METHOD AND APPARATUS FOR STORING A PORT IDENTIFIER IN A LAN SWITCH
Field of the invention
The present invention relates to a scheme for VLAN learning in a switch such as an Ethernet.
Background of Invention
Fig. 1 shows a physical LAN (local area network) including a switch 5 having a number of ports through which it is connected to a number of devices 7. The switch 5 and devices 7 form a physical LAN (local area network). Packets passing within the LAN include a destination address (DA) which is the MAC address of the device 7 to which the packet is directed, and a source address (SA) which is MAC address of the device 7 which sent the packet. Initially, the switch 5 is unaware of which devices are connected to its various ports, and a learning scheme is implemented in which, when then switch receives a first packet, it uses the SA and the knowledge of which port the packet arrived at to infer the MAC address associated with that port. Copies of the packet are then sent to all of the switch's other egress ports, so that they will certainly reach the other devices, including the device for which the packet is intended. This process is continued as further packets arrive from the various devices. However, when a packet arrives having a DA which is a MAC address which has already been learnt, the switch only needs to send the packet to the egress port corresponding to that MAC address. Further details are found in IEEE standard 802.3, "Carrier sense multiple acces with collision detection (CSMA/CD) access method and physical layer specifications", 1998 edition.
The learning by the switch is usually implemented as a hash table with 2/4 buckets and support for 4096/8192 addresses. An egress port associated with a given MAC address is learnt by inserting an ID of that egress port into an address of the table which is Hash(MAC address), where hash is a hash
function. When it is required to obtain the egress port ID which has been learnt for a given MAC address, this is done by extracting the data at the location given by Hash (MAC address).
In many situations it is desirable for the devices 7 of a single physical LAN to be notionally partitioned into groups which behave as different LANs ("virtual
LANs" or VLANS), as described in the book "The switch book: the complete guide to LAN switching technology", Rich Seifert, John Wiley and Sons, 2000.
Such VLANs ease network management, cut down on unnecessary traffic, and enhance LAN security. This distinction is to be implemented by the switch 5, and thus is reconfigurable by alteration of the data within the memory of the switch rather than requiring physical reconnection of cables. Packets in this scheme are associated with a VLAN ID in addition to their SA and DA, indicating the VLAN of the SA. The VLAN may be part of the received packet, if the devices know which VLAN they are part of and so can insert it into packets they send. Alternatively, if the switch knows the correspondence of the MAC addresses with VLANs, the switch can use the SA MAC address (or any other field) to find the corresponding VLAN ID.
According to the Ethernet standard IEE 802.1 D the switch 5 should support three forms of learning:
1. Shared VLAN learning (SVL) in which all the VLANs share the same MAC table. Thus, when a packet with SA MAC address M1 and VLAN ID=V1 is received, it is learned with respect to M1 only. This means that when later a packet with a DA equal to M1 is received, the switch will find the associated port using M1 (and irrespective of the VLAN ID associated with the second packet) and the switch will deliver it.
2. Independent VLAN learning (IVL) in which all the VLANs are stored by the switch in different tables. When a packet with a SA MAC address M1 and VLAN address V1 is received, it is learned in a table associated with V1 and
placed in that table at an address derived by hashing M1. If later a packet is received with DA M1 but VLAN ID V2, the lookup will be done in the table associated with V2 and the address will not be found: the packet is not delivered.
3. Combined SVL/IVL learning, in which a group of VLANs are learned together. For example, when V1 and V2 are to be learned together, V1 and V2 are grouped together and given a filtering identifier (FID). When a packet with SA MAC address M1 and VLAN ID V1 is received, the FID corresponding to V1 (say F1 ) is found and M1 is learned in the table for F1 and with an address given by the hashed M1. A later arriving packet with a DA of M1 and a VLAN ID of V2 will be able to find this packet since V2 is converted to F1 and the lookup based on F1 and hashed M1 finds the stored data, but a later arriving packet with a VLAN ID V3 will not find M1 in the look-up table.
Conventionally, the above specification is implemented either by using a separate table for each of the VLANs, or by statically partitioning a single table into respective sections for each VLAN. Given that typical switches now support 1024, 2048 or even 4096 VLANs, the first approach requires a large amount of memory. The second approach leads to wastage since not all VLANs are used and not all MAC addresses are part of all VLANs.
Summary of the Invention
The present invention relates aims to provide a new scheme for VLAN learning.
In general terms, the present invention proposes that a single memory is used to store MAC addresses of multiple VLANs. When a packet is received at a given port, with a given SA and VLAN ID, the hashing algorithm which generates the address within the memory at which port is learnt uses a hashing algorithm which is a function both of the MAC address and of a
second hashing value determined by the VLAN ID. There is a different second hashing value for each VLAN in the case of IVL, and a different second hashing value for each group of VLANs in the case of combined SVL/IVL. When later a second packet is received having a DA which is the same MAC address, the hashing algorithm finds the look-up address using the MAC address and a second hashing value determined by the VLAN value of the second packet. Thus, the stored port will only be found if the second hashing values of the two packets are the same.
Brief Description of The Figures
Preferred features of the invention will now be described, for the sake of illustration only, with reference to the following figures, in which Figure 1 shows a known physical local area network; Figure 2 shows the steps of a learning or lookup process in an embodiment of the invention; Fig. 3 is a more detailed form of Fig. 2 in one mode; and
Figure 4 shows the steps of entering data into a memory based on the hashed address.
Detailed Description of the embodiments
Referring to Fig. 2, the steps of storing or retrieving an egress port in the embodiment of the invention are shown. The algorithm takes as input the VLAN of a packet and the SA (in the case of learning) or the DA (in the case of a lookup).
In a first step (step 1 ) the VLAN ID of the packet is input to a conversion table to obtain a second hashing value.
In a second step (step 2), the SA or DA is input together with the second hashing value to a hashing algorithm which performs a hashing function of both of them to generate an address.
In a third step (step 3), the address obtained is used as an address at which data is inserted into (in the case of learning) or extracted from (in the case of lookup) a memory.
The conversion table used in step 2 is different in the case of IVL (in which the second hashing value is different for all VLANs), in the case of SVL (in which the second hashing value is the same for all VLANs), and in the case of combination VLAN (in which the second hashing value is the same for all VLANs having the same FID.
For example, possible realisations of the conversion table are shown in Table 1.
Figure 3 is a more detailed version of steps 1 and 2 of Fig. 2 in the case of combination VLAN. Step 1 of Fig. 2 is broken into two substeps 1a and 1b. The VLAN ID (12-bits long, to permit 4k VLANs as defined by IEEE standard 802.3D), is converted to a VID in a step 1a. The VID may be 10 bits depending on the number of VLANs supported. In step 1 b, the VID is converted to a 10 bit FID. Step 2 is performed in by constructing a string 9 incorporating the FID and the MAC address, and then hashing it by a hash function 13 to form an address 14 of fer example 11 bits (the length may depend upon the size of the MAC address table). Note that in the case of independent VLAN learning step 1 b is omitted.
Fig. 4 shows how the 11-bit output of the hash function 13 of Fig. 3 is used as an address 14 in a MAC table 15 with 2k entries. Each entry is has 4 buckets (i.e. locations for associations of MAC addresses and ports). Different values of (MAC address, second hashing value) which happen to map to the same address are stored in different ones of these buckets. Fig. 4 shows the four buckets 16, 17, 18, 19 for the part 20 of the MAC table having the address 14. Hence a total of 2kx4=8k MAC addresses can be stored.
The invention is preferably implemented in the switch 5 of a physical layer network shown in Fig. 1 , such as an Ethernet switch.