CN100493036C - Network apparatus and method for data processing - Google Patents

Network apparatus and method for data processing Download PDF

Info

Publication number
CN100493036C
CN100493036C CNB2006100549071A CN200610054907A CN100493036C CN 100493036 C CN100493036 C CN 100493036C CN B2006100549071 A CNB2006100549071 A CN B2006100549071A CN 200610054907 A CN200610054907 A CN 200610054907A CN 100493036 C CN100493036 C CN 100493036C
Authority
CN
China
Prior art keywords
packet
search
network equipment
port
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2006100549071A
Other languages
Chinese (zh)
Other versions
CN1822571A (en
Inventor
布兰登·卡尔·史密斯
曹军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Broadcom Corp
Zyray Wireless Inc
Original Assignee
Zyray Wireless Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zyray Wireless Inc filed Critical Zyray Wireless Inc
Publication of CN1822571A publication Critical patent/CN1822571A/en
Application granted granted Critical
Publication of CN100493036C publication Critical patent/CN100493036C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

A network device for processing data on a data network including a plurality of ports, configured to receive data packets and to send out processed data packets, a modification engine configured to parse, evaluate and modify the data packets to produce the processed data packets and a series of search engine pipeline stages configured to perform lookup searches through a plurality of search engines. The series of search engine pipeline stages perform search requests in sequential processing steps and any stage of the series of search engine pipeline stages may submit a particular search request to the plurality of search engines and receive search results particular to a particular data packet at a respective processing step.

Description

The network equipment of deal with data and method
Technical field
The present invention relates to the network equipment of deal with data in network, more specifically, relate to a kind of network equipment that is used for the multifunctionality of realization processing and the pipeline organization of extensibility.
Background technology
A network may comprise one or more network equipment, and Ethernet switch for example, each network equipment comprise a plurality of modules that are used for handling the information that the network equipment transmits again.Specifically, this equipment may comprise and is designed to the interface module that transmits and receive data by network, also comprise memory management unit (MMU), this unit is to be used for storing the data that will be transmitted or be used for being for further processing, also comprise parsing module, this module can be checked and deal with data according to instruction.This parsing module comprises that decision should be with the exchanging mechanism of data-directed to which destination interface.A port of this network equipment may be a cpu port, and this port can make this network equipment send information to the exchange/route controlled entity or the CPU of outside, or receives information from the exchange/route controlled entity or the CPU of outside.
A lot of network equipments are worked as Ethernet switch, and packet enters the network equipment from a plurality of ports, and through exchange and other processing, MMU is forwarded to one or more destination interface with packet then earlier.MMU makes shared data bag buffer memory between a plurality of different ports, for input port, delivery outlet and every grade of service queue provide resource to guarantee.Yet the network equipment of most prior art inner feelings does not possess autgmentability, and its function also has limitation simultaneously.In the other situation, if equipment of the prior art has very abundant multifunctionality, so when their speed when handling specific function very slow.Therefore, be starved of a kind of powerful network equipment of having autgmentability again.
Summary of the invention
According to an aspect of the present invention, provide a kind of in data network the network equipment of deal with data, the described network equipment comprises:
A plurality of ports receive packet and send the packet of having handled;
Revise engine, with described a plurality of port communications, analyze, assess and revise packet to generate the packet after handling;
Last set engine pipeline level is communicated by letter with described modification engine, carries out by a plurality of search engines and searches search;
Wherein said last set engine pipeline level treatment step is in order carried out searching request, wherein any one-level search engine streamline can be submitted specific searching request to described a plurality of search engines, and receives the peculiar Search Results of particular data packet in the step of correspondence.
Preferably, each grade in the described last set engine pipeline level carried out its processing separately in the predetermined number of clock cycle of the described network equipment.
Preferably, described last set engine pipeline level is by the time division multiplexing request/ring is communicated by letter with described a plurality of search engines as a result.
Preferably, described a plurality of search engine is carried out search to the external table in the memory that is stored in network equipment outside.
Preferably, described a plurality of search engine receives concurrent searching request from a plurality of search engine pipeline stages.
Preferably, described a plurality of search engine comprises based in the search engine of the search engine of algorithm and content-based addressable memory at least one.
Preferably, each search engine pipeline stages is determined the search-type that will carry out and the search engine that will use based on described specific searching request.
According to an aspect of the present invention, provide a kind of in the network equipment method of deal with data, described method comprises the steps:
A plurality of ports by the network equipment receive packet;
Handle the packet of described reception, thereby the packet of described reception is analyzed, assessed and revise to generate the packet after handling;
The search of searching by last set engine pipeline level execution list;
Packet after the described processing is sent to input port in described a plurality of port;
Wherein any one-level search engine streamline can be submitted specific searching request to described a plurality of search engines, and receives the peculiar Search Results of particular data packet in the step of correspondence.
Preferably, carry out described execution and search in the step of search, each grade search engine streamline is carried out its processing separately in the predetermined number of clock cycle of the described network equipment.
Preferably, the step of searching search of described execution list comprises by the time division multiplexing request/environment-development as a result of communicating by letter with described a plurality of search engines and send and receive searching request and Search Results.
Preferably, the step of searching search of described execution list comprises the execution of the external data table in the memory that is stored in described network equipment outside search.
Preferably, the step of searching search of described execution list comprises the concurrent searching request that sends from a plurality of search engine pipeline stages.
Preferably, the step of searching search of described execution list comprises using and comprises based on the search engine of at least one in the search engine of the search engine of algorithm and content-based addressable memory and carry out search.
According to an aspect of the present invention, provide a kind of network equipment of deal with data, comprising:
The port device of the packet after receiving packet and transmitting processing;
Handle the packet of described reception, thereby analyze, assess and revise the processing unit of the packet of described reception with generation processing back packet;
The searcher of searching of searching search by last set engine pipeline level execution list;
Wherein said at least one of searching that searcher allows that any one-level search engine streamline can be in described a plurality of search engines submitted specific searching request to, and receives the peculiar Search Results of particular data packet in the step of correspondence.
Preferably, the described searcher of searching guarantees that each grade in the described last set engine pipeline level carry out its processing separately in the predetermined number of clock cycle of the described network equipment.
Preferably, the described searcher of searching is carried out search to the external table in the memory that is stored in network equipment outside.
Preferably, described a plurality of search engine is searched the concurrent searching request of reception the searcher from described.
Preferably, the described searcher of searching uses and to comprise based on the search engine of at least one in the search engine of the search engine of algorithm and content-based addressable memory and carry out search.
Preferably, the described searcher of searching is determined the search-type that will carry out and the search engine that will use based on described specific searching request.
Description of drawings
The invention will be further described below in conjunction with drawings and Examples, in the accompanying drawing:
Fig. 1 is the schematic diagram of the network equipment according to an embodiment of the invention;
Fig. 2 is the schematic diagram that uses the port of the network equipment to communicate according to one embodiment of the invention;
Fig. 3 a is the structural representation of the shared storage that is positioned at network equipment outside of network equipment use;
Fig. 3 b is the schematic diagram of the unit Buffer Pool of shared memory architecture among Fig. 3 a;
Fig. 4 is used for resource allocation restriction to guarantee the schematic diagram to the buffer management mechanism of the fair access of resource by Memory Management Unit;
Fig. 5 is the schematic diagram according to 2 grades of analyzers of certain embodiments of the invention;
Fig. 6 is the schematic diagram according to another analyzer that uses with interconnect port of certain embodiments of the invention;
Fig. 7 is the schematic diagram according to the adaptation as a result of certain embodiments of the invention;
Fig. 8 is the configuration schematic diagram that is used for delivery outlet moderator of the present invention;
Fig. 9 is the structural representation according to search engine of the present invention.
Embodiment
Below preferred embodiments more of the present invention are introduced, relevant example is shown in the drawings.
Figure 1 shows that the network equipment schematic diagram of exchange chip for example of realizing one embodiment of the invention.Equipment 100 comprises input port/delivery outlet module 112 and 113, Memory Management Unit (MMU) 115, analyzer 130 and search engine 120.Input port/delivery outlet module is used for metadata cache and sends data to analyzer.Analyzer 130 is analyzed the data that receive and is utilized search engine 120 to carry out based on the data of having analyzed and search.Even the major function of Memory Management Unit 115 is under serious situation about stopping up, also can be with measurable method administrative unit buffer memory and packet pointer resource effectively.By these modules, packet can take place revise, and packet can send to suitable destination interface.
According to several embodiments of the present invention, equipment 100 can also comprise an inside for example HiGig of high-speed port (internal fabric high speed port) that interweaves TMOr high-speed port 108, one or more external ethernet port 109a-109x and a cpu port 110.High-speed port 108 is used for the various network device that interconnects in system, thereby forms an inner exchanging net, is used for externally transmits data packets between the source port and one or more outside destination interface.Like this, high-speed port 108 is sightless in the system outside that comprises a plurality of interconnected network equipments.Cpu port 110 is used for transmission information to outside exchange/route controlled entity or CUP, and from wherein receiving information.According to one embodiment of present invention, CUP port one 10 can be considered among the external ethernet port 109a-109x one.Equipment 100 is connected by the outer CPU of CPU processing module 111 (as CMIC, it is connected with the pci data bus of outer CPU with connection device 100) and outside/sheet.
In addition, the search engine module 122,124 that search engine module 120 can be added and 126 is formed, and the characterization and the specific of modification process that are used for the data of the network equipment 100 processing with execution are searched.Equally, analyzer 130 also includes attached module, is used for the data that interweave internally high-speed port 134 and other port ones 38 receive are analyzed, and analyzer 130 also includes other module 132 and 136, returns the port of the network equipment in order to transfer of data.High-speed port 134 and second order analysis device 138 will provide detailed description below.
The network information enters and output equipment 100 by external ethernet port 109a-109x.Specifically, the information flow-rate in the equipment 100 routes to one or more unique purpose ethernet ports by external ethernet resource port.In one embodiment of the invention, equipment 100 is supported 12 physics ethernet ports 109 and a high-speed port 108, the wherein digit rate work that each physics ethernet port can 10/100/1000Mbps, this high-speed port 108 can 10Gbps or the speed work of 12Gbps.
Ability and realization that the importance of this network equipment structure is embodied in it can provide fast processing to receive data are handled flexibly.The part of described flexibility comes from the pipeline organization that is used to handle the packet of receiving immediately.Bag data and bag attribute transmit in each module of the above-mentioned network equipment with pipeline organization.Certain clock cycle of each grade needs in this pipeline organization, packet is sequentially handled.Therefore, the resolution data bag, and carry out look-up table, and select a specific routing procedure, packet is modified like this, is sent to delivery outlet then.Each of described pipeline organization grade execution function separately, thus all functions of the network equipment are achieved.
Another part of described flexibility, the search engine 122-126 that constitutes search engine module 120 be " from " unit, they can serve one or more pipeline stages like this.In one embodiment, Time Division Multiplexing request/ring is connected this pipeline stages with search engine as a result.Different pipeline stages can be linked into same search engine or table.Make search streamline and serve between the search engine of this streamline and have a level of abstraction (abstraction layer) like this.Therefore, the order of described pipeline stages and design are not subjected to the restriction of the physical location of described search engine.
The ring of described request/as a result can appear in the diverse location and route piece in this network equipment.This makes, for example, the pipeline stages in input stage is pre-MMU and is post-MMU in the pipeline stages of output stage, can visit same search engine and table.A plurality of searching request can produce simultaneously and handle simultaneously.This flexibility is very important, the processing that the network equipment of the present invention like this can be handled polytype packet and keep normal pipeline organization.
The another one advantage of this structure is a pipeline stages can be asked same search from two or more different search engines a ability, and this depends on which kind of pattern the network equipment is in.For example, may use the algorithm search engine to carry out longest prefix match (LPM) search in the A pattern, then may use Content Addressable Memory search engine (CAM) to carry out the LPM search in the B pattern.Level of abstraction makes pipeline stages when carrying out search and do not know to use which kind of search engine, is based on algorithm, content-based addressable memory, the search engine that also is based on inside or exterior storage is carried out search.This makes and can also make that except flexibly pipeline organization keeps timeline (timeline) requirement of self.
Therefore, the pipeline organization of the network equipment of the present invention can be independent of search engine, and this structure can be expanded in needs.But search engine and pipeline stages separately make the pipeline stages flexible configuration, and make search engine to respond searching request according to the operational module of the network equipment.
The structure of physical port 109 is further illustrated by Fig. 2.A series of serialization/parallelization module 103 transmits and receive data, and wherein the data of each port reception are managed by port manager 102A-L.These a plurality of port manager have timing generator 104 and bus agent 105 to realize their operation.Data Receiving and be sent to the port information storehouse so just can monitor traffic.It should be noted that high-speed port 108 also has approximate function but do not need so many parts, manage a port because only need.
In one embodiment of the invention, equipment 100 uses shared memory architecture, shown in Fig. 3 a-3b, MMU 115 is implemented in and shares pack buffer between different port, guarantees for each input port, delivery outlet and the service queue level relevant with each delivery outlet provide resource simultaneously.Fig. 3 a is depicted as the schematic diagram of shared memory architecture of the present invention.Specifically, the memory resource of equipment 100 comprises unit caches pond (CBP) memory 302 and transmit queue (XQ) memory 304.CBP memory 302 is the outer resources of sheet, and among some embodiment, the CBP memory is made up of 4 dram chip 306a-306d.According to one embodiment of present invention, each dram chip has the capacity of 288Mbits, and the total capacity of CBP memory 302 is the original storage amount of 144Mbytes.Shown in Fig. 3 b, CBP memory 302 is divided into the unit 308a-308x of a plurality of 256K576 bytes, wherein each unit comprise 32 bytes header buffer memory 310, be up to the packet 312 of 512 bytes and the headspace 314 of 32 bytes.Like this, each input bag takies the unit 308 of at least one complete 576 byte.Therefore when input comprises the frame of 64 bytes, import in the bag for it is reserved with the space of 576 bytes, although have only 64 bytes to be used in this 576 byte by this frame.
Referring to Fig. 3 a, XQ memory 304 comprises a row packet pointer 316a-316x, points to CBP memory 302, and wherein different XQ pointers 316 is associated with each port.The packet counting of the element count of CBP memory 302 and XQ memory 304 can be followed the trail of based on the progressive row of input port, delivery outlet and service.Like this, equipment 100 can provide resource to guarantee based on a unit and/or service.
In case packet is by source port 109 access arrangements 100, this packet will be transferred to analyzer to handle.In processing procedure, the packet shared system resource 302 and 304 on each input port and the delivery outlet.In a particular embodiment, two independently 64 byte data bag pulses transfer to MMU by local port and high-speed port.Figure 4 shows that by MMU115 and be used for resource allocation restriction to guarantee schematic diagram to the buffer management mechanism of the fair access of resource.MMU115 comprises input port back pressure mechanism 404, first (the head of line) mechanism 406 of row and Weighted random earlier detection mechanism 408.Input port back pressure mechanism 404 supports lossless state, and all input ports are managed the buffer resource liberally.The visit that the first mechanism 406 of row supports cache resources, the throughput of optimization system simultaneously.Weighted random earlier detection mechanism 408 improves whole network throughput.
Input port back pressure mechanism 404 uses packets or location counter with the packet following the trail of each input port and use or the quantity of unit.Input port back pressure mechanism 404 includes the register that is used for one group 8 threshold values that are provided with respectively and is used to specify in 8 threshold values which and is used to the register of an input port in the system.This group threshold values comprises limit threshold values 412, abandon the limit (discard limit) threshold values 414 and replacement limit threshold values 416.If the counter that is associated with the use of input port packets/cells increases and surpasses when abandoning limit threshold values 414, the packet at place, input port will be dropped.Based on the register that is used for tracing unit/data packet number, can use the information flow (cache resources that this moment, used this input port has exceeded its fair cache resources of sharing) that suspends flow control and stop to arrive the input port, thereby stop amount of information, and alleviate the obstruction that causes by this input port from the input port that breaks the rules.
Particularly, follow the trail of to determine whether it is in input port back pressure state based on the input port back pressure counter that is associated with this group threshold values always each input port.When this input port is in input port back pressure state, periodically be that the time-out flow control frame of (0xFFFF) sends out this input port with timer value.When this input port no longer is in input port back pressure state, timer value is sent by this input port for the time-out flow control frame of (0x00), and allowed information flow to flow once more.If the current input port that is not in, input port is by pressure condition, and the value of packet counter goes beyond the limit of threshold values 412, and the state of this input port will be converted to input port back pressure state.Reduce to the limited threshold values of replacement below 416 if the input port is in the value of input port back pressure state and packet counter, then the state of this port will no longer be in the back pressure state.
The fair access that the first mechanism 406 of row supports cache resources, the throughput in the optimization system simultaneously.The first mechanism 406 of row relies on the packet that abandons to manage cache resources and kept away the total throughput of system of improvement.According to one embodiment of present invention, the first mechanism 406 of row uses delivery outlet counter and predetermined threshold values to use with the buffer of following the trail of each delivery outlet and seeervice level, and the packet of making decision thereafter and newly arriving the input port and will mail to the specific delivery outlet that has exceeded the quata/service queue level to abandon.The first mechanism 406 of row supports different threshold values according to the color of newly arrived packet.Packet can be based on color on metering of carrying out in the module of input port and the marking operation mark, and MMU relies on the different colours of packet to make different operations.
According to one embodiment of present invention, going first mechanism 406 can carry out independent setting and operation on each service queue level and all of the port (comprising cpu port).The use that the first mechanism of row 406 usage counters are followed the trail of XQ memory 304 and CBP memory 302 uses threshold value to support the static allocation of CBP memory buffer 302 and the dynamic assignment of XQ memory buffer 304.Abandon threshold values 422 definition and give all unit in the CBP memory 302, and no matter mark be what color.When the value of the location counter relevant with port reaches when abandoning threshold values 422, this port is converted to capable indictment attitude.Thereafter, if the value of its location counter drops to replacement limit threshold values below 424, then this port will swap out from the transfer of row indictment attitude.
For XQ memory 304, the fixing XQ buffer memory that distributes for each service queue level is defined by XQ entry value (entry value) 430a-430h.Each XQ entry value 430a-430h corresponds to a relevant formation and reserves how many buffers inlet and made definition.For example, if the XQ memory of 100 bytes is assigned to a port, the value that the one or four relevant with XQ inlet 430a-430d respectively service queue level distributed is 10 bytes, and the value of relevant with XQ inlet 430e-430h respectively back four queue assignment is 5 bytes.
According to one embodiment of present invention, although the buffer inlet of the relevant XQ entry value of all bases for its reservation do not used in a formation, the first mechanism 406 of row can not distribute to another formation with untapped buffer.However, unappropriated 40 bytes that are used for the XQ buffer memory remainder of this port can be shared by all service queue levels relevant with this port.The restriction that special services queue level can take the shared pool of how many XQ buffer memorys can be provided with limit threshold values 432 by XQ and set.Like this, the maximum quantity that limit threshold values 432 can be used to define a spendable buffer memory of formation is set, and is used to prevent that the formation from using all available XQ buffer memorys.Be not more than the total quantity of the XQ buffer memory that this port can use for the summation of guaranteeing XQ entry value 430a-430h, and guarantee that each service queue level can visit the quota of the XQ buffer memory that is distributed by its entry value 430, the available pool of using the dynamic counter register of port to follow the trail of the XO buffer of each port, the quantity that wherein dynamic counter register 434 is followed the trail of the available shared XQ buffer memory of this port always.Dynamically the initial value of counter register 434 deducts the value after the quantity sum of XQ entry value 430a-430h for the total quantity of the XQ buffer relevant with this port.Use when the service queue level to exceed when continuing available XQ buffer after its XQ entry value 430 allocated quotas, dynamically counter register 434 subtracts 1.On the contrary, use when the service queue level to exceed when discharging the XQ buffer after its XQ entry value 430 allocated quotas, dynamically counter register 434 adds 1.
When a formation request XQ buffer memory, the first mechanism of row 406 determine all inlets that these formations are used whether be less than this formation XQ entry value 430, and agree this cache request under less than the situation of XQ entry value 430 at the inlet that uses.But, if the inlet that uses greater than the XQ entry value 430 of formation, whether the amount that the first mechanism 406 of row will determine to be asked less than available buffer total amount or less than setting the maximum of giving this formation by the relevant limit threshold values 432 that is provided with.No matter the color of packet marking how, the threshold values of abandoning that limiting threshold value 432 comes down to this formation is set.Like this, the packet count value of this packet reaches when limit threshold values 432 is set, and formation/port enters capable indictment attitude.When the first mechanism 406 of row detects capable indictment attitude, send update mode, so the packet of block ports will be dropped.
Yet, because lagging reasons when the first mechanism of row 306 transmit statuss are upgraded, may also have packet to transmit between MMU 115 and this port.In this case, because be in the situation that packet discard appears in capable indictment attitude MMU 115 places.In one embodiment of the invention, because the pile line operation of packet, predetermined amount is reduced in the dynamic pond of XQ pointer.Like this, when the quantity of available XQ pointer was equal to or less than predetermined quantity, this port translation was to row indictment attitude, and a update mode is sent to this port by MMU 115, reduced the quantity of data packets that may be abandoned by MMU 115 with this.In order to jump out capable indictment attitude, the XQ packet count value of this formation must drop to replacement limit threshold values below 436.
For the XO counter of a special services queue level, if its data packet discarding to be possible when not reaching the XQ resource that limit threshold values 432 and this port are set and being exceeded the quata to take by other service queue level.In one embodiment of the invention, can also be taildrop threshold 438 and 439 in the middle of the packet definitions that contains the particular color mark, wherein when the taildrop threshold definition should be with the data packet discarding of particular color in the middle of each.For example, middle taildrop threshold 438 can be used for defined label and should when be dropped for yellow packet, and middle taildrop threshold 439 is used for defined label and should when be dropped for red packet.According to one embodiment of present invention, packet can be labeled as green, yellow or red according to the priority of appointment respectively.Be the packet of guaranteeing each color and corresponding to processing of color assignment in each formation, one embodiment of the present of invention include virtual maximum threshold values 440.Virtual maximum threshold values 440 equals the unallocated and available buffer memory quantity value after divided by the buffer quantity sum of number of queues and current use.Virtual maximum threshold values 440 guarantees that the packet of each color handles in certain proportion.Therefore, if available unappropriated buffer quantity is provided with limit threshold values 432 less than a certain particular queue, and all available unappropriated buffers are visited in this formation request, virtual maximum threshold values 440 calculates for this formation in the first mechanism 406 of row, and according to the packet of relevant colors that is the rate process certain proportion amount of each definitions of color.
Be the save register space, the XQ threshold values can be expressed as compressed format, and wherein one group of XQ inlet is represented in each unit.The size of group depends on the quantity of the XQ buffer that the delivery outlet specific with certain/service queue level is relevant.
Weighted random earlier detection mechanism 408 is queue management mechanisms, empties packet in advance based on probable algorithm before XQ buffer 304 is used up.Therefore Weighted random earlier detection mechanism 408 can be used for optimizing the throughput of whole network.Weighted random earlier detection mechanism 408 comprises a mean value statistical value, in order to following the trail of the length of each formation, and be based upon queue definitions abandon explanation (drop profile) packet discard.This abandons the possibility that abandons that has defined under the given specific average queue size situation is described.According to one embodiment of present invention, Weighted random earlier detection mechanism 408 can be based on service queue level and the independent explanation of packet definitions.
As shown in Figure 1, MMU 115 receives packet to store from analyzer 130.As mentioned above, analyzer 130 comprises a secondary analysis device, and this part is shown in Figure 5.As mentioned above, data receive at port 501 places of the network equipment.Data also receive via CMIC 502, and wherein these data will be by input CMIC interface 503.It is the input port data format from the P-bus format conversion that this interface is used for the CMIC data.In one embodiment, data are converted to 168 bit formats from 45, and the form of back comprises 128 data, 16 control and 24 possible high speed header like this.Thereafter, data are sent to input port moderator 504 with the form of 64 digit pulses.
Input port moderator 504 receives data from port 501 and input CMIC interface 503, and carries out multiplexed based on the time-division multiplex arbitration technique to these inputs.Thereafter, data are transferred into MMU510, and at MMU 510 places, all HiGig headers are removed, and are set to the MMU interface format.Check the packet attribute then, for example, end-to-end, interrupt Bei Nuli handle (Interupted BernoulliProcess, IBP) or first (HOL) packet of row.In addition, 128 bytes of data are monitored, and the HiGig header is reached analyzer ASM 525.If the bursty data that receives comprises end marker, then CRC result will be sent to adaptation 515 as a result.And length of data package is obtained by bursts length estimation, and generates 126 packet ID and use for debugging.
Analyzer ASM 525 is converted to 64 bursts of data of 4 circulations of each bursts 128 byte bursts of 8 circulations of each bursts.The bursty data of 128 bytes is transferred to tunnel analyzer 530 and analyzer FIFO 528 simultaneously to keep identical packet sequence.Tunnel analyzer 530 has determined whether to adopt the tunnel encapsulation of any kind, comprises MPLS and IP tunnel effect.In addition, this tunnel analyzer is also checked outside and inner label.By analyzing and processing, session initializtion protocol (SIP) is offered VLAN based on subnet, wherein, if when packet is ARP(Address Resolution Protocol), inverse arp agreement (RARP) or IP packet, SIP will takes place analyze.Based on source trunk line mapping table, can also create the ID (trunk port grid ID) of trunk ports grid, unless do not have trunk line (trunk) if or this trunk line ID can from the HiGig header, obtain.
Tunnel analyzer 530 is worked with tunnel detector 531.The tunnel verifier is checked the verification of IP header and the characteristic of IPv6 packet (IPv6over IPv4packets) (checksum) and on UDP tunnel effect and the IPv4.Tunnel analyzer 530 utilizes search engine 520 to determine tunnel type by predefined table.
The packet header of analyzer FIFO 528 storages 128 bytes and the HiGig header of 12 bytes, this high speed header is analyzed once more by depth analysis device 540.Finish when search engine and once to search for and prepare to carry out deep layer when searching, byte of header is stored.Also will keep other attribute, for example data packet length, HiGig header state and packet ID.Depth analysis device 540 provides three kinds of data of different types, comprises Search Results, internal analysis result and the HiGig module header of the search engine 520 of " flowing through ".Specific type of data packet will be determined and be sent to search engine.Depth analysis device 540 reads the data from analyzer FIFO, and predefined field is analyzed.Search engine provides lookup result based on the value that is sent to this search engine, wherein will check to keep packet sequence packet ID.
Depth analysis device 540 also use agreement detector 541 check inner IP header verification and, the rejection of attribute, the mistake in the high-speed module header are attacked in the service of inspection, and carry out the martian verification.This depth analysis device is also worked with field processor analyzer 542, to analyze predefine field and user-defined field.The predefine field receives from the depth analysis device.These fields comprise MAC destination address, mac source address, inside and outside label, EtherType, IP purpose and source address, COS, IPP, IP mark, TDS, TSS, TT1, TCP mark and stream label.User-defined field also is analyzable, and the highest length is 128.
As mentioned above, the data that receive on the data that receive on the HiGig port and other local port are to separate individual processing.As shown in Figure 1, HiGig port one 08 has own buffer, and data flow in its own analyzer 134 from this port.The more details of HiGig analyzer as shown in Figure 6, its structure is similar to the device of secondary analysis shown in Fig. 5, but has some difference.The data that HiGig port 601 receives are transferred to HiGig port assembler 604.This assembler receives these data and HiGig header with the form of 64 byte bursts, and is similar to the form that is used for local port.Described data are sent to MMU 610 and do not have described HiGig header with the MMU interface format.
128 bytes of described data are monitored and are sent to depth analysis device 640 with the HiGig header.Similar to the secondary analysis device is that end-to-end information is examined, and sends this analysis result in sideband.Same approximate is, CRC and data packet length are checked by adaptation 615 as a result.In addition, generate 16 packet ID to be used to debug the stream with the trace data bag.
The HiGig version of depth analysis device 640 is subsets of secondary depth analysis device 540, and carries out similar function.Yet, there is not information via in the search engine 620, it can not skip the MPLS header, and only analyzes payload, does not send depth data to search engine.On function, the HiGig version of FP analyzer 642 is identical with FP analyzer discussed above 542.
Adaptation is shown specifically in Fig. 7 as a result.It should be noted that adaptation as a result can be applied to by a plurality of analyzers sharedly by general, perhaps each analyzer uses its own adaptation as a result.Among the embodiment shown in the figure, two types port 710 and 720 receives data and passes on certain numerical value by the operation of input port assembler 715 and input port moderator 725 and give detector as a result.This numerical value comprises existence, CRC and the data packet length of port number, EOF.Adaptation is worked with a series of FIFO as a result, comes the match search result by using search engine 705.Per-port basis, label and MIB incident and data packet length and CRC state are complementary.Per 4 circulations, Search Results just is provided for the network port and high-speed port.If there is the situation of delaying time less than the input packet time, this structure makes Search Results be stored in the adaptation as a result of each port, delays time than importing the packet time in short-term when search, and this structure allows to wait for packet result's terminal appearance.
After the data that receive are analyzed and assessed, make according to the information that receives and to pass on decision.This passes on to determine what destination interface is generally packet should send to, although this decision also can be the forgo data bag or gives CPU or other controller by CMIC 111 transfer of data bags.At delivery outlet, the analysis of equipment Network Based and assessment, this packet is modified.If delivery outlet is a high-speed port, this modification comprises the modification of mark, header information or adds module header.This modification is that carry out on the basis with the unit, to avoid producing time-delay when the transfer of data bag.
Figure 8 shows that the configuration schematic diagram that is used for delivery outlet moderator of the present invention.As shown in Figure 8, MMU115 also comprises scheduler 802, for 8 the service queue level 804a-804hs relevant with each delivery outlet provide arbitration, thereby provides minimum and the maximum bandwidth assurance.What it should be noted that introduction herein is 8 grades of services, but also supports other service class patterns.Scheduler 802 and one group of minimum and the maximum 806a-806h of metrological service integrate, and wherein each metrological service monitors the flow of each seeervice level and the flow of each delivery outlet.The 806a-806h of metrological service supports flow to adjust function (traffic shaping function), and guarantee its minimum bandwidth requirement based on each service queue level and/or delivery outlet, wherein the scheduling of scheduler 802 decision comes together to dispose with one group of control mask by flow adjusting mechanism 806a-806h, and this control mask is used to revise how use traffic adjusting mechanism 806a-806h of scheduler 802.
As shown in Figure 8, the minimum and maximum 806a-806h of metrological service monitoring is based on each service queue level and based on each delivery outlet monitoring flow.Minimum and maximum bandwidth metering 806a-806h gives scheduler 802 in order to feedback states information, and scheduler 802 these state informations of response are revised the service order in its whole service queue 804.Therefore, the network equipment 100 can make the system sales merchant carry out a plurality of service models by configuration service queue level 804, thereby supports clear and definite minimum and maximum bandwidth to guarantee.In one embodiment of the invention, the 806a-806h of metrological service detects information flow-rate based on the service queue level, provide the flow of a service queue level whether to be higher or lower than state information minimum and that maximum bandwidth requires, and transmitting this information to scheduler 802, scheduler 802 uses this metrical information to revise its scheduling decision.Like this, the 806a-806h of metrological service assist with service queue level 804 be divided into one group of formation that does not meet the minimum bandwidth requirement, one group meet its minimum bandwidth but do not meet formation that maximum bandwidth requires and one group exceeded the formation that its maximum bandwidth requires.If a formation belongs to the formation that this group does not meet its minimum bandwidth requirement, and this formation has packet, and scheduler 802 will be served this formation according to the scheduling rule of configuration.If formation belongs to this group and do not meet its minimum bandwidth requirement but do not have and surpass the formation that its maximum bandwidth requires, and in this formation packet is arranged, scheduler 802 will be served this formation according to the scheduling rule of configuration.If exceed formation that its maximum bandwidth requires or this formation for empty if formation belongs to this group, scheduler 802 will not served this formation.
Minimum and the 806a-806h of maximum bandwidth metrological service can use simple funnel bucket mechanism to realize, follows the trail of a service queue level 804 and whether has taken its minimum or maximum bandwidth.The minimum of each seeervice level 804 and the scope of maximum bandwidth are arranged between the 64Kbps to 16Gbps, and increase progressively with 64Kbps.This funnel bucket mechanism has token " leakage " bucket that quantity can be set, each bucket with among configurable ratio and the formation 804a-804h one be associated.When the minimum bandwidth of metering service queue level 804, because packet enters service queue rank 804, the token of the some that is in proportion with this packet is added in the corresponding bucket, and this barrel has barrel the maximum of high threshold values.This funnel bucket mechanism includes the minimum bandwidth that removes what tokens in refresh interface and the each refresh time of the definition unit.Minimum threshold values is used in reference to out data flow and whether satisfies its minimum rate at least, fills threshold values (fill threshold) and is used for pointing out what tokens the funnel bucket has.Rise and surpass minimum threshold values when filling threshold values, a sign of pointing out that this data flow has satisfied its minimum bandwidth requirement is set to true value (true).Be lower than minimum threshold values when filling threshold values decline, this sign is set to pseudo-value (false).
After the 806a-806h of metrological service points out that the maximum bandwidth of stipulating has exceeded high threshold values, the service that scheduler 802 stops this formation, and this formation is divided in the set of queues that exceeds the maximum bandwidth requirement.Then, send a sign and exceeded its maximum bandwidth to point out this formation.Subsequently, fill threshold values when it and drop to below the high threshold values and indicate it to exceed when the sign of bandwidth is reset, this formation only receives from scheduler 802 and serves.
Maximum rate metrological service 808 is used to point out that the maximum bandwidth of certain ports specify is exceeded, and when maximum total bandwidth was exceeded, its working method with the 806a-806h of metrological service was the same.According to one embodiment of present invention, can influence formation 804 based on the maximum metrological service on a formation and the port or whether port will be included in the scheduling arbitration.Therefore, only there is the flow restriction influence in this maximum metrological service to scheduler 802.
The minimum metering of service queue level on the other hand, 804 has more complicated interactive operation with scheduler 802.In one embodiment of the invention, scheduler 802 is supported various scheduling rules, comes the bandwidth sharing performance of analog weighted Fair Queue scheme.This Weighted Fair Queuing scheme is the weighted version based on the Fair Queue scheme of packet, is defined as a kind of method that is used to provide " based on the position round-robin " scheduling of packet.Like this, can dispatch packet, with based on delivery time of this packet visit delivery outlet, this time can provide when serving based on the position round-robin at scheduler and calculate.Relevant weighting field will influence the detail how scheduler uses minimum metrological service, and wherein this scheduler attempts to provide minimum bandwidth to guarantee.
In one embodiment of the invention, minimum bandwidth guarantees it is that a relative bandwidth guarantees, whether one of them relevant field has determined scheduler will the minimum bandwidth metering be set and be considered as the specification that a relative or absolute bandwidth guarantees.If be provided with relevant field, scheduler will be provided with minimum bandwidth 806 and be considered as a relative bandwidth specification.Scheduler 802 attempts being provided at the relative bandwidth of sharing on the backlog queue 804 then.
Figure 9 shows that the structure 900 of the search engine (SEER) of above introduction.SEP905 is the symbolic representation of search engine pipelining-stage, each level wherein, and 910-0 is to 910-N, communicates by letter each other, and communicates by letter with any one search engine 921-923 by three Time Division Multiplexing interfaces.Each search engine has internal storage, and this memory can be used for supporting the inlet of some.On the other hand, each search engine is communicated by letter with two memory interface 930-931.By these memory interfaces, this search engine can be supported a large amount of inlets.In certain embodiments, the external memory interface of this memory interface for communicating by letter with chip external memory.
As shown in the figure, SEER has three level of abstractions: logical layer (SEP), engine layers and physical interface layer.This level of abstraction can be expanded, and like this, can still can not produce any interference to logical layer to increasing another memory interface in the engine layers and only this layer being had certain interference.This level of abstraction also has good flexibility, and like this, SEER has 11 kinds of operator schemes, and the various combinations of table and table size are provided.Described two external memory interfaces can be communicated by letter with SRAM or TCAM, provide further flexibility to supported table configuration.
It more than is description to the specific embodiment of the invention.Clearly, other variation and modification can be made, some or all advantage of the present invention can be reached equally the embodiment of foregoing description of the present invention.Therefore, right of the present invention will go spirit of the present invention and scope have been described, has covered all variation and modification situations to the above embodiment of the present invention.
The application requires that application number is 60/653,952, the applying date is the priority of the U.S. Provisional Patent Application on February 18th, 2005, and quotes in full its content.

Claims (10)

1, a kind of in data network the network equipment of deal with data, the described network equipment comprises:
A plurality of ports receive packet and send the packet of having handled;
Revise engine, with described a plurality of port communications, analyze, assess and revise packet to generate the packet after handling;
Last set engine pipeline level is communicated by letter with described modification engine, carries out by a plurality of search engines that comprise level of abstraction and searches search;
Wherein said last set engine pipeline level treatment step is in order carried out searching request, wherein any one-level search engine streamline can be submitted specific searching request to described a plurality of search engines, and receives the peculiar Search Results of particular data packet in the step of correspondence.
2, the network equipment according to claim 1 is characterized in that, each grade in the described last set engine pipeline level carried out its processing separately in the predetermined number of clock cycle of the described network equipment.
3, the network equipment according to claim 1 is characterized in that, described last set engine pipeline level is by the time division multiplexing request/ring is communicated by letter with described a plurality of search engines as a result.
4, the network equipment according to claim 1 is characterized in that, described a plurality of search engines are carried out search to the external table in the memory that is stored in network equipment outside.
5, a kind of in the network equipment method of deal with data, described method comprises the steps:
A plurality of ports by the network equipment receive packet;
Handle the packet of described reception, thereby the packet of described reception is analyzed, assessed and revise to generate the packet after handling;
Search is searched in a plurality of search engines execution that comprise level of abstraction by the utilization of last set engine pipeline level;
Packet after the described processing is sent to input port in described a plurality of port;
Wherein any one-level search engine streamline can be submitted specific searching request to described a plurality of search engines, and receives the peculiar Search Results of particular data packet in the step of correspondence.
6, method according to claim 5 is characterized in that, carries out described execution and searches in the step of search, and each grade search engine streamline is carried out its processing separately in the predetermined number of clock cycle of the described network equipment.
7, method according to claim 5 is characterized in that, the step of searching search of described execution list comprises by the time division multiplexing request/environment-development as a result of communicating by letter with described a plurality of search engines send and receive searching request and Search Results.
8, a kind of network equipment of deal with data comprises:
The port device of the packet after receiving packet and transmitting processing;
Handle the packet of described reception, thereby analyze, assess and revise the processing unit of the packet of described reception with generation processing back packet;
Utilize a plurality of search engines that comprise level of abstraction to carry out by last set engine pipeline level and search the searcher of searching of search;
The wherein said searcher of searching allows at least one in described a plurality of search engines of any one-level search engine streamline to submit specific searching request to, and receives the peculiar Search Results of particular data packet in the step of correspondence.
9, the network equipment according to claim 8 is characterized in that, the described searcher of searching guarantees that each grade in the described last set engine pipeline level carry out its processing separately in the predetermined number of clock cycle of the described network equipment.
10, the network equipment according to claim 8 is characterized in that, the described searcher of searching is carried out search to the external table in the memory that is stored in network equipment outside.
CNB2006100549071A 2005-02-18 2006-02-16 Network apparatus and method for data processing Expired - Fee Related CN100493036C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US65395205P 2005-02-18 2005-02-18
US60/653,952 2005-02-18
US11/081,644 2005-03-17

Publications (2)

Publication Number Publication Date
CN1822571A CN1822571A (en) 2006-08-23
CN100493036C true CN100493036C (en) 2009-05-27

Family

ID=36923641

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006100549071A Expired - Fee Related CN100493036C (en) 2005-02-18 2006-02-16 Network apparatus and method for data processing

Country Status (1)

Country Link
CN (1) CN100493036C (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105893462A (en) * 2016-03-20 2016-08-24 百势软件(北京)有限公司 User network behavior analysis method and device

Also Published As

Publication number Publication date
CN1822571A (en) 2006-08-23

Similar Documents

Publication Publication Date Title
US8320240B2 (en) Rate limiting and minimum and maximum shaping in a network device
US7916638B2 (en) Time-independent deficit round robin method and system
EP1694006B1 (en) Multi-part parsing in a network device
EP1694004B1 (en) Traffic policing with programmable registers
US6853638B2 (en) Route/service processor scalability via flow-based distribution of traffic
US20060187832A1 (en) Filter based range check in a network device
US20130318256A1 (en) Dynamic table sharing of memory space within a network device
TWI323108B (en) Powerful and expandable pipeline architecture for a network device
CN100544320C (en) The method of the network equipment and deal with data
CN100486229C (en) Network apparatus and method for data processing in data network
US20060187965A1 (en) Creating an IP checksum in a pipeline architecture with packet modification
KR20080021491A (en) Method of processing packets per-flow using network processor in diffserv-over-mpls
EP1694005B1 (en) Flexible packet modification engine for a network device
CN100493036C (en) Network apparatus and method for data processing
US20060187948A1 (en) Layer two and layer three virtual private network support in a network device
EP1694002B1 (en) Memory access in a shared memory switch
US20060187919A1 (en) Two stage parser for a network
US20060187923A1 (en) Dynamic filter processor key generation based on packet type
CN100499588C (en) Network device and method of data processing in data network
US8331380B2 (en) Bookkeeping memory use in a search engine of a network device
WO2003090018A2 (en) Network processor architecture
CN100486226C (en) Network device and method for processing data in same
US20060203824A1 (en) Passing values through a memory management unit of a network device
US20060187828A1 (en) Packet identifier for use in a network device
US8228932B2 (en) Layout architecture for expandable network device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090527

Termination date: 20160216

CF01 Termination of patent right due to non-payment of annual fee