It is known, particularly for network switches, to interconnect a multiplicity of network units into a switching ‘fabric’ so that in effect, and particularly in relation to the external network, the units act as a single network entity. One of the purposes of a fabric of network units is the provision of ‘resiliency’ that is to say the ability of the switching fabric to continue operation, so far as is feasible, notwithstanding a fault in or removal of one of the units of the fabric or one of the links connecting the units of the fabric. Early forms of such a fabric were in the form of a daisy chain or ring although more recently mesh forms of a fabric have been developed; and the invention is applicable in all such forms.
Where several individual data-switching units are connected to form a single distributed fabric, the bridging functionality may be distributed amongst the individual units within the fabric. Preferably the entire fabric appears to other network entities as if it were a single bridge. It is desirable to share the workload between the units as much as possible, to maximize the data forwarding performance, and to minimize the dependence on any single unit or connection within the fabric.
The functionalities required of a bridge may be divided into two broad categories; data plane, and control plane. The data plane functionalities relate directly to the forwarding of the data traffic, and the control plane functionalities relate to the overhead activities of establishing the topology of the LAN (Local Area Network) in which the bridge is deployed. More specifically, the data plane includes the VBridges, the fabric ports, the user ports, and the forwarding databases. The control plane includes the protocol entities, which may include in practice, for bridges, LACP (Link Aggregation Control Protocol), and STAP (Spanning Tree Algorithm and Protocol).
‘VBridge’ is a term used herein to mean a bridge which can forward data traffic only within one VLAN (Virtual Local Area Network). If a network is not partitioned into virtual local area networks the term VBridge is synonymous with ‘bridge’.
There must appear to be only one forwarding database for each VBridge throughout the fabric, and the entire fabric must appear to be a single entity to the protocols so that the fabric will be a single node in the LAN topology.
In order to be able to function as a bridge, a single unit must include at least one VBridge incorporating a forwarding database that has entries each relating a MAC (media access control) address to forwarding data, e.g. an identification of a port from which a frame having that MAC address as a destination address should be sent, and at least two user ports, i.e. physical ports which are not fabric ports, User ports are the unit's physical data interface to entities outside the fabric. In order to form part of a distributed fabric with bridge functionality, a single unit must include at least one ‘fabric port’. A fabric port, which may be either dedicated or configured as such, is a physical port that is used only to connect a unit to another unit within the fabric. Fabric ports and the links between them are always within the fabric so they neither receive frames from nor transmit frames to the external network and are not ‘visible’ to entities outside the fabric.
In practice, a product specified to be able to form part of a fabric with bridging functionality would typically include multiple VBridges (as many VBridges as there is VLAN connectivity specified for the unit), multiple forwarding databases (one per VBridge), multiple user ports, and one or more fabric ports.
Multiple single bridge units may be connected through their fabric ports to form a distributed fabric, the maximum number of units in the fabric and the topology of the fabric being dependent on the product itself.
The bridging of data traffic through a distributed fabric must appear to be identical to the bridging of data traffic through a single unit. Traffic must be forwarded from an ingress user port to an egress user port identically regardless of whether the user ports are on the same unit or are on different units within the fabric. Traffic should also be filtered identically regardless of which unit has the user ports. If a single unit bridge is able to control the forwarding of a particular frame directly to the egress user port with no flooding of the frame to other user ports, then a distributed fabric's bridge should likewise not flood the traffic to other user ports.