Electrical computers and digital processing systems: multicomput – Computer-to-computer data routing
Reexamination Certificate
2000-04-10
2004-08-03
Alam, Hosain (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer-to-computer data routing
C709S220000, C709S223000, C709S224000, C714S013000, C713S001000
Reexamination Certificate
active
06772223
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates generally to network processor devices, and more specifically, to a mechanism employed in network processor devices for supporting complex packet handling rules.
2. Discussion of the Prior Art
A simple definition of the tasks performed by a “networking” device (such as, but not limited to, an IP router, switch or firewall) is as follows: 1) accepting packets as input; and, 2) based on information in the packet or on the packet's origin, deciding what to do with the packet. As defined herein, the assessment made on packets is termed “Packet Classification” and, the unit of software and hardware that classifies packets and applies result of the classification to the packet is a “Classifier”.
FIG. 1
is a general block diagram depicting a network processor device
100
including a Classifier device
105
. Generally, as shown in
FIG. 1
, a plurality of rules
110
are entered into a Classifier rule list (or tree)
125
by a user program
115
, and a packet handler device
130
interrogates this list
125
when processing a packet to find rules appropriate for the packet.
Each rule in the Classifier rule list
125
includes instructions on how to identify matching packets, and information on how to process the packet, i.e., what actions to take. To identify packets, certain bits (or fields) in a packet and information related to the packet's origin or destination are used. These fields are extracted from a packet and combined to form a “key”
131
which may be used to search the classifier rule list
125
. The key fields, obviously, also define the comparison information (herein referred to as “rule description”) found in the Classifier rules. As mentioned, rule descriptions may include multiple fields. An example is the classic IP 5-tuple which includes IP source Address (SA), IP Destination Address (DA), Source Port (SP), Destination Port, and IP protocol. It is understood that other fields may also be included. Additionally, the individual fields may be expressed as exact values (DA=1.25.77.1), value and mask (1.25.77.*;255.255.255*), or ranges (1.25.77.1<DA<1.25.77.9).
As depicted in FIGS.
2
(
a
)-
2
(
c
), rule descriptions in any two rules may intersect with each other. For example, as shown in FIG.
2
(
a
), a rule description for Rule 1 intersects a rule description for Rule 2, whereas in FIG.
2
(
b
) both Rules 1 and 2 are identical. In FIG.
2
(
c
), Rule 1 includes a whole Rule 2.
Instructions, found in the Classifier rule, define how to process a matching packet. The instructions are expressed in terms of an action “type” and parameters (data) corresponding to that type. The instructions might have filtering, quality of services (QoS), redirection, or other attributes (characteristics). Values for filtering may include “permit” or “deny”. Values of QOS might include on which queue to place the packet, or how to re-mark the packet. Redirection instructions may include where a particular packet should be sent.
It would be highly desirable to provide a mechanism for defining the types of actions that must be applied to packets processed by a networking device and which define the set of action attributes (characteristics) that may be associated with individual packet classification rules.
SUMMARY OF THE INVENTION
It is an object of the invention to provide a mechanism for defining the types of actions that must be applied to packets processed by a networking device and which define the set of action attributes (characteristics) that can be associated with individual packet classification rules.
According to a preferred embodiment of the invention, there is provided a configurable packet classifier implemented in a network processor device for processing data packets communicated in a network, the classifier comprising: an attribute type definition table having entries including action types and corresponding action attributes; a classifier rule list structure comprising one or more data packet action rules, each classifier rule comprised of one or more action types having one or more corresponding action attribute values; a packet handling device responsive to an arrived data packet for searching the classifier rule list structure and identifying a matching action type and corresponding one or more attribute values that match the arrived data packet; and, a device for determining if an entry in the attribute type definition table has a corresponding action attribute and applying said corresponding one or more attribute values to the data packet.
REFERENCES:
patent: 4980886 (1990-12-01), Bernstein
patent: 5606668 (1997-02-01), Shwed
patent: 5812871 (1998-09-01), Lundberg et al.
patent: 5835087 (1998-11-01), Herz et al.
patent: 6014427 (2000-01-01), Hanson et al.
patent: 6108578 (2000-08-01), Bardy et al.
patent: 6151623 (2000-11-01), Harison et al.
patent: 6335935 (2002-01-01), Kadambi et al.
patent: 6453358 (2002-09-01), Michels
patent: 6467049 (2002-10-01), Robins et al.
Corl, Jr. Everett Arthur
Verrilli Colin Beaton
Alam Hosain
International Business Machines - Corporation
Scully Scott Murphy & Presser
Wang Liang-che
LandOfFree
Configurable classification interface for networking devices... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Configurable classification interface for networking devices..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Configurable classification interface for networking devices... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3357591