Typical network administrators desire the ability to control the processing of information based on its properties, for example, to give higher or lower priority to packets of data that have certain properties. A user may have exceeded an allotted usage, and thus the administrator may want packets originating from him to be given a lower priority when traveling through the network. Likewise, it may be of high importance that data from a certain source reach a certain destination, and the administrator will want this reflected in the priority given to these data.
Components between two points on a network process packets of data based on the properties of those data packets. These properties may be, but are not limited to, fields in the headers of the data packets. Such properties may include, but are not limited to, the source address of the data packet, the destination address, the protocol used by the data packet (such as TCP or UDP), and/or ports. For example, a router 10, as shown in FIG. 1, can perform the function of routing data from one piece of a network, or subnet 12, to a second subnet 14. By comparing the destination address of a data packet to a routing table, the router 10 determines where to send the data.
As shown in FIG. 2, filters 16 can be employed to aid in the processing of the data packets. By using masking techniques, or blocking out certain portions of data packet properties (such as a certain portion of the destination address), it is possible to determine the source or destination subnet of the packet. Thus the data packet can be classified and action can be taken based on which subnet it originated from or was destined for. Likewise, a packet could be classified by comparing it to a single port or to the set of all ports.
Specialized hardware solutions can be used to classify data packets based on property ranges that do not fit into these clearly delineated categories. For example, data packet classification based on an address range that spans more than one subnet can be implemented with hardware that can logically “and” a set of 32-bit integers and indicate the first bit position that is set in all of the 32-bit integers.