公开(公告)号：US06775737B1

公开(公告)日：2004-08-10

申请号：US09973508

申请日：2001-10-09

申请人： Priyank Ramesh Warkhede ,  William N. Eatherton ,  Shyamsundar N. Maniyar ,  Peram Marimuthu

发明人： Priyank Ramesh Warkhede ,  William N. Eatherton ,  Shyamsundar N. Maniyar ,  Peram Marimuthu

IPC分类号： G06F1200

CPC分类号： H04L45/00 ,  H04L45/48 ,  H04L69/22

摘要： Methods and apparatus are disclosed for allocating and using range identifiers as input values to associative memories, especially binary content-addressable memories (CAMs) and ternary content-addressable memories (TCAMs). In one implementation, each of multiple non-overlapping intervals are identified with one of multiple unique identifiers. An indication of a mapping between the multiple non-overlapping intervals and the multiple unique identifiers is maintained. A particular unique identifier is determined from said multiple unique identifiers based on a value and said multiple non-overlapping intervals. A lookup operation is performed on an associative memory using the particular unique identifier to generate a result. One implementation uses a trie representation of a range tree of the intervals to derive the unique identifiers. Moreover, one implementation evaluates and selects among various possible trie representations, especially to determine identifiers such that a TCAM prefix may match multiple intervals corresponding to a desired range.

摘要翻译： 公开了分配和使用范围标识符作为关联存储器，特别是二进制可内容寻址存储器（CAM）和三元可内容寻址存储器（TCAM）的输入值的方法和装置。 在一个实现中，多个非重叠间隔中的每一个用多个唯一标识符之一标识。 维持多个非重叠间隔与多个唯一标识符之间的映射的指示。 基于值和所述多个非重叠间隔从所述多个唯一标识符确定特定唯一标识符。 使用特定唯一标识符对关联存储器执行查找操作以生成结果。 一个实现使用间隔的范围树的特里表示来导出唯一标识符。 此外，一个实现在各种可能的特里表示中进行评估和选择，特别是确定标识符，使得TCAM前缀可以匹配对应于期望范围的多个间隔。

公开(公告)号：US07496035B1

公开(公告)日：2009-02-24

申请号：US10355831

申请日：2003-01-31

申请人： Ganesh Sadasivan ,  Rengabashyam Srinivas ,  William N. Eatherton ,  Xiaoxue Ma ,  Peram Marimuthu

发明人： Ganesh Sadasivan ,  Rengabashyam Srinivas ,  William N. Eatherton ,  Xiaoxue Ma ,  Peram Marimuthu

IPC分类号： G08C15/00

CPC分类号： H04L49/901 ,  H04L47/10 ,  H04L47/2441 ,  H04L49/90 ,  Y10S707/99943

摘要： Methods and apparatus are disclosed for defining flow types and instances thereof such as for identifying packets corresponding to instances of the flow types. A flow type is defined and includes a set of properties including at least one of the possible properties selectable when defining a flow type. An instance of the flow type is defined and a set of corresponding associative memory entries is generated. A lookup word generator of a packet processing engine is typically notified of the use of the flow type, and one or more lookup words are generated typically by extracting fields from a received packet and/or from other sources. Based on a result of lookup operations on the set of associative memories entries using the generated one or more lookup words, the received packet can be identified as whether it matches or does not match the instance of the flow type.

摘要翻译： 公开了用于定义流类型和实例的方法和装置，例如用于识别与流类型的实例对应的分组。 定义流类型并且包括一组属性，其包括在定义流类型时可选择的可能属性中的至少一个。 定义流类型的实例，并生成一组对应的关联内存条目。 典型地通过从所接收的分组和/或来自其它来源提取字段来生成分组处理引擎的查找词生成器，使用流类型，并且生成一个或多个查找词。 基于使用所生成的一个或多个查找词的关联存储器条目集合的查找操作的结果，可以将接收的分组识别为与流类型的实例匹配还是不匹配。

公开(公告)号：US07349382B2

公开(公告)日：2008-03-25

申请号：US10651179

申请日：2003-08-28

申请人： Peram Marimuthu ,  Priyank Ramesh Warkhede

发明人： Peram Marimuthu ,  Priyank Ramesh Warkhede

IPC分类号： H04L12/56 ,  G06F12/14

CPC分类号： H04L63/102 ,  G06F17/30982 ,  H04L63/101 ,  H04L63/1441

摘要： Reverse path forwarding protection of packets is provided using automated population of access control lists based on a forwarding information base. One implementation identifies a lookup value by extracting one or more values including a source address from a packet. An access control list lookup operation is performed on an access control list based on the lookup value to identify a permit or a deny condition, the access control list including multiple access control list entries. The packet is processed based on the permit or the deny condition identified in by the access control list lookup operation, this processing the packet based on the permit condition includes performing a forwarding lookup operation on a representation of a forwarding information base to identify a location and forwarding the packet to the location. The access control list entries are automatically generated based on a forwarding information base.

摘要翻译： 使用基于转发信息库的自动化访问控制列表来提供分组的反向路径转发保护。 一个实现通过从包中提取包括源地址的一个或多个值来识别查找值。 基于查找值对访问控制列表执行访问控制列表查找操作以识别许可或拒绝条件，所述访问控制列表包括多个访问控制列表条目。 基于通过访问控制列表查找操作识别的许可证或拒绝条件对数据包进行处理，这种根据许可条件处理数据包括对转发信息库的表示执行转发查找操作以识别位置，以及 将数据包转发到该位置。 访问控制列表条目根据转发信息库自动生成。

公开(公告)号：US5878232A

公开(公告)日：1999-03-02

申请号：US775021

申请日：1996-12-27

申请人： Peram Marimuthu

发明人： Peram Marimuthu

IPC分类号： G06F15/16 ,  G06F13/00 ,  H04L12/46 ,  H04L12/56 ,  G06F15/163

CPC分类号： H04L45/48 ,  H04L12/467

摘要： A system and method of configuring VLANs of a multiple port bridging device by merging potentially conflicting VLANs. One or more VLANs are first defined by the user, and equivalent and subset VLANs are merged. The spanning tree procedure is then performed to determine a root identifier and a root port for each VLAN. The root identifier of each VLAN is compared with the other VLANs, and if equal, the root ports of the two VLANs are compared. If the root identifiers are the same and if the root ports are different for any two VLANs, the two VLANs are merged into a new VLAN. To merge two VLANs, all of the ports of both VLANs are combined to define a new VLAN. Preferably, each VLAN is compared with every other VLAN in this manner. The spanning tree procedure is then executed for the new VLAN, which is then compared to the other VLANs in the same manner. Furthermore, if the root identifiers and the root ports are equal, then it is determined if any shared port of the two VLANs is blocked for one and not the other. If so, the two VLANs are merged into a new VLAN.

摘要翻译： 通过合并潜在的冲突VLAN来配置多端口桥接设备的VLAN的系统和方法。 一个或多个VLAN首先由用户定义，并且合并等效和子集VLAN。 然后执行生成树过程以确定每个VLAN的根标识符和根端口。 将每个VLAN的根标识符与其他VLAN进行比较，如果相等，则比较两个VLAN的根端口。 如果根标识符相同，如果两个VLAN的根端口不同，则将两个VLAN合并到一个新的VLAN中。 要合并两个VLAN，将两个VLAN的所有端口组合以定义新的VLAN。 优选地，每个VLAN以这种方式与每隔一个VLAN进行比较。 然后为新的VLAN执行生成树过程，然后将其与其他VLAN以相同的方式进行比较。 此外，如果根标识符和根端口相等，则确定两个VLAN中的任何共享端口是否被一个而不是另一个阻塞。 如果是，则将两个VLAN合并到一个新的VLAN中。

公开(公告)号：US07065079B1

公开(公告)日：2006-06-20

申请号：US09564604

申请日：2000-05-04

申请人： Abhijit Patra ,  Milton Xu ,  Peram Marimuthu ,  Jeffrey Wang

发明人： Abhijit Patra ,  Milton Xu ,  Peram Marimuthu ,  Jeffrey Wang

IPC分类号： H04L12/56

CPC分类号： H04L45/10

摘要： Only one point to multipoint virtual circuit (p2mp VC) is used within a router to handle all of the sources for a particular multicast group when other particulars of the multicast group are identical within that router. The router receiving a multicast packet for a particular multicast group identifies the source and the group number by reading fields of the incoming packet, identifies the input port of the router, and identifies the output port list. The input port of the router, the group number G, and the output port list are used by the router in establishing and identifying a point to multipoint VC within the router. The invention identifies all packets arriving at that particular input port, having the same multicast group number G, and having the same output port list, and transfers them to the identified VC. The VC is associated in the routing table with the output list of ports from which copies of the multicast packet are transmitted. Accordingly, only one VC is needed to transfer packets arising from any source of the multicast group so long as the multicast packets arrive on the same port of the router and have the same output port list.

摘要翻译： 路由器内只使用一点多点虚拟电路（p2mp VC）来处理特定组播组的所有源，当组播组的其他特性在该路由器内相同时。 接收特定组播组的组播数据包的路由器通过读取输入数据包的字段来识别源和组号，识别路由器的输入端口，并识别输出端口列表。 路由器的输入端口，组号G和输出端口列表由路由器用于建立和标识路由器内的点对多点VC。 本发明识别到达特定输入端口的所有分组，具有相同的组播组号G，并且具有相同的输出端口列表，并将它们传送到所识别的VC。 VC在路由表中与从其发送组播数据包的副本的端口的输出列表相关联。 因此，只要一个VC需要传输来自组播组的任何源的数据包，只要组播数据包到达路由器的同一端口并具有相同的输出端口列表即可。

公开(公告)号：US20050021752A1

公开(公告)日：2005-01-27

申请号：US10651179

申请日：2003-08-28

申请人： Peram Marimuthu ,  Priyank Warkhede

发明人： Peram Marimuthu ,  Priyank Warkhede

IPC分类号： G06F20060101 ,  G06F12/14 ,  G06F17/30 ,  G06F15/173 ,  H04L12/28

CPC分类号： H04L63/102 ,  G06F17/30982 ,  H04L63/101 ,  H04L63/1441

摘要： Reverse path forwarding protection of packets is provided using automated population of access control lists based on a forwarding information base. One implementation identifies a lookup value by extracting one or more values including a source address from a packet. An access control list lookup operation is performed on an access control list based on the lookup value to identify a permit or a deny condition, the access control list including multiple access control list entries. The packet is processed based on the permit or the deny condition identified in by the access control list lookup operation, this processing the packet based on the permit condition includes performing a forwarding lookup operation on a representation of a forwarding information base to identify a location and forwarding the packet to the location. The access control list entries are automatically generated based on a forwarding information base.

摘要翻译： 使用基于转发信息库的自动化访问控制列表来提供分组的反向路径转发保护。 一个实现通过从包中提取包括源地址的一个或多个值来识别查找值。 基于查找值对访问控制列表执行访问控制列表查找操作以识别许可或拒绝条件，所述访问控制列表包括多个访问控制列表条目。 基于通过访问控制列表查找操作识别的许可证或拒绝条件对数据包进行处理，这种根据许可条件处理数据包括对转发信息库的表示执行转发查找操作以识别位置，以及 将数据包转发到该位置。 访问控制列表条目根据转发信息库自动生成。