公开(公告)号：US08542595B2

公开(公告)日：2013-09-24

申请号：US13295077

申请日：2011-11-13

Applicant: Zahid Hussain ,  Tim Millet

Inventor： Zahid Hussain ,  Tim Millet

IPC: H04L12/26 ,  H04J1/16 ,  G08C15/00 ,  G06F11/00 ,  G01R31/08

CPC classification number: H04L47/2441 ,  H04L45/00 ,  H04L45/20 ,  H04L45/586 ,  H04L45/60 ,  H04L47/10 ,  H04L47/125 ,  H04L47/2408 ,  H04L47/2491 ,  H04L47/326 ,  H04L47/50 ,  H04L47/6215 ,  H04L47/623 ,  H04L49/70 ,  H04L61/2503 ,  H04L61/6004 ,  H04L63/02 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/062 ,  H04L63/101 ,  H04L63/164 ,  H04L69/22 ,  H04L69/24

Abstract: Methods and systems for providing IP services in an integrated fashion are provided. According to one embodiment, a load associated with multiple virtual routing processing resources of an IP service generator of a virtual router (VR) based switch is monitored. Packets are load balanced among the virtual routing processing resources. A packet flow cache is maintained with packet flow entries containing information indicative of packet processing actions for established packet flows. Deep packet classification is performed to determine whether a packet is associated with an established packet flow. If so, the packet is directed to one of multiple virtual services processing resources representing application-tailored engines configured to provide network-based IP services including one or more of virtual private network (VPN) processing, firewall processing, Uniform Resource Locator (URL) filtering and anti-virus processing. If the packet is allowed, it is returned to the source virtual routing processing resource for forwarding.

Abstract translation: 提供了以集成方式提供IP服务的方法和系统。 根据一个实施例，监视与基于虚拟路由器（VR）的交换机的IP服务发生器的多个虚拟路由处理资源相关联的负载。 数据包在虚拟路由处理资源之间进行负载平衡。 使用包含指示用于建立的分组流的分组处理动作的信息的分组流条目维护分组流缓存。 执行深度分组分类以确定分组是否与建立的分组流相关联。 如果是，则将分组指向多个虚拟服务中的一个处理资源，其代表应用定制引擎，其被配置为提供基于网络的IP服务，包括虚拟专用网（VPN）处理，防火墙处理，统一资源定位符（URL） 过滤和防病毒处理。 如果允许报文，则返回到源虚拟路由处理资源进行转发。

公开(公告)号：US08306040B2

公开(公告)日：2012-11-06

申请号：US12477124

申请日：2009-06-02

Applicant: Sachin Desai ,  Tim Millet ,  Zahid Hussain ,  Paul Kim ,  Louise Yeung ,  Ken Yeung

Inventor： Sachin Desai ,  Tim Millet ,  Zahid Hussain ,  Paul Kim ,  Louise Yeung ,  Ken Yeung

IPC: H04L12/26

CPC classification number: H04L47/22 ,  H04L12/4625 ,  H04L47/10 ,  H04L47/2441 ,  H04L47/2491 ,  H04L49/254 ,  H04L49/30 ,  H04L49/65

Abstract: Methods and systems are provided for steering network packets. According to one embodiment a method is provided for steering incoming network packets. Each network packet processing resource of a network routing/switching device is dynamically assigned to one or more network interfaces of the network routing/switching device. Each of the network packet processing resources includes one or more processing elements and a memory. Incoming network packets received by the network interfaces are steered to an appropriate network packet processing resource based on the dynamic assignment.

Abstract translation: 提供了用于转向网络数据包的方法和系统。 根据一个实施例，提供了一种用于控制传入网络分组的方法。 网络路由/交换设备的每个网络分组处理资源被动态分配给网络路由/交换设备的一个或多个网络接口。 每个网络分组处理资源包括一个或多个处理元件和存储器。 基于动态分配，由网络接口​​接收的传入网络分组被引导到适当的网络分组处理资源。

公开(公告)号：US20120069850A1

公开(公告)日：2012-03-22

申请号：US13305804

申请日：2011-11-29

Applicant: Sachin Desai ,  Tim Millet ,  Zahid Hussain ,  Paul Kim ,  Louise Yeung ,  Ken Yeung

Inventor： Sachin Desai ,  Tim Millet ,  Zahid Hussain ,  Paul Kim ,  Louise Yeung ,  Ken Yeung

IPC: H04L12/56

CPC classification number: H04L47/22 ,  H04L12/4625 ,  H04L47/10 ,  H04L47/2441 ,  H04L47/2491 ,  H04L49/254 ,  H04L49/30 ,  H04L49/65

Abstract: Methods and systems are provided for steering network packets. According to one embodiment, a dynamically configurable steering table is stored within a memory of each network interface of a networking routing/switching device. The steering table represents a mapping that logically assigns each of the network interfaces to one of multiple packet processing resources of the network routing/switching device. The steering table has contained therein information indicative of a unique identifier/address of the assigned packet processing resource. Responsive to receiving a packet on a network interface, the network interface performs Layer 1 or Layer 2 steering of the received packet to the assigned packet processing resource by retrieving the information indicative of the unique identifier/address of the assigned packet processing resource from the steering table based on a channel identifier associated with the received packet and the received packet is processed by the assigned packet processing resource.

Abstract translation: 提供了用于转向网络数据包的方法和系统。 根据一个实施例，可动态配置的转向表被存储在网络路由/交换设备的每个网络接口的存储器内。 转向表表示将每个网络接口逻辑地分配给网络路由/交换设备的多个分组处理资源之一的映射。 转向表中包含指示所分配的分组处理资源的唯一标识符/地址的信息。 响应于在网络接口上接收分组，网络接口通过从转向器中检索指示所分配的分组处理资源的唯一标识符/地址的信息来执行所接收分组的层1或层2转向所分配的分组处理资源 基于与接收到的分组相关联的信道标识符和接收到的分组的表由分配的分组处理资源处理。

公开(公告)号：US20120057460A1

公开(公告)日：2012-03-08

申请号：US13295077

申请日：2011-11-13

Applicant: Zahid Hussain ,  Tim Millet

Inventor： Zahid Hussain ,  Tim Millet

IPC: H04L12/26

CPC classification number: H04L47/2441 ,  H04L45/00 ,  H04L45/20 ,  H04L45/586 ,  H04L45/60 ,  H04L47/10 ,  H04L47/125 ,  H04L47/2408 ,  H04L47/2491 ,  H04L47/326 ,  H04L47/50 ,  H04L47/6215 ,  H04L47/623 ,  H04L49/70 ,  H04L61/2503 ,  H04L61/6004 ,  H04L63/02 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/062 ,  H04L63/101 ,  H04L63/164 ,  H04L69/22 ,  H04L69/24

Abstract: Methods and systems for providing IP services in an integrated fashion are provided. According to one embodiment, a load associated with multiple virtual routing processing resources of an IP service generator of a virtual router (VR) based switch is monitored. Packets are load balanced among the virtual routing processing resources. A packet flow cache is maintained with packet flow entries containing information indicative of packet processing actions for established packet flows. Deep packet classification is performed to determine whether a packet is associated with an established packet flow. If so, the packet is directed to one of multiple virtual services processing resources representing application-tailored engines configured to provide network-based IP services including one or more of virtual private network (VPN) processing, firewall processing, Uniform Resource Locator (URL) filtering and anti-virus processing. If the packet is allowed, it is returned to the source virtual routing processing resource for forwarding.

Abstract translation: 提供了以集成方式提供IP服务的方法和系统。 根据一个实施例，监视与基于虚拟路由器（VR）的交换机的IP服务发生器的多个虚拟路由处理资源相关联的负载。 数据包在虚拟路由处理资源之间进行负载平衡。 使用包含指示用于建立的分组流的分组处理动作的信息的分组流条目维护分组流缓存。 执行深度分组分类以确定分组是否与建立的分组流相关联。 如果是，则将分组指向多个虚拟服务中的一个处理资源，其代表应用定制引擎，其被配置为提供基于网络的IP服务，包括虚拟专用网（VPN）处理，防火墙处理，统一资源定位符（URL） 过滤和防病毒处理。 如果允许报文，则返回到源虚拟路由处理资源进行转发。

公开(公告)号：US08111690B2

公开(公告)日：2012-02-07

申请号：US12260524

申请日：2008-10-29

Applicant: Zahid Hussain ,  Samir Jain ,  Naveed Alam ,  Joseph Cheng ,  Greg Lockwood ,  Tim Millet

Inventor： Zahid Hussain ,  Samir Jain ,  Naveed Alam ,  Joseph Cheng ,  Greg Lockwood ,  Tim Millet

IPC: H04L12/56

CPC classification number: H04L45/00 ,  H04L45/586 ,  H04L45/742 ,  H04L49/252 ,  H04L49/505 ,  H04L49/70

Abstract: Methods and systems are provided for routing traffic through a virtual router-based network switch. According to one embodiment, a flow data structure is established that identifies current packet flows associated with multiple virtual routers in the virtual router-based network device. When an incoming packet is received by the virtual router-based network device, it is then determined whether the incoming packet is associated with a current packet flow by accessing the flow data structure based on a header associated with the incoming packet. If it is determined that the incoming packet is associated with the current packet flow, then the incoming packet is hardware forwarded via a network interface of the virtual router-based network device without intervention by a processor of the virtual router-based network device, otherwise the incoming packet is forwarded to software on the processor for flow learning.

Abstract translation: 提供了方法和系统，用于通过基于虚拟路由器的网络交换机路由流量。 根据一个实施例，建立流数据结构，其识别与基于虚拟路由器的网络设备中的多个虚拟路由器相关联的当前分组流。 当基于虚拟路由器的网络设备接收到传入分组时，通过基于与输入分组相关联的报头访问流数据结构来确定输入分组是否与当前分组流相关联。 如果确定进入的分组与当前分组流相关联，则进入的分组是经由基于虚拟路由器的网络设备的网络接口的硬件转发的，而不是由基于虚拟路由器的网络设备的处理器进行干预 传入的分组被转发到处理器上的软件用于流学习。

公开(公告)号：US07890663B2

公开(公告)日：2011-02-15

申请号：US11460977

申请日：2006-07-29

Applicant: Tim Millet

Inventor： Tim Millet

IPC: G06F15/16 ,  G06F11/00 ,  H04L13/00 ,  H04L12/28 ,  H04L12/403

CPC classification number: H04L41/12 ,  H04L12/42 ,  H04L12/433 ,  H04L47/286

Abstract: Methods are provided for determining a master node on a ring network. According to one embodiment, a first node on the ring network initiates circulation of an arbitration token by (i) determining an arbitration token timeout period has elapsed and (ii) transmitting the arbitration token to a neighboring node. Upon receipt of the arbitration token by a node, it determines its relative priority by comparing its ID to an ID field of the arbitration token, initialized by the first node. If the node is determined to be higher priority, then it overwrites the ID field and retransmits the arbitration token onto the ring network. If the node is determined to be lower priority, then the node retransmits the arbitration token without overwriting the ID field. If the node is determined to be of equal priority and the node is the first node, then it assumes the master node role.

Abstract translation: 提供了用于确定环形网络上的主节点的方法。 根据一个实施例，环网上的第一节点通过以下方式启动仲裁令牌的循环：（i）确定已经过去了仲裁令牌超时周期，以及（ii）将仲裁令牌发送到相邻节点。 在由节点接收到仲裁令时，通过将其ID与由第一节点初始化的仲裁令牌的ID字段进行比较来确定其相对优先级。 如果节点被确定为较高优先级，则覆盖该ID字段并将该仲裁令牌重传到该环网。 如果节点被确定为较低优先级，则节点重传仲裁令牌而不覆盖ID字段。 如果确定节点具有相同的优先级，并且节点是第一个节点，则它假定主节点角色。

公开(公告)号：US20100189016A1

公开(公告)日：2010-07-29

申请号：US12762362

申请日：2010-04-18

Applicant: Tim Millet

Inventor： Tim Millet

IPC: H04L12/28

CPC classification number: H04L41/12 ,  H04L12/42 ,  H04L12/433 ,  H04L47/286

Abstract: Methods, systems and data structure for facilitating identification of nodes in a ring network are provided. According to one embodiment, a data structure is stored on a computer-readable storage media of a node (e.g., a blade) participating in a ring network, within a multi-blade system, for example. The data structure includes a packet-ring master field, a control-node master field, a node characteristics field, a connection state field, a node identification field and a marker field. The packet-ring master field indicates whether the node is a current packet-ring master. The control-node master field indicates whether the node is a control-node master. The node characteristics field specifies per-node characteristics. The connection state field indicates a current connection state of the node. The node identification field specifies the node. The marker field indicates whether the data structure is a node discovery marker.

Abstract translation: 提供了用于促进环网中节点识别的方法，系统和数据结构。 根据一个实施例，数据结构存储在例如多刀片系统内的参与环网的节点（例如，刀片）的计算机可读存储介质上。 数据结构包括分组环主站，控制节点主站，节点特征域，连接状态域，节点标识域和标记区。 分组环主机字段指示节点是否为当前分组环主节点。 控制节点主站字段指示节点是否是控制节点主节点。 节点特性字段指定每节点特性。 连接状态字段表示节点的当前连接状态。 节点标识字段指定节点。 标记字段指示数据结构是否是节点发现标记。

公开(公告)号：US07580373B2

公开(公告)日：2009-08-25

申请号：US11556159

申请日：2006-11-02

Applicant: Tim Millet

Inventor： Tim Millet

IPC: H04L12/28

CPC classification number: H04L41/12 ,  H04L12/42 ,  H04L12/433 ,  H04L47/286

Abstract: Methods are provided for discovering nodes participating in a ring network. According to one embodiment, a ring controller receives a packet containing an arbitration token. If the arbitration token does not arrive within a preselected network timeout period, then the ring controller generates an arbitration token. If the packet contains an arbitration token, then the ring controller checks to see if it was modified by a higher priority node and if not, sets itself as the master node. For each discovery marker in the packet, the ring controller saves topology information associated with the discovery marker. The ring controller adds to the packet a first discovery marker when the packet does not contain a first discovery maker, wherein the first discovery marker includes topology information associated with the node. Finally, the ring controller sends the packet to a next node in the network.

Abstract translation: 提供了用于发现参与环网的节点的方法。 根据一个实施例，环控制器接收包含仲裁令牌的分组。 如果仲裁令牌没有到达预选的网络超时期限内，则环控制器产生仲裁令牌。 如果分组包含仲裁令牌，则环路控制器检查是否被较高优先级节点修改，否则将其自身设置为主节点。 对于分组中的每个发现标记，环控制器保存与发现标记相关联的拓扑信息。 当所述分组不包含第一发现制造商时，所述环控制器将所述分组添加到所述分组第一发现标记，其中所述第一发现标记包括与所述节点相关联的拓扑信息。 最后，环控制器将数据包发送到网络中的下一个节点。

公开(公告)号：US07376125B1

公开(公告)日：2008-05-20

申请号：US10163260

申请日：2002-06-04

Applicant: Zahid Hussain ,  Tim Millet

Inventor： Zahid Hussain ,  Tim Millet

IPC: H04L12/28 ,  H04L12/66 ,  G06F15/173

CPC classification number: H04L47/2441 ,  H04L45/00 ,  H04L45/20 ,  H04L45/586 ,  H04L45/60 ,  H04L47/10 ,  H04L47/125 ,  H04L47/2408 ,  H04L47/2491 ,  H04L47/326 ,  H04L47/50 ,  H04L47/6215 ,  H04L47/623 ,  H04L49/70 ,  H04L61/2503 ,  H04L61/6004 ,  H04L63/02 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/062 ,  H04L63/101 ,  H04L63/164 ,  H04L69/22 ,  H04L69/24

Abstract: A system and method for providing IP services. A packet is received at a line interface/network module and forwarded to a virtual routing engine The virtual routing engine determines if the packet requires processing by a virtual services engine. If the packet requires processing by the virtual services engine, the packet is routed to the virtual services engine for processing.

Abstract translation: 一种用于提供IP业务的系统和方法。 在线路接口/网络模块处接收分组并转发到虚拟路由引擎虚拟路由引擎确定分组是否需要由虚拟服务引擎进行处理。 如果分组需要由虚拟服务引擎进行处理，则将分组路由到虚拟服务引擎进行处理。

公开(公告)号：US07266120B2

公开(公告)日：2007-09-04

申请号：US10298815

申请日：2002-11-18

Applicant: Joseph Cheng ,  Zahid Hussain ,  Tim Millet

Inventor： Joseph Cheng ,  Zahid Hussain ,  Tim Millet

IPC: H04L12/28 ,  H04L12/56

CPC classification number: H04L45/16 ,  H04L12/18 ,  H04L12/1886 ,  H04L45/38 ,  H04L45/586 ,  H04L45/60 ,  H04L45/745 ,  H04L47/10 ,  H04L49/201 ,  H04L69/22 ,  H04L2012/6489

Abstract: A packet-forwarding engine (PFE) of a multiprocessor system uses an array of flow classification block (FCB) indices to multicast a packet. Packets are received and buffered in external memory. In one embodiment, when a multicast packet is identified, a bit is set in a packet descriptor and an FCB index is generated and sent with a null-packet to the egress processors which generate multiple descriptors with different indices for each instance of multicasting. All the descriptors may point to the same buffer in the external memory, which stores the multicast packet. A DMA engine reads from the same buffer multiple times and egress processors may access an appropriate transform control block (TCB) index so that the proper headers may be installed on the outgoing packet. The buffer may be released after the last time the packet is read by setting a particular bit of the FCB index.

Abstract translation: 多处理器系统的分组转发引擎（PFE）使用流分类块（FCB）索引的数组来组播数据包。 数据包被接收并缓存在外部存储器中。 在一个实施例中，当识别出多播分组时，在分组描述符中设置比特，并且生成FCB索引并且向出口处理器发送带有零分组的消息，所述出口处理器为每个多播的实例生成具有不同索引的多个描述符。 所有描述符都可以指向存储多播数据包的外部存储器中的相同缓冲区。 DMA引擎从同一缓冲区读取多次，出口处理器可以访问适当的变换控制块（TCB）索引，以便可以在输出数据包上安装合适的报头。 通过设置FCB索引的特定位，可以在最后一次读取数据包之后释放缓冲区。