1. Field of the Invention
The present invention relates to devices, software applications and networks that utilize data that is sent or received over data communications or computer networks.
2. Description of the Related Art
As computer performance has increased in recent years, the demands on computer networks have significantly increased; faster processors and higher memory capabilities need networks with high bandwidth capabilities to enable high speed transfer of significant amounts of data.
Based upon the Open System Interconnect (OSI) 7-layer reference model, network capabilities have grown through the development of repeaters, bridges, routers and switches, which operate with various types of communication media. Collectively, all of these may be referred to as network devices. Switches, as they relate to computer networking and to Ethernet, are hardware-based devices which control the flow of datagrams, data packets or cells based upon destination address information which is available in each packet. A properly designed and implemented switch should be capable of receiving a packet and switching the packet to an appropriate output port at the maximum speed capability of the particular network.
Referring to the OSI 7-layer reference model discussed previously, the higher layers typically have more information. Various types of products are available for performing switching-related functions at various levels of the OSI model. Hubs or repeaters operate at layer 1, and essentially copy and “broadcast” incoming data to a plurality of spokes of the hub. Layer 2 switching-related devices are typically referred to as multiport bridges, and are capable of bridging two separate networks. Bridges can create a table of forwarding rules based upon which media access controller (MAC) address exist on which ports of the bridge, and pass packets that are destined for an address which is located on an opposite side of the bridge. Bridges sometimes utilize what is known as the “spanning tree” algorithm to eliminate potential data loops; a data loop is a situation wherein a packet endlessly loops in a network looking for a particular address. The spanning tree algorithm defines a protocol for preventing data loops. Layer 3 switches, sometimes referred to as routers, can forward packets based upon the destination network address. Layer 3 switches are capable of learning addresses and maintaining tables thereof which correspond to port mappings. Processing speed for layer 3 switches can be improved by utilizing specialized high performance hardware, and off loading the host CPU so that instruction decisions do not delay packet forwarding.
In addition, there has also been pressure from the implementers of the computer networks to have network devices to mediate traffic on the computer networks that are flexible and are able to provide the needed capacity through the combination of multiple network devices. For example, a network device having eight ports may be linked with one or more similar network devices to provide the capacity of the multiple ports of the linked devices. While the combination of multiple network devices may be ideal in meeting capacity requirements, but the combination of the network devices, the combination of the network devices also results in other issues. One such issue is that each network device has its own means for determining the destination port for a received datagram and those means must be synchronized to provide efficient operation. While the prior art network devices and methods provide many of these attributes, there is a need for network devices that may be used together to provide the capacity needed by the implementers and provide efficiency in handling of datagrams.
When establishing secure sessions between entities involved in sending messages according to a protocol, additional messaging is needed to setup the security context that is used to secure the messaging. This is an additional overhead particularly when dealing with wireless networks and using over the air communication for setting up security contexts that are needed for providing secure communication. For example, a normal TLS session between two nodes would require a prior handshake protocol (4 messages) that sets up the context that will be used to secure messages between the two nodes using the TLS session. When several sets of such sub-sessions take place within the context of a protocol message exchange it represents significant overhead. Thus, there is a need for a modified process and apparatus by which this overhead can be reduced in many scenarios, while still providing the same level of security.