locate the appropriate forwarding database entry; (4) a write data register for storing data to be written to the forwarding database 140; (5) an address counter register for storing the
location in the forwarding database memory to read or update; (6) a read entry register for storing the results of a read entry operation; and (7) a read data register for storing the results of other read operations.
In one embodiment of the present invention, an address counter register is used to facilitate access to the forwarding database memory 140. The software only needs to program the address register with the start address of a sequence of reads/writes prior to the initial read/write of the sequence. After the initial memory access, the address register will be automatically incremented for subsequent accesses. Advantageously, in this manner, additional PIOs are saved, because the software is not required to update the address prior to each memory access.
The software command execution block 340 is further coupled to the forwarding database memory interface 310. Commands and data are read from the programmable registers by the software command execution block 340 and appropriate forwarding database memory access requests and events are generated as described in further detail with reference to Figure 9. The software command execution block 340 may also provide status of the commands back to the software via status registers. In this manner, the software command execution block 340 provides hardware assisted CPU access to the forwarding database memory 140.
PACKET HEADER PROCESSING Figure 4 illustrates the portions of a generic packet header that are operated upon by the pipelined header preprocessing subblocks of Figure 5 according to one embodiment of the present invention. According to this embodiment, a packet header 499 is partitioned
into four portions, an L2 header portion 475, an L2 encapsulation portion 480, an L3 address independent portion 485, and an L3 address dependent portion 490.
In this example, the L2 header portion 475 may comprise a MAC SA field and a MAC DA field. Depending upon the type of encapsulation (e.g., IEEE 802.1Q tagged or LLC-SNAP), the L2 encapsulation portion may include a virtual local area network (VLAN) tag or an 802.3 type/length field and an LLC SNAP field. The L3 address independent portion 485 may comprise an IP flags/fragment offset field and a protocol field. Finally, the L3 address dependent portion 490 may comprise an IP source field, an IP destination field, a TCP source port, and a TCP destination port. Note that the relative position of fields in the L3 address independent portion 485 and the L3 address dependent portion 490 may be different depending upon the type of encapsulation in the L2 encapsulation portion 480.
Figure 5 illustrates pipelined header preprocessing subblocks according to one embodiment of the present invention. According to this embodiment, the header preprocessing logic 305 may be implemented as a four stage pipeline. Each stage in the pipeline operates on a corresponding portion of the packet header 499. The pipeline depicted includes four stage arbitors 501-504, an address accumulation block 510, an encapsulation block 520, an L3 header class matching block 530, and an L3 address dependent block 540. In this example, the header preprocessing logic 305 may simultaneously process packet headers from four input ports. For example, the address accumulation block 510 may be processing the L2 header portion 475 of a packet from a first input port, the encapsulation block 520 may be processing the L2 encapsulation portion 480 of a packet from a second input port, the L3 header class matching block 530 may be processing the L3 address independent portion 485 of a third input port, and the L3
address dependent block 540 may be processing the L3 address dependent portion 490 of a packet from a forth input port.
Importantly, while the present embodiment is illustrated with reference to four pipeline stages, it is appreciated that more or less stages may be employed and different groupings of packet header information may be used. The present identification of header portions depicted in Figure 4 has been selected for convenience. The boundaries for these header portions 475-490 are readily identifiable based upon known characteristics of the fields within each of the exemplary header portions 475-490. Further, the header portions 475-490 can be processed in approximately equal times. In any event, continuing with the present example, the arbitors 501-504 coordinate access to the stages of the pipeline. The arbitors 501-504 function so as to cause a given packet to be sequentially processed one stage at a time starting with the address accumulation block 510 and ending with the L3 address dependent block 540. The first stage of the pipeline, the address accumulation block 510, is configured to extract the MAC S A and MAC DA from the L2 header portion 475 of the packet header. The address accumulation block 510 then transfers the extracted information to the search engine for use as part of the L2 search key 545.
The encapsulation block 520 is configured to determine the type of encapsulation of the L2 encapsulation portion 480 of the packet header. As indicated above, the relative positioning of fields following the L2 encapsulation portion varies depending upon the type of encapsulation employed. Therefore, the encapsulation block further calculates an offset from the start of the L2 encapsulation portion 480 to the start of the L3 address independent portion 485. The offset may then be used by the subsequent stages to align the packet header appropriately.
The L3 header class matching block 530 is configured to determine the class of the L3 header by comparing the packet header to a plurality of programmable registers that may contain predetermined values known to facilitate identification of the L3 header class. Each programmable register should be set such that only one header class will match for any given packet. Once a given register has been determined to match, a class code is output to the search engine for use as part of the L3 search key.
The L3 address dependent block 540 is configured to extract appropriate bytes of the L3 address dependent portion 490 for use in the L3 search key 555. This extraction may be performed by employing M CPU programmable byte and bit masks, for example. The programmable byte and bit mask corresponding to the header class, determined by the L3 header class matching block 530, may be used to mask off the desired fields. Advantageously, pipelining the header preprocess logic 305 saves hardware implementation overhead. For example, multiple packet headers may be processed simultaneously in a single processing block rather than four processing blocks that would typically be required to implement the logic of Figure 5 in a non-pipelined fashion. Note that additional parallelism may be achieved by, further pipelining the above header preprocessing with forwarding database memory 140 accesses. For example, there is no need for L2 searching to wait for a packet to complete the pipeline of Figure 5, L2 searches may be initiated as soon as a packet header completes the first stage and an L2 search key becomes available from the search engine 370. Subsequent L2 searches may be initiated as new L2 search keys become available and after the previous forwarding database memory access has completed.
FORWARDING DATABASE MEMORY
Figure 6 illustrates a physical organization of the forwarding database memory of Figure 2 according to one embodiment of the present invention. In the embodiment depicted, the forwarding database memory 140 includes two cascaded fully associative content addressable memories (CAMs), 610 and 620, and a static random access memory (SRAM) 630.
The switch fabric 210, in collaboration with the CPU 161, maintains a combined link layer (also referred to as "Layer 2") and network layer (also referred to as "Layer 3") packet header field-based forwarding and filtering database 140. The forwarding and filtering database 140 is stored primarily in off-chip memory (e.g., one or more CAMs and SRAM) and contains information for making real-time packet forwarding and filtering decisions.
The assignee of the present invention has found it advantageous to physically group Layer 2 (L2) entries and Layer 3 (L3) entries together. Therefore, at times the group of L2 entries may be referred to as the "L2 database" and the group of L3 entries may be logically referred to as the "L3 database." However, it is important to note that the L2 database and L3 database may span CAMs. That is, either CAM may contain L2 and/or L3 entries. Both Layer 2 and Layer 3 forwarding databases are stored in the CAM-RAM chip set. For convenience, the data contained in the CAM portion of the forwarding database memory 140 will be referred to as "associative data," while the data contained in the SRAM portion of the forwarding database memory 140 will be referred to as "associated data." As will be explained further below, entries may be retrieved from the L2 database using a key of a first size and entries may be retrieved from the L3 database using a key of a second size. Therefore, in one embodiment, the switching element 100 may mix CAMs of different widths. Regardless of the composition of the forwarding database memory
140, the logical view to the switch fabric 210 and the CPU 161 should be a contiguous memory that accepts bit match operations of at least two different sizes, where all or part of the memory is as wide as the largest bit match operation.
Different combinations of CAMs are contemplated. CAMs of different widths, and different internal structures (e.g., mask per bit (MPB) vs. global mask) may be employed. In some embodiments, both CAMs 610 and 620 may be the same width, while in other embodiments the CAMs 610 and 620 may have different widths. For example, in one embodiment, both CAMs 610 and 620 may be 128-bits wide and 2K deep or the first CAM 610 may be 128-bits wide and the second CAM 620 may be 64-bits wide. Since L2 entries are typically narrower than L3 entries, in the mixed CAM width embodiments, it may be advantageous to optimize the narrower CAM width for L2 entries. In this case, however, only L2 entries can be stored in the narrower CAM. However, both L2 and L3 entries may still reside in the wider CAM.
While the present embodiment has been described with reference to cascaded dual CAMs 610 and 620, because the logical view is one contiguous block, it is appreciated that the L2 and L3 databases may use more or less CAMs than depicted above. For example, the L2 and L3 databases may be combined in a single memory in alternative embodiments.
Having described an exemplary physical organization of the forwarding database memory 140, the data contained therein will now briefly be described. One or more lines of the SRAM 630 may be associated with each entry in the CAM portion. It should be noted that a portion of the CAM could have been used as RAM. However, one of the goals of partitioning the associative data and the associated data is to produce a minimum set of associative data for effective searching while storing the rest of the associated data in a separate memory, a cheaper RAM, for example. As will be discussed below, with respect
to Figures 8A-C, separating the associative data and the associated data allows the forwarding database memory 140 to be more efficiently searched and updated. Additional advantages are achieved with an efficient partitioning between associative data and associated data. For example, by minimizing the amount of data in the associative data fields, less time and resources are required for access and maintenance of the forwarding database such as the occasional shuffling of L3 entries that may be performed by the CPU 161. Additionally, the efficient partitioning reduces the amount of time required for the occasional snap shots that may be taken of the entire forwarding database for maintenance of the aggregate copy of forwarding databases in the central memory 163. Generally, the associative data is the data with which the search key is matched.
Packet address information is typically useful for this purpose. In one embodiment, the associative data may contain one or more of the following fields depending upon the type of entry (e.g., L2 or L3):
(1) a class field indicating the type of associative entry; (2) a media access control (MAC) address which can be matched to an incoming packet's MAC DA or SA field;
(3) a virtual local area network (VLAN) identifier (VID) field
(4) an Internet Protocol (IP) destination address;
(5) an IP source address; (6) a destination port number for TCP or non-fragmented UDP flows;
(7) a source port number for TCP or non-fragmented UDP flows; and
(8) an input port list for supporting efficient multicast routing.
The associative data may also contain variable bits of the above by employing a mask per bit (MPB) CAM as described above.
The associated data generally contains information such as an indication of the output port(s) to which the packet may be forwarded, control bits, information to keep track of the activeness of the source and destination nodes, etc. Also, the associated data includes the MAC address for MAC DA replacement and the VID for tagging. Specifically, the associated data may contain one or more of the following fields:
(1) a port mask indicating the set of one or more ports the packet may be forwarded to;
(2) a priority field for priority tagging and priority queuing.
(3) a best effort mask indicating which ports should queue the packet as best effort; (4) a header only field indicating that only the packet header should be transferred to the CPU;
(5) a multicast route field for activating multicast routing;
(6) a next hop destination address field defining the next hop L2 DA to be used to replace the original DA; (7) a new VID field that may be used as a new tag for the packet when routing between VLANs requires an outgoing tag different than the incoming tag, for example;
(8) a new tag field indicating that the new VED field should be used;
(9) an aged source indication for determining which L2 entries are active in the forwarding database, and which may be removed; (10) an aged destination indication for implementing IEEE 802. Id type address aging to determine which L2 or L3 entries are active in the forwarding database, and which may be removed.
(11) an L2 override indication for instructing the merge function to use the L2 result for forwarding even when an L3 result is available;
(12) a static indication for identifying static entries in the forwarding database that are not subject to automatic L2 learning or aging;
( 13) a distributed flow indication for use over internal (cascading) links to control the type of matching cycle (L2 or L3) used on the next switching element; and ( 14) a flow rate count for estimating the arrival rate of an entry or group of entries.
FORWARDING DATABASE SEARCH SUPERCYCLE DECISION FLOW Figure 7 is a flow diagram illustrating the forwarding database memory search supercycle decision logic according to one embodiment of the present invention. At step 702, depending upon whether the packet is being received on an internal link or an external link, processing continues with step 704 or step 706, respectively.
Internal link specific processing includes steps 704, 712, 714, 720, 722, and 724. At step 704, since the packet has been received from an internal link, a check is performed to determine if the packet is part of a distributed flow. If so, processing continues with step 714. If the packet is not part of a distributed flow, then processing continues with step 712.
No learning is performed for the internal links, therefore, at step 712, only a DA search is performed on the forwarding database memory 140
At step 714, an L3 search is performed to retrieve a forwarding decision for the incoming packet. At step 720, a determination is made as to whether a matching L3 entry was found during the search of step 714. If not, then, at step 722, the class action defaults are applied (e.g., forwarding the packet or the packet header to the CPU 161) and processing continues at step 780. If a matching L3 was found, then, at step 724, the
associated data corresponding to the matching entry is read from the forwarding database 140 and processing continues at step 780.
At step 708, Layer 2 learning is performed. After the learning cycle the header class is determined and, at step 716, the header class is compared against the L3 unicast route header class. If there is a match at step 716, processing continues with step 726; otherwise, another test is performed at step 718. At step 718, the header class is compared to the remaining L3 header classes.
Specific processing for packets associated with headers classified as L2 includes steps 728 and 738. If the header class was determined not to be an L3 header class, then at step 728, a DA search is performed for an L2 forwarding decision. At step 738, the L2 decision algorithm is applied and processing continues at step 780.
Specific processing for packets associated with headers classified as L3 route includes steps 726, 732, 734, 736, 748, 750, 754, 756, 752, 758, and 760. At step 726, an L3 search is performed on the forwarding database 140. If a matching L3 entry is found (step 732), then the associated data corresponding to the matching entry is read from the forwarding database 140 (step 736). Otherwise, at step 734, the class action options are applied and processing continues with step 780.
If the packet is a multicast packet (step 748), then the Time_To_Live (TTL) counter is tested against zero or one (step 750), otherwise processing continues at step 752. If TTL was determined to be zero or one, in step 750, then the packet is forwarded to the CPU 161 prior to continuing with step 780. Otherwise, at step 754, a destination address search is performed to retrieve an L2 forwarding entry from the forwarding database 140 and the L2 decision algorithm is applied (step 756).
If the packet was determined to be a unicast packet in step 748, then TTL is tested against zero or one (step 752). If TTL was determined to be zero or one, then the packet is forwarded to the CPU 161. Otherwise the L3 match is employed at step 760 and processing continues with step 780. Specific processing for packets associated with headers classified as L3 includes steps 730, 740, 742, 762, 764, 766, 744, 746, 768, and 770. At step 730, an L3 search is requested from the forwarding database 140. If a matching L3 entry is found (step 740), then the associated data corresponding to the matching entry is read from the forwarding database 140 (step 744). Otherwise, when no matching L3 entry is found, at step 742 a DA search is performed to find a matching L2 entry in the forwarding database 140.
If the forwarding decision indicates the L2 decision should be used (step 762), then the L2 decision algorithm is applied at step 770. Otherwise, the class action options are applied (step 764). If the class action options indicate the packet is to be forwarded using the L2 results (step 766), then processing continues at step 770. Otherwise, the processing branches to step 780.
At step 746, a destination address search is performed on the forwarding database 140 using the packet's destination address. If the forwarding decision indicates the L2 decision should be used (step 768), then processing continues with step 770. Otherwise, the associated data retrieved at step 744 will be employed and processing continues with step 780. At step 770, the L2 decision algorithm is applied and processing continues with step 780. Finally, the forwarding decision is assembled (step 780).
As illustrated by Figure 7, packet processing for packets arriving on external links typically requires two to four associative lookups (i.e., two or more of the following: L2 SA match, L2 learning, Unicast route class match, L2 DA match). However, according to
an embodiment of the present invention, the L2 DA match may be eliminated whenever a port update access is needed for L2 learning. Thus, conserving valuable cycles. While the elimination of the L2 DA match may result in flooding one extra packet when a topology change occurs, the port update access is a relatively rare event. Advantageously, in this manner, the number of associative lookups is normally limited to a maximum of three per packet, without compromising functionality.
FORWARDING DATABASE SEARCH SUPERCYCLE TIMING The search supercycle timing will now be described in view of the novel partitioning of forwarding information within the forwarding database 140 and the pipelined forwarding database access.
Figures 8A-C are timing diagrams illustrating the three worst case content addressable memory search supercycles. Advantageously, the partitioning of data among the CAM-RAM architecture described with respect to Figure 4 allows forwarding database memory accesses to be pipelined. As should be appreciated with reference to Figures 8 A- C, the switch fabric saves valuable cycles by hiding RAM reads and writes within CAM accesses. For example, RAM reads and writes can be at least partially hidden within the slower CAM accesses for each of the supercycles depicted.
Referring now to Figure 8A, a search supercycle including an L2 SA search and an L2 DA search is depicted. The first CAM short search represents the L2 S A search of the CAMs 410 and 420 for purposes of L2 learning. As soon as the L2 SA search has completed, the associated data in the SRAM 630 may immediately be updated (e.g., RAM read and RAM write) while the next CAM short search (L2 DA search) is taking place.
Figure 8B illustrates a case in which L2 and L3 searches are combined. The first CAM short search represents an L2 SA search. The CAM long search represents a search of the forwarding database 140 for a matching L3 entry. Again, upon completion of the L2 S A search if learning is required, the SRAM read and write may be performed during the following CAM access. If a matching L3 entry is found, then the RAM burst read of the associated data corresponding to the matching entry can be performed during the second CAM short search which represents an L2 DA search.
Figure 8C illustrates another case in which L2 and L3 searches are combined. However, in this case, the second CAM access is not performed. It should be appreciated that the pipelining of the CAM and SRAM effectively decouples the speed of the memories. Further, the partitioning between the CAM(s) and the SRAM should now be appreciated. Because CAM accesses are slower than the accesses to the SRAM, it is desirable to allocate as much of the forwarding information as possible to the SRAM. Observing the gaps between the completion of the RAM writes and the completion of the second CAM access, it is apparent that increasing the speed of the CAM(s) can reduce these gaps. The assignee of the present invention anticipates future technological developments to allow faster CAMs to be developed, thereby creating additional resources for additional or faster ports, for example. While only the pipelined forwarding database access is illustrated in Figures 8A-C, it is important to note there are many other contributions to the overall speed of the switch fabric 210 of the present invention. For example, as described above, the highly pipelined switch fabric logic includes: pipelined header processing, pipelined forwarding database access, and pipelined forwarding database/header processing.
GENERALIZED COMMAND PROCESSING Having described an exemplary environment in which one embodiment of the present invention may be implemented, the general command processing will now be described. Figure 9 is a flow diagram illustrating generalized command processing for typical forwarding database memory access commands according to one embodiment of the present invention. At step 910, the CPU programs appropriate data registers in the software command execution block 340 using PIOs. For example, certain forwarding database access commands are operable upon a specified address that should be supplied by the CPU 161 prior to issuing the command.
At step 920, after the CPU 161 has supplied the appropriate parameters for the command, the CPU issues the desired command. This may be accomplished by writing a command code corresponding to the desired command to a command register.
According to the present embodiment, the CPU 161 polls a status register until the command issued in step 920 is complete (step 930). Alternatively, since the commands have a predetermined maximum response time, the CPU 161 need not poll the status register, rather the CPU 161 is free to perform other functions and may check the status register at a time when the command is expected to be complete. Another alternative is to provide an interrupt mechanism for the switch fabric to notify the CPU 161 when the requested command is complete.
At step 940, after the command is complete, the CPU may act on the result(s). The results may be provided in memory mapped registers in the software command execution block 340, for example. In this case, the CPU 161 may retrieve the result(s) with a PIO read if necessary.
At step 950, the issuance of the command by the CPU 161 triggers logic in the software command execution block 340, for example, to load the appropriate command parameters. These command parameters are assumed to have been previously provided by the CPU 161 at step 910. At step 960, the software command execution block 340 issues the appropriate forwarding database memory specific command(s) to perform the requested task. In this manner, the CPU 161 requires no knowledge of the underlying raw instruction set for the particular memory or memories used to implement the forwarding database 140.
At step 970, upon completion of the forwarding database 140 access, the software command execution block 340 updates the result(s) in appropriate interface registers.
Then, at step 980, the software command execution block 340 sets one or more command status flag(s) to indicate to the CPU 161 that the command is complete. In other embodiments, one or more additional status flags may be provided to indicate whether or not the command completed successfully, whether or not an error occurred, and/or other information that may be useful to the CPU 161.
Having described the general command processing flow, an exemplary set of commands and their usage will now be described.
EXEMPLARY COMMAND SET According to the present embodiment, one or more commands may be provided for accessing entries in the forwarding database 140. In particular, it may be useful to read a newly learned Layer 2 (L2) entry. To retrieve an L2 entry, the CPU 161 first programs counters in the switch fabric 210 for addressing the forwarding database memory 140. Subsequently, the CPU 161 writes the Read_CAM_Entry command to a command register
in the switch fabric 210. When it is the CPU's turn to be serviced by the switch fabric, the switch fabric will read the counters and perform access the forwarding database memory 140 to retrieve the newly learned L2 entry. The switch fabric 210, then writes the L2 entry to an output register that is accessible by the CPU 161 and sets the command status done flag. After the command is complete, and assuming the command was successful, the CPU 161 may read the L2 entry from the output register.
The Read_CAM_Entry command in combination with the address counter register are especially useful for burst reads in connection with updating the software's image of the entire forwarding database, for example. Because the hardware will automatically increment the address counter register at the completion of each memory access. The software only needs to program the address register prior to the first memory access. In this manner, the software may read the entire forwarding database 140 very efficiently. Similarly, it will be apparent that other forwarding memory accesses are also simplified such as sequences of writes during L3 entry initialization. The mechanism for writing entries to the forwarding database memory 140 will now be described.
It is also convenient for the CPU 161 to be able to write an entry to the forwarding database memory. In particular, it may be useful to initialize all L3 entries in the forwarding database with a predetermined filler (or dummy) value. This command may also be useful for invalidation of L3 entries or before performing a mask update in a mask per bit (MPB) content associative memory (CAM), for example. A Write_CAM_Entry command is provided for this purpose. Again, the CPU 161 should first program the appropriate counters in the switch fabric 210. The CPU 161 also provides the L3 key to be written to the forwarding database memory 140. After these steps, the CPU 161 may issue the Write_CAM_Entry command using a PIO write to the command register. The CPU
161 may then begin polling the command status. The switch fabric 210 reads the parameters provided by the CPU 161 and initializes the corresponding L3 entry to a predetermined filler (or dummy). After the write is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. Commands may also be provided for accessing associated data. According to one embodiment of the present invention the following operations are provided: (1) learning a supplied address; (2) reading associated data corresponding to a supplied search key; (3) aging forwarding database entries; (4) invalidating entries; (5) accessing mask data, such as mask data that may be stored in a MPB CAM, corresponding to a particular search key; and (6) replacing forwarding database entries.
L2 source address learning may be performed by a Learn_L2_SA command. First, the CPU 161 programs the appropriate registers in the switch fabric 210 with an L2 search key and a new entry to insert or a modified entry. Then, CPU 161 issues the Learn_L2_SA command and begins polling the command status. The switch fabric 210 reads the data provided by the CPU 161. If an entry is not found in the forwarding database 140 that matches the supplied address, then the new entry will be inserted into the forwarding database. After the insertion is complete or upon verifying a matching entry already exists, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. It is also convenient for the CPU 161 to be able to perform aging. In particular, it is useful to age L2 and L3 forwarding database entries. Age_SA and Age_DA commands are provided for this purpose. The CPU 161 writes the appropriate key and the modified age field to the switch fabric interface. Then, CPU 161 issues either the Age_SA command or the Age_DA command. The Age_SA command sets the source address age field in the
L2 entry corresponding to the provided search key. The Age_DA command sets the destination address age field for the L2 or L3 entry corresponding to the provided search key. After issuing the command, the CPU 161 may begin polling the command status. The switch fabric 210 reads the data provided by the CPU 161 and updates the appropriate age field in the matching entry. After aging is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag.
The CPU 161 may also need to have the ability to invalidate forwarding database entries such as aged L2 entries, for example. The Invalidate_L2_Entry command is provided for this purpose. Prior to issuing the Invalidate_L2_Entry command, the CPU 161 programs the appropriate address counters in the switch fabric 210. After issuing the command, the CPU 161 may begin polling the command status. The switch fabric 210 reads the data provided by the CPU 161 and resets the validity bit at the address counter location specified. After the entry invalidation is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. In embodiments employing MPB CAMs, typically the CAM stores alternating sets of data and masks. Each set of data has a corresponding mask. The masks allow programmable selection of portions of data from the corresponding CAM line. Thus, it is convenient for the CPU 161 to be able to access the mask data corresponding to a particular address in the CAM. In particular, it is useful to update the mask data to select different portions of particular CAM lines. The Update_Mask command is provided for this purpose. The CPU 161 programs the address counter register and programs the new mask into the appropriate register. Then, CPU 161 issues the Update_Mask command and may begin polling the command status. The switch fabric 210 reads the parameters provided by the CPU 161 and updates the mask data corresponding to the specified address. After the
mask data update is complete, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. The CPU 161 may also read mask data in a similar fashion by employing a Read_Mask command and providing the appropriate address. Finally, it is desirable to be able to replace entries. Particularly, it is useful to replace filler (or dummy) L3 entries with new valid L3 entries. The Replace_L3 command is provided for this purpose. The CPU 161 provides an L3 search key to the switch fabric 210 and provides the new valid L3 entry. Then, the CPU 161 issues the Replace_L3 command and may begin polling the command status. The switch fabric 210 reads the parameters provided by the CPU 161 and performs a search of the forwarding database 140 for the matching L3 entry. After locating the matching L3 entry, the associated data corresponding to the matching entry is replaced with the new valid L3 entry provided by the CPU 161. After the L3 entry has been replaced, the switch fabric 210 notifies the CPU 161 of the status of the command by setting the command status done flag. Importantly, while embodiments of the present invention have been described with respect to specific commands and detailed steps for executing particular commands, those of ordinary skill in the art will appreciate that the present invention is not limited to any particular set of commands or sequence of execution.
In the foregoing specification, the invention has been described with reference to specific embodiments thereof. It will, however, be evident that various modifications and changes may be made thereto without departing from the broader spirit and scope of the invention. For example, embodiments of the present invention have been described with reference to specific network protocols such as IP. However, the method and apparatus
described herein are equally applicable to other types of network protocols. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.
Claims
1 . A switch fabric comprising: a memory access interface configured to arbitrate accesses to a forwarding database memory; a search engine coupled to the memory access interface and to a plurality of input ports, the search engine configured to schedule and perform accesses to the forwarding database memory and to transfer forwarding decisions retrieved therefrom to the plurality of input ports; and command execution logic configured to interface with a processor for performing forwarding database access on behalf of the processor.
2. The switch fabric of claim 1 , wherein the command execution logic further includes logic responsive to a predetermined set of commands
3. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for reading a search key from the forwarding database memory.
4. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for writing a search key to the forwarding database memory.
5. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for reading data from the forwarding database memory corresponding to a supplied search key.
6. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for performing learning of a supplied address, wherein if no entry is found in the forwarding memory database that matches the supplied address, then a new entry will be inserted.
7. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for aging a first type of forwarding database memory entry.
8. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for aging a second type of forwarding database entry.
9. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for invalidating an active entry.
10. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for updating mask data corresponding to a particular search key.
1 1. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for reading the mask data corresponding to a particular search key.
12. The switch fabric of claim 2, wherein the predetermined set of commands includes a command for replacing an entry.
13. A network device comprising: a bus interface for communicating data to and from a processor; and
a switch fabric coupled to the bus interface and configured to provide hardware- assisted processor access to a forwarding database memory, the switch fabric including a memory access interface configured to arbitrate accesses to the forwarding database memory, a search engine coupled to the memory access interface and to a plurality of input ports, the search engine configured to schedule and perform accesses to the forwarding database memory and to transfer forwarding decisions retrieved therefrom to the plurality of input ports, and command execution logic configured to provide a set of predetermined commands for forwarding database memory accesses on behalf of a processor, the command execution logic including interface memory for storing a predetermined set of commands, data received from the processor, access results, and access status.
14. The network device of claim 13 , wherein the predetermined set of commands includes a command for writing a search key to the forwarding database memory.
15. The network device of claim 13, wherein the predetermined set of commands includes a command for reading data from the forwarding database memory corresponding to a supplied search key.
16. The network device of claim 13 , wherein the predetermined set of commands includes a command for performing learning of a supplied address, wherein if no entry is found in the forwarding memory database that matches the supplied address, then a new entry will be inserted.
17. The network device of claim 13 , wherein the predetermined set of commands includes a command for aging a first type of forwarding database memory entry.
18. The network device of claim 13, wherein the predetermined set of commands includes a command for aging a second type of forwarding database entry.
19. The network device of claim 13 , wherein the predetermined set of commands includes a command for invalidating an active entry.
20. The network device of claim 13, wherein the predetermined set of commands includes a command for updating mask data corresponding to a particular search key.
21. The network device of claim 13, wherein the predetermined set of commands includes a command for reading the mask data corresponding to a particular search key.
22. The network device of claim 13, wherein the predetermined set of commands includes a command for replacing an entry.
23. A method of providing central processing unit (CPU) access to a forwarding database memory of a network device, the method comprising the steps of: providing a plurality of commands for accessing the forwarding database memory; providing a status indication for indicating the status of a pending command of the plurality of commands; receiving a database access request from a central processing unit (CPU), the database access request having stored therein one of the plurality of commands; performing an access to the forwarding database memory in response to the database access request; and setting the status indication to notify the CPU that the database access request has been completed.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP50571899A JP4260899B2 (en) | 1997-06-30 | 1998-06-24 | Central processor hardware-assisted access to the relay database |
EP98935487A EP1010104B1 (en) | 1997-06-30 | 1998-06-24 | Hardware-assisted central processing unit access to a forwarding database |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/885,047 | 1997-06-30 | ||
US08/885,047 US5909686A (en) | 1997-06-30 | 1997-06-30 | Hardware-assisted central processing unit access to a forwarding database |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999000750A1 true WO1999000750A1 (en) | 1999-01-07 |
Family
ID=25386006
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1998/013206 WO1999000750A1 (en) | 1997-06-30 | 1998-06-24 | Hardware-assisted central processing unit access to a forwarding database |
Country Status (4)
Country | Link |
---|---|
US (1) | US5909686A (en) |
EP (1) | EP1010104B1 (en) |
JP (1) | JP4260899B2 (en) |
WO (1) | WO1999000750A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001067686A1 (en) * | 2000-03-06 | 2001-09-13 | Advanced Micro Devices, Inc. | Selective address table aging in a network switch |
US7457292B2 (en) | 2003-01-29 | 2008-11-25 | Fujitsu Limited | Packet identification device and packet identification method |
Families Citing this family (264)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6791947B2 (en) | 1996-12-16 | 2004-09-14 | Juniper Networks | In-line packet processing |
US5978379A (en) | 1997-01-23 | 1999-11-02 | Gadzoox Networks, Inc. | Fiber channel learning bridge, learning half bridge, and protocol |
US6154462A (en) | 1997-08-21 | 2000-11-28 | Adc Telecommunications, Inc. | Circuits and methods for a ring network |
US6331985B1 (en) * | 1997-08-21 | 2001-12-18 | Adc Telecommunications, Inc. | Telecommunication network with variable address learning, switching and routing |
US6212183B1 (en) | 1997-08-22 | 2001-04-03 | Cisco Technology, Inc. | Multiple parallel packet routing lookup |
US6512766B2 (en) * | 1997-08-22 | 2003-01-28 | Cisco Systems, Inc. | Enhanced internet packet routing lookup |
US6157641A (en) | 1997-08-22 | 2000-12-05 | Cisco Technology, Inc. | Multiprotocol packet recognition and switching |
US6122670A (en) | 1997-10-30 | 2000-09-19 | Tsi Telsys, Inc. | Apparatus and method for constructing data for transmission within a reliable communication protocol by performing portions of the protocol suite concurrently |
US6049824A (en) * | 1997-11-21 | 2000-04-11 | Adc Telecommunications, Inc. | System and method for modifying an information signal in a telecommunications system |
US6161144A (en) | 1998-01-23 | 2000-12-12 | Alcatel Internetworking (Pe), Inc. | Network switching device with concurrent key lookups |
US6549519B1 (en) * | 1998-01-23 | 2003-04-15 | Alcatel Internetworking (Pe), Inc. | Network switching device with pipelined search engines |
US6185552B1 (en) * | 1998-03-19 | 2001-02-06 | 3Com Corporation | Method and apparatus using a binary search engine for searching and maintaining a distributed data structure |
US6169994B1 (en) * | 1998-04-02 | 2001-01-02 | Lucent Technologies, Inc. | Method for creating and modifying similar and dissimilar databases for use in hardware equipment configurations for telecommunication systems |
US6347073B1 (en) * | 1998-04-29 | 2002-02-12 | 3Com Corporation | Method and system for controlling data transfer between a logical switch set and outside nodes |
US6876653B2 (en) * | 1998-07-08 | 2005-04-05 | Broadcom Corporation | Fast flexible filter processor based architecture for a network device |
US6430188B1 (en) * | 1998-07-08 | 2002-08-06 | Broadcom Corporation | Unified table for L2, L3, L4, switching and filtering |
WO2000003516A1 (en) | 1998-07-08 | 2000-01-20 | Broadcom Corporation | Network switching architecture with multiple table synchronization, and forwarding of both ip and ipx packets |
US6424659B2 (en) * | 1998-07-17 | 2002-07-23 | Network Equipment Technologies, Inc. | Multi-layer switching apparatus and method |
US6539546B1 (en) | 1998-08-21 | 2003-03-25 | Adc Telecommunications, Inc. | Transport of digitized signals over a ring network |
US6389030B1 (en) | 1998-08-21 | 2002-05-14 | Adc Telecommunications, Inc. | Internet access over a ring network |
US6570880B1 (en) | 1998-08-21 | 2003-05-27 | Adc Telecommunications, Inc. | Control data over a ring network |
ATE350838T1 (en) * | 1998-10-05 | 2007-01-15 | Cit Alcatel | NETWORK SWITCHING DEVICE WITH DISTRIBUTION DATABASES DISTRIBUTED ON A USAGE BASIS |
US6678269B1 (en) | 1998-10-05 | 2004-01-13 | Alcatel | Network switching device with disparate database formats |
US6920146B1 (en) | 1998-10-05 | 2005-07-19 | Packet Engines Incorporated | Switching device with multistage queuing scheme |
US7430171B2 (en) | 1998-11-19 | 2008-09-30 | Broadcom Corporation | Fibre channel arbitrated loop bufferless switch circuitry to increase bandwidth without significant increase in cost |
US6272540B1 (en) * | 1998-12-31 | 2001-08-07 | Intel Corporation | Arrangement and method for providing flexible management of a network |
DE60024228T2 (en) * | 1999-01-08 | 2006-08-10 | Nortel Networks Ltd., St. Laurent | DYNAMIC ASSIGNMENT TRAFFIC CLASSES ON A PRIORITY MAINTENANCE JUMP IN A PACKAGE TRANSPORT DEVICE |
US7382736B2 (en) * | 1999-01-12 | 2008-06-03 | Mcdata Corporation | Method for scoring queued frames for selective transmission through a switch |
US6233236B1 (en) * | 1999-01-12 | 2001-05-15 | Mcdata Corporation | Method and apparatus for measuring traffic within a switch |
WO2000044139A1 (en) * | 1999-01-21 | 2000-07-27 | Nbase Communications Ltd. | Booster for rapid network acceleration |
US6850531B1 (en) | 1999-02-23 | 2005-02-01 | Alcatel | Multi-service network switch |
US7120117B1 (en) | 2000-08-29 | 2006-10-10 | Broadcom Corporation | Starvation free flow control in a shared memory switching device |
US7145869B1 (en) | 1999-03-17 | 2006-12-05 | Broadcom Corporation | Method for avoiding out-of-ordering of frames in a network switch |
US6996099B1 (en) * | 1999-03-17 | 2006-02-07 | Broadcom Corporation | Network switch having a programmable counter |
AU3529500A (en) * | 1999-03-17 | 2000-10-04 | Broadcom Corporation | Network switch |
US7643481B2 (en) * | 1999-03-17 | 2010-01-05 | Broadcom Corporation | Network switch having a programmable counter |
US7366171B2 (en) * | 1999-03-17 | 2008-04-29 | Broadcom Corporation | Network switch |
US7461334B1 (en) * | 1999-03-19 | 2008-12-02 | Network Solutions, Llc | Apparatus and method for web forwarding |
US6728803B1 (en) * | 1999-03-30 | 2004-04-27 | Mcdata Corporation | Interconnection architecture for managing multiple low bandwidth connections over a high bandwidth link |
US6701432B1 (en) * | 1999-04-01 | 2004-03-02 | Netscreen Technologies, Inc. | Firewall including local bus |
US7031302B1 (en) | 1999-05-21 | 2006-04-18 | Broadcom Corporation | High-speed stats gathering in a network switch |
AU5586400A (en) * | 1999-05-21 | 2000-12-12 | Broadcom Corporation | Stacked network switch configuration |
US6507564B1 (en) * | 1999-05-21 | 2003-01-14 | Advanced Micro Devices, Inc. | Method and apparatus for testing aging function in a network switch |
US6879588B1 (en) | 1999-05-21 | 2005-04-12 | Broadcom Corporation | Address resolution snoop support for CPU |
US6842457B1 (en) | 1999-05-21 | 2005-01-11 | Broadcom Corporation | Flexible DMA descriptor support |
US6859454B1 (en) | 1999-06-30 | 2005-02-22 | Broadcom Corporation | Network switch with high-speed serializing/deserializing hazard-free double data rate switching |
US7315552B2 (en) * | 1999-06-30 | 2008-01-01 | Broadcom Corporation | Frame forwarding in a switch fabric |
US7295552B1 (en) * | 1999-06-30 | 2007-11-13 | Broadcom Corporation | Cluster switching architecture |
US6983350B1 (en) | 1999-08-31 | 2006-01-03 | Intel Corporation | SDRAM controller for parallel processor architecture |
US7082133B1 (en) | 1999-09-03 | 2006-07-25 | Broadcom Corporation | Apparatus and method for enabling voice over IP support for a network switch |
IL148259A0 (en) * | 1999-09-08 | 2002-09-12 | Mellanox Technologies Ltd | Remote event handling in a packet network |
US6606317B1 (en) * | 1999-09-09 | 2003-08-12 | Harris Corporation | Dual key controlled content addressable memory for accessing packet switch data buffer for multicasting data packets |
WO2001020501A1 (en) * | 1999-09-13 | 2001-03-22 | Vitesse Semiconductor Corporation | Search algorithm methods and apparatus |
US6952703B1 (en) | 1999-10-12 | 2005-10-04 | Cisco Technology, Inc. | Subsystem application notification method in a centralized router database |
US6704752B1 (en) | 1999-10-12 | 2004-03-09 | Cisco Technology, Inc. | Method and system for executing, tracking and restoring temporary router configuration change using a centralized database |
US6728723B1 (en) * | 1999-10-12 | 2004-04-27 | Cisco Technology, Inc. | Method and system for verifying configuration transactions managed by a centralized database |
US7143294B1 (en) * | 1999-10-29 | 2006-11-28 | Broadcom Corporation | Apparatus and method for secure field upgradability with unpredictable ciphertext |
US7131001B1 (en) | 1999-10-29 | 2006-10-31 | Broadcom Corporation | Apparatus and method for secure filed upgradability with hard wired public key |
US6570884B1 (en) * | 1999-11-05 | 2003-05-27 | 3Com Corporation | Receive filtering for communication interface |
AU1580301A (en) * | 1999-11-16 | 2001-05-30 | Broadcom Corporation | Network switch with high-speed serializing/deserializing hazard-free double datarate switching |
US7539134B1 (en) * | 1999-11-16 | 2009-05-26 | Broadcom Corporation | High speed flow control methodology |
AU1754801A (en) | 1999-11-18 | 2001-05-30 | Broadcom Corporation | Table lookup mechanism for address resolution in a packet network switch |
US6798788B1 (en) * | 1999-11-24 | 2004-09-28 | Advanced Micro Devices, Inc. | Arrangement determining policies for layer 3 frame fragments in a network switch |
WO2001043354A2 (en) * | 1999-12-07 | 2001-06-14 | Broadcom Corporation | Mirroring in a stacked network switch configuration |
US6532509B1 (en) | 1999-12-22 | 2003-03-11 | Intel Corporation | Arbitrating command requests in a parallel multi-threaded processing system |
US6694380B1 (en) | 1999-12-27 | 2004-02-17 | Intel Corporation | Mapping requests from a processing unit that uses memory-mapped input-output space |
US6661794B1 (en) | 1999-12-29 | 2003-12-09 | Intel Corporation | Method and apparatus for gigabit packet assignment for multithreaded packet processing |
US6952824B1 (en) * | 1999-12-30 | 2005-10-04 | Intel Corporation | Multi-threaded sequenced receive for fast network port stream of packets |
US7480706B1 (en) * | 1999-12-30 | 2009-01-20 | Intel Corporation | Multi-threaded round-robin receive for fast network port |
US7162537B1 (en) * | 2000-01-06 | 2007-01-09 | Cisco Technology, Inc. | Method and system for externally managing router configuration data in conjunction with a centralized database |
US6731644B1 (en) | 2000-02-14 | 2004-05-04 | Cisco Technology, Inc. | Flexible DMA engine for packet header modification |
US6778546B1 (en) | 2000-02-14 | 2004-08-17 | Cisco Technology, Inc. | High-speed hardware implementation of MDRR algorithm over a large number of queues |
US6977930B1 (en) | 2000-02-14 | 2005-12-20 | Cisco Technology, Inc. | Pipelined packet switching and queuing architecture |
US6721316B1 (en) | 2000-02-14 | 2004-04-13 | Cisco Technology, Inc. | Flexible engine and data structure for packet header processing |
US6813243B1 (en) | 2000-02-14 | 2004-11-02 | Cisco Technology, Inc. | High-speed hardware implementation of red congestion control algorithm |
US7009973B2 (en) * | 2000-02-28 | 2006-03-07 | Broadcom Corporation | Switch using a segmented ring |
US6678678B2 (en) * | 2000-03-09 | 2004-01-13 | Braodcom Corporation | Method and apparatus for high speed table search |
US6640220B1 (en) * | 2000-03-14 | 2003-10-28 | Aeroflex Utmc Microelectronic Systems, Inc. | Search coprocessor subsystem having multiple search engines and dedicated key-table memory for connection to a computer system |
US6772222B1 (en) * | 2000-04-07 | 2004-08-03 | International Business Machines Corporation | Multicast forwarding table processor |
US6907469B1 (en) * | 2000-04-11 | 2005-06-14 | International Business Machines Corporation | Method for bridging and routing data frames via a network switch comprising a special guided tree handler processor |
US7103053B2 (en) * | 2000-05-03 | 2006-09-05 | Broadcom Corporation | Gigabit switch on chip architecture |
US6826561B2 (en) | 2000-05-22 | 2004-11-30 | Broadcom Corporation | Method and apparatus for performing a binary search on an expanded tree |
EP1162797B1 (en) * | 2000-06-09 | 2010-12-08 | Broadcom Corporation | Flexible header protocol for network switch |
US6914905B1 (en) | 2000-06-16 | 2005-07-05 | Extreme Networks, Inc. | Method and system for VLAN aggregation |
DE60115154T2 (en) | 2000-06-19 | 2006-08-10 | Broadcom Corp., Irvine | Method and device for data frame forwarding in an exchange |
US7126947B2 (en) * | 2000-06-23 | 2006-10-24 | Broadcom Corporation | Switch having external address resolution interface |
US8281022B1 (en) * | 2000-06-30 | 2012-10-02 | Emc Corporation | Method and apparatus for implementing high-performance, scaleable data processing and storage systems |
US7031267B2 (en) * | 2000-12-21 | 2006-04-18 | 802 Systems Llc | PLD-based packet filtering methods with PLD configuration data update of filtering rules |
US6999455B2 (en) * | 2000-07-25 | 2006-02-14 | Broadcom Corporation | Hardware assist for address learning |
US6721313B1 (en) | 2000-08-01 | 2004-04-13 | International Business Machines Corporation | Switch fabric architecture using integrated serdes transceivers |
US7227862B2 (en) * | 2000-09-20 | 2007-06-05 | Broadcom Corporation | Network switch having port blocking capability |
US7420977B2 (en) * | 2000-10-03 | 2008-09-02 | Broadcom Corporation | Method and apparatus of inter-chip bus shared by message passing and memory access |
US7120155B2 (en) * | 2000-10-03 | 2006-10-10 | Broadcom Corporation | Switch having virtual shared memory |
US6851000B2 (en) | 2000-10-03 | 2005-02-01 | Broadcom Corporation | Switch having flow control management |
US7020166B2 (en) * | 2000-10-03 | 2006-03-28 | Broadcom Corporation | Switch transferring data using data encapsulation and decapsulation |
US6988177B2 (en) * | 2000-10-03 | 2006-01-17 | Broadcom Corporation | Switch memory management using a linked list structure |
US7274705B2 (en) * | 2000-10-03 | 2007-09-25 | Broadcom Corporation | Method and apparatus for reducing clock speed and power consumption |
US6980547B1 (en) * | 2000-10-31 | 2005-12-27 | Intel Corporation | Distributed switch/router silicon engine |
US7035255B2 (en) | 2000-11-14 | 2006-04-25 | Broadcom Corporation | Linked network switch configuration |
US7035286B2 (en) * | 2000-11-14 | 2006-04-25 | Broadcom Corporation | Linked network switch configuration |
US6850542B2 (en) | 2000-11-14 | 2005-02-01 | Broadcom Corporation | Linked network switch configuration |
EP1206099A3 (en) * | 2000-11-14 | 2003-10-22 | Sancastle Technologies Ltd. | Network interface |
US7424012B2 (en) * | 2000-11-14 | 2008-09-09 | Broadcom Corporation | Linked network switch configuration |
US7596139B2 (en) | 2000-11-17 | 2009-09-29 | Foundry Networks, Inc. | Backplane interface adapter with error control and redundant fabric |
US7356030B2 (en) | 2000-11-17 | 2008-04-08 | Foundry Networks, Inc. | Network switch cross point |
US6735218B2 (en) * | 2000-11-17 | 2004-05-11 | Foundry Networks, Inc. | Method and system for encoding wide striped cells |
US7236490B2 (en) * | 2000-11-17 | 2007-06-26 | Foundry Networks, Inc. | Backplane interface adapter |
US7333505B2 (en) * | 2000-12-18 | 2008-02-19 | Nortel Networks Limited | Transaction management for interworking between disparate networks |
US7002980B1 (en) | 2000-12-19 | 2006-02-21 | Chiaro Networks, Ltd. | System and method for router queue and congestion management |
US20020085565A1 (en) * | 2000-12-28 | 2002-07-04 | Maple Optical Systems, Inc. | Technique for time division multiplex forwarding of data streams |
US6912592B2 (en) * | 2001-01-05 | 2005-06-28 | Extreme Networks, Inc. | Method and system of aggregate multiple VLANs in a metropolitan area network |
US20020143724A1 (en) * | 2001-01-16 | 2002-10-03 | International Business Machines Corporation | Method, system and computer program product to partition filter rules for efficient enforcement |
US20020126659A1 (en) * | 2001-03-07 | 2002-09-12 | Ling-Zhong Liu | Unified software architecture for switch connection management |
US6965945B2 (en) | 2001-03-07 | 2005-11-15 | Broadcom Corporation | System and method for slot based ARL table learning and concurrent table search using range address insertion blocking |
US6813620B2 (en) * | 2001-03-07 | 2004-11-02 | Broadcom Corporation | Binary search engine and method |
US6990101B1 (en) * | 2001-03-23 | 2006-01-24 | Advanced Micro Devices, Inc. | System and method for performing layer 3 switching in a network device |
US7095716B1 (en) | 2001-03-30 | 2006-08-22 | Juniper Networks, Inc. | Internet security device and method |
US7093280B2 (en) * | 2001-03-30 | 2006-08-15 | Juniper Networks, Inc. | Internet security system |
US7206283B2 (en) * | 2001-05-15 | 2007-04-17 | Foundry Networks, Inc. | High-performance network switch |
US6738850B2 (en) * | 2001-05-16 | 2004-05-18 | Inventec Appliances Corp. | Method of downloading application programs on the editing system platform of an electronic communication apparatus |
US7139267B2 (en) * | 2002-03-05 | 2006-11-21 | Industrial Technology Research Institute | System and method of stacking network switches |
US7239636B2 (en) * | 2001-07-23 | 2007-07-03 | Broadcom Corporation | Multiple virtual channels for use in network devices |
US7860120B1 (en) | 2001-07-27 | 2010-12-28 | Hewlett-Packard Company | Network interface supporting of virtual paths for quality of service with dynamic buffer allocation |
US7069386B2 (en) * | 2001-08-10 | 2006-06-27 | Connex Technology, Inc. | Associative memory device |
US7383421B2 (en) * | 2002-12-05 | 2008-06-03 | Brightscale, Inc. | Cellular engine for a data processing system |
JP2003092598A (en) * | 2001-09-18 | 2003-03-28 | Nec Corp | Packet transferring processor |
US7302700B2 (en) | 2001-09-28 | 2007-11-27 | Juniper Networks, Inc. | Method and apparatus for implementing a layer 3/layer 7 firewall in an L2 device |
US7355970B2 (en) * | 2001-10-05 | 2008-04-08 | Broadcom Corporation | Method and apparatus for enabling access on a network switch |
US20030081599A1 (en) * | 2001-10-30 | 2003-05-01 | Chui-Tsang Wu | System and method for data transmission control |
US7240123B2 (en) * | 2001-12-10 | 2007-07-03 | Nortel Networks Limited | Distributed routing core |
US7650634B2 (en) | 2002-02-08 | 2010-01-19 | Juniper Networks, Inc. | Intelligent integrated network security device |
US7734752B2 (en) * | 2002-02-08 | 2010-06-08 | Juniper Networks, Inc. | Intelligent integrated network security device for high-availability applications |
US8370936B2 (en) | 2002-02-08 | 2013-02-05 | Juniper Networks, Inc. | Multi-method gateway-based network security systems and methods |
US7719980B2 (en) * | 2002-02-19 | 2010-05-18 | Broadcom Corporation | Method and apparatus for flexible frame processing and classification engine |
US7295555B2 (en) | 2002-03-08 | 2007-11-13 | Broadcom Corporation | System and method for identifying upper layer protocol message boundaries |
US7161948B2 (en) * | 2002-03-15 | 2007-01-09 | Broadcom Corporation | High speed protocol for interconnecting modular network devices |
US6816918B2 (en) * | 2002-04-10 | 2004-11-09 | Broadcom Corporation | Flexible apparatus for setting configurations using an EEPROM |
US6738833B2 (en) | 2002-04-10 | 2004-05-18 | Broadcom Corporation | Network device having a flexible EEPROM for setting configuration settings |
US20120155466A1 (en) | 2002-05-06 | 2012-06-21 | Ian Edward Davis | Method and apparatus for efficiently processing data packets in a computer network |
US7187687B1 (en) | 2002-05-06 | 2007-03-06 | Foundry Networks, Inc. | Pipeline method and system for switching packets |
US7468975B1 (en) | 2002-05-06 | 2008-12-23 | Foundry Networks, Inc. | Flexible method for processing data packets in a network routing system for enhanced efficiency and monitoring capability |
US7266117B1 (en) | 2002-05-06 | 2007-09-04 | Foundry Networks, Inc. | System architecture for very fast ethernet blade |
US7649885B1 (en) * | 2002-05-06 | 2010-01-19 | Foundry Networks, Inc. | Network routing system for enhanced efficiency and monitoring capability |
US7116664B2 (en) | 2002-05-13 | 2006-10-03 | International Business Machines Corporation | Lookups by collisionless direct tables and CAMs |
US7272151B2 (en) * | 2002-05-15 | 2007-09-18 | Broadcom Corporation | Centralized switching fabric scheduler supporting simultaneous updates |
US7724740B1 (en) | 2002-08-27 | 2010-05-25 | 3Com Corporation | Computer system and network interface supporting class of service queues |
US7894480B1 (en) | 2002-08-27 | 2011-02-22 | Hewlett-Packard Company | Computer system and network interface with hardware based rule checking for embedded firewall |
US7307998B1 (en) | 2002-08-27 | 2007-12-11 | 3Com Corporation | Computer system and network interface supporting dynamically optimized receive buffer queues |
US20040073678A1 (en) * | 2002-08-28 | 2004-04-15 | John Border | Dynamic connection establishment in a meshed communication system |
US7411959B2 (en) | 2002-08-30 | 2008-08-12 | Broadcom Corporation | System and method for handling out-of-order frames |
US7934021B2 (en) | 2002-08-29 | 2011-04-26 | Broadcom Corporation | System and method for network interfacing |
US7346701B2 (en) | 2002-08-30 | 2008-03-18 | Broadcom Corporation | System and method for TCP offload |
US7313623B2 (en) | 2002-08-30 | 2007-12-25 | Broadcom Corporation | System and method for TCP/IP offload independent of bandwidth delay product |
US8180928B2 (en) | 2002-08-30 | 2012-05-15 | Broadcom Corporation | Method and system for supporting read operations with CRC for iSCSI and iSCSI chimney |
US7184404B2 (en) * | 2002-10-15 | 2007-02-27 | Broadcom Corporation | Programmable inter-packet gap generator with byte granularity |
US6781898B2 (en) * | 2002-10-30 | 2004-08-24 | Broadcom Corporation | Self-repairing built-in self test for linked list memories |
US7342878B2 (en) * | 2002-12-23 | 2008-03-11 | International Business Machines Corporation | Input port routing circuit that performs output port filtering |
US7062582B1 (en) * | 2003-03-14 | 2006-06-13 | Marvell International Ltd. | Method and apparatus for bus arbitration dynamic priority based on waiting period |
US7325002B2 (en) | 2003-04-04 | 2008-01-29 | Juniper Networks, Inc. | Detection of network security breaches based on analysis of network record logs |
US6901072B1 (en) | 2003-05-15 | 2005-05-31 | Foundry Networks, Inc. | System and method for high speed packet transmission implementing dual transmit and receive pipelines |
US7443836B2 (en) * | 2003-06-16 | 2008-10-28 | Intel Corporation | Processing a data packet |
US7529252B2 (en) * | 2003-06-27 | 2009-05-05 | Broadcom Corporation | Weighted queuing scheme for managing datagrams within a network device using single port double buffer (ping-pong) memory |
US7974284B2 (en) * | 2003-06-27 | 2011-07-05 | Broadcom Corporation | Single and double tagging schemes for packet processing in a network device |
US7886348B2 (en) * | 2003-10-03 | 2011-02-08 | Verizon Services Corp. | Security management system for monitoring firewall operation |
US7421734B2 (en) * | 2003-10-03 | 2008-09-02 | Verizon Services Corp. | Network firewall test methods and apparatus |
US7886350B2 (en) | 2003-10-03 | 2011-02-08 | Verizon Services Corp. | Methodology for measurements and analysis of protocol conformance, performance and scalability of stateful border gateways |
US7853996B1 (en) | 2003-10-03 | 2010-12-14 | Verizon Services Corp. | Methodology, measurements and analysis of performance and scalability of stateful border gateways |
US7149214B2 (en) * | 2003-11-04 | 2006-12-12 | Cisco Technology, Inc. | Dynamic unknown L2 flooding control with MAC limits |
US20060007926A1 (en) * | 2003-12-19 | 2006-01-12 | Zur Uri E | System and method for providing pooling or dynamic allocation of connection context data |
US7693075B2 (en) * | 2003-12-24 | 2010-04-06 | Intel Corporation | Updating address tables |
US7817659B2 (en) | 2004-03-26 | 2010-10-19 | Foundry Networks, Llc | Method and apparatus for aggregating input data streams |
US8730961B1 (en) | 2004-04-26 | 2014-05-20 | Foundry Networks, Llc | System and method for optimizing router lookup |
JP2006108853A (en) * | 2004-10-01 | 2006-04-20 | Hitachi Ltd | Communication apparatus capable of automatic recognition of forwarding destination of packet, communication system and program |
US7657703B1 (en) | 2004-10-29 | 2010-02-02 | Foundry Networks, Inc. | Double density content addressable memory (CAM) lookup scheme |
US8320240B2 (en) * | 2004-11-30 | 2012-11-27 | Broadcom Corporation | Rate limiting and minimum and maximum shaping in a network device |
US7529191B2 (en) * | 2005-02-18 | 2009-05-05 | Broadcom Corporation | Programmable metering behavior based on table lookup |
US20060187936A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Table searching techniques in a network device |
US7606231B2 (en) | 2005-02-18 | 2009-10-20 | Broadcom Corporation | Pipeline architecture for a network device |
US20060203824A1 (en) * | 2005-02-18 | 2006-09-14 | Song-Huo Yu | Passing values through a memory management unit of a network device |
US20060187948A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Layer two and layer three virtual private network support in a network device |
US20060187923A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Dynamic filter processor key generation based on packet type |
US20060187924A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Ingress handling of data in a network device |
US7983291B2 (en) * | 2005-02-18 | 2011-07-19 | Broadcom Corporation | Flexible packet modification engine for a network device |
US20060187920A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Flexible packet modification engine |
US7463630B2 (en) * | 2005-02-18 | 2008-12-09 | Broadcom Corporation | Multi-part parsing in a network device |
US8457131B2 (en) * | 2005-02-18 | 2013-06-04 | Broadcom Corporation | Dynamic table sharing of memory space within a network device |
US20060187832A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Filter based range check in a network device |
US20060187917A1 (en) * | 2005-02-18 | 2006-08-24 | Broadcom Corporation | Pre-learning of values with later activation in a network device |
US8331380B2 (en) * | 2005-02-18 | 2012-12-11 | Broadcom Corporation | Bookkeeping memory use in a search engine of a network device |
US7577096B2 (en) * | 2005-02-18 | 2009-08-18 | Broadcom Corporation | Timestamp metering and rollover protection in a network device |
WO2006099540A2 (en) | 2005-03-15 | 2006-09-21 | Trapeze Networks, Inc. | System and method for distributing keys in a wireless network |
US7865624B1 (en) | 2005-04-04 | 2011-01-04 | Oracle America, Inc. | Lookup mechanism based on link layer semantics |
US7443878B2 (en) * | 2005-04-04 | 2008-10-28 | Sun Microsystems, Inc. | System for scaling by parallelizing network workload |
US7529245B1 (en) | 2005-04-04 | 2009-05-05 | Sun Microsystems, Inc. | Reorder mechanism for use in a relaxed order input/output system |
US7987306B2 (en) * | 2005-04-04 | 2011-07-26 | Oracle America, Inc. | Hiding system latencies in a throughput networking system |
US7992144B1 (en) | 2005-04-04 | 2011-08-02 | Oracle America, Inc. | Method and apparatus for separating and isolating control of processing entities in a network interface |
US7415034B2 (en) * | 2005-04-04 | 2008-08-19 | Sun Microsystems, Inc. | Virtualized partitionable shared network interface |
US7415035B1 (en) | 2005-04-04 | 2008-08-19 | Sun Microsystems, Inc. | Device driver access method into a virtualized network interface |
US7779164B2 (en) * | 2005-04-04 | 2010-08-17 | Oracle America, Inc. | Asymmetrical data processing partition |
US7843926B1 (en) | 2005-04-05 | 2010-11-30 | Oracle America, Inc. | System for providing virtualization of network interfaces at various layers |
US7664127B1 (en) | 2005-04-05 | 2010-02-16 | Sun Microsystems, Inc. | Method for resolving mutex contention in a network system |
US7889734B1 (en) | 2005-04-05 | 2011-02-15 | Oracle America, Inc. | Method and apparatus for arbitrarily mapping functions to preassigned processing entities in a network system |
US7353360B1 (en) | 2005-04-05 | 2008-04-01 | Sun Microsystems, Inc. | Method for maximizing page locality |
US7567567B2 (en) * | 2005-04-05 | 2009-07-28 | Sun Microsystems, Inc. | Network system including packet classification for partitioned resources |
US8510491B1 (en) | 2005-04-05 | 2013-08-13 | Oracle America, Inc. | Method and apparatus for efficient interrupt event notification for a scalable input/output device |
US8762595B1 (en) | 2005-04-05 | 2014-06-24 | Oracle America, Inc. | Method for sharing interfaces among multiple domain environments with enhanced hooks for exclusiveness |
US7746862B1 (en) | 2005-08-02 | 2010-06-29 | Juniper Networks, Inc. | Packet processing in a multiple processor system |
CN100466606C (en) * | 2005-08-24 | 2009-03-04 | 杭州华三通信技术有限公司 | Unknown multicasting message processing method |
US8638762B2 (en) | 2005-10-13 | 2014-01-28 | Trapeze Networks, Inc. | System and method for network integrity |
WO2007044986A2 (en) | 2005-10-13 | 2007-04-19 | Trapeze Networks, Inc. | System and method for remote monitoring in a wireless network |
US7724703B2 (en) | 2005-10-13 | 2010-05-25 | Belden, Inc. | System and method for wireless network monitoring |
US7573859B2 (en) | 2005-10-13 | 2009-08-11 | Trapeze Networks, Inc. | System and method for remote monitoring in a wireless network |
US7451293B2 (en) * | 2005-10-21 | 2008-11-11 | Brightscale Inc. | Array of Boolean logic controlled processing elements with concurrent I/O processing and instruction sequencing |
US8027251B2 (en) * | 2005-11-08 | 2011-09-27 | Verizon Services Corp. | Systems and methods for implementing protocol-aware network firewall |
US9374342B2 (en) | 2005-11-08 | 2016-06-21 | Verizon Patent And Licensing Inc. | System and method for testing network firewall using fine granularity measurements |
US7869411B2 (en) * | 2005-11-21 | 2011-01-11 | Broadcom Corporation | Compact packet operation device and method |
US8448162B2 (en) | 2005-12-28 | 2013-05-21 | Foundry Networks, Llc | Hitless software upgrades |
EP1971958A2 (en) * | 2006-01-10 | 2008-09-24 | Brightscale, Inc. | Method and apparatus for processing algorithm steps of multimedia data in parallel processing systems |
US8274989B1 (en) | 2006-03-31 | 2012-09-25 | Rockstar Bidco, LP | Point-to-multipoint (P2MP) resilience for GMPLS control of ethernet |
US7558266B2 (en) * | 2006-05-03 | 2009-07-07 | Trapeze Networks, Inc. | System and method for restricting network access using forwarding databases |
US8160080B1 (en) | 2006-05-08 | 2012-04-17 | Marvell Israel (M.I.S.L.) Ltd. | Implementation of reliable synchronization of distributed databases |
US8966018B2 (en) | 2006-05-19 | 2015-02-24 | Trapeze Networks, Inc. | Automated network device configuration and network deployment |
US8818322B2 (en) | 2006-06-09 | 2014-08-26 | Trapeze Networks, Inc. | Untethered access point mesh system and method |
US9191799B2 (en) | 2006-06-09 | 2015-11-17 | Juniper Networks, Inc. | Sharing data between wireless switches system and method |
US9258702B2 (en) | 2006-06-09 | 2016-02-09 | Trapeze Networks, Inc. | AP-local dynamic switching |
US7636352B2 (en) * | 2006-08-22 | 2009-12-22 | Vitesse Semiconductor Corporation | Maintaining filtering database consistency |
US7903654B2 (en) | 2006-08-22 | 2011-03-08 | Foundry Networks, Llc | System and method for ECMP load sharing |
WO2008027567A2 (en) * | 2006-09-01 | 2008-03-06 | Brightscale, Inc. | Integral parallel machine |
US20080059763A1 (en) * | 2006-09-01 | 2008-03-06 | Lazar Bivolarski | System and method for fine-grain instruction parallelism for increased efficiency of processing compressed multimedia data |
US20080244238A1 (en) * | 2006-09-01 | 2008-10-02 | Bogdan Mitu | Stream processing accelerator |
US20080059467A1 (en) * | 2006-09-05 | 2008-03-06 | Lazar Bivolarski | Near full motion search algorithm |
US8340110B2 (en) | 2006-09-15 | 2012-12-25 | Trapeze Networks, Inc. | Quality of service provisioning for wireless networks |
US9473529B2 (en) | 2006-11-08 | 2016-10-18 | Verizon Patent And Licensing Inc. | Prevention of denial of service (DoS) attacks on session initiation protocol (SIP)-based systems using method vulnerability filtering |
US8966619B2 (en) * | 2006-11-08 | 2015-02-24 | Verizon Patent And Licensing Inc. | Prevention of denial of service (DoS) attacks on session initiation protocol (SIP)-based systems using return routability check filtering |
US8238255B2 (en) | 2006-11-22 | 2012-08-07 | Foundry Networks, Llc | Recovering from failures without impact on data traffic in a shared bus architecture |
US7873061B2 (en) | 2006-12-28 | 2011-01-18 | Trapeze Networks, Inc. | System and method for aggregation and queuing in a wireless network |
US8155011B2 (en) | 2007-01-11 | 2012-04-10 | Foundry Networks, Llc | Techniques for using dual memory structures for processing failure detection protocol packets |
US7953895B1 (en) | 2007-03-07 | 2011-05-31 | Juniper Networks, Inc. | Application identification |
US8522344B2 (en) * | 2007-06-29 | 2013-08-27 | Verizon Patent And Licensing Inc. | Theft of service architectural integrity validation tools for session initiation protocol (SIP)-based systems |
US8302186B2 (en) * | 2007-06-29 | 2012-10-30 | Verizon Patent And Licensing Inc. | System and method for testing network firewall for denial-of-service (DOS) detection and prevention in signaling channel |
US8037399B2 (en) | 2007-07-18 | 2011-10-11 | Foundry Networks, Llc | Techniques for segmented CRC design in high speed networks |
US8271859B2 (en) | 2007-07-18 | 2012-09-18 | Foundry Networks Llc | Segmented CRC design in high speed networks |
US8902904B2 (en) | 2007-09-07 | 2014-12-02 | Trapeze Networks, Inc. | Network assignment based on priority |
US8509236B2 (en) | 2007-09-26 | 2013-08-13 | Foundry Networks, Llc | Techniques for selecting paths and/or trunk ports for forwarding traffic flows |
US8190881B2 (en) | 2007-10-15 | 2012-05-29 | Foundry Networks Llc | Scalable distributed web-based authentication |
US8238942B2 (en) | 2007-11-21 | 2012-08-07 | Trapeze Networks, Inc. | Wireless station location detection |
US8150357B2 (en) | 2008-03-28 | 2012-04-03 | Trapeze Networks, Inc. | Smoothing filter for irregular update intervals |
US8978105B2 (en) | 2008-07-25 | 2015-03-10 | Trapeze Networks, Inc. | Affirming network relationships and resource access via related networks |
US8238298B2 (en) | 2008-08-29 | 2012-08-07 | Trapeze Networks, Inc. | Picking an optimal channel for an access point in a wireless network |
JP4823331B2 (en) * | 2009-04-13 | 2011-11-24 | 富士通株式会社 | Network connection device, switching circuit device, and address learning processing method |
US8090901B2 (en) | 2009-05-14 | 2012-01-03 | Brocade Communications Systems, Inc. | TCAM management approach that minimize movements |
US8599850B2 (en) | 2009-09-21 | 2013-12-03 | Brocade Communications Systems, Inc. | Provisioning single or multistage networks using ethernet service instances (ESIs) |
US8553686B2 (en) * | 2010-04-28 | 2013-10-08 | Broadcom Corporation | Performing actions on frame entries in response to receiving bulk instruction |
US8565069B2 (en) * | 2010-11-23 | 2013-10-22 | Force10 Networks, Inc. | Method of shrinking a data loss window in a packet network device |
US8798077B2 (en) | 2010-12-29 | 2014-08-05 | Juniper Networks, Inc. | Methods and apparatus for standard protocol validation mechanisms deployed over a switch fabric system |
US8780896B2 (en) * | 2010-12-29 | 2014-07-15 | Juniper Networks, Inc. | Methods and apparatus for validation of equal cost multi path (ECMP) paths in a switch fabric system |
JP5948345B2 (en) | 2011-01-11 | 2016-07-06 | エイ10 ネットワークス インコーポレイテッドA10 Networks, Inc. | Virtual application delivery chassis system |
US9154577B2 (en) | 2011-06-06 | 2015-10-06 | A10 Networks, Inc. | Sychronization of configuration file of virtual application distribution chassis |
US9692715B2 (en) * | 2014-02-21 | 2017-06-27 | Cavium, Inc. | Multiple ethernet ports and port types using a shared data path |
US10742559B2 (en) | 2014-04-24 | 2020-08-11 | A10 Networks, Inc. | Eliminating data traffic redirection in scalable clusters |
US9961130B2 (en) | 2014-04-24 | 2018-05-01 | A10 Networks, Inc. | Distributed high availability processing methods for service sessions |
US10318288B2 (en) | 2016-01-13 | 2019-06-11 | A10 Networks, Inc. | System and method to process a chain of network applications |
US11469953B2 (en) | 2017-09-27 | 2022-10-11 | Intel Corporation | Interworking of legacy appliances in virtualized networks |
WO2019079960A1 (en) * | 2017-10-24 | 2019-05-02 | Intel Corporation | Hardware assisted virtual switch |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5459717A (en) * | 1994-03-25 | 1995-10-17 | Sprint International Communications Corporation | Method and apparatus for routing messagers in an electronic messaging system |
US5461624A (en) * | 1992-03-24 | 1995-10-24 | Alcatel Network Systems, Inc. | Distributed routing network element |
US5485455A (en) | 1994-01-28 | 1996-01-16 | Cabletron Systems, Inc. | Network having secure fast packet switching and guaranteed quality of service |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5014262A (en) * | 1990-01-02 | 1991-05-07 | At&T Bell Laboratories | Apparatus and method for detecting and eliminating call looping in a node-by-node routing network |
US5309437A (en) * | 1990-06-29 | 1994-05-03 | Digital Equipment Corporation | Bridge-like internet protocol router |
US5500860A (en) * | 1991-06-14 | 1996-03-19 | Digital Equipment Corporation | Router using multiple hop redirect messages to enable bridge like data forwarding |
US5790456A (en) * | 1997-05-09 | 1998-08-04 | Advanced Micro Devices, Inc. | Multiple bits-per-cell flash EEPROM memory cells with wide program and erase Vt window |
-
1997
- 1997-06-30 US US08/885,047 patent/US5909686A/en not_active Expired - Lifetime
-
1998
- 1998-06-24 EP EP98935487A patent/EP1010104B1/en not_active Expired - Lifetime
- 1998-06-24 JP JP50571899A patent/JP4260899B2/en not_active Expired - Lifetime
- 1998-06-24 WO PCT/US1998/013206 patent/WO1999000750A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5461624A (en) * | 1992-03-24 | 1995-10-24 | Alcatel Network Systems, Inc. | Distributed routing network element |
US5485455A (en) | 1994-01-28 | 1996-01-16 | Cabletron Systems, Inc. | Network having secure fast packet switching and guaranteed quality of service |
US5459717A (en) * | 1994-03-25 | 1995-10-17 | Sprint International Communications Corporation | Method and apparatus for routing messagers in an electronic messaging system |
Non-Patent Citations (1)
Title |
---|
See also references of EP1010104A4 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001067686A1 (en) * | 2000-03-06 | 2001-09-13 | Advanced Micro Devices, Inc. | Selective address table aging in a network switch |
US7002955B1 (en) | 2000-03-06 | 2006-02-21 | Advanced Micro Devices, Inc. | Selective address table aging in a network switch based on application state determined from a received data packet |
US7457292B2 (en) | 2003-01-29 | 2008-11-25 | Fujitsu Limited | Packet identification device and packet identification method |
Also Published As
Publication number | Publication date |
---|---|
EP1010104B1 (en) | 2013-01-16 |
US5909686A (en) | 1999-06-01 |
EP1010104A4 (en) | 2007-05-02 |
EP1010104A1 (en) | 2000-06-21 |
JP4260899B2 (en) | 2009-04-30 |
JP2002508868A (en) | 2002-03-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5909686A (en) | Hardware-assisted central processing unit access to a forwarding database | |
US5938736A (en) | Search engine architecture for a high performance multi-layer switch element | |
US7808999B2 (en) | Method and apparatus for out-of-order processing of packets using linked lists | |
JP3777161B2 (en) | Efficient processing of multicast transmission | |
US6504846B1 (en) | Method and apparatus for reclaiming buffers using a single buffer bit | |
US7701941B2 (en) | Network switch with mutually coupled look-up engine and network processor | |
KR100437146B1 (en) | Intelligent network interface device and system for accelerating communication | |
US7017020B2 (en) | Apparatus and method for optimizing access to memory | |
US7349398B1 (en) | Method and apparatus for out-of-order processing of packets | |
US6732184B1 (en) | Address table overflow management in a network switch | |
US20010043614A1 (en) | Multi-layer switching apparatus and method | |
US7072342B1 (en) | Reordering of out-of-order packets | |
US6778547B1 (en) | Method and apparatus for improving throughput of a rules checker logic | |
US6965945B2 (en) | System and method for slot based ARL table learning and concurrent table search using range address insertion blocking | |
US7042889B2 (en) | Network switch with parallel working of look-up engine and network processor | |
EP1631906B1 (en) | Maintaining entity order with gate managers | |
US7010535B2 (en) | Binary search engine and method | |
US7809008B2 (en) | Methods and apparatus for routing packets | |
US7080135B1 (en) | Systems and methods for accessing an address table of a network device | |
US20020133623A1 (en) | System and method for slot based ARL table learning with concurrent table search using write snoop | |
US8009584B1 (en) | System and method for implementing an IRC across multiple network devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): JP |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
122 | Ep: pct application non-entry in european phase | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1998935487 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1998935487 Country of ref document: EP |