1. Field of the Invention
The present invention relates to network management of local area networks having non-blocking network switches configured for switching data packets between subnetworks.
2. Background Art
Local area networks use a network cable or other media to link stations on the network. Each local area network architecture uses a media access control (MAC) enabling network interface devices at each network node to access the network medium.
The Ethernet protocol IEEE 802.3 has evolved to specify a half-duplex media access mechanism and a full-duplex media access mechanism for transmission of data packets. The full-duplex media access mechanism provides a two-way, point-to-point communication link between two network elements, for example between a network node and a switched hub.
Switched local area networks are encountering increasing demands for higher speed connectivity, more flexible switching performance, and the ability to accommodate more complex network architectures. For example, commonly-assigned U.S. Pat. No. 5,953,335 discloses a network switch configured for switching layer 2 type Ethernet (IEEE 802.3) data packets between different network nodes; a received data packet may include a VLAN (virtual LAN) tagged frame according to IEEE 802.1q protocol that specifies another subnetwork (via a router) or a prescribed group of stations. Since the switching occurs at the layer 2 level, a router is typically necessary to transfer the data packet between subnetworks.
Efforts to enhance the switching performance of a network switch to include layer 3 (e.g., Internet protocol) processing may suffer serious drawbacks, as current layer 2 switches preferably are configured for operating in a non-blocking mode, where data packets can be output from the switch at the same rate that the data packets are received. Newer designs are needed to ensure that higher speed switches can provide both layer 2 switching and layer 3 switching capabilities for faster speed networks such as 100 Mbps or gigabit networks.
Another problem with existing layer 2 network switches is that network administrators must locally configure each layer 2 switch. In particular, a network administrator may wish to implement management policies that provide advanced control of switching operations for multiple network switches serving respective subnetworks. Such advanced control, however, would require the network administrator to locally modify the configuration settings for each layer 2 switch, resulting in substantial inconvenience to the network administrator. Although the network administrator could implement local management programs that dynamically control the corresponding layer 2 switch, the amount of dynamic control is limited to the pre-programed local management parameters, hence the network administrator would still need to locally modify the configuration settings for new management policies that need to be implemented. Hence, the network administrator would be unable to implement dynamic management policies that may require adaptive switching operations.
There is a need for an arrangement that enables a network switch to be remotely programmed by a network administrator for implementation of management policies.
There is also a need for an arrangement that enables implementation of a centrally administered network management policy within network switches that control switching of data packets for respective local area networks according to the network management policy.
These and other needs are attained by the present invention, where a policy server sends policy messages, that describe network management policy, to network switches. The network switches are configured for implementing the network management policy by storing switching actions for prescribed data packets, and templates that specifies frame data parameters for identifying the prescribed data packets.
One aspect of the present invention provides a method including the steps of outputting from a policy server a policy message specifying a prescribed network management policy, and receiving the policy message by a network switch system configured for switching data packets in a local area network. The network switch system generates a switching action that specifies a prescribed switching operation to be performed by the network switch system for a corresponding prescribed data packet based on the received policy message. The network switch system also generates at least one template configured for identifying the prescribed data packet from data packets received from the local area network. The network switch system selectively switches the data packets received from the local area network based on the received policy message. Outputting a policy message from a policy server that specifies a prescribed network management policy enables the centralized administration of network management policy, where management policies can be dynamically control from a centralized location. Moreover, the generation of a switching action and the template by the network switch system enables the centrally administered network management policy to be implemented throughout local area networks without local management intervention.
Another aspect of the present invention provides a network switching system. The network switching system includes a policy server configured for storing prescribed network management policies for network stations. The policy server is configured for outputting a policy message specifying a selected one of the prescribed network management policies. The network switching system also includes a network switch system having switching logic and network switch ports. The switching logic includes a switching table configured for storing a switching action that specifies a prescribed switching operation to be performed for a corresponding prescribed data packet based on the received policy message. Each network switch port has a packet classification module configured for classifying each data packet received on the corresponding network switch port. A template used for identifying the prescribed data packet is stored in the packet classification module of a selected one of the network switch ports, and the switching logic executes the switching action in response to the packet classification module of the one network switch port identifying a received data packet as the prescribed data packet.
Additional advantages and novel features of the invention will be set forth in part in the description which follows and in part will become apparent to those skilled in the art upon examination of the following or may be learned by practice of the invention. The advantages of the present invention may be realized and attained by means of instrumentalities and combinations particularly pointed in the appended claims.