1. Field of the Invention
The invention relates to an apparatus for high performance switching in local area communications networks such as token ring, ATM, ethernet, fast ethernet, 1 gigabit and 10,000 Mbits/s ethernet environments, generally known as LANs. In particular, the invention relates to a method and switch used to filter packets based on flows of the packets.
2. Description of the Related Art
As computer performance has increased in recent years, the demands on computer networks has significantly increased; faster computer processors and higher memory capabilities need networks with high bandwidth capabilities to enable high speed transfer of significant amounts of data. The well-known ethernet technology, which is based upon numerous IEEE ethernet standards, is one example of computer networking technology which has been able to be modified and improved to remain a viable computing technology. A more complete discussion of prior art networking systems can be found, for example, in SWITCHED AND FAST ETHERNET, by Breyer and Riley (Ziff-Davis, 1996), and numerous IEEE publications relating to IEEE 802 standards. Based upon the Open Systems Interconnect (OSI) 7-layer reference model, network capabilities have grown through the development of repeaters, bridges, routers, and, more recently, “switches”, which operate with various types of communication media. Thickwire, thinwire, twisted pair, and optical fiber are examples of media which has been used for computer networks. Switches, as they relate to computer networking and to ethernet, are hardware-based devices which control the flow of data packets or cells based upon destination address information which is available in each packet. A properly designed and implemented switch should be capable of receiving a packet and switching the packet to an appropriate output port at what is referred to wirespeed or linespeed, which is the maximum speed capability of the particular network.
Basic ethernet wirespeed is up to 10 megabits per second, and Fast Ethernet is up to 100 megabits per second. The newest ethernet is referred to as 10,000 Mbits/s ethernet, and is capable of transmitting data over a network at a rate of up to 10,000 megabits per second. As speed has increased, design constraints and design requirements have become more and more complex with respect to following appropriate design and protocol rules and providing a low cost, commercially viable solution. For example, when filtering packets in a switch based on assigned criteria, if the filtering process delays the processing of a packet by the switch, then it becomes almost impossible to operate the switch or the network at linespeed.
One system of filtering packets in a network switch is discussed in U.S. patent application Ser. No. 09/343,411. Such a switch employs a Fast Filtering Processor (FFP) to perform the desired filtering. Filter masks are applied to portions of the incoming packet and a Rule Table is searched for actions to be taken if there is a match with a key found in the Rule Table. The general process of filtering with the FFP is discussed below with respect to the present invention.
However, while the filtering process described above is extremely flexible, it has certain inherent limitations. One of these limitations involves the limits of scalability of the filtering process. In order to track a greater number of flows through the switch, a deeper Rules Table is required. The increased length in the Rules Table increases the cost of the device, as well as potentially preventing sustainable line rate switching. Thus, there is a need to provide proper filtering of switched data based on flows that does not impede the processing of data by that switch.