公开(公告)号：US07428237B1

公开(公告)日：2008-09-23

申请号：US10752341

申请日：2004-01-06

申请人： Silvano Gai ,  Keith McCloghrie ,  Merwyn B. Andrade

发明人： Silvano Gai ,  Keith McCloghrie ,  Merwyn B. Andrade

IPC分类号： H04L12/28 ,  H04L12/56 ,  H04L12/26 ,  G06F15/16 ,  G06F15/173

CPC分类号： H04L12/462 ,  H04L12/4641 ,  H04L12/465 ,  H04L41/06 ,  H04L41/0663

摘要： A system for rapidly switching at least one virtual local area network (VLAN) from a first loop-free topology to a second loop-free topology in response to a failure within the first loop-free topology. Each VLAN has one “logical” VLAN which represents the network entities organized into the VLAN and a set of “physical” VLANs each having its own VLAN designation. For each physical VLAN, a different loop-free topology is defined, although only one physical VLAN is “active” at any given time. Messages associated with the logical VLAN are tagged with the designation of the currently active physical VLAN, and forwarded along its loop-free topology. Upon detecting a failure in the loop-free topology, the logical VLAN is rapidly switched to the loop-free topology defined by a second, back-up physical VLAN. Following the switch, messages associated with the logical VLAN are tagged with the designation of this back-up VLAN and are forwarded along its loop-free topology.

摘要翻译： 用于响应于第一无环路拓扑中的故障，将至少一个虚拟局域网（VLAN）从第一环无拓扑拓扑快速切换到第二无环路拓扑的系统。 每个VLAN都有一个“逻辑”VLAN，它表示组织在VLAN中的网络实体和一组“物理”VLAN，每个VLAN都有自己的VLAN名称。 对于每个物理VLAN，定义了不同的无环路拓扑，尽管在任何给定时间只有一个物理VLAN“活动”。 与逻辑VLAN相关联的消息被标记为当前活动的物理VLAN的指定，并沿其无环路拓扑转发。 检测到无环路拓扑故障时，逻辑VLAN将迅速切换到第二个备份物理VLAN所定义的无环路拓扑。 切换后，与逻辑VLAN相关联的消息将被标记为该备份VLAN的指定，并沿其无环路拓扑转发。

公开(公告)号：US06976088B1

公开(公告)日：2005-12-13

申请号：US10259959

申请日：2002-09-27

申请人： Silvano Gai ,  Keith McCloghrie ,  Dinesh G. Dutt

发明人： Silvano Gai ,  Keith McCloghrie ,  Dinesh G. Dutt

IPC分类号： G06F15/173 ,  H04L12/28 ,  H04L12/46

CPC分类号： H04L12/4641

摘要： A method that rapidly reconfigures a computer network having a plurality of devices executing the spanning tree algorithm. First, one or more devices are configured and arranged so that one port, providing connectivity to the root, is in the forwarding state and the remaining ports, providing connectivity to the root, are in the blocked state. Next, one or more of the blocked ports are designated as back-up ports. Upon detection of a failure at the active forwarding port, one of the back-up ports immediately transitions from blocked to forwarding, thereby becoming the new active port for the device. Following the transition to a new active port, dummy multicast messages are transmitted, each containing the source address of an entity directly coupled to the affected device or downstream thereof. By examining the dummy multicast messages, other devices in the network learn to use to the new forwarding port of the affected device. Rapid reconfiguration of the network is also provided upon detection of a new or repaired link or device representing a better path toward the root. The method is also compatible with networks supporting virtual local area network (VLAN) designations and allows load balancing among different VLANs.

摘要翻译： 一种快速重新配置具有执行生成树算法的多个设备的计算机网络的方法。 首先，配置和布置一个或多个设备，使得提供与根的连接的一个端口处于转发状态，并且提供与根的连接的其余端口处于阻塞状态。 接下来，一个或多个阻塞端口被指定为备份端口。 在主动转发端口检测到故障后，其中一个备份端口立即从阻塞转发到转发，从而成为设备的新的活动端口。 在转换到新的活动端口之后，传输虚拟多播消息，每个消息包含直接耦合到受影响设备或其下游的实体的源地址。 通过检查虚拟组播消息，网络中的其他设备学习使用受影响设备的新转发端口。 在检测到新的或修复的链接或设备，表示朝向根的更好路径时，也提供网络的快速重新配置。 该方法还与支持虚拟局域网（VLAN）的网络兼容，并允许不同VLAN之间的负载平衡。

公开(公告)号：US06813250B1

公开(公告)日：2004-11-02

申请号：US09748534

申请日：2000-12-22

申请人： Michael Fine ,  Silvano Gai ,  Keith McCloghrie

发明人： Michael Fine ,  Silvano Gai ,  Keith McCloghrie

IPC分类号： H04L1228

CPC分类号： H04L45/48 ,  H04L12/4645 ,  H04L12/4695 ,  H04L45/023

摘要： A shared spanning tree protocol (SSTP) creates a plurality of spanning trees (i.e., loop-free paths) which are shared among one or more virtual local area network (VLAN) designations for data transmission within a computer network. Each shared spanning tree includes and is defined by a primary VLAN and may be associated with one or more secondary VLANs. In order to associate VLAN designation(s) with a single shared spanning tree, network devices exchange novel shared spanning tree protocol data units (SST-PDUs). Each SST-PDU corresponds to a given primary VLAN and preferably includes one or more fields which list the secondary VLAN designations associated with the given primary VLAN. The association of VLAN designations to shared spanning trees, moreover, preferably depends on which path traffic is to follow as well as the anticipated load characteristics of the various VLANs. The association of VLAN designations to shared spanning trees thus provides a degree of load balancing within the network. Data messages tagged with a particular VLAN designation are then distributed by the devices only along the shared spanning tree to which that VLAN has been associated by SSTP.

摘要翻译： 共享生成树协议（SSTP）创建在一个或多个虚拟局域网（VLAN）指定之间共享的多个生成树（即，无环路径），用于计算机网络内的数据传输。 每个共享生成树包括并由主VLAN定义，并且可以与一个或多个辅助VLAN相关联。 为了将VLAN指定与单个共享生成树相关联，网络设备交换新的共享生成树协议数据单元（SST-PDU）。 每个SST-PDU对应于给定的主VLAN，并且优选地包括一个或多个列出与给定主VLAN相关联的辅助VLAN名称的字段。 此外，VLAN标识与共享生成树的关联优选地取决于哪个路径业务将遵循，以及各种VLAN的预期负载特性。 因此，VLAN名称与共享生成树的关联在网络中提供了一定程度的负载平衡。 标有特定VLAN标识的数据消息随后由SSTP与该VLAN关联的共享生成树分配。

公开(公告)号：US06658458B1

公开(公告)日：2003-12-02

申请号：US09599311

申请日：2000-06-22

申请人： Silvano Gai ,  Keith McCloghrie

发明人： Silvano Gai ,  Keith McCloghrie

IPC分类号： G06F1200

CPC分类号： G06F17/30982 ,  G11C15/00 ,  H04L29/06 ,  H04L69/16 ,  H04L69/161 ,  Y10S707/99933

摘要： A system for efficiently organizing data or information into an associative memory device, such as a ternary content addressable memory (TCAM), for subsequent searching divides the TCAM is divided into a plurality of individual stages that are interconnected in a cascading fashion. The data or information that is to be stored into the TCAM for subsequent searching is initially translated into a first Boolean representation, such as a binary decision diagram (BDD), that is partitioned into a plurality of segments. Each segment defines one or more outputs, and the outputs from one segment define the inputs to the next segment. After partitioning the BDD and identifying the resulting outputs, each BDD segment along with its corresponding outputs is mapped into a particular stage of the TCAM.

摘要翻译： 用于将数据或信息有效地组织到诸如三元内容可寻址存储器（TCAM）的关联存储器设备中用于后续搜索划分TCAM的系统被分成以级联方式互连的多个单独级。 要存储到TCAM中用于后续搜索的数据或信息最初被转换成被划分成多个段的第一布尔表示，例如二进制判定图（BDD）。 每个段定义一个或多个输出，并且来自一个段的输出定义到下一段的输入。 在分割BDD并识别结果输出之后，每个BDD段及其相应的输出被映射到TCAM的特定阶段。

公开(公告)号：US06697360B1

公开(公告)日：2004-02-24

申请号：US09145600

申请日：1998-09-02

申请人： Silvano Gai ,  Keith McCloghrie ,  Yakov Rekhter

发明人： Silvano Gai ,  Keith McCloghrie ,  Yakov Rekhter

IPC分类号： H04L1256

CPC分类号： H04L61/2015 ,  H04L41/082 ,  H04L41/0886

摘要： A method and apparatus for auto-configuring layer 3 intermediate devices in computer networks by extending the Dynamic Host Configuration Protocol (DHCP). The devices generate, transmit and receive DHCP messages having novel options embedded therein. The options permit a layer 3 device to request and receive from a DHCP server a unique, overall IP address that may be assigned to the device. The device may also request and receive one or more IP subnets and corresponding IP addresses for each of its interfaces. The device may further receive the routing protocols to be used on the various subnets. The layer 3 device can thus be auto-configured with IP configuration parameters, including IP subnets, IP addresses and routing protocols without the time-consuming, manual involvement of a network administrator.

摘要翻译： 通过扩展动态主机配置协议（DHCP）来自动配置计算机网络中的第3层中间设备的方法和装置。 设备生成，发送和接收嵌入其中的新颖选项的DHCP消息。 这些选项允许第3层设备从DHCP服务器请求和接收可能分配给设备的唯一的总体IP地址。 该设备还可以请求和接收一个或多个IP子网以及其每个接口的对应的IP地址。 该设备还可以接收要在各个子网上使用的路由协议。 因此，第3层设备可以自动配置IP配置参数，包括IP子网，IP地址和路由协议，而无需网络管理员的耗时，人工参与。

公开(公告)号：US06202114B1

公开(公告)日：2001-03-13

申请号：US09002115

申请日：1997-12-31

申请人： Dinesh Dutt ,  Silvano Gai ,  Keith McCloghrie

发明人： Dinesh Dutt ,  Silvano Gai ,  Keith McCloghrie

IPC分类号： G06F1300

CPC分类号： H04L12/4625

摘要： The Spanning Tree Protocol converges to a new configuration after the loss of a link. A new frame, known as a root link query request BPDU is transmitted to the root bridge in the spanning tree when a bridge detects an indirect link failure through the reception of an inferior BPDU on a blocked port. Each bridge forwards this root link query until the root link query reaches the last reachable upstream bridge or a bridge which has a different Tx_Root_Id than the one identified in the RLQ-REQ-BPDU. If the last reachable bridge is the root bridge identified in the RLQ-REQ-BPDU, then a second new frame known as an RLQ-ACK-BPDU is sent, and the bridge port receiving this acknowledgment BPDU is changed from a blocked port to a designated port. If the RLQ-REQ-BPDU reaches a bridge with a different Tx_Root_Id than the one in RLQ-REQ-BPDU, a third new frame known as RLQ-NAK-BPDU is sent.

公开(公告)号：US6032194A

公开(公告)日：2000-02-29

申请号：US998412

申请日：1997-12-24

申请人： Silvano Gai ,  Keith McCloghrie ,  Dinesh G. Dutt

发明人： Silvano Gai ,  Keith McCloghrie ,  Dinesh G. Dutt

IPC分类号： H04L12/24 ,  H04L12/46 ,  H04L12/56 ,  G06F15/18 ,  G06F13/00

CPC分类号： H04L45/48 ,  H04L12/462 ,  H04L41/083 ,  H04L45/02 ,  H04L45/28

摘要： A method that rapidly reconfigures a computer network having a plurality of devices executing the spanning tree algorithm. First, one or more devices are configured and arranged so that one port, providing connectivity to the root, is in the forwarding state and the remaining ports, providing connectivity to the root, are in the blocked state. Next, one or more of the blocked ports are designated as back-up ports. Upon detection of a failure at the active forwarding port, one of the back-up ports immediately transitions from blocked to forwarding, thereby becoming the new active port for the device. Following the transition to a new active port, dummy multicast messages are transmitted, each containing the source address of an entity directly coupled to the affected device or downstream thereof. By examining the dummy multicast messages, other devices in the network learn to use to the new forwarding port of the affected device. Rapid reconfiguration of the network is also provided upon detection of a new or repaired link or device representing a better path toward the root. The method is also compatible with networks supporting virtual local area network (VLAN) designations and allows load balancing among different VLANs.

摘要翻译： 一种快速重新配置具有执行生成树算法的多个设备的计算机网络的方法。 首先，配置和布置一个或多个设备，使得提供与根的连接的一个端口处于转发状态，并且提供与根的连接的其余端口处于阻塞状态。 接下来，一个或多个阻塞端口被指定为备份端口。 在主动转发端口检测到故障后，其中一个备份端口立即从阻塞转发到转发，从而成为设备的新的活动端口。 在转换到新的活动端口之后，传输虚拟多播消息，每个消息包含直接耦合到受影响设备或其下游的实体的源地址。 通过检查虚拟组播消息，网络中的其他设备学习使用受影响设备的新转发端口。 在检测到新的或修复的链接或设备，表示朝向根的更好路径时，也提供网络的快速重新配置。 该方法还与支持虚拟局域网（VLAN）的网络兼容，并允许不同VLAN之间的负载平衡。

公开(公告)号：US07185073B1

公开(公告)日：2007-02-27

申请号：US09728138

申请日：2000-12-01

申请人： Silvano Gai ,  Keith McCloghrie

发明人： Silvano Gai ,  Keith McCloghrie

IPC分类号： G06F15/16

CPC分类号： H04L41/5054 ,  H04L41/0893 ,  H04L41/5003 ,  H04L41/5096

摘要： A computer network having multiple, dissimilar network devices includes a system for implementing high-level, network policies. The high-level policies, which are generally device-independent, are translated by one or more policy servers into a set of rules that can be put into effect by specific network devices. Preferably, a network administrator selects an overall traffic template for a given domain and may assign various applications and/or users to the corresponding traffic types of the template. Location-specific policies may also be established by the network administrator. The policy server translates the high-level policies inherent in the selected traffic template and location-specific policies into a set of rules, which may include one or more access control lists, and may combine several related rules into a single transaction. Intermediate network devices, which may have one or more roles assigned to their interfaces, are configured to request traffic management information from the policy server which replies with a particular set of transactions and rules. The rules, which may correspond to the particular roles assigned to the interfaces, are then utilized by the intermediate devices to configure their particular services and traffic management mechanisms. Other rules are utilized by the intermediate devices to classify packets with a particular priority and/or service value and to treat classified packets in a particular manner so as to realize the selected high-level policies within the domain.

摘要翻译： 具有多个不同网络设备的计算机网络包括用于实现高级别网络策略的系统。 通常与设备无关的高级策略由一个或多个策略服务器转换成可由特定网络设备实施的一组规则。 优选地，网络管理员为给定域选择总体业务模板，并且可以将各种应用和/或用户分配给模板的相应业务类型。 位置特定的策略也可以由网络管理员建立。 策略服务器将所选流量模板和位置特定策略中固有的高级策略转换成可以包括一个或多个访问控制列表的一组规则，并且可以将多个相关规则组合成单个事务。 可以具有分配给其接口的一个或多个角色的中间网络设备被配置为从策略服务器请求流量管理信息，所述策略服务器用特定的一组事务和规则进行回复。 然后，可以对应于分配给接口的特定角色的规则被中间设备用于配置其特定服务和业务管理机制。 中间设备利用其他规则对具有特定优先级和/或服务值的分组进行分类，并以特定方式对分类分组进行处理，以便实现域内所选择的高级策略。

公开(公告)号：US06874016B1

公开(公告)日：2005-03-29

申请号：US10684681

申请日：2003-10-14

申请人： Silvano Gai ,  Keith McCloghrie

发明人： Silvano Gai ,  Keith McCloghrie

IPC分类号： G06F17/30 ,  G11C15/00 ,  H04L29/06 ,  G06F12/00

CPC分类号： G06F17/30982 ,  G11C15/00 ,  H04L29/06 ,  H04L69/16 ,  H04L69/161 ,  Y10S707/99933

摘要： A system for efficiently organizing data or information into an associative memory device, such as a ternary content addressable memory (TCAM), for subsequent searching divides the TCAM is divided into a plurality of individual stages that are interconnected in a cascading fashion. The data or information that is to be stored into the TCAM for subsequent searching is initially translated into a first Boolean representation, such as a binary decision diagram (BDD), that is partitioned into a plurality of segments. Each segment defines one or more outputs, and the outputs from one segment define the inputs to the next segment. After partitioning the BDD and identifying the resulting outputs, each BDD segment along with its corresponding outputs is mapped into a particular stage of the TCAM.

摘要翻译： 用于将数据或信息有效地组织到诸如三元内容可寻址存储器（TCAM）的关联存储器设备中用于后续搜索划分TCAM的系统被划分为以级联方式互连的多个单独级。 要存储到TCAM中用于后续搜索的数据或信息最初被转换成被划分成多个段的第一布尔表示，例如二进制判定图（BDD）。 每个段定义一个或多个输出，并且来自一个段的输出定义到下一段的输入。 在分割BDD并识别结果输出之后，每个BDD段及其相应的输出被映射到TCAM的特定阶段。

公开(公告)号：US06651101B1

公开(公告)日：2003-11-18

申请号：US10191605

申请日：2002-07-09

申请人： Silvano Gai ,  Keith McCloghrie ,  Shai Mohaban

发明人： Silvano Gai ,  Keith McCloghrie ,  Shai Mohaban

IPC分类号： G06F1516

CPC分类号： H04L41/0893 ,  H04L41/5003 ,  H04L41/5045 ,  H04L41/5096 ,  H04L47/10 ,  H04L47/20 ,  H04L47/2408 ,  H04L47/2433 ,  H04L47/2441 ,  H04L47/2475 ,  H04L47/70 ,  H04L47/724 ,  H04L47/803 ,  H04L47/808

摘要： A system within a computer network identifies specific traffic flows originating from a given network entity and requests and applies appropriate policy rules or service treatments to the traffic flows. A network entity includes a flow declaration component that communicates with one or more application programs executing on the entity. The flow declaration component includes a message generator and an associated memory for storing one or more traffic flow data structures. For a given traffic flow, the application program issues one or more calls to the flow declaration component providing it with information identifying the traffic flows. The flow declaration component then opens a flow management session with a local policy enforcer that obtains policy rules or service treatments for the identified flow from a policy server and applies those rules or treatments to the specific traffic flows from the network entity.