1. Field of the Invention
The present invention relates to a frame transfer processing method and device, and in particular to a method and device for transferring a frame by a flooding method through a layer 2 switch which determines a transfer destination port based on a VLAN (Virtual Local Area Network) and a MAC (Medical Access Control) address.
2. Description of the Related Art
A layer 2 (hereinafter, occasionally abbreviated as L2) switch having a plurality of input/output communication interfaces (hereinafter, referred to as physical ports) has a function of voluntarily learning path information indicating a transfer destination of a MAC frame. Namely, this is a function of learning the source MAC address of a MAC frame and the location of a port having received the MAC frame, and of then determining a port to which the MAC frame should be transmitted by using the information already learned when another port receives a frame having a destination MAC address which is the same MAC address as one previously learned.
Also, the L2 switch having a VLAN function learns the MAC address and VLAN identifying information (hereinafter, occasionally referred to as VLAN-ID) in combination. For such a system, a specification is described in IEEE802.1d as a method of learning and forwarding (transferring) by the VLAN and the MAC address.
For another technology of the layer 2 switch, there is mentioned a function of binding a plurality of physical links to be used as a single logical transmission line. This is called a link aggregation function. By using this function, the transfer of data amounts exceeding a bandwidth of a single physical link between two L2 switches is made possible. Also, even if any physical link among the bound aggregated links fails, the arrangement of the logical link is changed or switched to use remaining normal physical links, thereby enabling an operation to be continued. The specification of this system is described in IEEE802.3ad.
Thus, when no frame is transferred between certain end stations (terminals) and when a fixed time elapses after learning and the learned contents become disabled, the L2 switch assumes a state where nothing has been learned. In such a state where no MAC address has been learned, a frame is required to be transferred to all of the ports belonging to the same VLAN. This function is called “flooding”. How to perform the “flooding” function will now be described by referring to operations of “learning” and “frame forwarding by learned information”.
Network Arrangement (1)
It is supposed that a network shown in FIG. 3, for example, is structured. An L2 switch 100 has ports represented by #Pn, where n is supposed to be a port No. It is to be noted that hereinafter, a word “port” is used as a synonym of “physical link”. In this example, it is arranged that among five physical ports shown by #P1-#P5, the ports #P1, #P2, and #P4 belong to a VLAN 501 indicated by VLAN-ID=501, and the ports #P3 and #P5 similarly belong to a VLAN 601 indicated by VLAN-ID=601. It is to be noted that a terminal 11 (MAC address=11) is connected to the port #P1, a terminal 12 (MAC address=12) is connected to the port #P2, a terminal 13 (MAC address=13) is connected to the port #P3, a terminal 14 (MAC address=14) and a terminal 15 (MAC address=15) are connected to the port #P4, and a terminal 16 (MAC address=16) is connected to the port #P5 respectively.
The arrangement of the VLAN is stored in a memory (not shown) within the L2 switch 100 in the form of representing with 1 bit whether or not each port belongs to the VLAN for every VLAN-ID, as shown by the following table T101 and a bitmap arrangement of a port in FIG. 4A.
TABLE T101VLAN-IDBITMAP OF PORT......50111010......60100101......
Also, in order to obtain a VLAN to which a frame is attributed when a frame is received at each port, a VLAN-ID allocated to the received frame is set for every port as shown by the following table T102.
TABLE T102VLAN-ID ALLOCATED TOPORT NO.RECEIVED FRAME15012501360145015601
A frame transfer processing operation by the L2 switch 100 will now be described referring to a flowchart of FIG. 5. It is to be noted that this flowchart is executed by an exclusive logical circuit, CPU, or the like (not shown) installed in the L2 switch 100, which applies to the following description.
Firstly, the terminal 11 transmits a frame whose destination address is “14” and source address is “11” in a format shown in FIG. 6A. The L2 switch 100 monitors a frame received at step S1 to receive the frame at port #P1 (at step S2). A correspondence between the reception port of the frame and the VLAN-ID is preset in the L2 switch 100 by the table T102 described above.
At step S3, the VLAN to which the frame belongs is obtained based on the reception port by using the table T102. Since the table T102 indicates that the frame received at the port #P1 belongs to the VLAN 501 of the VLAN-ID=501, the VLAN-ID=501 is derived at step S3.
At step S4, the No. “1” of the port having received the frame is learned with the VLAN-ID obtained at step S3 and the source address of the frame as keys. The result of the learning is prepared as following table T103.
TABLE T103VLAN-IDMAC ADDRESSPORT NO..........501111.........
Namely, since the received frame has the VLAN-ID=501, the source address=11, and the reception port=1, a single entry in the table as shown in the above table T103 is prepared.
At step S5, whether or not the port No. is learned is searched or checked with the VLAN-ID=501 and the destination address=14 of the received frame as keys. For this search, the above-mentioned table T103 is searched again to determine whether or not any hit is found (at step S6). Since the port No. has not been learned yet, no hit is found, so that the process proceeds to step S7.
At step S7, in order to check the port composing the VLAN, bitmaps of all the ports corresponding to the VLAN-ID=501 are obtained referring to the above-mentioned table T101, whereby it is recognized that the ports #P1, #P2, and #P4 belong to the VLAN 501.
At step S8, the frame is outputted from the obtained ports one after another. However, since the port having received the frame does not transmit the frame, the frame is transmitted from the ports #P2 and #P4. Thus, when the destination has not been learned, the frame is transferred to all of the ports belonging to the same VLAN except for the port having received the frame (at step S9). This is called a “flooding” function. As a result, the destination terminal 14 connected to the port #P4 can receive the frame transmitted by the source terminal 11. Although other terminals 12 and 15 receive the same frame, the destination address is not coincident with the MAC address of their own. Therefore, the frame is discarded.
An operation when the L2 switch 100 transfers a frame in the direction opposite (from right to left in FIG. 3) to the above-mentioned description will now be described. This is an operation in a case where the destination address is learned.
Firstly, when the terminal 14 transmits a frame having the destination address=11 and the source address=14, the L2 switch 100 monitors the frame reception at step S1 to receive the frame at the port #P4 (at step S2). The L2 switch 100 learns the port No. in the same way as mentioned above (at steps S3 and S4), and a table T103a, which is the table T103 in which the second entry is prepared, can be obtained as follows:
TABLE T103aVLAN-IDMAC ADDRESSPORT NO..........501111.........501144.........
At step S5, whether or not the port No. has been learned is searched with the VLAN-ID and the destination address of the received frame as keys. For this search, the above-mentioned table T103a is used again. Since the entry has been already learned with the VLAN-ID=501 and the MAC address=11 as keys, a hit is found, so that the process proceeds from step S6 to step S10.
Since it is recognized at step S10 that the output destination port=#P1 from the result of learning, the frame is outputted from the port #P1. Thus, the terminal 11 connected to the port #P1 receives the frame transmitted from the terminal 14.
On the other hand, the terminals 13 and 16 are also connected to the L2 switch 200, the frame transferred between the terminals 13 and 16 is transferred only to the terminal belonging to the VLAN 601, but not to the terminal belonging to a different VLAN, the VLAN 501. This is because a flooding destination is limited based on the setting of the above-mentioned table T101. By this function, data leakage to a different VLAN is prevented and data security is attained.
Network Arrangement (2)
How the flooding process is performed when a network is arranged by using a link aggregation function as shown in FIG. 7 will now be described.
Firstly, it is supposed that the network arrangement (2) of FIG. 7 is equivalent to the network arrangement (1) of FIG. 3 in which the L2 switch 100 is composed of L2 switches 200 and 300, and the arrangement of the terminals and the VLANs to which the terminals belong are the same as those in FIG. 3. Between the L2 switches 200 and 300, frames are transferred by using a logical link aggregation-transmission line LA in which physical links are bound between the ports #P4-#P6 of the L2 switch 200 and the ports #P1-#P3 of the L2 switch 300 by the link aggregation function. The locations of the ports and the number of ports form one example, so that it is possible to freely select the ports by the arrangement of the switch and to bind the links. This logical link aggregation-transmission line LA belongs to both of the VLANs 501 and 601, so that the VLAN frames for both of the VLANs 501 and 601 are transferred. Which VLAN the frame passing through the logical link belongs to is indicated by using the frame with a VLAN tag as shown in FIG. 6B. On the transmission side of the logical link, the VLAN tag is inserted upon outputting the frame, while on the reception side the VLAN tag is deleted after identifying the VLAN.
Frame Transferring Process by the L2 Switches 200 and 300 will now be Described along a Flowchart of FIG. 8.
The terminal 11 transmits the frame having the format as shown in FIG. 6B where the destination address=14 and the source address=11. The L2 switch 200 monitors the frame reception at step S1 to receive the frame at the port #P1 (at step S2). In the L2 switch 200, the reception port is associated with the VLAN-ID by the following table T104.
TABLE T104VLAN-IDALLOCATEDPORT/TRUNKTO RECEIVEDIDENTIFICATIONPORT NO.FRAME*(0: PORT, 1: TRUNK)TRUNK NO.150100250100360100401205012060120*WHEN 0 IS SET TO VLAN-ID CORRESPONDING TO RECEIVED FRAME, IT IS INDICATED THAT THE PORT USES FRAME WITH VLAN TAG & VLAN IS NOT SPECIFIED.
However, a disabling value “0” is set as the VLAN-ID corresponding to the ports #P4-#P6 in the table T104. This set value “0” assumes that the frame transmitted/received at the ports #P4-#P6 of the L2 switch 200 uses the VLAN tag within the frame shown in FIG. 6B, and the VLAN is not specified corresponding to the ports.
At step S3, the VLAN to which the frame belongs is obtained by using the above-mentioned table T104. Since the table T104 indicates that the frame received at the port #P1 belongs to the VLAN 501 of the VLAN-ID=501, the VLAN-ID=501 is derived at step S3.
At step S4, the No. “1” of the port having received the frame is learned with the VLAN-ID obtained at step S3 and the source address within the frame as keys. Being the same arrangement as the above table T103, the result of the learning is omitted.
At step S5, whether or not the port No. is learned is searched with the VLAN-ID and the destination address of the received frame as keys. For this search, the same table as the table T103 is used again. Since the port No. has not been learned yet, no hit is found (at step S6), so that the process proceeds to step S7.
At step S7, in order to check the ports composing the VLAN, the following table T105 is referred to.
TABLE T105VLAN-IDBITMAP OF PORT......501110100......601001100......
From this table T105, a bitmap of a port corresponding to the VLAN-ID=501 is obtained, whereby it is recognized that the ports #P1, #P2, and #P4 belong to the VLAN 501 of the VLAN-ID=501.
At step S8, the frame is outputted from the obtained ports one after another. However, the frame is not outputted from the port having received the frame. The frame is outputted from the ports #P2 and #P4 (at step S9). Since it is recognized from the above table T104 that the frame tag is to be inserted into the frame at the port #P4 (VLAN-ID=0), the VLAN tag is inserted into the frame outputted. As a result, the frame is transferred to the L2 switch 300 connected to the port #P4, and the terminal 14 can receive the frame transmitted by the terminal 11.
The above-mentioned flooding process is the same as that of FIG. 5 already described, so that usage of the link aggregation function is unnoticed. The reason why the same flooding process is enabled is that the above-mentioned table T105 is preliminarily composed by the method mentioned as follows.
The L2 switch 200 has a table defining the logical link arrangement composed by the link aggregation function as in the following table T106.
TABLE T106PORT LIST(ARRANGED INNUMBER OFASCENDINGTRUNK NO.PORTSORDER).........2034, 5, 6.........
A single logical link is called a trunk, to which a number is allocated for identification. In the network arrangement (2) of FIG. 7, for the L2 switch 200, the entries shown in the table T106 is prepared when the link aggregation-transmission line LA in which the trunk No. is “20” and the links of the physical ports #P4, #P5, and #P6 are bound are composed.
The ports #P1, #P2, #P4, #P5, and #P6 belong to the VLAN 501. If the bitmap of the ports is generated as it is when the above table T105 is composed, “110111” is obtained. However, since the ports #P4, #P5, and #P6 compose trunks, frames are overlapped if all of the ports #P4, #P5, and #P6 are made the flooding destination. Since the overlapping is against the operation of the link aggregation function, a mechanism for avoiding overlapping is required. A physical port composing a trunk and its trunk No. can be identified by referring to a port type (port/trunk identification) and the trunk No. in the above table T104. In order to avoid the overlapping of the frames at the ports #P4, #P5, and #P6, a list of the ports composing the trunk is checked by referring to the entry of the above table T106 based on the trunk No. “20”, and the entry of the bitmap “110100” corresponding to the VLAN 501 is prepared in the table T105 so that only the top physical port of the list may become the flooding destination.
Thus, the flooding process can be done in the same way as the case of a normal port even if the link aggregation-transmission line LA is used. It is to be noted that since the trunk 20 also belongs to the VLAN 601, the entry of the VLAN-ID=601 is similarly arranged in the table T105 so that only the port #P4 within the trunk may assume the flooding destination.
Hereinafter, an operation after the frame transmitted from the terminal 11 is flooded to the port #P4 of the L2 switch 200 to be received at the port #P1 of the L2 switch 300 will be described referring to the flowchart of FIG. 8 again.
The L2 switch 300 monitors the frame reception at step S1, and receives the frame at port #P1 (at step S2). The L2 switch 300 preliminarily associates the reception port with the VLAN-ID by the following table T107.
TABLE T107VLAN-IDPORT/TRUNKALLOCATED TOIDENTIFICATIONTRUNKPORT NO.RECEIVED FRAME(0: PORT, 1: TRUNK)NO.101302013030130450100560100
At step S3, the VLAN to which the frame belongs is obtained by using this table T107. Since this table T107 exhibits that the VLAN-ID corresponding to the port #P1 is set to “0” and the frame received from the L2 switch 200 is determined by the VLAN-tag (see FIG. 6B) within the frame, it is recognized that the received frame belongs to the VLAN 501 of the VLAN-ID=501 referring to the VLAN-tag of the received frame, and then the VLAN tag is deleted.
At step S4, a path having received the frame is learned with the VLAN-ID obtained at step S3 and the source address of the frame as keys. The result of this learning is “30” that is the No. of a trunk having received the frame as shown in the following table T103b.
TABLE T103bPORT/TRUNKPORT/IDENTIFICATIONVLAN-IDMAC ADDRESSTRUNK NO.(0: PORT, 1: TRUNK)............50111301............5011440............
Also, information “1” for identifying that the trunk has received the frame is entered in the table T103b.
At step S5, whether or not the port No. has been learned is searched with the VLAN-ID and the destination address of the received frame as keys. For this search, the above table T103b is used again. Since the port No. has not been learned yet, no hit is found (at step S6), so that the process proceeds to step S7.
At step S7, in order to check the port composing the VLAN, the bitmap of the port corresponding to the VLAN-ID=501 is obtained referring to the following table T108, whereby it is recognized that the ports #P1 and #P4 belong to the VLAN 501.
TABLE T108VLAN-IDBITMAP OF PORT......50110010......60110001......
At step S8, the frame is outputted from the obtained ports one after another. However, when the trunk has received the frame and the output destination port belongs to the same trunk, the frame is not outputted from the port. Therefore, the frame is not outputted from the port #P1. This determination is performed by using the setting of the above table T107. Namely, it is stored as the information of the frame that the received port is a trunk 30. As mentioned above, the ports #P1 and #P4 are set as the output destinations for the VLAN-ID=501 from the bitmap of the table T108. When the output destination of the frame is the port #P1, it is recognized that the port belongs to the trunk 30 by referring to the table T107. Since it is the same trunk, the frame is not outputted from the port #P1. Thus, the received frame is outputted from the port #P4 of the L2 switch 300. As a result, the terminal 14 receives the frame transmitted by the terminal 11.
An operation when the L2 switches 200 and 300 transfer a frame in the opposite direction (from right to left in FIG. 7) to the above-mentioned description will now be described. This is an operation in a case where the destination address is learned.
Firstly, when the terminal 14 transmits a frame whose destination address=11 and source address=14, the L2 switch 300 monitors the frame reception at step S1 to receive the frame at the port #P4 (at step S2). At step S3, the VLAN of the frame is obtained based on the reception port No.
At step S4, the L2 switch 300 learns the port No. in the same way as described above, and the second entry is prepared as shown in the above table T103b.
At step S5, whether or not the destination has been learned is searched with the VLAN-ID and the destination address of the received frame as keys. For this search, the above table T103b is used again. Since the entry with the VLAN-ID=501 and the MAC address=11 as keys has already been learned, a hit is found, the process proceeds from step S6 to step S11, and the learned port is obtained from the table T103b. By the result of this learning, it is recognized that the output destination is a trunk (port/trunk identifying information=“1”), and its No. is “30” (at steps S11 and S12). In the case of a trunk, the process proceeds to step S13, where hashing operation is performed in order to select a single physical port as an output destination from among physical ports composing the trunk. For this purpose, the following table T109 is used to obtain that the number of ports in the trunk is “3”.
TABLE T109PORT LIST(ARRANGED INNUMBER OFASCENDINGTRUNK NO.PORTSORDER).........3031, 2, 3.........
As an example of the hashing operation, such a method is used that a remainder calculation is performed by the number of ports to the result of the addition of the destination address and the source address of the frame, in which the first port is made an output destination if the result is “0”, and the second port is made an output destination if it is “1”. Since frames transferred between certain specific end stations are to be transferred through the same physical link at all times by this method, the order of frames can be prevented from changing.
As a result, the frame is outputted from any one of the ports #P1-#P3 of the L2 switch 300 (at step S14) to reach the L2 switch 200. If the port No. is one of “1”-“3” in this example, it is recognized from the above table T107 that the VLAN tag is inserted into the frame to be transmitted. Being the same as that already described, the subsequent operation of the L2 switch 200 is omitted. However, the table used at steps S11 and S12 in the L2 switch 200 at this time is the following table T103c.
TABLE T103cPORT/TRUNKMACPORT/IDENTIFICATIONVLAN-IDADDRESSTRUNK NO.(0: PORT, 1: TRUNK)............50111 10............50114201............
As a result, the terminal 11 receives the frame transmitted by the terminal 14.
On the other hand, there are a method and device for trunking multiple ports in a network switch by which a network switch configured for switching data packets across multiple ports uses an address table to generate frame forwarding information, a decision-making engine checks the frame forwarding information to determine whether the frame is to be forwarded to a port that is part of a trunk, and the decision-making engine determines the port which is to become the transmitting destination of the frame when the frame is to be outputted to a trunk port (see e.g. patent document 1).
[Patent Document 1]
    Japanese Translation of PCT International Application No. 2003-500926Problem 1
As described above, when the flooding process is performed to the trunk, a bit of only a single port among the ports composing the trunk is made “1” as shown in table T105, only to which the flooding is performed. A port of the trunk set for the flooding port is set as follows: A port list in which port Nos. are arranged in ascending order is prepared, and the smallest No. among the ports in a state where the communication with the opposing terminal is possible (link-up state) is set to be used. Since such a setting has a complicated logic, it is general that the L2 switch mounts thereon a CPU and a memory to operate the firmware for setting the port. If the trunk accommodates a plurality of VLANs, setting for each VLAN is performed.
When a failure occurs at the flooding port and the communication is disabled, a flame to be flooded is not transferred if the failure remains unaddressed. Therefore, it is required to reset another port of the trunk for the flooding. This setting is performed by firstly making the bit, which is corresponding to the port having been set, “0”, and by making a bit corresponding to a port newly used as a representative port “1”.
Processing upon port's failure will now be described referring to flowchart shown in FIG. 9.
Firstly, the L2 switches 200 and 300 monitor a port's failure at steps S21 and S22. If a failure occurs, whether or not the port belongs to the trunk is checked at step S23. For this purpose, setting as shown in the above tables T104 and T107 is used.
If the port belongs to the trunk, whether or not the port is coincident with the flooding port is checked at step S24. For this purpose, the above table T106 is used.
If the port is coincident with the top port arranged in ascending order, it is the flooding port. Therefore, bitmap setting for flooding at an object port for every VLAN is canceled in the table T105 (step S25). This processing is repeated for every VLAN to which the trunk belongs (at steps S26 and S25). Which VLAN the trunk belongs to can be obtained by referring to e.g. the setting of the following table T110.
TABLE T110BITMAP BELONGING TOTRUNK NO.VLAN......2000 . . . 010 . . . 010 . . . 00......(502nd & 602nd ONES FROM LEFT ARE “1”)
An example of this table T110 exhibits that the trunk 20 belongs to the VLANs 501 and 601. It is to be noted that the following table T110a can be obtained in the case of the L2 switch 300.
TABLE T110aBITMAP BELONGING TOTRUNK NO.VLAN......3000 . . . 010 . . . 010 . . . 00......(502nd & 602nd ONES FROM LEFT ARE “1”)
In order to remove the port in which a failure has occurred from the trunk, the port list is updated at step S27. This updating is performed to the above table T106. The top port after the updating is obtained at step S28, and a new flooding port is set for every VLAN at step S29. This setting is performed at the table T105 in the same way as the canceling. This is performed to all of the VLANs accommodated in the trunk (at step S30).
On the other hand, when the failed port is not coincident with the flooding port at step S24, the port list is updated at step S31 in the same way as step S27 to end the process.
Since the above-mentioned setting at steps S25 and S29 is performed by firmware for every VLAN, it takes much time for setting if the trunk belongs to numerous VLANs. When there are numerous VLANs, from several hundreds to several thousands of VLANs are accommodated in some cases. Until the time comes when such a setting is changed, a frame whose destination has not been learned is discarded without being transferred to the new flooding port. Since the communication is disabled during the setting for a user's standpoint, it has been an object to minimize a setting time.
Problem 2
Another problem for switching the flooding port is as follows:
Network Arrangement (3)
Firstly, supposing that the L2 switch as shown in FIG. 7 has a plurality of slots in a chassis, and a single line unit is inserted per slot to be used, the single line unit can have a plurality of physical ports and can use a plurality of line units, while a single trunk can be arranged across a plurality of line units.
FIG. 10 shows such a network arrangement (3). In this example, L2 switches 400 and 500 respectively have three line units U1-U3.The L2 switches 400 and 500 are connected with trunks 20 and 30 of the link aggregation-transmission line LA composed of five physical links, the 1st-3rd physical links among them connect the ports #P1-#P3 of the line unit U2 in the L2 switch 400 to the ports #P1-#P3 of the line unit U1 in the L2 switch 500, and the 4th and 5th physical links connect the ports #P1 and #P2 of the line unit U3 in the L2 switch 400 to the ports #P1 and #P2 of the line unit U2 in the L2 switch 500.
When a failure is detected at the port #P1 of the line unit U2 in the L2 switch 400 in this example, upper digits as a unit No. and lower digits as a port No. within the unit are arranged in ascending order and the port in subsequent operation is selected, thereby obtaining the port #P2 of the line unit U2 as a port newly used for flooding.
If a failure has occurred in the line unit U1 itself in the opposing L2 switch 500 at this time, a failure is also subsequently detected in the port #P2 of the line unit U2 in the L2 switch 400 newly selected for the flooding port. Therefore, the switching of the flooding port is required again. Such a switching is repeated until the port #P1 of another line unit U3 in the L2 switch 400 is selected for the flooding port. Thus, since it takes much time until the flooding frame is transferred again and the communication is interrupted in the meantime, it has been an object that the setting time is reduced.