The communications industry is rapidly changing to adjust to emerging technologies and ever increasing customer demand. This customer demand for new applications and increased performance of existing applications is driving communications network and system providers to employ networks and systems having greater speed and capacity (e.g., greater bandwidth). In trying to achieve these goals, a common approach taken by many communications providers is to use packet switching technology. Increasingly, public and private communications networks are being built and expanded using various packet technologies, such as Internet Protocol (IP).
A network device, such as a switch or router, typically receives, processes, and forwards or discards a packet based on one or more criteria, including the type of protocol used by the packet, addresses of the packet (e.g., source, destination, group), and type or quality of service requested. Additionally, one or more security operations are typically performed on each packet. But before these operations can be performed, a packet classification operation must typically be performed on the packet.
Packet classification as required for, inter alia, access control lists (ACLs) and forwarding decisions, is a demanding part of switch and router design. The packet classification of a received packet is increasingly becoming more difficult due to ever increasing packet rates and number of packet classifications. For example, ACLs require matching packets on a subset of fields of the packet flow label, with the semantics of a sequential search through the ACL rules. IP forwarding requires a longest prefix match. Various applications that use packet classification, such as Security Access Control, Quality of Service etc., typically need to perform many matches on source and destination port numbers, protocol and other header fields, etc. Additionally, supporting IPv6 and various tunneling techniques has increased the complexity of packet forwarding. For example, an IPv6 requires 128 bit forwarding and tunneling requires additional bits.
Known approaches of packet classification include using custom application-specific integrated circuits (ASICs), custom circuitry, software or firmware controlled processors, binary and ternary content-addressable memories (CAMs). The use of programmable software or firmware have advantages as they provide some level of flexibility, which becomes especially important as new protocols and services are added to existing network. Customer typically desire to use their existing hardware (e.g., routers, switches etc.) to support these new protocols and services. However, known software and firmware implementations are relatively slow, and typically place a performance bound which may be incompatible with new requirements.
CAMs are increasingly being used in packet classification especially because of their performance. A typical implementation performs a lookup operation on a CAM with the CAM result being used as input to a memory, which produces the actual result used in processing a packet. However, these content-addressable memories are typically expensive in terms of power consumption and space, and are limited in the size of an input word (e.g., 72, 144, etc.) on which a lookup operation is performed.
In certain applications, it is often necessary to perform a classification operation (and thus a corresponding lookup operation) on a lookup word including multiple fields. For example, the lookup word might include a MPLS tag and IP address. For a particular packet and corresponding lookup operation, the value of one of the fields might be empty or irrelevant to a particular lookup operation. The associative memory could be programmed with entries containing the relevant field and all possible values of the empty or irrelevant information, however this consumes entries and sometimes a lot of entries (and which may not be available). Moreover, it might not be known whether one of these fields is empty or irrelevant until after a lookup operation is performed based on values of both fields.
Desired are new methods and apparatus for performing lookup operations, especially those which might decrease the size of an associative memory required or increase the packet processing capabilities supported by an associative memory.