The field of the invention is that of the networking of data processing systems or computers and, more particularly, that of the switchable connection of Local Area Networks (xe2x80x9cLANsxe2x80x9d) such as those supported by the Ethernet protocol and Wide Area Networks (xe2x80x9cWANsxe2x80x9d) such as those supported by the Asynchronous Transfer Mode (xe2x80x9cATMxe2x80x9d) protocol.
One of the major problems in the field of connecting networks is that the variety of different network protocols used to communicate between different data processing systems on particular networks makes communication between such networks difficult. Another major problem is that most network protocols require considerable configuration of parameters when adding computer systems or nodes, typically accomplished by manual input of device addresses by network professionals who nonetheless make mistakes. This problem may be exacerbated when connecting across network boundaries.
Current connection of networks, including the mechanisms used to connect the Internet, is accomplished using devices known as xe2x80x9cbridgesxe2x80x9d and xe2x80x9crouters.xe2x80x9d Roughly speaking, bridges connect different networks at the xe2x80x9cdata linkxe2x80x9d layer or Layer 2 (also known as the MAC layer) of the OSI Network model, see Schwartz, Mischa, Telecommunication Networks at 75-99 (Addison-Wesley 1987), and routers connect different networks at the xe2x80x9cnetworkxe2x80x9d layer or Layer 3 of the OSI model, A packet of data is preceded by headers corresponding to layers of communication, with the first in time header corresponding to the lowest Layer 1, the physical link, and proceeding up to Layer 7, the application layer (other models have fewer layers). The xe2x80x9capplication layerxe2x80x9d here refers to functions at Layers 5-7 of the OSI model. When packets of information are received at a bridge, the bridge processor forwards the packet on a data link according to the information in the data link header (following the physical link header). When packets of information are received at a router, the packet is routed according to the information in the network header. These headers, however, do not contain information about the quality of service required by the application to which the data packet pertains; thus, each packet is forwarded according to the data link or network protocol which may or may not include a priority flag, typically for network management operations.
The types of applications requiring data transmission on current networks call for a wide range of service. Thus, in communications with a file server, requests uploaded from a client for downloading of data require relatively little bandwidth, while downloading of massive amounts of data requires great bandwidth to be accomplished in a reasonable time. Streaming of audio-visual (xe2x80x9cmultimediaxe2x80x9d) information requires guaranteed bandwidth at regular intervals to avoid perceivable interruptions or xe2x80x9cjitterxe2x80x9d. E-mail, file server requests, HTTP, word processing each have their own application protocols with associated header information that can be associated with their communication needs, including bandwidth.
Network switching schemes that consider information above the network layer, so-called xe2x80x9cLayer 4 switches,xe2x80x9d are just coming on the market and appear typically to involve software implementations that are slow and only consider a portion of the Layer 4 or transport layer header (the xe2x80x9cTCPxe2x80x9d part of TCP/IP or transport control protocol/internetwork protocol).
The present invention connects networks at the application layer, and uses more information above Layer 3 of the OSI model than other network switches in the present state of the art. The invention performs xe2x80x9cflow switchingxe2x80x9d or connection, wherein, based on the information in a received data packet at Layer 4 and above, the invention identifies a xe2x80x9cflow,xe2x80x9d that is, a sequence of network messages that occur as a result of a requested process such as reading a file, sending an e-mail message, browsing a web site, initiating a file transfer, making a database query, etc., and routes the packet accordingly, thereby establishing a xe2x80x9cvirtual connectionxe2x80x9d at Layer 4 and above. The invention is further adapted for xe2x80x9capplication flow switching,xe2x80x9d wherein the invention classifies received frames into flows based not only on the Layer 2 MAC or Layer 3 network address, but also on the information contained in higher layers, even up to xe2x80x9cApplicationxe2x80x9d Layer 7 of the OSI model. Thus, the invention can differentiate between flows that result from web browsing and flows that result from a file transfer or database query, even though both may use the same Layer 3 protocol.
In the preferred embodiment, this is accomplished using a combination of hardware and software optimized for speed or for flexibility at their respective functions. Thus, dedicated xe2x80x9csiliconxe2x80x9d or gates at the chip level are employed to extract rapidly information from the data link headers corresponding to the relatively few data link protocols such as Ethernet, Fast Ethernet, and Frame Relay, and from the network headers of the relatively few network protocols such as Internet (IPv4, IPX, IPv6), SNA, and DECNet, while application protocols in up to 128 bytes of header information are recognized by fast pattern matching software. By looking at the application header, the switch can make xe2x80x9cintelligentxe2x80x9d decisions about quality of service to be applied to a particular flow or stream of packets (such as e-mail, which is priority-based, as opposed to multimedia, which is bandwidth-guarantee-based) and can keep all connections while backing off of all applications fairly.
By using internally standard or xe2x80x9ccanonicalxe2x80x9d headers including data link and network information deduced or inferred at the port interfaces, and comparing hashed versions of the canonical headers to identify the packets to flows with common flow rules, the invention very efficiently establishes a virtual connection between the appropriate ports associated with a given flow. This feature allows the system to be xe2x80x9cframe or cellxe2x80x9d-independent and to route ATM traffic as not heretofore done.
In the preferred embodiment, thousands of transmit queues are possible (pointing to data packets in fast storage) that allow thousands of connections as well as different qualities of service to be attached to individual queues.
The xe2x80x9cintelligencexe2x80x9d of the system in tracking packets according to the flow allows xe2x80x9ccut throughxe2x80x9d flow, that is, the output from a port of portions of a data packet stream even as portions of the data packet stream are entering a port. Many other intelligent functions are possible because of the flexible and scalable architecture of the system using interface ASICs (application-specific integrated circuits) to xe2x80x9ccanonicalizexe2x80x9d Layer 2 and 3 header information, a high speed bus, a queue manager ASIC which rapidly implements queuing decisions of a fast relay engine ASIC, and a background engine ASIC that monitors the flow connections.