The present invention relates to a datapath forwarding device having hardware and software units for processing packets and, more particularly, to a datapath forwarding device having a software unit capable of generating or modifying a rules table of utilized by the device and for processing and applying advanced services to select packets. The present invention also relates to a system having a plurality of datapath forwarding devices serving a data center.
A data center includes physical servers typically housed in rack units. The physical servers within a rack unit may be managed by a top of rack (ToR) or end of row (EoR) switch that forwards communications between external network elements and the servers (FIG. 1). Each physical server can be configured to host one or more virtual machines or containers arranged in virtual networks or subnets. The virtual machines/containers are assigned context identifiers, such as an Internet Protocol (IP) address, Media Access Control (MAC) address and subnet assignment to enable communications between virtual machines/containers.
The datapath switch (also termed herein as “access layer” or “datagraph” switch) is responsible for forwarding packets from external or internal network elements (aggregate layer switches/routers/other datapath switches) to physical and/or virtual elements of a rack. In order to provide such functionality, the switch is provided with one or more dedicated hardware (HW) units specifically configured for processing packets based on rules (stored in a “rules tables—also referred to herein as “lookup tables”, “openflow tables” or “forwarding pipeline tables”).