Invention Grant
- Patent Title: Using special-case hardware units for facilitating access control lists on a networking element
-
Application No.: US13769437Application Date: 2013-02-18
-
Publication No.: US09306848B2Publication Date: 2016-04-05
- Inventor: Claude Basso , Natarajan Vaidhyanathan , Colin B. Verrilli
- Applicant: International Business Machines Corporation
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Patterson & Sheridan, LLP
- Main IPC: G06F15/173
- IPC: G06F15/173 ; H04L12/743 ; G06F15/167 ; G06F17/30 ; H04L29/06 ; H04L12/28 ; G06F13/00
Abstract:
Access control lists (ACLs) include one or more rules that each define a condition and one or more actions to be performed if the condition is satisfied. In one embodiment, the conditions are stored on a ternary content-addressable memory (TCAM), which receives a portion of network traffic, such as a frame header, and compares different portions of the header to entries in the TCAM. If the frame header satisfies the condition, the TCAM reports the match to other elements in the ACL. For certain conditions, the TCAM may divide the condition into a plurality of sub-conditions which are each stored in a row of the TCAM. To efficiently use the limited space in TCAM, the networking element may include one or more comparator units which check for special-case conditions. The comparator units may be used in lieu of the TCAM to determine whether the condition is satisfied.
Public/Granted literature
- US20140082122A1 USING SPECIAL-CASE HARDWARE UNITS FOR FACILITATING ACCESS CONTROL LISTS ON A NETWORKING ELEMENT Public/Granted day:2014-03-20
Information query
