According to the Open Systems Interconnection (OSI) model, the OSI data link layer of the Internet translates data packets from the OSI network layer into bits for the OSI physical layer to transfer. The data packets received by the data link layer have Internet Protocol (IP) headers containing the software IP addresses of the sending and receiving hosts. The data link layer performs the translation from network layer to physical layer by encapsulating the network layer data packets with data frames, adding customized headers containing the Logical Link Control (LLC) and Media Access Control (MAC) source and destination physical hardware addresses (“MAC addresses”) from Network Interface Cards (NICs) installed in the sending and receiving devices.
Computer network switches and web appliances (collectively “switches”) operate on the data link layer and use the MAC addresses stored in data frames to filter the data frames to their proper destinations. When a switch is activated, a MAC address filter table in the switch is empty. As the switch reads the frame of each incoming data packet for MAC addresses, an Application-Specific Integrated Circuit (ASIC) within the switch builds the above mentioned internal filter table of source MAC addresses and corresponding input ports. The filter table tells the switch where the sending device for each data packet is located. Since the MAC addresses referenced by switches are stored in header fields in the data frames that encapsulates the data packets rather than in the network layer header fields of the data packets, switches are typically faster and more reliable than routers because switches do not modify the data packet, only the data frame. The term “data packet” will be used to refer to data, data packets, and framed data packets.
There is a limit to the amount of data traffic that a given ASIC can process. In a large switch, several ASICs may be needed, and data traffic must be forwarded to the correct ASIC. Since a single ASIC usually has the state information for a given Transmission Control Protocol (TCP) connection, data packets proceeding through that TCP connection should always be directed to the same ASIC. In other words, communication between a client and server should always be forwarded to the same ASIC. This is typically done by performing a flow dependent “lookup,” which requires intensive communication between the entity performing the lookup and the TCP layer.
ASICs in switches may be replaced by or used in combination with other general purpose or hybrid protocol processors. Generally, protocol processors may include any combination of ASICs, protocol processing hardware, protocol processing software, subcomponents, and/or subroutines (collectively “protocol processors”). A protocol processor may also be one or more parts of a single physical or logical protocol processor. Large web switches may use numerous protocol processors in a single switch.
Hash functions are often used in the transmission of data, including the transfer of data packets on a network, to verify data integrity or to store data packets for rapid retrieval. A hash function converts a string of characters into a shorter string or number. Performing an XOR operation on a data item is one example hash function. As a data storage method, hashing stores data items at locations that are determined by a mathematical function of the data, for example, dividing the value of a data item by the number of storage locations available and using the remainder of the division as an address to store the data item. Hashing allows quick retrieval of stored data since it is not necessary to search through a list to find one item.
Several U.S. patents are directed to hashing in the context of a network switch. U.S. Pat. No. 6,249,521 to Kerstein is directed to a network switch configured for switching data packets to network addresses across multiple ports using hash keys and an address table to generate frame forwarding information. U.S. Pat. No. 6,233,242 to Mayer et al. is directed to a network switch that uses hash logic to find identification entries in a central memory that include addresses of network devices. U.S. Pat. No. 6,084,877 to Egbert et al. is directed to a network switch that uses a hash generator and an address table configured to include a programmable number of bin entries to perform switching to network addresses. U.S. Pat. No. 5,914,938 to Brady et al. is directed to an address table search unit that may use a number of hash buckets to retrieve a pointer to a network device, such as a virtual LAN. Although these references use hashing to send data packets to network IP addresses outside a network switch, none of the references disclose solutions to problems encountered in distributing data packets to entities inside a network switch.