System and Method for Creating a Scalable Monolithic Packet Processing Engine

Abstract
A novel and efficient method is described that creates a monolithic high capacity Packet Engine (PE) by connecting N lower capacity Packet Engines (PEs) via a novel Chip-to-Chip (C2C) interface. The C2C interface is used to perform functions, such as memory bit slicing and to communicate shared information, and enqueue/dequeue operations between individual PEs.
Description
BACKGROUND OF THE INVENTION

Packet Engines (PEs) are devices or Integrated Circuits (ICs or Chips) that perform packet processing, such as packet classification, policing, filtering and switching. In any given technology, there is always a practical limit in how fast a monolithic PE can be built. In order to build a higher capacity system, a number of PEs can be joined together. The traditional way of doing this is to use Modular Systems that join a number of individual PEs using a central packet switch, often implemented in the form of a packet backplane with central switch fabric, and the PEs sitting on line-cards interfacing to the backplane switch. Although Modular Systems allow the construction of very large switching systems, they can no longer be considered a “monolithic non-blocking” switch, because in these large systems, the introduction of the central fabric always introduces QoS or performance limitations with certain traffic patterns. In addition, the ability to perform shared operations across a Modular System, such as policing and protection switching on different interfaces sitting on different PEs, is lost.


This invention uses a unique design that allows two or more PEs to be joined together, while keeping the monolithic non-blocking feature-set. The Bandwidth (BW) in terms of BPS (Bit Per Second), the processing power in terms of PPS (Packets Per Second) and the number of interfaces are increased by a factor of “N”, where “N” is the number of PEs joined together. Given the assumption that for a given technology one can only build PEs with capacity X, using this technique, (Multi-chip) PEs with capacity of N*X can be built.


SUMMARY OF THE INVENTION

This invention describes a novel design that can create a monolithic high capacity Packet Engine, called NPE, by connecting N lower capacity Packet Engines (PEs) via a Chip-to-Chip (C2C) interface. The C2C interface is used to perform functions, such as memory bit slicing to store packets in a distributed manner in the memory of individual PEs and to communicate shared information, such as enqueue/dequeue operations between them. This technique is a very efficient method of creating a powerful PE with higher capacity than a single PE can obtain. For certain cases, e.g. N=2, it is also possible to obtain a form of redundancy where the dual device operation can be gracefully degraded to single PE operation (and single PE performance) in case of a hardware failure. If this is coupled with the use of certain link protection protocols such as Ethernet Link Aggregation with the links being spread over the two constituent PE's, traffic can be maintained in case of a hardware failure, but at a reduced performance level.





BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 is a schematic diagram of a Modular System with two line-cards and a central switch fabric.



FIG. 2 is a schematic diagram of a single stand alone Packet Engine with traffic interfaces



FIG. 3 is a functional diagram of a single Packet Engine (PE) operation



FIG. 4 is a functional diagram of a dual-PE operation





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Carrier-class switches are typically constructed using building blocks such as NPUs (Network Processing Units) and TM's (Traffic managers). These two building blocks are often combined into a single integrated device (IC or chip), including one or more traffic interfaces (e.g. Ethernet ports). Such an IC is suitable for building carrier-class networks and is called “Packet Engine” (PE) in this document.


Packet engines perform operations like:

    • Packet classification into different flows with different Quality of Service (QoS)
    • Termination and handling of various communication protocols such as Multi-protocol Label Switching (MPLS)
    • Switching and routing
    • Ability to partition network into Virtual Private Networks
    • Admission control of individual flows using shared or dedicated Policers
    • Discard of excess traffic, according to their QoS, using techniques such as Weighted Random Early Discard (WRED)
    • Queuing and scheduling system
    • Operation and Management (OAM) functions
    • Protection switching mechanisms to perform fast recovery in case of network problems


A PE is characterized by the fact that it can perform all of the above functionality across all of its available interfaces with no restrictions on how traffic flows between the ports. However, PE performance is also characterized by a set of basic parameters; two of the most important are the Bandwidth (BW) supported in terms of BPS (Bits Per Second) and the packet processing capability in terms of number of PPS (Packets Per Second) the PE can handle. Since PEs often need large buffer storage for the queue system (typically in external memory called RAM), the maximum BW supported by a device is very often limited by the BW of the RAM used to construct the buffer system. The packet processing capability in terms of PPS is limited by the ability to perform table lookups and packet classifications, often using a mixture of both internal and external RAM.


There is always an interest in being able to construct a higher performance and larger PE to handle the ever increasing bandwidth requirements, while maintaining the service model offered by a single non-cascaded monolithic device for higher bandwidths. Using even the latest Integrated Circuit (IC) technologies, there is always a practical limit on the performance of a monolithic PE that can be built. The only way to build a higher performance PE is to join a number of monolithic PEs together. The traditional way of doing this is using a Modular System, as shown in FIG. 1. In a Modular system such as the one shown in FIG. 1, a number of individual PEs (130, 160) are connected to a central packet switch fabric (150), often implemented in the form of a packet backplane with central switch fabric chips residing on the backplane and the PEs sitting on line-cards (110, 120), interfacing to the backplane switch either directly or through fabric interface chips (140, 170). Modular systems allow the construction of very large (Tera-bit per second) switching systems, but they also have a number of drawbacks. Most importantly, the modular systems can no longer be considered a “monolithic non-blocking” switch. They behave more like a system of individual switches connected by a (internal) network, providing some form of Quality of Service (QoS). The introduction of the central fabric always introduces QoS or performance limitations with certain traffic patterns. In these large systems, the ability to perform shared operations across multiple PEs on different linecards, such as policing or protection switching, is also lost.


Furthermore, the interface to the backplane switch fabric consumes bandwidth in the PE, and as such, behaves like any other traffic interface on the device. FIG. 2 shows a stand alone PE device. If the standalone PE (220) in FIG. 2 can process a total of X Gbps (Giga bit per second) BW across all its external interfaces (230, 240), it (130, 160) will only be able to handle X/2 Gbps BW on its external interfaces (100, 101) in a Modular System, because the other X/2 Gbps BW is consumed by the internal fabric interface (180, 190).


This invention uses unique design that allows 2 or more PEs to be joined together, while keeping the monolithic non-blocking features. The Bandwidth in terms of PPS, the packet processing power in terms of PPS, and the number of external interfaces can be increased by a factor of N, where N is the number of PEs joined together. This novel design enables the creation of monolithic switches that are N times more powerful than individual PEs they are constructed from. For the rest of this document, a monolithic PE constructed from N number of PEs is called “NPE”. For example, a monolithic PE constructed from two PEs is called 2PE. A 2PE device, also called a dual-PE, is of special interest, since its implementation is very straight forward and with less complexity. The rest of this section describes the 2PE device, but it is equally applicable to NPE devices, as well.


An NPE device can (at any point in time) be split into its individual PE components, which can then operate individually. This allows cost effective construction of redundant hardware for certain redundancy scenarios. As an example, take the case of N=2: This will provide a graceful degradation to 50% of the 2PE bandwidth in case one device fails. Through the use of this feature, it becomes possible (at low or zero cost) to design networks and network elements which will continue to work, in case of a hardware failure, but the capacity will be reduced to (N−1)/N %. In order to achieve this, the N separate PE devices sit on separate line cards, such that a faulty PE device can be replaced, while the other PE devices continue to operate.


This invention combines a number of technologies, such as bit slicing, to achieve the NPE goal, but combines these in a novel way to create the NPE capable device.



FIG. 3 shows the block diagram of a single PE device. The main blocks in the drawing:

    • Ingress traffic interfaces (300)
    • Control Path (320)
    • Buffer system (330)
    • Egress Queues & scheduler (340)
    • Egress traffic interfaces (370)


As can be seen from FIG. 3, traffic enters the PE from the ingress interfaces (300). The packets are written to the buffer memory (330), for temporary storage, as well as sent to the control path (320), for lookup, classification, policing, etc. When the control path has finished processing a given packet, the control path commands (380) the buffer memory (330) that the packet should either be discarded (packet memory freed again), or enqueued (350) in one or more egress queues (340). Multicast requires sending a packet to more than one egress queue. The egress scheduler (340) reads packets from the queues and transmits them on the egress interfaces (370). When the last copy of a packet has been transmitted, the packet memory is freed again.



FIG. 4 shows a 2PE (dual-PE) block diagram. The 2PE operation is very similar to a single PE operation. The description here describes what goes on in one of the PE chips, but the same goes on in the other PE chip, with very few modifications (will be described below in more details). Traffic enters from ingress interfaces (400, 401), and is sent both to the control path (420, 421) and stored in the buffer memory (430, 431). Packets entering each PE (410, 411) get stored in both buffer memories (430, 431) using bit slicing technique over the Chip-to-Chip (C2C) interface (490). Since each control path (420, 421) handles only packets entering from local traffic interfaces (400, 401), they split the work between them perfectly. The buffer system uses a common bit-sliced memory, created by combining the memory interfaces on both chips. Effectively, this results in 50% of packet bits being stored in memory associated with each chip. Each chip owns and controls exactly 50% of the shared buffer memory, and has its own free list for buffer maintenance. When the control path on a PE chip has finished processing the packet, the result might be that the packet needs to be enqueued (450, 451) either on one or more local egress queues (on the same PE), or enqueued (491, 492) in egress queues on the other PE. In case of local enqueues, the enqueue operation is straightforward, and very similar to single PE operation. In case of a “remote” enqueue (from one chip to the other chip), the enqueue request (482) is sent to the remote queue system over the C2C (490) bus, together with a packet pointer, which points to the packet in the shared buffer system. No packet data is transferred in this operation, because the packet is already accessible to both devices in the bit-sliced buffer memory.


Egress transmission on both chips is straightforward: The packets are read from the bit sliced memory (effectively reading from memories on both PEs), and transmitted on the egress interfaces (470, 471). However, when a complete packet has been transmitted, the buffer system on a PE does two different things, depending on whether the packet originated from itself or not. If the packet originated from the same PE, it informs the buffer manager on the same PE (460, 461) that this packet copy is no longer needed, and the buffer manager keeps track of when the last copy that has been sent, so that the memory can be returned to the free list (for this local PE chip). If the packet originated from the other PE chip, it informs the buffer manager on the other PE chip (493, 494), via C2C interface, that this copy is no longer needed. In this way, the buffer manager on each PE chip maintains full control over the memory it owns (50%), regardless of the ingress/egress traffic patterns across the two PE chips.


So, as described above, the C2C interface performs memory bit slicing and carries “remote enqueue” operations and “remote dequeue” (packet copy no longer needed) operations, as described above. There are also a number of other protocols going on over the C2C bus, which include:


1) Policing. In order to support shared policers across a dual-PE system, all policing buckets are kept (maintained) on one of the chips—called a police master. The other chip (police slave) performs policing operations by sending information (policer number, packet length, etc.) to the police master, over the C2C, and receives the police answer (primarily packet color: red, yellow, green), again, over the C2C. In this way, flows ingressing on both chips can share the same policer (or have individual policers), just as required.


2) OAM packet handling. For certain protocols like Multiprotocol Label Switching (MPLS), the ingress interface of an MPLS Tunnel can suddenly change without warning. This does not present any problem for data packets that need to be forwarded, but for connectivity check OAM packets (packets sent at fixed intervals to allow detection of a faulty link), it means that these need to be handled by a central agent, spanning both PEs. In such 2PE operation, one PE is an OAM master, and the other PE is an OAM slave. The OAM slave PE chip informs the master PE (over the C2C bus) that an OAM packet has arrived on a particular link. In this way, the OAM master is always informed about OAM packet arrival, regardless of which interface/chip the packet arrives on, and is able to perform the “loss of connectivity” check in a straightforward fashion, just as if it was done on a single chip.


3) Central Processing Unit (CPU). In a 2PE operation, each PE may reside on a different line-card. Usually, each line-card has its own CPU for performing software related functions and protocols. The C2C interface in a 2PE operation permits the two CPUs of corresponding line-cards to communicate with each other, over the C2C interface. With proper software, the two CPUs could be synchronized regarding the information about both cards, and in case of failure of one of the CPUs, the other one can take over the control and operation of both line-cards.


As the carrier class protocols evolve, there will likely be more communication going on over the C2C bus to maintain the monolithic view across both chips, but the memory bit slicing and remote enqueue/dequeue are by far the largest bandwidth users on the link now, and will likely continue to be so, in the future.


Note that N can be larger or equal to 2, in an NPE system. The bit slicing protocol scales very nicely to solutions with N>2. However, other protocols described above do not scale linearly. For example, the police master will need to handle the policing operations for all PE chips (to support shared policers across any combination of PE chips), which does not scale very well. Therefore, there is some improvement for an NPE system, but it is not scaled linearly with N. However, still, it would be helpful on the overall performance.


Any variations of the above teaching are also intended to be covered by this patent application.

Claims
  • 1. A system for processing and switching of packets in a communication network, said system comprising: a communication medium; andone or more devices;multiple general interfaces;each one of said one or more devices comprising: a buffer;a packet processing engine;multiple queues;one or more queue schedulers;multiple ports; anda chip-to-chip interface;wherein said buffer comprises one or more internal or external random access memories;wherein packets entering said multiple ports of a first of said one or more devices are stored in said buffer of said first of said one or more devices;wherein said packet processing engine comprises one or more of the following: a packet classifier, a packet filter, a switch, a policer or an operation and maintenance engine;wherein said switch identifies one or more of said multiple queues for enqueue operation;wherein one or more of said multiple queues are assigned to said multiple general interfaces;wherein said one or more queue schedulers are assigned to said multiple general interfaces;wherein said one or more queue schedulers are in charge of scheduling packets for transmission and subsequent dequeue operation out of said multiple queues;wherein said chip-to-chip interface of said first of said one or more devices is connected to rest of said one or more devices;wherein said chip-to-chip interface of said first of said one or more devices is used for communicating information between said first of said one or more devices and said rest of said one or more devices; andwherein said chip-to-chip interface of said first said one or more devices is used to store said packets in said buffer of said rest of said one or more devices.
  • 2. A system as recited in claim 1, wherein said chip-to-chip interface of said one or more devices is used to distribute a storage of said packets entering said first of said one or more devices equally among said buffer of all of said one or more devices.
  • 3. A system as recited in claim 2, wherein said packets are distributed in bit-sliced fashion equally among said buffer of all of said one or more devices.
  • 4. A system as recited in claim 2, wherein said packets are distributed in byte-sliced fashion equally among said buffer of all of said one or more devices.
  • 5. A system as recited in claim 2, wherein said packets are distributed in word-sliced fashion equally among said buffer of all of said one or more devices.
  • 6. A system as recited in claim 1, wherein said first of said one or more devices asks a second of said one or more devices to enqueue said packets in said multiple queues of said second of said one or more devices.
  • 7. A system as recited in claim 1, wherein said first of said one or more devices asks a second of said one or more devices to dequeue said packets from said multiple queues of said second of said one or more devices.
  • 8. A system as recited in claim 1, wherein said policer of said first of said one or more devices performs a policing function for said rest of said one or more devices.
  • 9. A system as recited in claim 1, wherein said operation and maintenance engine of said first of said one or more devices performs an operation and maintenance function for said rest of said one or more devices.
  • 10. A system as recited in claim 1, wherein multiple component links are associated with said multiple ports of said one or more devices.
  • 11. A system as recited in claim 10, wherein said first of said one or more devices performs a link aggregation without interruption, by removing said one or more of said multiple component links from a link aggregation group, when one or more of said multiple component links have a failure.
  • 12. A system as recited in claim 1, wherein said first of said one or more devices gracefully recovers and operates normally, when said chip-to-chip interface of said first of said one or more devices has a failure.
  • 13. A system as recited in claim 1, wherein said first of said one or more devices gracefully recovers and operates normally, when said rest of said one or more devices have a failure.
  • 14. A system as recited in claim 1, wherein X number of said one or more devices are connected to each other, via said chip-to-chip interface of said X number of said one or more devices, behaving as a single instance of said one or more devices that switches traffic from any of said multiple ports of said X number of said one or more devices to rest of said multiple ports of said X number of said one or more devices.
  • 15. A system as recited in claim 14, wherein said X number of said one or more devices reside on the same line-card.
  • 16. A system as recited in claim 14, wherein said system has a total processing power, in terms of bits per second, that is equal to X times of a processing power of one of said X number of said one or more devices.
  • 17. A system as recited in claim 14, wherein said system has a total processing power, in terms of packets per second, that is equal to X times of a processing power of one of said X number of said one or more devices.
  • 18. A system as recited in claim 14, wherein said X number of said one or more devices operate with one or more external central processing units that run a required data processing software.
  • 19. A system as recited in claim 18, wherein said X number of said one or more devices continue normal operation, when at least one of said one or more external central processing units is operational.
  • 20. A system as recited in claim 14, wherein said X number of said one or more devices reside on the different line-cards.