1. Field of the Invention
The present invention relates generally to computer networks, and more specifically, to a method and apparatus for disseminating virtual local area network membership information across computer networks.
2. Background Information
Many organizations, including businesses, governments and educational institutions, utilize computer networks so that employees and others may share and exchange information and/or resources. A computer network typically comprises a plurality of entities interconnected by means of one or more communications media. An entity may consist of any device, such as a computer, that “sources” (i.e., transmits) or “sinks” (i.e., receives) data frames over the communications media. A common type of computer network is a local area network (“LAN”) which typically refers to a privately owned network work within a single building or campus. LANs typically employ a data communication protocol (LAN standard), such as Ethernet, FDDI or token ring, that defines the functions performed by data link and physical layers of a communications architecture (i.e., a protocol stack).
One or more intermediate network devices are often used to couple LANs together and allow the corresponding entities to exchange information. For example, a bridge may be used to provide a “switching” function between two or more LANs or end stations. Typically, the bridge is a computer and includes a plurality of ports that are coupled via LANs either to other bridges, or to end stations such as routers or host computers. Ports used to couple bridges to each other are generally referred to as a trunk ports, whereas ports used to couple bridges to end stations are generally referred to as access ports. The bridging function includes receiving data from a sending entity at a source port and transferring that data to at least one destination port for forwarding to one or more receiving entities.
Metropolitan Area Networks (MANs)
Multiple LANs and/or end stations may be interconnected by point-to-point links, microwave transceivers, satellite hook-ups, etc. to form a metropolitan area network (MAN) that typically spans several city blocks, an entire city and/or an entire metropolitan area, such as the San Francisco Bay Area. The MAN typically interconnects multiple LANs and/or end stations located at individual campuses and/or buildings that are physically remote from each other, but that are still within the metropolitan area. Conventional MANs typically rely on network equipment employing Asynchronous Transfer Mode (ATM) running over the existing Public Switched Telephone Network's (PSTN's) Synchronous Optical Network (SONET). As most LANs utilize the Ethernet standard, network messages or packets created at one LAN must be converted from Ethernet format into ATM cells for transmission over the SONET links. The ATM cells must then be converted back into Ethernet format for delivery to the destination LAN or end station.
Virtual Local Area Networks
A computer network may also be segmented into a series of logical networks. For example, U.S. Pat. No. 5,394,402, issued Feb. 28, 1995 to Ross (the “'402 patent”), discloses an arrangement for associating any port of a switch with any particular network segment. Specifically, according to the '402 patent, any number of physical ports of a particular switch may be associated with any number of groups within the switch by using a virtual local area network (VLAN) arrangement that virtually associates the port with a particular VLAN designation. More specifically, the switch or hub associates VLAN designations with its ports and further associates those VLAN designations with messages transmitted from any of the ports to which the VLAN designation has been assigned.
The VLAN designation for each port is stored in a memory portion of the switch such that every time a message is received on a given access port the VLAN designation for that port is associated with the message. Association is accomplished by a flow processing element which looks up the VLAN designation in the memory portion based on the particular access port at which the message was received. In many cases, it may be desirable to interconnect a plurality of these switches in order to extend the VLAN associations of ports in the network. Those entities having the same VLAN designation function as if they are all part of the same LAN. VLAN-configured bridges are specifically configured to prevent message exchanges between parts of the network having different VLAN designations in order to preserve the boundaries of each VLAN. Nonetheless, intermediate network devices operating above Layer 2 (L2), such as routers, can relay messages between different VLAN segments.
In addition to the '402 patent, the Institute of Electrical and Electronics Engineers (IEEE) promulgated the IEEE Std. 802.1Q-1998 specification standard for Virtual Bridged Local Area Networks. To preserve VLAN associations of messages transported across trunks in VLAN-aware networks, both Ross and the IEEE Std. 802.1Q-1998 specification standard disclose appending a VLAN identifier (VID) field to the corresponding frames. In addition, U.S. Pat. No. 5,742,604 to Edsall et al. (the “'604 patent”), which is commonly owned with the present application, discloses an Interswitch Link (ISL) encapsulation mechanism for efficiently transporting packets or frames, including VLAN-modified frames, between switches while maintaining the VLAN association of the frames. In particular, an ISL link, which may utilize the Fast Ethernet standard, connects ISL interface circuitry disposed at each switch. The transmitting ISL circuitry encapsulates the frame being transported within an ISL header and ISL error detection information, while the ISL receiving circuitry strips off this information and recovers the original frame.
Typically, the ports of a switch are designated as either access ports or trunk ports. An access port corresponds to a switch port that connects to a single end station or to a LAN to which no other switch is attached. A trunk port, on the other hand, connects two switches, e.g., through a dedicated link, such as a point-to-point link or through a shared medium. By default, a switch transmits all broadcast, multicast and flooded unicast frames on all of its trunk ports. However, such transmissions can waste bandwidth if there are no access ports associated with the VID of the broadcast, multicast or flooded unicast frame through a given trunk port. To prevent such unnecessary transmissions, the IEEE developed a protocol for registering membership in VLANs.
GARP VLAN Registration Protocol
Specifically, the IEEE developed the Generic Attribute Registration Protocol (GARP). See IEEE Std. 802.1D, 1998 edition. As its name implies, GARP provides a framework that allows participants to make and withdraw declarations for generic attributes. In response to a GARP declaration, other network participants register the parameter value(s) of the specified attribute at the port on which the declaration was received. GARP participants also propagate declarations so that other participants in the network can make appropriate registrations. Participants can also withdraw their previous declarations. In response to a withdrawal, the other participants de-register the particular parameter value(s).
A GARP participant consists of a GARP application component and a GARP Information Declaration (GID) component. The GID component consists of a set of state machines that define the current registration and declaration state for all attribute values. A GARP participant is typically established for each port per GARP application. Thus, for intermediate devices, which often have multiple ports, multiple GARP participants are established. To make or withdraw declarations, GARP participants generate and send special messages called GARP Protocol Data Unit (GARP PDU) messages. FIG. 1 is a block diagram of a conventional GARP PDU message 100. The GARP PDU message 100 typically includes a Media Access Control (MAC) header 102 that includes destination and source address fields, among other information, a protocol identifier (ID) field 104, a plurality of message fields, such as message fields 106, 108 and 110, and an end mark field 112. Each message field, moreover, includes an attribute type field 114 and an attribute list field 116. The attribute list field 116, in turn, includes one or more attribute fields, such as attribute fields 118, 120 and 122, and an end mark field 124. Each attribute field, such as field 118, includes a 1-byte attribute length field 126, a 1-byte attribute event field 128 and a variable length attribute value field 130.
In order to exchange information among the GARP participants disposed within a given intermediate device, a separate component, called the GARP Information Propagation (GIP) component, is used. The GIP component operates over a GIP context that is established at the intermediate device and defines the ports that are to be included in the given context. That is, although registration can occur at any port, the propagation of that registration only follows the associated GIP context. For example, a GIP context may consist of the ports that belong to the active topology (i.e., all ports in the forwarding spanning tree state). Because blocked ports are not part of the GIP context, a declaration received on a blocked port is not propagated to any other ports, although it is still registered at the blocked port. In contrast, a declaration received at a port that is in the forwarding spanning tree state is both registered at that port and propagated throughout the GIP context (i.e., to all of the other ports that are in the forwarding state).
In order to limit the transmission of broadcasts, multicasts and unicast floods associated with a given VID, the IEEE specified an application based on GARP to disseminate VLAN membership information across computer networks. This application, which has been standardized by the IEEE, is known as the GARP VLAN Registration Protocol (GVRP). See IEEE Std. 802.1Q-1998 specification standard. According to GVRP, a bridge starts with the list of VLANs assigned to its access ports. All broadcasts, multi-casts and flooded unicasts associated with these listed VLANs need to be received at the bridge. GVRP provides a mechanism for bridges to transmit their lists to the other bridges in order to register these VLANs at the other bridges' trunk ports. Specifically, the bridge generates a GARP PDU message 100 that has an attribute structure, i.e., fields 126, 128 and 130 for each VLAN in the bridge's list of VLANs. The bridge transmits the GARP PDU message 100 from each of its trunk ports. The GARP-PDU messages 100 are received on the trunk ports of neighboring bridges. Assuming the GARP PDU message 100 is received on a port in the forwarding spanning tree port state, the receiving bridge registers the list of the VLANs contained in the GARP PDU at all of its other ports that are also in the forwarding state, and not just on the port at which the GARP PDU message 100 was received. The neighboring bridge then generates and transmits GARP PDU messages 100 of its own that list both the VLANs associated with the neighboring bridge's access ports, and the VLANs that were registered as a result of having received a GARP PDU message from the original bridge. If a GARP PDU message is received at a port that is in the blocking spanning tree port state, the VLANs contained in the GARP PDU message are registered at that blocked port, but they are not registered at any other bridge port nor are they used in GARP PDU messages sent by the bridge.
As shown in FIG. 1, four bytes are needed to express the state of each VLAN being mentioned in a given GVRP PDU message 100. Because most enterprise networks typically employ only on the order of one to two hundred VLANs or less, this 4-byte per VLAN requirement does not impose significant burdens on the network. In fact, many enterprise networks. Instead, they limit the spread of multicast MAC addresses, and accept the waste of bandwidth when VLAN associated broadcast, multicast or flooded unicast frames are sent into areas of the network in which no entities associated with the corresponding VLAN are located.
Recently, however, network designers have proposed creating L2 MANs that are capable of interconnecting hundreds of different customer networks. Such a MAN might employ a thousand VLANs or more in order to distinguish the traffic of different customers. With this many VLANs in the computer network, the 4-byte attribute structure of GVRP starts to create significant problems. First, it is not possible to insert an attribute structure for all VLANs within a single GVRP PDU message, which, for Ethernet links, is limited to 1500 bytes. Instead, each such GVRP PDU message can only carry attribute information for 373 VLANs. In this case, a bridge may need to transmit eleven or more GVRP PDU messages in order to convey registration information for all VLANs. The need to transmit such large numbers of GVRP PDU messages each time the network's topology changes causes a significant amount of the network's available bandwidth to be consumed by control packets. In addition, each of these GVRP PDU message must be parsed and then processed by the receiving bridge, thereby imposing burdens on the bridge's processor.
Accordingly, a need exists for a mechanism that can efficiently convey large amounts of VLAN membership information across computer networks.