公开(公告)号：US06438129B1

公开(公告)日：2002-08-20

申请号：US09253771

申请日：1999-02-22

申请人： Kevin Jennings ,  Edele O'Malley ,  John Hickey

发明人： Kevin Jennings ,  Edele O'Malley ,  John Hickey

IPC分类号： H04J324

CPC分类号： H04L45/00 ,  H04L29/12009 ,  H04L45/54 ,  H04L49/25 ,  H04L49/351 ,  H04L49/354 ,  H04L61/00

摘要： A forwarding database in a network switch is established and maintained by performing a look-up for a source address read from an incoming frame to find a match between the source address in the frame and the source address in an entry which includes that source address, a port number and an age field. New entries are made if matches are not found, so that the forwarding database facilitates the dispatch of frames to destination addresses corresponding to source addresses in the table. The performance of a source address look-up is inhibited in the absence of a token, a reservoir of tokens being decremented each time a source address look-up is performed and incremented from time to time, at a selectable rate. The process facilitates the performance of a destination address look-up for every received frame by restricting the bandwidth made available for source address look-ups.

摘要翻译： 通过执行从输入帧读取的源地址的查找来查找网络交换机中的转发数据库，​​以在包含该源地址的条目中找到帧中的源地址与源地址之间的匹配， 一个港口号码和一个年龄域。 如果未找到匹配项，则创建新条目，以便转发数据库便于将帧分派到与表中的源地址对应的目标地址。 在没有令牌的情况下，源地址查找的性能被禁止，每次执行源地址查找并随时递增令牌的存储器以可选择的速率递减。 该过程通过限制可用于源地址查找的带宽来促进对每个接收到的帧的目的地地址查找的性能。

公开(公告)号：US08331404B2

公开(公告)日：2012-12-11

申请号：US11923869

申请日：2007-10-25

申请人： David Law ,  Edele O'Malley ,  Daniel Martin O'Keeffe ,  Eugene O'Neill

发明人： David Law ,  Edele O'Malley ,  Daniel Martin O'Keeffe ,  Eugene O'Neill

IPC分类号： H04J1/02

CPC分类号： H04L69/16 ,  H04L63/0236 ,  H04L63/0245 ,  H04L63/0263 ,  H04L63/1416 ,  H04L69/161 ,  H04L69/22

摘要： The occurrence of false positives and the post-processing of digital streams subjected to examination by a deterministic finite state machine for character strings are reduced by combining location-based pattern matching, e.g. on packet headers, and content-based pattern matching, e.g. on payloads of packets. One scheme allows automatic transition from a header match state into an initial state of a content matching machine. Another scheme is based on a rules graph defining strings of match states and the examination of a list of match states (rather than characters) which have been previously determined, for example by means of header matching and content matching. The latter is also capable of comparing offset and depth values associated with the match states with offset and depth criteria.

摘要翻译： 通过组合基于位置的模式匹配，例如，通过组合基于位置的模式匹配来减少误报的发生和经过用于字符串的确定性有限状态机检查的数字流的后处理。 分组报头和基于内容的模式匹配，例如， 在包的有效载荷上。 一种方案允许从头匹配状态自动转换到内容匹配机器的初始状态。 另一种方案是基于定义匹配状态串的规则图，并且例如通过标题匹配和内容匹配来检查先前确定的匹配状态（而不是字符）的列表。 后者还能够将与匹配状态相关联的偏移和深度值与偏移和深度标准进行比较。

公开(公告)号：US07362750B2

公开(公告)日：2008-04-22

申请号：US10464292

申请日：2003-06-17

申请人： Kam Choi ,  Eugene O'Neill ,  Edele O'Malley

发明人： Kam Choi ,  Eugene O'Neill ,  Edele O'Malley

IPC分类号： H04Q11/06

CPC分类号： H04L45/742 ,  H04L49/15 ,  H04L49/30

摘要： A switching module has external ports for sending and receiving data packets and mesh interfaces for internal mesh connections with other modules. A switching engine directs packets to one or other of the mesh interfaces according to the port number of a ‘destination’ or egress port on another module, as determined by a lookup. The port numbers are programmable so that the distribution of traffic through the mesh connections can be modified.

摘要翻译： 交换模块具有用于发送和接收数据包和网格接口的外部端口，用于与其他模块的内部网格连接。 交换引擎根据查找确定的根据另一个模块上的“目的地”或出口端口的端口号将数据包引导到一个或多个网格接口。 端口号是可编程的，以便可以修改通过网状连接的流量分配。

公开(公告)号：US07289496B2

公开(公告)日：2007-10-30

申请号：US10067738

申请日：2002-02-08

申请人： Bryan J Donoghue ,  Quang T Tran ,  Eugene O'Neill ,  David J Law ,  Paul J Moran ,  Edele O'Malley ,  Jerome Nolan ,  Kam Choi ,  Maurice A Goodfellow

发明人： Bryan J Donoghue ,  Quang T Tran ,  Eugene O'Neill ,  David J Law ,  Paul J Moran ,  Edele O'Malley ,  Jerome Nolan ,  Kam Choi ,  Maurice A Goodfellow

IPC分类号： H04L12/50

CPC分类号： H04L12/433

摘要： Network units such as switches for use in a cascaded stack are organised to provide a cascade connection in the form of a dual unidirectional connection so that, in its ordinary configuration, there is at least one and preferably more than one unidirectional ring for each direction around the cascade, each ring including a respective port on each unit. For each ring, each port on a unit is connected by a respective link to a corresponding port on the preceding unit and the following unit. The units provide a self-healing operation in the event of various kinds of operational failure. The self-healing operation includes loop-back of packets in units adjacent the failure and bypass of a packet switching process for other units. The units include control logic for passing control frames containing status information relating to the units and links between them and for co-operation with a CPU to control a switching engine to perform the self-healing operation in accordance with that status information. The units forward on the cascade packets with headers that identify a destination port and the unit on which that port is located and also indicate which units have and have not been traversed by a packet.

摘要翻译： 网络单元（例如用于级联堆叠中的开关）被组织以提供双向单向连接形式的级联连接，使得在其普通配置中，每个方向周围存在至少一个并且优选地多于一个单向环 级联，每个环包括每个单元上的相应端口。 对于每个环，单元上的每个端口通过相应的链路连接到前一单元上的相应端口和随后的单元。 在各种操作故障的情况下，这些单元提供自愈操作。 自修复操作包括以故障为单位的分组的环回，并且对其他单元进行分组交换过程的旁路。 这些单元包括控制逻辑，用于传递包含与它们之间的单元和链接相关的状态信息的控制帧，并且用于与CPU协作以控制切换引擎以根据该状态信息执行自愈操作。 单元在级联数据包上转发标识目的端口和该端口所在单元的报头，并指示哪些单元已经和没有被数据包遍历。

公开(公告)号：US20060092947A1

公开(公告)日：2006-05-04

申请号：US11064227

申请日：2005-02-22

申请人： Daniel O'Keeffe ,  Eugene O'Neill ,  Edele O'Malley ,  Kam Choi

发明人： Daniel O'Keeffe ,  Eugene O'Neill ,  Edele O'Malley ,  Kam Choi

IPC分类号： H04L12/56 ,  H04L12/28

CPC分类号： H04L45/00 ,  H04L45/60 ,  H04L45/7453 ,  H04L47/20

摘要： A rules engine for the examination of selected fields in an addressed data packet, has an access control list table of which the entries each define an access control list rule, an action and a chain identifier. The access control list rule is a basic rule which refers to a TCP flow. The engine also has an extension rule table of which the entries each define an extension rule, a respective action and a respective rule identifier. The extension rule may refer to a particular flag in a TCP header. When a packet arrives the engine searches both tales. This search is made independently of the usual address lookup. If there is a match in both tables, and the chain identifier matches the extension rule identifier the engine prescribes the action associated with the extension rule. If the chain identifier of a matched access control list rule does not match a rule identifier of a matched extension rule the engine prescribes the action associates with the access control list rule. In the absence of a match with any access control list rule the action on a packet is based on the result from a lookup engine.

摘要翻译： 用于检查寻址数据分组中的所选字段的规则引擎具有访问控制列表表，其中条目各自定义访问控制列表规则，动作和链标识符。 访问控制列表规则是引用TCP流的基本规则。 引擎还具有扩展规则表，其中条目各自定义扩展规则，相应的动作和相应的规则标识符。 扩展规则可以指TCP头中的特定标志。 当一个包到达时，引擎搜索这两个故事。 该搜索是独立于通常的地址查找。 如果两个表中都有匹配，并且链标识符与扩展规则标识符匹配，则引擎规定与扩展规则相关联的操作。 如果匹配的访问控制列表规则的链标识符与匹配的扩展规则的规则标识符不匹配，则引擎规定与访问控制列表规则相关联的动作。 在没有与任何访问控制列表规则匹配的情况下，数据包上的操作基于查找引擎的结果。

公开(公告)号：US06529507B1

公开(公告)日：2003-03-04

申请号：US09253772

申请日：1999-02-22

申请人： Edele O'Malley ,  Kevin Jennings ,  John Hickey

发明人： Edele O'Malley ,  Kevin Jennings ,  John Hickey

IPC分类号： H04J324

CPC分类号： H04L45/742 ,  H04L49/351 ,  H04L49/354

摘要： A forwarding database in a network switch is established and maintained by performing a look-up for a source address read from an incoming frame to find a match between the source address in the frame and the source address in an entry which includes that source address, a port number and an age field. New entries are made if matches are not found, so that the forwarding database facilitates the dispatch of frames to destination addresses corresponding to source addresses in the table. The switch maintains a system age, such as a two-bit field, which is changed from time to time and the current system age is entered in the table as the age field when a source address entry is made. When said source address is found by a look-up process, it is updated with the current system age only if the age field of the entry and the current system age do not correspond. There is a saving of bandwidth arising from the avoidance of write cycles when an age field of an entry corresponds to the current system age.

摘要翻译： 通过执行从输入帧读取的源地址的查找来查找网络交换机中的转发数据库，​​以在包含该源地址的条目中找到帧中的源地址与源地址之间的匹配， 一个港口号码和一个年龄域。 如果未找到匹配项，则创建新条目，以便转发数据库便于将帧分派到与表中的源地址对应的目标地址。 交换机维护系统时代，例如两位字段，当进行源地址表项时，它将不时更改，并将当前系统时间作为年龄字段输入表中。 当通过查找过程找到所述源地址时，仅当条目的年龄字段和当前系统时间不对应时才更新当前系统时间。 当条目的年龄字段对应于当前系统时代时，避免了写周期产生的带宽的节省。

公开(公告)号：US06425015B1

公开(公告)日：2002-07-23

申请号：US09201345

申请日：1998-11-30

申请人： Kevin Jennings ,  Eugene O'Neil ,  Edele O'Malley ,  Raymond Beechinor

发明人： Kevin Jennings ,  Eugene O'Neil ,  Edele O'Malley ,  Raymond Beechinor

IPC分类号： G06F1517

CPC分类号： H04L43/00

摘要： Port mirroring is achieved between ports on separate devices in a stack of communication devices by establishing a protocol for communications within a cascade connection forming the stack in which an indication is given of whether the communication is being sent to the mirror port in addition to its intended destination. This avoids increasing the volume of traffic in the cascade connection as would be the case if the original and mirror copy were sent separately.

摘要翻译： 在通信设备的堆叠中的单独设备上的端口之间实现端口镜像，通过建立用于形成堆栈的级联连接中的通信协议，其中给出除了其预期之外是否将通信发送到镜像端口的指示 目的地。 这样可以避免增加级联连接中的流量，就像分开发送原始和镜像副本的情况一样。