Abbildung 3: Layout eines Pakets im Speicher Wie konnen wir schnell feststellen, ob das Paket fur das Web bestimmt ist? Daten anstelle von IP. Segment ist fur das Web bestimmt. Header zu analysieren, denken Sie an das Paket als Array von Oktetten im Speicher. Betrachten Sie IPv4 als Beispiel. Header muss 80 enthalten. Headers zu kennen, mussen wir die Gro?
Wenn das Oktett 0x45 enthalt. Positionen 36 und 37 gefunden. Header, um zu uberprufen, ob das Paket UDP tragt und untersuchen Sie dann die Oktetts bei einem bekannten Versatz im RTP Um zu uberprufen, ob der Wert mit dem Wert ubereinstimmt, der von einem bekannten Codec verwendet wird. That is, the lookup mechanism treats the packet as an array of octets and merely checks to verify that location X contains value Y, location Z contains value W, and so onmdashthe mechanism does not need to understand any of the protocol headers or the meaning of values. Furthermore, observe that the lookup scheme crosses multiple layers of the protocol stack. We use the term classifier to describe a mechanism that uses the lookup approach described previously, and we say that the result is a packet classification.
In practice, a classification mechanism usually takes a list of classification rules and applies them until a match is found. When a packet arrives, the packet passes from a Layer 2 module to the classification module. All packets proceed to the classifier no demultiplexing occurs before classification. If any of the classification rules matches the packet, the classification layer follows the rule. Otherwise, the packet proceeds up the traditional protocol stack.
For example, Figure 4 illustrates layering when classification is used to send some packets across MPLS paths. Interestingly, a classification layer can subsume all demultiplexing. Figure 4: Layering in a Router that Uses Classification to Select MPLS Paths Classification Hardware and Network Switches The text in the previous section describes a classification mechanism that is implemented in softwaremdashan extra layer is added to a software protocol stack that classifies frames after they arrive at a router. Classification can also be implemented in hardware.
processing hardware devices contain classification hardware that allows packet classification and forwarding to proceed at high speed. The next sections explain hardware classification mechanisms. source address in each incoming frame to learn the MAC address of the computer that is attached to each port. When a switch learns the MAC addresses of all the attached computers, the switch can use the destination MAC address in each frame to make a forwarding decision.
If the frame is unicast, the switch sends only one copy of the frame on the port to which the specified computer is attached. For a frame destined to the broadcast or a multicast address, the switch delivers a copy of the frame to all ports. VLAN Switch adds one level of virtualization by permitting a manager to assign each port to a specific VLAN. Internally, VLAN switches extend forwarding in a minor way: instead of sending broadcasts and multicasts to all ports on the switch, a VLAN switch consults the VLAN configuration and sends them only to ports on the same VLAN as the source.
Layer 3 Switch acts like a combination of a VLAN switch and a router. Instead of using only the Ethernet header when forwarding a frame, the switch can look at fields in the IP header. In particular, the switch watches the source IP address in incoming packets to learn the IP address of the computer attached to each switch port. The switch can then use the IP destination address in a packet to forward the packet to its correct destination.
Layer 4 Device extends the examination of a packet to the transport layer. That is, the device can include the TCP or UDP Source and Destination Port fields when making a forwarding decision. Switching Decisions and VLAN Tags All types of switching hardware described previously use classification. That is, switches operate on packets as if a packet is merely an array of octets, and individual fields in the packet are specified by giving offsets in the array. Thus, instead of demultiplexing packets, a switch treats a packet syntactically by applying a set of classification rules similar to the rules described previously.
Surprisingly, even VLAN processing is handled in a syntactic manner. Instead of merely keeping VLAN information in a separate data structure that holds meta information, the switch inserts an extra field in an incoming packet and places the VLAN number of the packet in the extra field. Because it is just another field, the classifier can reference the VLAN number just like any other header field.
We use the term VLAN Tag to refer to the extra field inserted in a packet. The tag contains the VLAN number that the manager assigned to the port over which the frame arrived. For Ethernet, IEEE standard 802. specifies placing the VLAN Tag field after the MAC Source Address field. Figure 5 illustrates the format.
Figure 5: An Ethernet Frame with a VLAN Tag Inserted A VLAN tag is used only internallymdashafter the switch has selected an output port and is ready to transmit the frame, the tag is removed. Thus, when computers send and receive frames, the frames do not contain a VLAN tag. An exception can be made to the rule: a manager can configure one or more ports on a switch to leave VLAN tags in frames when sending the frame. The purpose is to allow two or more switches to be configured to operate as a single, large switch. That is, the switches can share a set of VLANsmdasha manager can configure each VLAN to include ports on one or both of the switches. Classification Hardware We can think of hardware in a switch as being divided into three main components: a classifier, a set of units that perform actions, and a management component that controls the overall operation.
Figure 6 illustrates the overall organization and the flow of packets. speed data path that packets follow. When a packet arrives, the classifier uses the rules that have been configured to choose an action. cessor that runs management software. network administrator can interact with the management module to configure the switch, in which case the management module can create or modify the set of rules the classifier follows.
network system, such as a switch, must be able to handle two types of traffic: transit traffic and traffic destined for the switch itself. IP protocol stack and packets destined for the switch must be passed to the local stack. Therefore, one of the actions a classifier takes may be pass packet to the local stack for Demultiplexing. Speed Classification and TCAM Modern switches can allow each interface to operate at 10 Gbps. microseconds to arrive, and a switch usually has many interfaces. TCAM uses parallelism to achieve high speedmdashinstead of testing one field of a packet at a given time, TCAM checks all fields simultaneously.
Furthermore, TCAM performs multiple checks at the same time. To understand how TCAM works, think of a packet as a string of bits. We imagine TCAM hardware as having two parts: one part holds the bits from a packet and the other part is an array of values that will be compared to the packet. Entries in the array are known as slots.
Figure 7 illustrates the idea. Figure 7: The Conceptual Organization of TCAM In the figure, each slot contains two parts. The first part consists of hardware that compares the bits from the packet to the pattern stored in the slot.
The second part stores a value that specifies an action to be taken if the pattern matches the packet. If a match occurs, the slot hardware passes the action to the component that checks all the results and announces an answer. One of the most important details concerns the way TCAM handles multiple matches. In essence, the output circuitry selects one match and ignores the others. That is, if multiple slots each pass an action to the output circuit, the circuit accepts only one and passes the action as the output of the classification.
For example, the hardware may choose the lowest slot that matches. In any case, the action that the TCAM announces corresponds to the action from one of the matching slots. The figure indicates that a slot holds a pattern rather than an exact value. Instead of merely comparing each bit in the pattern to the corresponding bit in the packet, the hardware performs a pattern match. The adjective ternary is used because each bit position in a pattern can have three possible values: a one, a zero, or a dont care.
When a slot compares its pattern to the packet, the hardware checks only the one and zero bits in the patternmdashthe hardware ignores pattern bits that contain dont care. Thus, a pattern can specify exact values for some fields in a packet header and omit other fields. To understand TCAM pattern matching, consider a pattern that identifies IP packets.