A virtual local area network (VLAN) is a switched network that is logically segmented on an organizational basis, by function, project teams, or applications, rather than on a physical or geographical basis. For example, all entities used by a particular workgroup team can be connected to the same VLAN, regardless of their physical connections to the network or the fact that they might be intermingled with other teams. Reconfiguration of the network can be performed through software rather than by physically unplugging and moving devices or wires. Floy E. Ross discloses an arrangement that is capable of associating any port of a switch with any particular segregated network group in U.S. Pat. No. 5,394,402, issued on Feb. 28, 1995. According to this patent, any number of physical ports may be associated with any number of groups within the switch by using a VLAN arrangement that virtually associates the port with a particular VLAN designation. Besides, VLAN switching is accomplished through frame tagging where traffic originating and contained within a particular virtual topology carries a unique VLAN identifier (VID) as it traverses a common backbone or trunk link. The VID allows VLAN switches and routers to selectively forward messages to ports with the same VID in aspect of port-based, address-based, or protocol-based VLAN mechanism. The VID is the identification of the VLAN, which is basically used by the standard 802.1Q (or 802.1v for protocol-based) and, being on 12 bits, it allows the identification of 4096 VLANs.
To improve the flexibility of a network, it is desirable to support the transmission of messages to a predefined group of entities, including entities of diverse VLAN designations. Such a message is known as a group multicast message. For example, a group of entities may wish to receive certain types of messages originating from a source entity. These entities typically register with one or more network devices (e.g., routers or multi-layer switches) which control the transmission of messages across VLAN boundaries. Registration may be accomplished via the Internet Group Management Protocol (IGMP) that defines operations that may be used by entities to join a group. The network device may employ a security mechanism to prevent entities having a particular VLAN designation from subscribing to multicast messages to which they are not entitled.
Upon receiving a multicast message, a conventional network device examines a multicast address of the multicast message and a VLAN group list associated with the multicast address. The VLAN group list includes a list of entries. Each entry has its respective VID and a multicast destination subset associated with the VID. The multicast destination subset is usually in the form of a bitmap called port-on-exit (POE). Every active bit in POE stands for a destination port. If the multicast message is destined to several VLANs and ports, the conventional network device will look up every VID and destination port associated with the VID in the VLAN group list by scanning the list of entries one by one. Once the destination ports are determined, the conventional network device forwards the multicast message to the destination ports associated with the VID. The conventional network device performs the above lookup-and-forward procedure until all VLANs associated with the multicast address are examined. The design philosophy is “lookup-based” from the perspective of individual VLANs. However, such implementation has the following drawbacks:    (1) The lookup-based per VLAN is a centralized and serialized processing, it does not fully utilize resources even though output queues on ports of the network device are available.    (2) There is a latency time between the VID lookup step and the forwarding step. The more VLANs associated with the multicast address, the more latency time is accumulated. It prevents the multicast messages from wire-speed transfer.
Accordingly, there is a need to provide a mechanism that efficiently distributes multicast messages among ports of a network device without degrading the performance of the network device.