公开(公告)号：US20130301641A1

公开(公告)日：2013-11-14

申请号：US13466984

申请日：2012-05-08

申请人： Prashant Anand ,  Ramanathan Lakshmikanthan ,  Sun Den Chen ,  Ning Xu

发明人： Prashant Anand ,  Ramanathan Lakshmikanthan ,  Sun Den Chen ,  Ning Xu

IPC分类号： H04L12/56

CPC分类号： H04L63/0227 ,  H04L45/745 ,  H04L47/2441 ,  H04L47/2483 ,  H04L63/0263 ,  H04L63/101 ,  H04L63/1408

摘要： In one aspect, the present invention reduces the amount of low-latency memory needed for rules-based packet classification by representing a packet classification rules database in compressed form. A packet processing rules database, e.g., an ACL database comprising multiple ACEs, is preprocessed to obtain corresponding rule fingerprints. These rule fingerprints are much smaller than the rules and are easily accommodated in on-chip or other low-latency memory that is generally available to the classification engine in limited amounts. The rules database in turn can be stored in off-chip or other higher-latency memory, as initial matching operations involve only the packet key of the subject packet and the fingerprint database. The rules database is accessed for full packet classification only if a tentative match is found between the packet key and an entry in the fingerprint database. Thus, the present invention also advantageously minimizes accesses to the rules database.

摘要翻译： 一方面，本发明通过以压缩形式表示分组分类规则数据库来减少基于规则的分组分类所需的低延迟存储器的数量。 分组处理规则数据库（例如，包括多个ACE的ACL数据库）被预处理以获得相应的规则指纹。 这些规则指纹比规则小得多，并且容易地被容纳在分类引擎中有限的片上或其他低延迟存储器中。 因为初始匹配操作仅涉及主题分组和指纹数据库的分组密钥，因此规则数据库又可以存储在片外或其他较高延迟的存储器中。 仅当在分组密钥和指纹数据库中的条目之间发现暂时匹配时，才能对完整分组分类进行规则数据库的访问。 因此，本发明还有利地最小化对规则数据库的访问。

公开(公告)号：US08879550B2

公开(公告)日：2014-11-04

申请号：US13466984

申请日：2012-05-08

申请人： Prashant Anand ,  Ramanathan Lakshmikanthan ,  Sun Den Chen ,  Ning Xu

发明人： Prashant Anand ,  Ramanathan Lakshmikanthan ,  Sun Den Chen ,  Ning Xu

IPC分类号： H04L12/28

CPC分类号： H04L63/0227 ,  H04L45/745 ,  H04L47/2441 ,  H04L47/2483 ,  H04L63/0263 ,  H04L63/101 ,  H04L63/1408

摘要： In one aspect, the present invention reduces the amount of low-latency memory needed for rules-based packet classification by representing a packet classification rules database in compressed form. A packet processing rules database, e.g., an ACL database comprising multiple ACEs, is preprocessed to obtain corresponding rule fingerprints. These rule fingerprints are much smaller than the rules and are easily accommodated in on-chip or other low-latency memory that is generally available to the classification engine in limited amounts. The rules database in turn can be stored in off-chip or other higher-latency memory, as initial matching operations involve only the packet key of the subject packet and the fingerprint database. The rules database is accessed for full packet classification only if a tentative match is found between the packet key and an entry in the fingerprint database. Thus, the present invention also advantageously minimizes accesses to the rules database.

摘要翻译： 一方面，本发明通过以压缩形式表示分组分类规则数据库来减少基于规则的分组分类所需的低延迟存储器的数量。 分组处理规则数据库（例如，包括多个ACE的ACL数据库）被预处理以获得相应的规则指纹。 这些规则指纹比规则小得多，并且容易地被容纳在分类引擎中有限的片上或其他低延迟存储器中。 因为初始匹配操作仅涉及主题分组和指纹数据库的分组密钥，因此规则数据库又可以存储在片外或其他较高延迟的存储器中。 仅当在分组密钥和指纹数据库中的条目之间发现暂时匹配时，才能对完整分组分类进行规则数据库的访问。 因此，本发明还有利地最小化对规则数据库的访问。

公开(公告)号：US20130297798A1

公开(公告)日：2013-11-07

申请号：US13464608

申请日：2012-05-04

申请人： MUSTAFA ARISOYLU ,  Abhishek Arora ,  Prashant Anand

发明人： MUSTAFA ARISOYLU ,  Abhishek Arora ,  Prashant Anand

IPC分类号： G06F15/173

CPC分类号： H04L67/1014 ,  H04L67/1002 ,  H04L67/1006 ,  H04L67/1023 ,  H04L67/1027

摘要： A method, in one or more network elements that are in communication between clients that transmit packets and servers, of distributing the packets among the servers which are to process the packets. Stickiness of flows to servers assigned to process them is provided. A packet of a flow is received at a static first level packet distribution module. A group of servers is statically selected for the packet of the flow with the first level module. State that assigns the packet of the flow to the selected group of servers is not used. The packet of the flow is distributed to a distributed stateful second level packet distribution system. A server of the selected group is statefully selected with the second level system by accessing state that assigns processing of packets of the flow to the selected server. The packet of the flow is distributed to the selected server.

摘要翻译： 在发送分组和服务器的客户端之间的通信中的一个或多个网络元件中，在要处理分组的服务器之间分发分组的方法。 提供了流向分配给处理服务器的服务器的粘性。 在静态第一级分组分发模块处接收到流的分组。 使用第一级模块为流的数据包静态选择一组服务器。 不使用将流分组分配给所选服务器组的状态。 流的分组被分发到分布状态的二级分组分发系统。 所选择的组的服务器通过访问将所述流的分组的处理分配给所选择的服务器的状态与所述第二级系统有状态地选择。 流的分组被分发到所选择的服务器。

公开(公告)号：US20070206599A1

公开(公告)日：2007-09-06

申请号：US11747137

申请日：2007-05-10

申请人： Hardik Bhalala ,  Prashant Anand

发明人： Hardik Bhalala ,  Prashant Anand

IPC分类号： H04L12/56

CPC分类号： H04L45/00 ,  H04L45/60 ,  H04L45/7453

摘要： A priority content addressable memory (PCAM) may store entries associated with a corresponding priority data. The PCAM may store a new entry in an available space in the memory without re-ordering the entries. Such an approach may enhance the system performance. Also, a network device may comprise multiple PCAMs for performing multiple operations in multiple cycles for a packet based on the various packet parameters. The network device may select the output of PCAMs based on the priority associated.

摘要翻译： 优先内容可寻址存储器（PCAM）可以存储与对应的优先级数据相关联的条目。 PCAM可以将新条目存储在存储器中的可用空间中，而无需重新排序条目。 这种方法可以提高系统性能。 此外，网络设备可以包括多个PCAM，用于基于各种分组参数针对分组以多个周期执行多个操作。 网络设备可以基于所关联的优先级来选择PCAM的输出。

公开(公告)号：US08825867B2

公开(公告)日：2014-09-02

申请号：US13464608

申请日：2012-05-04

申请人： Mustafa Arisoylu ,  Abhishek Arora ,  Prashant Anand

发明人： Mustafa Arisoylu ,  Abhishek Arora ,  Prashant Anand

IPC分类号： G06F15/16 ,  H04L29/08

CPC分类号： H04L67/1014 ,  H04L67/1002 ,  H04L67/1006 ,  H04L67/1023 ,  H04L67/1027

摘要： A method, in one or more network elements that are in communication between clients that transmit packets and servers, of distributing the packets among the servers which are to process the packets. Stickiness of flows to servers assigned to process them is provided. A packet of a flow is received at a static first level packet distribution module. A group of servers is statically selected for the packet of the flow with the first level module. State that assigns the packet of the flow to the selected group of servers is not used. The packet of the flow is distributed to a distributed stateful second level packet distribution system. A server of the selected group is statefully selected with the second level system by accessing state that assigns processing of packets of the flow to the selected server. The packet of the flow is distributed to the selected server.

摘要翻译： 在发送分组和服务器的客户端之间的通信中的一个或多个网络元件中，在要处理分组的服务器之间分发分组的方法。 提供了流向分配给处理服务器的服务器的粘性。 在静态第一级分组分发模块处接收到流的分组。 使用第一级模块为流的数据包静态选择一组服务器。 不使用将流分组分配给所选服务器组的状态。 流的分组被分发到分布状态的二级分组分发系统。 所选择的组的服务器通过访问将所述流的分组的处理分配给所选择的服务器的状态与所述第二级系统有状态地选择。 流的分组被分发到所选择的服务器。

公开(公告)号：US08811183B1

公开(公告)日：2014-08-19

申请号：US13252615

申请日：2011-10-04

申请人： Prashant Anand ,  Hardik Bhalala

发明人： Prashant Anand ,  Hardik Bhalala

IPC分类号： G01R31/08

CPC分类号： H04L47/6205 ,  H04L41/0631 ,  H04L41/0681 ,  H04L45/24 ,  H04L45/36 ,  H04L45/70 ,  H04L45/7453 ,  H04L47/11 ,  H04L47/12 ,  H04L47/122 ,  H04L47/127 ,  H04L47/25 ,  H04L47/26 ,  H04L49/10 ,  H04L49/101 ,  H04L49/109 ,  H04L49/1507 ,  H04L49/1515 ,  H04L49/25 ,  H04L49/251 ,  H04L49/253 ,  H04L49/254 ,  H04L49/505 ,  H04W28/02 ,  H04W28/0278 ,  H04W28/12

摘要： In some embodiments, an apparatus comprises a switch from a set of switches associated with a stage of a multi-stage switch fabric. The switch is configured to receive a data packet having a destination address of a destination device from a source device, and then store the data packet in a queue of the switch. The switch is configured to define a message based on the queue having an available capacity less than a threshold, and include a congestion root indicator in the message if the switch is a congestion root. The switch is then configured to send the message to the source device such that the source device sends another data packet having the destination address of the destination device to another switch from the set of switches and not to the previous switch if the message includes the congestion root indicator.

摘要翻译： 在一些实施例中，装置包括从与多级交换结构的级相关联的一组交换机的交换机。 交换机被配置为从源设备接收具有目的地设备的目的地地址的数据分组，然后将数据分组存储在交换机的队列中。 交换机被配置为基于具有小于阈值的可用容量的队列来定义消息，并且如果交换机是拥塞根，则在消息中包括拥塞根指示符。 然后将交换机配置为将消息发送到源设备，使得源设备将具有目的地设备的目的地地址的另一数据分组从该组交换机发送到另一交换机，而不是发送到先前交换机，如果该消息包括拥塞 根指示器

公开(公告)号：US09660940B2

公开(公告)日：2017-05-23

申请号：US12957472

申请日：2010-12-01

申请人： Prashant Anand ,  Gunes Aybay ,  Arijit Sarcar ,  Hardik Bhalala

发明人： Prashant Anand ,  Gunes Aybay ,  Arijit Sarcar ,  Hardik Bhalala

IPC分类号： H04L12/931 ,  H04L12/933 ,  H04L12/937

CPC分类号： H04L49/506 ,  H04L47/26 ,  H04L47/29 ,  H04L47/30 ,  H04L49/1515 ,  H04L49/254

摘要： In some embodiments, an apparatus includes a flow control module configured to receive a first data packet from an output queue of a stage of a multi-stage switch at a first rate when an available capacity of the output queue crosses a first threshold. The flow control module is configured to receive a second data packet from the output queue of the stage of the multi-stage switch at a second rate when the available capacity of the output queue crosses a second threshold. The flow control module configured to send a flow control signal to an edge device of the multi-stage switch from which the first data packet or the second data packet entered the multi-stage switch.

公开(公告)号：US20120140626A1

公开(公告)日：2012-06-07

申请号：US12957472

申请日：2010-12-01

申请人： Prashant Anand ,  Gunes Aybay ,  Arijit Sarcar ,  Hardik Bhalala

发明人： Prashant Anand ,  Gunes Aybay ,  Arijit Sarcar ,  Hardik Bhalala

IPC分类号： H04L12/56

CPC分类号： H04L49/506 ,  H04L47/26 ,  H04L47/29 ,  H04L47/30 ,  H04L49/1515 ,  H04L49/254

摘要： In some embodiments, an apparatus includes a flow control module configured to receive a first data packet from an output queue of a stage of a multi-stage switch at a first rate when an available capacity of the output queue crosses a first threshold. The flow control module is configured to receive a second data packet from the output queue of the stage of the multi-stage switch at a second rate when the available capacity of the output queue crosses a second threshold. The flow control module configured to send a flow control signal to an edge device of the multi-stage switch from which the first data packet or the second data packet entered the multi-stage switch.

摘要翻译： 在一些实施例中，一种装置包括流控制模块，其被配置为当输出队列的可用容量穿过第一阈值时以第一速率从多级交换机的级的输出队列接收第一数据分组。 流控制模块被配置为当输出队列的可用容量穿过第二阈值时以第二速率从多级交换机的级的输出队列接收第二数据分组。 所述流量控制模块被配置为向所述多级交换机的边缘设备发送流量控制信号，所述多级交换机的边缘设备从所述第一数据分组或所述第二数据分组进入所述多级交换机。