1. Field of the Invention
The present invention relates to devices, software applications and networks that utilize data that is sent or received over data communication or computer networks. In particular, the present invention is directed to methods and apparatuses for handling datagrams received by a network device. The processor and methods described provide the ability to examine fields of datagrams that allow for greater flexibility of handling.
2. Description of Related Art
As computer performance has increased in recent years, the demands on computer networks has significantly increased; faster computer processors and higher memory capabilities need networks with high bandwidth capabilities to enable high speed transfer of significant amounts of data. The well-known Ethernet technology, which is based upon numerous IEEE Ethernet standards, is one example of computer networking technology which has been able to be modified and improved to remain a viable computing technology.
Based upon the Open Systems Interconnect (OSI) 7-layer reference model, network capabilities have grown through the development of repeaters, bridges, routers, and, switches, which operate with various types of communication media. Collectively, with respect to the present invention, all of these may be referred to as network devices. Switches, as they relate to computer networking and to Ethernet, are hardware-based devices which control the flow of datagrams, data packets or cells based upon destination address information which is available in each packet. A properly designed and implemented switch should be capable of receiving a packet and switching the packet to an appropriate output port at the maximum speed capability of the particular network.
Referring to the OSI 7-layer reference model discussed previously, the higher layers typically have more information. Various types of products are available for performing switching-related functions at various levels of the OSI model. Hubs or repeaters operate at layer 1, and essentially copy and “broadcast” incoming data to a plurality of spokes of the hub. Layer 2 switching-related devices are typically referred to as multiport bridges, and are capable of bridging two separate networks. Bridges can create a table of forwarding rules based upon which MAC (media access controller) addresses exist on which ports of the bridge, and pass packets that are destined for an address which is located on an opposite side of the bridge. Bridges typically utilize what is known as the “spanning tree” algorithm to eliminate potential data loops; a data loop is a situation wherein a packet endlessly loops in a network looking for a particular address. The spanning tree algorithm defines a protocol for preventing data loops. Layer 3 switches, sometimes referred to as routers, can forward packets based upon the destination network address. Layer 3 switches are capable of learning addresses and maintaining tables thereof which correspond to port mappings. Processing speed for layer 3 switches can be improved by utilizing specialized high performance hardware, and off loading the host CPU so that instruction decisions do not delay packet forwarding.
In some network devices, there is the ability to have enhanced evaluation of packet data that arrives at the network device. One such type of enhanced evaluation may be through a fast filtering processor (FFP) or equivalent technology. In general, the technology applies masks to section of a packet and then compares the result with a predefined pattern. If the resulting pattern is a match or sometimes close to a match, then are particular handling decision is made for the packet. For example, the FFP may be used to apply a mask all of the bits of a section of a packet header save those that provide the destination address. The destination address can then be compared to a predetermined value and actions taken based on whether a match is obtained, such as, for example, dropping all packets destined for a certain address or sending the packet to a central processing unit for a certain address. Thus, this kind of enhanced handling can allow for greater capabilities of the network device to handle packet data.
However, many of these enhanced handling modules, such as a FFP, can be difficult to scale to higher bandwidths, and does not classify/filter across ports. Neither Masks nor Meters, that can be a part of the filtering, can usually be shared across ports. Additionally, there are aspects of the current FFP that are not flexible enough and other aspects that are for the most part overly general. These issues primarily have to do with the selection of bits with which to filter. Some applications might require filtering on bits and/or fields that are even further in the packet than the a set limit that most system have. In many filtering systems, this limit may be 80 Bytes. In opposite, many applications—such as the Access Control List (ACL) application—in general only need to filter on a few (for example, 5) specific fields from within the packet and do not require such an extensive bit selection mechanism. Finally, the searching mechanism of the FFP and similar filtering systems does not scale, and will not hold up under the increased bandwidth requirements of future devices with multiple 10 GE ports.
As such, there is a need in the prior art to have a filtering system that has a scalable design with support for at least 2 k Flows, that is a flexible but easy to use classification engine that would allow user for classification based on L2, L3, L4 or other User Defined Fields in the Packet, that would provide flow based metering to restrict either Individual flows or Subnets and provides a single unified design for the device.