United States Patent  [ii] Patent Number: 4,899,333
Roediger  Date of Patent: Feb. 6,1990
 ARCHITECTURE OF THE CONTROL OF A HIGH PERFORMANCE PACKET SWITCHING DISTRIBUTION NETWORK
 Inventor: Gary A. Roediger, Downers Grove, 111.
 Assignee: American Telephone and Telegraph Company AT&T Bell Laboratories, Murray Hill, N.J.
 Appl. No.: 175,542
 Filed: Mar. 31, 1988
 Int. a.* H04J3/26
 U.S. a 370/60; 370/94.1
 Field of Search 370/60, 94, 61, 54
 References Cited
U.S. PATENT DOCUMENTS
4,491,945 1/1985 Turner 370/60
4,651,318 3/1987 Luderer 370/60
4,661,947 4/1987 Lea et al 370/60
4,707,825 11/1987 Amstute et al 370/60
4,792,942 12/1988 Osato 370/60
4,813,037 3/1989 Debuysscher et al 370/60
Primary Examiner—Douglas W. Olms
Assistant Examiner—Min Jung
Attorney, Agent, or Firm—Werner Ulrich
A high capacity metropolitan area network (MAN) is described. Data traffic from users is connected to data concentrators at the edge of the network, and is trans
mitted over fiber optic data links to a hub where the data is switched. The hub includes a plurality of data switching modules, each having a control means, and each connected to a distributed control space division switch. Advantageously, the data switching modules, whose inputs are connected to the concentrators, perform all checking and routing functions, while the 1024X1024 maximum size space division switch, whose outputs are connected to the concentrators, provides a large fan-out distribution network for reaching many concentrators from each data switching module. Distributed control of the space division switch permits several million connection and disconnection actions to be performed each second, while the pipelined and parallel operation within the control means permits each of the 256 switching modules to process at least 50,000 transactions per second. The data switching modules chain groups of incoming packets destined for a common outlet of the space division switch so that only one connection in that switch is required for transmitting each group of chained packets from a data switching module to a concentrator. MAN provides security features including a port identification supplied by the data concentrators, and a check that each packet is from an authorized source user, transmitting on a port associated with that user, to an authorized destination user that is in the same group (virtual network) as the source user.