Existing networking and interconnect technologies have failed to keep pace with the development of computer systems, resulting in increased burdens being imposed upon data servers, application processing and enterprise computing. This problem has been exasperated by the popular success of the Internet. A number of computing technologies implemented to meet computing demands (e.g., clustering, fail-safe and 24×7 availability) require increased capacity to move data between processing nodes (e.g., servers), as well as within a processing node between, for example, a Central Processing Unit (CPU) and Input/Output (I/O) devices.
With a view to meeting the above described challenges, a new interconnect technology, called the InfiniBand™, has been proposed for interconnecting processing nodes and I/O nodes to form a System Area Network (SAN). This architecture has been designed to be independent of a host Operating System (OS) and processor platform. The InfiniBand™ Architecture (IBA) is centered around a point-to-point, switched internet protocol (IP) fabric whereby end node devices (e.g., inexpensive I/O devices such as a single chip Small Computer System Interface (SCSI) or Ethernet adapter, or a complex computer system) may be interconnected utilizing a cascade of switch devices. The InfiniBand™ Architecture is defined in the InfiniBand™ Architecture Specification Volume 1, Release 1.0, released Oct. 24, 2000 by the InfiniBand Trade Association. The IBA supports a range of applications ranging from back plane interconnect of a single host, to complex system area networks, as illustrated in FIG. 1 (prior art). In a single host environment, each IBA switched fabric may serve as a private I/O interconnect for the host providing connectivity between a CPU and a number of I/O modules. When deployed to support a complex system area network, multiple IBA switch fabrics may be utilized to interconnect numerous hosts and various I/O units.
Within a switch fabric supporting a System Area Network as indicated in 10, such as that shown in FIG. 1, there may be a number of devices having multiple input and output ports through which data (e.g., packets) is directed from a source device to a destination device. Such devices include, for example, switches 130, routers, repeaters and adapters 110 and 120 (exemplary interconnect devices). In addition to multiple communication ports directing external data packets, an interconnect device such as a switch typically includes a management port. Each sub-network (subnet) is managed by at least one Subnet Manager. A Subnet Manager resides either on an endnode or on an interconnect device and can be implemented either in hardware or software. The Subnet Manager performs its managing functions by communicating with the management port using InfiniBand™ Subnet Management Packets.
Subnet Management Packets (SMPs) are used to initialize and configure switches and other interconnect devices, and are therefore considered to participate in privileged operations. As a result, a mechanism is provided to authorize subnet management operations by comparing authentication data included in a SMP with authentication data stored in a destination port. The authentication data includes a Management Key (e.g., the InfiniBand™ Management Key). The Management Key is associated with several attributes that may affect the authorization of subnet management operations. For example, these attributes may include a protection attribute that identifies levels of protection required for specific subnet management operations and an expiration attribute that allows the management key to “expire” if the management key is lost. The expiration of the management key attribute is not permitted if the expiration attribute is set to zero. Accordingly, a problem may arise when the management key is lost or becomes contaminated while the expiration attribute is equal to zero.