公开(公告)号：US07313667B1

公开(公告)日：2007-12-25

申请号：US10212965

申请日：2002-08-05

申请人： Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Shyamsundar Rao Pullela

发明人： Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Shyamsundar Rao Pullela

IPC分类号： G06F9/34

CPC分类号： H04L49/3009 ,  H04L45/742

摘要： Fields of entries are mapped into new values with these mapped values combined into mapped entries for use in lookup operations typically for packet processing. One implementation identifies a list including multiple items each having a first field and a second field. The unique first and second fields of each item are respectively mapped to mapped first and second fields. A first associative memory is programmed with the unique first fields, and a first stage memory is programmed with the mapped first fields at corresponding locations. A second associative memory is programmed with the unique second fields, a second stage memory is programmed with the mapped second fields at corresponding locations. A second stage associative memory is then programmed, using the mapped first and second fields, with entries corresponding to one or more of the original multiple items.

摘要翻译： 条目的字段被映射到新的值，这些映射的值组合成映射的条目，用于通常用于数据包处理的查找操作。 一个实现标识包括多个项目的列表，每个项目具有第一个字段和第二个字段。 每个项目的唯一的第一和第二个字段分别映射到映射的第一和第二字段。 第一关联存储器用唯一的第一字段编程，并且第一级存储器被编程与对应位置处的映射的第一字段。 第二关联存储器用唯一的第二字段编程，第二级存储器被编程与对应位置处的映射的第二字段。 然后使用映射的第一和第二字段对与第一多个项目中的一个或多个条目相对应的条目来编程第二阶段关联存储器。

公开(公告)号：US07237059B2

公开(公告)日：2007-06-26

申请号：US11321918

申请日：2005-12-28

申请人： William N. Eatherton ,  Jaushin Lee ,  Bangalore L. Priyadarshan ,  Priyank Ramesh Warkhede ,  Fusun Ertemalp ,  Hugh Weber Holbrook ,  Dileep Kumar Devireddy ,  Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela

发明人： William N. Eatherton ,  Jaushin Lee ,  Bangalore L. Priyadarshan ,  Priyank Ramesh Warkhede ,  Fusun Ertemalp ,  Hugh Weber Holbrook ,  Dileep Kumar Devireddy ,  Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela

IPC分类号： G06F12/00

CPC分类号： G06F17/30982

摘要： Methods and apparatus are disclosed for performing lookup operations using associative memories, including, but not limited to modifying search keys within an associative memory based on modification mappings, forcing a no-hit condition in response to a highest-priority matching entry including a force no-hit indication, selecting among various sets or banks of associative memory entries in determining a lookup result, and detecting and propagating error conditions. In one implementation, each block retrieves a modification mapping from a local memory and modifies a received search key based on the mapping and received modification data. In one implementation, each of the associative memory entries includes a field for indicating that a successful match on the entry should or should not force a no-hit result. In one implementation, an indication of which associative memory blocks or sets of entries to use in a particular lookup operation is retrieved from a memory.

摘要翻译： 公开了用于使用关联存储器执行查找操作的方法和装置，包括但不限于基于修改映射修改关联存储器内的搜索关键字，响应于最高优先级的匹配条目来响应不受限制的条件，包括力 - 指示，在确定查找结果中选择各种组或存储器中的关联存储器条目，以及检测和传播错误条件。 在一个实现中，每个块从本地存储器检索修改映射，并且基于映射和接收到的修改数据修改接收到的搜索密钥。 在一个实现中，每个关联存储器条目包括用于指示条目上的成功匹配应该或不应该强制无命中结果的字段。 在一个实现中，从存储器检索在特定查找操作中使用的哪些关联存储器块或条目集合的指示。

公开(公告)号：US07724728B2

公开(公告)日：2010-05-25

申请号：US11122612

申请日：2005-05-05

申请人： Venkateshwar Rao Pullela ,  Ambarish Kenghe ,  Ramesh V N Ponnapalli ,  Dileep Kumar Devireddy ,  Suresh Gurajapu

发明人： Venkateshwar Rao Pullela ,  Ambarish Kenghe ,  Ramesh V N Ponnapalli ,  Dileep Kumar Devireddy ,  Suresh Gurajapu

IPC分类号： H04L12/66 ,  H04L12/28 ,  G06F7/04 ,  G06F9/00

CPC分类号： H04L12/4641

摘要： Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms, for policy-based processing of packets, including mechanisms for managing the policies. A user is authenticated and its user group identifier is identified. A packet is received and is associated with the user group identifier, and one or more fields (typically other than the source address field) of the packet are used to identify a second group identifier. A lookup operation is then performed on a policy based on the first and second group identifiers to identify a packet processing action to be performed on the packet. These identifiers are typically not network addresses, which disassociates the policy from physical network addresses (which often are dynamically assigned and may also vary based on the access point into the network of a user), and allows a switching device to process packets based on a policy stated using group identifiers.

摘要翻译： 公开了用于分组的基于策略的处理的方法，装置，数据结构，计算机可读介质和机制，包括用于管理策略的机制。 用户被认证，并且其用户组标识符被识别。 接收到分组并与用户组标识符相关联，并且使用分组的一个或多个字段（通常不是源地址字段）来标识第二组标识符。 然后基于第一组标识符和第二组标识符对策略执行查找操作，以识别要对分组执行的分组处理动作。 这些标识符通常不是网络地址，其将策略与物理网络地址（其通常被动态地分配，并且还可以基于到用户的网络的接入点）而变化），并且允许交换设备基于 政策声明使用组标识符。

公开(公告)号：US07350020B2

公开(公告)日：2008-03-25

申请号：US11497171

申请日：2006-08-01

申请人： Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Gyaneshwar S. Saharia ,  Dipankar Bhattacharya ,  Qizhong Chen

发明人： Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Gyaneshwar S. Saharia ,  Dipankar Bhattacharya ,  Qizhong Chen

IPC分类号： G06F12/00

CPC分类号： H04L45/00 ,  G06F17/30982 ,  H04L45/54 ,  H04L45/7453 ,  H04L47/2441

摘要： Methods, apparatus, and other mechanisms are disclosed for merging lookup results, such as from one or more associative memory banks and/or memory devices. In one exemplary implementation, multiple associative memories or associative memory banks are configured to substantially simultaneously generate a plurality of lookup results based on a lookup value. Multiple memories are each configured to generate a corresponding result based on the lookup result generated by its corresponding associative memory or associative memory bank. A combiner is configured to receive and merge these corresponding results generated substantially simultaneously in order to identify the merged lookup result.

摘要翻译： 公开了用于合并诸如来自一个或多个关联存储体和/或存储器装置的查找结果的方法，装置和其它机制。 在一个示例性实现中，多个关联存储器或关联存储器组被配置为基于查找值基本上同时生成多个查找结果。 多个存储器被配置为基于由其相应的关联存储器或关联存储体生成的查找结果来产生相应的结果。 组合器被配置为接收并合并基本同时生成的这些对应结果，以便识别合并的查找结果。

公开(公告)号：US07177978B2

公开(公告)日：2007-02-13

申请号：US10630174

申请日：2003-07-29

申请人： Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Gyaneshwar S. Saharia ,  Dipankar Bhattacharya ,  Qizhong Chen

发明人： Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Gyaneshwar S. Saharia ,  Dipankar Bhattacharya ,  Qizhong Chen

IPC分类号： G06F12/00

CPC分类号： H04L45/00 ,  G06F17/30982 ,  H04L45/54 ,  H04L45/7453 ,  H04L47/2441

摘要： Methods, apparatus, and other mechanisms are disclosed for merging lookup results, such as from one or more associative memory banks and/or memory devices. An access list is identified. A first set of entries corresponding to a first feature of the access control list entries and a second set of entries corresponding to a second feature of the access control list entries are identified. First and second associative memory banks are programmed respectively based on the first and second sets of entries. Lookup operations are then typically performed substantially simultaneously on the first and second sets of associative memory entries programmed in the associative memory banks to generate multiple lookup results, with these results typically being identified directly, or via a lookup operation in an adjunct memory or other storage mechanism. These lookup results are then combined to generate a merged lookup result.

摘要翻译： 公开了用于合并诸如来自一个或多个关联存储体和/或存储器装置的查找结果的方法，装置和其它机制。 识别访问列表。 识别对应于访问控制列表条目的第一特征的第一组条目和与访问控制列表条目的第二特征相对应的第二组条目。 基于第一和第二组条目分别对第一和第二关联存储体进行编程。 然后，通常在关联存储器组中编程的第一组和第二组关联存储器条目上基本上同时执行查找操作，以生成多个查找结果，这些结果通常直接被识别，或者经由辅助存储器或其他存储器中的查找操作 机制。 然后将这些查找结果组合以生成合并的查找结果。

公开(公告)号：US07689485B2

公开(公告)日：2010-03-30

申请号：US10630178

申请日：2003-07-29

申请人： Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Suresh Gurajapu ,  Gyaneshwar S. Saharia ,  Atul Rawat

发明人： Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Suresh Gurajapu ,  Gyaneshwar S. Saharia ,  Atul Rawat

IPC分类号： G06Q99/00

CPC分类号： G06F17/30982 ,  G06Q40/00 ,  G06Q40/12

摘要： Methods, apparatus, and other mechanisms are disclosed for generating accounting or other data based on that indicated in access control lists or other specifications, and typically using associative memory entries in one or more associative memory banks and/or memory devices. One implementation identifies an access control list including multiple access control list entries, with a subset of these access control list entries identifying accounting requests. Accounting mechanisms are associated with each of said access control list entries in the subset of access control list entries identifying accounting requests. An item is identified, and a corresponding accounting mechanism is updated. In one implementation, the item includes at least one autonomous system number. In one implementation, at least one of the accounting mechanisms is associated with at least two different access control list entries in the subset of access control list entries identifying accounting requests.

摘要翻译： 公开了用于基于访问控制列表或其他规范中指示的并且通常在一个或多个关联存储器组和/或存储器件中使用关联存储器条目来生成计帐或其他数据的方法，装置和其他机制。 一个实现标识包括多个访问控制列表条目的访问控制列表，其中这些访问控制列表条目的子集标识记帐请求。 计帐机制与识别计费请求的访问控制列表条目的子集中的每个所述访问控制列表条目相关联。 识别项目，并更新相应的计帐机制。 在一个实现中，该项目包括至少一个自主系统号码。 在一个实现中，至少一个计帐机制与识别计费请求的访问控制列表条目的子集中的至少两个不同的访问控制列表条目相关联。

公开(公告)号：US07103708B2

公开(公告)日：2006-09-05

申请号：US10215719

申请日：2002-08-10

申请人： William N. Eatherton ,  Jaushin Lee ,  Bangalore L. Priyadarshan ,  Priyank Ramesh Warkhede ,  Fusun Ertemalp ,  Hugh Weber Holbrook ,  Dileep Kumar Devireddy ,  Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela

发明人： William N. Eatherton ,  Jaushin Lee ,  Bangalore L. Priyadarshan ,  Priyank Ramesh Warkhede ,  Fusun Ertemalp ,  Hugh Weber Holbrook ,  Dileep Kumar Devireddy ,  Bhushan Mangesh Kanekar ,  Venkateshwar Rao Pullela

IPC分类号： G06F12/00

CPC分类号： G06F17/30982

摘要： Methods and apparatus are disclosed for performing lookup operations using associative memories, including, but not limited to modifying search keys within an associative memory based on modification mappings, forcing a no-hit condition in response to a highest-priority matching entry including a force no-hit indication, selecting among various sets or banks of associative memory entries in determining a lookup result, and detecting and propagating error conditions. In one implementation, each block retrieves a modification mapping from a local memory and modifies a received search key based on the mapping and received modification data. In one implementation, each of the associative memory entries includes a field for indicating that a successful match on the entry should or should not force a no-hit result. In one implementation, an indication of which associative memory blocks or sets of entries to use in a particular lookup operation is retrieved from a memory.

摘要翻译： 公开了用于使用关联存储器执行查找操作的方法和装置，包括但不限于基于修改映射来修改关联存储器内的搜索关键字，以响应于包括力不在的最高优先级匹配条目来强制无命中条件 - 指示，在确定查找结果中选择各种组或存储器中的关联存储器条目，以及检测和传播错误条件。 在一个实现中，每个块从本地存储器检索修改映射，并且基于映射和接收到的修改数据修改接收到的搜索密钥。 在一个实现中，每个关联存储器条目包括用于指示条目上的成功匹配应该或不应该强制无命中结果的字段。 在一个实现中，从存储器检索在特定查找操作中使用的哪些关联存储器块或条目集合的指示。

公开(公告)号：US07082492B2

公开(公告)日：2006-07-25

申请号：US10630176

申请日：2003-07-29

申请人： Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Bhushan Mangesh Kanekar ,  Stephen Francis Scheid

发明人： Venkateshwar Rao Pullela ,  Dileep Kumar Devireddy ,  Bhushan Mangesh Kanekar ,  Stephen Francis Scheid

IPC分类号： G06F12/00

CPC分类号： G06F17/30982

摘要： Methods and apparatus are disclosed for defining and using associative memory entries with force no-hit and priority indications of particular use in implementing policy maps in communication devices. In one use, a set of entries is determined based on a policy map with a force no-hit indication being associated with one or more of the entries. Additionally, programmable priority indications may be associated with one or more of the entries, or with the associative memory devices, associative memory banks, etc. The force no-hit indications are often used in response to identified deny instructions in an access control list or other policy map. A lookup operation is then performed on these associative memory entries, with highest matching result or results identified based on the programmed and/or implicit priority level associated with the entries, or with the associative memory devices, associative memory banks, etc.

摘要翻译： 公开了用于定义和使用具有强制无命中的关联记忆条目和在通信装置中实现策略图中特别有用的优先指示的方法和装置。 在一次使用中，基于具有与一个或多个条目相关联的强制无命中指示的策略图来确定一组条目。 此外，可编程的优先级指示可以与一个或多个条目，或者与关联存储器设备，关联存储器组等相关联。强制无命中指示经常用于响应于访问控制列表中的标识的拒绝指令或 其他政策图。 然后对这些关联存储器条目执行查找操作，具有最高匹配结果或基于与条目相关联的已编程和/或隐式优先级级别或与关联存储器设备，关联存储器组等相关联的结果。

公开(公告)号：US07336660B2

公开(公告)日：2008-02-26

申请号：US10159055

申请日：2002-05-31

申请人： Venkateshwar Rao Pullela

发明人： Venkateshwar Rao Pullela

IPC分类号： H04L12/28 ,  H04L12/56 ,  H04L12/66

CPC分类号： H04L47/10 ,  H04L45/742 ,  H04L47/2441 ,  H04L63/101

摘要： A context vector, typically used in a lookup operation of an associative memory, is generated based on a context of a received packet and the packet itself. In one implementation, multiple interfaces can share a common access control list as the context vector provides an indication of the result of unique processing required because of varying contexts, such as, but not limited to different interfaces, source addresses, and virtual network addresses. One implementation includes an input interface circuitry, a context indicator generator, a lookup word field generator, and an associative memory. The context indicator generator generates a context vector corresponding to a characteristic of the input interface circuitry. The lookup word field generator generates one or more lookup word vectors based on the packet. The associative memory performs a lookup operation based on the context vector and lookup word vectors.

摘要翻译： 通常在关联存储器的查找操作中使用的上下文向量基于接收的分组和分组本身的上下文来生成。 在一个实现中，当上下文向量提供由于变化的上下文（例如但不限于不同的接口，源地址和虚拟网络地址）所需的唯一处理的结果的指示时，多个接口可以共享公共访问控制列表。 一个实现包括输入接口电路，上下文指示符生成器，​​查找字字段生成器和关联存储器。 上下文指示符生成器生成与输入接口电路的特性对应的上下文矢量。 查找字字段生成器基于该分组生成一个或多个查找词向量。 关联存储器基于上下文向量和查找字向量执行查找操作。

公开(公告)号：US07274693B1

公开(公告)日：2007-09-25

申请号：US10329249

申请日：2002-12-23

申请人： Raymond J. Kloth ,  Kevin D. Morishige ,  Venkateshwar Rao Pullela

发明人： Raymond J. Kloth ,  Kevin D. Morishige ,  Venkateshwar Rao Pullela

IPC分类号： H04L12/56

CPC分类号： H04L45/00 ,  H04L45/7453 ,  H04L49/90

摘要： A hardware search engine facility is provided to allow CPU search and update of a Forwarding Table CAM under the control of software running on the CPU. The hardware search engine provides one or more comparand-mask pairs which allow for a match, exclusion or magnitude comparison on specific entry values and/or the option to ignore or “don't care” certain bits of the entry. Control registers may be set in software to specify a start address and stop address in the CAM for the search. An indication of valid or invalid entries may be provided as well. Once the search is initiated by software, the search engine will read the entries sequentially starting from the programmed start address. It will perform a compare using the comparand-mask pair and attempt to identify a match. The locations in the CAM which match the search criteria may be put into a CPU-accessible memory. If the memory fills up before it can be read by the software, the search may be halted until the memory is emptied. A programmable action may instead, or in addition, be set to take place in the event of a match. Such programmable actions may include, but are not limited to, marking the entry, deleting the entry, change status bits corresponding to the entry, rewriting some of the entry, and the like.

摘要翻译： 提供硬件搜索引擎设备，以便在CPU上运行的软件控制下CPU搜索和更新转发表CAM。 硬件搜索引擎提供一个或多个比较屏蔽对，其允许对特定输入值进行匹配，排除或幅度比较和/或忽略或“不关心”条目的某些位的选项。 软件中可以设置控制寄存器，以指定搜索的CAM中的起始地址和停止地址。 也可以提供有效或无效的条目的指示。 一旦搜索由软件启动，搜索引擎将从编程的起始地址顺序读取条目。 它将使用比较掩码对执行比较，并尝试识别匹配。 符合搜索条件的CAM中的位置可以放入CPU可访问的存储器中。 如果在软件读取之前内存填满，则可能会停止搜索，直到内存清空为止。 可以替代地或另外设置可编程动作，以在匹配的情况下进行。 这样的可编程动作可以包括但不限于标记条目，删除条目，对应于条目的改变状态位，重写条目中的一些等等。