1. Field
Embodiments of the invention relate to the field of network processing; and more specifically, to hierarchical rate limiting of control packets received on a line card of a network element.
2. Background
Network elements typically include multiple line cards that perform packet forwarding/switching at high speed under the direction of one or more control cards. The control cards perform signaling, routing (including creation of and/or management of routing tables), connection setup, session setup, etc. The line cards receive data packets (which are typically forwarded/switched at a high speed) and control packets which need to be processed by the control card. Control packets typically are related to signaling, routing updates, connection setup, session setup, etc.
For example, in the case of PPPoE (Point to Point Protocol over Ethernet), the line cards can receive from computing end devices PPPoE Active Discovery Request (PADR) control packets and PPPoE Active Discovery Initiate (PADI) control packets. These PADR and PADI packets must be sent to the control card for further processing. Other examples of control packets include DHCP (Dynamic Host Configuration Protocol) packets, CLIPS (Clientless IP Service) packets, Neighbor Discovery for IPv6, ARP (Address Resolution Protocol) packets.
Commonly, line cards employ a coarse control packet rate limiting mechanism on each of the line cards to prevent a large amount of packets from being sent from the line cards to the control card. These rate limits are typically applied per physical entity (e.g., per card, per port, etc.) or per protocol and apply to multiple subscribers or computer end stations. Typically, the rate limits indicate the quantity of control packets that may be sent to the line card. If over the rate limit, the control packets are typically dropped in the line cards.
Thus, since the rate limits are typically applied per physical entity or protocol, a single computer end station transmitting an exorbitant amount of control packets causing the rate limit to be exceeded can cause existing subscriber's control packets to be dropped or lead to new subscriber sessions to fail since those control packets will be dropped.