The present invention relates to packet network switching and interfacing, and more particularly, to methods and systems for processing data packets for virtual local area network communications.
Local area networks (LANs) use a network cable or other media to link nodes or stations on the network. With the growing number of data devices common in the modern workplace, many local area network applications entail use of interconnected packet switches. A multiport data network switch conventionally permits data communication among a plurality of nodes or stations linked to the switch by various media in a local area network. Each station in the network is associated with a port of the switch. Data frames, or packets, are transferred between stations by means of data network switch media access control (MAC) circuitry, or xe2x80x9cengines,xe2x80x9d for each switch port. The network switch passes data frames received from a transmitting station to a destination station based on the header information in the received data frame. The switch can link the network to other networks through one or more predesignated switch ports.
One feature of common packet switches for such LAN applications, such as Ethernet switches, is that the switches actually can segregate a network into a number of virtual local area networks (VLANs). In the VLAN mode of operation, the switch(es) of a packet network transport frames or packets back and forth between terminal stations designated as members of a particular VLAN. However, the switch(es) of the network do not transport the packets for the VLAN members to any other terminal stations. In this manner, the capability exists for creating logical workgroups of users and their shared resources (servers, printers, etc.), which may be physically separated from each other. Members of a workgroup may be coupled directly with one switch in the local area network, while other members or equipment of the workgroup may be coupled to one or more remote networks that are linked to the switch at a designated port. VLAN groupings can provide privacy and security to their members while enabling xe2x80x9cbroadcast domainsxe2x80x9d whereby broadcast traffic is kept xe2x80x9cinsidexe2x80x9d the VLAN.
Where the switch(es) implement two or more virtual local area networks (VLANs), the switch(es) must distinguish packets for members of one VLAN from packets for members of a different VLAN and from packets for devices not associated with any one VLAN. All VLAN frames may be tagged with data identifying the particular VLANS. Hence, data packets communicating within a VLAN may contain information that identifies the VLAN grouping, or VLAN type, and the particular VLAN ID. Such information, or xe2x80x9ctag,xe2x80x9d is provided as additional fields in the frame header. The frame format for such packets is expanded relative to the standard frame format. For example, the IEEE 802.3ac-1998 supplement to the Ethernet ANSI/IEEE 802.3 standard (1998 Edition) specifies the tagged and untagged frame formats, and the P802.1Q Draft standard specifies the semantics of tagged frames.
In some network implementations, all of the devices including the end nodes of the network may process VLAN tags. However, in many cases, the end nodes on the network do not process VLAN tags. Where all legs of the VLAN are served through one switch, the switch may distinguish the packets simply by receiving and sending packets over the links designated for the respective VLAN, without VLAN tags. However, where the VLANs extend through two or more switches, the frames or packets for each VLAN must be tagged, particularly on the links between switches. Consequently, each switch needs to add, delete and process the VLAN tags.
In conventional Ethernet switches, one NIC in the switch receives a frame from a source, the frame is loaded into a buffer in memory, and another NIC sends the frame from memory over the link to the destination. All NICs in the one switch share common buffer space in memory. To send the frame, the switch logic sends a pointer to the NIC performing the transmit operation, to identify the location of the frame in memory. The memory location is the same as that loaded by the receiving NIC, so that the frame need not be copied from a receive (Rx) buffer to a transmit (Tx) buffer.
When such switches process frames in a VLAN mode, the switch logic has to make certain decisions and perform certain functions in relation to the VLAN tag. In many cases, the switch logic needs to insert, delete or modify a VLAN tag in each affected frame. For example, a tagged packet, received at a VLAN tagged port, may require transmission to a network station coupled to an untagged port. The switch must be capable of stripping the tag information from the frame header at appropriate stages of operation. The switch must also be capable of converting a stripped or untagged frame to tagged format, if the packet is to be transmitted to a VLAN destination via a tagged port.
Conventional Ethernet switches perform the necessary VLAN tag processing in the central logic of the switch. Often, the logic must move data in the buffer memory in order to perform the requisite VLAN tag processing. To insert a tag before transmission, for example, the logic must transfer a first segment of the frame to a new larger buffer location, add the tag bytes at the appropriate position in the larger buffer and then transfer the remainder of the data to the new buffer. A similar transfer also is required to delete a tag while the frame is in memory. This VLAN tag processing burdens the switch logic. The transfers between buffer locations in memory are particularly problematic. The copying of data takes CPU time and thereby reduces performance. Also, the transfers increase the demands for memory space.
Accordingly, there is a need for a more efficient technique to process VLAN tags within a packet switch.
A more specific need is for a VLAN tag processing technique that eliminates the transfer of data between frame buffers in memory to add, delete or modify tag data.
There is also a specific need is for a VLAN tag processing technique that reduces the processing burden placed on the switch logic.
The present invention addresses these needs and overcomes the noted problems with the prior technology by removing certain VLAN tag processing functions from the central switch logic and performing those processing functions in the NICs. Descriptors of the frames in the buffer memory are modified to provide tag information as well as certain tag processing commands and/or tag status data. For example, the transmit descriptor that includes the pointer to the transmit buffer location in the switch also includes a tag control command and a tag control information field. The command instructs the transmitting NIC as to any necessary VLAN tag processing. In response to a command in the transmit descriptor, for example, the NIC may add, delete, modify or pass tag data in a particular frame. In the case of an add command, as one specific example, the NIC would insert the VLAN tag including the tag control information into the frame, as the NIC reads the frame from the transmit buffer for transmission over the media.
The inventions encompass various methods of processing frames, with regard to VLAN tags, as the frames are processed through a data switch or other host system. Other inventive concepts encompass switches, network interface cards, and controllers for such cards, implementing the inventive VLAN tag processing.
For example, one aspect of the invention relates to a method of processing a frame of data in a switch of a data communication network. The data frame has a header containing address and status information and data. The method entails receiving the frame from a network link in a network interface card in the switch. The network interface card determines tag status of the frame, with regard to a virtual local area network (VLAN) tag that may be contained in the header. The network interface card records the VLAN tag status of the frame in a descriptor, which also contains an address of an available buffer in system memory of the switch. If the frame status indicates that the frame contains a VLAN tag, a VLAN identifier from the VLAN tag in the frame is copied into a predetermined field of the descriptor. The network interface card writes the frame into the system memory of the switch at the location corresponding to the address of the available buffer. It also modifies the descriptor to indicate to the central processor of the switch that the available buffer has been loaded with a frame corresponding to the descriptor. The switch processes the frame from the buffer, based at least in part on the VLAN tag status recorded in the descriptor.
In the preferred embodiments, the frame is an Ethernet frame. The VLAN tag status recorded in the descriptor has a value indicating a type of status, such as tagged, untagged or priority. The tag status information together with any tag data actually read from the frame and placed in the descriptor facilitates decisions and further processing by the switch logic, without the need for the switch CPU to actually read the frame header itself.
For example, the tag related status and tag information in the receive descriptor simplifies the procedure for developing the transmit descriptor for the frame. The CPU develops a transmit descriptor containing the address of the loaded buffer and a VLAN tag command. The transmit descriptor includes a field for VLAN tag information. For example, if the received frame was untagged but must be converted to a tagged frame, the CPU writes an add tag command and the necessary VLAN tag information into the transmit descriptor. The switch CPU forwards the transmit descriptor to another network interface card in the switch, and that network interface card transmits the frame from the loaded buffer. As part of its transmit processing, the second network interface card processes the frame header in accord with the VLAN tag command, for example by adding the VLAN tag information into frame header from the transmit descriptor.
Another inventive aspect involves a method of processing and transmitting a frame. This method entails receiving a descriptor in a network interface card controller of a switch. The descriptor contains an address for a buffer location in system memory of the switch where the frame is stored. The descriptor also contains a VLAN tag control command and a field for VLAN tag control information. The controller reads the frame from the addressed buffer location and transmits the frame over the network link. As part of the reading and transmitting operation, the controller processes a portion of the header of the frame in accord with the tag control command.
In some instances, a NIC sending a frame may simply pass the frame without any modification thereof in regard to the VLAN tags. However, in many cases, the sending NIC may need to add, delete or modify VLAN tag information in the frames.
The preferred embodiment of the present invention utilizes specific formats for the receive descriptor and the transmit descriptor. The receive descriptor includes a control word and a receive buffer address. Either separately or within the control word, the receive descriptor includes a tag status or type indicator. The receive descriptor also includes a field for tag information that may be read from the frame. The preferred tag type indicator signifies whether a received frame is tagged or untagged or is tagged with a priority. The transmit descriptor contains a control word and a transmit buffer address. Either separately or within the control word, the transmit descriptor includes the tag control command. The transmit descriptor also includes a field for tag information, which in this case, may carry tag related data that needs to be added to the header or written over tag data in the header.
The preferred embodiments process frames containing error detection data, for example to enable recognition and correction of errors. If the NIC sending a frame alters the frame header, for example by adding deleting or modifying VLAN tag data, the NIC replaces the original error detection data with new error detection data derived from the altered frame.
Additional advantages and novel features of the invention will be set forth in part in the description which follows, and in part will become apparent to those skilled in the art upon examination of the following or may be learned by practice of the invention. The advantages of the invention may be realized and attained by means of the instrumentalities and combinations particularly pointed out in the appended claims.