Traditionally, many local area network (LAN) protocols indiscriminately send traffic to many or all other stations connected to the local area network. The addressing of many stations with a single message is generally called a xe2x80x98multicastxe2x80x99 communication. A special and frequent case of this is a message which has to be received by all stations connected to the network. Generally, this does not cause difficulty, but there may be occasions when the level of multicast traffic has limited the performance of the local area network. One type of occasion arises from the use of multicast messages for administrative purposes, for example to locate other stations on the network. When the number of stations on the same local area network becomes large so can the level of administrative multicasts. This may use significant proportions of the available bandwidth, i.e. the information carrying capacity of the network or may cause degradation of the end-stations"" performance because a large number of these messages have to be processed.
There may be conditions wherein xe2x80x98roguexe2x80x99 stations enter states whereby they continually transmit messages to the broadcast address. In theory, if such a condition were to arise, a large proportion of a network""s band width could be utilised by these messages.
Further, if two network ports on the same local area network are connected together, a loop is produced. Ideally, the network devices would detect such a loop and shut down one of the relevant links but such a fault is not always corrected in this way. If a loop does occur in the local area network then the network is liable to become unusable.
More recently, networks have been designed to limit the effect of any xe2x80x98multicastxe2x80x99 storms that may happen. A common and preferred mechanism is to partition a local area network into a multiplicity of smaller local area networks, which are connected together using routers. Routers may monitor traffic and thereby enable a significant level of control over the passage of information between local area networks. Thus a xe2x80x98multicast stormxe2x80x99 on one local area network would not cause cessation of operation of another local area network.
If a system of this nature is employed, when a user wishes to connect a device to a specific local area network, the device is physically xe2x80x98patchedxe2x80x99 through to a physical local area network implemented by a set of network devices. The only interaction between the local area networks is controlled by a router.
As networks have evolved, and as organisations have evolved, the use of hardwired networks using physical patch panels has become cumbersome. In simple terms, if physical patch panels are used then if a particular person in a organisation has shifted physical location, the physical change in location has to be accompanied by a physical change in the network topology via a patch panel. Additional network devices may be needed if changes in physical locations of users cause local network connections to be insufficient. Further, as organisations have split into smaller working units, the number of local area networks has expanded.
The concept of a virtual local area network allows a virtual patch panel to be implemented in the same devices that implement the network infrastructure. Each end station can be attached to a separate virtual local area network under software control. Virtual local area networks are, from the point of view of users or end stations, functionally similar to physical local area networks but are defined by software control of the addressing of data packets and other necessary or consequential control functions. For example, if a member (typically called client or user) in a virtual local area network has a message which is to be broadcast to all the members of the virtual local area network, then the message is treated as a multicast message and (by means well enough known not to require further description here) sent to all the other members of that virtual local area network but not to other users in the physical local area network which is partitioned into the multiplicity of virtual local area networks.
Nevertheless, somewhere in the network there must be a router which allows communication between the various virtual local area networks. Generally, each VLAN might need a separate physical connection to a router. This is inconvenient, because although the VLAN allows automatic connection of an end station to a VLAN, the network administrator must add an extra physical connection.
To avoid this, it is possible to multiplex multiple virtual local area networks over a single physical medium. A variety of schemes of achieving this exist but each depends on the tagging of each packet or data frame with a value identifying the VLAN to which the frame belongs.
This solves the problem of physical connections to the router but creates a new problem. The network was divided into VLANs to prevent traffic from one local area network from inhibiting access to all other networks. Now all the traffic from a multiplicity of VLANs is carried across a single physical connection, which has necessarily limited bandwidth. Again, a multicast storm on one segment may occupy all the available bandwidth on the shared, tagged link and again prevent or degrade performance on an unrelated local area network.
The invention is intended for use where data from a multiplicity of users in a plurality of virtual local area networks (VLANs) has to be multiplexed over a single physical link, and where, as indicated above, the aggregate traffic of all the VLANs together may exceed the maximum information carrying capacity of that physical link. The invention provides a scheme for according fair access to the single physical link.
A preferred but not in all respects essential technique according to the invention is as follows.
Means may be provided to monitor the traffic provided by each virtual local area network coupled to the physical link. The monitoring of that traffic may be gauged against that threshold or quota such that if the traffic from a particular VLAN exceeds a quota allocated thereto a state denoted xe2x80x98restrictedxe2x80x99 is indicated in any desired manner. For a traffic flow below the quota, a xe2x80x98priorityxe2x80x99 state is indicated. When the VLAN wishes to send a packet over the physical link it asserts a request signal (R). When the shared link is ready to accept a packet it may first search for requests from all VLANs which are indicated to be in the xe2x80x98priorityxe2x80x99 state. A packet from a VLAN in the xe2x80x98priorityxe2x80x99 state will always be accepted in preference to a packet from a VLAN in the xe2x80x98restrictedxe2x80x99 state. If a VLAN in a xe2x80x98priorityxe2x80x99 state sends a frame, that increment of traffic can cause the VLAN to exceed its quota, so that it will then enter the xe2x80x98restrictedxe2x80x99 state. A variety of developments of such a scheme are possible. In particular, the quotas may be programmable or adaptive. They may for example be set in proportion to the number of xe2x80x98clientsxe2x80x99 or users in each respective VLAN. Nevertheless the monitoring may indicate that the quotas for some VLANs need to be adjusted in accordance with monitor traffic flows to give greater preference to some VLANs over others. Furthermore, although the arbitration scheme envisaged as preferential is a round robin arbitration scheme so that a VLAN having priority is given unconditional access, it may be feasible to adapt the technique to a contention-resolution scheme, e.g. carrier sense multiple access, wherein a VLAN having priority is favoured in the contention-resolution process and a xe2x80x98restrictedxe2x80x99 VLAN is not.
Various other schemes for setting the quota for the various VLANs connected to the physical link are possible. It is feasible to over subscribe the physical link. For example, if there were four xe2x80x98clientsxe2x80x99 using a link, then the threshold for all the links could be set to 60%. The effect of this is that no single VLAN could consume more than 60% of the available bandwidth (information carrying capacity) if there were other VLANs which wish to send data.