In recent years, local area networks (LANs) have become a common place in offices and other environments. Now, virtual LANs are beginning to emerge as well. In a basic sense, a switched virtual LAN is a broadcast domain that unites any arbitrary group of LAN segments at wire speed. As is the case with a single physical wire, broadcasts travel to all end-stations in a virtual LAN. A single virtual LAN can connect dozens, or in some cases hundreds, of LAN users. The ability to include multiple physical LAN segments gives virtual LANs a distinct advantage of multiple port routers. In a effort to gain bandwidth for LAN users, network managers often deploy conventional multiple port routers to segment LANs, but each physical segment created by a multiple port router must be treated as a separate logical sub-net. Traffic passing between sub-nets is subjected to additional delay because of processing by the routers.
Virtual LANs minimize this delay problem because they bridge, rather than route, traffic destined for different segments within the same network. Multiple segments per sub-net generally means fewer routing bottlenecks. It also means that end-stations can be assigned to different virtual LANs without having to reconfigure the physical network.
When virtual LANs are used to sub-divide switched traffic into contained areas, Ethernet switching becomes a powerful inter-networking method that greatly reduces the role of the router. Each defined virtual LAN can include several physical segments per local sub-net. With virtual LANs, a network administrator can define user groups regardless of the physical LAN segment to which they are connected. Users assigned to the same virtual LAN communicate at wire speed with low latency and, generally, no routing bottlenecks, regardless of their physical location in the network. Virtual LANs can be extended across multiple switches, with the switches being linked by high speed backbones, such as FDDI, 100 MBPS fast Ethernet, or ATM. Some switches may handle virtual LANs at the data link level (i.e., layer two of the OSI model), leaving layer three (network layer) functions to routers. Other switches may handle virtual LANs at layer three, meaning that they perform basic routing chores themselves.
Ethernet virtual LANs that function at layer two are often defined by software that allows network administrators to group a number switched ports together into a high bandwidth, low latency switched work group. Under the layer two approach, each virtual LAN is assigned a unique number that identifies it for network management purposes. These layer two virtual LANs are based on bridge architecture's that transmit data using media access control (MAC) source and destination addresses. Traffic within virtual LANs is switched according to these addresses and traffic between virtual LANs is handled by a router that imposes filtering, security and traffic management. The router can be either a stand alone unit or a separate card integrated into an Ethernet switch. Either way, the routing is handle by software which is separate from the virtual LAN switching logic.
Once layer two port group virtual LANs are defined, each switch of the network reads incoming frames and learns the MAC addresses associated with each virtual LAN. If an end station sends broadcast or multicast frames, those frames are then forwarded to all ports in that end station's virtual LAN. The ports can be spread across any number of switches connected to the high speed backbone. All LAN segments in a port group are bridged together whether they are separated by the backbone or reside in the same switch.
Supporting layer two virtual LAN port groups on a single switch is a straight forward process. Ethernet switches cache MAC addresses and information about which port each MAC address is connected to. With virtual LAN switches, a virtual LAN number is added to a MAC address and stored in the switch's forwarding table. Armed with this information, switches can direct broadcast to the appropriate ports.
In order to provide rapid access to the forwarding tables, some Ethernet switches use a storage system based on hashing. Hashing is a storage system based on the antithesis of sorting. Instead of keeping the data in an orderly pattern, hashing staggers records throughout a storage space in a pseudorandom function. This pseudorandom function uses the value of a record's key as a search key and outputs an address within the storage space that the data can be placed in. The storage space address is often referred to as a storage bucket.
The function used to generate array indices from search keys is called a hash function and the resulting array is generally referred to as a hash table. Unfortunately, generating appropriate array indices from keys often proves to be difficult. The reason is that if the keys for two different data records hash to the same index value, then collisions will occur. Collisions pose a problem because, over the course of time, the switch will be required to locate stored data records and, if two records have been hashed to the same location in a hash table, one may overwrite the other, resulting in a loss of information. Several techniques for resolving collision problems have been used in the past.
For example, a bounded bucket size approach, where bucket size is limited to a value less than the total number of items being stored in the table, has been used. The benefit of this approach is a guarantee on the maximum search time required to search the table. The consequent problem with such a scheme, however, is the inability of the designer to guarantee storage of all items in the table.
Unbounded bucket size approaches where all items could be stored in one bucket if the selected hash function produced such a result, have also been employed. While such schemes ensure that all items can be stored, search times cannot be guaranteed because the bucket size will vary.
Accordingly, it would be desirable to have an Ethernet switch capable of allowing a guaranteed search time (which is less than the search time required for an unbounded bucket scheme) for each MAC address presented and a guarantee as to the number of entries which can be stored in the MAC address forwarding table.