WO2017124330A1 - Advertising network resource sharing status in sdn - Google Patents

Advertising network resource sharing status in sdn Download PDF

Info

Publication number
WO2017124330A1
WO2017124330A1 PCT/CN2016/071466 CN2016071466W WO2017124330A1 WO 2017124330 A1 WO2017124330 A1 WO 2017124330A1 CN 2016071466 W CN2016071466 W CN 2016071466W WO 2017124330 A1 WO2017124330 A1 WO 2017124330A1
Authority
WO
WIPO (PCT)
Prior art keywords
data storage
storage resource
switch
entries
controller
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/071466
Other languages
French (fr)
Inventor
Jiang He
Ke YI
Bolin NIE
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget LM Ericsson AB filed Critical Telefonaktiebolaget LM Ericsson AB
Priority to PCT/CN2016/071466 priority Critical patent/WO2017124330A1/en
Priority to US16/070,903 priority patent/US11089102B2/en
Priority to EP16885603.7A priority patent/EP3406053B1/en
Publication of WO2017124330A1 publication Critical patent/WO2017124330A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2379Updates performed during online database operations; commit processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0895Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/20Arrangements for monitoring or testing data switching networks the monitoring system or the monitored elements being virtualised, abstracted or software-defined entities, e.g. SDN or NFV

Definitions

  • Embodiments of the invention relate to the field of Software Defined Networking (SDN) , and more specifically, to resource utilization in an SDN network.
  • SDN Software Defined Networking
  • SDN Software Defined Networking
  • the use of a split architecture network simplifies the network devices (e.g., switches) implementing the forwarding plane by shifting the intelligence of the network into one or more controllers that oversee the switches.
  • SDN facilitates rapid and open innovation at the network layer by providing a programmable network infrastructure.
  • the data plane of an SDN network is responsible for performing various packet processing functionalities such as routing, filtering, and metering.
  • the data plane of the SDN network utilizes various tables (e.g., Access Control List (ACL) , Forwarding Database (FDB) , Label Forwarding Information Base (LFIB) , counters) to determine how packets should be processed.
  • ACL Access Control List
  • FDB Forwarding Database
  • LFIB Label Forwarding Information Base
  • TCAM Ternary Content Addressable memory
  • An SDN controller can program/configure the tables to achieve desired packet processing functionality.
  • each table is typically allocated a dedicated data storage resource.
  • a commercial switching chipset may include data storage resources such as a hash memory, a TCAM, and counter memory that each store multiple tables.
  • the hash memory may store FDB, LFIB, and Virtual Local Area Network (VLAN) translation tables.
  • the TCAM may store an ACL and routing tables (e.g., Forwarding Information Base (FIB) ) .
  • the counter memory may store various different counter and statistic tables such as tunnel counters, Pseudo Wire (PW) counters, and Quality of Service (QoS) counters. Allowing tables to share a data storage resource frees the network device from having to perform dedicated resource planning for specific tables and provides more flexibility in terms of programming, scalability, and performance.
  • the SDN controller Due to the decoupling of the data plane from the control plane in SDN networks, the SDN controller is not aware of which tables share the same data storage resource on a given hardware platform. As such, the SDN controller is not able to plan and adjust data storage resource utilization among the tables in an efficient and deterministic manner.
  • a method is implemented by a network device acting as a switch in a data plane of a software defined networking (SDN) network.
  • the switch is communicatively coupled to a controller in a control plane of the SDN network, where the controller manages packet processing functionality of the switch.
  • the method to provide data storage resource sharing information to the controller so that the controller can manage data storage resource utilization of the switch.
  • the method includes determining which tables stored in the switch share a data storage resource of the switch and transmitting data storage resource sharing information to the controller, where the data storage resource sharing information includes an indication of the tables that share the data storage resource.
  • a method is implemented by a network device acting as a controller in a control plane of a software defined networking (SDN) network.
  • the controller is communicatively coupled to a switch in a data plane of the SDN network, where the controller manages packet processing functionality of the switch.
  • the method includes receiving data storage resource sharing information from the switch, where the data storage resource sharing information includes an indication of tables stored in the switch that share a data storage resource of the switch.
  • the method further includes transmitting instructions to the switch to insert one or more entries in a first table from the tables that share the data storage resource, together with instructions to delete one or more entries from one or more other tables that share the data storage resource with the first table in an event that sufficient storage space is not available in the data storage resource for insertion of the one or more entries in the first table.
  • a network device is configured to act as a switch in a data plane of a software defined networking (SDN) network.
  • the switch is to be communicatively coupled to a controller in a control plane of the SDN network, where the controller is to manage packet processing functionality of the switch.
  • the network device is configured to provide data storage resource sharing information to the controller so that the controller can manage data storage resource utilization of the switch.
  • the network device includes a non-transitory machine-readable storage medium having stored therein a data storage resource sharing component and a processor communicatively coupled to the non-transitory machine-readable storage medium.
  • the processor is configured to execute the data storage resource sharing component.
  • the data storage resource sharing component is configured to determine which tables stored in the switch share a data storage resource of the switch and transmit data storage resource sharing information to the controller, where the data storage resource sharing information includes an indication of the tables that share the data storage resource.
  • a network device is configured to act as a controller in a control plane of a software defined networking (SDN) network.
  • the controller is to be communicatively coupled to a switch in a data plane of the SDN network, where the controller is to manage packet processing functionality of the switch.
  • the network device is configured to manage data storage resource utilization of the switch.
  • the network device includes a non-transitory machine-readable storage medium having stored therein a data storage resource sharing component and a processor communicatively coupled to the non-transitory machine-readable storage medium.
  • the processor is configured to execute the data storage resource sharing component.
  • the data storage resource sharing component is configured to receive data storage resource sharing information from the switch, where the data storage resource sharing information includes an indication of tables stored in the switch that share a data storage resource of the switch.
  • the data storage resource sharing component is further configured to transmit instructions to the switch to insert one or more entries in a first table from the tables that share the data storage resource, together with instructions to delete one or more entries from one or more other tables that share the data storage resource with the first table in an event that sufficient storage space is not available in the data storage resource for insertion of the one or more entries in the first table.
  • a non-transitory machine-readable medium has computer code stored therein that is to be executed by a set of one or more processors of a network device acting as a switch in a data plane of a software defined networking (SDN) network.
  • the computer code when executed by the network device, causes the network device to perform operations for providing data storage resource sharing information to a controller in a control plane of the SDN network so that the controller can manage data storage resource utilization of the switch.
  • the operations include determining which tables stored in the switch share a data storage resource of the switch and transmitting data storage resource sharing information to the controller, where the data storage resource sharing information includes an indication of the tables that share the data storage resource.
  • a non-transitory machine-readable medium has computer code stored therein that is to be executed by a set of one or more processors of a network device acting as a controller in a control plane of a software defined networking (SDN) network.
  • the computer code when executed by the network device, causes the network device to perform operations for managing data storage resource utilization of a switch in a data plane of the SDN network.
  • the operations include receiving data storage resource sharing information from the switch, where the data storage resource sharing information includes an indication of tables stored in the switch that share a data storage resource of the switch.
  • the operations further include transmitting instructions to the switch to insert one or more entries in a first table from the tables that share the data storage resource, together with instructions to delete one or more entries from one or more other tables that share the data storage resource with the first table in an event that sufficient storage space is not available in the data storage resource for insertion of the one or more entries in the first table.
  • Fig. 1 is a block diagram of a Software Defined Networking (SDN) network in which embodiments of the present disclosure can be implemented.
  • SDN Software Defined Networking
  • Fig. 2 is a block diagram illustrating tables sharing data storage resources of a switch, according to some embodiments.
  • Fig. 3 is a flow diagram of a process performed by a switch for providing data storage resource sharing information to a controller and adjusting data storage resource utilization according to instructions received from the controller, according to some embodiments.
  • Fig. 4 is a flow diagram of a process performed by a controller for managing data storage resource utilization of a switch, according to some embodiments.
  • Fig. 5A illustrates connectivity between network devices (NDs) within an exemplary network, as well as three exemplary implementations of the NDs, according to some embodiments.
  • Fig. 5B illustrates an exemplary way to implement a special-purpose network device according to some embodiments.
  • Fig. 5C illustrates various exemplary ways in which virtual network elements (VNEs) may be coupled according to some embodiments.
  • VNEs virtual network elements
  • Fig. 5D illustrates a network with a single network element (NE) on each of the NDs, and within this straight forward approach contrasts a traditional distributed approach (commonly used by traditional routers) with a centralized approach for maintaining reachability and forwarding information (also called network control) , according to some embodiments.
  • NE network element
  • Fig. 5E illustrates the simple case of where each of the NDs implements a single NE, but a centralized control plane has abstracted multiple of the NEs in different NDs into (to represent) a single NE in one of the virtual network (s) , according to some embodiments.
  • Fig. 5F illustrates a case where multiple VNEs are implemented on different NDs and are coupled to each other, and where a centralized control plane has abstracted these multiple VNEs such that they appear as a single VNE within one of the virtual networks, according to some embodiments.
  • Fig. 6 illustrates a general purpose control plane device with centralized control plane (CCP) software, according to some embodiments.
  • the following description describes methods and apparatus for providing data storage resource sharing information of a switch to a controller in a Software Defined Networking (SDN) network.
  • the controller may use this information to manage data storage resource utilization of the switch.
  • numerous specific details such as logic implementations, opcodes, means to specify operands, resource partitioning/sharing/duplication implementations, types and interrelationships of system components, and logic partitioning/integration choices are set forth in order to provide a more thorough understanding of the present invention. It will be appreciated, however, by one skilled in the art that the invention may be practiced without such specific details. In other instances, control structures, gate level circuits and full software instruction sequences have not been shown in detail in order not to obscure the invention. Those of ordinary skill in the art, with the included descriptions, will be able to implement appropriate functionality without undue experimentation.
  • references in the specification to ā€œone embodiment, ā€ ā€œan embodiment, ā€ ā€œan example embodiment, ā€ etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic. Moreover, such phrases are not necessarily referring to the same embodiment. Further, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to affect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described.
  • Bracketed text and blocks with dashed borders may be used herein to illustrate optional operations that add additional features to embodiments of the invention. However, such notation should not be taken to mean that these are the only options or optional operations, and/or that blocks with solid borders are not optional in certain embodiments of the invention.
  • Coupled is used to indicate that two or more elements, which may or may not be in direct physical or electrical contact with each other, co-operate or interact with each other.
  • Connected is used to indicate the establishment of communication between two or more elements that are coupled with each other.
  • An electronic device stores and transmits (internally and/or with other electronic devices over a network) code (which is composed of software instructions and which is sometimes referred to as computer program code or a computer program) and/or data using machine-readable media (also called computer-readable media) , such as machine-readable storage media (e.g., magnetic disks, optical disks, read only memory (ROM) , flash memory devices, phase change memory) and machine-readable transmission media (also called a carrier) (e.g., electrical, optical, radio, acoustical or other form of propagated signals-such as carrier waves, infrared signals) .
  • machine-readable storage media e.g., magnetic disks, optical disks, read only memory (ROM) , flash memory devices, phase change memory
  • machine-readable transmission media also called a carrier
  • carrier e.g., electrical, optical, radio, acoustical or other form of propagated signals-such as carrier waves, infrared signals
  • an electronic device e.g., a computer
  • includes hardware and software such as a set of one or more processors coupled to one or more machine-readable storage media to store code for execution on the set of processors and/or to store data.
  • an electronic device may include non-volatile memory containing the code since the non-volatile memory can persist code/data even when the electronic device is turned off (when power is removed) , and while the electronic device is turned on that part of the code that is to be executed by the processor (s) of that electronic device is typically copied from the slower non-volatile memory into volatile memory (e.g., dynamic random access memory (DRAM) , static random access memory (SRAM) ) of that electronic device.
  • volatile memory e.g., dynamic random access memory (DRAM) , static random access memory (SRAM)
  • Typical electronic devices also include a set or one or more physical network interface (s) to establish network connections (to transmit and/or receive code and/or data using propagating signals) with other electronic devices.
  • a set or one or more physical network interface (s) to establish network connections (to transmit and/or receive code and/or data using propagating signals) with other electronic devices.
  • One or more parts of an embodiment of the invention may be implemented using different combinations of software, firmware, and/or hardware.
  • a network device is an electronic device that communicatively interconnects other electronic devices on the network (e.g., other network devices, end-user devices) .
  • Some network devices are ā€œmultiple services network devicesā€ that provide support for multiple networking functions (e.g., routing, bridging, switching, Layer 2 aggregation, session border control, Quality of Service, and/or subscriber management) , and/or provide support for multiple application services (e.g., data, voice, and video) .
  • SDN Software Defined Networking
  • FDB Forwarding Database
  • LFIB Label Forwarding Information Base
  • VLAN Virtual Local Area Network
  • the controller queries for the maximum capacity of the data storage resource for FDB, the whole capacity of the data storage resource is returned. The same value is returned for LFIB and VT capacity queries. Thus, the controller may attempt to allocate the maximum capacity of the data storage resource to FDB, LFIB, and VT at the same time, which will result in a failure due to insufficient amount of storage space being available in the data storage resource for this allocation request. If only a part of the whole capacity of the data storage resource is returned for each table to avoid the problem of having insufficient data storage resource, then the allocation may underutilize the data storage resource.
  • the SDN controller Since the SDN controller does not know which tables share the same data storage resource, the SDN controller cannot properly adjust the data storage resource utilization among tables in the event of resource insufficiency (e.g., due to oversubscription) . That is, the SDN controller does not know which tables to delete entries from in order to create space for the tables facing resource insufficiency. Deleting an entry in a table only helps address the resource insufficiency problem if the table from which the entry is being deleted shares the same data storage resource as the table facing the resource insufficiency. However, the SDN controller in existing SDN solutions is not able determine which tables to delete entries from due to lack of data storage resource sharing information.
  • Embodiments overcome the disadvantages of existing techniques by enabling a switch to provide data storage resource sharing information (e.g., information regarding which tables stored in the switch share the same data storage resource) to the controller.
  • the controller can utilize this information to plan and adjust data storage resource utilization among tables stored in the switch in a manner that is efficient and deterministic. For example, when the controller transmits instructions to the switch to insert one or more entries in a table, the controller may also provide instructions to delete one or more entries from one or more other tables that share the same data storage resource with the first table in the event that sufficient storage space is not available in the data storage resource for insertion of the one or more entries in the first table. In this way, the controller has control over which table the switch should delete entries from to create space in the data storage resource in the event that sufficient storage space is not available in the data storage resource.
  • data storage resource sharing information e.g., information regarding which tables stored in the switch share the same data storage resource
  • the controller can utilize this information to plan and adjust data storage resource utilization among tables stored in the switch
  • Fig. 1 is a block diagram of a Software Defined Networking (SDN) network in which embodiments of the present disclosure can be implemented.
  • the SDN network 100 includes a controller 110 in a control plane of the SDN network and a switch 120 in the data plane of the SDN network 100.
  • the data plane is shown as having a single switch 120.
  • the data plane typically includes a plurality of switches and is responsible for performing various packet processing functionalities such as routing, filtering, and metering.
  • the switch 120 is a programmable data plane network element that is capable of processing packets in the data plane of the SDN network 100 (e.g., a network element that provides switching and/or routing functionality) .
  • the functionality of the switch 120 may be implemented by a special purpose network device or general purpose network device (e.g., using Network Function Virtualization (NFV) ) .
  • the control plane typically includes one or more controllers (e.g., controller 110) and is responsible for programming/configuring/controlling switches (e.g., switch 120) in the data plane to achieve desired packet processing functionality.
  • the controller 110 may provide instructions to the switch 120 on how to process and/or forward specific types of packets.
  • the functionality of the controller 110 may be implemented by a special purpose network device or general purpose network device (e.g., using NFV) .
  • the controller 110 and the switch 120 communicate using a communication protocol such as OpenFlow (e.g., OpenFlow 1.5) , Forwarding and Control Element Separation (ForCES) , Border Gateway Protocol (BGP) , Network Configuration Protocol (NETCONF) , and Path Computation Element Communication Protocol (PCEP) .
  • OpenFlow e.g., OpenFlow 1.5
  • ForceCES Forwarding and Control Element Separation
  • Border Gateway Protocol BGP
  • NETCONF Network Configuration Protocol
  • PCEP Path Computation Element Communication Protocol
  • These communication protocols are provided by way of example and not limitation. It should be understood that the controller 110 and the switch 120 can communicate using other types of communication protocols without departing from the spirit and scope of the present disclosure.
  • the communication interface between the controller 110 and the switch 120 is commonly referred to as a southbound interface.
  • the switch 120 includes data storage resources 130A-C.
  • a data storage resource 130 refers to a physical or logical repository that can store data. Examples of data storage resources include, but are not limited to, Ternary Content Addressable Memory (TCAM) , hash memory, and counter memory.
  • TCAM Ternary Content Addressable Memory
  • a data storage resource 130 can store table entries for one or more tables.
  • a table refers to a conceptual database in the data plane that is utilized in making packet processing decisions. Examples of tables include, but are not limited to, routing tables, an Access Control List (ACL) , and counter tables.
  • ACL Access Control List
  • the switch 120 is shown as having 3 data storage resources (i.e., data storage resource 130A-C) , it should be understood that the switch 120 can have any number of data storage resources 130.
  • Fig. 2 is a block diagram illustrating tables sharing data storage resources of a switch, according to some embodiments.
  • the switch 120 includes a hash memory data storage resource 230A, a TCAM data storage resource 230B, and a counter memory data storage resource 230C.
  • FDB, LFIB, and VT share the hash memory 230A.
  • IPv4 Internet Protocol version 4
  • IPv6 Internet Protocol version 6
  • L2 Layer 2
  • L3 Layer 3
  • the TCAM 230B is partitioned into four banks (bank 1, bank 2, bank 3, and bank 4) , with IPv4 FIB and L2 ACL occupying bank 1, L3 ACL occupying bank 2, and IPv6 FIB occupying both bank3 and bank 4.
  • Tunnel counters, Pseudo Wire (PW) counters, and Quality of Service (QoS) counters share the counter memory 230C.
  • the counter memory 230C is partitioned into two banks (bank 1 and bank 2) , with the tunnel counters and PW counters occupying bank 1 and the QoS counters occupying bank 2.
  • the controller 110 is not aware of data storage resource sharing information such as which tables are stored in which data storage resource 130 and which tables share the same data storage resource 130.
  • Embodiments disclosed herein enable a switch 120 to provide data storage resource sharing information to the controller 110 so that the controller 110 can utilize the information to plan and adjust data storage resource utilization among tables stored in the switch 120.
  • data storage resource sharing information can be expressed as follows.
  • table X, table Y, and table Z share the same data storage resource 130 (e.g., same hash memory 230A, TCAM 230B, or counter memory 230C) .
  • the controller 110 may interpret this as table X, table Y, and table Z share the same data storage resource 130 and deleting one entry from table X can create space to accommodate one additional entry for table Y or table Z.
  • Intra-bank data storage resource sharing may be different from inter-bank data storage resource sharing in terms of the granularity of the amount of storage space that can be interchanged. For example, for intra-bank data storage resource sharing, deleting one entry from a first table stored in a given bank of a data storage resource 130 may create space to accommodate one additional entry for a second table stored in the same bank of the data storage resource 130. However, this may not be the case for inter-bank data storage resource sharing.
  • the data storage resource sharing information can be expressed as follows.
  • Each line above indicates a granularity of storage space amount that can be deleted from one table to create space for another table.
  • the first line indicates that deleting number_YX entries from table Y can create space to accommodate number_XY additional entries in table X, and vice versa.
  • the second line indicates that deleting number_ZX entries from table Z can create space to accommodate number_XZ additional entries in table X, and vice versa.
  • the third line indicates that deleting number_ZY entries from table Z can create space to accommodate number_YZ additional entries in table Y, and vice versa.
  • the data storage resource sharing information not only indicates the tables that share the same data storage resource, but also indicates the granularities of storage space amount that can be interchanged between the tables.
  • the data storage resource sharing information for the TCAM 230B shown in Fig. 2 with bank size of 1024 entries can be expressed as follows:
  • IPv4 FIB, 2048 IPv4 FIB, 2048
  • IPv6 FIB, 1024 IPv6 FIB
  • the above data storage resource sharing information can also be expressed as the following matrix:
  • IPv4 FIB L2 ACL L3 ACL IPv6 FIB (Row 1) IPv4 FIB - (1, 1) (1024, 1024) (2048, 1024) (Row 2) L2 ACL (1, 1) - (1024, 1024) (2048, 1024) (Row 3) L3 ACL (1024, 1024) (1024, 1024) - (2048, 1024) (Row 4) IPv6 FIB (1024, 2048) (1024, 2048) (1024, 2048) (1024, 2048) -
  • the matrix can be interpreted as follows: IPv4 FIB, IPv6 FIB, L2 ACL, and L3 ACL share the same data storage resource 130 (e.g., the TCAM 230B) .
  • the minimum number of entries that can be deleted from L2 ACL is 1, which creates space to accommodate 1 additional entry for IPv4 FIB.
  • the minimum number of entries that can be deleted from L3 ACL is 1024 entries, which creates space to accommodate 1024 entries for IPv4 FIB.
  • the minimum number of entries that can be deleted from IPv6 FIB is 1024 entries, which creates space to accommodate 2048 entries for IPv4 FIB.
  • the entries in Rows 2, 3, and 4 can be interpreted in a similar manner.
  • the switch 120 can dynamically adjust the granularity numbers, depending on the data storage resource fragment status. For example, if the TCAM 230B has unused space scattered therein, then this space can be used to accommodate space for a table, and thus the minimum number of entries to delete from other tables may be reduced.
  • the counter memory 230C is similar to the TCAM 230B in that it is also partitioned into banks. Different counter tables with different counter width are stored in different banks. Counter tables having the same counter width may be stored in the same bank. As such, the granularity of the amount of storage space that can be interchanged among tables stored in the counter memory 230C can vary amongst the tables.
  • the data storage resource information can thus be expressed in a similar fashion to that of the TCAM (e.g., with granularity information) .
  • the data storage resource information of the hash memory 230A can be expressed as follows:
  • FDB, LFIB, and VT share the same data storage resource 130 (e.g., the hash memory 230A) and that in the event that there is insufficient storage space in the data storage resource 130 for FDB, the minimum number of entries that can be deleted from LFIB or VT is 1, which creates space to accommodate 1 additional entry for FDB. Similarly, in the event that there is insufficient storage space in the data storage resource 130 for LFIB, the minimum number of entries that can be deleted from FDB or VT is 1, which creates space to accommodate 1 additional entry for LFIB. Similarly, in the event that there is insufficient storage space in the data storage resource 130 for VT, the minimum number of entries that can be deleted from FDB or LFB is 1, which creates space to accommodate 1 additional entry for VT.
  • the minimum number of entries that can be deleted from FDB or LFB is 1, which creates space to accommodate 1 additional entry for VT.
  • a switch 120 may provide data storage resource sharing information such as those described above (or similar information) to a controller 110 and the controller 110 can use this information to manage data storage resource utilization of the switch 120.
  • Fig. 3 is a flow diagram of a process performed by a switch for providing data storage resource sharing information to a controller and adjusting data storage resource utilization according to instructions received from the controller, according to some embodiments.
  • the operations of the flow diagram may be performed by a network device acting as a switch 120 in an SDN network 100.
  • the switch 120 may communicate with a controller 110 in the SDN network 100 over a southbound interface using a control plane communication protocol (e.g., ForCES or OpenFlow) .
  • a control plane communication protocol e.g., ForCES or OpenFlow
  • the process is initiated when the switch 120 receives, from a controller 110, a request to provide data storage resource sharing information (block 310) .
  • the process may be initiated without receiving a request from the controller 110.
  • the switch 120 may periodically provide data storage resource sharing information to the controller 110 without receiving a request from the controller 110.
  • the switch 120 determines which tables stored in the switch 120 share a data storage resource 130 (block 320) .
  • the data storage resource 130 is a hash memory 230A, a TCAM 230B, or a counter memory 230C.
  • the switch 120 then transmits data storage resource sharing information to the controller 110 (block 330) .
  • the data storage resource sharing information includes an indication of the tables that share the data storage resource 130.
  • the data storage resource sharing information also includes an indication of a minimum number of entries that can be deleted from a second table from the tables that share the data storage resource to create storage space in the data storage resource 130 for a first table that shares the data storage resource 130 with the second table in an event that sufficient storage space is not available in the data storage resource 130 for insertion of an entry in the first table.
  • the data storage resource sharing information further includes an indication of a corresponding number of entries that can be inserted in the first table if the minimum number of entries are deleted from the second table.
  • the data storage resource sharing information can be expressed as described herein above.
  • the switch 120 receives instructions from the controller 110 to insert one or more entries in a first table from the tables that share the data storage resource 130, together with instructions to delete one or more entries from one or more other tables that share the data storage resource 130 with the first table in an event that sufficient storage space is not available in the data storage resource 130 for insertion of the one or more entries in the first table (block 340) .
  • the instructions to delete one or more entries could be expressed as (table Y, 16) and (table Z, 32) .
  • this instruction indicates that the switch 120 should delete 16 entries from table Y and delete 32 entries from table Z to create space for the insertion of the one or more entries in the first table.
  • special numbers or designations can be used to instruct the switch 120 to delete an entire table or to delete entries on demand. This allows the controller 110 to offload some of the data storage resource management responsibilities to the switch 120.
  • the switch 120 determines whether sufficient storage space is available in the data storage resource 130 for insertion of the one or more entries in the first table (decision block 350) . If the switch 120 determines that there is sufficient storage space available in the data storage resource 130, the switch 120 inserts the one or more entries in the first table (block 370) . On the other hand, if the switch 120 determines that there is insufficient storage space available in the data storage resource 130, the switch 120 deletes one or more entries from the one or more other tables (block 360) , as indicated in the instructions received from the controller 110.
  • the switch 120 deletes entries from one or more other tables that share the same data storage resource 130 as the given table, according to the instructions received from the controller 110. Deleting the entries creates space in the data storage resource 130 for the first table. Once the entries are deleted, the switch 120 may then insert the one or more entries in the first table (block 370) .
  • Fig. 4 is a flow diagram of a process performed by a controller for managing data storage resource utilization of a switch, according to some embodiments.
  • the operations of the flow diagram may be performed by a network device acting as a controller 110 in an SDN network.
  • the controller 110 may communicate with a switch 120 in the SDN network over a southbound interface using a control plane communication protocol (e.g., ForCES or OpenFlow) .
  • a control plane communication protocol e.g., ForCES or OpenFlow
  • the process is initiated when the controller 110 transmits, to a switch 120, a request to provide data storage resource sharing information (block 410) .
  • the process may be initiated without the controller 110 transmitting a request to the switch 120.
  • the switch 120 may periodically provide data storage resource sharing information to the controller 110 without receiving a request from the controller 110.
  • the controller 110 receives data storage resource sharing information from the switch 120 (block 420) .
  • the data storage resource sharing information includes an indication of the tables stored in the switch 120 that share a data storage resource 130 of the switch 120.
  • the data storage resource sharing information includes an indication of a minimum number of entries that can be deleted from a second table that shares the data storage resource 130 with the first table to create storage space in the data storage resource 130 for the first table in the event that sufficient storage space is not available in the data storage resource 130 for insertion of an entry in the first table.
  • the data storage resource sharing information further includes an indication of a corresponding number of entries that can be inserted in the first table if the minimum number of entries are deleted from the second table.
  • the data storage resource sharing information can be expressed as described herein above.
  • the controller 110 transmits instructions to the switch 120 to insert one or more entries in a first table from the tables that share the data storage resource 130, together with instructions to delete one or more entries from one or more other tables that share the data storage resource 130 with the first table in an event that sufficient storage space is not available in the data storage resource 130 for insertion of the one or more entries in the first table (block 430) .
  • the controller 110 has knowledge of which tables stored in the switch 120 share the same data storage resource 130 based on the data storage resource sharing information it received from the switch 120 (e.g., in block 420) , and can use this information to determine which table to delete entries from in the event that sufficient storage space is not available in the data storage resource 130.
  • the policy for choosing which table to delete entries from (and how many entries to delete) is managed by the control plane and is configurable by a user (e.g., a network operator or administrator) .
  • the controller 110 may determine which table to delete entries from based on the granularities of storage space amount that can be interchanged between tables. For example, smaller granularities may be preferred.
  • the controller 110 determines a number of entries to delete from the second table based on the data storage resource sharing information received from the switch.
  • the controller 110 may utilize the data storage resource sharing information received from the switch 120 to determine how many entries should be deleted from the second table in order to accommodate a certain number of additional entries in the first table.
  • the instructions to delete the one or more entries in the event that sufficient storage space is not available in the data storage resource 130 includes an indication of a number of entries to delete from each of the one or more other tables in the event that sufficient storage space is not available in the data storage resource 130 for insertion of the one or more entries in the first table.
  • the controller 110 can instruct the switch 120 to delete entries from one or more tables that share the same data storage resource 130 as a given table in the event that sufficient storage space is not available in the data storage resource 130 for the given table.
  • the controller 110 is able to provide such instructions based on its knowledge of the data storage resource sharing information it received from the switch 120.
  • the controller 110 may give preference to one table over another table when managing data storage resource utilization of a switch 120. This may help against malicious attacks on the switch 120. For example, consider a switch 120 in which FDB and LFIB share the same data storage resource 130. Malicious attacks can cause FDB table size to become very large. On the other hand, LFIB table size is relatively deterministic. Also, considering that a single FDB table entry represents one host, while a single LFIB table entry generally represents an IP prefix, it is preferable that LFIB is allocated storage space over FDB if sufficient storage space is not available in the data storage resource 130. By deleting partial FDB table entries, LFIB can be allocated additional storage space, and thus its traffic is protected.
  • TCAM 230B is typically an expensive and limited data storage resource 130 used by multiple tables (e.g., ACL, QoS, FIB, etc. ) for traffic classification and other packet processing functions.
  • QoS related table entries can be deleted to guarantee that FIB table entries can be stored in the TCAM 230B in order to guarantee non-interrupted traffic flow (given that non-interrupted traffic flow has higher priority than other goals) . In this way, the corresponding services for FIB such as L3 VPN are guaranteed.
  • the data storage resource sharing information can also be utilized during a resource planning phase. For example, when increasing or decreasing one table size, the amount of storage space allocated to other tables sharing the same data storage resource 130 can be adjusted accordingly, to reflect the actual amount of storage space available in the data storage resource 130.
  • Fig. 5A illustrates connectivity between network devices (NDs) within an exemplary network, as well as three exemplary implementations of the NDs, according to some embodiments.
  • Fig. 5A shows NDs 500A-H, and their connectivity by way of lines between A-B, B-C, C-D, D-E, E-F, F-G, and A-G, as well as between H and each of A, C, D, and G.
  • These NDs are physical devices, and the connectivity between these NDs can be wireless or wired (often referred to as a link) .
  • NDs 500A, E, and F An additional line extending from NDs 500A, E, and F illustrates that these NDs act as ingress and egress points for the network (and thus, these NDs are sometimes referred to as edge NDs; while the other NDs may be called core NDs) .
  • Two of the exemplary ND implementations in Fig. 5A are: 1) a special-purpose network device 502 that uses custom application-specific integrated-circuits (ASICs) and a proprietary operating system (OS) ; and 2) a general purpose network device 504 that uses common off-the-shelf (COTS) processors and a standard OS.
  • ASICs application-specific integrated-circuits
  • OS operating system
  • COTS common off-the-shelf
  • the special-purpose network device 502 includes networking hardware 510 comprising compute resource (s) 512 (which typically include a set of one or more processors) , forwarding resource (s) 514 (which typically include one or more ASICs and/or network processors) , and physical network interfaces (NIs) 516 (sometimes called physical ports) , as well as non-transitory machine readable storage media 518 having stored therein networking software 520.
  • a physical NI is hardware in a ND through which a network connection (e.g., wirelessly through a wireless network interface controller (WNIC) or through plugging in a cable to a physical port connected to a network interface controller (NIC) ) is made, such as those shown by the connectivity between NDs 500A-H.
  • WNIC wireless network interface controller
  • NIC network interface controller
  • the networking software 520 may be executed by the networking hardware 510 to instantiate a set of one or more networking software instance (s) 522.
  • Each of the networking software instance (s) 522, and that part of the networking hardware 510 that executes that network software instance (be it hardware dedicated to that networking software instance and/or time slices of hardware temporally shared by that networking software instance with others of the networking software instance (s) 522) , form a separate virtual network element 530A-R.
  • Each of the virtual network element (s) (VNEs) 530A-R includes a control communication and configuration module 532A-R (sometimes referred to as a local control module or control communication module) and forwarding table (s) 534A-R, such that a given virtual network element (e.g., 530A) includes the control communication and configuration module (e.g., 532A) , a set of one or more forwarding table (s) (e.g., 534A) , and that portion of the networking hardware 510 that executes the virtual network element (e.g., 530A) .
  • a control communication and configuration module 532A-R sometimes referred to as a local control module or control communication module
  • forwarding table (s) 534A-R forwarding table
  • Software 520 can include code such as data storage resource sharing component 525, which when executed by networking hardware 510, causes the special-purpose network device 502 to perform operations of one or more embodiments of the present disclosure as part networking software instances 522 (data storage resource sharing instance 535A) .
  • the special-purpose network device 502 is often physically and/or logically considered to include: 1) a ND control plane 524 (sometimes referred to as a control plane) comprising the compute resource (s) 512 that execute the control communication and configuration module (s) 532A-R; and 2) a ND forwarding plane 526 (sometimes referred to as a forwarding plane, a data plane, or a media plane) comprising the forwarding resource (s) 514 that utilize the forwarding table (s) 534A-R and the physical NIs 516.
  • a ND control plane 524 (sometimes referred to as a control plane) comprising the compute resource (s) 512 that execute the control communication and configuration module (s) 532A-R
  • a ND forwarding plane 526 sometimes referred to as a forwarding plane, a data plane, or a media plane
  • the forwarding resource (s) 514 that utilize the forwarding table (s) 534A-R and the physical NIs 516.
  • the ND control plane 524 (the compute resource (s) 512 executing the control communication and configuration module (s) 532A-R) is typically responsible for participating in controlling how data (e.g., packets) is to be routed (e.g., the next hop for the data and the outgoing physical NI for that data) and storing that routing information in the forwarding table (s) 534A-R, and the ND forwarding plane 526 is responsible for receiving that data on the physical NIs 516 and forwarding that data out the appropriate ones of the physical NIs 516 based on the forwarding table (s) 534A-R.
  • data e.g., packets
  • the ND forwarding plane 526 is responsible for receiving that data on the physical NIs 516 and forwarding that data out the appropriate ones of the physical NIs 516 based on the forwarding table (s) 534A-R.
  • Fig. 5B illustrates an exemplary way to implement the special-purpose network device 502 according to some embodiments.
  • Fig. 5B shows a special-purpose network device including cards 538 (typically hot pluggable) . While in some embodiments the cards 538 are of two types (one or more that operate as the ND forwarding plane 526 (sometimes called line cards) , and one or more that operate to implement the ND control plane 524 (sometimes called control cards) ) , alternative embodiments may combine functionality onto a single card and/or include additional card types (e.g., one additional type of card is called a service card, resource card, or multi-application card) .
  • additional card types e.g., one additional type of card is called a service card, resource card, or multi-application card
  • a service card can provide specialized processing (e.g., Layer 4 to Layer 7 services (e.g., firewall, Internet Protocol Security (IPsec) , Secure Sockets Layer (SSL) /Transport Layer Security (TLS) , Intrusion Detection System (IDS) , peer-to-peer (P2P) , Voice over IP (VoIP) Session Border Controller, Mobile Wireless Gateways (Gateway General Packet Radio Service (GPRS) Support Node (GGSN) , Evolved Packet Core (EPC) Gateway) ) .
  • Layer 4 to Layer 7 services e.g., firewall, Internet Protocol Security (IPsec) , Secure Sockets Layer (SSL) /Transport Layer Security (TLS) , Intrusion Detection System (IDS) , peer-to-peer (P2P) , Voice over IP (VoIP) Session Border Controller, Mobile Wireless Gateways (Gateway General Packet Radio Service (GPRS) Support Node (GG
  • the general purpose network device 504 includes hardware 540 comprising a set of one or more processor (s) 542 (which are often COTS processors) and network interface controller (s) 544 (NICs; also known as network interface cards) (which include physical NIs 546) , as well as non-transitory machine readable storage media 548 having stored therein software 550.
  • processors 542 which are often COTS processors
  • NICs network interface controller
  • the processor (s) 542 execute the software 550 to instantiate one or more sets of one or more applications 564A-R. While one embodiment does not implement virtualization, alternative embodiments may use different forms of virtualization-represented by a virtualization layer 554 and software containers 562A-R.
  • one such alternative embodiment implements operating system-level virtualization, in which case the virtualization layer 554 represents the kernel of an operating system (or a shim executing on a base operating system) that allows for the creation of multiple software containers 562A-R that may each be used to execute one of the sets of applications 564A-R.
  • the multiple software containers 562A-R also called virtualization engines, virtual private servers, or jails
  • the multiple software containers 562A-R are each a user space instance (typically a virtual memory space) ; these user space instances are separate from each other and separate from the kernel space in which the operating system is run; the set of applications running in a given user space, unless explicitly allowed, cannot access the memory of the other processes.
  • the virtualization layer 554 represents a hypervisor (sometimes referred to as a virtual machine monitor (VMM) ) or a hypervisor executing on top of a host operating system; and 2) the software containers 562A-R each represent a tightly isolated form of software container called a virtual machine that is run by the hypervisor and may include a guest operating system.
  • VMM virtual machine monitor
  • a virtual machine is a software implementation of a physical machine that runs programs as if they were executing on a physical, non-virtualized machine; and applications generally do not know they are running on a virtual machine as opposed to running on a ā€œbare metalā€ host electronic device, though some systems provide para-virtualization which allows an operating system or application to be aware of the presence of virtualization for optimization purposes.
  • the instantiation of the one or more sets of one or more applications 564A-R, as well as the virtualization layer 554 and software containers 562A-R if implemented, are collectively referred to as software instance (s) 552.
  • Each set of applications 564A-R, corresponding software container 562A-R if implemented, and that part of the hardware 540 that executes them (be it hardware dedicated to that execution and/or time slices of hardware temporally shared by software containers 562A-R) , forms a separate virtual network element (s) 560A-R.
  • the virtual network element (s) 560A-R perform similar functionality to the virtual network element (s) 530A-R-e.g., similar to the control communication and configuration module (s) 532A and forwarding table (s) 534A (this virtualization of the hardware 540 is sometimes referred to as network function virtualization (NFV) ) .
  • NFV network function virtualization
  • NFV may be used to consolidate many network equipment types onto industry standard high volume server hardware, physical switches, and physical storage, which could be located in Data centers, NDs, and customer premise equipment (CPE) .
  • CPE customer premise equipment
  • different embodiments of the invention may implement one or more of the software container (s) 562A-R differently.
  • each software container 562A-R corresponding to one VNE 560A-R
  • alternative embodiments may implement this correspondence at a finer level granularity (e.g., line card virtual machines virtualize line cards, control card virtual machine virtualize control cards, etc. ) ; it should be understood that the techniques described herein with reference to a correspondence of software containers 562A-R to VNEs also apply to embodiments where such a finer level of granularity is used.
  • the virtualization layer 554 includes a virtual switch that provides similar forwarding services as a physical Ethernet switch. Specifically, this virtual switch forwards traffic between software containers 562A-R and the NIC (s) 544, as well as optionally between the software containers 562A-R; in addition, this virtual switch may enforce network isolation between the VNEs 560A-R that by policy are not permitted to communicate with each other (e.g., by honoring virtual local area networks (VLANs) ) .
  • VLANs virtual local area networks
  • Software 550 can include code such as data storage resource sharing component 563, which when executed by processor (s) 542, cause the general purpose network device 504 to perform operations of one or more embodiments of the present disclosure as part software containers 562A-R.
  • the third exemplary ND implementation in Fig. 5A is a hybrid network device 506, which includes both custom ASICs/proprietary OS and COTS processors/standard OS in a single ND or a single card within an ND.
  • a platform VM i.e., a VM that that implements the functionality of the special-purpose network device 502 could provide for para-virtualization to the networking hardware present in the hybrid network device 506.
  • each of the VNEs receives data on the physical NIs (e.g., 516, 546) and forwards that data out the appropriate ones of the physical NIs (e.g., 516, 546) .
  • a VNE implementing IP router functionality forwards IP packets on the basis of some of the IP header information in the IP packet; where IP header information includes source IP address, destination IP address, source port, destination port (where ā€œsource portā€ and ā€œdestination portā€ refer herein to protocol ports, as opposed to physical ports of a ND) , transport protocol (e.g., user datagram protocol (UDP) , Transmission Control Protocol (TCP) , and differentiated services (DSCP) values.
  • UDP user datagram protocol
  • TCP Transmission Control Protocol
  • DSCP differentiated services
  • Fig. 5C illustrates various exemplary ways in which VNEs may be coupled according to some embodiments.
  • Fig. 5C shows VNEs 570A. 1-570A. P (and optionally VNEs 570A. Q-570A. R) implemented in ND 500A and VNE 570H. 1 in ND 500H.
  • VNEs 570A. 1-P are separate from each other in the sense that they can receive packets from outside ND 500A and forward packets outside of ND 500A; VNE 570A. 1 is coupled with VNE 570H. 1, and thus they communicate packets between their respective NDs; VNE 570A. 2-570A.
  • VNE 3 may optionally forward packets between themselves without forwarding them outside of the ND 500A; and VNE 570A.
  • P may optionally be the first in a chain of VNEs that includes VNE 570A.
  • Q followed by VNE 570A.
  • R (this is sometimes referred to as dynamic service chaining, where each of the VNEs in the series of VNEs provides a different service-e.g., one or more layer 4-7 network services) .
  • Fig. 5C illustrates various exemplary relationships between the VNEs, alternative embodiments may support other relationships (e.g., more/fewer VNEs, more/fewer dynamic service chains, multiple different dynamic service chains with some common VNEs and some different VNEs) .
  • the NDs of Fig. 5A may form part of the Internet or a private network; and other electronic devices (not shown; such as end user devices including workstations, laptops, netbooks, tablets, palm tops, mobile phones, smartphones, phablets, multimedia phones, Voice Over Internet Protocol (VOIP) phones, terminals, portable media players, GPS units, wearable devices, gaming systems, set-top boxes, Internet enabled household appliances) may be coupled to the network (directly or through other networks such as access networks) to communicate over the network (e.g., the Internet or virtual private networks (VPNs) overlaid on (e.g., tunneled through) the Internet) with each other (directly or through servers) and/or access content and/or services.
  • VOIP Voice Over Internet Protocol
  • VPNs virtual private networks
  • Such content and/or services are typically provided by one or more servers (not shown) belonging to a service/content provider or one or more end user devices (not shown) participating in a peer-to-peer (P2P) service, and may include, for example, public webpages (e.g., free content, store fronts, search services) , private webpages (e.g., username/password accessed webpages providing email services) , and/or corporate networks over VPNs.
  • end user devices may be coupled (e.g., through customer premise equipment coupled to an access network (wired or wirelessly) ) to edge NDs, which are coupled (e.g., through one or more core NDs) to other edge NDs, which are coupled to electronic devices acting as servers.
  • one or more of the electronic devices operating as the NDs in Fig. 5A may also host one or more such servers (e.g., in the case of the general purpose network device 504, one or more of the software containers 562A-R may operate as servers; the same would be true for the hybrid network device 506; in the case of the special-purpose network device 502, one or more such servers could also be run on a virtualization layer executed by the compute resource (s) 512) ; in which case the servers are said to be co-located with the VNEs of that ND.
  • the servers are said to be co-located with the VNEs of that ND.
  • a virtual network is a logical abstraction of a physical network (such as that in Fig. 5A) that provides network services (e.g., L2 and/or L3 services) .
  • a virtual network can be implemented as an overlay network (sometimes referred to as a network virtualization overlay) that provides network services (e.g., layer 2 (L2, data link layer) and/or layer 3 (L3, network layer) services) over an underlay network (e.g., an L3 network, such as an Internet Protocol (IP) network that uses tunnels (e.g., generic routing encapsulation (GRE) , layer 2 tunneling protocol (L2TP) , IPSec) to create the overlay network) .
  • IP Internet Protocol
  • a network virtualization edge sits at the edge of the underlay network and participates in implementing the network virtualization; the network-facing side of the NVE uses the underlay network to tunnel frames to and from other NVEs; the outward-facing side of the NVE sends and receives data to and from systems outside the network.
  • a virtual network instance is a specific instance of a virtual network on a NVE (e.g., a NE/VNE on an ND, a part of a NE/VNE on a ND where that NE/VNE is divided into multiple VNEs through emulation) ; one or more VNIs can be instantiated on an NVE (e.g., as different VNEs on an ND) .
  • a virtual access point is a logical connection point on the NVE for connecting external systems to a virtual network; a VAP can be physical or virtual ports identified through logical interface identifiers (e.g., a VLAN ID).
  • Examples of network services include: 1) an Ethernet LAN emulation service (an Ethernet-based multipoint service similar to an Internet Engineering Task Force (IETF) Multiprotocol Label Switching (MPLS) or Ethernet VPN (EVPN) service) in which external systems are interconnected across the network by a LAN environment over the underlay network (e.g., an NVE provides separate L2 VNIs (virtual switching instances) for different such virtual networks, and L3 (e.g., IP/MPLS) tunneling encapsulation across the underlay network) ; and 2) a virtualized IP forwarding service (similar to IETF IP VPN (e.g., Border Gateway Protocol (BGP) /MPLS IPVPN) from a service definition perspective) in which external systems are interconnected across the network by an L3 environment over the underlay network (e.g., an NVE provides separate L3 VNIs (forwarding and routing instances) for different such virtual networks, and L3 (e.g., IP/MPLS) tunneling encapsulation across the underlay network)
  • Network services may also include quality of service capabilities (e.g., traffic classification marking, traffic conditioning and scheduling) , security capabilities (e.g., filters to protect customer premises from network-originated attacks, to avoid malformed route announcements) , and management capabilities (e.g., full detection and processing) .
  • quality of service capabilities e.g., traffic classification marking, traffic conditioning and scheduling
  • security capabilities e.g., filters to protect customer premises from network-originated attacks, to avoid malformed route announcements
  • management capabilities e.g., full detection and processing
  • Fig. 5D illustrates a network with a single network element on each of the NDs of Fig. 5A, and within this straight forward approach contrasts a traditional distributed approach (commonly used by traditional routers) with a centralized approach for maintaining reachability and forwarding information (also called network control) , according to some embodiments.
  • Fig. 5D illustrates network elements (NEs) 570A-H with the same connectivity as the NDs 500A-H of Fig. 5A.
  • Fig. 5D illustrates that the distributed approach 572 distributes responsibility for generating the reachability and forwarding information across the NEs 570A-H; in other words, the process of neighbor discovery and topology discovery is distributed.
  • the control communication and configuration module (s) 532A-R of the ND control plane 524 typically include a reachability and forwarding information module to implement one or more routing protocols (e.g., an exterior gateway protocol such as Border Gateway Protocol (BGP) , Interior Gateway Protocol (s) (IGP) (e.g., Open Shortest Path First (OSPF) , Intermediate System to Intermediate System (IS-IS) , Routing Information Protocol (RIP) ) , Label Distribution Protocol (LDP) , Resource Reservation Protocol (RSVP) , as well as RSVP-Traffic Engineering (TE) : Extensions to RSVP for LSP Tunnels, Generalized Multi-Protocol Label Switching (GMPLS) Signaling RSVP-TE that communicate with other NEs to exchange routes, and then selects those routes based on one or more routing metrics.
  • Border Gateway Protocol BGP
  • IGP Interior Gateway Protocol
  • OSPF Open Shortest Path First
  • IS-IS Intermediate System to Intermediate System
  • RIP Routing Information Protocol
  • LDP Label Distribution Protocol
  • RSVP Resource Reservation Protocol
  • the NEs 570A-H e.g., the compute resource (s) 512 executing the control communication and configuration module (s) 532A-R
  • Routes and adjacencies are stored in one or more routing structures (e.g., Routing Information Base (RIB) , Label Information Base (LIB) , one or more adjacency structures) on the ND control plane 524.
  • routing structures e.g., Routing Information Base (RIB) , Label Information Base (LIB) , one or more adjacency structures
  • the ND control plane 524 programs the ND forwarding plane 526 with information (e.g., adjacency and route information) based on the routing structure (s) .
  • the ND control plane 524 programs the adjacency and route information into one or more forwarding table (s) 534A-R (e.g., Forwarding Information Base (FIB) , Label Forwarding Information Base (LFIB) , and one or more adjacency structures) on the ND forwarding plane 526.
  • FIB Forwarding Information Base
  • LFIB Label Forwarding Information Base
  • the ND can store one or more bridging tables that are used to forward data based on the layer 2 information in that data. While the above example uses the special-purpose network device 502, the same distributed approach 572 can be implemented on the general purpose network device 504 and the hybrid network device 506.
  • Fig. 5D illustrates that a centralized approach 574 (also known as Software Defined Networking (SDN) ) that decouples the system that makes decisions about where traffic is sent from the underlying systems that forwards traffic to the selected destination.
  • the illustrated centralized approach 574 has the responsibility for the generation of reachability and forwarding information in a centralized control plane 576 (sometimes referred to as a SDN control module, controller, network controller, OpenFlow controller, SDN controller, control plane node, network virtualization authority, or management control entity) , and thus the process of neighbor discovery and topology discovery is centralized.
  • SDN Software Defined Networking
  • the centralized control plane 576 has a south bound interface 582 with a data plane 580 (sometime referred to the infrastructure layer, network forwarding plane, or forwarding plane (which should not be confused with a ND forwarding plane) ) that includes the NEs 570A-H (sometimes referred to as switches, forwarding elements, data plane elements, or nodes) .
  • the centralized control plane 576 includes a network controller 578, which includes a centralized reachability and forwarding information module 579 that determines the reachability within the network and distributes the forwarding information to the NEs 570A-H of the data plane 580 over the south bound interface 582 (which may use the OpenFlow protocol) .
  • the network intelligence is centralized in the centralized control plane 576 executing on electronic devices that are typically separate from the NDs.
  • the network controller 578 may include a data storage resource sharing component 581 that when executed by the network controller 578, causes the network controller 578 to perform operations of one or more embodiments described herein above.
  • each of the control communication and configuration module (s) 532A-R of the ND control plane 524 typically include a control agent that provides the VNE side of the south bound interface 582.
  • the ND control plane 524 (the compute resource (s) 512 executing the control communication and configuration module (s) 532A-R) performs its responsibility for participating in controlling how data (e.g., packets) is to be routed (e.g., the next hop for the data and the outgoing physical NI for that data) through the control agent communicating with the centralized control plane 576 to receive the forwarding information (and in some cases, the reachability information) from the centralized reachability and forwarding information module 579 (it should be understood that in some embodiments, the control communication and configuration module (s) 532A-R, in addition to communicating with the centralized control plane 576, may also play some role in determining reachability and/or calculating forwarding information-albeit less so than in the case of a distributed approach; such embodiments are generally considered to fall under the centralized approach 574, but may also be considered a hybrid approach) .
  • data e.g., packets
  • the control agent communicating with the centralized control plane 576 to receive the forwarding information (
  • the same centralized approach 574 can be implemented with the general purpose network device 504 (e.g., each of the VNE 560A-R performs its responsibility for controlling how data (e.g., packets) is to be routed (e.g., the next hop for the data and the outgoing physical NI for that data) by communicating with the centralized control plane 576 to receive the forwarding information (and in some cases, the reachability information) from the centralized reachability and forwarding information module 579; it should be understood that in some embodiments, the VNEs 560A-R, in addition to communicating with the centralized control plane 576, may also play some role in determining reachability and/or calculating forwarding information-albeit less so than in the case of a distributed approach) and the hybrid network device 506.
  • the general purpose network device 504 e.g., each of the VNE 560A-R performs its responsibility for controlling how data (e.g., packets) is to be routed (e.g., the next hop for the data and the out
  • NFV is able to support SDN by providing an infrastructure upon which the SDN software can be run
  • NFV and SDN both aim to make use of commodity server hardware and physical switches.
  • Fig. 5D also shows that the centralized control plane 576 has a north bound interface 584 to an application layer 586, in which resides application (s) 588.
  • the centralized control plane 576 has the ability to form virtual networks 592 (sometimes referred to as a logical forwarding plane, network services, or overlay networks (with the NEs 570A-H of the data plane 580 being the underlay network) ) for the application (s) 588.
  • virtual networks 592 sometimes referred to as a logical forwarding plane, network services, or overlay networks (with the NEs 570A-H of the data plane 580 being the underlay network)
  • the centralized control plane 576 maintains a global view of all NDs and configured NEs/VNEs, and it maps the virtual networks to the underlying NDs efficiently (including maintaining these mappings as the physical network changes either through hardware (ND, link, or ND component) failure, addition, or removal) .
  • Fig. 5D shows the distributed approach 572 separate from the centralized approach 574
  • the effort of network control may be distributed differently or the two combined in certain embodiments of the invention.
  • embodiments may generally use the centralized approach (SDN) 574, but have certain functions delegated to the NEs (e.g., the distributed approach may be used to implement one or more of fault monitoring, performance monitoring, protection switching, and primitives for neighbor and/or topology discovery)
  • embodiments of the invention may perform neighbor discovery and topology discovery via both the centralized control plane and the distributed protocols, and the results compared to raise exceptions where they do not agree.
  • Such embodiments are generally considered to fall under the centralized approach 574, but may also be considered a hybrid approach.
  • Fig. 5D illustrates the simple case where each of the NDs 500A-H implements a single NE 570A-H
  • the network control approaches described with reference to Fig. 5D also work for networks where one or more of the NDs 500A-H implement multiple VNEs (e.g., VNEs 530A-R, VNEs 560A-R, those in the hybrid network device 506) .
  • the network controller 578 may also emulate the implementation of multiple VNEs in a single ND.
  • the network controller 578 may present the implementation of a VNE/NE in a single ND as multiple VNEs in the virtual networks 592 (all in the same one of the virtual network (s) 592, each in different ones of the virtual network (s) 592, or some combination) .
  • the network controller 578 may cause an ND to implement a single VNE (a NE) in the underlay network, and then logically divide up the resources of that NE within the centralized control plane 576 to present different VNEs in the virtual network (s) 592 (where these different VNEs in the overlay networks are sharing the resources of the single VNE/NE implementation on the ND in the underlay network) .
  • Figs. 5E and 5F respectively illustrate exemplary abstractions of NEs and VNEs that the network controller 578 may present as part of different ones of the virtual networks 592.
  • Fig. 5E illustrates the simple case of where each of the NDs 500A-H implements a single NE 570A-H (see Fig. 5D) , but the centralized control plane 576 has abstracted multiple of the NEs in different NDs (the NEs 570A-C and G-H) into (to represent) a single NE 570I in one of the virtual network (s) 592 of Fig. 5D, according to some embodiments.
  • Fig. 5E shows that in this virtual network, the NE 570I is coupled to NE 570D and 570F, which are both still coupled to NE 570E.
  • Fig. 5F illustrates a case where multiple VNEs (VNE 570A. 1 and VNE 570H. 1) are implemented on different NDs (ND 500A and ND 500H) and are coupled to each other, and where the centralized control plane 576 has abstracted these multiple VNEs such that they appear as a single VNE 570T within one of the virtual networks 592 of Fig. 5D, according to some embodiments.
  • the abstraction of a NE or VNE can span multiple NDs.
  • the electronic device (s) running the centralized control plane 576 may be implemented a variety of ways (e.g., a special purpose device, a general-purpose (e.g., COTS) device, or hybrid device) .
  • These electronic device (s) would similarly include compute resource (s) , a set or one or more physical NICs, and a non-transitory machine-readable storage medium having stored thereon the centralized control plane software. For instance, Fig.
  • a general purpose control plane device 604 including hardware 640 comprising a set of one or more processor (s) 642 (which are often COTS processors) and network interface controller (s) 644 (NICs; also known as network interface cards) (which include physical NIs 646) , as well as non-transitory machine readable storage media 648 having stored therein centralized control plane (CCP) software 650 and a data storage resource sharing component 651.
  • processors which are often COTS processors
  • NICs network interface controller
  • NICs network interface controller
  • non-transitory machine readable storage media 648 having stored therein centralized control plane (CCP) software 650 and a data storage resource sharing component 651.
  • CCP centralized control plane
  • the processor (s) 642 typically execute software to instantiate a virtualization layer 654 and software container (s) 662A-R (e.g., with operating system-level virtualization, the virtualization layer 654 represents the kernel of an operating system (or a shim executing on a base operating system) that allows for the creation of multiple software containers 662A-R (representing separate user space instances and also called virtualization engines, virtual private servers, or jails) that may each be used to execute a set of one or more applications; with full virtualization, the virtualization layer 654 represents a hypervisor (sometimes referred to as a virtual machine monitor (VMM) ) or a hypervisor executing on top of a host operating system, and the software containers 662A-R each represent a tightly isolated form of software container called a virtual machine that is run by the hypervisor and may include a guest operating system; with para-virtualization, an operating system or application running with a virtual machine may be aware of the presence of virtualization for optimization
  • VMM virtual machine monitor
  • an instance of the CCP software 650 (illustrated as CCP instance 676A) is executed within the software container 662A on the virtualization layer 654.
  • CCP instance 676A on top of a host operating system is executed on the ā€œbare metalā€ general purpose control plane device 604.
  • the instantiation of the CCP instance 676A, as well as the virtualization layer 654 and software containers 662A-R if implemented, are collectively referred to as software instance (s) 652.
  • the CCP instance 676A includes a network controller instance 678.
  • the network controller instance 678 includes a centralized reachability and forwarding information module instance 679 (which is a middleware layer providing the context of the network controller 578 to the operating system and communicating with the various NEs) , and an CCP application layer 680 (sometimes referred to as an application layer) over the middleware layer (providing the intelligence required for various network operations such as protocols, network situational awareness, and user-interfaces) .
  • this CCP application layer 680 within the centralized control plane 576 works with virtual network view (s) (logical view (s) of the network) and the middleware layer provides the conversion from the virtual networks to the physical view.
  • the data storage resource sharing component 651 can be executed by hardware 640 to perform operations of one or more embodiments of the present disclosure as part of software instances 652 (e.g., data storage resource sharing instance 681) .
  • the centralized control plane 576 transmits relevant messages to the data plane 580 based on CCP application layer 680 calculations and middleware layer mapping for each flow.
  • a flow may be defined as a set of packets whose headers match a given pattern of bits; in this sense, traditional IP forwarding is also flow-based forwarding where the flows are defined by the destination IP address for example; however, in other implementations, the given pattern of bits used for a flow definition may include more fields (e.g., 10 or more) in the packet headers.
  • Different NDs/NEs/VNEs of the data plane 580 may receive different messages, and thus different forwarding information.
  • the data plane 580 processes these messages and programs the appropriate flow information and corresponding actions in the forwarding tables (sometime referred to as flow tables) of the appropriate NE/VNEs, and then the NEs/VNEs map incoming packets to flows represented in the forwarding tables and forward packets based on the matches in the forwarding tables.
  • Standards such as OpenFlow define the protocols used for the messages, as well as a model for processing the packets.
  • the model for processing packets includes header parsing, packet classification, and making forwarding decisions. Header parsing describes how to interpret a packet based upon a well-known set of protocols. Some protocol fields are used to build a match structure (or key) that will be used in packet classification (e.g., a first key field could be a source media access control (MAC) address, and a second key field could be a destination MAC address) .
  • MAC media access control
  • Packet classification involves executing a lookup in memory to classify the packet by determining which entry (also referred to as a forwarding table entry or flow entry) in the forwarding tables best matches the packet based upon the match structure, or key, of the forwarding table entries. It is possible that many flows represented in the forwarding table entries can correspond/match to a packet; in this case the system is typically configured to determine one forwarding table entry from the many according to a defined scheme (e.g., selecting a first forwarding table entry that is matched) .
  • Forwarding table entries include both a specific set of match criteria (aset of values or wildcards, or an indication of what portions of a packet should be compared to a particular value/values/wildcards, as defined by the matching capabilities-for specific fields in the packet header, or for some other packet content) , and a set of one or more actions for the data plane to take on receiving a matching packet. For example, an action may be to push a header onto the packet, for the packet using a particular port, flood the packet, or simply drop the packet.
  • TCP transmission control protocol
  • an unknown packet for example, a ā€œmissed packetā€ or a ā€œmatch-missā€ as used in OpenFlow parlance
  • the packet (or a subset of the packet header and content) is typically forwarded to the centralized control plane 576.
  • the centralized control plane 576 will then program forwarding table entries into the data plane 580 to accommodate packets belonging to the flow of the unknown packet. Once a specific forwarding table entry has been programmed into the data plane 580 by the centralized control plane 576, the next packet with matching credentials will match that forwarding table entry and take the set of actions associated with that matched entry.
  • a network interface may be physical or virtual; and in the context of IP, an interface address is an IP address assigned to a NI, be it a physical NI or virtual NI.
  • a virtual NI may be associated with a physical NI,with another virtual interface, or stand on its own (e.g., a loopback interface, a point-to-point protocol interface) .
  • a NI (physical or virtual) may be numbered (a NI with an IP address) or unnumbered (a NI without an IP address) .
  • a loopback interface (and its loopback address) is a specific type of virtual NI (and IP address) of a NE/VNE (physical or virtual) often used for management purposes; where such an IP address is referred to as the nodal loopback address.
  • IP addresses (es) assigned to the NI (s) of a ND are referred to as IP addresses of that ND; at a more granular level, the IP address (es) assigned to NI (s) assigned to a NE/VNE implemented on a ND can be referred to as IP addresses of that NE/VNE.
  • An embodiment of the invention may be an article of manufacture in which a non-transitory machine-readable medium (such as microelectronic memory) has stored thereon instructions (e.g., computer code) which program one or more data processing components (generically referred to here as a ā€œprocessorā€ ) to perform the operations described above.
  • a non-transitory machine-readable medium such as microelectronic memory
  • instructions e.g., computer code
  • data processing components program one or more data processing components (generically referred to here as a ā€œprocessorā€ ) to perform the operations described above.
  • some of these operations might be performed by specific hardware components that contain hardwired logic (e.g., dedicated digital filter blocks and state machines) .
  • Those operations might alternatively be performed by any combination of programmed data processing components and fixed hardwired circuit components.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method is implemented by a network device acting as a switch in a data plane of a software defined networking (SDN) network. The switch is communicatively coupled to a controller in a control plane of the SDN network, where the controller manages packet processing functionality of the switch. The method to provide data storage resource sharing information to the controller so that the controller can manage data storage resource utilization of the switch. The method includes determining which tables stored in the switch share a data storage resource of the switch and transmitting data storage resource sharing information to the controller, where the data storage resource sharing information includes an indication of the tables that share the data storage resource.

Description

ADVERTISINGĀ NETWORKĀ RESOURCEĀ SHARINGĀ STATUSĀ INĀ SDN FIELD
EmbodimentsĀ ofĀ theĀ inventionĀ relateĀ toĀ theĀ fieldĀ ofĀ SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā ļ¼ŒĀ andĀ moreĀ specificallyļ¼ŒĀ toĀ resourceĀ utilizationĀ inĀ anĀ SDNĀ network.
BACKGROUND
SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā isĀ anĀ approachĀ toĀ computerĀ networkingĀ thatĀ employsĀ aĀ splitĀ architectureĀ networkĀ inĀ whichĀ theĀ forwardingĀ (data)Ā planeĀ isĀ decoupledĀ fromĀ theĀ controlĀ plane.Ā TheĀ useĀ ofĀ aĀ splitĀ architectureĀ networkĀ simplifiesĀ theĀ networkĀ devicesĀ (e.g.ļ¼ŒĀ switches)Ā implementingĀ theĀ forwardingĀ planeĀ byĀ shiftingĀ theĀ intelligenceĀ ofĀ theĀ networkĀ intoĀ oneĀ orĀ moreĀ controllersĀ thatĀ overseeĀ theĀ switches.Ā SDNĀ facilitatesĀ rapidĀ andĀ openĀ innovationĀ atĀ theĀ networkĀ layerĀ byĀ providingĀ aĀ programmableĀ networkĀ infrastructure.
TheĀ dataĀ planeĀ ofĀ anĀ SDNĀ networkĀ isĀ responsibleĀ forĀ performingĀ variousĀ packetĀ processingĀ functionalitiesĀ suchĀ asĀ routingļ¼ŒĀ filteringļ¼ŒĀ andĀ metering.Ā TheĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkĀ utilizesĀ variousĀ tablesĀ (e.g.ļ¼ŒĀ AccessĀ ControlĀ ListĀ (ACL)Ā ļ¼ŒĀ ForwardingĀ DatabaseĀ (FDB)Ā ļ¼ŒĀ LabelĀ ForwardingĀ InformationĀ BaseĀ (LFIB)Ā ļ¼ŒĀ counters)Ā toĀ determineĀ howĀ packetsĀ shouldĀ beĀ processed.Ā TheseĀ tablesĀ areĀ typicallyĀ storedĀ inĀ oneĀ orĀ moreĀ dataĀ storageĀ resourcesĀ (TernaryĀ ContentĀ AddressableĀ memoryĀ (TCAM)Ā ļ¼ŒĀ counterĀ memoryļ¼ŒĀ etc.Ā )Ā ofĀ aĀ switchĀ inĀ theĀ dataĀ plane.Ā AnĀ SDNĀ controllerĀ canĀ program/configureĀ theĀ tablesĀ toĀ achieveĀ desiredĀ packetĀ processingĀ functionality.
InĀ traditionalĀ non-SDNĀ networksļ¼ŒĀ eachĀ tableĀ isĀ typicallyĀ allocatedĀ aĀ dedicatedĀ dataĀ storageĀ resource.Ā Howeverļ¼ŒĀ inĀ SDNĀ networksļ¼ŒĀ whereĀ switchesĀ areĀ programmableļ¼ŒĀ multipleĀ tablesĀ implementedĀ onĀ aĀ givenĀ hardwareĀ platformĀ mayĀ shareĀ theĀ sameĀ dataĀ storageĀ resource.Ā ForĀ exampleļ¼ŒĀ aĀ commercialĀ switchingĀ chipsetĀ mayĀ includeĀ dataĀ storageĀ resourcesĀ suchĀ asĀ aĀ hashĀ memoryļ¼ŒĀ aĀ TCAMļ¼ŒĀ andĀ counterĀ memoryĀ thatĀ eachĀ storeĀ multipleĀ  tables.Ā ForĀ exampleļ¼ŒĀ theĀ hashĀ memoryĀ mayĀ storeĀ FDBļ¼ŒĀ LFIBļ¼ŒĀ andĀ VirtualĀ LocalĀ AreaĀ NetworkĀ (VLAN)Ā translationĀ tables.Ā TheĀ TCAMĀ mayĀ storeĀ anĀ ACLĀ andĀ routingĀ tablesĀ (e.g.ļ¼ŒĀ ForwardingĀ InformationĀ BaseĀ (FIB)Ā )Ā .Ā TheĀ counterĀ memoryĀ mayĀ storeĀ variousĀ differentĀ counterĀ andĀ statisticĀ tablesĀ suchĀ asĀ tunnelĀ countersļ¼ŒĀ PseudoĀ WireĀ (PW)Ā countersļ¼ŒĀ andĀ QualityĀ ofĀ ServiceĀ (QoS)Ā counters.Ā AllowingĀ tablesĀ toĀ shareĀ aĀ dataĀ storageĀ resourceĀ freesĀ theĀ networkĀ deviceĀ fromĀ havingĀ toĀ performĀ dedicatedĀ resourceĀ planningĀ forĀ specificĀ tablesĀ andĀ providesĀ moreĀ flexibilityĀ inĀ termsĀ ofĀ programmingļ¼ŒĀ scalabilityļ¼ŒĀ andĀ performance.
DueĀ toĀ theĀ decouplingĀ ofĀ theĀ dataĀ planeĀ fromĀ theĀ controlĀ planeĀ inĀ SDNĀ networksļ¼ŒĀ theĀ SDNĀ controllerĀ isĀ notĀ awareĀ ofĀ whichĀ tablesĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ onĀ aĀ givenĀ hardwareĀ platform.Ā AsĀ suchļ¼ŒĀ theĀ SDNĀ controllerĀ isĀ notĀ ableĀ toĀ planĀ andĀ adjustĀ dataĀ storageĀ resourceĀ utilizationĀ amongĀ theĀ tablesĀ inĀ anĀ efficientĀ andĀ deterministicĀ manner.
SUMMARY
AĀ methodĀ isĀ implementedĀ byĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā network.Ā TheĀ switchĀ isĀ communicativelyĀ coupledĀ toĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ managesĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switch.Ā TheĀ methodĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ soĀ thatĀ theĀ controllerĀ canĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switch.Ā TheĀ methodĀ includesĀ determiningĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchĀ andĀ transmittingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerļ¼ŒĀ whereĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resource.
AĀ methodĀ isĀ implementedĀ byĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā network.Ā TheĀ controllerĀ isĀ communicativelyĀ coupledĀ toĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ managesĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switch.Ā TheĀ methodĀ toĀ manageĀ dataĀ storageĀ resourceĀ  utilizationĀ ofĀ theĀ switch.Ā TheĀ methodĀ includesĀ receivingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ fromĀ theĀ switchļ¼ŒĀ whereĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ tablesĀ storedĀ inĀ theĀ switchĀ thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switch.Ā TheĀ methodĀ furtherĀ includesĀ transmittingĀ instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.
AĀ networkĀ deviceĀ isĀ configuredĀ toĀ actĀ asĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā network.Ā TheĀ switchĀ isĀ toĀ beĀ communicativelyĀ coupledĀ toĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ isĀ toĀ manageĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switch.Ā TheĀ networkĀ deviceĀ isĀ configuredĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ soĀ thatĀ theĀ controllerĀ canĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switch.Ā TheĀ networkĀ deviceĀ includesĀ aĀ non-transitoryĀ machine-readableĀ storageĀ mediumĀ havingĀ storedĀ thereinĀ aĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ andĀ aĀ processorĀ communicativelyĀ coupledĀ toĀ theĀ non-transitoryĀ machine-readableĀ storageĀ medium.Ā TheĀ processorĀ isĀ configuredĀ toĀ executeĀ theĀ dataĀ storageĀ resourceĀ sharingĀ component.Ā TheĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ isĀ configuredĀ toĀ determineĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchĀ andĀ transmitĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerļ¼ŒĀ whereĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resource.
AĀ networkĀ deviceĀ isĀ configuredĀ toĀ actĀ asĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā network.Ā TheĀ controllerĀ isĀ toĀ beĀ communicativelyĀ coupledĀ toĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ isĀ toĀ manageĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switch.Ā TheĀ networkĀ deviceĀ isĀ configuredĀ toĀ manageĀ dataĀ storageĀ  resourceĀ utilizationĀ ofĀ theĀ switch.Ā TheĀ networkĀ deviceĀ includesĀ aĀ non-transitoryĀ machine-readableĀ storageĀ mediumĀ havingĀ storedĀ thereinĀ aĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ andĀ aĀ processorĀ communicativelyĀ coupledĀ toĀ theĀ non-transitoryĀ machine-readableĀ storageĀ medium.Ā TheĀ processorĀ isĀ configuredĀ toĀ executeĀ theĀ dataĀ storageĀ resourceĀ sharingĀ component.Ā TheĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ isĀ configuredĀ toĀ receiveĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ fromĀ theĀ switchļ¼ŒĀ whereĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ tablesĀ storedĀ inĀ theĀ switchĀ thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switch.Ā TheĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ isĀ furtherĀ configuredĀ toĀ transmitĀ instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.
AĀ non-transitoryĀ machine-readableĀ mediumĀ hasĀ computerĀ codeĀ storedĀ thereinĀ thatĀ isĀ toĀ beĀ executedĀ byĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorsĀ ofĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā network.Ā TheĀ computerĀ codeļ¼ŒĀ whenĀ executedĀ byĀ theĀ networkĀ deviceļ¼ŒĀ causesĀ theĀ networkĀ deviceĀ toĀ performĀ operationsĀ forĀ providingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkĀ soĀ thatĀ theĀ controllerĀ canĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switch.Ā TheĀ operationsĀ includeĀ determiningĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchĀ andĀ transmittingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerļ¼ŒĀ whereĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resource.
AĀ non-transitoryĀ machine-readableĀ mediumĀ hasĀ computerĀ codeĀ storedĀ thereinĀ thatĀ isĀ toĀ beĀ executedĀ byĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorsĀ ofĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā network.Ā TheĀ computerĀ codeļ¼ŒĀ whenĀ executedĀ byĀ  theĀ networkĀ deviceļ¼ŒĀ causesĀ theĀ networkĀ deviceĀ toĀ performĀ operationsĀ forĀ managingĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ theĀ SDNĀ network.Ā TheĀ operationsĀ includeĀ receivingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ fromĀ theĀ switchļ¼ŒĀ whereĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ tablesĀ storedĀ inĀ theĀ switchĀ thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switch.Ā TheĀ operationsĀ furtherĀ includeĀ transmittingĀ instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table..
BRIEFĀ DESCRIPTIONĀ OFĀ THEĀ DRAWINGS
TheĀ inventionĀ mayĀ bestĀ beĀ understoodĀ byĀ referringĀ toĀ theĀ followingĀ descriptionĀ andĀ accompanyingĀ drawingsĀ thatĀ areĀ usedĀ toĀ illustrateĀ embodimentsĀ ofĀ theĀ invention.Ā InĀ theĀ drawingsļ¼š
Fig.Ā 1Ā isĀ aĀ blockĀ diagramĀ ofĀ aĀ SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā networkĀ inĀ whichĀ embodimentsĀ ofĀ theĀ presentĀ disclosureĀ canĀ beĀ implemented.
Fig.Ā 2Ā isĀ aĀ blockĀ diagramĀ illustratingĀ tablesĀ sharingĀ dataĀ storageĀ resourcesĀ ofĀ aĀ switchļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 3Ā isĀ aĀ flowĀ diagramĀ ofĀ aĀ processĀ performedĀ byĀ aĀ switchĀ forĀ providingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ aĀ controllerĀ andĀ adjustingĀ dataĀ storageĀ resourceĀ utilizationĀ accordingĀ toĀ instructionsĀ receivedĀ fromĀ theĀ controllerļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 4Ā isĀ aĀ flowĀ diagramĀ ofĀ aĀ processĀ performedĀ byĀ aĀ controllerĀ forĀ managingĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ aĀ switchļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 5AĀ illustratesĀ connectivityĀ betweenĀ networkĀ devicesĀ (NDs)Ā withinĀ anĀ exemplaryĀ networkļ¼ŒĀ asĀ wellĀ asĀ threeĀ exemplaryĀ implementationsĀ ofĀ theĀ NDsļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 5BĀ illustratesĀ anĀ exemplaryĀ wayĀ toĀ implementĀ aĀ special-purposeĀ networkĀ deviceĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 5CĀ illustratesĀ variousĀ exemplaryĀ waysĀ inĀ whichĀ virtualĀ networkĀ elementsĀ (VNEs)Ā mayĀ beĀ coupledĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 5DĀ illustratesĀ aĀ networkĀ withĀ aĀ singleĀ networkĀ elementĀ (NE)Ā onĀ eachĀ ofĀ theĀ NDsļ¼ŒĀ andĀ withinĀ thisĀ straightĀ forwardĀ approachĀ contrastsĀ aĀ traditionalĀ distributedĀ approachĀ (commonlyĀ usedĀ byĀ traditionalĀ routers)Ā withĀ aĀ centralizedĀ approachĀ forĀ maintainingĀ reachabilityĀ andĀ forwardingĀ informationĀ (alsoĀ calledĀ networkĀ control)Ā ļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 5EĀ illustratesĀ theĀ simpleĀ caseĀ ofĀ whereĀ eachĀ ofĀ theĀ NDsĀ implementsĀ aĀ singleĀ NEļ¼ŒĀ butĀ aĀ centralizedĀ controlĀ planeĀ hasĀ abstractedĀ multipleĀ ofĀ theĀ NEsĀ inĀ differentĀ NDsĀ intoĀ (toĀ represent)Ā aĀ singleĀ NEĀ inĀ oneĀ ofĀ theĀ virtualĀ networkĀ (s)Ā ļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 5FĀ illustratesĀ aĀ caseĀ whereĀ multipleĀ VNEsĀ areĀ implementedĀ onĀ differentĀ NDsĀ andĀ areĀ coupledĀ toĀ eachĀ otherļ¼ŒĀ andĀ whereĀ aĀ centralizedĀ controlĀ planeĀ hasĀ abstractedĀ theseĀ multipleĀ VNEsĀ suchĀ thatĀ theyĀ appearĀ asĀ aĀ singleĀ VNEĀ withinĀ oneĀ ofĀ theĀ virtualĀ networksļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
Fig.Ā 6Ā illustratesĀ aĀ generalĀ purposeĀ controlĀ planeĀ deviceĀ withĀ centralizedĀ controlĀ planeĀ (CCP)Ā softwareļ¼ŒĀ accordingĀ toĀ someĀ embodiments.
DESCRIPTIONĀ OFĀ EMBODIMENTS
TheĀ followingĀ descriptionĀ describesĀ methodsĀ andĀ apparatusĀ forĀ providingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ ofĀ aĀ switchĀ toĀ aĀ controllerĀ inĀ aĀ SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā network.Ā TheĀ controllerĀ mayĀ useĀ thisĀ informationĀ toĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switch.Ā InĀ theĀ followingĀ descriptionļ¼ŒĀ numerousĀ specificĀ detailsĀ suchĀ asĀ logicĀ implementationsļ¼ŒĀ opcodesļ¼ŒĀ meansĀ toĀ specifyĀ operandsļ¼ŒĀ resourceĀ partitioning/sharing/duplicationĀ implementationsļ¼ŒĀ typesĀ andĀ interrelationshipsĀ ofĀ systemĀ componentsļ¼ŒĀ andĀ logicĀ partitioning/integrationĀ choicesĀ areĀ setĀ forthĀ inĀ orderĀ toĀ provideĀ aĀ moreĀ thoroughĀ understandingĀ ofĀ  theĀ presentĀ invention.Ā ItĀ willĀ beĀ appreciatedļ¼ŒĀ howeverļ¼ŒĀ byĀ oneĀ skilledĀ inĀ theĀ artĀ thatĀ theĀ inventionĀ mayĀ beĀ practicedĀ withoutĀ suchĀ specificĀ details.Ā InĀ otherĀ instancesļ¼ŒĀ controlĀ structuresļ¼ŒĀ gateĀ levelĀ circuitsĀ andĀ fullĀ softwareĀ instructionĀ sequencesĀ haveĀ notĀ beenĀ shownĀ inĀ detailĀ inĀ orderĀ notĀ toĀ obscureĀ theĀ invention.Ā ThoseĀ ofĀ ordinaryĀ skillĀ inĀ theĀ artļ¼ŒĀ withĀ theĀ includedĀ descriptionsļ¼ŒĀ willĀ beĀ ableĀ toĀ implementĀ appropriateĀ functionalityĀ withoutĀ undueĀ experimentation.
ReferencesĀ inĀ theĀ specificationĀ toĀ ā€œoneĀ embodimentļ¼ŒĀ ā€Ā ā€œanĀ embodimentļ¼ŒĀ ā€Ā ā€œanĀ exampleĀ embodimentļ¼ŒĀ ā€Ā etc.ļ¼ŒĀ indicateĀ thatĀ theĀ embodimentĀ describedĀ mayĀ includeĀ aĀ particularĀ featureļ¼ŒĀ structureļ¼ŒĀ orĀ characteristicļ¼ŒĀ butĀ everyĀ embodimentĀ mayĀ notĀ necessarilyĀ includeĀ theĀ particularĀ featureļ¼ŒĀ structureļ¼ŒĀ orĀ characteristic.Ā Moreoverļ¼ŒĀ suchĀ phrasesĀ areĀ notĀ necessarilyĀ referringĀ toĀ theĀ sameĀ embodiment.Ā Furtherļ¼ŒĀ whenĀ aĀ particularĀ featureļ¼ŒĀ structureļ¼ŒĀ orĀ characteristicĀ isĀ describedĀ inĀ connectionĀ withĀ anĀ embodimentļ¼ŒĀ itĀ isĀ submittedĀ thatĀ itĀ isĀ withinĀ theĀ knowledgeĀ ofĀ oneĀ skilledĀ inĀ theĀ artĀ toĀ affectĀ suchĀ featureļ¼ŒĀ structureļ¼ŒĀ orĀ characteristicĀ inĀ connectionĀ withĀ otherĀ embodimentsĀ whetherĀ orĀ notĀ explicitlyĀ described.
BracketedĀ textĀ andĀ blocksĀ withĀ dashedĀ bordersĀ (e.g.ļ¼ŒĀ largeĀ dashesļ¼ŒĀ smallĀ dashesļ¼ŒĀ dot-dashļ¼ŒĀ andĀ dots)Ā mayĀ beĀ usedĀ hereinĀ toĀ illustrateĀ optionalĀ operationsĀ thatĀ addĀ additionalĀ featuresĀ toĀ embodimentsĀ ofĀ theĀ invention.Ā Howeverļ¼ŒĀ suchĀ notationĀ shouldĀ notĀ beĀ takenĀ toĀ meanĀ thatĀ theseĀ areĀ theĀ onlyĀ optionsĀ orĀ optionalĀ operationsļ¼ŒĀ and/orĀ thatĀ blocksĀ withĀ solidĀ bordersĀ areĀ notĀ optionalĀ inĀ certainĀ embodimentsĀ ofĀ theĀ invention.
InĀ theĀ followingĀ descriptionĀ andĀ claimsļ¼ŒĀ theĀ termsĀ ā€œcoupledā€Ā andĀ ā€œconnectedļ¼ŒĀ ā€Ā alongĀ withĀ theirĀ derivativesļ¼ŒĀ mayĀ beĀ used.Ā ItĀ shouldĀ beĀ understoodĀ thatĀ theseĀ termsĀ areĀ notĀ intendedĀ asĀ synonymsĀ forĀ eachĀ other.Ā ā€œCoupledā€Ā isĀ usedĀ toĀ indicateĀ thatĀ twoĀ orĀ moreĀ elementsļ¼ŒĀ whichĀ mayĀ orĀ mayĀ notĀ beĀ inĀ directĀ physicalĀ orĀ electricalĀ contactĀ withĀ eachĀ otherļ¼ŒĀ co-operateĀ orĀ interactĀ withĀ eachĀ other.Ā ā€œConnectedā€Ā isĀ usedĀ toĀ indicateĀ theĀ establishmentĀ ofĀ communicationĀ betweenĀ twoĀ orĀ moreĀ elementsĀ thatĀ areĀ coupledĀ withĀ eachĀ other.
AnĀ electronicĀ deviceĀ storesĀ andĀ transmitsĀ (internallyĀ and/orĀ withĀ otherĀ electronicĀ devicesĀ overĀ aĀ network)Ā codeĀ (whichĀ isĀ composedĀ ofĀ softwareĀ instructionsĀ andĀ whichĀ isĀ sometimesĀ referredĀ toĀ asĀ computerĀ programĀ codeĀ orĀ aĀ computerĀ program)Ā and/orĀ dataĀ usingĀ machine-readableĀ mediaĀ (alsoĀ calledĀ computer-readableĀ media)Ā ļ¼ŒĀ suchĀ asĀ machine-readableĀ storageĀ mediaĀ (e.g.ļ¼ŒĀ magneticĀ disksļ¼ŒĀ opticalĀ disksļ¼ŒĀ readĀ onlyĀ memoryĀ (ROM)Ā ļ¼ŒĀ flashĀ memoryĀ devicesļ¼ŒĀ phaseĀ changeĀ memory)Ā andĀ machine-readableĀ transmissionĀ mediaĀ (alsoĀ calledĀ aĀ carrier)Ā (e.g.ļ¼ŒĀ electricalļ¼ŒĀ opticalļ¼ŒĀ radioļ¼ŒĀ acousticalĀ orĀ otherĀ formĀ ofĀ propagatedĀ signals-suchĀ asĀ carrierĀ wavesļ¼ŒĀ infraredĀ signals)Ā .Ā Thusļ¼ŒĀ anĀ electronicĀ deviceĀ (e.g.ļ¼ŒĀ aĀ computer)Ā includesĀ hardwareĀ andĀ softwareļ¼ŒĀ suchĀ asĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorsĀ coupledĀ toĀ oneĀ orĀ moreĀ machine-readableĀ storageĀ mediaĀ toĀ storeĀ codeĀ forĀ executionĀ onĀ theĀ setĀ ofĀ processorsĀ and/orĀ toĀ storeĀ data.Ā ForĀ instanceļ¼ŒĀ anĀ electronicĀ deviceĀ mayĀ includeĀ non-volatileĀ memoryĀ containingĀ theĀ codeĀ sinceĀ theĀ non-volatileĀ memoryĀ canĀ persistĀ code/dataĀ evenĀ whenĀ theĀ electronicĀ deviceĀ isĀ turnedĀ offĀ (whenĀ powerĀ isĀ removed)Ā ļ¼ŒĀ andĀ whileĀ theĀ electronicĀ deviceĀ isĀ turnedĀ onĀ thatĀ partĀ ofĀ theĀ codeĀ thatĀ isĀ toĀ beĀ executedĀ byĀ theĀ processorĀ (s)Ā ofĀ thatĀ electronicĀ deviceĀ isĀ typicallyĀ copiedĀ fromĀ theĀ slowerĀ non-volatileĀ memoryĀ intoĀ volatileĀ memoryĀ (e.g.ļ¼ŒĀ dynamicĀ randomĀ accessĀ memoryĀ (DRAM)Ā ļ¼ŒĀ staticĀ randomĀ accessĀ memoryĀ (SRAM)Ā )Ā ofĀ thatĀ electronicĀ device.Ā TypicalĀ electronicĀ devicesĀ alsoĀ includeĀ aĀ setĀ orĀ oneĀ orĀ moreĀ physicalĀ networkĀ interfaceĀ (s)Ā toĀ establishĀ networkĀ connectionsĀ (toĀ transmitĀ and/orĀ receiveĀ codeĀ and/orĀ dataĀ usingĀ propagatingĀ signals)Ā withĀ otherĀ electronicĀ devices.Ā OneĀ orĀ moreĀ partsĀ ofĀ anĀ embodimentĀ ofĀ theĀ inventionĀ mayĀ beĀ implementedĀ usingĀ differentĀ combinationsĀ ofĀ softwareļ¼ŒĀ firmwareļ¼ŒĀ and/orĀ hardware.
AĀ networkĀ deviceĀ (ND)Ā isĀ anĀ electronicĀ deviceĀ thatĀ communicativelyĀ interconnectsĀ otherĀ electronicĀ devicesĀ onĀ theĀ networkĀ (e.g.ļ¼ŒĀ otherĀ networkĀ devicesļ¼ŒĀ end-userĀ devices)Ā .Ā SomeĀ networkĀ devicesĀ areĀ ā€œmultipleĀ servicesĀ networkĀ devicesā€Ā thatĀ provideĀ supportĀ forĀ multipleĀ networkingĀ functionsĀ (e.g.ļ¼ŒĀ routingļ¼ŒĀ bridgingļ¼ŒĀ switchingļ¼ŒĀ LayerĀ 2Ā aggregationļ¼ŒĀ sessionĀ borderĀ  controlļ¼ŒĀ QualityĀ ofĀ Serviceļ¼ŒĀ and/orĀ subscriberĀ management)Ā ļ¼ŒĀ and/orĀ provideĀ supportĀ forĀ multipleĀ applicationĀ servicesĀ (e.g.ļ¼ŒĀ dataļ¼ŒĀ voiceļ¼ŒĀ andĀ video)Ā .
SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā isĀ anĀ approachĀ toĀ computerĀ networkingĀ thatĀ employsĀ aĀ splitĀ architectureĀ networkĀ inĀ whichĀ theĀ forwardingĀ (data)Ā planeĀ isĀ decoupledĀ fromĀ theĀ controlĀ plane.Ā SDNĀ networksĀ shiftĀ theĀ intelligenceĀ ofĀ theĀ networkĀ intoĀ oneĀ orĀ moreĀ controllersĀ inĀ theĀ controlĀ planeĀ thatĀ overseeĀ theĀ switchesĀ inĀ theĀ dataĀ plane.Ā DueĀ toĀ theĀ decouplingĀ ofĀ theĀ dataĀ planeĀ fromĀ theĀ controlĀ planeĀ inĀ SDNĀ networksļ¼ŒĀ theĀ controllerĀ isĀ notĀ awareĀ ofĀ whichĀ tablesĀ storedĀ inĀ aĀ switchĀ shareĀ theĀ sameĀ dataĀ storageĀ resource.Ā AsĀ suchļ¼ŒĀ theĀ controllerĀ isĀ notĀ ableĀ toĀ planĀ andĀ adjustĀ dataĀ storageĀ resourceĀ utilizationĀ amongĀ theĀ tablesĀ inĀ anĀ intelligentĀ manner.Ā ForĀ exampleļ¼ŒĀ considerĀ aĀ switchĀ withĀ aĀ dataĀ storageĀ resourceĀ thatĀ storesĀ aĀ ForwardingĀ DatabaseĀ (FDB)Ā ļ¼ŒĀ aĀ LabelĀ ForwardingĀ InformationĀ BaseĀ (LFIB)Ā ļ¼ŒĀ andĀ aĀ VirtualĀ LocalĀ AreaĀ NetworkĀ (VLAN)Ā translationĀ tableĀ (VT)Ā .Ā IfĀ theĀ controllerĀ queriesĀ forĀ theĀ maximumĀ capacityĀ ofĀ theĀ dataĀ storageĀ resourceĀ forĀ FDBļ¼ŒĀ theĀ wholeĀ capacityĀ ofĀ theĀ dataĀ storageĀ resourceĀ isĀ returned.Ā TheĀ sameĀ valueĀ isĀ returnedĀ forĀ LFIBĀ andĀ VTĀ capacityĀ queries.Ā Thusļ¼ŒĀ theĀ controllerĀ mayĀ attemptĀ toĀ allocateĀ theĀ maximumĀ capacityĀ ofĀ theĀ dataĀ storageĀ resourceĀ toĀ FDBļ¼ŒĀ LFIBļ¼ŒĀ andĀ VTĀ atĀ theĀ sameĀ timeļ¼ŒĀ whichĀ willĀ resultĀ inĀ aĀ failureĀ dueĀ toĀ insufficientĀ amountĀ ofĀ storageĀ spaceĀ beingĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ thisĀ allocationĀ request.Ā IfĀ onlyĀ aĀ partĀ ofĀ theĀ wholeĀ capacityĀ ofĀ theĀ dataĀ storageĀ resourceĀ isĀ returnedĀ forĀ eachĀ tableĀ toĀ avoidĀ theĀ problemĀ ofĀ havingĀ insufficientĀ dataĀ storageĀ resourceļ¼ŒĀ thenĀ theĀ allocationĀ mayĀ underutilizeĀ theĀ dataĀ storageĀ resource.
SinceĀ theĀ SDNĀ controllerĀ doesĀ notĀ knowĀ whichĀ tablesĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceļ¼ŒĀ theĀ SDNĀ controllerĀ cannotĀ properlyĀ adjustĀ theĀ dataĀ storageĀ resourceĀ utilizationĀ amongĀ tablesĀ inĀ theĀ eventĀ ofĀ resourceĀ insufficiencyĀ (e.g.ļ¼ŒĀ dueĀ toĀ oversubscription)Ā .Ā ThatĀ isļ¼ŒĀ theĀ SDNĀ controllerĀ doesĀ notĀ knowĀ whichĀ tablesĀ toĀ deleteĀ entriesĀ fromĀ inĀ orderĀ toĀ createĀ spaceĀ forĀ theĀ tablesĀ facingĀ resourceĀ insufficiency.Ā DeletingĀ anĀ entryĀ inĀ aĀ tableĀ onlyĀ helpsĀ addressĀ theĀ resourceĀ insufficiencyĀ problemĀ ifĀ theĀ tableĀ fromĀ whichĀ theĀ entryĀ isĀ beingĀ deletedĀ sharesĀ theĀ sameĀ dataĀ storageĀ resourceĀ asĀ  theĀ tableĀ facingĀ theĀ resourceĀ insufficiency.Ā Howeverļ¼ŒĀ theĀ SDNĀ controllerĀ inĀ existingĀ SDNĀ solutionsĀ isĀ notĀ ableĀ determineĀ whichĀ tablesĀ toĀ deleteĀ entriesĀ fromĀ dueĀ toĀ lackĀ ofĀ dataĀ storageĀ resourceĀ sharingĀ information.
EmbodimentsĀ overcomeĀ theĀ disadvantagesĀ ofĀ existingĀ techniquesĀ byĀ enablingĀ aĀ switchĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ (e.g.ļ¼ŒĀ informationĀ regardingĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ theĀ sameĀ dataĀ storageĀ resource)Ā toĀ theĀ controller.Ā TheĀ controllerĀ canĀ utilizeĀ thisĀ informationĀ toĀ planĀ andĀ adjustĀ dataĀ storageĀ resourceĀ utilizationĀ amongĀ tablesĀ storedĀ inĀ theĀ switchĀ inĀ aĀ mannerĀ thatĀ isĀ efficientĀ andĀ deterministic.Ā ForĀ exampleļ¼ŒĀ whenĀ theĀ controllerĀ transmitsĀ instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ tableļ¼ŒĀ theĀ controllerĀ mayĀ alsoĀ provideĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.Ā InĀ thisĀ wayļ¼ŒĀ theĀ controllerĀ hasĀ controlĀ overĀ whichĀ tableĀ theĀ switchĀ shouldĀ deleteĀ entriesĀ fromĀ toĀ createĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resource.Ā VariousĀ otherĀ embodimentsĀ areĀ describedĀ andĀ claimedĀ herein.
Fig.Ā 1Ā isĀ aĀ blockĀ diagramĀ ofĀ aĀ SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā networkĀ inĀ whichĀ embodimentsĀ ofĀ theĀ presentĀ disclosureĀ canĀ beĀ implemented.Ā AsĀ shownļ¼ŒĀ theĀ SDNĀ networkĀ 100Ā includesĀ aĀ controllerĀ 110Ā inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkĀ andĀ aĀ switchĀ 120Ā inĀ theĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkĀ 100.Ā ForĀ simplicityĀ andĀ clarityļ¼ŒĀ theĀ dataĀ planeĀ isĀ shownĀ asĀ havingĀ aĀ singleĀ switchĀ 120.Ā Howeverļ¼ŒĀ theĀ dataĀ planeĀ typicallyĀ includesĀ aĀ pluralityĀ ofĀ switchesĀ andĀ isĀ responsibleĀ forĀ performingĀ variousĀ packetĀ processingĀ functionalitiesĀ suchĀ asĀ routingļ¼ŒĀ filteringļ¼ŒĀ andĀ metering.Ā TheĀ switchĀ 120Ā isĀ aĀ programmableĀ dataĀ planeĀ networkĀ elementĀ thatĀ isĀ capableĀ ofĀ processingĀ packetsĀ inĀ theĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkĀ 100Ā (e.g.ļ¼ŒĀ aĀ networkĀ elementĀ thatĀ providesĀ switchingĀ and/orĀ routingĀ functionality)Ā .Ā TheĀ functionalityĀ ofĀ theĀ switchĀ 120Ā mayĀ beĀ implementedĀ byĀ aĀ specialĀ purposeĀ networkĀ deviceĀ orĀ generalĀ purposeĀ networkĀ deviceĀ (e.g.ļ¼ŒĀ usingĀ NetworkĀ  FunctionĀ VirtualizationĀ (NFV)Ā )Ā .Ā TheĀ controlĀ planeĀ typicallyĀ includesĀ oneĀ orĀ moreĀ controllersĀ (e.g.ļ¼ŒĀ controllerĀ 110)Ā andĀ isĀ responsibleĀ forĀ programming/configuring/controllingĀ switchesĀ (e.g.ļ¼ŒĀ switchĀ 120)Ā inĀ theĀ dataĀ planeĀ toĀ achieveĀ desiredĀ packetĀ processingĀ functionality.Ā ForĀ exampleļ¼ŒĀ theĀ controllerĀ 110Ā mayĀ provideĀ instructionsĀ toĀ theĀ switchĀ 120Ā onĀ howĀ toĀ processĀ and/orĀ forwardĀ specificĀ typesĀ ofĀ packets.Ā TheĀ functionalityĀ ofĀ theĀ controllerĀ 110Ā mayĀ beĀ implementedĀ byĀ aĀ specialĀ purposeĀ networkĀ deviceĀ orĀ generalĀ purposeĀ networkĀ deviceĀ (e.g.ļ¼ŒĀ usingĀ NFV)Ā .
InĀ oneĀ embodimentļ¼ŒĀ theĀ controllerĀ 110Ā andĀ theĀ switchĀ 120Ā communicateĀ usingĀ aĀ communicationĀ protocolĀ suchĀ asĀ OpenFlowĀ (e.g.ļ¼ŒĀ OpenFlowĀ 1.5)Ā ļ¼ŒĀ ForwardingĀ andĀ ControlĀ ElementĀ SeparationĀ (ForCES)Ā ļ¼ŒĀ BorderĀ GatewayĀ ProtocolĀ (BGP)Ā ļ¼ŒĀ NetworkĀ ConfigurationĀ ProtocolĀ (NETCONF)Ā ļ¼ŒĀ andĀ PathĀ ComputationĀ ElementĀ CommunicationĀ ProtocolĀ (PCEP)Ā .Ā TheseĀ communicationĀ protocolsĀ areĀ providedĀ byĀ wayĀ ofĀ exampleĀ andĀ notĀ limitation.Ā ItĀ shouldĀ beĀ understoodĀ thatĀ theĀ controllerĀ 110Ā andĀ theĀ switchĀ 120Ā canĀ communicateĀ usingĀ otherĀ typesĀ ofĀ communicationĀ protocolsĀ withoutĀ departingĀ fromĀ theĀ spiritĀ andĀ scopeĀ ofĀ theĀ presentĀ disclosure.Ā TheĀ communicationĀ interfaceĀ betweenĀ theĀ controllerĀ 110Ā andĀ theĀ switchĀ 120Ā isĀ commonlyĀ referredĀ toĀ asĀ aĀ southboundĀ interface.
AsĀ shownļ¼ŒĀ theĀ switchĀ 120Ā includesĀ dataĀ storageĀ resourcesĀ 130A-C.Ā AĀ dataĀ storageĀ resourceĀ 130ļ¼ŒĀ asĀ usedĀ hereinļ¼ŒĀ refersĀ toĀ aĀ physicalĀ orĀ logicalĀ repositoryĀ thatĀ canĀ storeĀ data.Ā ExamplesĀ ofĀ dataĀ storageĀ resourcesĀ includeļ¼ŒĀ butĀ areĀ notĀ limitedĀ toļ¼ŒĀ TernaryĀ ContentĀ AddressableĀ MemoryĀ (TCAM)Ā ļ¼ŒĀ hashĀ memoryļ¼ŒĀ andĀ counterĀ memory.Ā AĀ dataĀ storageĀ resourceĀ 130Ā canĀ storeĀ tableĀ entriesĀ forĀ oneĀ orĀ moreĀ tables.Ā AĀ tableļ¼ŒĀ asĀ usedĀ hereinļ¼ŒĀ refersĀ toĀ aĀ conceptualĀ databaseĀ inĀ theĀ dataĀ planeĀ thatĀ isĀ utilizedĀ inĀ makingĀ packetĀ processingĀ decisions.Ā ExamplesĀ ofĀ tablesĀ includeļ¼ŒĀ butĀ areĀ notĀ limitedĀ toļ¼ŒĀ routingĀ tablesļ¼ŒĀ anĀ AccessĀ ControlĀ ListĀ (ACL)Ā ļ¼ŒĀ andĀ counterĀ tables.Ā AlthoughĀ theĀ switchĀ 120Ā isĀ shownĀ asĀ havingĀ 3Ā dataĀ storageĀ resourcesĀ (i.e.ļ¼ŒĀ dataĀ storageĀ resourceĀ 130A-C)Ā ļ¼ŒĀ itĀ shouldĀ beĀ understoodĀ thatĀ theĀ switchĀ 120Ā canĀ haveĀ anyĀ numberĀ ofĀ dataĀ storageĀ resourcesĀ 130.
Fig.Ā 2Ā isĀ aĀ blockĀ diagramĀ illustratingĀ tablesĀ sharingĀ dataĀ storageĀ resourcesĀ ofĀ aĀ switchļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā AsĀ shownļ¼ŒĀ theĀ switchĀ 120Ā includesĀ aĀ hashĀ memoryĀ dataĀ storageĀ resourceĀ 230Aļ¼ŒĀ aĀ TCAMĀ dataĀ storageĀ resourceĀ 230Bļ¼ŒĀ andĀ aĀ counterĀ memoryĀ dataĀ storageĀ resourceĀ 230C.Ā AsĀ shownļ¼ŒĀ FDBļ¼ŒĀ LFIBļ¼ŒĀ andĀ VTĀ shareĀ theĀ hashĀ memoryĀ 230A.Ā InternetĀ ProtocolĀ versionĀ 4Ā (IPv4)Ā ForwardingĀ InformationĀ BaseĀ (FIB)Ā ļ¼ŒĀ InternetĀ ProtocolĀ versionĀ 6Ā (IPv6)Ā FIBļ¼ŒĀ LayerĀ 2Ā (L2)Ā ACLļ¼ŒĀ andĀ LayerĀ 3Ā (L3)Ā ACLĀ shareĀ theĀ TCAMĀ 230B.Ā TheĀ TCAMĀ 230BĀ isĀ partitionedĀ intoĀ fourĀ banksĀ (bankĀ 1ļ¼ŒĀ bankĀ 2ļ¼ŒĀ bankĀ 3ļ¼ŒĀ andĀ bankĀ 4)Ā ļ¼ŒĀ withĀ IPv4Ā FIBĀ andĀ L2Ā ACLĀ occupyingĀ bankĀ 1ļ¼ŒĀ L3Ā ACLĀ occupyingĀ bankĀ 2ļ¼ŒĀ andĀ IPv6Ā FIBĀ occupyingĀ bothĀ bank3Ā andĀ bankĀ 4.Ā TunnelĀ countersļ¼ŒĀ PseudoĀ WireĀ (PW)Ā countersļ¼ŒĀ andĀ QualityĀ ofĀ ServiceĀ (QoS)Ā countersĀ shareĀ theĀ counterĀ memoryĀ 230C.Ā TheĀ counterĀ memoryĀ 230CĀ isĀ partitionedĀ intoĀ twoĀ banksĀ (bankĀ 1Ā andĀ bankĀ 2)Ā ļ¼ŒĀ withĀ theĀ tunnelĀ countersĀ andĀ PWĀ countersĀ occupyingĀ bankĀ 1Ā andĀ theĀ QoSĀ countersĀ occupyingĀ bankĀ 2.
InĀ typicalĀ SDNĀ networksļ¼ŒĀ theĀ controllerĀ 110Ā isĀ notĀ awareĀ ofĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ suchĀ asĀ whichĀ tablesĀ areĀ storedĀ inĀ whichĀ dataĀ storageĀ resourceĀ 130Ā andĀ whichĀ tablesĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130.Ā EmbodimentsĀ disclosedĀ hereinĀ enableĀ aĀ switchĀ 120Ā toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ 110Ā soĀ thatĀ theĀ controllerĀ 110Ā canĀ utilizeĀ theĀ informationĀ toĀ planĀ andĀ adjustĀ dataĀ storageĀ resourceĀ utilizationĀ amongĀ tablesĀ storedĀ inĀ theĀ switchĀ 120.
InĀ oneĀ embodimentļ¼ŒĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ canĀ beĀ expressedĀ asĀ follows.
ResourceĀ Sharingļ¼šĀ (tableĀ Xļ¼ŒĀ tableĀ Yļ¼ŒĀ tableĀ Z)Ā 
ThisĀ indicatesĀ thatĀ tableĀ Xļ¼ŒĀ tableĀ Yļ¼ŒĀ andĀ tableĀ ZĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā (e.g.ļ¼ŒĀ sameĀ hashĀ memoryĀ 230Aļ¼ŒĀ TCAMĀ 230Bļ¼ŒĀ orĀ counterĀ memoryĀ 230C)Ā .Ā TheĀ controllerĀ 110Ā mayĀ interpretĀ thisĀ asĀ tableĀ Xļ¼ŒĀ tableĀ Yļ¼ŒĀ andĀ tableĀ ZĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā andĀ deletingĀ oneĀ entryĀ fromĀ tableĀ XĀ canĀ createĀ spaceĀ toĀ accommodateĀ oneĀ additionalĀ entryĀ forĀ tableĀ YĀ orĀ tableĀ Z.
SomeĀ dataĀ storageĀ resourcesĀ 130Ā areĀ partitionedĀ intoĀ multipleĀ banks.Ā ForĀ exampleļ¼ŒĀ theĀ TCAMĀ 230BĀ andĀ theĀ counterĀ memoryĀ 230CĀ shownĀ inĀ Fig.Ā 2Ā areĀ partitionedĀ intoĀ 4Ā banksĀ andĀ 2Ā banksļ¼ŒĀ respectively.Ā Intra-bankĀ dataĀ storageĀ resourceĀ sharingĀ mayĀ beĀ differentĀ fromĀ inter-bankĀ dataĀ storageĀ resourceĀ sharingĀ inĀ termsĀ ofĀ theĀ granularityĀ ofĀ theĀ amountĀ ofĀ storageĀ spaceĀ thatĀ canĀ beĀ interchanged.Ā ForĀ exampleļ¼ŒĀ forĀ intra-bankĀ dataĀ storageĀ resourceĀ sharingļ¼ŒĀ deletingĀ oneĀ entryĀ fromĀ aĀ firstĀ tableĀ storedĀ inĀ aĀ givenĀ bankĀ ofĀ aĀ dataĀ storageĀ resourceĀ 130Ā mayĀ createĀ spaceĀ toĀ accommodateĀ oneĀ additionalĀ entryĀ forĀ aĀ secondĀ tableĀ storedĀ inĀ theĀ sameĀ bankĀ ofĀ theĀ dataĀ storageĀ resourceĀ 130.Ā Howeverļ¼ŒĀ thisĀ mayĀ notĀ beĀ theĀ caseĀ forĀ inter-bankĀ dataĀ storageĀ resourceĀ sharing.Ā ForĀ inter-bankĀ dataĀ storageļ¼ŒĀ itĀ mayĀ beĀ theĀ caseĀ thatĀ aĀ minimumĀ numberĀ ofĀ entriesĀ (e.g.ļ¼ŒĀ moreĀ thanĀ oneĀ entry)Ā needĀ toĀ beĀ deletedĀ fromĀ aĀ firstĀ tableĀ storedĀ inĀ aĀ firstĀ bankĀ ofĀ aĀ dataĀ storageĀ resourceĀ 130Ā inĀ orderĀ toĀ createĀ spaceĀ toĀ accommodateĀ additionalĀ entriesĀ inĀ aĀ secondĀ tableĀ storedĀ inĀ aĀ differentĀ bankĀ ofĀ theĀ dataĀ storageĀ resourceĀ 130.Ā AsĀ suchļ¼ŒĀ informationĀ regardingĀ theĀ granularityĀ ofĀ theĀ amountĀ ofĀ storageĀ spaceĀ thatĀ canĀ beĀ interchangedĀ betweenĀ tablesĀ mayĀ beĀ usefulĀ forĀ theĀ controllerĀ 110.Ā ThisĀ informationĀ mayĀ allowĀ theĀ controllerĀ 110Ā toĀ properlyĀ adjustĀ dataĀ storageĀ resourceĀ utilizationĀ amongĀ theĀ tables.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ canĀ beĀ expressedĀ asĀ follows.
ResourceĀ Sharingļ¼šĀ (tableĀ Xļ¼ŒĀ number_XY)Ā <->Ā (tableĀ Yļ¼ŒĀ number_YX)
ResourceĀ Sharingļ¼šĀ (tableĀ Xļ¼ŒĀ number_XZ)Ā <->Ā (tableĀ Zļ¼ŒĀ number_ZX)
ResourceĀ Sharingļ¼šĀ (tableĀ Yļ¼ŒĀ number_YZ)Ā <->Ā (tableĀ Zļ¼ŒĀ number_ZY)
EachĀ lineĀ aboveĀ indicatesĀ aĀ granularityĀ ofĀ storageĀ spaceĀ amountĀ thatĀ canĀ beĀ deletedĀ fromĀ oneĀ tableĀ toĀ createĀ spaceĀ forĀ anotherĀ table.Ā ForĀ exampleļ¼ŒĀ theĀ firstĀ lineĀ indicatesĀ thatĀ deletingĀ number_YXĀ entriesĀ fromĀ tableĀ YĀ canĀ createĀ spaceĀ toĀ accommodateĀ number_XYĀ additionalĀ entriesĀ inĀ tableĀ Xļ¼ŒĀ andĀ viceĀ versa.Ā TheĀ secondĀ lineĀ indicatesĀ thatĀ deletingĀ number_ZXĀ entriesĀ fromĀ tableĀ ZĀ canĀ createĀ spaceĀ toĀ accommodateĀ number_XZĀ additionalĀ entriesĀ inĀ tableĀ Xļ¼ŒĀ andĀ viceĀ versa.Ā TheĀ thirdĀ lineĀ indicatesĀ thatĀ deletingĀ number_ZYĀ entriesĀ fromĀ tableĀ ZĀ canĀ createĀ spaceĀ toĀ accommodateĀ number_YZĀ additionalĀ entriesĀ inĀ tableĀ Yļ¼ŒĀ andĀ viceĀ versa.Ā TheĀ dataĀ storageĀ  resourceĀ sharingĀ informationĀ notĀ onlyĀ indicatesĀ theĀ tablesĀ thatĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceļ¼ŒĀ butĀ alsoĀ indicatesĀ theĀ granularitiesĀ ofĀ storageĀ spaceĀ amountĀ thatĀ canĀ beĀ interchangedĀ betweenĀ theĀ tables.
ForĀ exampleļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ forĀ theĀ TCAMĀ 230BĀ shownĀ inĀ Fig.Ā 2Ā withĀ bankĀ sizeĀ ofĀ 1024Ā entriesĀ canĀ beĀ expressedĀ asĀ followsļ¼š
(IPv4Ā FIBļ¼ŒĀ 1Ā )Ā <->Ā (L2Ā ACLļ¼ŒĀ 1)
(IPv4Ā FIBļ¼ŒĀ 1024)Ā <->Ā (L3Ā ACLļ¼ŒĀ 1024)
(IPv4Ā FIBļ¼ŒĀ 2048)Ā <->Ā (IPv6Ā FIBļ¼ŒĀ 1024)
(L2Ā ACLļ¼ŒĀ 1024)Ā >->Ā (L3Ā ACLļ¼ŒĀ 1024)
...
TheĀ aboveĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ canĀ alsoĀ beĀ expressedĀ asĀ theĀ followingĀ matrixļ¼š
Ā  IPv4Ā FIB L2Ā ACL L3Ā ACL IPv6Ā FIB
(RowĀ 1)Ā IPv4Ā FIB - (1ļ¼ŒĀ 1) (1024ļ¼ŒĀ 1024) (2048ļ¼ŒĀ 1024)
(RowĀ 2)Ā L2Ā ACL (1ļ¼ŒĀ 1) - (1024ļ¼ŒĀ 1024) (2048ļ¼ŒĀ 1024)
(RowĀ 3)Ā L3Ā ACL (1024ļ¼ŒĀ 1024) (1024ļ¼ŒĀ 1024) - (2048ļ¼ŒĀ 1024)
(RowĀ 4)Ā IPv6Ā FIB (1024ļ¼ŒĀ 2048) (1024ļ¼ŒĀ 2048) (1024ļ¼ŒĀ 2048) -
TableĀ I
TheĀ matrixĀ canĀ beĀ interpretedĀ asĀ followsļ¼šĀ IPv4Ā FIBļ¼ŒĀ IPv6Ā FIBļ¼ŒĀ L2Ā ACLļ¼ŒĀ andĀ L3Ā ACLĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā (e.g.ļ¼ŒĀ theĀ TCAMĀ 230B)Ā .Ā AccordingĀ toĀ rowĀ 1Ā ofĀ theĀ matrixļ¼ŒĀ inĀ theĀ eventĀ thatĀ thereĀ isĀ insufficientĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ IPv4Ā FIBļ¼ŒĀ theĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ L2Ā ACLĀ isĀ 1ļ¼ŒĀ whichĀ createsĀ spaceĀ toĀ accommodateĀ 1Ā additionalĀ entryĀ forĀ IPv4Ā FIB.Ā TheĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ L3Ā ACLĀ isĀ 1024Ā entriesļ¼ŒĀ whichĀ createsĀ spaceĀ toĀ accommodateĀ 1024Ā entriesĀ forĀ IPv4Ā FIB.Ā TheĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ IPv6Ā FIBĀ isĀ 1024Ā entriesļ¼ŒĀ whichĀ createsĀ spaceĀ toĀ accommodateĀ 2048Ā entriesĀ forĀ IPv4Ā FIB.Ā TheĀ entriesĀ inĀ  Rows Ā 2ļ¼ŒĀ 3ļ¼ŒĀ andĀ 4Ā canĀ beĀ interpretedĀ inĀ aĀ similarĀ manner.
InĀ oneĀ embodimentļ¼ŒĀ theĀ switchĀ 120Ā canĀ dynamicallyĀ adjustĀ theĀ granularityĀ numbersļ¼ŒĀ dependingĀ onĀ theĀ dataĀ storageĀ resourceĀ fragmentĀ  status.Ā ForĀ exampleļ¼ŒĀ ifĀ theĀ TCAMĀ 230BĀ hasĀ unusedĀ spaceĀ scatteredĀ thereinļ¼ŒĀ thenĀ thisĀ spaceĀ canĀ beĀ usedĀ toĀ accommodateĀ spaceĀ forĀ aĀ tableļ¼ŒĀ andĀ thusĀ theĀ minimumĀ numberĀ ofĀ entriesĀ toĀ deleteĀ fromĀ otherĀ tablesĀ mayĀ beĀ reduced.
AsĀ aĀ furtherĀ exampleļ¼ŒĀ considerĀ theĀ counterĀ memoryĀ 230CĀ shownĀ inĀ Fig.Ā 2.Ā TheĀ counterĀ memoryĀ 230CĀ isĀ similarĀ toĀ theĀ TCAMĀ 230BĀ inĀ thatĀ itĀ isĀ alsoĀ partitionedĀ intoĀ banks.Ā DifferentĀ counterĀ tablesĀ withĀ differentĀ counterĀ widthĀ areĀ storedĀ inĀ differentĀ banks.Ā CounterĀ tablesĀ havingĀ theĀ sameĀ counterĀ widthĀ mayĀ beĀ storedĀ inĀ theĀ sameĀ bank.Ā AsĀ suchļ¼ŒĀ theĀ granularityĀ ofĀ theĀ amountĀ ofĀ storageĀ spaceĀ thatĀ canĀ beĀ interchangedĀ amongĀ tablesĀ storedĀ inĀ theĀ counterĀ memoryĀ 230CĀ canĀ varyĀ amongstĀ theĀ tables.Ā TheĀ dataĀ storageĀ resourceĀ informationĀ canĀ thusĀ beĀ expressedĀ inĀ aĀ similarĀ fashionĀ toĀ thatĀ ofĀ theĀ TCAMĀ (e.g.ļ¼ŒĀ withĀ granularityĀ information)Ā .
AsĀ aĀ furtherĀ exampleļ¼ŒĀ considerĀ theĀ hashĀ memoryĀ 230AĀ shownĀ inĀ Fig.Ā 2.Ā TheĀ dataĀ storageĀ resourceĀ informationĀ ofĀ theĀ hashĀ memoryĀ 230AĀ canĀ beĀ expressedĀ asĀ followsļ¼š
(FDBļ¼ŒĀ 1)Ā <->Ā (LFIBļ¼ŒĀ 1)Ā <->Ā (VTļ¼ŒĀ 1)Ā 
ThisĀ indicatesĀ thatĀ FDBļ¼ŒĀ LFIBļ¼ŒĀ andĀ VTĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā (e.g.ļ¼ŒĀ theĀ hashĀ memoryĀ 230A)Ā andĀ thatĀ inĀ theĀ eventĀ thatĀ thereĀ isĀ insufficientĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ FDBļ¼ŒĀ theĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ LFIBĀ orĀ VTĀ isĀ 1ļ¼ŒĀ whichĀ createsĀ spaceĀ toĀ accommodateĀ 1Ā additionalĀ entryĀ forĀ FDB.Ā Similarlyļ¼ŒĀ inĀ theĀ eventĀ thatĀ thereĀ isĀ insufficientĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ LFIBļ¼ŒĀ theĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ FDBĀ orĀ VTĀ isĀ 1ļ¼ŒĀ whichĀ createsĀ spaceĀ toĀ accommodateĀ 1Ā additionalĀ entryĀ forĀ LFIB.Ā Similarlyļ¼ŒĀ inĀ theĀ eventĀ thatĀ thereĀ isĀ insufficientĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ VTļ¼ŒĀ theĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ FDBĀ orĀ LFBĀ isĀ 1ļ¼ŒĀ whichĀ createsĀ spaceĀ toĀ accommodateĀ 1Ā additionalĀ entryĀ forĀ VT.
AsĀ willĀ beĀ describedĀ inĀ additionalĀ detailĀ belowļ¼ŒĀ aĀ switchĀ 120Ā mayĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ suchĀ asĀ thoseĀ describedĀ aboveĀ (orĀ similarĀ information)Ā toĀ aĀ controllerĀ 110Ā andĀ theĀ controllerĀ 110Ā  canĀ useĀ thisĀ informationĀ toĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switchĀ 120.
Fig.Ā 3Ā isĀ aĀ flowĀ diagramĀ ofĀ aĀ processĀ performedĀ byĀ aĀ switchĀ forĀ providingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ aĀ controllerĀ andĀ adjustingĀ dataĀ storageĀ resourceĀ utilizationĀ accordingĀ toĀ instructionsĀ receivedĀ fromĀ theĀ controllerļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ operationsĀ ofĀ theĀ flowĀ diagramĀ mayĀ beĀ performedĀ byĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ switchĀ 120Ā inĀ anĀ SDNĀ networkĀ 100.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ switchĀ 120Ā mayĀ communicateĀ withĀ aĀ controllerĀ 110Ā inĀ theĀ SDNĀ networkĀ 100Ā overĀ aĀ southboundĀ interfaceĀ usingĀ aĀ controlĀ planeĀ communicationĀ protocolĀ (e.g.ļ¼ŒĀ ForCESĀ orĀ OpenFlow)Ā .Ā TheĀ operationsĀ inĀ thisĀ andĀ otherĀ flowĀ diagramsĀ willĀ beĀ describedĀ withĀ referenceĀ toĀ theĀ exemplaryĀ embodimentsĀ ofĀ theĀ otherĀ figures.Ā Howeverļ¼ŒĀ itĀ shouldĀ beĀ understoodĀ thatĀ theĀ operationsĀ ofĀ theĀ flowĀ diagramsĀ canĀ beĀ performedĀ byĀ embodimentsĀ ofĀ theĀ inventionĀ otherĀ thanĀ thoseĀ discussedĀ withĀ referenceĀ toĀ theĀ otherĀ figuresļ¼ŒĀ andĀ theĀ embodimentsĀ ofĀ theĀ inventionĀ discussedĀ withĀ referenceĀ toĀ theseĀ otherĀ figuresĀ canĀ performĀ operationsĀ differentĀ thanĀ thoseĀ discussedĀ withĀ referenceĀ toĀ theĀ flowĀ diagrams.
InĀ oneĀ embodimentļ¼ŒĀ theĀ processĀ isĀ initiatedĀ whenĀ theĀ switchĀ 120Ā receivesļ¼ŒĀ fromĀ aĀ controllerĀ 110ļ¼ŒĀ aĀ requestĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ (blockĀ 310)Ā .Ā InĀ someĀ embodimentsļ¼ŒĀ theĀ processĀ mayĀ beĀ initiatedĀ withoutĀ receivingĀ aĀ requestĀ fromĀ theĀ controllerĀ 110.Ā ForĀ exampleļ¼ŒĀ theĀ switchĀ 120Ā mayĀ periodicallyĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ 110Ā withoutĀ receivingĀ aĀ requestĀ fromĀ theĀ controllerĀ 110.
TheĀ switchĀ 120Ā determinesĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ 120Ā shareĀ aĀ dataĀ storageĀ resourceĀ 130Ā (blockĀ 320)Ā .Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ 130Ā isĀ aĀ hashĀ memoryĀ 230Aļ¼ŒĀ aĀ TCAMĀ 230Bļ¼ŒĀ orĀ aĀ counterĀ memoryĀ 230C.Ā TheĀ switchĀ 120Ā thenĀ transmitsĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ 110Ā (blockĀ 330)Ā .Ā TheĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ 130.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ  resourceĀ sharingĀ informationĀ alsoĀ includesĀ anĀ indicationĀ ofĀ aĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ aĀ secondĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ toĀ createĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ aĀ firstĀ tableĀ thatĀ sharesĀ theĀ dataĀ storageĀ resourceĀ 130Ā withĀ theĀ secondĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ anĀ entryĀ inĀ theĀ firstĀ table.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ correspondingĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ insertedĀ inĀ theĀ firstĀ tableĀ ifĀ theĀ minimumĀ numberĀ ofĀ entriesĀ areĀ deletedĀ fromĀ theĀ secondĀ table.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ canĀ beĀ expressedĀ asĀ describedĀ hereinĀ above.
TheĀ switchĀ 120Ā receivesĀ instructionsĀ fromĀ theĀ controllerĀ 110Ā toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ 130ļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ 130Ā withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableĀ (blockĀ 340)Ā .Ā ForĀ exampleļ¼ŒĀ theĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ couldĀ beĀ expressedĀ asĀ (tableĀ Yļ¼ŒĀ 16)Ā andĀ (tableĀ Zļ¼ŒĀ 32)Ā .Ā InĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼ŒĀ thisĀ instructionĀ indicatesĀ thatĀ theĀ switchĀ 120Ā shouldĀ deleteĀ 16Ā entriesĀ fromĀ tableĀ YĀ andĀ deleteĀ 32Ā entriesĀ fromĀ tableĀ ZĀ toĀ createĀ spaceĀ forĀ theĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.Ā InĀ oneĀ embodimentļ¼ŒĀ specialĀ numbersĀ orĀ designationsĀ canĀ beĀ usedĀ toĀ instructĀ theĀ switchĀ 120Ā toĀ deleteĀ anĀ entireĀ tableĀ orĀ toĀ deleteĀ entriesĀ onĀ demand.Ā ThisĀ allowsĀ theĀ controllerĀ 110Ā toĀ offloadĀ someĀ ofĀ theĀ dataĀ storageĀ resourceĀ managementĀ responsibilitiesĀ toĀ theĀ switchĀ 120.
TheĀ switchĀ 120Ā determinesĀ whetherĀ sufficientĀ storageĀ spaceĀ isĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableĀ (decisionĀ blockĀ 350)Ā .Ā IfĀ theĀ switchĀ 120Ā determinesĀ  thatĀ thereĀ isĀ sufficientĀ storageĀ spaceĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130ļ¼ŒĀ theĀ switchĀ 120Ā insertsĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableĀ (blockĀ 370)Ā .Ā OnĀ theĀ otherĀ handļ¼ŒĀ ifĀ theĀ switchĀ 120Ā determinesĀ thatĀ thereĀ isĀ insufficientĀ storageĀ spaceĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130ļ¼ŒĀ theĀ switchĀ 120Ā deletesĀ oneĀ orĀ moreĀ entriesĀ fromĀ theĀ oneĀ orĀ moreĀ otherĀ tablesĀ (blockĀ 360)Ā ļ¼ŒĀ asĀ indicatedĀ inĀ theĀ instructionsĀ receivedĀ fromĀ theĀ controllerĀ 110.Ā InĀ thisĀ wayļ¼ŒĀ whenĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ aĀ dataĀ storageĀ resourceĀ forĀ aĀ givenĀ tableļ¼ŒĀ theĀ switchĀ 120Ā deletesĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā asĀ theĀ givenĀ tableļ¼ŒĀ accordingĀ toĀ theĀ instructionsĀ receivedĀ fromĀ theĀ controllerĀ 110.Ā DeletingĀ theĀ entriesĀ createsĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ theĀ firstĀ table.Ā OnceĀ theĀ entriesĀ areĀ deletedļ¼ŒĀ theĀ switchĀ 120Ā mayĀ thenĀ insertĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableĀ (blockĀ 370)Ā .
Fig.Ā 4Ā isĀ aĀ flowĀ diagramĀ ofĀ aĀ processĀ performedĀ byĀ aĀ controllerĀ forĀ managingĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ aĀ switchļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ operationsĀ ofĀ theĀ flowĀ diagramĀ mayĀ beĀ performedĀ byĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ controllerĀ 110Ā inĀ anĀ SDNĀ network.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ controllerĀ 110Ā mayĀ communicateĀ withĀ aĀ switchĀ 120Ā inĀ theĀ SDNĀ networkĀ overĀ aĀ southboundĀ interfaceĀ usingĀ aĀ controlĀ planeĀ communicationĀ protocolĀ (e.g.ļ¼ŒĀ ForCESĀ orĀ OpenFlow)Ā .
InĀ oneĀ embodimentļ¼ŒĀ theĀ processĀ isĀ initiatedĀ whenĀ theĀ controllerĀ 110Ā transmitsļ¼ŒĀ toĀ aĀ switchĀ 120ļ¼ŒĀ aĀ requestĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ (blockĀ 410)Ā .Ā InĀ someĀ embodimentsļ¼ŒĀ theĀ processĀ mayĀ beĀ initiatedĀ withoutĀ theĀ controllerĀ 110Ā transmittingĀ aĀ requestĀ toĀ theĀ switchĀ 120.Ā ForĀ exampleļ¼ŒĀ theĀ switchĀ 120Ā mayĀ periodicallyĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ 110Ā withoutĀ receivingĀ aĀ requestĀ fromĀ theĀ controllerĀ 110.
TheĀ controllerĀ 110Ā receivesĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ fromĀ theĀ switchĀ 120Ā (blockĀ 420)Ā .Ā TheĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ storedĀ inĀ theĀ switchĀ 120Ā thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ 130Ā ofĀ theĀ switchĀ 120.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ  indicationĀ ofĀ aĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ aĀ secondĀ tableĀ thatĀ sharesĀ theĀ dataĀ storageĀ resourceĀ 130Ā withĀ theĀ firstĀ tableĀ toĀ createĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ theĀ firstĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ anĀ entryĀ inĀ theĀ firstĀ table.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ correspondingĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ insertedĀ inĀ theĀ firstĀ tableĀ ifĀ theĀ minimumĀ numberĀ ofĀ entriesĀ areĀ deletedĀ fromĀ theĀ secondĀ table.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ canĀ beĀ expressedĀ asĀ describedĀ hereinĀ above.
TheĀ controllerĀ 110Ā transmitsĀ instructionsĀ toĀ theĀ switchĀ 120Ā toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ 130ļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ 130Ā withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableĀ (blockĀ 430)Ā .Ā TheĀ controllerĀ 110Ā hasĀ knowledgeĀ ofĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ 120Ā shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā basedĀ onĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ itĀ receivedĀ fromĀ theĀ switchĀ 120Ā (e.g.ļ¼ŒĀ inĀ blockĀ 420)Ā ļ¼ŒĀ andĀ canĀ useĀ thisĀ informationĀ toĀ determineĀ whichĀ tableĀ toĀ deleteĀ entriesĀ fromĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130.Ā InĀ theĀ caseĀ thatĀ thereĀ areĀ multipleĀ tablesĀ thatĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā withĀ theĀ firstĀ tableļ¼ŒĀ theĀ policyĀ forĀ choosingĀ whichĀ tableĀ toĀ deleteĀ entriesĀ fromĀ (andĀ howĀ manyĀ entriesĀ toĀ delete)Ā isĀ managedĀ byĀ theĀ controlĀ planeĀ andĀ isĀ configurableĀ byĀ aĀ userĀ (e.g.ļ¼ŒĀ aĀ networkĀ operatorĀ orĀ administrator)Ā .Ā ForĀ exampleļ¼ŒĀ inĀ oneĀ embodimentļ¼ŒĀ theĀ controllerĀ 110Ā mayĀ determineĀ whichĀ tableĀ toĀ deleteĀ entriesĀ fromĀ basedĀ onĀ theĀ granularitiesĀ ofĀ storageĀ spaceĀ amountĀ thatĀ canĀ beĀ interchangedĀ betweenĀ tables.Ā ForĀ exampleļ¼ŒĀ smallerĀ granularitiesĀ mayĀ beĀ preferred.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ controllerĀ 110Ā determinesĀ aĀ numberĀ ofĀ entriesĀ toĀ deleteĀ fromĀ theĀ secondĀ tableĀ basedĀ onĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ receivedĀ fromĀ theĀ switch.Ā  ForĀ exampleļ¼ŒĀ theĀ controllerĀ 110Ā mayĀ utilizeĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ receivedĀ fromĀ theĀ switchĀ 120Ā toĀ determineĀ howĀ manyĀ entriesĀ shouldĀ beĀ deletedĀ fromĀ theĀ secondĀ tableĀ inĀ orderĀ toĀ accommodateĀ aĀ certainĀ numberĀ ofĀ additionalĀ entriesĀ inĀ theĀ firstĀ table.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ instructionsĀ toĀ deleteĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā includesĀ anĀ indicationĀ ofĀ aĀ numberĀ ofĀ entriesĀ toĀ deleteĀ fromĀ eachĀ ofĀ theĀ oneĀ orĀ moreĀ otherĀ tablesĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.Ā InĀ thisĀ wayļ¼ŒĀ theĀ controllerĀ 110Ā canĀ instructĀ theĀ switchĀ 120Ā toĀ deleteĀ entriesĀ fromĀ oneĀ orĀ moreĀ tablesĀ thatĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā asĀ aĀ givenĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130Ā forĀ theĀ givenĀ table.Ā TheĀ controllerĀ 110Ā isĀ ableĀ toĀ provideĀ suchĀ instructionsĀ basedĀ onĀ itsĀ knowledgeĀ ofĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ itĀ receivedĀ fromĀ theĀ switchĀ 120.
InĀ oneĀ embodimentļ¼ŒĀ theĀ controllerĀ 110Ā mayĀ giveĀ preferenceĀ toĀ oneĀ tableĀ overĀ anotherĀ tableĀ whenĀ managingĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ aĀ switchĀ 120.Ā ThisĀ mayĀ helpĀ againstĀ maliciousĀ attacksĀ onĀ theĀ switchĀ 120.Ā ForĀ exampleļ¼ŒĀ considerĀ aĀ switchĀ 120Ā inĀ whichĀ FDBĀ andĀ LFIBĀ shareĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130.Ā MaliciousĀ attacksĀ canĀ causeĀ FDBĀ tableĀ sizeĀ toĀ becomeĀ veryĀ large.Ā OnĀ theĀ otherĀ handļ¼ŒĀ LFIBĀ tableĀ sizeĀ isĀ relativelyĀ deterministic.Ā Alsoļ¼ŒĀ consideringĀ thatĀ aĀ singleĀ FDBĀ tableĀ entryĀ representsĀ oneĀ hostļ¼ŒĀ whileĀ aĀ singleĀ LFIBĀ tableĀ entryĀ generallyĀ representsĀ anĀ IPĀ prefixļ¼ŒĀ itĀ isĀ preferableĀ thatĀ LFIBĀ isĀ allocatedĀ storageĀ spaceĀ overĀ FDBĀ ifĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130.Ā ByĀ deletingĀ partialĀ FDBĀ tableĀ entriesļ¼ŒĀ LFIBĀ canĀ beĀ allocatedĀ additionalĀ storageĀ spaceļ¼ŒĀ andĀ thusĀ itsĀ trafficĀ isĀ protected.
GivingĀ preferenceĀ toĀ oneĀ tableĀ overĀ anotherĀ tableĀ mayĀ alsoĀ helpĀ guaranteeĀ importantĀ services.Ā ConsiderĀ aĀ switchĀ 120Ā thatĀ includesĀ aĀ TCAMĀ dataĀ storageĀ resourceĀ (e.g.ļ¼ŒĀ 230B)Ā .Ā TCAMĀ 230BĀ isĀ typicallyĀ anĀ expensiveĀ andĀ limitedĀ dataĀ storageĀ resourceĀ 130Ā usedĀ byĀ multipleĀ tablesĀ (e.g.ļ¼ŒĀ ACLļ¼ŒĀ  QoSļ¼ŒĀ FIBļ¼ŒĀ etc.Ā )Ā forĀ trafficĀ classificationĀ andĀ otherĀ packetĀ processingĀ functions.Ā InĀ theĀ eventĀ thatĀ theĀ TCAMĀ 230BĀ doesĀ notĀ haveĀ sufficientĀ storageĀ spaceĀ availableļ¼ŒĀ QoSĀ relatedĀ tableĀ entriesĀ canĀ beĀ deletedĀ toĀ guaranteeĀ thatĀ FIBĀ tableĀ entriesĀ canĀ beĀ storedĀ inĀ theĀ TCAMĀ 230BĀ inĀ orderĀ toĀ guaranteeĀ non-interruptedĀ trafficĀ flowĀ (givenĀ thatĀ non-interruptedĀ trafficĀ flowĀ hasĀ higherĀ priorityĀ thanĀ otherĀ goals)Ā .Ā InĀ thisĀ wayļ¼ŒĀ theĀ correspondingĀ servicesĀ forĀ FIBĀ suchĀ asĀ L3Ā VPNĀ areĀ guaranteed.
TheĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ canĀ alsoĀ beĀ utilizedĀ duringĀ aĀ resourceĀ planningĀ phase.Ā ForĀ exampleļ¼ŒĀ whenĀ increasingĀ orĀ decreasingĀ oneĀ tableĀ sizeļ¼ŒĀ theĀ amountĀ ofĀ storageĀ spaceĀ allocatedĀ toĀ otherĀ tablesĀ sharingĀ theĀ sameĀ dataĀ storageĀ resourceĀ 130Ā canĀ beĀ adjustedĀ accordinglyļ¼ŒĀ toĀ reflectĀ theĀ actualĀ amountĀ ofĀ storageĀ spaceĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ 130.
Fig.Ā 5AĀ illustratesĀ connectivityĀ betweenĀ networkĀ devicesĀ (NDs)Ā withinĀ anĀ exemplaryĀ networkļ¼ŒĀ asĀ wellĀ asĀ threeĀ exemplaryĀ implementationsĀ ofĀ theĀ NDsļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā Fig.Ā 5AĀ showsĀ NDsĀ 500A-Hļ¼ŒĀ andĀ theirĀ connectivityĀ byĀ wayĀ ofĀ linesĀ betweenĀ A-Bļ¼ŒĀ B-Cļ¼ŒĀ C-Dļ¼ŒĀ D-Eļ¼ŒĀ E-Fļ¼ŒĀ F-Gļ¼ŒĀ andĀ A-Gļ¼ŒĀ asĀ wellĀ asĀ betweenĀ HĀ andĀ eachĀ ofĀ Aļ¼ŒĀ Cļ¼ŒĀ Dļ¼ŒĀ andĀ G.Ā TheseĀ NDsĀ areĀ physicalĀ devicesļ¼ŒĀ andĀ theĀ connectivityĀ betweenĀ theseĀ NDsĀ canĀ beĀ wirelessĀ orĀ wiredĀ (oftenĀ referredĀ toĀ asĀ aĀ link)Ā .Ā AnĀ additionalĀ lineĀ extendingĀ fromĀ NDsĀ 500Aļ¼ŒĀ Eļ¼ŒĀ andĀ FĀ illustratesĀ thatĀ theseĀ NDsĀ actĀ asĀ ingressĀ andĀ egressĀ pointsĀ forĀ theĀ networkĀ (andĀ thusļ¼ŒĀ theseĀ NDsĀ areĀ sometimesĀ referredĀ toĀ asĀ edgeĀ NDsļ¼›Ā whileĀ theĀ otherĀ NDsĀ mayĀ beĀ calledĀ coreĀ NDs)Ā .
TwoĀ ofĀ theĀ exemplaryĀ NDĀ implementationsĀ inĀ Fig.Ā 5AĀ areļ¼šĀ 1)Ā aĀ special-purposeĀ networkĀ deviceĀ 502Ā thatĀ usesĀ customĀ application-specificĀ integrated-circuitsĀ (ASICs)Ā andĀ aĀ proprietaryĀ operatingĀ systemĀ (OS)Ā ļ¼›Ā andĀ 2)Ā aĀ generalĀ purposeĀ networkĀ deviceĀ 504Ā thatĀ usesĀ commonĀ off-the-shelfĀ (COTS)Ā processorsĀ andĀ aĀ standardĀ OS.
TheĀ special-purposeĀ networkĀ deviceĀ 502Ā includesĀ networkingĀ hardwareĀ 510Ā comprisingĀ computeĀ resourceĀ (s)Ā 512Ā (whichĀ typicallyĀ includeĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processors)Ā ļ¼ŒĀ forwardingĀ resourceĀ (s)Ā 514Ā (whichĀ typicallyĀ includeĀ oneĀ orĀ moreĀ ASICsĀ and/orĀ networkĀ processors)Ā ļ¼ŒĀ  andĀ physicalĀ networkĀ interfacesĀ (NIs)Ā 516Ā (sometimesĀ calledĀ physicalĀ ports)Ā ļ¼ŒĀ asĀ wellĀ asĀ non-transitoryĀ machineĀ readableĀ storageĀ mediaĀ 518Ā havingĀ storedĀ thereinĀ networkingĀ softwareĀ 520.Ā AĀ physicalĀ NIĀ isĀ hardwareĀ inĀ aĀ NDĀ throughĀ whichĀ aĀ networkĀ connectionĀ (e.g.ļ¼ŒĀ wirelesslyĀ throughĀ aĀ wirelessĀ networkĀ interfaceĀ controllerĀ (WNIC)Ā orĀ throughĀ pluggingĀ inĀ aĀ cableĀ toĀ aĀ physicalĀ portĀ connectedĀ toĀ aĀ networkĀ interfaceĀ controllerĀ (NIC)Ā )Ā isĀ madeļ¼ŒĀ suchĀ asĀ thoseĀ shownĀ byĀ theĀ connectivityĀ betweenĀ NDsĀ 500A-H.Ā DuringĀ operationļ¼ŒĀ theĀ networkingĀ softwareĀ 520Ā mayĀ beĀ executedĀ byĀ theĀ networkingĀ hardwareĀ 510Ā toĀ instantiateĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ networkingĀ softwareĀ instanceĀ (s)Ā 522.Ā EachĀ ofĀ theĀ networkingĀ softwareĀ instanceĀ (s)Ā 522ļ¼ŒĀ andĀ thatĀ partĀ ofĀ theĀ networkingĀ hardwareĀ 510Ā thatĀ executesĀ thatĀ networkĀ softwareĀ instanceĀ (beĀ itĀ hardwareĀ dedicatedĀ toĀ thatĀ networkingĀ softwareĀ instanceĀ and/orĀ timeĀ slicesĀ ofĀ hardwareĀ temporallyĀ sharedĀ byĀ thatĀ networkingĀ softwareĀ instanceĀ withĀ othersĀ ofĀ theĀ networkingĀ softwareĀ instanceĀ (s)Ā 522)Ā ļ¼ŒĀ formĀ aĀ separateĀ virtualĀ networkĀ elementĀ 530A-R.Ā EachĀ ofĀ theĀ virtualĀ networkĀ elementĀ (s)Ā (VNEs)Ā 530A-RĀ includesĀ aĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ 532A-RĀ (sometimesĀ referredĀ toĀ asĀ aĀ localĀ controlĀ moduleĀ orĀ controlĀ communicationĀ module)Ā andĀ forwardingĀ tableĀ (s)Ā 534A-Rļ¼ŒĀ suchĀ thatĀ aĀ givenĀ virtualĀ networkĀ elementĀ (e.g.ļ¼ŒĀ 530A)Ā includesĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (e.g.ļ¼ŒĀ 532A)Ā ļ¼ŒĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ forwardingĀ tableĀ (s)Ā (e.g.ļ¼ŒĀ 534A)Ā ļ¼ŒĀ andĀ thatĀ portionĀ ofĀ theĀ networkingĀ hardwareĀ 510Ā thatĀ executesĀ theĀ virtualĀ networkĀ elementĀ (e.g.ļ¼ŒĀ 530A)Ā .
SoftwareĀ 520Ā canĀ includeĀ codeĀ suchĀ asĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ 525ļ¼ŒĀ whichĀ whenĀ executedĀ byĀ networkingĀ hardwareĀ 510ļ¼ŒĀ causesĀ theĀ special-purposeĀ networkĀ deviceĀ 502Ā toĀ performĀ operationsĀ ofĀ oneĀ orĀ moreĀ embodimentsĀ ofĀ theĀ presentĀ disclosureĀ asĀ partĀ networkingĀ softwareĀ instancesĀ 522Ā (dataĀ storageĀ resourceĀ sharingĀ instanceĀ 535A)Ā .
TheĀ special-purposeĀ networkĀ deviceĀ 502Ā isĀ oftenĀ physicallyĀ and/orĀ logicallyĀ consideredĀ toĀ includeļ¼šĀ 1)Ā aĀ NDĀ controlĀ planeĀ 524Ā (sometimesĀ referredĀ toĀ asĀ aĀ controlĀ plane)Ā comprisingĀ theĀ computeĀ resourceĀ (s)Ā 512Ā thatĀ executeĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-Rļ¼›Ā  andĀ 2)Ā aĀ NDĀ forwardingĀ planeĀ 526Ā (sometimesĀ referredĀ toĀ asĀ aĀ forwardingĀ planeļ¼ŒĀ aĀ dataĀ planeļ¼ŒĀ orĀ aĀ mediaĀ plane)Ā comprisingĀ theĀ forwardingĀ resourceĀ (s)Ā 514Ā thatĀ utilizeĀ theĀ forwardingĀ tableĀ (s)Ā 534A-RĀ andĀ theĀ physicalĀ NIsĀ 516.Ā ByĀ wayĀ ofĀ exampleļ¼ŒĀ whereĀ theĀ NDĀ isĀ aĀ routerĀ (orĀ isĀ implementingĀ routingĀ functionality)Ā ļ¼ŒĀ theĀ NDĀ controlĀ planeĀ 524Ā (theĀ computeĀ resourceĀ (s)Ā 512Ā executingĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-R)Ā isĀ typicallyĀ responsibleĀ forĀ participatingĀ inĀ controllingĀ howĀ dataĀ (e.g.ļ¼ŒĀ packets)Ā isĀ toĀ beĀ routedĀ (e.g.ļ¼ŒĀ theĀ nextĀ hopĀ forĀ theĀ dataĀ andĀ theĀ outgoingĀ physicalĀ NIĀ forĀ thatĀ data)Ā andĀ storingĀ thatĀ routingĀ informationĀ inĀ theĀ forwardingĀ tableĀ (s)Ā 534A-Rļ¼ŒĀ andĀ theĀ NDĀ forwardingĀ planeĀ 526Ā isĀ responsibleĀ forĀ receivingĀ thatĀ dataĀ onĀ theĀ physicalĀ NIsĀ 516Ā andĀ forwardingĀ thatĀ dataĀ outĀ theĀ appropriateĀ onesĀ ofĀ theĀ physicalĀ NIsĀ 516Ā basedĀ onĀ theĀ forwardingĀ tableĀ (s)Ā 534A-R.
Fig.Ā 5BĀ illustratesĀ anĀ exemplaryĀ wayĀ toĀ implementĀ theĀ special-purposeĀ networkĀ deviceĀ 502Ā accordingĀ toĀ someĀ embodiments.Ā Fig.Ā 5BĀ showsĀ aĀ special-purposeĀ networkĀ deviceĀ includingĀ cardsĀ 538Ā (typicallyĀ hotĀ pluggable)Ā .Ā WhileĀ inĀ someĀ embodimentsĀ theĀ cardsĀ 538Ā areĀ ofĀ twoĀ typesĀ (oneĀ orĀ moreĀ thatĀ operateĀ asĀ theĀ NDĀ forwardingĀ planeĀ 526Ā (sometimesĀ calledĀ lineĀ cards)Ā ļ¼ŒĀ andĀ oneĀ orĀ moreĀ thatĀ operateĀ toĀ implementĀ theĀ NDĀ controlĀ planeĀ 524Ā (sometimesĀ calledĀ controlĀ cards)Ā )Ā ļ¼ŒĀ alternativeĀ embodimentsĀ mayĀ combineĀ functionalityĀ ontoĀ aĀ singleĀ cardĀ and/orĀ includeĀ additionalĀ cardĀ typesĀ (e.g.ļ¼ŒĀ oneĀ additionalĀ typeĀ ofĀ cardĀ isĀ calledĀ aĀ serviceĀ cardļ¼ŒĀ resourceĀ cardļ¼ŒĀ orĀ multi-applicationĀ card)Ā .Ā AĀ serviceĀ cardĀ canĀ provideĀ specializedĀ processingĀ (e.g.ļ¼ŒĀ LayerĀ 4Ā toĀ LayerĀ 7Ā servicesĀ (e.g.ļ¼ŒĀ firewallļ¼ŒĀ InternetĀ ProtocolĀ SecurityĀ (IPsec)Ā ļ¼ŒĀ SecureĀ SocketsĀ LayerĀ (SSL)Ā /TransportĀ LayerĀ SecurityĀ (TLS)Ā ļ¼ŒĀ IntrusionĀ DetectionĀ SystemĀ (IDS)Ā ļ¼ŒĀ peer-to-peerĀ (P2P)Ā ļ¼ŒĀ VoiceĀ overĀ IPĀ (VoIP)Ā SessionĀ BorderĀ Controllerļ¼ŒĀ MobileĀ WirelessĀ GatewaysĀ (GatewayĀ GeneralĀ PacketĀ RadioĀ ServiceĀ (GPRS)Ā SupportĀ NodeĀ (GGSN)Ā ļ¼ŒĀ EvolvedĀ PacketĀ CoreĀ (EPC)Ā Gateway)Ā )Ā .Ā ByĀ wayĀ ofĀ exampleļ¼ŒĀ aĀ serviceĀ cardĀ mayĀ beĀ usedĀ toĀ terminateĀ IPsecĀ tunnelsĀ andĀ executeĀ theĀ attendantĀ authenticationĀ andĀ encryptionĀ algorithms.Ā TheseĀ cardsĀ areĀ coupledĀ togetherĀ throughĀ oneĀ orĀ moreĀ interconnectĀ mechanismsĀ illustratedĀ  asĀ backplaneĀ 536Ā (e.g.ļ¼ŒĀ aĀ firstĀ fullĀ meshĀ couplingĀ theĀ lineĀ cardsĀ andĀ aĀ secondĀ fullĀ meshĀ couplingĀ allĀ ofĀ theĀ cards)Ā .
ReturningĀ toĀ Fig.Ā 5Aļ¼ŒĀ theĀ generalĀ purposeĀ networkĀ deviceĀ 504Ā includesĀ hardwareĀ 540Ā comprisingĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorĀ (s)Ā 542Ā (whichĀ areĀ oftenĀ COTSĀ processors)Ā andĀ networkĀ interfaceĀ controllerĀ (s)Ā 544Ā (NICsļ¼›Ā alsoĀ knownĀ asĀ networkĀ interfaceĀ cards)Ā (whichĀ includeĀ physicalĀ NIsĀ 546)Ā ļ¼ŒĀ asĀ wellĀ asĀ non-transitoryĀ machineĀ readableĀ storageĀ mediaĀ 548Ā havingĀ storedĀ thereinĀ softwareĀ 550.Ā DuringĀ operationļ¼ŒĀ theĀ processorĀ (s)Ā 542Ā executeĀ theĀ softwareĀ 550Ā toĀ instantiateĀ oneĀ orĀ moreĀ setsĀ ofĀ oneĀ orĀ moreĀ applicationsĀ 564A-R.Ā WhileĀ oneĀ embodimentĀ doesĀ notĀ implementĀ virtualizationļ¼ŒĀ alternativeĀ embodimentsĀ mayĀ useĀ differentĀ formsĀ ofĀ virtualization-representedĀ byĀ aĀ virtualizationĀ layerĀ 554Ā andĀ softwareĀ containersĀ 562A-R.Ā ForĀ exampleļ¼ŒĀ oneĀ suchĀ alternativeĀ embodimentĀ implementsĀ operatingĀ system-levelĀ virtualizationļ¼ŒĀ inĀ whichĀ caseĀ theĀ virtualizationĀ layerĀ 554Ā representsĀ theĀ kernelĀ ofĀ anĀ operatingĀ systemĀ (orĀ aĀ shimĀ executingĀ onĀ aĀ baseĀ operatingĀ system)Ā thatĀ allowsĀ forĀ theĀ creationĀ ofĀ multipleĀ softwareĀ containersĀ 562A-RĀ thatĀ mayĀ eachĀ beĀ usedĀ toĀ executeĀ oneĀ ofĀ theĀ setsĀ ofĀ applicationsĀ 564A-R.Ā InĀ thisĀ embodimentļ¼ŒĀ theĀ multipleĀ softwareĀ containersĀ 562A-RĀ (alsoĀ calledĀ virtualizationĀ enginesļ¼ŒĀ virtualĀ privateĀ serversļ¼ŒĀ orĀ jails)Ā areĀ eachĀ aĀ userĀ spaceĀ instanceĀ (typicallyĀ aĀ virtualĀ memoryĀ space)Ā ļ¼›Ā theseĀ userĀ spaceĀ instancesĀ areĀ separateĀ fromĀ eachĀ otherĀ andĀ separateĀ fromĀ theĀ kernelĀ spaceĀ inĀ whichĀ theĀ operatingĀ systemĀ isĀ runļ¼›Ā theĀ setĀ ofĀ applicationsĀ runningĀ inĀ aĀ givenĀ userĀ spaceļ¼ŒĀ unlessĀ explicitlyĀ allowedļ¼ŒĀ cannotĀ accessĀ theĀ memoryĀ ofĀ theĀ otherĀ processes.Ā AnotherĀ suchĀ alternativeĀ embodimentĀ implementsĀ fullĀ virtualizationļ¼ŒĀ inĀ whichĀ caseļ¼šĀ 1)Ā theĀ virtualizationĀ layerĀ 554Ā representsĀ aĀ hypervisorĀ (sometimesĀ referredĀ toĀ asĀ aĀ virtualĀ machineĀ monitorĀ (VMM)Ā )Ā orĀ aĀ hypervisorĀ executingĀ onĀ topĀ ofĀ aĀ hostĀ operatingĀ systemļ¼›Ā andĀ 2)Ā theĀ softwareĀ containersĀ 562A-RĀ eachĀ representĀ aĀ tightlyĀ isolatedĀ formĀ ofĀ softwareĀ containerĀ calledĀ aĀ virtualĀ machineĀ thatĀ isĀ runĀ byĀ theĀ hypervisorĀ andĀ mayĀ includeĀ aĀ guestĀ operatingĀ system.Ā AĀ virtualĀ machineĀ isĀ aĀ softwareĀ implementationĀ ofĀ aĀ physicalĀ machineĀ thatĀ runsĀ programsĀ asĀ ifĀ theyĀ wereĀ executingĀ onĀ aĀ physicalļ¼ŒĀ  non-virtualizedĀ machineļ¼›Ā andĀ applicationsĀ generallyĀ doĀ notĀ knowĀ theyĀ areĀ runningĀ onĀ aĀ virtualĀ machineĀ asĀ opposedĀ toĀ runningĀ onĀ aĀ ā€œbareĀ metalā€Ā hostĀ electronicĀ deviceļ¼ŒĀ thoughĀ someĀ systemsĀ provideĀ para-virtualizationĀ whichĀ allowsĀ anĀ operatingĀ systemĀ orĀ applicationĀ toĀ beĀ awareĀ ofĀ theĀ presenceĀ ofĀ virtualizationĀ forĀ optimizationĀ purposes.
TheĀ instantiationĀ ofĀ theĀ oneĀ orĀ moreĀ setsĀ ofĀ oneĀ orĀ moreĀ applicationsĀ 564A-Rļ¼ŒĀ asĀ wellĀ asĀ theĀ virtualizationĀ layerĀ 554Ā andĀ softwareĀ containersĀ 562A-RĀ ifĀ implementedļ¼ŒĀ areĀ collectivelyĀ referredĀ toĀ asĀ softwareĀ instanceĀ (s)Ā 552.Ā EachĀ setĀ ofĀ applicationsĀ 564A-Rļ¼ŒĀ correspondingĀ softwareĀ containerĀ 562A-RĀ ifĀ implementedļ¼ŒĀ andĀ thatĀ partĀ ofĀ theĀ hardwareĀ 540Ā thatĀ executesĀ themĀ (beĀ itĀ hardwareĀ dedicatedĀ toĀ thatĀ executionĀ and/orĀ timeĀ slicesĀ ofĀ hardwareĀ temporallyĀ sharedĀ byĀ softwareĀ containersĀ 562A-R)Ā ļ¼ŒĀ formsĀ aĀ separateĀ virtualĀ networkĀ elementĀ (s)Ā 560A-R.
TheĀ virtualĀ networkĀ elementĀ (s)Ā 560A-RĀ performĀ similarĀ functionalityĀ toĀ theĀ virtualĀ networkĀ elementĀ (s)Ā 530A-R-e.g.ļ¼ŒĀ similarĀ toĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532AĀ andĀ forwardingĀ tableĀ (s)Ā 534AĀ (thisĀ virtualizationĀ ofĀ theĀ hardwareĀ 540Ā isĀ sometimesĀ referredĀ toĀ asĀ networkĀ functionĀ virtualizationĀ (NFV)Ā )Ā .Ā Thusļ¼ŒĀ NFVĀ mayĀ beĀ usedĀ toĀ consolidateĀ manyĀ networkĀ equipmentĀ typesĀ ontoĀ industryĀ standardĀ highĀ volumeĀ serverĀ hardwareļ¼ŒĀ physicalĀ switchesļ¼ŒĀ andĀ physicalĀ storageļ¼ŒĀ whichĀ couldĀ beĀ locatedĀ inĀ DataĀ centersļ¼ŒĀ NDsļ¼ŒĀ andĀ customerĀ premiseĀ equipmentĀ (CPE)Ā .Ā Howeverļ¼ŒĀ differentĀ embodimentsĀ ofĀ theĀ inventionĀ mayĀ implementĀ oneĀ orĀ moreĀ ofĀ theĀ softwareĀ containerĀ (s)Ā 562A-RĀ differently.Ā ForĀ exampleļ¼ŒĀ whileĀ embodimentsĀ ofĀ theĀ inventionĀ areĀ illustratedĀ withĀ eachĀ softwareĀ containerĀ 562A-RĀ correspondingĀ toĀ oneĀ VNEĀ 560A-Rļ¼ŒĀ alternativeĀ embodimentsĀ mayĀ implementĀ thisĀ correspondenceĀ atĀ aĀ finerĀ levelĀ granularityĀ (e.g.ļ¼ŒĀ lineĀ cardĀ virtualĀ machinesĀ virtualizeĀ lineĀ cardsļ¼ŒĀ controlĀ cardĀ virtualĀ machineĀ virtualizeĀ controlĀ cardsļ¼ŒĀ etc.Ā )Ā ļ¼›Ā itĀ shouldĀ beĀ understoodĀ thatĀ theĀ techniquesĀ describedĀ hereinĀ withĀ referenceĀ toĀ aĀ correspondenceĀ ofĀ softwareĀ containersĀ 562A-RĀ toĀ VNEsĀ alsoĀ applyĀ toĀ embodimentsĀ whereĀ suchĀ aĀ finerĀ levelĀ ofĀ granularityĀ isĀ used.
InĀ certainĀ embodimentsļ¼ŒĀ theĀ virtualizationĀ layerĀ 554Ā includesĀ aĀ virtualĀ switchĀ thatĀ providesĀ similarĀ forwardingĀ servicesĀ asĀ aĀ physicalĀ EthernetĀ switch.Ā Specificallyļ¼ŒĀ thisĀ virtualĀ switchĀ forwardsĀ trafficĀ betweenĀ softwareĀ containersĀ 562A-RĀ andĀ theĀ NICĀ (s)Ā 544ļ¼ŒĀ asĀ wellĀ asĀ optionallyĀ betweenĀ theĀ softwareĀ containersĀ 562A-Rļ¼›Ā inĀ additionļ¼ŒĀ thisĀ virtualĀ switchĀ mayĀ enforceĀ networkĀ isolationĀ betweenĀ theĀ VNEsĀ 560A-RĀ thatĀ byĀ policyĀ areĀ notĀ permittedĀ toĀ communicateĀ withĀ eachĀ otherĀ (e.g.ļ¼ŒĀ byĀ honoringĀ virtualĀ localĀ areaĀ networksĀ (VLANs)Ā )Ā .
SoftwareĀ 550Ā canĀ includeĀ codeĀ suchĀ asĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ 563ļ¼ŒĀ whichĀ whenĀ executedĀ byĀ processorĀ (s)Ā 542ļ¼ŒĀ causeĀ theĀ generalĀ purposeĀ networkĀ deviceĀ 504Ā toĀ performĀ operationsĀ ofĀ oneĀ orĀ moreĀ embodimentsĀ ofĀ theĀ presentĀ disclosureĀ asĀ partĀ softwareĀ containersĀ 562A-R.
TheĀ thirdĀ exemplaryĀ NDĀ implementationĀ inĀ Fig.Ā 5AĀ isĀ aĀ hybridĀ networkĀ deviceĀ 506ļ¼ŒĀ whichĀ includesĀ bothĀ customĀ ASICs/proprietaryĀ OSĀ andĀ COTSĀ processors/standardĀ OSĀ inĀ aĀ singleĀ NDĀ orĀ aĀ singleĀ cardĀ withinĀ anĀ ND.Ā InĀ certainĀ embodimentsĀ ofĀ suchĀ aĀ hybridĀ networkĀ deviceļ¼ŒĀ aĀ platformĀ VMĀ (i.e.ļ¼ŒĀ aĀ VMĀ thatĀ thatĀ implementsĀ theĀ functionalityĀ ofĀ theĀ special-purposeĀ networkĀ deviceĀ 502)Ā couldĀ provideĀ forĀ para-virtualizationĀ toĀ theĀ networkingĀ hardwareĀ presentĀ inĀ theĀ hybridĀ networkĀ deviceĀ 506.
RegardlessĀ ofĀ theĀ aboveĀ exemplaryĀ implementationsĀ ofĀ anĀ NDļ¼ŒĀ whenĀ aĀ singleĀ oneĀ ofĀ multipleĀ VNEsĀ implementedĀ byĀ anĀ NDĀ isĀ beingĀ consideredĀ (e.g.ļ¼ŒĀ onlyĀ oneĀ ofĀ theĀ VNEsĀ isĀ partĀ ofĀ aĀ givenĀ virtualĀ network)Ā orĀ whereĀ onlyĀ aĀ singleĀ VNEĀ isĀ currentlyĀ beingĀ implementedĀ byĀ anĀ NDļ¼ŒĀ theĀ shortenedĀ termĀ networkĀ elementĀ (NE)Ā isĀ sometimesĀ usedĀ toĀ referĀ toĀ thatĀ VNE.Ā AlsoĀ inĀ allĀ ofĀ theĀ aboveĀ exemplaryĀ implementationsļ¼ŒĀ eachĀ ofĀ theĀ VNEsĀ (e.g.ļ¼ŒĀ VNE(s)Ā 530A-Rļ¼ŒĀ VNEsĀ 560A-Rļ¼ŒĀ andĀ thoseĀ inĀ theĀ hybridĀ networkĀ deviceĀ 506)Ā receivesĀ dataĀ onĀ theĀ physicalĀ NIsĀ (e.g.ļ¼ŒĀ 516ļ¼ŒĀ 546)Ā andĀ forwardsĀ thatĀ dataĀ outĀ theĀ appropriateĀ onesĀ ofĀ theĀ physicalĀ NIsĀ (e.g.ļ¼ŒĀ 516ļ¼ŒĀ 546)Ā .Ā ForĀ exampleļ¼ŒĀ aĀ VNEĀ implementingĀ IPĀ routerĀ functionalityĀ forwardsĀ IPĀ packetsĀ onĀ theĀ basisĀ ofĀ someĀ ofĀ theĀ IPĀ headerĀ informationĀ inĀ theĀ IPĀ packetļ¼›Ā whereĀ IPĀ headerĀ informationĀ includesĀ sourceĀ IPĀ addressļ¼ŒĀ destinationĀ IPĀ addressļ¼ŒĀ sourceĀ portļ¼ŒĀ destinationĀ portĀ (whereĀ ā€œsourceĀ portā€Ā andĀ ā€œdestinationĀ portā€Ā  referĀ hereinĀ toĀ protocolĀ portsļ¼ŒĀ asĀ opposedĀ toĀ physicalĀ portsĀ ofĀ aĀ ND)Ā ļ¼ŒĀ transportĀ protocolĀ (e.g.ļ¼ŒĀ userĀ datagramĀ protocolĀ (UDP)Ā ļ¼ŒĀ TransmissionĀ ControlĀ ProtocolĀ (TCP)Ā ļ¼ŒĀ andĀ differentiatedĀ servicesĀ (DSCP)Ā values.
Fig.Ā 5CĀ illustratesĀ variousĀ exemplaryĀ waysĀ inĀ whichĀ VNEsĀ mayĀ beĀ coupledĀ accordingĀ toĀ someĀ embodiments.Ā Fig.Ā 5CĀ showsĀ VNEsĀ 570A.Ā 1-570A.Ā PĀ (andĀ optionallyĀ VNEsĀ 570A.Ā Q-570A.Ā R)Ā implementedĀ inĀ NDĀ 500AĀ andĀ VNEĀ 570H.Ā 1Ā inĀ NDĀ 500H.Ā InĀ Fig.Ā 5Cļ¼ŒĀ VNEsĀ 570A.Ā 1-PĀ areĀ separateĀ fromĀ eachĀ otherĀ inĀ theĀ senseĀ thatĀ theyĀ canĀ receiveĀ packetsĀ fromĀ outsideĀ NDĀ 500AĀ andĀ forwardĀ packetsĀ outsideĀ ofĀ NDĀ 500Aļ¼›Ā VNEĀ 570A.Ā 1Ā isĀ coupledĀ withĀ VNEĀ 570H.Ā 1ļ¼ŒĀ andĀ thusĀ theyĀ communicateĀ packetsĀ betweenĀ theirĀ respectiveĀ NDsļ¼›Ā VNEĀ 570A.Ā 2-570A.Ā 3Ā mayĀ optionallyĀ forwardĀ packetsĀ betweenĀ themselvesĀ withoutĀ forwardingĀ themĀ outsideĀ ofĀ theĀ NDĀ 500Aļ¼›Ā andĀ VNEĀ 570A.Ā PĀ mayĀ optionallyĀ beĀ theĀ firstĀ inĀ aĀ chainĀ ofĀ VNEsĀ thatĀ includesĀ VNEĀ 570A.Ā QĀ followedĀ byĀ VNEĀ 570A.Ā RĀ (thisĀ isĀ sometimesĀ referredĀ toĀ asĀ dynamicĀ serviceĀ chainingļ¼ŒĀ whereĀ eachĀ ofĀ theĀ VNEsĀ inĀ theĀ seriesĀ ofĀ VNEsĀ providesĀ aĀ differentĀ service-e.g.ļ¼ŒĀ oneĀ orĀ moreĀ layerĀ 4-7Ā networkĀ services)Ā .Ā WhileĀ Fig.Ā 5CĀ illustratesĀ variousĀ exemplaryĀ relationshipsĀ betweenĀ theĀ VNEsļ¼ŒĀ alternativeĀ embodimentsĀ mayĀ supportĀ otherĀ relationshipsĀ (e.g.ļ¼ŒĀ more/fewerĀ VNEsļ¼ŒĀ more/fewerĀ dynamicĀ serviceĀ chainsļ¼ŒĀ multipleĀ differentĀ dynamicĀ serviceĀ chainsĀ withĀ someĀ commonĀ VNEsĀ andĀ someĀ differentĀ VNEs)Ā .
TheĀ NDsĀ ofĀ Fig.Ā 5Aļ¼ŒĀ forĀ exampleļ¼ŒĀ mayĀ formĀ partĀ ofĀ theĀ InternetĀ orĀ aĀ privateĀ networkļ¼›Ā andĀ otherĀ electronicĀ devicesĀ (notĀ shownļ¼›Ā suchĀ asĀ endĀ userĀ devicesĀ includingĀ workstationsļ¼ŒĀ laptopsļ¼ŒĀ netbooksļ¼ŒĀ tabletsļ¼ŒĀ palmĀ topsļ¼ŒĀ mobileĀ phonesļ¼ŒĀ smartphonesļ¼ŒĀ phabletsļ¼ŒĀ multimediaĀ phonesļ¼ŒĀ VoiceĀ OverĀ InternetĀ ProtocolĀ (VOIP)Ā phonesļ¼ŒĀ terminalsļ¼ŒĀ portableĀ mediaĀ playersļ¼ŒĀ GPSĀ unitsļ¼ŒĀ wearableĀ devicesļ¼ŒĀ gamingĀ systemsļ¼ŒĀ set-topĀ boxesļ¼ŒĀ InternetĀ enabledĀ householdĀ appliances)Ā mayĀ beĀ coupledĀ toĀ theĀ networkĀ (directlyĀ orĀ throughĀ otherĀ networksĀ suchĀ asĀ accessĀ networks)Ā toĀ communicateĀ overĀ theĀ networkĀ (e.g.ļ¼ŒĀ theĀ InternetĀ orĀ virtualĀ privateĀ networksĀ (VPNs)Ā overlaidĀ onĀ (e.g.ļ¼ŒĀ tunneledĀ through)Ā theĀ Internet)Ā withĀ eachĀ otherĀ (directlyĀ orĀ throughĀ servers)Ā and/orĀ accessĀ contentĀ and/orĀ services.Ā SuchĀ contentĀ and/orĀ servicesĀ areĀ  typicallyĀ providedĀ byĀ oneĀ orĀ moreĀ serversĀ (notĀ shown)Ā belongingĀ toĀ aĀ service/contentĀ providerĀ orĀ oneĀ orĀ moreĀ endĀ userĀ devicesĀ (notĀ shown)Ā participatingĀ inĀ aĀ peer-to-peerĀ (P2P)Ā serviceļ¼ŒĀ andĀ mayĀ includeļ¼ŒĀ forĀ exampleļ¼ŒĀ publicĀ webpagesĀ (e.g.ļ¼ŒĀ freeĀ contentļ¼ŒĀ storeĀ frontsļ¼ŒĀ searchĀ services)Ā ļ¼ŒĀ privateĀ webpagesĀ (e.g.ļ¼ŒĀ username/passwordĀ accessedĀ webpagesĀ providingĀ emailĀ services)Ā ļ¼ŒĀ and/orĀ corporateĀ networksĀ overĀ VPNs.Ā ForĀ instanceļ¼ŒĀ endĀ userĀ devicesĀ mayĀ beĀ coupledĀ (e.g.ļ¼ŒĀ throughĀ customerĀ premiseĀ equipmentĀ coupledĀ toĀ anĀ accessĀ networkĀ (wiredĀ orĀ wirelessly)Ā )Ā toĀ edgeĀ NDsļ¼ŒĀ whichĀ areĀ coupledĀ (e.g.ļ¼ŒĀ throughĀ oneĀ orĀ moreĀ coreĀ NDs)Ā toĀ otherĀ edgeĀ NDsļ¼ŒĀ whichĀ areĀ coupledĀ toĀ electronicĀ devicesĀ actingĀ asĀ servers.Ā Howeverļ¼ŒĀ throughĀ computeĀ andĀ storageĀ virtualizationļ¼ŒĀ oneĀ orĀ moreĀ ofĀ theĀ electronicĀ devicesĀ operatingĀ asĀ theĀ NDsĀ inĀ Fig.Ā 5AĀ mayĀ alsoĀ hostĀ oneĀ orĀ moreĀ suchĀ serversĀ (e.g.ļ¼ŒĀ inĀ theĀ caseĀ ofĀ theĀ generalĀ purposeĀ networkĀ deviceĀ 504ļ¼ŒĀ oneĀ orĀ moreĀ ofĀ theĀ softwareĀ containersĀ 562A-RĀ mayĀ operateĀ asĀ serversļ¼›Ā theĀ sameĀ wouldĀ beĀ trueĀ forĀ theĀ hybridĀ networkĀ deviceĀ 506ļ¼›Ā inĀ theĀ caseĀ ofĀ theĀ special-purposeĀ networkĀ deviceĀ 502ļ¼ŒĀ oneĀ orĀ moreĀ suchĀ serversĀ couldĀ alsoĀ beĀ runĀ onĀ aĀ virtualizationĀ layerĀ executedĀ byĀ theĀ computeĀ resourceĀ (s)Ā 512)Ā ļ¼›Ā inĀ whichĀ caseĀ theĀ serversĀ areĀ saidĀ toĀ beĀ co-locatedĀ withĀ theĀ VNEsĀ ofĀ thatĀ ND.
AĀ virtualĀ networkĀ isĀ aĀ logicalĀ abstractionĀ ofĀ aĀ physicalĀ networkĀ (suchĀ asĀ thatĀ inĀ Fig.Ā 5A)Ā thatĀ providesĀ networkĀ servicesĀ (e.g.ļ¼ŒĀ L2Ā and/orĀ L3Ā services)Ā .Ā AĀ virtualĀ networkĀ canĀ beĀ implementedĀ asĀ anĀ overlayĀ networkĀ (sometimesĀ referredĀ toĀ asĀ aĀ networkĀ virtualizationĀ overlay)Ā thatĀ providesĀ networkĀ servicesĀ (e.g.ļ¼ŒĀ layerĀ 2Ā (L2ļ¼ŒĀ dataĀ linkĀ layer)Ā and/orĀ layerĀ 3Ā (L3ļ¼ŒĀ networkĀ layer)Ā services)Ā overĀ anĀ underlayĀ networkĀ (e.g.ļ¼ŒĀ anĀ L3Ā networkļ¼ŒĀ suchĀ asĀ anĀ InternetĀ ProtocolĀ (IP)Ā networkĀ thatĀ usesĀ tunnelsĀ (e.g.ļ¼ŒĀ genericĀ routingĀ encapsulationĀ (GRE)Ā ļ¼ŒĀ layerĀ 2Ā tunnelingĀ protocolĀ (L2TP)Ā ļ¼ŒĀ IPSec)Ā toĀ createĀ theĀ overlayĀ network)Ā .
AĀ networkĀ virtualizationĀ edgeĀ (NVE)Ā sitsĀ atĀ theĀ edgeĀ ofĀ theĀ underlayĀ networkĀ andĀ participatesĀ inĀ implementingĀ theĀ networkĀ virtualizationļ¼›Ā theĀ network-facingĀ sideĀ ofĀ theĀ NVEĀ usesĀ theĀ underlayĀ networkĀ toĀ tunnelĀ framesĀ toĀ andĀ fromĀ otherĀ NVEsļ¼›Ā theĀ outward-facingĀ sideĀ ofĀ theĀ NVEĀ sendsĀ  andĀ receivesĀ dataĀ toĀ andĀ fromĀ systemsĀ outsideĀ theĀ network.Ā AĀ virtualĀ networkĀ instanceĀ (VNI)Ā isĀ aĀ specificĀ instanceĀ ofĀ aĀ virtualĀ networkĀ onĀ aĀ NVEĀ (e.g.ļ¼ŒĀ aĀ NE/VNEĀ onĀ anĀ NDļ¼ŒĀ aĀ partĀ ofĀ aĀ NE/VNEĀ onĀ aĀ NDĀ whereĀ thatĀ NE/VNEĀ isĀ dividedĀ intoĀ multipleĀ VNEsĀ throughĀ emulation)Ā ļ¼›Ā oneĀ orĀ moreĀ VNIsĀ canĀ beĀ instantiatedĀ onĀ anĀ NVEĀ (e.g.ļ¼ŒĀ asĀ differentĀ VNEsĀ onĀ anĀ ND)Ā .Ā AĀ virtualĀ accessĀ pointĀ (VAP)Ā isĀ aĀ logicalĀ connectionĀ pointĀ onĀ theĀ NVEĀ forĀ connectingĀ externalĀ systemsĀ toĀ aĀ virtualĀ networkļ¼›Ā aĀ VAPĀ canĀ beĀ physicalĀ orĀ virtualĀ portsĀ identifiedĀ throughĀ logicalĀ interfaceĀ identifiersĀ (e.g.ļ¼ŒĀ aĀ VLANĀ ID).
ExamplesĀ ofĀ networkĀ servicesĀ includeļ¼šĀ 1)Ā anĀ EthernetĀ LANĀ emulationĀ serviceĀ (anĀ Ethernet-basedĀ multipointĀ serviceĀ similarĀ toĀ anĀ InternetĀ EngineeringĀ TaskĀ ForceĀ (IETF)Ā MultiprotocolĀ LabelĀ SwitchingĀ (MPLS)Ā orĀ EthernetĀ VPNĀ (EVPN)Ā service)Ā inĀ whichĀ externalĀ systemsĀ areĀ interconnectedĀ acrossĀ theĀ networkĀ byĀ aĀ LANĀ environmentĀ overĀ theĀ underlayĀ networkĀ (e.g.ļ¼ŒĀ anĀ NVEĀ providesĀ separateĀ L2Ā VNIsĀ (virtualĀ switchingĀ instances)Ā forĀ differentĀ suchĀ virtualĀ networksļ¼ŒĀ andĀ L3Ā (e.g.ļ¼ŒĀ IP/MPLS)Ā tunnelingĀ encapsulationĀ acrossĀ theĀ underlayĀ network)Ā ļ¼›Ā andĀ 2)Ā aĀ virtualizedĀ IPĀ forwardingĀ serviceĀ (similarĀ toĀ IETFĀ IPĀ VPNĀ (e.g.ļ¼ŒĀ BorderĀ GatewayĀ ProtocolĀ (BGP)Ā /MPLSĀ IPVPN)Ā fromĀ aĀ serviceĀ definitionĀ perspective)Ā inĀ whichĀ externalĀ systemsĀ areĀ interconnectedĀ acrossĀ theĀ networkĀ byĀ anĀ L3Ā environmentĀ overĀ theĀ underlayĀ networkĀ (e.g.ļ¼ŒĀ anĀ NVEĀ providesĀ separateĀ L3Ā VNIsĀ (forwardingĀ andĀ routingĀ instances)Ā forĀ differentĀ suchĀ virtualĀ networksļ¼ŒĀ andĀ L3Ā (e.g.ļ¼ŒĀ IP/MPLS)Ā tunnelingĀ encapsulationĀ acrossĀ theĀ underlayĀ network)Ā )Ā .Ā NetworkĀ servicesĀ mayĀ alsoĀ includeĀ qualityĀ ofĀ serviceĀ capabilitiesĀ (e.g.ļ¼ŒĀ trafficĀ classificationĀ markingļ¼ŒĀ trafficĀ conditioningĀ andĀ scheduling)Ā ļ¼ŒĀ securityĀ capabilitiesĀ (e.g.ļ¼ŒĀ filtersĀ toĀ protectĀ customerĀ premisesĀ fromĀ network-originatedĀ attacksļ¼ŒĀ toĀ avoidĀ malformedĀ routeĀ announcements)Ā ļ¼ŒĀ andĀ managementĀ capabilitiesĀ (e.g.ļ¼ŒĀ fullĀ detectionĀ andĀ processing)Ā .
Fig.Ā 5DĀ illustratesĀ aĀ networkĀ withĀ aĀ singleĀ networkĀ elementĀ onĀ eachĀ ofĀ theĀ NDsĀ ofĀ Fig.Ā 5Aļ¼ŒĀ andĀ withinĀ thisĀ straightĀ forwardĀ approachĀ contrastsĀ aĀ traditionalĀ distributedĀ approachĀ (commonlyĀ usedĀ byĀ traditionalĀ routers)Ā  withĀ aĀ centralizedĀ approachĀ forĀ maintainingĀ reachabilityĀ andĀ forwardingĀ informationĀ (alsoĀ calledĀ networkĀ control)Ā ļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā Specificallyļ¼ŒĀ Fig.Ā 5DĀ illustratesĀ networkĀ elementsĀ (NEs)Ā 570A-HĀ withĀ theĀ sameĀ connectivityĀ asĀ theĀ NDsĀ 500A-HĀ ofĀ Fig.Ā 5A.
Fig.Ā 5DĀ illustratesĀ thatĀ theĀ distributedĀ approachĀ 572Ā distributesĀ responsibilityĀ forĀ generatingĀ theĀ reachabilityĀ andĀ forwardingĀ informationĀ acrossĀ theĀ NEsĀ 570A-Hļ¼›Ā inĀ otherĀ wordsļ¼ŒĀ theĀ processĀ ofĀ neighborĀ discoveryĀ andĀ topologyĀ discoveryĀ isĀ distributed.
ForĀ exampleļ¼ŒĀ whereĀ theĀ special-purposeĀ networkĀ deviceĀ 502Ā isĀ usedļ¼ŒĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-RĀ ofĀ theĀ NDĀ controlĀ planeĀ 524Ā typicallyĀ includeĀ aĀ reachabilityĀ andĀ forwardingĀ informationĀ moduleĀ toĀ implementĀ oneĀ orĀ moreĀ routingĀ protocolsĀ (e.g.ļ¼ŒĀ anĀ exteriorĀ gatewayĀ protocolĀ suchĀ asĀ BorderĀ GatewayĀ ProtocolĀ (BGP)Ā ļ¼ŒĀ InteriorĀ GatewayĀ ProtocolĀ (s)Ā (IGP)Ā (e.g.ļ¼ŒĀ OpenĀ ShortestĀ PathĀ FirstĀ (OSPF)Ā ļ¼ŒĀ IntermediateĀ SystemĀ toĀ IntermediateĀ SystemĀ (IS-IS)Ā ļ¼ŒĀ RoutingĀ InformationĀ ProtocolĀ (RIP)Ā )Ā ļ¼ŒĀ LabelĀ DistributionĀ ProtocolĀ (LDP)Ā ļ¼ŒĀ ResourceĀ ReservationĀ ProtocolĀ (RSVP)Ā ļ¼ŒĀ asĀ wellĀ asĀ RSVP-TrafficĀ EngineeringĀ (TE)Ā ļ¼šĀ ExtensionsĀ toĀ RSVPĀ forĀ LSPĀ Tunnelsļ¼ŒĀ GeneralizedĀ Multi-ProtocolĀ LabelĀ SwitchingĀ (GMPLS)Ā SignalingĀ RSVP-TEĀ thatĀ communicateĀ withĀ otherĀ NEsĀ toĀ exchangeĀ routesļ¼ŒĀ andĀ thenĀ selectsĀ thoseĀ routesĀ basedĀ onĀ oneĀ orĀ moreĀ routingĀ metrics.Ā Thusļ¼ŒĀ theĀ NEsĀ 570A-HĀ (e.g.ļ¼ŒĀ theĀ computeĀ resourceĀ (s)Ā 512Ā executingĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-R)Ā performĀ theirĀ responsibilityĀ forĀ participatingĀ inĀ controllingĀ howĀ dataĀ (e.g.ļ¼ŒĀ packets)Ā isĀ toĀ beĀ routedĀ (e.g.ļ¼ŒĀ theĀ nextĀ hopĀ forĀ theĀ dataĀ andĀ theĀ outgoingĀ physicalĀ NIĀ forĀ thatĀ data)Ā byĀ distributivelyĀ determiningĀ theĀ reachabilityĀ withinĀ theĀ networkĀ andĀ calculatingĀ theirĀ respectiveĀ forwardingĀ information.Ā RoutesĀ andĀ adjacenciesĀ areĀ storedĀ inĀ oneĀ orĀ moreĀ routingĀ structuresĀ (e.g.ļ¼ŒĀ RoutingĀ InformationĀ BaseĀ (RIB)Ā ļ¼ŒĀ LabelĀ InformationĀ BaseĀ (LIB)Ā ļ¼ŒĀ oneĀ orĀ moreĀ adjacencyĀ structures)Ā onĀ theĀ NDĀ controlĀ planeĀ 524.Ā TheĀ NDĀ controlĀ planeĀ 524Ā programsĀ theĀ NDĀ forwardingĀ planeĀ 526Ā withĀ informationĀ (e.g.ļ¼ŒĀ adjacencyĀ andĀ routeĀ information)Ā basedĀ onĀ theĀ routingĀ structureĀ (s)Ā .Ā ForĀ exampleļ¼ŒĀ theĀ NDĀ controlĀ planeĀ 524Ā programsĀ theĀ adjacencyĀ andĀ routeĀ  informationĀ intoĀ oneĀ orĀ moreĀ forwardingĀ tableĀ (s)Ā 534A-RĀ (e.g.ļ¼ŒĀ ForwardingĀ InformationĀ BaseĀ (FIB)Ā ļ¼ŒĀ LabelĀ ForwardingĀ InformationĀ BaseĀ (LFIB)Ā ļ¼ŒĀ andĀ oneĀ orĀ moreĀ adjacencyĀ structures)Ā onĀ theĀ NDĀ forwardingĀ planeĀ 526.Ā ForĀ layerĀ 2Ā forwardingļ¼ŒĀ theĀ NDĀ canĀ storeĀ oneĀ orĀ moreĀ bridgingĀ tablesĀ thatĀ areĀ usedĀ toĀ forwardĀ dataĀ basedĀ onĀ theĀ layerĀ 2Ā informationĀ inĀ thatĀ data.Ā WhileĀ theĀ aboveĀ exampleĀ usesĀ theĀ special-purposeĀ networkĀ deviceĀ 502ļ¼ŒĀ theĀ sameĀ distributedĀ approachĀ 572Ā canĀ beĀ implementedĀ onĀ theĀ generalĀ purposeĀ networkĀ deviceĀ 504Ā andĀ theĀ hybridĀ networkĀ deviceĀ 506.
Fig.Ā 5DĀ illustratesĀ thatĀ aĀ centralizedĀ approachĀ 574Ā (alsoĀ knownĀ asĀ SoftwareĀ DefinedĀ NetworkingĀ (SDN)Ā )Ā thatĀ decouplesĀ theĀ systemĀ thatĀ makesĀ decisionsĀ aboutĀ whereĀ trafficĀ isĀ sentĀ fromĀ theĀ underlyingĀ systemsĀ thatĀ forwardsĀ trafficĀ toĀ theĀ selectedĀ destination.Ā TheĀ illustratedĀ centralizedĀ approachĀ 574Ā hasĀ theĀ responsibilityĀ forĀ theĀ generationĀ ofĀ reachabilityĀ andĀ forwardingĀ informationĀ inĀ aĀ centralizedĀ controlĀ planeĀ 576Ā (sometimesĀ referredĀ toĀ asĀ aĀ SDNĀ controlĀ moduleļ¼ŒĀ controllerļ¼ŒĀ networkĀ controllerļ¼ŒĀ OpenFlowĀ controllerļ¼ŒĀ SDNĀ controllerļ¼ŒĀ controlĀ planeĀ nodeļ¼ŒĀ networkĀ virtualizationĀ authorityļ¼ŒĀ orĀ managementĀ controlĀ entity)Ā ļ¼ŒĀ andĀ thusĀ theĀ processĀ ofĀ neighborĀ discoveryĀ andĀ topologyĀ discoveryĀ isĀ centralized.Ā TheĀ centralizedĀ controlĀ planeĀ 576Ā hasĀ aĀ southĀ boundĀ interfaceĀ 582Ā withĀ aĀ dataĀ planeĀ 580Ā (sometimeĀ referredĀ toĀ theĀ infrastructureĀ layerļ¼ŒĀ networkĀ forwardingĀ planeļ¼ŒĀ orĀ forwardingĀ planeĀ (whichĀ shouldĀ notĀ beĀ confusedĀ withĀ aĀ NDĀ forwardingĀ plane)Ā )Ā thatĀ includesĀ theĀ NEsĀ 570A-HĀ (sometimesĀ referredĀ toĀ asĀ switchesļ¼ŒĀ forwardingĀ elementsļ¼ŒĀ dataĀ planeĀ elementsļ¼ŒĀ orĀ nodes)Ā .Ā TheĀ centralizedĀ controlĀ planeĀ 576Ā includesĀ aĀ networkĀ controllerĀ 578ļ¼ŒĀ whichĀ includesĀ aĀ centralizedĀ reachabilityĀ andĀ forwardingĀ informationĀ moduleĀ 579Ā thatĀ determinesĀ theĀ reachabilityĀ withinĀ theĀ networkĀ andĀ distributesĀ theĀ forwardingĀ informationĀ toĀ theĀ NEsĀ 570A-HĀ ofĀ theĀ dataĀ planeĀ 580Ā overĀ theĀ southĀ boundĀ interfaceĀ 582Ā (whichĀ mayĀ useĀ theĀ OpenFlowĀ protocol)Ā .Ā Thusļ¼ŒĀ theĀ networkĀ intelligenceĀ isĀ centralizedĀ inĀ theĀ centralizedĀ controlĀ planeĀ 576Ā executingĀ onĀ electronicĀ devicesĀ thatĀ areĀ typicallyĀ separateĀ fromĀ theĀ NDs.Ā InĀ oneĀ embodimentļ¼ŒĀ theĀ networkĀ controllerĀ 578Ā mayĀ includeĀ aĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ 581Ā  thatĀ whenĀ executedĀ byĀ theĀ networkĀ controllerĀ 578ļ¼ŒĀ causesĀ theĀ networkĀ controllerĀ 578Ā toĀ performĀ operationsĀ ofĀ oneĀ orĀ moreĀ embodimentsĀ describedĀ hereinĀ above.
ForĀ exampleļ¼ŒĀ whereĀ theĀ special-purposeĀ networkĀ deviceĀ 502Ā isĀ usedĀ inĀ theĀ dataĀ planeĀ 580ļ¼ŒĀ eachĀ ofĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-RĀ ofĀ theĀ NDĀ controlĀ planeĀ 524Ā typicallyĀ includeĀ aĀ controlĀ agentĀ thatĀ providesĀ theĀ VNEĀ sideĀ ofĀ theĀ southĀ boundĀ interfaceĀ 582.Ā InĀ thisĀ caseļ¼ŒĀ theĀ NDĀ controlĀ planeĀ 524Ā (theĀ computeĀ resourceĀ (s)Ā 512Ā executingĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-R)Ā performsĀ itsĀ responsibilityĀ forĀ participatingĀ inĀ controllingĀ howĀ dataĀ (e.g.ļ¼ŒĀ packets)Ā isĀ toĀ beĀ routedĀ (e.g.ļ¼ŒĀ theĀ nextĀ hopĀ forĀ theĀ dataĀ andĀ theĀ outgoingĀ physicalĀ NIĀ forĀ thatĀ data)Ā throughĀ theĀ controlĀ agentĀ communicatingĀ withĀ theĀ centralizedĀ controlĀ planeĀ 576Ā toĀ receiveĀ theĀ forwardingĀ informationĀ (andĀ inĀ someĀ casesļ¼ŒĀ theĀ reachabilityĀ information)Ā fromĀ theĀ centralizedĀ reachabilityĀ andĀ forwardingĀ informationĀ moduleĀ 579Ā (itĀ shouldĀ beĀ understoodĀ thatĀ inĀ someĀ embodimentsļ¼ŒĀ theĀ controlĀ communicationĀ andĀ configurationĀ moduleĀ (s)Ā 532A-Rļ¼ŒĀ inĀ additionĀ toĀ communicatingĀ withĀ theĀ centralizedĀ controlĀ planeĀ 576ļ¼ŒĀ mayĀ alsoĀ playĀ someĀ roleĀ inĀ determiningĀ reachabilityĀ and/orĀ calculatingĀ forwardingĀ information-albeitĀ lessĀ soĀ thanĀ inĀ theĀ caseĀ ofĀ aĀ distributedĀ approachļ¼›Ā suchĀ embodimentsĀ areĀ generallyĀ consideredĀ toĀ fallĀ underĀ theĀ centralizedĀ approachĀ 574ļ¼ŒĀ butĀ mayĀ alsoĀ beĀ consideredĀ aĀ hybridĀ approach)Ā .
WhileĀ theĀ aboveĀ exampleĀ usesĀ theĀ special-purposeĀ networkĀ deviceĀ 502ļ¼ŒĀ theĀ sameĀ centralizedĀ approachĀ 574Ā canĀ beĀ implementedĀ withĀ theĀ generalĀ purposeĀ networkĀ deviceĀ 504Ā (e.g.ļ¼ŒĀ eachĀ ofĀ theĀ VNEĀ 560A-RĀ performsĀ itsĀ responsibilityĀ forĀ controllingĀ howĀ dataĀ (e.g.ļ¼ŒĀ packets)Ā isĀ toĀ beĀ routedĀ (e.g.ļ¼ŒĀ theĀ nextĀ hopĀ forĀ theĀ dataĀ andĀ theĀ outgoingĀ physicalĀ NIĀ forĀ thatĀ data)Ā byĀ communicatingĀ withĀ theĀ centralizedĀ controlĀ planeĀ 576Ā toĀ receiveĀ theĀ forwardingĀ informationĀ (andĀ inĀ someĀ casesļ¼ŒĀ theĀ reachabilityĀ information)Ā fromĀ theĀ centralizedĀ reachabilityĀ andĀ forwardingĀ informationĀ moduleĀ 579ļ¼›Ā itĀ shouldĀ beĀ understoodĀ thatĀ inĀ someĀ embodimentsļ¼ŒĀ theĀ VNEsĀ 560A-Rļ¼ŒĀ inĀ additionĀ toĀ communicatingĀ withĀ theĀ centralizedĀ controlĀ planeĀ  576ļ¼ŒĀ mayĀ alsoĀ playĀ someĀ roleĀ inĀ determiningĀ reachabilityĀ and/orĀ calculatingĀ forwardingĀ information-albeitĀ lessĀ soĀ thanĀ inĀ theĀ caseĀ ofĀ aĀ distributedĀ approach)Ā andĀ theĀ hybridĀ networkĀ deviceĀ 506.Ā InĀ factļ¼ŒĀ theĀ useĀ ofĀ SDNĀ techniquesĀ canĀ enhanceĀ theĀ NFVĀ techniquesĀ typicallyĀ usedĀ inĀ theĀ generalĀ purposeĀ networkĀ deviceĀ 504Ā orĀ hybridĀ networkĀ deviceĀ 506Ā implementationsĀ asĀ NFVĀ isĀ ableĀ toĀ supportĀ SDNĀ byĀ providingĀ anĀ infrastructureĀ uponĀ whichĀ theĀ SDNĀ softwareĀ canĀ beĀ runļ¼ŒĀ andĀ NFVĀ andĀ SDNĀ bothĀ aimĀ toĀ makeĀ useĀ ofĀ commodityĀ serverĀ hardwareĀ andĀ physicalĀ switches.
Fig.Ā 5DĀ alsoĀ showsĀ thatĀ theĀ centralizedĀ controlĀ planeĀ 576Ā hasĀ aĀ northĀ boundĀ interfaceĀ 584Ā toĀ anĀ applicationĀ layerĀ 586ļ¼ŒĀ inĀ whichĀ residesĀ applicationĀ (s)Ā 588.Ā TheĀ centralizedĀ controlĀ planeĀ 576Ā hasĀ theĀ abilityĀ toĀ formĀ virtualĀ networksĀ 592Ā (sometimesĀ referredĀ toĀ asĀ aĀ logicalĀ forwardingĀ planeļ¼ŒĀ networkĀ servicesļ¼ŒĀ orĀ overlayĀ networksĀ (withĀ theĀ NEsĀ 570A-HĀ ofĀ theĀ dataĀ planeĀ 580Ā beingĀ theĀ underlayĀ network)Ā )Ā forĀ theĀ applicationĀ (s)Ā 588.Ā Thusļ¼ŒĀ theĀ centralizedĀ controlĀ planeĀ 576Ā maintainsĀ aĀ globalĀ viewĀ ofĀ allĀ NDsĀ andĀ configuredĀ NEs/VNEsļ¼ŒĀ andĀ itĀ mapsĀ theĀ virtualĀ networksĀ toĀ theĀ underlyingĀ NDsĀ efficientlyĀ (includingĀ maintainingĀ theseĀ mappingsĀ asĀ theĀ physicalĀ networkĀ changesĀ eitherĀ throughĀ hardwareĀ (NDļ¼ŒĀ linkļ¼ŒĀ orĀ NDĀ component)Ā failureļ¼ŒĀ additionļ¼ŒĀ orĀ removal)Ā .
WhileĀ Fig.Ā 5DĀ showsĀ theĀ distributedĀ approachĀ 572Ā separateĀ fromĀ theĀ centralizedĀ approachĀ 574ļ¼ŒĀ theĀ effortĀ ofĀ networkĀ controlĀ mayĀ beĀ distributedĀ differentlyĀ orĀ theĀ twoĀ combinedĀ inĀ certainĀ embodimentsĀ ofĀ theĀ invention.Ā ForĀ exampleļ¼šĀ 1)Ā embodimentsĀ mayĀ generallyĀ useĀ theĀ centralizedĀ approachĀ (SDN)Ā 574ļ¼ŒĀ butĀ haveĀ certainĀ functionsĀ delegatedĀ toĀ theĀ NEsĀ (e.g.ļ¼ŒĀ theĀ distributedĀ approachĀ mayĀ beĀ usedĀ toĀ implementĀ oneĀ orĀ moreĀ ofĀ faultĀ monitoringļ¼ŒĀ performanceĀ monitoringļ¼ŒĀ protectionĀ switchingļ¼ŒĀ andĀ primitivesĀ forĀ neighborĀ and/orĀ topologyĀ discovery)Ā ļ¼›Ā orĀ 2)Ā embodimentsĀ ofĀ theĀ inventionĀ mayĀ performĀ neighborĀ discoveryĀ andĀ topologyĀ discoveryĀ viaĀ bothĀ theĀ centralizedĀ controlĀ planeĀ andĀ theĀ distributedĀ protocolsļ¼ŒĀ andĀ theĀ resultsĀ comparedĀ toĀ raiseĀ exceptionsĀ whereĀ theyĀ doĀ notĀ agree.Ā SuchĀ  embodimentsĀ areĀ generallyĀ consideredĀ toĀ fallĀ underĀ theĀ centralizedĀ approachĀ 574ļ¼ŒĀ butĀ mayĀ alsoĀ beĀ consideredĀ aĀ hybridĀ approach.
WhileĀ Fig.Ā 5DĀ illustratesĀ theĀ simpleĀ caseĀ whereĀ eachĀ ofĀ theĀ NDsĀ 500A-HĀ implementsĀ aĀ singleĀ NEĀ 570A-Hļ¼ŒĀ itĀ shouldĀ beĀ understoodĀ thatĀ theĀ networkĀ controlĀ approachesĀ describedĀ withĀ referenceĀ toĀ Fig.Ā 5DĀ alsoĀ workĀ forĀ networksĀ whereĀ oneĀ orĀ moreĀ ofĀ theĀ NDsĀ 500A-HĀ implementĀ multipleĀ VNEsĀ (e.g.ļ¼ŒĀ VNEsĀ 530A-Rļ¼ŒĀ VNEsĀ 560A-Rļ¼ŒĀ thoseĀ inĀ theĀ hybridĀ networkĀ deviceĀ 506)Ā .Ā AlternativelyĀ orĀ inĀ additionļ¼ŒĀ theĀ networkĀ controllerĀ 578Ā mayĀ alsoĀ emulateĀ theĀ implementationĀ ofĀ multipleĀ VNEsĀ inĀ aĀ singleĀ ND.Ā Specificallyļ¼ŒĀ insteadĀ ofĀ (orĀ inĀ additionĀ to)Ā implementingĀ multipleĀ VNEsĀ inĀ aĀ singleĀ NDļ¼ŒĀ theĀ networkĀ controllerĀ 578Ā mayĀ presentĀ theĀ implementationĀ ofĀ aĀ VNE/NEĀ inĀ aĀ singleĀ NDĀ asĀ multipleĀ VNEsĀ inĀ theĀ virtualĀ networksĀ 592Ā (allĀ inĀ theĀ sameĀ oneĀ ofĀ theĀ virtualĀ networkĀ (s)Ā 592ļ¼ŒĀ eachĀ inĀ differentĀ onesĀ ofĀ theĀ virtualĀ networkĀ (s)Ā 592ļ¼ŒĀ orĀ someĀ combination)Ā .Ā ForĀ exampleļ¼ŒĀ theĀ networkĀ controllerĀ 578Ā mayĀ causeĀ anĀ NDĀ toĀ implementĀ aĀ singleĀ VNEĀ (aĀ NE)Ā inĀ theĀ underlayĀ networkļ¼ŒĀ andĀ thenĀ logicallyĀ divideĀ upĀ theĀ resourcesĀ ofĀ thatĀ NEĀ withinĀ theĀ centralizedĀ controlĀ planeĀ 576Ā toĀ presentĀ differentĀ VNEsĀ inĀ theĀ virtualĀ networkĀ (s)Ā 592Ā (whereĀ theseĀ differentĀ VNEsĀ inĀ theĀ overlayĀ networksĀ areĀ sharingĀ theĀ resourcesĀ ofĀ theĀ singleĀ VNE/NEĀ implementationĀ onĀ theĀ NDĀ inĀ theĀ underlayĀ network)Ā .
OnĀ theĀ otherĀ handļ¼ŒĀ Figs.Ā 5EĀ andĀ 5FĀ respectivelyĀ illustrateĀ exemplaryĀ abstractionsĀ ofĀ NEsĀ andĀ VNEsĀ thatĀ theĀ networkĀ controllerĀ 578Ā mayĀ presentĀ asĀ partĀ ofĀ differentĀ onesĀ ofĀ theĀ virtualĀ networksĀ 592.Ā Fig.Ā 5EĀ illustratesĀ theĀ simpleĀ caseĀ ofĀ whereĀ eachĀ ofĀ theĀ NDsĀ 500A-HĀ implementsĀ aĀ singleĀ NEĀ 570A-HĀ (seeĀ Fig.Ā 5D)Ā ļ¼ŒĀ butĀ theĀ centralizedĀ controlĀ planeĀ 576Ā hasĀ abstractedĀ multipleĀ ofĀ theĀ NEsĀ inĀ differentĀ NDsĀ (theĀ NEsĀ 570A-CĀ andĀ G-H)Ā intoĀ (toĀ represent)Ā aĀ singleĀ NEĀ 570IĀ inĀ oneĀ ofĀ theĀ virtualĀ networkĀ (s)Ā 592Ā ofĀ Fig.Ā 5Dļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā Fig.Ā 5EĀ showsĀ thatĀ inĀ thisĀ virtualĀ networkļ¼ŒĀ theĀ NEĀ 570IĀ isĀ coupledĀ toĀ  NE Ā 570DĀ andĀ 570Fļ¼ŒĀ whichĀ areĀ bothĀ stillĀ coupledĀ toĀ NEĀ 570E.
Fig.Ā 5FĀ illustratesĀ aĀ caseĀ whereĀ multipleĀ VNEsĀ (VNEĀ 570A.Ā 1Ā andĀ VNEĀ 570H.Ā 1)Ā areĀ implementedĀ onĀ differentĀ NDsĀ (NDĀ 500AĀ andĀ NDĀ 500H)Ā  andĀ areĀ coupledĀ toĀ eachĀ otherļ¼ŒĀ andĀ whereĀ theĀ centralizedĀ controlĀ planeĀ 576Ā hasĀ abstractedĀ theseĀ multipleĀ VNEsĀ suchĀ thatĀ theyĀ appearĀ asĀ aĀ singleĀ VNEĀ 570TĀ withinĀ oneĀ ofĀ theĀ virtualĀ networksĀ 592Ā ofĀ Fig.Ā 5Dļ¼ŒĀ accordingĀ toĀ someĀ embodiments.Ā Thusļ¼ŒĀ theĀ abstractionĀ ofĀ aĀ NEĀ orĀ VNEĀ canĀ spanĀ multipleĀ NDs.
WhileĀ someĀ embodimentsĀ implementĀ theĀ centralizedĀ controlĀ planeĀ 576Ā asĀ aĀ singleĀ entityĀ (e.g.ļ¼ŒĀ aĀ singleĀ instanceĀ ofĀ softwareĀ runningĀ onĀ aĀ singleĀ electronicĀ device)Ā ļ¼ŒĀ alternativeĀ embodimentsĀ mayĀ spreadĀ theĀ functionalityĀ acrossĀ multipleĀ entitiesĀ forĀ redundancyĀ and/orĀ scalabilityĀ purposesĀ (e.g.ļ¼ŒĀ multipleĀ instancesĀ ofĀ softwareĀ runningĀ onĀ differentĀ electronicĀ devices)Ā .
SimilarĀ toĀ theĀ networkĀ deviceĀ implementationsļ¼ŒĀ theĀ electronicĀ deviceĀ (s)Ā runningĀ theĀ centralizedĀ controlĀ planeĀ 576ļ¼ŒĀ andĀ thusĀ theĀ networkĀ controllerĀ 578Ā includingĀ theĀ centralizedĀ reachabilityĀ andĀ forwardingĀ informationĀ moduleĀ 579ļ¼ŒĀ mayĀ beĀ implementedĀ aĀ varietyĀ ofĀ waysĀ (e.g.ļ¼ŒĀ aĀ specialĀ purposeĀ deviceļ¼ŒĀ aĀ general-purposeĀ (e.g.ļ¼ŒĀ COTS)Ā deviceļ¼ŒĀ orĀ hybridĀ device)Ā .Ā TheseĀ electronicĀ deviceĀ (s)Ā wouldĀ similarlyĀ includeĀ computeĀ resourceĀ (s)Ā ļ¼ŒĀ aĀ setĀ orĀ oneĀ orĀ moreĀ physicalĀ NICsļ¼ŒĀ andĀ aĀ non-transitoryĀ machine-readableĀ storageĀ mediumĀ havingĀ storedĀ thereonĀ theĀ centralizedĀ controlĀ planeĀ software.Ā ForĀ instanceļ¼ŒĀ Fig.Ā 6Ā illustratesļ¼ŒĀ aĀ generalĀ purposeĀ controlĀ planeĀ deviceĀ 604Ā includingĀ hardwareĀ 640Ā comprisingĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorĀ (s)Ā 642Ā (whichĀ areĀ oftenĀ COTSĀ processors)Ā andĀ networkĀ interfaceĀ controllerĀ (s)Ā 644Ā (NICsļ¼›Ā alsoĀ knownĀ asĀ networkĀ interfaceĀ cards)Ā (whichĀ includeĀ physicalĀ NIsĀ 646)Ā ļ¼ŒĀ asĀ wellĀ asĀ non-transitoryĀ machineĀ readableĀ storageĀ mediaĀ 648Ā havingĀ storedĀ thereinĀ centralizedĀ controlĀ planeĀ (CCP)Ā softwareĀ 650Ā andĀ aĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ 651.
InĀ embodimentsĀ thatĀ useĀ computeĀ virtualizationļ¼ŒĀ theĀ processorĀ (s)Ā 642Ā typicallyĀ executeĀ softwareĀ toĀ instantiateĀ aĀ virtualizationĀ layerĀ 654Ā andĀ softwareĀ containerĀ (s)Ā 662A-RĀ (e.g.ļ¼ŒĀ withĀ operatingĀ system-levelĀ virtualizationļ¼ŒĀ theĀ virtualizationĀ layerĀ 654Ā representsĀ theĀ kernelĀ ofĀ anĀ operatingĀ systemĀ (orĀ aĀ shimĀ executingĀ onĀ aĀ baseĀ operatingĀ system)Ā thatĀ allowsĀ forĀ theĀ creationĀ ofĀ multipleĀ softwareĀ containersĀ 662A-RĀ  (representingĀ separateĀ userĀ spaceĀ instancesĀ andĀ alsoĀ calledĀ virtualizationĀ enginesļ¼ŒĀ virtualĀ privateĀ serversļ¼ŒĀ orĀ jails)Ā thatĀ mayĀ eachĀ beĀ usedĀ toĀ executeĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ applicationsļ¼›Ā withĀ fullĀ virtualizationļ¼ŒĀ theĀ virtualizationĀ layerĀ 654Ā representsĀ aĀ hypervisorĀ (sometimesĀ referredĀ toĀ asĀ aĀ virtualĀ machineĀ monitorĀ (VMM)Ā )Ā orĀ aĀ hypervisorĀ executingĀ onĀ topĀ ofĀ aĀ hostĀ operatingĀ systemļ¼ŒĀ andĀ theĀ softwareĀ containersĀ 662A-RĀ eachĀ representĀ aĀ tightlyĀ isolatedĀ formĀ ofĀ softwareĀ containerĀ calledĀ aĀ virtualĀ machineĀ thatĀ isĀ runĀ byĀ theĀ hypervisorĀ andĀ mayĀ includeĀ aĀ guestĀ operatingĀ systemļ¼›Ā withĀ para-virtualizationļ¼ŒĀ anĀ operatingĀ systemĀ orĀ applicationĀ runningĀ withĀ aĀ virtualĀ machineĀ mayĀ beĀ awareĀ ofĀ theĀ presenceĀ ofĀ virtualizationĀ forĀ optimizationĀ purposes)Ā .Ā Againļ¼ŒĀ inĀ embodimentsĀ whereĀ computeĀ virtualizationĀ isĀ usedļ¼ŒĀ duringĀ operationĀ anĀ instanceĀ ofĀ theĀ CCPĀ softwareĀ 650Ā (illustratedĀ asĀ CCPĀ instanceĀ 676A)Ā isĀ executedĀ withinĀ theĀ softwareĀ containerĀ 662AĀ onĀ theĀ virtualizationĀ layerĀ 654.Ā InĀ embodimentsĀ whereĀ computeĀ virtualizationĀ isĀ notĀ usedļ¼ŒĀ theĀ CCPĀ instanceĀ 676AĀ onĀ topĀ ofĀ aĀ hostĀ operatingĀ systemĀ isĀ executedĀ onĀ theĀ ā€œbareĀ metalā€Ā generalĀ purposeĀ controlĀ planeĀ deviceĀ 604.Ā TheĀ instantiationĀ ofĀ theĀ CCPĀ instanceĀ 676Aļ¼ŒĀ asĀ wellĀ asĀ theĀ virtualizationĀ layerĀ 654Ā andĀ softwareĀ containersĀ 662A-RĀ ifĀ implementedļ¼ŒĀ areĀ collectivelyĀ referredĀ toĀ asĀ softwareĀ instanceĀ (s)Ā 652.
InĀ someĀ embodimentsļ¼ŒĀ theĀ CCPĀ instanceĀ 676AĀ includesĀ aĀ networkĀ controllerĀ instanceĀ 678.Ā TheĀ networkĀ controllerĀ instanceĀ 678Ā includesĀ aĀ centralizedĀ reachabilityĀ andĀ forwardingĀ informationĀ moduleĀ instanceĀ 679Ā (whichĀ isĀ aĀ middlewareĀ layerĀ providingĀ theĀ contextĀ ofĀ theĀ networkĀ controllerĀ 578Ā toĀ theĀ operatingĀ systemĀ andĀ communicatingĀ withĀ theĀ variousĀ NEs)Ā ļ¼ŒĀ andĀ anĀ CCPĀ applicationĀ layerĀ 680Ā (sometimesĀ referredĀ toĀ asĀ anĀ applicationĀ layer)Ā overĀ theĀ middlewareĀ layerĀ (providingĀ theĀ intelligenceĀ requiredĀ forĀ variousĀ networkĀ operationsĀ suchĀ asĀ protocolsļ¼ŒĀ networkĀ situationalĀ awarenessļ¼ŒĀ andĀ user-interfaces)Ā .Ā AtĀ aĀ moreĀ abstractĀ levelļ¼ŒĀ thisĀ CCPĀ applicationĀ layerĀ 680Ā withinĀ theĀ centralizedĀ controlĀ planeĀ 576Ā worksĀ withĀ virtualĀ networkĀ viewĀ (s)Ā (logicalĀ viewĀ (s)Ā ofĀ theĀ network)Ā andĀ theĀ middlewareĀ layerĀ providesĀ theĀ conversionĀ fromĀ theĀ virtualĀ networksĀ toĀ theĀ physicalĀ view.
TheĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ 651Ā canĀ beĀ executedĀ byĀ hardwareĀ 640Ā toĀ performĀ operationsĀ ofĀ oneĀ orĀ moreĀ embodimentsĀ ofĀ theĀ presentĀ disclosureĀ asĀ partĀ ofĀ softwareĀ instancesĀ 652Ā (e.g.ļ¼ŒĀ dataĀ storageĀ resourceĀ sharingĀ instanceĀ 681)Ā .
TheĀ centralizedĀ controlĀ planeĀ 576Ā transmitsĀ relevantĀ messagesĀ toĀ theĀ dataĀ planeĀ 580Ā basedĀ onĀ CCPĀ applicationĀ layerĀ 680Ā calculationsĀ andĀ middlewareĀ layerĀ mappingĀ forĀ eachĀ flow.Ā AĀ flowĀ mayĀ beĀ definedĀ asĀ aĀ setĀ ofĀ packetsĀ whoseĀ headersĀ matchĀ aĀ givenĀ patternĀ ofĀ bitsļ¼›Ā inĀ thisĀ senseļ¼ŒĀ traditionalĀ IPĀ forwardingĀ isĀ alsoĀ flow-basedĀ forwardingĀ whereĀ theĀ flowsĀ areĀ definedĀ byĀ theĀ destinationĀ IPĀ addressĀ forĀ exampleļ¼›Ā howeverļ¼ŒĀ inĀ otherĀ implementationsļ¼ŒĀ theĀ givenĀ patternĀ ofĀ bitsĀ usedĀ forĀ aĀ flowĀ definitionĀ mayĀ includeĀ moreĀ fieldsĀ (e.g.ļ¼ŒĀ 10Ā orĀ more)Ā inĀ theĀ packetĀ headers.Ā DifferentĀ NDs/NEs/VNEsĀ ofĀ theĀ dataĀ planeĀ 580Ā mayĀ receiveĀ differentĀ messagesļ¼ŒĀ andĀ thusĀ differentĀ forwardingĀ information.Ā TheĀ dataĀ planeĀ 580Ā processesĀ theseĀ messagesĀ andĀ programsĀ theĀ appropriateĀ flowĀ informationĀ andĀ correspondingĀ actionsĀ inĀ theĀ forwardingĀ tablesĀ (sometimeĀ referredĀ toĀ asĀ flowĀ tables)Ā ofĀ theĀ appropriateĀ NE/VNEsļ¼ŒĀ andĀ thenĀ theĀ NEs/VNEsĀ mapĀ incomingĀ packetsĀ toĀ flowsĀ representedĀ inĀ theĀ forwardingĀ tablesĀ andĀ forwardĀ packetsĀ basedĀ onĀ theĀ matchesĀ inĀ theĀ forwardingĀ tables.
StandardsĀ suchĀ asĀ OpenFlowĀ defineĀ theĀ protocolsĀ usedĀ forĀ theĀ messagesļ¼ŒĀ asĀ wellĀ asĀ aĀ modelĀ forĀ processingĀ theĀ packets.Ā TheĀ modelĀ forĀ processingĀ packetsĀ includesĀ headerĀ parsingļ¼ŒĀ packetĀ classificationļ¼ŒĀ andĀ makingĀ forwardingĀ decisions.Ā HeaderĀ parsingĀ describesĀ howĀ toĀ interpretĀ aĀ packetĀ basedĀ uponĀ aĀ well-knownĀ setĀ ofĀ protocols.Ā SomeĀ protocolĀ fieldsĀ areĀ usedĀ toĀ buildĀ aĀ matchĀ structureĀ (orĀ key)Ā thatĀ willĀ beĀ usedĀ inĀ packetĀ classificationĀ (e.g.ļ¼ŒĀ aĀ firstĀ keyĀ fieldĀ couldĀ beĀ aĀ sourceĀ mediaĀ accessĀ controlĀ (MAC)Ā addressļ¼ŒĀ andĀ aĀ secondĀ keyĀ fieldĀ couldĀ beĀ aĀ destinationĀ MACĀ address)Ā .
PacketĀ classificationĀ involvesĀ executingĀ aĀ lookupĀ inĀ memoryĀ toĀ classifyĀ theĀ packetĀ byĀ determiningĀ whichĀ entryĀ (alsoĀ referredĀ toĀ asĀ aĀ forwardingĀ tableĀ entryĀ orĀ flowĀ entry)Ā inĀ theĀ forwardingĀ tablesĀ bestĀ matchesĀ theĀ packetĀ basedĀ uponĀ theĀ matchĀ structureļ¼ŒĀ orĀ keyļ¼ŒĀ ofĀ theĀ forwardingĀ tableĀ  entries.Ā ItĀ isĀ possibleĀ thatĀ manyĀ flowsĀ representedĀ inĀ theĀ forwardingĀ tableĀ entriesĀ canĀ correspond/matchĀ toĀ aĀ packetļ¼›Ā inĀ thisĀ caseĀ theĀ systemĀ isĀ typicallyĀ configuredĀ toĀ determineĀ oneĀ forwardingĀ tableĀ entryĀ fromĀ theĀ manyĀ accordingĀ toĀ aĀ definedĀ schemeĀ (e.g.ļ¼ŒĀ selectingĀ aĀ firstĀ forwardingĀ tableĀ entryĀ thatĀ isĀ matched)Ā .Ā ForwardingĀ tableĀ entriesĀ includeĀ bothĀ aĀ specificĀ setĀ ofĀ matchĀ criteriaĀ (asetĀ ofĀ valuesĀ orĀ wildcardsļ¼ŒĀ orĀ anĀ indicationĀ ofĀ whatĀ portionsĀ ofĀ aĀ packetĀ shouldĀ beĀ comparedĀ toĀ aĀ particularĀ value/values/wildcardsļ¼ŒĀ asĀ definedĀ byĀ theĀ matchingĀ capabilities-forĀ specificĀ fieldsĀ inĀ theĀ packetĀ headerļ¼ŒĀ orĀ forĀ someĀ otherĀ packetĀ content)Ā ļ¼ŒĀ andĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ actionsĀ forĀ theĀ dataĀ planeĀ toĀ takeĀ onĀ receivingĀ aĀ matchingĀ packet.Ā ForĀ exampleļ¼ŒĀ anĀ actionĀ mayĀ beĀ toĀ pushĀ aĀ headerĀ ontoĀ theĀ packetļ¼ŒĀ forĀ theĀ packetĀ usingĀ aĀ particularĀ portļ¼ŒĀ floodĀ theĀ packetļ¼ŒĀ orĀ simplyĀ dropĀ theĀ packet.Ā Thusļ¼ŒĀ aĀ forwardingĀ tableĀ entryĀ forĀ IPv4/IPv6Ā packetsĀ withĀ aĀ particularĀ transmissionĀ controlĀ protocolĀ (TCP)Ā destinationĀ portĀ couldĀ containĀ anĀ actionĀ specifyingĀ thatĀ theseĀ packetsĀ shouldĀ beĀ dropped.
MakingĀ forwardingĀ decisionsĀ andĀ performingĀ actionsĀ occursļ¼ŒĀ basedĀ uponĀ theĀ forwardingĀ tableĀ entryĀ identifiedĀ duringĀ packetĀ classificationļ¼ŒĀ byĀ executingĀ theĀ setĀ ofĀ actionsĀ identifiedĀ inĀ theĀ matchedĀ forwardingĀ tableĀ entryĀ onĀ theĀ packet.
Howeverļ¼ŒĀ whenĀ anĀ unknownĀ packetĀ (forĀ exampleļ¼ŒĀ aĀ ā€œmissedĀ packetā€Ā orĀ aĀ ā€œmatch-missā€Ā asĀ usedĀ inĀ OpenFlowĀ parlance)Ā arrivesĀ atĀ theĀ dataĀ planeĀ 580ļ¼ŒĀ theĀ packetĀ (orĀ aĀ subsetĀ ofĀ theĀ packetĀ headerĀ andĀ content)Ā isĀ typicallyĀ forwardedĀ toĀ theĀ centralizedĀ controlĀ planeĀ 576.Ā TheĀ centralizedĀ controlĀ planeĀ 576Ā willĀ thenĀ programĀ forwardingĀ tableĀ entriesĀ intoĀ theĀ dataĀ planeĀ 580Ā toĀ accommodateĀ packetsĀ belongingĀ toĀ theĀ flowĀ ofĀ theĀ unknownĀ packet.Ā OnceĀ aĀ specificĀ forwardingĀ tableĀ entryĀ hasĀ beenĀ programmedĀ intoĀ theĀ dataĀ planeĀ 580Ā byĀ theĀ centralizedĀ controlĀ planeĀ 576ļ¼ŒĀ theĀ nextĀ packetĀ withĀ matchingĀ credentialsĀ willĀ matchĀ thatĀ forwardingĀ tableĀ entryĀ andĀ takeĀ theĀ setĀ ofĀ actionsĀ associatedĀ withĀ thatĀ matchedĀ entry.
AĀ networkĀ interfaceĀ (NI)Ā mayĀ beĀ physicalĀ orĀ virtualļ¼›Ā andĀ inĀ theĀ contextĀ ofĀ IPļ¼ŒĀ anĀ interfaceĀ addressĀ isĀ anĀ IPĀ addressĀ assignedĀ toĀ aĀ NIļ¼ŒĀ beĀ itĀ aĀ physicalĀ NIĀ orĀ virtualĀ NI.Ā AĀ virtualĀ NIĀ mayĀ beĀ associatedĀ withĀ aĀ physicalĀ  NIļ¼ŒwithĀ anotherĀ virtualĀ interfaceļ¼ŒĀ orĀ standĀ onĀ itsĀ ownĀ (e.g.ļ¼ŒĀ aĀ loopbackĀ interfaceļ¼ŒĀ aĀ point-to-pointĀ protocolĀ interface)Ā .Ā AĀ NIĀ (physicalĀ orĀ virtual)Ā mayĀ beĀ numberedĀ (aĀ NIĀ withĀ anĀ IPĀ address)Ā orĀ unnumberedĀ (aĀ NIĀ withoutĀ anĀ IPĀ address)Ā .Ā AĀ loopbackĀ interfaceĀ (andĀ itsĀ loopbackĀ address)Ā isĀ aĀ specificĀ typeĀ ofĀ virtualĀ NIĀ (andĀ IPĀ address)Ā ofĀ aĀ NE/VNEĀ (physicalĀ orĀ virtual)Ā oftenĀ usedĀ forĀ managementĀ purposesļ¼›Ā whereĀ suchĀ anĀ IPĀ addressĀ isĀ referredĀ toĀ asĀ theĀ nodalĀ loopbackĀ address.Ā TheĀ IPĀ addressĀ (es)Ā assignedĀ toĀ theĀ NIĀ (s)Ā ofĀ aĀ NDĀ areĀ referredĀ toĀ asĀ IPĀ addressesĀ ofĀ thatĀ NDļ¼›Ā atĀ aĀ moreĀ granularĀ levelļ¼ŒĀ theĀ IPĀ addressĀ (es)Ā assignedĀ toĀ NIĀ (s)Ā assignedĀ toĀ aĀ NE/VNEĀ implementedĀ onĀ aĀ NDĀ canĀ beĀ referredĀ toĀ asĀ IPĀ addressesĀ ofĀ thatĀ NE/VNE.
SomeĀ portionsĀ ofĀ theĀ precedingĀ detailedĀ descriptionsĀ haveĀ beenĀ presentedĀ inĀ termsĀ ofĀ algorithmsĀ andĀ symbolicĀ representationsĀ ofĀ transactionsĀ onĀ dataĀ bitsĀ withinĀ aĀ computerĀ memory.Ā TheseĀ algorithmicĀ descriptionsĀ andĀ representationsĀ areĀ theĀ waysĀ usedĀ byĀ thoseĀ skilledĀ inĀ theĀ dataĀ processingĀ artsĀ toĀ mostĀ effectivelyĀ conveyĀ theĀ substanceĀ ofĀ theirĀ workĀ toĀ othersĀ skilledĀ inĀ theĀ art.Ā AnĀ algorithmĀ isĀ hereļ¼ŒĀ andĀ generallyļ¼ŒĀ conceivedĀ toĀ beĀ aĀ self-consistentĀ sequenceĀ ofĀ transactionsĀ leadingĀ toĀ aĀ desiredĀ result.Ā TheĀ transactionsĀ areĀ thoseĀ requiringĀ physicalĀ manipulationsĀ ofĀ physicalĀ quantities.Ā Usuallyļ¼ŒĀ thoughĀ notĀ necessarilyļ¼ŒĀ theseĀ quantitiesĀ takeĀ theĀ formĀ ofĀ electricalĀ orĀ magneticĀ signalsĀ capableĀ ofĀ beingĀ storedļ¼ŒĀ transferredļ¼ŒĀ combinedļ¼ŒĀ comparedļ¼ŒĀ andĀ otherwiseĀ manipulated.Ā ItĀ hasĀ provenĀ convenientĀ atĀ timesļ¼ŒĀ principallyĀ forĀ reasonsĀ ofĀ commonĀ usageļ¼ŒĀ toĀ referĀ toĀ theseĀ signalsĀ asĀ bitsļ¼ŒĀ valuesļ¼ŒĀ elementsļ¼ŒĀ symbolsļ¼ŒĀ charactersļ¼ŒĀ termsļ¼ŒĀ numbersļ¼ŒĀ orĀ theĀ like.
ItĀ shouldĀ beĀ borneĀ inĀ mindļ¼ŒĀ howeverļ¼ŒĀ thatĀ allĀ ofĀ theseĀ andĀ similarĀ termsĀ areĀ toĀ beĀ associatedĀ withĀ theĀ appropriateĀ physicalĀ quantitiesĀ andĀ areĀ merelyĀ convenientĀ labelsĀ appliedĀ toĀ theseĀ quantities.Ā UnlessĀ specificallyĀ statedĀ otherwiseĀ asĀ apparentĀ fromĀ theĀ aboveĀ discussionļ¼ŒĀ itĀ isĀ appreciatedĀ thatĀ throughoutĀ theĀ descriptionļ¼ŒĀ discussionsĀ utilizingĀ termsĀ suchĀ asĀ ā€³processingā€³Ā orĀ ā€³computingā€³Ā orĀ ā€³calculatingā€³Ā orĀ ā€³determiningā€³Ā orĀ ā€³displayingā€³Ā orĀ theĀ likeļ¼ŒĀ referĀ toĀ theĀ actionĀ andĀ processesĀ ofĀ aĀ computerĀ systemļ¼ŒĀ orĀ similarĀ electronicĀ computingĀ deviceļ¼ŒĀ thatĀ manipulatesĀ andĀ transformsĀ dataĀ representedĀ asĀ physicalĀ (electronic)Ā quantitiesĀ withinĀ theĀ  computerĀ systemā€²sĀ registersĀ andĀ memoriesĀ intoĀ otherĀ dataĀ similarlyĀ representedĀ asĀ physicalĀ quantitiesĀ withinĀ theĀ computerĀ systemĀ memoriesĀ orĀ registersĀ orĀ otherĀ suchĀ informationĀ storageļ¼ŒĀ transmissionĀ orĀ displayĀ devices.
TheĀ algorithmsĀ andĀ displaysĀ presentedĀ hereinĀ areĀ notĀ inherentlyĀ relatedĀ toĀ anyĀ particularĀ computerĀ orĀ otherĀ apparatus.Ā VariousĀ general-purposeĀ systemsĀ mayĀ beĀ usedĀ withĀ programsĀ inĀ accordanceĀ withĀ theĀ teachingsĀ hereinļ¼ŒĀ orĀ itĀ mayĀ proveĀ convenientĀ toĀ constructĀ moreĀ specializedĀ apparatusĀ toĀ performĀ theĀ requiredĀ methodĀ transactions.Ā TheĀ requiredĀ structureĀ forĀ aĀ varietyĀ ofĀ theseĀ systemsĀ willĀ appearĀ fromĀ theĀ descriptionĀ above.Ā InĀ additionļ¼ŒĀ embodimentsĀ ofĀ theĀ presentĀ inventionĀ areĀ notĀ describedĀ withĀ referenceĀ toĀ anyĀ particularĀ programmingĀ language.Ā ItĀ willĀ beĀ appreciatedĀ thatĀ aĀ varietyĀ ofĀ programmingĀ languagesĀ mayĀ beĀ usedĀ toĀ implementĀ theĀ teachingsĀ ofĀ embodimentsĀ ofĀ theĀ inventionĀ asĀ describedĀ herein.
AnĀ embodimentĀ ofĀ theĀ inventionĀ mayĀ beĀ anĀ articleĀ ofĀ manufactureĀ inĀ whichĀ aĀ non-transitoryĀ machine-readableĀ mediumĀ (suchĀ asĀ microelectronicĀ memory)Ā hasĀ storedĀ thereonĀ instructionsĀ (e.g.ļ¼ŒĀ computerĀ code)Ā whichĀ programĀ oneĀ orĀ moreĀ dataĀ processingĀ componentsĀ (genericallyĀ referredĀ toĀ hereĀ asĀ aĀ ā€œprocessorā€Ā )Ā toĀ performĀ theĀ operationsĀ describedĀ above.Ā InĀ otherĀ embodimentsļ¼ŒĀ someĀ ofĀ theseĀ operationsĀ mightĀ beĀ performedĀ byĀ specificĀ hardwareĀ componentsĀ thatĀ containĀ hardwiredĀ logicĀ (e.g.ļ¼ŒĀ dedicatedĀ digitalĀ filterĀ blocksĀ andĀ stateĀ machines)Ā .Ā ThoseĀ operationsĀ mightĀ alternativelyĀ beĀ performedĀ byĀ anyĀ combinationĀ ofĀ programmedĀ dataĀ processingĀ componentsĀ andĀ fixedĀ hardwiredĀ circuitĀ components.
InĀ theĀ foregoingĀ specificationļ¼ŒĀ embodimentsĀ ofĀ theĀ inventionĀ haveĀ beenĀ describedĀ withĀ referenceĀ toĀ specificĀ exemplaryĀ embodimentsĀ thereof.Ā ItĀ willĀ beĀ evidentĀ thatĀ variousĀ modificationsĀ mayĀ beĀ madeĀ theretoĀ withoutĀ departingĀ fromĀ theĀ broaderĀ spiritĀ andĀ scopeĀ ofĀ theĀ inventionĀ asĀ setĀ forthĀ inĀ theĀ followingĀ claims.Ā TheĀ specificationĀ andĀ drawingsĀ areļ¼ŒĀ accordinglyļ¼ŒĀ toĀ beĀ regardedĀ inĀ anĀ illustrativeĀ senseĀ ratherĀ thanĀ aĀ restrictiveĀ sense.
ThroughoutĀ theĀ descriptionļ¼ŒĀ embodimentsĀ ofĀ theĀ presentĀ inventionĀ haveĀ beenĀ presentedĀ throughĀ flowĀ diagrams.Ā ItĀ willĀ beĀ appreciatedĀ thatĀ theĀ orderĀ ofĀ transactionsĀ andĀ transactionsĀ describedĀ inĀ theseĀ flowĀ diagramsĀ areĀ onlyĀ intendedĀ forĀ illustrativeĀ purposesĀ andĀ notĀ intendedĀ asĀ aĀ limitationĀ ofĀ theĀ presentĀ invention.Ā OneĀ havingĀ ordinaryĀ skillĀ inĀ theĀ artĀ wouldĀ recognizeĀ thatĀ variationsĀ canĀ beĀ madeĀ toĀ theĀ flowĀ diagramsĀ withoutĀ departingĀ fromĀ theĀ broaderĀ spiritĀ andĀ scopeĀ ofĀ theĀ inventionĀ asĀ setĀ forthĀ inĀ theĀ followingĀ claims.

Claims (20)

  1. AĀ methodĀ implementedĀ byĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā networkļ¼ŒĀ theĀ switchĀ communicativelyĀ coupledĀ toĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ managesĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switchļ¼ŒĀ theĀ methodĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ soĀ thatĀ theĀ controllerĀ canĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switchļ¼ŒĀ theĀ methodĀ comprisingļ¼š
    determiningĀ (320)Ā whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchļ¼›Ā and
    transmittingĀ (330)Ā dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resource.
  2. TheĀ methodĀ ofĀ claimĀ 1ļ¼ŒĀ furtherĀ comprisingļ¼š
    receivingĀ (340)Ā instructionsĀ fromĀ theĀ controllerĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼›
    determiningĀ (350)Ā whetherĀ sufficientĀ storageĀ spaceĀ isĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼›Ā and
    deletingĀ (360)Ā oneĀ orĀ moreĀ entriesĀ fromĀ theĀ oneĀ orĀ moreĀ otherĀ tablesĀ inĀ responseĀ toĀ aĀ determinationĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resource.
  3. TheĀ methodĀ ofĀ claimĀ 1ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ aĀ secondĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ toĀ createĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ aĀ firstĀ tableĀ thatĀ sharesĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ secondĀ tableĀ inĀ anĀ  eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ anĀ entryĀ inĀ theĀ firstĀ table.
  4. TheĀ methodĀ ofĀ claimĀ 3ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ correspondingĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ insertedĀ inĀ theĀ firstĀ tableĀ ifĀ theĀ minimumĀ numberĀ ofĀ entriesĀ areĀ deletedĀ fromĀ theĀ secondĀ table.
  5. TheĀ methodĀ ofĀ claimĀ 1ļ¼ŒĀ furtherĀ comprisingļ¼š
    receivingĀ (310)Ā ļ¼ŒĀ fromĀ theĀ controllerļ¼ŒĀ aĀ requestĀ toĀ provideĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationļ¼ŒĀ whereinĀ transmittingĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ isĀ inĀ responseĀ toĀ receivingĀ theĀ requestĀ fromĀ theĀ controller.
  6. TheĀ methodĀ ofĀ claimĀ 1ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ isĀ anyĀ oneĀ ofĀ aĀ hashĀ memoryļ¼ŒĀ aĀ TernaryĀ ContentĀ AddressableĀ MemoryĀ (TCAM)Ā ļ¼ŒĀ andĀ aĀ counterĀ memory.
  7. AĀ methodĀ implementedĀ byĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā networkļ¼ŒĀ theĀ controllerĀ communicativelyĀ coupledĀ toĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ managesĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switchļ¼ŒĀ theĀ methodĀ toĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switchļ¼ŒĀ theĀ methodĀ comprisingļ¼š
    receivingĀ (420)Ā dataĀ storageĀ resourceĀ sharingĀ informationĀ fromĀ theĀ switchļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ tablesĀ storedĀ inĀ theĀ switchĀ thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchļ¼›Ā and
    transmittingĀ (430)Ā instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.
  8. TheĀ methodĀ ofĀ claimĀ 7ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ minimumĀ numberĀ ofĀ entriesĀ  thatĀ canĀ beĀ deletedĀ fromĀ aĀ secondĀ tableĀ thatĀ sharesĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ toĀ createĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ theĀ firstĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ anĀ entryĀ inĀ theĀ firstĀ table.
  9. TheĀ methodĀ ofĀ claimĀ 8ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ correspondingĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ insertedĀ inĀ theĀ firstĀ tableĀ ifĀ theĀ minimumĀ numberĀ ofĀ entriesĀ areĀ deletedĀ fromĀ theĀ secondĀ table.
  10. TheĀ methodĀ ofĀ claimĀ 9ļ¼ŒĀ furtherĀ comprisingļ¼š
    determiningĀ aĀ numberĀ ofĀ entriesĀ toĀ deleteĀ fromĀ theĀ secondĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ basedĀ onĀ theĀ dataĀ storageĀ resourceĀ sharingĀ information.
  11. TheĀ methodĀ ofĀ claimĀ 7ļ¼ŒĀ whereinĀ theĀ instructionsĀ toĀ deleteĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ includesĀ anĀ indicationĀ ofĀ aĀ numberĀ ofĀ entriesĀ toĀ deleteĀ fromĀ eachĀ ofĀ theĀ oneĀ orĀ moreĀ otherĀ tablesĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.
  12. TheĀ methodĀ ofĀ claimĀ 7ļ¼ŒĀ furtherĀ comprisingļ¼š
    transmittingĀ (410)Ā ļ¼ŒĀ toĀ theĀ switchļ¼ŒĀ aĀ requestĀ toĀ provideĀ theĀ dataĀ storageĀ resourceĀ sharingĀ information.
  13. AĀ networkĀ deviceĀ (504)Ā toĀ actĀ asĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā networkļ¼ŒĀ theĀ switchĀ toĀ beĀ communicativelyĀ coupledĀ toĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ isĀ toĀ manageĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switchļ¼ŒĀ theĀ networkĀ deviceĀ configuredĀ toĀ provideĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerĀ soĀ thatĀ theĀ controllerĀ canĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switchļ¼ŒĀ theĀ networkĀ deviceĀ comprisingļ¼š
    aĀ non-transitoryĀ machine-readableĀ storageĀ mediumĀ (548)Ā havingĀ storedĀ thereinĀ aĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ (563)Ā ļ¼›Ā and
    aĀ processorĀ (542)Ā communicativelyĀ coupledĀ toĀ theĀ non-transitoryĀ machine-readableĀ storageĀ mediumļ¼ŒĀ theĀ processorĀ configuredĀ toĀ executeĀ theĀ dataĀ storageĀ resourceĀ sharingĀ componentļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ isĀ configuredĀ toĀ determineĀ whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchĀ andĀ transmitĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resource.
  14. TheĀ networkĀ deviceĀ ofĀ claimĀ 13ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ isĀ furtherĀ configuredĀ toĀ receiveĀ instructionsĀ fromĀ theĀ controllerĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼ŒĀ determineĀ whetherĀ sufficientĀ storageĀ spaceĀ isĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼ŒĀ andĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ theĀ oneĀ orĀ moreĀ otherĀ tablesĀ inĀ responseĀ toĀ aĀ determinationĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resource.
  15. AĀ networkĀ deviceĀ (604)Ā toĀ actĀ asĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā networkļ¼ŒĀ theĀ controllerĀ toĀ beĀ communicativelyĀ coupledĀ toĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ whereĀ theĀ controllerĀ isĀ toĀ manageĀ packetĀ processingĀ functionalityĀ ofĀ theĀ switchļ¼ŒĀ theĀ networkĀ deviceĀ configuredĀ toĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switchļ¼ŒĀ theĀ networkĀ deviceĀ comprisingļ¼š
    aĀ non-transitoryĀ machine-readableĀ storageĀ mediumĀ (648)Ā havingĀ storedĀ thereinĀ aĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ (651)Ā ļ¼›Ā and
    aĀ processorĀ (642)Ā communicativelyĀ coupledĀ toĀ theĀ non-transitoryĀ machine-readableĀ storageĀ mediumļ¼ŒĀ theĀ processorĀ configuredĀ toĀ executeĀ theĀ dataĀ storageĀ resourceĀ sharingĀ componentļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ componentĀ isĀ configuredĀ toĀ receiveĀ dataĀ storageĀ resourceĀ  sharingĀ informationĀ fromĀ theĀ switchļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ tablesĀ storedĀ inĀ theĀ switchĀ thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchĀ andĀ transmitĀ instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.
  16. TheĀ networkĀ deviceĀ ofĀ claimĀ 15ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ indicationĀ ofĀ aĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ aĀ secondĀ tableĀ thatĀ sharesĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ toĀ createĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ theĀ firstĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ anĀ entryĀ inĀ theĀ firstĀ table.
  17. AĀ non-transitoryĀ machine-readableĀ mediumĀ havingĀ computerĀ codeĀ storedĀ thereinļ¼ŒĀ whichĀ whenĀ executedĀ byĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorsĀ ofĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā networkļ¼ŒĀ causesĀ theĀ networkĀ deviceĀ toĀ performĀ operationsĀ forĀ providingĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ theĀ SDNĀ networkĀ soĀ thatĀ theĀ controllerĀ canĀ manageĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ theĀ switchļ¼ŒĀ theĀ operationsĀ comprisingļ¼š
    determiningĀ (320)Ā whichĀ tablesĀ storedĀ inĀ theĀ switchĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchļ¼›Ā and
    transmittingĀ (330)Ā dataĀ storageĀ resourceĀ sharingĀ informationĀ toĀ theĀ controllerļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resource.
  18. TheĀ non-transitoryĀ machine-readableĀ mediumĀ ofĀ claimĀ 17ļ¼ŒĀ whereinĀ theĀ computerĀ codeļ¼ŒĀ whenĀ executedĀ byĀ theĀ setĀ ofĀ oneĀ orĀ moreĀ  processorsĀ ofĀ theĀ networkĀ deviceļ¼ŒĀ causesĀ theĀ networkĀ deviceĀ toĀ performĀ furtherĀ operationsĀ comprisingļ¼š
    receivingĀ (340)Ā instructionsĀ fromĀ theĀ controllerĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼›
    determiningĀ (350)Ā whetherĀ sufficientĀ storageĀ spaceĀ isĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ tableļ¼›Ā and
    deletingĀ (360)Ā oneĀ orĀ moreĀ entriesĀ fromĀ theĀ oneĀ orĀ moreĀ otherĀ tablesĀ inĀ responseĀ toĀ aĀ determinationĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resource.
  19. AĀ non-transitoryĀ machine-readableĀ mediumĀ havingĀ computerĀ codeĀ storedĀ thereinļ¼ŒĀ whichĀ whenĀ executedĀ byĀ aĀ setĀ ofĀ oneĀ orĀ moreĀ processorsĀ ofĀ aĀ networkĀ deviceĀ actingĀ asĀ aĀ controllerĀ inĀ aĀ controlĀ planeĀ ofĀ aĀ softwareĀ definedĀ networkingĀ (SDN)Ā networkļ¼ŒĀ causesĀ theĀ networkĀ deviceĀ toĀ performĀ operationsĀ forĀ managingĀ dataĀ storageĀ resourceĀ utilizationĀ ofĀ aĀ switchĀ inĀ aĀ dataĀ planeĀ ofĀ theĀ SDNĀ networkļ¼ŒĀ theĀ operationsĀ comprisingļ¼š
    receivingĀ (420)Ā dataĀ storageĀ resourceĀ sharingĀ informationĀ fromĀ theĀ switchļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ includesĀ anĀ indicationĀ ofĀ tablesĀ storedĀ inĀ theĀ switchĀ thatĀ shareĀ aĀ dataĀ storageĀ resourceĀ ofĀ theĀ switchļ¼›Ā and
    transmittingĀ (430)Ā instructionsĀ toĀ theĀ switchĀ toĀ insertĀ oneĀ orĀ moreĀ entriesĀ inĀ aĀ firstĀ tableĀ fromĀ theĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceļ¼ŒĀ togetherĀ withĀ instructionsĀ toĀ deleteĀ oneĀ orĀ moreĀ entriesĀ fromĀ oneĀ orĀ moreĀ otherĀ tablesĀ thatĀ shareĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ inĀ anĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ theĀ oneĀ orĀ moreĀ entriesĀ inĀ theĀ firstĀ table.
  20. TheĀ non-transitoryĀ machine-readableĀ mediumĀ ofĀ claimĀ 19ļ¼ŒĀ whereinĀ theĀ dataĀ storageĀ resourceĀ sharingĀ informationĀ furtherĀ includesĀ anĀ  indicationĀ ofĀ aĀ minimumĀ numberĀ ofĀ entriesĀ thatĀ canĀ beĀ deletedĀ fromĀ aĀ secondĀ tableĀ thatĀ sharesĀ theĀ dataĀ storageĀ resourceĀ withĀ theĀ firstĀ tableĀ toĀ createĀ storageĀ spaceĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ theĀ firstĀ tableĀ inĀ theĀ eventĀ thatĀ sufficientĀ storageĀ spaceĀ isĀ notĀ availableĀ inĀ theĀ dataĀ storageĀ resourceĀ forĀ insertionĀ ofĀ anĀ entryĀ inĀ theĀ firstĀ table.
PCT/CN2016/071466 2016-01-20 2016-01-20 Advertising network resource sharing status in sdn Ceased WO2017124330A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PCT/CN2016/071466 WO2017124330A1 (en) 2016-01-20 2016-01-20 Advertising network resource sharing status in sdn
US16/070,903 US11089102B2 (en) 2016-01-20 2016-01-20 Advertising network resource sharing status in SDN
EP16885603.7A EP3406053B1 (en) 2016-01-20 2016-01-20 Advertising network resource sharing status in sdn

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/071466 WO2017124330A1 (en) 2016-01-20 2016-01-20 Advertising network resource sharing status in sdn

Publications (1)

Publication Number Publication Date
WO2017124330A1 true WO2017124330A1 (en) 2017-07-27

Family

ID=59361201

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/071466 Ceased WO2017124330A1 (en) 2016-01-20 2016-01-20 Advertising network resource sharing status in sdn

Country Status (3)

Country Link
US (1) US11089102B2 (en)
EP (1) EP3406053B1 (en)
WO (1) WO2017124330A1 (en)

Cited By (4)

* Cited by examiner, ā€  Cited by third party
Publication number Priority date Publication date Assignee Title
CN110113197A (en) * 2019-04-26 2019-08-09 ę–°åŽäø‰ęŠ€ęœÆęœ‰é™å…¬åøåˆč‚„åˆ†å…¬åø The method and SDN controller of SDN controller Configuration network equipment
US10848420B2 (en) 2018-02-12 2020-11-24 Cisco Technology, Inc. Dynamic forwarding features in network elements
US11089102B2 (en) * 2016-01-20 2021-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Advertising network resource sharing status in SDN
CN115102898A (en) * 2022-06-01 2022-09-23 äø­å›½č”合ē½‘ē»œé€šäæ”é›†å›¢ęœ‰é™å…¬åø Communication method, device and storage medium

Families Citing this family (11)

* Cited by examiner, ā€  Cited by third party
Publication number Priority date Publication date Assignee Title
US9906401B1 (en) 2016-11-22 2018-02-27 Gigamon Inc. Network visibility appliances for cloud computing architectures
US11645131B2 (en) * 2017-06-16 2023-05-09 Cisco Technology, Inc. Distributed fault code aggregation across application centric dimensions
US12166759B2 (en) 2019-09-24 2024-12-10 Pribit Technology, Inc. System for remote execution code-based node control flow management, and method therefor
US12381890B2 (en) 2019-09-24 2025-08-05 Pribit Technology, Inc. System and method for secure network access of terminal
US12519754B2 (en) 2019-09-24 2026-01-06 Pribit Technology, Inc. System for controlling network access of node on basis of tunnel and data flow, and method therefor
US12348494B2 (en) * 2019-09-24 2025-07-01 Pribit Technology, Inc. Network access control system and method therefor
EP4037277B1 (en) 2019-09-24 2025-05-07 PRIBIT Technology, Inc. System for authenticating and controlling network access of terminal, and method therefor
US11711370B2 (en) * 2020-05-14 2023-07-25 Arista Networks, Inc. Automatic TCAM profiles
US11683375B2 (en) 2021-08-31 2023-06-20 Cisco Technology, Inc. Dynamic storage sharing across network devices
CN114257461B (en) * 2022-03-01 2022-05-13 四川ēœå•†ęŠ•äæ”ęÆꊀęœÆęœ‰é™č“£ä»»å…¬åø SDN switch flow table control method and device
US12609865B2 (en) 2024-06-21 2026-04-21 Arista Networks, Inc. Optimizing TCAM utilization via automatically created TCAM profiles

Citations (5)

* Cited by examiner, ā€  Cited by third party
Publication number Priority date Publication date Assignee Title
CN103580909A (en) * 2013-05-22 2014-02-12 ę­å·žåŽäø‰é€šäæ”ꊀęœÆęœ‰é™å…¬åø Method and device for customizing hardware resource
CN103905310A (en) * 2014-03-24 2014-07-02 华äøŗꊀęœÆęœ‰é™å…¬åø Message processing method and forwarding device
US20140241361A1 (en) * 2013-02-28 2014-08-28 Texas Instruments Incorporated Packet processing match and action unit with configurable memory allocation
CN104052685A (en) * 2013-03-14 2014-09-17 ę—„ē«‹(äø­å›½)ē ”ē©¶å¼€å‘ęœ‰é™å…¬åø Flow table updating method and flow table updating apparatus
KR20150051185A (en) * 2013-11-01 2015-05-11 ģ£¼ģ‹ķšŒģ‚¬ ģ¼€ģ“ķ‹° Method for managing consistency between flow tables in software defined network environment

Family Cites Families (12)

* Cited by examiner, ā€  Cited by third party
Publication number Priority date Publication date Assignee Title
SG119169A1 (en) * 2003-01-20 2006-02-28 Nanyang Polytechnic Path searching system using multiple groups of cooperating agents and method thereof
US9923831B2 (en) * 2012-11-29 2018-03-20 Futurewei Technologies, Inc. Packet prioritization in a software-defined network implementing OpenFlow
CN105379210B (en) * 2014-02-21 2019-02-01 华äøŗꊀęœÆęœ‰é™å…¬åø A data stream processing method and device
US10659389B2 (en) * 2014-07-16 2020-05-19 Nec Corporation Efficient cascading of flow tables in software defined networks (SDN)
US9692684B2 (en) * 2014-09-05 2017-06-27 Telefonaktiebolaget L M Ericsson (Publ) Forwarding table precedence in SDN
US9686137B2 (en) * 2015-02-10 2017-06-20 Alcatel Lucent Method and system for identifying an outgoing interface using openflow protocol
CN106330783B (en) * 2015-07-01 2019-03-15 äø­å…“通č®Æč‚”ä»½ęœ‰é™å…¬åø A method and device for reporting OpenFlow switch capability
US10341185B2 (en) * 2015-10-02 2019-07-02 Arista Networks, Inc. Dynamic service insertion
US10728096B2 (en) * 2015-10-02 2020-07-28 Arista Networks, Inc. Dynamic service device integration
US11089102B2 (en) * 2016-01-20 2021-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Advertising network resource sharing status in SDN
US10541900B2 (en) * 2016-02-01 2020-01-21 Arista Networks, Inc. Hierarchical time stamping
US10200278B2 (en) * 2016-03-02 2019-02-05 Arista Networks, Inc. Network management system control service for VXLAN on an MLAG domain

Patent Citations (5)

* Cited by examiner, ā€  Cited by third party
Publication number Priority date Publication date Assignee Title
US20140241361A1 (en) * 2013-02-28 2014-08-28 Texas Instruments Incorporated Packet processing match and action unit with configurable memory allocation
CN104052685A (en) * 2013-03-14 2014-09-17 ę—„ē«‹(äø­å›½)ē ”ē©¶å¼€å‘ęœ‰é™å…¬åø Flow table updating method and flow table updating apparatus
CN103580909A (en) * 2013-05-22 2014-02-12 ę­å·žåŽäø‰é€šäæ”ꊀęœÆęœ‰é™å…¬åø Method and device for customizing hardware resource
KR20150051185A (en) * 2013-11-01 2015-05-11 ģ£¼ģ‹ķšŒģ‚¬ ģ¼€ģ“ķ‹° Method for managing consistency between flow tables in software defined network environment
CN103905310A (en) * 2014-03-24 2014-07-02 华äøŗꊀęœÆęœ‰é™å…¬åø Message processing method and forwarding device

Non-Patent Citations (1)

* Cited by examiner, ā€  Cited by third party
Title
See also references of EP3406053A4 *

Cited By (5)

* Cited by examiner, ā€  Cited by third party
Publication number Priority date Publication date Assignee Title
US11089102B2 (en) * 2016-01-20 2021-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Advertising network resource sharing status in SDN
US10848420B2 (en) 2018-02-12 2020-11-24 Cisco Technology, Inc. Dynamic forwarding features in network elements
CN110113197A (en) * 2019-04-26 2019-08-09 ę–°åŽäø‰ęŠ€ęœÆęœ‰é™å…¬åøåˆč‚„åˆ†å…¬åø The method and SDN controller of SDN controller Configuration network equipment
CN115102898A (en) * 2022-06-01 2022-09-23 äø­å›½č”合ē½‘ē»œé€šäæ”é›†å›¢ęœ‰é™å…¬åø Communication method, device and storage medium
CN115102898B (en) * 2022-06-01 2023-07-07 äø­å›½č”合ē½‘ē»œé€šäæ”é›†å›¢ęœ‰é™å…¬åø Communication method, device and storage medium

Also Published As

Publication number Publication date
EP3406053A1 (en) 2018-11-28
US20200314179A1 (en) 2020-10-01
EP3406053B1 (en) 2020-12-23
EP3406053A4 (en) 2019-09-11
US11089102B2 (en) 2021-08-10

Similar Documents

Publication Publication Date Title
EP3406053B1 (en) Advertising network resource sharing status in sdn
US9450866B2 (en) Forwarding table performance control in SDN
US10205662B2 (en) Prefix distribution-based table performance optimization in SDN
US10263914B2 (en) Method and system to speed up flow routing in SDN network
US10305798B2 (en) Dynamic lookup optimization for packet classification
US9762483B2 (en) BNG / subscriber management integrated, FIB based, per subscriber, opt-in opt-out, multi application service chaining solution via subscriber service chaining nexthop and meta IP lookup
US20160315866A1 (en) Service based intelligent packet-in mechanism for openflow switches
EP3195537B1 (en) Forwarding table precedence in sdn
US20160294625A1 (en) Method for network monitoring using efficient group membership test based rule consolidation
EP3510730B1 (en) Efficient troubleshooting in sdn network
EP3391588A1 (en) Openflow configured horizontally split hybrid sdn nodes
EP3479553B1 (en) Efficient nat in sdn network
US20150271052A1 (en) Procedure to Add Alternate Paths for IS-IS Default Route
US11956203B2 (en) Service handling in software defined networking based container orchestration systems
US20170149659A1 (en) Mechanism to improve control channel efficiency by distributing packet-ins in an openflow network
US12113705B2 (en) Controller watch port for robust software defined networking (SDN) system operation
US9787577B2 (en) Method and apparatus for optimal, scale independent failover redundancy infrastructure
WO2020165910A1 (en) Technique for providing priority-aware caching in the fast-path of a virtual switch
WO2018015792A1 (en) User data isolation in software defined networking (sdn) controller
WO2018051172A1 (en) Service function classifier bypass in software defined networking (sdn) networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16885603

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2016885603

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2016885603

Country of ref document: EP

Effective date: 20180820