Packets received at network devices—such as routers or switches—include packets that can be characterized as protocol packets and packets that can be characterized as packets that help the network device learn new destinations (referred to herein as “learn packets”).
To assist in making routing decisions, a network device builds routing tables that store information that identifies routes to other devices and networks (generally speaking). Routing protocols are used to determine the contents of the routing tables. When a learn packet is received, the network device determines whether there is an entry in a routing table that identifies a path to the destination of the learn packet. If not, software is executed that determines a path to that destination, and programs the routing table and appropriate hardware with that path. This is a processor-intensive process.
A protocol packet, on the other hand, is for carrying information that helps a routing protocol function properly. A dynamic routing protocol may use protocol packets to send and receive information for maintaining and updating the routing tables, for example. Relative to learn packets, protocol packets are generally considered to be of greater importance.
Both protocol and learn packets are processed using software that is executed on the network device. The packets are forwarded by the receiving hardware to memory locations that can be addressed by the software. The packets are placed in a fixed-length queue that the software reads sequentially. As packets are read from the queue, new packets can be added to the queue. If the number of packets arriving at the network device exceeds the capacity of the processing resources of the device, then the queue may fill up. Arriving packets that cannot be added to the queue because of lack of space in the queue are dropped.
In some situations, particularly in situations resulting from a virus or a denial-of-service attack, the number of learn packets may increase dramatically. This can result in the queue filling and staying filled, so that subsequent packets—whether protocol packets or learn packets—are dropped before they are processed. The larger share of learn packets can also overwhelm the processing resources of the network device, causing the device to operate slower and perhaps even causing the device to crash.
It is desirable that the availability and capacity of network devices be as high as practical, even under high stress conditions. Accordingly, a method that can improve the performance of a network device or at least increase the likelihood that the device will remain functional, in particular under high stress conditions, would be of value. A method that can accomplish this without substantially increasing the processing load on the network device would also be of value. Embodiments of the present invention provide a novel solution that provides these and other advantages.