Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.


  1. Advanced Patent Search
Publication numberCN1777143 A
Publication typeApplication
Application numberCN 200510109556
Publication date24 May 2006
Filing date25 Oct 2005
Priority date25 Oct 2004
Also published asCN100512215C, DE602005006070D1, DE602005006070T2, EP1650908A2, EP1650908A3, EP1650908B1, US7639674, US20060101159
Publication number200510109556.5, CN 1777143 A, CN 1777143A, CN 200510109556, CN-A-1777143, CN1777143 A, CN1777143A, CN200510109556, CN200510109556.5
Inventors奇安耶, 丹尼斯韦弗
Export CitationBiBTeX, EndNote, RefMan
External Links: SIPO, Espacenet
Internal load balancing in a data switch using distributed network processing
CN 1777143 A
Abstract  translated from Chinese
本发明公开了一种用于在入口处理器与出口处理器之间动态地分布数据包处理操作以使负载平衡的数据通信交换机。 The present invention discloses a method for dynamically distributed packet processing operations between the inlet and the outlet processor so that the processor load balancing of the data communication switch. 在优选实施例中,本发明的特征表现为一种包括多个交换模块的交换设备,每个交换模块包括:数据包分类器,其用于识别将应用于入口数据包的一个或多个数据包处理操作;以及控制器,其适用于在第一组数据包处理操作与第二组数据包处理操作之间分配所识别的一个或多个数据包处理操作中的每个数据包处理操作,在接收数据包的入口处理器中执行第一组数据包处理操作,并发送指令到出口处理器以执行第二组数据包处理操作。 In a preferred embodiment, the invention features expressed as a switching device comprising a plurality of switching modules, each switching module comprising: a packet classifier, which is applied to one inlet for identifying one or more data packets packet processing operation; and a controller adapted to each of the packet processing operations between a first set of packet processing operations and a second set of packet processing operations assigned to the identified one or more packet processing operations, performing a first set of packet processing operations at ingress processor receives the packet and sends instructions to the outlet of a processor to perform a second set of packet processing operations. 然后,出口处理器执行第二组数据包处理操作,之后可以将数据包向其目的地节点发送。 Then, a second set of egress processor executing packet processing operations, after the data packet can be sent to its destination node.
Claims(10)  translated from Chinese
1.一种包括多个交换模块的交换设备,每个交换模块包括:适用于接收协议数据单元(PDU)的至少一个外部端口;分类器,适用于识别:应用于所述PDU的一个或多个PDU处理操作;以及所述多个交换模块中接收所转发的数据包的第二交换模块;以及控制器,适用于:在第一组PDU处理操作与第二组PDU处理操作之间分配所述一个或多个PDU处理操作中的每个PDU处理操作;在从所述外部端口接收到所述PDU之后,执行第一组PDU处理操作;以及发送执行所述第二组PDU处理操作的命令到所述第二交换模块。 1. A switching device comprising a plurality of switching modules, each switching module comprising: adapted to receive a protocol data unit (PDU) of at least one external port; classifier, adapted to recognize: the PDU is applied to one or more a PDU processing operations; and said plurality of switching modules in the forwarded data packets received a second switching module; and a controller for: allocation between the first set of PDU processing operations and a second set of PDU processing operations the one or more PDU processing operations for each PDU processing operations; a second set of PDU processing operations to execute the command and to send; after receiving from the external port to the PDU, performing a first set of PDU processing operations to the second switching module.
2.根据权利要求1所述的交换设备,其中每个交换模块还适用于响应于来自多个交换模块中的一个交换模块的命令而执行所述第二组PDU处理操作。 The switching device of claim 1, wherein each switch module further adapted in response to commands from the plurality of switching modules and a switching module to execute the second set of PDU processing operations.
3.根据权利要求2所述的交换设备,其中每个交换模块还适用于发送所述PDU到接收所述命令的交换模块。 3. The switching apparatus according to claim 2, wherein each switch module further adapted to receiving the command to switch module sends the PDU.
4.根据权利要求1所述的交换设备,其中所述PDU处理操作包括PDU转发操作。 4. The switching device of claim 1, wherein the PDU processing operations comprises PDU forwarding operations.
5.根据权利要求1所述的交换设备,其中所述PDU处理操作选自如下操作:报头转换、标记推送、标记弹出、服务质量、计费和记账、多协议标签交换(MPLS)管理、生成树操作、认证、访问控制、高层学习、警报生成、端口镜像、源学习、服务分类、色彩标记及其组合。 The switching device of claim 1, wherein the PDU processing operations selected from the following: header conversion, marked push, pop marking, quality of service, billing and accounting, Multi-Protocol Label Switching (MPLS) management, spanning tree operation, authentication, access control, high-level learning, alert generation, port mirroring, source learning, service classification, labeling and color combinations.
6.一种对包括第一交换模块和第二交换模块的交换设备中的协议数据单元(PDU)交换操作进行分配的方法,所述方法包括步骤:在所述第一交换模块的外部端口接收PDU;识别应用于所述PDU的一个或多个PDU处理操作;在第一组PDU处理操作与第二组PDU处理操作之间分配所述一个或多个PDU处理操作中的每个PDU处理操作;在所述第一交换模块中执行所述第一组PDU处理操作;以及发送命令到所述第二交换模块以执行所述第二组PDU处理操作。 6. A method of switching modules comprising a first and a second switching module of a switching device in the protocol data unit (PDU) switching operations are assigned, the method comprising the steps of: receiving at the external port of the first switching module PDU; Recognition in the PDU to one or more PDU processing operations; between the first set of PDU processing operations and a second set of PDU processing operations are assigned to the one or more PDU processing operations for each PDU processing operations ; executing the first set of PDU processing operations at the first switching module; and transmitting a command to the second switching module to execute the second set of PDU processing operations.
7.根据权利要求6所述的方法,其中所述方法还包括步骤:响应于来自所述第一交换模块的命令,在所述第二交换模块中执行所述第二组PDU处理操作。 7. The method according to claim 6, wherein said method further comprises the step of: in response to a command from said first switching module, performing the second set of PDU processing operations at the second switching module.
8.根据权利要求6所述的方法,其中所述方法还包括步骤:发送所述PDU到所述第二交换模块。 8. The method according to claim 6, wherein said method further comprises the step of: sending the PDU to the second switching module.
9.根据权利要求6所述的方法,其中所述方法还包括步骤:将包括标识符的报头附加到从所述第一交换模块发送到所述第二交换模块的所述PDU,所述标识符表明所述一个或多个PDU处理操作在所述第一交换模块与所述第二交换模块之间的分配。 9. The method according to claim 6, wherein said method further comprises the steps of: including an identifier attached to the header transmitted from the first switching module to the second switching module of the PDU, the identification symbol indicates that the one or more PDU processing operations between the first distribution switch module and the second switching module.
10.根据权利要求6所述的方法,其中所述方法还包括步骤:从在所述第一交换模块与所述第二交换模块之间分配所述一个或多个PDU处理操作中的每个PDU处理操作的分配表中检索所述标识符。 10. The method according to claim 6, wherein said method further comprises the step of: from the allocation between the first switching module and the second switching module of the one or more PDU processing operations for each Allocation Table PDU processing operations to retrieve the identifier.
Description  translated from Chinese
使用分布式网络处理的数据交换机中的内部负载平衡 Use of distributed data processing network switch in the internal load balancing

技术领域 FIELD

本发明一般地涉及数据通信网络中用于在不同的数据包处理单元之间分布处理操作并由此分布处理负载的交换设备。 The present invention relates generally to a data communication network for distributing processing operations between different packet processing unit and thus the distribution of the processing load on the switching device. 特别地,本发明涉及一种用于在入口处理器和出口处理器之间分配数据包处理操作以使负载不平衡最小化的系统和方法。 In particular, the present invention relates to a method for allocating data packet processing operations between the inlet and outlet processor so that the processor load imbalance minimizing system and method.


诸如路由器或交换机之类的联网设备内网络处理负载的分布通常是固定的,并且很大程度上由联网设备的体系结构所决定。 Distribution network processing load within a network device such as a router or switch is usually fixed and largely determined by the architecture of networked devices. 例如,取决于厂商,一般预先确定转发决定(forwarding decision)和其他数据包处理是在入口执行还是在出口执行。 For example, depending on the manufacturer, usually predetermined forwarding decisions (forwarding decision) and other packet processing is executed at the entrance or the exit execution. 由于固有的不对称处理负载和不对称业务模式,入口点处的网络处理负载很少会等于出口点处的网络处理负载。 Because of the inherent asymmetric processing loads and asymmetric traffic patterns, the network processing load at the entry point rarely equal to the network processing load outlet point. 事实上,入口和出口之间的处理负载差异通常很大,以至于经常是交换机一端的处理器很忙碌,而另一端的处理器几乎保持空闲。 In fact, the processing load difference between the inlet and the outlet is generally large, so that one end of the switch processor is often very busy, and the other end of the processor remains nearly idle.

尽管一些联网设备可以与其他联网设备共享某些处理负载以平衡可用处理器上的处理工作量,但是这些方案不能动态地平衡数据包处理操作,因为:(a)网络处理典型地由硬连线的(hard-wired)专用集成电路(ASIC)设备实现,这种设备非常擅长重复性任务,但一般缺乏动态改变任务分布的智能;(b)采用分布式处理的网络集群都设计为处理一组大型且固定的任务,但这种网络集群相对较慢且不适合于数据包处理;以及(c)将大多数联网设备都简单地过度工程化(over-engineered)以适应最差的可能负载,而没有考虑到在系统级上浪费了过多的计算能力。 Although some network devices can share some of the processing load and other networked devices to handle the workload on the balance of available processors, but these programs can not be dynamically balanced packet processing operations, because: (a) network processing by typically hardwired the (hard-wired) ASIC (ASIC) devices to achieve this equipment is very good at repetitive tasks, but a general lack of intelligence to dynamically change the distribution of tasks; (b) the use of distributed processing network clusters are designed to deal with a group large and fixed tasks, but this is relatively slow and not suitable for network clusters to data packet processing; and (c) most networking devices are simply the over-engineered (over-engineered) to accommodate the worst possible load, without taking into account on a system level to waste too much computing power.

因此,需要一种能够监视数据包处理负载不平衡并在入口处理器和出口处理器之间动态地分布负载以使不平衡最小化的网络交换设备。 Therefore, a need for a monitoring data packet processing load imbalance between the inlet and outlet processor processors and dynamically distribute the load to minimize the unbalance of the network switching device.


在优选实施例中,本发明的特征表现为一种包括多个交换模块的交换设备,每个交换模块包括:至少一个外部端口,其适用于接收数据包或其他协议数据单元(PDU);数据包分类器,其适用于基于一个或多个数据包特性来检查数据包并识别应用于该数据包的一个或多个数据包处理操作,并适用于识别接收所转发的数据包的多个交换模块中的第二交换模块;控制器,其适用于在第一组数据包处理操作与第二组数据包处理操作之间分配所识别的一个或多个数据包处理操作中的每个数据包处理操作,在包括接收数据包的外部端口的交换模块中执行第一组数据包处理操作,并发送命令到第二交换模块指示该第二交换模块执行第二组数据包处理操作。 In a preferred embodiment, the invention features expressed as a switching device comprising a plurality of switching modules, each switching module comprising: at least one external port adapted to receive data packets, or other protocol data unit (PDU); data packet classifier, which is suitable for one or more packets based on the characteristics to be applied to examine the packet and identifies the data packet or a plurality of packet processing operations, and applies the received forwarded data packet for identifying a plurality of switching a second switching module in the module; a controller adapted to allocate between the first set of packet processing operations and a second set of packet processing operations of the identified one or more packet processing operations of each data packet processing operation, a first set of packet processing operations in the data packet comprises receiving external port switching module, and sends a command to the second switching module indicating that the second switching module executes the second set of packet processing operations. 如同优选实施例中多个交换模块中的每个交换模块一样,第二交换模块适用于响应于该命令而执行第二组数据包处理操作,之后可以将数据包从外部端口向其目的地节点发送。 As examples plurality of switching modules each switching module to a preferred embodiment, the second switching module is adapted to perform a second set of data in response to packet processing operation to the command, then the packet may be from the external port to which the destination node Send.

在优选实施例中,交换设备是路由器、网桥或多层交换机,而数据包处理操作是为了准备用于发送到其目的地节点方向上的下一个节点的数据包而执行的数据包转发操作。 In a preferred embodiment, the switching device is a router, bridge, or multi-layer switch, and the packet processing operations for packets ready for transmission to the packet to the next node in the direction of its destination node forwarding operation performed . 根据优选实施例,可以在多个交换模块的入口交换模块或出口交换模块中串行地分布和执行数据包处理操作。 According to a preferred embodiment, can be serially distributed packet processing operations and execute a plurality of switching modules in the inlet or outlet switching module switching module. 数据包处理操作一般选自群组但不限于群组,该群组包括:报头转换、标记推送(push)、标记弹出(pop)、服务质量、计费和记账、多协议标签交换(MPLS)管理、生成树操作、认证、访问控制、高层学习、警报生成、端口镜像、源学习、服务分类、色彩标记及其组合。 Packet processing operations are generally selected from the group, but not limited to the group, the group includes: header conversion, marking push (push), marking pop (pop), quality of service, billing and accounting, Multi-Protocol Label Switching (MPLS ) management, spanning tree operation, authentication, access control, high-level learning, alert generation, port mirroring, source learning, service classification, labeling and color combinations.

在优选实施例中,在交换设备的第一交换模块与第二交换模块之间分配数据包交换操作的方法包括步骤:在第一交换模块的外部端口处接收数据包;识别应用于数据包的一个或多个数据包处理操作;在第一组数据包处理操作与第二组数据包处理操作之间分配该一个或多个数据包处理操作中的每个数据包处理操作;在第一交换模块中执行第一组数据包处理操作;以及发送命令到第二交换模块以执行第二组数据包处理操作。 Methods In a preferred embodiment, the switching device between the first and second switching modules assigned switching module packet switching operations comprises the steps of: receiving a packet at an external port of the first switching module; identification applied to the data packet one or more packet processing operations; assigned to the one or more packet processing operations for each packet processing operations between a first set of packet processing operations and a second set of packet processing operations; in the first switching module performing a first set of data packet processing operations; and transmitting a command to the second switching module to perform a second set of packet processing operations. 本方法还包括响应在于该命令而第二交换模块中执行第二组数据包处理操作的步骤。 The method further includes, in response to the command that the second switching module in the second set of steps of packet processing operations.

附图说明 Brief Description

通过示例和附图对本发明进行说明,并且本发明不限于附图的图形,并且其中:图1是根据本发明的优选实施例的企业交换机的功能性框图;图2是根据本发明的优选实施例用于执行串行分布的数据包处理的企业交换机的交换模块的功能性框图;图3是根据本发明优选实施例的交换模块的本地存储器中所保存的数据库的功能性框图;图4是根据本发明优选实施例的串行分布的数据包处理(SDPP)控制器的功能性框图;图5是根据本发明的优选实施例用于在交换模块之间分配SDPP服务的报头的功能性框图;图6是根据本发明优选实施例的入口交换模块处理入口数据流的方法的流程图;以及图7是根据本发明优选实施例的出口交换模块处理出口数据流的方法的流程图。 By way of example and to the accompanying drawings The present invention will be described, and the present invention is not limited in the accompanying graph, and in which: FIG. 1 is a functional block diagram of enterprise switch according to a preferred embodiment of the present invention; Figure 2 is a preferred embodiment of the present invention. for example functional block diagram of a serial packet processing distributed enterprise switches perform switching module; FIG. 3 is a functional block diagram of an example of a database of local memory switching module saved in accordance with a preferred embodiment of the present invention; FIG. 4 is According to the distribution of packet processing serial preferred embodiment of the present invention is a functional block diagram (SDPP) controller; FIG. 5 is according to a preferred embodiment of the present invention is a functional block diagram of the distribution of SDPP services between switching modules in a header for ; FIG. 6 is a flowchart of an example of an inlet switching module inlet stream data processing method according to a preferred embodiment of the present invention; and FIG. 7 is a flowchart showing an example of switching modules export outlet stream data processing method according to a preferred embodiment of the present invention.


图1中示出的是企业交换机的功能性框图。 Figure 1 shows a functional block diagram of enterprise switch. 企业交换机100包括多个节点中的一个节点和其他可寻址实体,这些节点和实体可操作地连接到数据通信网络,该数据通信网络具体为例如局域网(LAN)、广域网(WAN),或城域网(MAN)、网际协议(IP)网、因特网,或其组合。 Enterprise switch 100 includes a plurality of nodes in a node and other addressable entities, and entities of these nodes is operatively connected to a data communication network, the data communication network specifically for example, a local (LAN), wide area network (WAN), or the city area network (MAN), an Internet Protocol (IP) network, the Internet, or a combination thereof.

企业交换机100优选地包括多个交换模块110-113,有时称为刀片(blade),将这些交换模块固定在背板152上的插槽中。 Enterprise switch 100 preferably includes a plurality of switching modules 110-113, sometimes referred to as the blade (blade), these switching module 152 is fixed to the backplane slot. 每个交换模块110-113包括一个或多个外部端口102,每个外部端口都可以通过通信链路(未示出)可操作地连接到数据通信网络中的另一个节点,并且一个或多个内部端口通过共享的交换架构150将每个交换模块110-113连接到每个其他的交换模块。 Each switching module 110-113 includes one or more external ports 102, each external port can be operatively connected via a communication link (not shown) to the data communication network to another node, and one or more Internal Port 150 is connected to each switching module 110-113 to every other switching module via a shared switch fabric.

交换模块110-113优选地包括至少一个网络处理器(NP)106,其能够进行如开放系统互联(OSI)参考模型中所定义的至少层2(数据链路层)和层3(网络层)的交换操作但不限于这些操作。 Switching module 110-113 preferably comprises at least one network processor (NP) 106, which is capable of at least layer 2 (data link layer) and a layer such as the Open Systems Interconnection (OSI) reference model as defined in 3 (network layer) switching operation but are not limited to these operations. 用于将外部端口102可操作地连接到有线和/或无线通信链路的一种可能的层2协议是电气和电子工程师协会(IEEE)的802.3标准,而一组可能的层3协议包括因特网工程任务组(IETF)的请求注释(RFC)791中定义的网际协议(IP)版本4和IETF RFC 1883中定义的IP版本6。 For the external port 102 is operatively connected to a wired and / or wireless communication link may be a layer 2 protocol is Institute of Electrical and Electronics Engineers (IEEE) 802.3 standard, while the set of possible Layer 3 protocols includes Internet Engineering Task Force (IETF) Request for Comments (RFC) 791 defined in an Internet Protocol (IP) version 4 defined in IETF RFC 1883 and IP version 6.

对于本公开来说,从外部端口102到架构150的流入交换模块110-113的数据在此称作入口数据,其包括入口PDU。 For purposes of this disclosure, from the external port 102 to flow into the switching module data structure 150 110-113 referred to herein as data entry, which includes an inlet PDU. 入口数据传播所通过的交换模块称作入口交换模块。 Entrance data exchange module is called propagation through the inlet switching modules. 相反,从架构150流向外部端口102的数据称作出口数据,其包括出口PDU。 In contrast, the flow of data from external port architecture 150 102 export data from the known, which includes export PDU. 出口数据传播所通过的交换模块称作出口交换模块。 Export data exchange module is called propagation through the outlet switching modules. 对于不同的流,优选实施例的多个交换模块中的每个交换模块可以同时用作入口交换模块和出口交换模块。 For different streams, a plurality of switching modules in the embodiment of the preferred embodiment each of the switching module can be used as an inlet and an outlet switching module switching module.

企业交换机100还包括用于管理不同系统资源的中心命令处理器(CMM)120,管理不同系统资源包括下面将详细讨论的拥塞监控和操作分配。 Enterprise switch 100 further includes a central management system resources different command processor (CMM) 120, management of different system resources comprises discussed in detail below congestion monitoring and operational assignments. 在优选实施例中,CMM120包含在多个交换模块110-113中的一个交换模块中,但是本领域的普通技术人员应当意识到,CMM执行的功能可以由合成在背板152上的一个或多个实体和/或一个单独的管理模块来执行。 CMM function can be performed by synthesis on a back plate 152 or in a preferred embodiment, CMM120 comprising a plurality of switching modules 110-113 in a switching module, one of ordinary skill in the art will be appreciated, entities and / or a separate management module to execute.

图2中示出的是用于执行PDU流的串行分布式处理的交换模块的功能性框图。 Figure 2 shows a functional block diagram for performing distributed processing of PDU flows serial switching module. 和交换模块110-113一样,该优选实施例的交换模块200包括一个或多个网络接口模块(NIM)104、一个或多个网络处理器106、一个管理模块220以及一个架构接口模块208。 And switching modules 110-113, as the switching module 200 of the preferred embodiment comprises one or more network interface modules (NIM) 104, one or more network processors 106, a management module 220, and a fabric interface module 208. 为了接收入口数据业务和发送出口数据业务,将每个NIM104可操作地连接到一个或多个外部端口102。 In order to receive and send data service entrance export data services, will connect each NIM104 operatively to one or more external ports 102. NIM104优选地包括适用于通过网络通信链路(未示出)交换例如以太网帧之类的PDU的一个或多个物理接口和媒体访问控制(MAC)接口。 NIM104 preferably includes suitable, for example an Ethernet frame or the like of the PDU via a network communication link (not shown) to exchange one or more physical interfaces and media access control (MAC) interface. 接收到入口PDU之后,通过一个或多个内部高速串行数据总线206将其从多个NIM104传送到网络处理器106。 After receiving the inlet PDU, through one or more internal high-speed serial data bus 206 which is transmitted to the network from a plurality of NIM104 processor 106. 网络处理器106优选地对入口PDU进行分类,执行分配为在入口处执行的任意转发操作,并且在入口队列存储器248中将这些PDU排成队列,直到可获得带宽来通过交换架构150将这些PDU发送到适当的一个或多个出口刀片。 Network processor 106 preferably classifies pair of inlet PDU, performs allocation for the forwarding performed at the entrance of any operation, and in these ingress queue memory 248 in the PDU queued until available bandwidth architecture 150 through the exchange of these PDU sent to the appropriate one or more outlets blades.

关于出口操作,交换模块200还适用于接收来自交换架构150的出口PDU,并且在出口队列存储器242中将这些PDU排成队列。 On export operation, switching module 200 is also adapted to receive from the switch fabric 150 outlet PDU, and at the exit queue memory 242 will be queued these PDU. 在将PDU提交给缓冲器250中的一个或多个队列并将这些PDU发送到适当的NIM104和相应的出口端口102之前,出口处的交换模块200的NP106可以执行分配给它的一个或多个另外的转发操作。 Before submission to the PDU buffer 250 of one or more queues and sends them to the appropriate NIM104 PDU and the corresponding outlet port 102, at the outlet of the switching module 200 may perform NP106 allocated to it one or more of Also forwarding operations. 缓冲器250中的多个队列由统计管理器252进行主动监控,统计管理器252汇总拥塞信息254并通过管理模块220将其发送到CMM120。 250 Multiple buffer queue statistics manager 252 by proactively monitoring, statistical summary of congestion information manager 252 254 and 220 through the management module to send it to CMM120. 拥塞信息254包括例如队列深度,用于表现出口数据流的特征,评定模块的拥塞状态,并在入口网络处理器和出口网络处理器之间分配数据包处理操作。 Congestion information 254 includes, for example queue depth for export performance characteristics of data streams, evaluate the congestion status of the module, and packet processing operations allocated between the inlet and outlet network processor network processors.

管理模块220一般包括用于保持和实现业务策略的策略管理器222,这些业务策略由网络管理员通过配置管理器224上传到交换模块200。 Management module 220 generally includes means for maintaining and implementing business strategies Policy Manager 222, these business strategies by the network administrator through the configuration manager module 200 224 uploaded to the exchange. 由策略管理器222所产生的策略还部分地基于由源学习操作得出的层2和层3寻址信息,这些寻址信息将PDU地址信息与接收这些信息的外部端口102相关联。 Policy also in part by the policy manager 222 generated by source learning operations based on results of the addressing layer 2 and layer 3 information, the addressing information and address information of the PDU received the information associated with the external port 102. 如下面将更详细描述的,管理模块222还适用于将更新254从CMM发送到网络处理器106,使得在发送PDU到一个或多个下游交换模块之前,入口交换模块200可以在入口处执行一部分或全部数据包处理操作。 As described in more detail below, the management module 222 is also adapted to transmit updates 254 from the CMM to the network processor 106, such that before sending the PDU to one or more downstream switching modules, the inlet switching module 200 may perform a portion at the entrance or all of the packet processing operations. 更新254包括用于填充多种数据库的数据,这些数据库支持下面将更详细描述的串行分布式数据包处理操作。 Update 254 includes data used to populate multiple databases, these databases will be described in detail below support serial distributed packet processing operations.

该优选实施例的NP106适用于利用OSI网络参考模型中定义的与层2到层7相关联的PDU特性来执行层2的交换操作和层3的路由操作。 This preferred embodiment is suitable for use NP106 Layer 2 to Layer 7 PDU properties associated with the OSI network reference model is defined to perform routing and switching operations and Layer 3 Layer 2 operation. NP106优选地包括分类器230、串行分布式数据包处理(SDPP)控制器236以及队列管理器240。 NP106 preferably includes classifiers 230, serial distributed packet processing (SDPP) controller 236 and the queue manager 240. 分类器230从数据总线206接收入口PDU,检查PDU的一个或多个感兴趣的字段,将PDU归类为多个流中的一个流,并从保存在高速本地存储器232中的转发表中检索转发信息。 Classifier 230 receives inlet PDU from the data bus 206, one or more of the fields of interest to check the PDU, the PDU is classified as a plurality of streams one stream, and retrieved from the memory 232 is stored in the high-speed local forwarding table forwarding information. 转发信息优选地包括但不限于流标识符和出口端口标识符,即将发送PDU的外部端口标识符。 Forwarding information preferably includes, but is not limited to the flow identifier and an egress port identifier, i.e. the external transmission PDU port identifier.

将分类器230检索到的转发信息发送到SDPP控制器236,其中将该转发信息用于识别将在入口处执行的第一组一个或多个SDPP操作。 Classifier 230 sends the retrieved information to be forwarded SDPP controller 236, which forwards the information to identify the first set of one or more of the SDPP operations performed at the entrance. 在此使用的SDPP操作指的是数据包处理操作或其他由于PDU、响应PDU或便于PDU从交换设备100发送而执行的转发操作。 SDPP operation as used herein refers to a packet processing operation or other due to the PDU, or to facilitate the forwarding operation in response PDU PDU transmitted from the exchange apparatus 100 and executed. 入口交换模块200或CMM120也可以识别将在出口交换模块执行的第二组SDPP操作。 Or CMM120 inlet switching module 200 can also identify a second set of SDPP operations to be performed at the outlet of the switching module. 本领域的普通技术人员应当意识到,SDPP操作可以在入口交换模块或出口交换模块中执行。 Of ordinary skill in the art will be appreciated, SDPP operations may be performed at the inlet or outlet switching module in the switching module. 下面将结合图5更详细地讨论可能的SDPP服务的范围。 Discussed below in conjunction with FIG. 5 range of possible SDPP services in more detail.

一般来说,入口交换模块200可以执行所有的、某一些或不执行入口交换模块中的SDPP操作。 In general, the inlet switching module 200 may perform all, some or not executed inlet switching module SDPP operation. 在从交换设备100中发送PDU之前,在出口交换模块中执行用于PDU而又不在入口交换模块200中执行的任意SDPP操作。 Before sending the PDU from the switching device 100, switching module in the outlet PDU but not performed for any of the inlet switching module 200 SDPP operations performed.

应用于入口的第一组一个或多个SDPP服务与将由出口交换模块执行的第二组SDPP服务之间的SDPP操作的分配可以在每个数据包和/或每个流的基础上动态地确定。 Allocation of SDPP operations between the SDPP services applied to the inlet of the first set of one or more SDPP services performed by the egress switch module can dynamically determine a second set of data in each packet basis and / or on a per-flow .

在优选实施例中,根据流ID以及入口交换模块和出口交换模块的拥塞状态确定将要在入口处执行的SDPP服务的分配。 In the preferred embodiment, determines the distribution to be performed in accordance with the entrance of SDPP service flow ID and the inlet and outlet switching module switching modules congested state. 在有些实施例中,入口交换模块和出口交换模块的拥塞状态由CMM120定期地进行汇总并报告给每个交换模块以便每个交换模块可以动态地确定SDPP服务的最有利的分配方式。 In some embodiments, the congestion status of the inlet and outlet switching module switching module periodically by CMM120 aggregated and reported to each switching module so that each switching module may dynamically determine the most beneficial allocation of SDPP services. 在其他实施例中,SDPP操作的最优分配由CMM120确定,下载到多个交换模块110-113中的每一个交换模块,并结合下面将更详细讨论的各种共享数据库以SDPP分配表238的形式保存在图3所示的本地存储器232中。 In other embodiments, the optimal allocation of SDPP operations is determined by CMM120, downloaded to the plurality of switching modules 110-113 each switching module, and will be discussed in detail below in conjunction with various shared databases to SDPP assignment table 238 saved in local memory 232 as shown in FIG. 3.

例如,该SDPP分配表238可以例如在每个流或每个数据包的基础上为每对入口和出口交换模块明确定义SDPP服务的分配。 For example, the SDPP assignment table 238 may, for example a well-defined distribution of SDPP services for each pair of inlet and outlet switching modules on a per flow or per packet basis. 可以以一定的间隔每秒一次或多次对SDPP分配表进行更新,以反映变化的业务模式和刀片间的负载不平衡。 Can be repeated at certain intervals or on the SDPP assignment table is updated once per second, load imbalance to reflect changing business models and between the blades.

在优选实施例中,根据入口交换模块和出口交换模块的相对拥塞状态在入口和出口之间分配SDPP服务。 In a preferred embodiment, according to the inlet and outlet switching module switching module is relatively congested state distribution SDPP services between the inlet and outlet. 特别地,将SDPP分配设计为将处理负载从具有过度使用的NP的交换模块转移到具有未充分使用的NP的交换模块。 In particular, the SDPP assignment designed to handle the load transfer from the switching module has NP overused to swap modules with NP not fully used. 因此,SDPP服务分布的目标是在整个交换设备100中均匀地分布处理资源的消耗,并由此使任何交换模块由于超出限度的业务条件而丢失PDU的概率最小化。 Thus, SDPP target service is distributed throughout the switching device 100 in the distributed processing resource consumption evenly, and thereby the probability of any switching module business conditions due to exceeding the limit of lost PDU minimized. 通过将处理负载的分布最优化,交换设备100不必付出将所有交换模块都过度工程化的代价,就可以适应可能发生在某些端口处的不成比例的高业务条件,这些端口例如用户所连接的端口或为因特网提供网关的端口。 By optimizing the distribution of processing load, the switching device 100 does not have to pay for all switching modules are over-engineer the cost, can be adapted to occur at certain ports at a disproportionately high traffic conditions, the user is connected to the port e.g. port, or a port provided for an Internet gateway.

图4中示出的是优选实施例的SDPP控制器的功能性框图。 Figure 4 shows a functional block diagram SDPP controller of the preferred embodiment. SDPP控制器236包括包含在一个或多个硬件或软件计算单元中的入口NP处理器410和出口处理器420、SDPP分配表238以及适用于执行单个SDPP服务430的一个或多个模块。 Contained in SDPP controller 236 includes one or more hardware or software computing unit inlet NP processor 410 and egress processor 420, SDPP assignment table 238, and adapted to perform one or more of the individual SDPP services module 430. 入口NP处理器410适用于从分类器230接收入口PDU460和流标识符462,并适用于向SDPP分配表238询问可应用于单个数据包或流的SDPP服务分配。 NP processor 410 is suitable for the inlet from the sorter 230 receives the inlet PDU460 and flow identifier 462, and applies to the SDPP assignment table 238 may be applied to a single inquiry packet or SDPP service assigned flow. 在优选实施例中,指定给入口交换模块和出口交换模块的SDPP服务分配由下面详述的SDPP标识符来表示。 In a preferred embodiment, the inlet switching SDPP identifier assigned to SDPP service assignment module and the outlet switching module is represented by the following detailed description. 随后,根据来自SDPP服务430的全部选择的第一组SDPP服务,在入口交换模块200中处理PDU。 Subsequently, all the selection based on the service 430 of a first set of SDPP services from SDPP, PDU 200 in the inlet processing switching module.

然后,将PDU464和SDPP标识符466发送到出口交换模块,以指示出口模块执行分配给出口交换模块的第二组SDPP服务430。 Then, PDU464 SDPP identifier 466 and sent to the export exchange module to indicate export module performs switching module is assigned to a second set of export SDPP services 430. 在优选实施例中,在PDU或PDU描述符发送到交换架构150之前,由操作SDPP标记生成器412将SDPP标识符466附加到PDU或PDU描述符上。 In a preferred embodiment, the PDU or PDU descriptor is sent to the switch fabric 150 before, by the operation SDPP tag generator 412 SDPP identifier 466 is appended to the PDU or a PDU descriptor. 在其他的实施例中,可以通过例如带外通信信道来发送SDPPID。 In other embodiments, for example, by band communication channel to send SDPPID.

在接收到PDU470或其描述符之后,在出口交换模块中,出口交换模块的出口处理器420除去SDPP标识符472,SDPP标记读取器422通过查询SDPP分配表238来确定由SDPP标识符指定的SDPP服务,并且出口交换模块执行第二组SDPP服务430,这组SDPP服务是完成向PDU476的最终目的地方向发送PDU476所必需的转发操作所需的SDPP服务。 After receiving the PDU470 or descriptor, switch module in the outlet, the outlet of the outlet switching module processor 420 is removed SDPP identifier 472, SDPP tag reader 422 by querying the SDPP assignment table 238 to determine the identifier specified by the SDPP SDPP services, and export exchange module to perform a second set of SDPP services 430, which is a complete set of SDPP services necessary to send PDU476 forwarded to the final destination of the direction of the desired operation of the SDPP PDU476 service.

例如,在优选实施例中,SDPP服务430的列表包括但不限于下列转发操作:报头转换、标记推送、标记弹出、服务质量、计费和记账,多协议标签交换(MPLS)管理、生成树操作、认证、访问控制、高层学习、警报生成、端口镜像、源学习、服务分类,以及色彩标记,以及监控(policing)和整形(shaping)。 For example, in a preferred embodiment, SDPP Services 430 list includes but is not limited to, the following forwarding operations: header conversion, marked push, pop-marking, quality of service, billing and accounting, Multi-Protocol Label Switching (MPLS) management, Spanning Tree operation, authentication, access control, high-level learning, alert generation, port mirroring, source learning, service classification, and color-coded, and monitoring (policing) and shaping (shaping).

报头转换服务431一般包括步骤:(a)检索PDU的下一跳地址,其指定了到最终目的地的路径中的下一节点的物理地址;(b)用包括源地址和目的地地址的报头来封装PDU,其中源地址等于交换设备100或出口交换模块的物理地址,目的地址等于到最终目的地的路径上的下一跳的物理地址;以及(c)递减例如IP包的生存时间计数器。 Header conversion service 431 generally includes the steps of: the next hop (a) retrieving PDU, which specifies the physical address of the path to the final destination of the next node; (b) by including the source and destination addresses in the header encapsulated PDU, wherein the source address is equal to the physical address of the device 100, or switching the outlet switching module, the destination address equal to the physical address of the next hop on the path to the final destination; and (c) Survival time counter is decremented e.g. IP packets. 例如,如果交换了在此包含的寻址信息或者由CMM120对表格进行了有规律的同步,则可以从入口交换模块或出口交换模块的本地存储器232(见图3)的转发表302中检索下一跳的地址。 For example, if the exchange of the addressing information contained herein or by CMM120 table by a regular synchronization, can the forwarding exchange module from the inlet or outlet switching module local memory 232 (see FIG. 3) to retrieve the next 302 hop address.

VLAN标记推送服务432通常包括步骤:(a)基于PDU特性来识别一个或多个VLAN标识符(VID),这些特性包括例如PDU源MAC地址、目的地MAC地址、协议和入口端口等;以及(b)用一个或多个VLAN标记来封装PDU。 VLAN tag pushing services 432 generally comprises the steps of: (a) based on PDU properties to identify one or more VLAN identifier (VID), these characteristics include, for example PDU source MAC address, destination MAC address, protocol, and the inlet port and the like; and ( b) one or more VLAN tags to encapsulate PDU. 例如,基于一个或多个PDU特性,可以从本地存储器232(见图3)中用于查找的VID的VLAN关联表304中检索到适当的标记。 For example, based on one or more PDU properties, can be used to find the VID of the VLAN association table 304 to retrieve the appropriate tag from the local memory 232 (see FIG. 3). 一旦例如由网络管理员定义的VLAN关联表304分布到交换机100的多个交换模块110-113中的每个交换模块或VLAN关联表304在每个交换模块之间取得同步,就可以在入口交换模块或出口交换模块中执行VLAN标记推送服务。 Once defined by the network administrator for example VLAN association table to switch more than 304 distributed switching module 110-113 100. Each switching module 304 or VLAN association table synchronization between each switch module, you can exchange the entry module or export exchange module to perform VLAN tagging push service.

VLAN标记弹出服务433包括步骤:例如,如果交换机100是倒数第二跳,或者当PDU从公网转换到专用网的无标记域(untaggeddomain)时,将一个或多个VLAN标记从PDU上除去。 VLAN tagging pop-service 433 comprises the steps of: for example, if the switch 100 is the penultimate hop, or when the PDU transition from public to private networks unmarked domain (untaggeddomain) when one or more VLAN tags removed from the PDU. 如同上述VLAN标记推送服务432,VLAN关联表304中包含的VLAN弹出规则分布于多个交换模块110-113之间或由多个交换模块110-113共享。 VLAN tagging push services as above 432, VLAN VLAN association table 304 pop rules contained in more than switching module or modules 110-113 is shared by multiple exchange between 110-113.

服务质量(QoS)操作434包括步骤:采用例如资源保留协议(RSVP)之类的机制来保留包括例如存储器和带宽的网络资源。 Quality of Service (QoS) operations 434 comprising the steps of: using, for example mechanisms Resource Reservation Protocol (RSVP) or the like to include for example, memory and bandwidth reserved network resources. QoS操作434还包括实现综合服务(Integrated Service)或区分服务(Differentiated Service)或同时实现这两种服务。 434 also includes QoS operations to achieve integrated service (Integrated Service) or DiffServ (Differentiated Service) or do both services. 关于区分服务,可以在入口交换模块或出口交换模块中执行各种操作,这些操作包括但不限于优先权标记、数据包监控、排队和调度。 About DiffServ, can perform various operations at the inlet or outlet switching module switching module, these operations including but not limited to priority marking, packet monitor, queuing and scheduling. 区分服务(DiffServ)的实现还可以包括识别与不同的流相关的服务分类和将这些流分配到专用于发送一个服务分类的业务的多个隧道中的一个隧道。 Differentiated Services (DiffServ) implementation may also include identifying the different streams associated service classification and assign these to a stream dedicated to the transmission of a plurality of service classes of traffic tunnels in a tunnel. 当PDU进入隧道时,不同服务分类的隧道优选地是与用于封装PDU的不同IP报头相关联的MPLS隧道,其中PDU可以包括也可以不包括先前存在的IP报头。 When the PDU into the tunnel, the tunnel preferably different service classes with different IP header is used to encapsulate the PDU associated with MPLS tunnels, which PDU may or may not include the pre-existing IP header. 在优选实施例中,入口交换模块和出口交换模块都可以采用DiffServ模型中规定的过程来将PDU分配给多个MPLS隧道中的一个MPLS隧道,DiffServ模型包括在因特网工程任务组(IETF)的请求注释(RFC)2474和RFC2475中提出的模型,在此引用这两种模型作为参考。 PDU to be assigned to a plurality of MPLS tunnels in MPLS tunnel, DiffServ models including a request in an Internet Engineering Task Force (IETF) is in the preferred embodiment, the inlet and outlet switching modules are switching modules specified in the process of the DiffServ model may be employed Comments (RFC) 2474 and the model proposed in RFC2475, herein incorporated by reference in these two models.

计费和记账服务435优选地包括步骤:(a)基于PDU特性来识别客户业务数据流;(b)识别所提交的服务类型或特征;以及(c)在每客户的基础上和/或在每个流的基础上产生基于这些服务的累积费用。 Billing and accounting services 435 preferably comprises the steps: (a) based on PDU properties to identify the customer service data flow; service type or characteristic (b) identifying submitted; and (c) on the basis of per customer and / or cumulative cost of these services is based on a per-flow basis. 例如,如果多个交换模块之间定时地交换信息,或者多个交换模块110-113的计费和记账数据库306由CMM120进行同步,则可以由能够访问存储器232(见图3)中的本地计费和记账数据库306的入口交换模块或出口交换模块来执行费用的识别和跟踪。 For example, if the exchange timing information, a plurality of switching modules or switching between a plurality of modules 110-113 billing and accounting database 306 to synchronize, it is possible to access the memory by 232 (see FIG. 3) by a local CMM120 billing and accounting database 306 entrance or exit switch module switch module to perform identification and tracking expenses.

MPLS管理服务436优选地包括步骤:(a)采用诸如与RSVP相关的协议、会话初始协议(SIP)或标签分布协议(LDP)之类的面向会话的协议来与相邻的标签交换路由器(LSR)交换MPLS绑定信息;(b)确定是否将非MPLS数据包转发到MPLS域中;(c)确定非MPLS PDU是否为转发等效类(FEC)的成员;(d)将MPLS标签加在是FEC成员的PDU上;(e)确定交换模块是否为来自MPLS域的PDU的倒数第二跳,并在必要时弹出MPLS标签;以及(f)将超过通信链路最大字节限制的MPLS数据包进行分段。 MPLS management services 436 preferably include the steps: (a) using the RSVP-related protocols such as Session Initiation Protocol (SIP) or label distribution protocol (LDP) and the like session-oriented protocol to exchange with the adjacent label router (LSR ) MPLS binding information exchange; (b) to determine whether the non-MPLS packets to the MPLS domain; (c) to determine whether a non-MPLS PDU forwarding equivalence class (FEC) members; (d) will be added to the MPLS label is a member of the PDU FEC; (e) determine whether the PDU switching module from the MPLS domain penultimate hop and pop MPLS label when necessary; and (f) would exceed the maximum byte limit communication link MPLS data packet fragmentation. 管理MPLS的实现所需的数据包括用于确定PDU是哪个FEC的成员的标准、所要应用的可应用标签和下一跳的地址,由CMM集中维护,并分布到多个交换模块以实现入口和出口的执行。 Data needed to manage MPLS implementations include PDU is the standard used to determine which members of the FEC, which can be applied to apply the label and address of the next hop, the focus is maintained by the CMM, and distributed to multiple switch modules to achieve the entrance and perform exports.

生成树服务437一般包括用于产生中断会引起广播风暴的循环所需的生成树的方法。 Spanning Tree Service 437 generally includes a method interruption will cause broadcast storms spanning tree loops required for production. 关于网络,企业交换机100适用于与网络中其他节点交换网桥协议数据单元(BPDU)。 On the network, the enterprise switch 100 is adapted to exchange Bridge Protocol Data Units (BPDU) with other nodes in the network. 例如,企业交换机100使用BPDU来选出根桥(root bridge)并确定到该根桥的最短距离。 For example, a switch 100 companies use BPDU to elect the root bridge (root bridge) and to determine the shortest distance to the root bridge. 对其他交换机的BPDU的响应可能要求交换机100的交换模块能够访问一个单独的共享数据库或维护共享生成树数据库308(图3)的本地副本,生成树数据库308包括相邻网桥和到达这些网桥的端口的列表。 BPDU response to other switches may require a switch switching module 100 can access a single shared database or maintain a shared database spanning 308 (Figure 3) a local copy of the database spanning 308 includes the adjacent bridge and reach these bridges The list of ports. 在优选实施例中,生成树由CMM120产生,并定期地下载到每个交换模块110-113。 In a preferred embodiment, the spanning tree is generated by CMM120, and periodically downloaded to each switching module 110-113.

如果在不同的交换模块或交换模块的端口之间发送BPDU和广播数据包会引起广播风暴,则优选实施例中的每个交换模块110-113还适用于防止这种发送。 If you send BPDU and broadcast packets will cause broadcast storms exchange between different modules or port switching module, the preferred embodiment of each switch module 110-113 also apply to prevent such transmission. 同样,每个交换模块110-113还实现生成树协议的简易版,用于识别哪个交换模块在其广播域内,并因此能够接收所发送的数据包而不存在广播风暴。 Likewise, each switching module 110-113 also enables simple version of the spanning tree protocol, which is used to identify the switch module in its broadcast domain, and therefore capable of receiving data packets sent without a broadcast storm. 在识别广播域内的交换模块后,交换模块一般会复制BPDU并将其发送到每一个所识别的交换模块。 After identifying the broadcast domain switching modules, switching modules generally BPDU copy and send it to each of the identified switching modules. 在优选实施例中,如果出口交换模块在同一个BPDU广播域中,则重新产生BPDU并将这些BPDU发送到其他交换模块的处理可以从入口交换模块委托给出口交换。 In a preferred embodiment, if the export switching modules in the same broadcast domain BPDU, and then re-generate BPDU BPDU send them to deal with other switching modules can be delegated to exit from the entrance exchange swap modules. 指示BPDU的重新产生应当发生的地点的重要因素是入口交换模块和出口交换模块中缓冲器空间的可用性。 An important factor in the re-location of instructions BPDU generated should happen is the entrance and exit switch module switch module availability of buffer space.

认证服务438包括用于确定哪个PDU将获准进入并确定在获准进入的基础上所提供的访问级别的过程。 Certification PDU 438 includes means for determining which will be allowed to enter the process and determine the level of access allowed to enter on the basis of the offer. 在优选实施例中,每个交换模块都适用于查询访问控制列表(ACL),该列表用于确定是要将所接收的PDU发送到其目的地地址还是要将其过滤掉。 In the preferred embodiment, each of the switching modules are suitable for query access control list (ACL), which is used to determine the list of the received PDU is to be sent to its destination address or to filter out. 优选实施例中的ACL基于一个或多个PDU特性来控制访问,这些特性优选地是包括源地址和目的地地址、广播比特、协议类型的层2和层3的特性,以便防止利用例如RFC2402、RFC2463和RFC1826中所提出的包括认证报头的因特网控制消息协议(ICMP)消息和因特网群组管理协议(IGMP)数据包而进行的拒绝服务攻击。 Examples of ACL preferred embodiment based on one or more of PDU properties to control access, these features preferably includes a source address and a destination address, the broadcast bit, the protocol type of layer 2 and layer 3 of the characteristics, in order to prevent the use of e.g. RFC2402, including authentication header RFC2463 and RFC1826 in the Internet Control Message Protocol proposed (ICMP) messages and Internet Group Management Protocol (IGMP) packets and perform denial of service attacks. 同上,每个交换模块110-113都可以维护包括用户MAC和/或IP地址、口令和相关联的访问权限的ACL310(图3)。 Ibid, each switching module 110-113 can include a user maintains MAC and / or ACL310 IP address, password, and access permissions associated (Fig. 3).

访问控制服务439包括认证服务的第二种形式,其基于更高层的特性来控制访问。 439 The second form of access control services, including certification services, based on higher-level features to control access. 在优选实施例中,访问控制服务439适于基于以下参数来授权或拒绝访问:(a)协议ID,从而使交换设备100可以阻止例如利用没有认证报头的ICMP和IGMP数据包而进行的拒绝服务攻击;(b)协议所使用的端口号,这些协议例如包括文件传输协议(FTP)、普通文件传输协议(TFTP)、远程登录(telnet)和即时信息;以及(c)用于过滤掉诸如对等文件交换之类的不期望的应用的应用报头。 (A) protocol ID, so that the switching device 100 may prevent the use of no authentication header such as the ICMP and IGMP packets carried denial of service: In a preferred embodiment, the access control service 439 is adapted to authorize or deny access based on the following parameters embodiment attack; port number (b) the protocol used, for example, these protocols include File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), remote login (telnet) and instant messaging; and (c) is used to filter out such and other like file exchange applications undesirable application header. 在有些实施例中,访问控制服务439用于补充认证服务438,并且可以在已经执行了初始认证服务438之后的任意时刻在入口交换模块或出口交换模块中执行。 In some embodiments, the access control 439 for supplementary service authentication service 438, and may have been performed in the initial authentication service 438 at any time after the execution at the inlet switching module or the egress switch module.

高层学习服务440包括步骤:将在网络接口处学习到的信息报告给与高层操作相关的交换设备100中的应用。 Senior learning services 440 comprises the steps of: will learn the network interface information related to the operation of the report given to the exchange of high-level equipment 100 applications. 将通过例如地址解析协议(ARP)消息学习到的MAC地址报告给保存在本地存储器232(图3)中的ARP表312,并通过在多个交换模块110-113之间或与CMM120交换数据来定期地更新这些MAC地址。 The learning by example, ARP (ARP) message to the MAC address of the report is stored in local memory to 232 (Fig. 3) in the ARP table 312, and through the exchange of data and CMM120 or more switching modules between 110-113 regular update these MAC addresses.

警报服务441指的是用于将确保引起例如CMM120或网络管理员的注意的条件通报给交换机100上的应用的系统范围的检查。 441 refers to the alert service to ensure that the cause for conditions such as attention CMM120 or network administrator notification to the system-wide inspection applications on the switch 100. 例如,这些条件可以包括从多个端口上接收到具有相同源地址的PDU的情形。 For example, these conditions may include receiving from the plurality of ports to the PDU with the same source address of the case.

端口镜像服务442指的是用于例如复制在一个端口上接收到的PDU并由网络管理员将这些PDU发送到指定端口上的业务分析工具的步骤。 Port Mirroring service 442 refers, for example, copying a port received PDU by the network administrator to send these PDU business analysis tools to step on the specified port.

源学习443一般是指下述处理:(a)将PDU的源地址与接收PDU的入口端口相关联;(b)识别在不同端口上接收到具有相同源地址的PDU的情形;以及(c)确定是拒绝在一个端口上接收但先前在另一个端口上学习到的PDU,还是允许该PDU并简单地认为先前学习到的关联已经过期。 Source Learning 443 generally refers to the following processing: (a) the source address of the entry with the received PDU PDU associated with a port; (b) identifying the case received on different ports to the PDU with the same source address; and (c) determined to be rejected on a port but previously learned on another port PDU, or allow the PDU and simply consider the previously learned association has expired. 可以在交换模块110-113之间定期地进行交换由每个交换模块110-113汇总的源学习表314(图3),以为每个模块提供对源学习端口关联的访问,而不管是在入口处还是在出口处执行源学习服务443。 Can be exchanged between the switching modules 110-113 periodically by each switching module 110-113 aggregated source learning table 314 (FIG. 3), that each module provides access to the associated source learning port, regardless of the inlet still learning services at 443 at the exit execution sources.

服务分类(CoS)444操作适于进行步骤:(a)在入口交换模块或出口交换模块中,基于一个或多个标准,例如包括到达PDU的IEEE802.1p优先权值的标准,确定在另一个PDU更优选时是否将一个PDU过滤掉;以及(b)在入口交换模块或出口交换模块中将一个或多个流的PDU进行排队,并且随后根据流的服务分类需要采用调度器来释放应用级的流的PDU。 Services Classification (CoS) 444 adapted to perform the operation steps: (a) at the inlet or outlet switching module in the switching module, based on one or more standards, including, for example to reach the standard of a PDU IEEE802.1p priority values, determined in another PDU is a PDU more preferably filtered out when; and (b) a switch module in the inlet or outlet or switch modules in a plurality of streams of PDU is queued, and then classified according to the service streams need to use application-level scheduler to release The flow of PDU. 用于识别和规定CoS的分类标准统称为分类规则。 Classification criteria for identifying and regulations CoS collectively referred to as classification rules. 在优选实施例中,CMM维护全面的数据库,其包括分类规则和定期地或在需要时散布到多个交换模块110-113的可应用分类数据。 In a preferred embodiment, CMM maintains a comprehensive database including the classification rules and which periodically or when needed to spread the plurality of switching modules applicable classification data 110-113.

色彩标记445服务用于:(a)在入口交换模块或出口交换模块中确定是让PDU通过、过滤PDU还是用先前由网络中的上游节点所应用的三色标记为PDU重新着色;(b)在入口交换模块或出口交换模块中,按照需要实现令牌桶算法(token bucket algorithm)用于将三色标记附加到PDU上以帮助下游节点选择性地过滤数据包。 445 color-coded services for: (a) determine the entry or exit switch module switch module is let through PDU, PDU or use previously filtered by the upstream node in the network applied three color marker for PDU recolor; (b) at the entrance or exit switch module switch module in accordance with the need to achieve a token bucket algorithm (token bucket algorithm) for the three color marker attached to the PDU to help downstream node selectively filtering packets. 色彩标记445服务包括当前收录于由Osama Aboul Magd所著的IETF出版物中的双速率三色标记(trTCM),并且包括收录于Juha Heinanen草拟的IETF出版物中的单速率三色标记(srTCM),在此引用这两者作为参考。 445 services, including the current color-coded by Osama Aboul Magd included in the book IETF publication two rate three color marker (trTCM), and includes Juha Heinanen included in the draft IETF publication single rate three color marker (srTCM) , both hereby incorporated by reference.

图5中示出的是用于在交换模块间发送包数据的SDPP标记的示意图。 Figure 5 shows a schematic view of the packet data transmission between the switching module for the SDPP tag. 在优选实施例中,入口交换模块200的SDPP标记发生器412将SDPP标记510附加到PDU500或PDU描述符上,出口交换模块的SDPP标记读取器422读取SDPP标记510。 Example, the entrance to the switch module SDPP tag generator 200 510 412 SDPP tag attached to PDU500 or PDU descriptor, export exchange module SDPP tag reader reads the SDPP mark 510 422 in the preferred embodiment. 优选实施例中的SDPP标记510包括SDPP标识符(ID)512和操作码502。 Examples of preferred embodiments SDPP tag 510 includes SDPP identifier (ID) 512 and opcode 502.

如上所述,将SDPP ID 512作为命令用于指示接收PDU的出口交换模块为入口交换模块执行一个或多个转发操作。 As described above, the SDPP ID 512 as a command for indicating the received PDU outlet switching modules perform one or more forwarding operations for the ingress switching module. 换句话说,在优选实施例中SDPP标记提供一种信令机制,通过这种机制,入口处理器将一个或多个PDU转发操作串行分布到出口处理器,从而减小了入口处理器所承受的处理负载。 In other words, in this embodiment SDPP tag in the preferred embodiment provides a signaling mechanism, through this mechanism, the one or more ingress processor will forward the PDU to the egress processor operation of the serial distribution, thus reducing the ingress processor subjected to processing load. 在优选实施例中,在入口处从SDPP分配表238中检索SDPP ID 512,但其也可以根据一个或多个处理模块110-113中的处理负载动态地确定SDPP ID 512。 In a preferred embodiment, at the entrance from the SDPP assignment table 238 retrieves the SDPP ID 512, but it may also determine the SDPP ID 512 in accordance with one or more processing modules 110-113 in the processing load dynamically.

在有些实施例中,SDPP ID 512包括流ID504和源处理器ID506。 In some embodiments, SDPP ID 512 and source processor includes a flow ID504 ID506. 流ID504唯一地定义一串具有相同SDPP服务处理需求的一个或多个PDU,而源处理器ID506表示接收PDU的入口交换模块200的NP106。 Flow ID504 uniquely defines a string having the same SDPP service processing requirements of the one or more PDU, and the received PDU source processor ID506 indicates an inlet switching module 200 NP106. 交换机100可以利用流ID504和源处理器ID506一起唯一地定义将应用于相关联的PDU500或为相关联的PDU500而执行的特定SDPP服务。 Switch 100 can flow ID504 and ID506 source processor together uniquely define the applied PDU500 associated or specific SDPP services associated PDU500 performed.

在有些实施例中,SDPP标记510还包括操作码,即操作码502。 In some embodiments, SDPP tag 510 further includes an operation code, i.e., opcode 502. 在此使用的术语“操作码”指的是使得将出口交换模块配置为执行由与该操作码相关联的一个或多个PDU流所指定的转发操作。 The term of "operation code" refers to the switching module such that the outlet is configured to be executed by an operation code associated with the one or more PDU forwarding operations specified by the stream. 接收到操作码之后,出口NP将一个或多个计算机可读指令装载到NP的芯片内(on-chip)缓存(未示出)或其他本地存储器232。 After receiving the operation code, the outlet NP one or more computer-readable instructions loaded into the NP chip (on-chip) cache (not shown) or other local memory 232. 由于大多数NP的片载缓存太小,不能保存处理交换机100可见的每个可能的流所需的计算机可读指令,所以操作码502只用来装载为发送到特定出口NP的有限数目的流而执行SDPP所需要的那些程序指令,这些流是交换机100所支持的流的子集。 Since most of the NP-chip cache is too small to save the required computer every possible switch 100 can be seen streaming readable instructions, so the operation code is used to load the 502 sent to a limited number of specific export flows NP executing program instructions SDPP those required, these streams are supported by the switch 100 to a subset of the stream. 同样,可以将不同的指令集上传到不同交换模块110-113的NP以使每个特定NP106的转发操作最优化。 Similarly, different instruction set can be uploaded to a different switching module NP 110-113 NP106 specific to each forwarding operation optimization. 仅通过发布新的操作码,还可以随着业务变化随意地更新单个NP106的指令集。 Only through the issuance of new opcodes, you can also change as the business freely update a single instruction set NP106.

作为示例,操作码可以由入口交换模块给出,指示NP106对根据MPLS协议处理一个或多个流所必需的所有可执行的代码或算法进行缓存。 As an example, the operation code can be given by the ingress switching modules, indicating processing of all executable NP106 one or more flow necessary according to the MPLS protocol or algorithm code cache. 一旦对与特定操作码502相关联的这些可执行代码进行了缓存,具有指定MPLS处理操作的流ID404的每个随后的PDU就可以遵从相同的处理规则,直到接收到新的操作码为止。 Once a particular operation code 502 is associated with the executable code is cached, with each subsequent PDU specified stream ID404 an MPLS processing operation may follow the same processing rules, until a new opcode far.

在有些实施例中,交换机100的交换模块110-113适用于共同地处理成批的数据包,即与一个或多个PDU流相关联的多个数据包。 In some embodiments, the switching module 100 switches 110-113 apply to collectively handle batches of packets, i.e., with one or more PDU flows associated with the plurality of data packets. 为执行批处理,以多个相关数据包中的第一个数据包来发送包括操作码502和SDPP ID 512的SDPP标记。 To execute the batch to multiple related data packet to send the first packet marking SDPP including opcodes and SDPP ID 512 of 502. 之后,应用于相关数据包的SDPP标记510只需要包括SDPP ID 512。 After that, apply to the relevant packets SDPP tag 510 needs to include SDPP ID 512. 然后,出口交换模块就使多个PDU中的每一个都服从由其SDPP ID 510指定的处理规则和在多个PDU中的第一个PDU中指定的计算机可读指令。 Then, the egress switch module so that each of the plurality of PDU are subject specified by its SDPP ID 510 computer processing rules and the first PDU in the PDU in the plurality of specified readable instructions. 以这种方式,免除了以多个PDU中的每一个PDU发送操作码502的需要,并且减少了附加、发送和读取操作码502所需的资源。 In this manner, eliminating the PDU to each of a plurality of transmission opcode needs PDU 502, and to reduce the additional, transmission code resources 502, and read operations required.

在备选的实施例中,使用带外通信信道(未示出)将SDPP ID 512和/或操作码502从入口交换模块发送到出口操作模块。 In an alternative embodiment, the use of a communication channel (not shown) of band will SDPP ID 512 and / or opcode 502 transmits the module from the inlet to the outlet switching operation module. 带外通信信道对应于例如总线之类的信令信道,不同于用来在交换模块间发送PDU的数据信道。 Of-band communication channel corresponds to a signaling channel such as a bus or the like, different from that used in transmitting PDU data channel between switching modules.

图6中示出的是入口交换模块处理入口流的方法的流程图。 Figure 6 shows a flowchart of the processing switching module inlet flow entry method. 接收到入口PDU之后(步骤610),优选实施例中的入口交换模块对PDU进行分类以识别其将发送到的出口交换模块。 After receiving the inlet PDU (step 610), examples of the preferred embodiment of the inlet switching module classifies the PDU to identify the egress switch to send to the module. 获悉出口交换模块后,入口交换模块就可以确定(步骤640)入口交换模块和出口交换模块上的相对需要以及负载平衡的需要。 After learning exchange module export, import switching module can be determined (step 640) the relative needs of the inlet and outlet exchange swap modules on the module and load balancing needs. 在有些实施例中,入口交换模块所承受的PDU处理负载(步骤620)和出口交换模块所承受的PDU处理负载(步骤630)可以由CMM120从模块自身的拥塞状态中得出。 In some embodiments, the inlet switching module is subjected PDU processing load (step 620) and the outlet switching module is subjected PDU processing load (step 630) can be derived from the module itself by CMM120 congestion state. 如果入口交换模块的拥塞状态相对于出口交换模块是过度使用的,则肯定地应答负载平衡变化查询(测试步骤650),并且改变(步骤660)在入口和出口之间执行的SDPP服务的分布以减少负载不平衡。 If the entry congestion state switching module with respect to the export of switching module is overused, it certainly changes the load balancing answering queries (test step 650), and change (step 660) are distributed between the inlet and the outlet of the service to be performed SDPP reduce the load imbalance. 例如,如果入口交换模块相对超载,则与不平衡的程度成正比地提高整个SDPP服务中分配给出口交换模块的百分比。 For example, if the inlet switching module is relatively overloaded, and the degree of imbalance is proportional to the increase in percentage of the total SDPP services allocated to the egress switching module. 在入口交换模块严重超载的情况下,可以将全部SDPP服务都分配到出口交换模块。 In the case of severe overloading entrance switching module can be assigned to all the SDPP services exports switching module. 如果入口交换模块和出口交换模块所承受的负载基本上相等,并且差异在预定的负载差异门限内,则否定地应答负载平衡变化查询,并且维护先前存在的SDPP服务分布。 If the inlet and outlet switching module switching modules are exposed to load substantially equal, and the difference is within a predetermined load difference threshold, the negative response to changes in load balancing queries and maintain preexisting SDPP service distribution.

在已经确定了SDPP服务的分配之后,入口交换模块执行(步骤670)为入口指定的SDPP服务的子集。 In the allocation of SDPP services has been determined after the inlet switching module executed (step 670) a subset of the specified entrance SDPP services. 在SDPP标记的一个或多个字段中指定出口处待执行的其余SDPP服务,SDPP标记是在将PDU发送到(步骤690)出口交换模块之前附加到(步骤680)PDU上的。 Specify the remaining SDPP services to be performed at the outlet in one or more fields of the SDPP tag, SDPP tag in the PDU is sent (step 690) before the module is attached to the egress switch (step 680) on the PDU. 例如,如果出口交换模块由于其他业务条件而严重拥塞,则入口交换模块可以执行PDU要求的全部SDPP服务,并且附加到数据包上的SDPP ID为空值,表明出口交换模块中没有进行任何SDPP处理。 For example, if the export exchange module due to other business conditions and severe congestion, ingress switch module can perform all SDPP service PDU requirements, and attached to the SDPP ID is null packets on the egress switch module does not indicate any SDPP treatment .

图7中示出的是出口交换模块处理出口流的方法的流程图。 Figure 7 shows a flowchart of a method outlet stream outlet switching module processing. 在从交换架构150处接收到(步骤710)PDU之后,该模块检查PDU以确定SDPP标记510是否存在,并且读取其中包含的字段。 After receiving from the switch fabric 150 (step 710) PDU, the PDU module checks to determine whether there SDPP tag 510 and reads the fields contained therein. 如果SDPP标记510存在,则肯定地应答SDPP标记查询(步骤720),并且为了检查而除去(步骤730)SDPP标记。 If SDPP tag 510 exists, then surely answer SDPP tag query (step 720), and in order to check and remove (step 730) SDPP tag. 如果SDPP标记包括操作码502,则肯定地应答操作码查询(步骤740),并且将由操作码表示的计算机可读指令载入(步骤750)出口网络处理器中的缓存。 If SDPP tag includes an opcode 502, then surely answer opcode query (step 740), and represented by a computer code to load the operating readable instructions (step 750) export network processor cache. 如果SDPP标记中没有操作码,则否定地应答操作码查询,并且NP106根据由以前的同一批PDU的操作码所指定的指令集来执行由SDPP ID 512所标识的第二组SDPP服务。 If the SDPP tag no opcode, negatively answering queries opcode and NP106 based on the previously designated by the same number of PDU opcode instruction set to execute the second set of SDPP services identified by the SDPP ID 512 in. 然后,从出口交换模块向PDU的目的地节点的方向发送(步骤770)根据SDPP服务需求而处理的PDU。 Then, the transmission (step 770) PDU in accordance with the SDPP service requirements and processing in the direction of the PDU's destination node from the egress switch module. 本领域的普通技术人员应当意识到,在出口网络处理器中处理的PDU经历了相同的数据包处理,并且表现为与单独地在入口交换模块或出口交换模块中处理的PDU基本上相同。 Of ordinary skill in the art will be appreciated, PDU outlet network processor processing data packets through the same processing, and the performance of the module or PDU outlet switching module and processed separately at the inlet is substantially the same exchange.

尽管上述描述包含了许多特定内容,但这些特定内容不应当解释为对本发明范围的限制,而应解释为为本发明的一些优选实施例提供说明。 While the above description contains many specific content, but these particular content should not be construed as limiting the scope of the invention, but should be interpreted as a number of preferred embodiments of the present invention provide a description.

因此,以上已经以示例的方式并且非限制性地公开了本发明,并且应当参考以下权利要求以确定本发明的范围。 Thus, by way of example above have a non-limiting manner, and disclose the invention, and reference should be made to the following claims to determine the scope of the invention.

Referenced by
Citing PatentFiling datePublication dateApplicantTitle
CN100496024C26 Sep 20063 Jun 2009杭州华三通信技术有限公司A method to forward the channel message and a network device
CN101115065B4 Jul 20078 Aug 2012特拉博斯股份有限公司Method and arrangement for processing management and control messages
CN102986169A *11 Feb 201120 Mar 2013泰克莱克股份有限公司Methods, systems, and computer readable media for providing peer routing at a DIAMETER node
CN102986169B *11 Feb 201130 Sep 2015泰克莱克股份有限公司用于在diameter节点处提供对等路由的方法、系统
CN103324539A *24 Jun 201325 Sep 2013浪潮电子信息产业股份有限公司Job scheduling management system and method
CN103324539B *24 Jun 201324 May 2017浪潮电子信息产业股份有限公司一种作业调度管理系统及方法
CN103491573A *7 Jun 20131 Jan 2014美国博通公司Tunnel acceleration for wireless access points
CN103534989A *12 Apr 201222 Jan 2014国际商业机器公司Priority based flow control in a distributed fabric protocol (DFP) switching network architecture
CN103534989B *12 Apr 201217 Aug 2016国际商业机器公司在分布式结构协议(dfp)交换网络架构中的基于优先级的流控制
CN104135447A *6 Aug 20145 Nov 2014曙光信息产业(北京)有限公司Data packet transmission method and device
US972945421 Jan 20158 Aug 2017Oracle International CorporationMethods, systems, and computer readable media for balancing diameter message traffic received over long-lived diameter connections
International ClassificationH04L29/06, H04L12/56
Cooperative ClassificationH04L49/15, H04L45/00, H04L45/60, H04L45/50, H04Q3/5455
European ClassificationH04L45/50, H04L45/60, H04L45/00, H04L49/00, H04Q3/545M1
Legal Events
24 May 2006C06Publication
19 Jul 2006C10Request of examination as to substance
8 Jul 2009C14Granted