US9270580B1 - Method and system for traffic isolation in a network - Google Patents

Method and system for traffic isolation in a network Download PDF

Info

Publication number
US9270580B1
US9270580B1 US12/550,227 US55022709A US9270580B1 US 9270580 B1 US9270580 B1 US 9270580B1 US 55022709 A US55022709 A US 55022709A US 9270580 B1 US9270580 B1 US 9270580B1
Authority
US
United States
Prior art keywords
port
ports
zone
logical group
switch
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US12/550,227
Inventor
Vineet M. Abraham
Sathish K. Gnanasekaran
Shashank R. Tadisina
Daniel Ji Yong Park Chung
Raymond Yimin Lai
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Avago Technologies International Sales Pte Ltd
Original Assignee
Brocade Communications Systems LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Brocade Communications Systems LLC filed Critical Brocade Communications Systems LLC
Priority to US12/550,227 priority Critical patent/US9270580B1/en
Assigned to BROCADE COMMUNICATIONS SYSTEMS, INC. reassignment BROCADE COMMUNICATIONS SYSTEMS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: TADISINA, SHASHANK R., ABRAHAM, VINEET M., CHUNG, DANIEL JI YONG PARK, GNANASEKARAN, SATHISH K., LAI, RAYMOND YIMIN
Assigned to WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT reassignment WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT SECURITY AGREEMENT Assignors: BROCADE COMMUNICATIONS SYSTEMS, INC., FOUNDRY NETWORKS, LLC, INRANGE TECHNOLOGIES CORPORATION, MCDATA CORPORATION, MCDATA SERVICES CORPORATION
Assigned to FOUNDRY NETWORKS, LLC, BROCADE COMMUNICATIONS SYSTEMS, INC. reassignment FOUNDRY NETWORKS, LLC RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT
Application granted granted Critical
Publication of US9270580B1 publication Critical patent/US9270580B1/en
Assigned to Brocade Communications Systems LLC reassignment Brocade Communications Systems LLC CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: BROCADE COMMUNICATIONS SYSTEMS, INC.
Assigned to AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITED reassignment AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: Brocade Communications Systems LLC
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/28Routing or path finding of packets in data switching networks using route fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/22Alternate routing

Definitions

  • the present disclosure relates to network management. More specifically, the present disclosure relates to a method and system for facilitating traffic isolation (TI) zones in a network.
  • TI traffic isolation
  • a single-wavelength channel in an optical fiber can provide 10 Gbps of transmission capacity.
  • WDM wavelength-division-multiplexing
  • a single strand of fiber can provide 40, 80, or 160 Gbps aggregate capacity.
  • OS technologies such as virtual machines, have unleashed the power of fast hardware and provide an unprecedented versatile computing environment.
  • a conventional SAN switch fabric faces a much more heterogeneous, versatile, and dynamic environment.
  • the limited network functions in such switches can hardly meet these demands.
  • applications that require high bandwidth, such as backup applications may cause congestion in the fabric and impact other critical application performance.
  • One embodiment of the present invention provides a system that facilitates traffic isolation (TI) in a network.
  • the system configures a set of switch ports as members of a TI zone.
  • the switch ports are part of an end-to-end path across one or more switch domains between a source and a destination.
  • the switch ports within the TI zone and outside the TI Zone belong to a common storage area network (SAN) zone which compartmentalizes data for security purposes.
  • SAN storage area network
  • the system determines whether a data flow entering a switch domain belongs to the TI zone.
  • the system subsequently forwards the data flow to the next-hop port within the TI zone if the data flow belongs to the TI zone.
  • the system prevents the data flow from reaching a port within the TI zone.
  • the system uses the TI zone to enforce one or more Quality-of-Service (QoS) parameters for a QoS class
  • the system configures the switch ports as members of the TI zone by first propagating the TI zone configuration across one or more switch domains. The system then determines whether a local switch domain is part of the TI zone. The system subsequently updates a local forwarding table with the TI zone configuration.
  • the system forwards a data flow which does not belong to the TI zone to a port that belongs to the TI-zone, if no port outside the TI zone is available to forward this data flow to its destination.
  • the system forwards a data flow which belongs to the TI zone to a port outside the TI zone, if the next-hop port within the TI zone for this data flow is not available.
  • the system drops a data flow which belongs to the TI zone, if the next port within the TI zone for this data flow is not available.
  • the switch ports configured as part of the TI zone are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.
  • the TI zone comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form the end-to-end path.
  • ISLs inter-switch links
  • the TI zone comprises one or more EX_Ports and is configured to traverse fibre channel routers (FCRs) and FCR-coupled fabrics.
  • FCRs fibre channel routers
  • FIG. 1 illustrates an exemplary FC network that facilitates traffic isolation, in accordance with an embodiment of the present invention.
  • FIG. 2 illustrates an exemplary use of a TI zone, in accordance with an embodiment of the present invention.
  • FIG. 3 illustrates another exemplary use of a TI zone, in accordance with an embodiment of the present invention.
  • FIG. 4 illustrates exemplary configurations of TI zones comprising of E_Ports, in accordance with an embodiment of the present invention.
  • FIG. 5 presents a flowchart illustrating the process of enabling a TI zone configuration, in accordance with an embodiment of the present invention.
  • FIG. 6 presents a flowchart illustrating the process of forwarding a flow at a switch, in accordance with an embodiment of the present invention.
  • FIG. 7 illustrates how a TI zone with a failover option enabled switches over to an alternate path, in accordance with an embodiment of the present invention.
  • FIG. 8 illustrates exemplary configurations of TI zones comprising of VE_Ports coupled by a FCIP tunnel, in accordance with an embodiment of the present invention.
  • a computer-readable storage medium which may be any device or medium that can store code and/or data for use by a computer system. This includes, but is not limited to, application-specific integrated circuits (ASIC), field-programmable gate arrays (FPGA), volatile memory, non-volatile memory, magnetic and optical storage, or other media capable of storing computer-readable media now known or later developed.
  • ASIC application-specific integrated circuits
  • FPGA field-programmable gate arrays
  • volatile memory non-volatile memory
  • magnetic and optical storage or other media capable of storing computer-readable media now known or later developed.
  • Embodiments of the present invention facilitate traffic isolation (TI) zones in a Fibre Channel (FC) network.
  • TI zones allow users to assign a data flow to specific inter-switch links (ISLs) to isolate traffic within a switch fabric.
  • ISLs inter-switch links
  • This configuration provides the option to segregate some applications from others with dedicated, separate paths through the switch fabric. For example, backup applications often require guaranteed high bandwidth, and assigning them to dedicated paths within a TI zone helps reduce congestion and prevent them from impacting other critical application performance.
  • TI zones can also be used to dedicate inter-switch links (ISLs) to high-priority data flows, and control the route for inter-switch traffic.
  • Such configuration can facilitate enforcement of different Quality-of-Service (QoS) classes. For example, a TI zone can be dedicated to a higher-priority QoS classes, so that lower-priority traffic is precluded from consuming the bandwidth allocated to the higher-priority QoS class.
  • a TI zone can include a set of switch ports used for specific traffic flows.
  • a data flow entering a starting switch port is forwarded to a next-hop port within the same TI zone.
  • traffic outside the TI zone is precluded from entering the TI zone.
  • TI zones can effectively facilitate traffic isolation.
  • the data flow can be forwarded to a port on an alternative path outside the zone. This configuration is possible when the failover option is enabled. In case the failover option is disabled, data flows belonging to the zone can be optionally dropped if there is a link failure in the TI zone.
  • Embodiments of the present invention facilitate TI zones as one of the traffic management services, which allocate specific ISLs to data flows. This ensures that a data flow belonging to a particular zone is isolated from traffic from other zones and can enjoy dedicated network resources, which is valuable especially for high-bandwidth traffic.
  • FIG. 1 illustrates an exemplary FC network to which traffic isolation zones can be applied, in accordance with an embodiment of the present invention.
  • an FC switch fabric 100 includes four switch modules, 102 , 104 , 106 , and 108 . Each switch module is coupled to a group of network appliances.
  • switch module 102 is coupled to a number of servers 110 and a number of disk arrays 112 .
  • a respective network appliance can communicate with any appliance (referred to as “target”) in the FC network.
  • one of the servers 110 can transfer data to and from one of tape backup devices 116 .
  • the switch modules are not coupled in a fully meshed topology, the data frames transferred between servers 110 and tape devices 116 traverse three switch modules 102 , 104 , and 106 .
  • the switch modules are coupled by ISLs, such as ISL 114 .
  • a network operator can specify and enforce a TI zone, for example, a dedicated switched path coupling server 110 and tape devices 116 , through the switch fabric.
  • This TI zone includes a number switch ports and ISLs. Traffic outside the TI zone is precluded from entering the TI zone. This way, the network operator can guarantee the service quality between server 110 and tape devices 116 .
  • switch fabric refers to a number of inter-coupled FC switch modules.
  • switch module and “switch” refer to an individual switch which can be coupled to other switch modules to form a larger port-count switch fabric.
  • edge device refers to any network appliance, either physical or logical, coupled to a switch.
  • switch domain refers to a unique identifier for each switch and creates an address for each device coupled to the switch.
  • a switch typically has two types of ports: a fabric port (denoted as F_Port), which can couple to a network appliance, and an extension port (E_Port), which can couple to another switch.
  • a network appliance communicates with a switch through a host bus adapter (HBA).
  • HBA host bus adapter
  • the HBA provides the interface between an appliance's internal bus architecture and the external FC network.
  • An HBA has at least one node port (N_Port), which couples to an F_Port on a switch through an optical transceiver and a fiber optic link.
  • FC network architecture More details on FC network architecture, protocols, naming/address convention, and various standards are available in the documentation available from the NCITS/ANSI T11 committee (www.t11.org) and publicly available literature, such as “Designing Storage Area Networks,” by Tom Clark, 2nd Ed., Addison Wesley, 2003, the disclosure of which is incorporated by reference in its entirety herein.
  • FIG. 2A and FIG. 2B illustrates an exemplary use of a TI zone.
  • Switch domain 202 is coupled to servers 210 and 220
  • switch domain 206 is coupled to backup tape devices 212 and disk array 222 .
  • the shortest path between switch domain 202 and switch domain 206 is through switch domain 208
  • switch domain 204 there exists an alternate path between switch domain 202 and switch domain 206 through switch domain 204 .
  • data flows between servers 210 and 220 and backup tape devices 212 and disk array 222 follow a shortest path 201 across switch domains 202 , 208 , and 206 .
  • shortest path 201 is shared by all applications that may communicate between switch domain 202 and 206 .
  • a backup application initiates a sustained high-bandwidth communication session between server 210 and backup tape devices 212
  • other applications such as the communication between server 220 and disk array 222 will experience high latency and low performance on the same path 201 .
  • a TI zone 200 is created to include ports 1 and 2 on switch domain 202 , ports 3 and 4 on switch domain 204 , and ports 5 and 6 on switch domain 206 .
  • the backup application between server 210 and backup tape devices 212 assigning the backup application between server 210 and backup tape devices 212 to TI zone 200 , the high-bandwidth backup data flow is isolated on a dedicated path from switch domains 202 , through switch domain 204 , to switch domain 206 .
  • Other applications between server 220 and disk array 222 remain on shortest path 201 and are not affected by the sustained backup application.
  • FIG. 3 illustrates another use for TI zones, where a data flow belongs to a TI zone 300 between a server 310 which is coupled to a switch domain 302 , and a disk array 312 which is coupled to a switch domain 304 via switch domain 306 .
  • This specific path is different from a shortest path 301 and ensures the bidirectional data flow takes the exact same route in both directions.
  • embodiments of the present invention provide a method that controls the ports and path used when routing traffic between fabrics. By isolating traffic, the TI zone can also prevent high-bandwidth traffic from causing congestion and improves fabric utilization.
  • TI zones allow network administrators to provision a certain set of E_Ports on one or more switches to carry only designated data flows.
  • TI zones assign specific paths to the data flows belonging to the zone, and control the route for inter-switch traffic.
  • TI zones can provide dedicated ISLs to high-priority data flows.
  • TI zones can also be used to force high-volume (but lower priority) data flows onto specific ISLs to limit the impact on other critical applications in the switch fabric.
  • a TI zone can include a set of switch ports used for specific traffic flows.
  • a data flow entering a switch from the starting N_Port or E_Port is forwarded to the next E_Port within the zone. If the next E_Port within the TI zone is not available (e.g. due to network congestion or link failure), the data flow can be forwarded to its destination using an E_Port outside the zone if the failover option enabled. In a TI zone with the failover option disabled, when any of the E_Ports within the TI zone goes down, the TI zone is deemed unavailable and data flows belonging to the zone can be optionally dropped.
  • an E_Port belonging to a particular TI zone may not carry any other data flows outside the zone, unless that E_Port is the only way to reach the destination and the failover option is enabled. If the failover option is disabled, that E_Port is precluded from carrying any other data flows outside the zone under any circumstance.
  • a TI zone can be provisioned to carry traffic of a given QoS class. Dedicating the TI zone to one or more QoS classes can guarantee a certain amount of bandwidth, a minimum delay, and a minimum packet loss rate. In general, a number of QoS parameters, such as bandwidth, end-to-end delay, and in-order packet delivery, can be enforced within a TI zone. In addition, more than one TI zones may be provisioned for one QoS class. In case one TI zone fails (e.g., due to port or link failure), another TI zone can be used the carry the protected traffic.
  • TI zones are configured. For example, to limit the management overhead, a maximum number (e.g., 255) of TI zones can be created in one switch fabric. Second, a port configured to be in a TI zone may not be a member of other TI zones. In other words, a given port can only be a member of a single TI zone because the port can only be on a single path to any specific domain to ensure successful traffic isolation. This “non-duplication” rule is enforced during zone creation/modification. Lastly, to use a trunk port for a TI zone, all the ports in the trunk group become part of the same TI zone. Mixing different TI zones in a trunk group or configuring only a subset of the ports in the trunk group might result in unpredictable behavior.
  • a TI zone can be created for a switch using command-line interface (CLI) with options and a port list of (domain, index) format, where domain is the switch domain ID and index is the port number.
  • CLI command-line interface
  • WWN port world-wide name
  • FCR Fibre Channel router
  • objtype :: ti (traffic isolation zone)
  • zone Create a TI Zone with specified options and the portlist. By default, the zone is created with failover enabled and the zone will be activated.
  • Zone --add command allows users to add portlist members and failover option to an existing TI zone.
  • Zone --remove command allows user to remove portlist members from existing zones. If the last member of a TI zone is removed, the TI zone name will be removed from the defined TI zone lists.
  • Zone activate/deactivate command allows user to activate/deactivate TI zone.
  • Zone --delete command will delete TI zones from the defined TI zone lists completely. Users will be prompted to confirm delete action.
  • Zone --show command without any specified name will display all the TI zones in defined configuration.
  • Zone --show command can be executed for one zone. This command will display the zone name, portlists, failover option and status.
  • FIG. 4 illustrates an exemplary switch fabric comprising five switch domains 1 to 5, in which three TI zones are created.
  • TI zone 420 facilitates communication between a host 430 and a host 432 though a list of ports (1,2; 2,2; 2,1; 5,2) across switch domains 1, 2, and 5.
  • TI zone 422 includes a list of ports (5,4; 2, 7; 2,6; 3,2; 3,6; 4,2), which are part of a path that traverses switch domains 5, 2, 3, and 4.
  • Applications accessing a disk array 434 from host 432 may send and receive data flows on TI zone 422 .
  • the third TI zone 424 configured in this example provides an end-to-end dedicated path between host 430 and disk array 434 across switch domains 1, 2, 3, and 4.
  • the port list for TI zone 424 is (1,4; 2,4; 2,8; 3,4; 3,8; 4,4). Note that all three TI zones shown in FIG. 4 include only E_Ports.
  • the set of ISLs between the E_Ports form an end-to-end path from the ingress switch domain to the egress switch domain.
  • TI zone 424 creates a dedicated path from switch domains 1 to 4 through the core switch domains 2 and 3. All data flows belonging to TI zone 424 and entering domain 1 from host 430 will be forwarded to port 4 on switch domain 1. Other data flows from host 430 outside this zone will be routed to port 2 regardless of their destination. Similarly, any traffic entering switch domain 2 on port 2 will be routed to port 6 when heading for switch domain 3 or domain 4 because port 4 and port 8 on switch domain 2 are dedicated to TI zone 424 .
  • FIG. 5 presents a flowchart illustrating the process of enabling a TI zone after it is created, in accordance with embodiments of the present invention.
  • the system first initializes a TI zone for a number of switches (operation 502 ). The system then propagates the TI zone configuration information to all involved switches (operation 504 ). Next, the system determines if the new TI zone configuration applies to a local switch (operation 506 ). If so, the forwarding table of the local switch will be updated with the new TI zone information (operation 508 ).
  • a TI zone configuration is interpreted by the local switch and the switch only considers the forwarding update required for its local ports.
  • a switch is not required to determine whether the TI zones accurately provide dedicated end-to-end paths through the entire switch fabric. This allows routing to be determined at the time TI zones are activated, eliminating a significant amount of overhead that would be required to dynamically route data flows belonging to TI zones in real-time.
  • TI zones provide traffic isolation in a “best effort” fashion that works as long as the “lowest-cost path” rule holds in fabric shortest-path first (FSPF) routing.
  • FSPF routing rules can take precedence over the TI zones. This means that data flows from one TI zone may have to share E_Ports with other data flows when no equal-cost paths can be found.
  • E_Port in the preferred TI zone fails, data flows belonging to that TI zone will be switched to a failover path that is the next lowest-cost path to the destination. Similarly, a data flow outside the zone will use an E_Port from this TI zone if no alternative path exists.
  • the following rules apply if the TI zone is not the lowest-cost path: when the TI zone path is broken, data flows belonging to this TI zone will switch over to the lowest-cost path which is not part of the TI zone if the failover option is enabled. If the failover option is disabled, the data flows belonging to this TI zone will be blocked.
  • the following rules apply if the TI zone is the only lowest-cost path: if the failover option is enabled, non-TI-zone as well as TI-zone data flows can use the dedicated TI-zone path. If the failover option is disabled, the non-TI zone data flows will be blocked.
  • FIG. 6 presents a flowchart illustrating the process of making decisions on how to forward a data flow at a switch, in accordance with an embodiment of the present invention.
  • the system first receives a data flow (operation 602 ). The system then determines whether the flow belongs to a TI zone (operation 604 ). If not, the data flow is forwarded to a non-TI zone port (operation 614 ). If the flow belongs to a TI zone, the system further determines whether the next-hop port within the TI zone is available (operation 606 ). If the next-hop port on the TI zone is available, the data flow is forwarded to that port (operation 608 ).
  • the system decides whether the TI zone failover option is enabled (operation 610 ). If so, the data flow is forwarded to a non-TI zone port on the failover path (operation 614 ). Otherwise, the data flow is dropped (operation 612 ).
  • FIG. 7 illustrates how a TI zone with the failover option enabled switches over to an alternate path, in accordance with an embodiment of the present invention.
  • non-TI zone traffic may be forwarded on the TI zone path as well.
  • ISL 724 if ISL 724 is offline, all the traffic from switch domain 1 ( 702 ) to switch domain 4 ( 708 ) will be forwarded via ISL 720 , regardless of whether the traffic belongs to TI zone 700 .
  • the TI zone in FC networks should be distinguished from the general SAN zoning, which is a method of arranging Fibre Channel devices into logical groups within the fabric.
  • general SAN zoning is a method of arranging Fibre Channel devices into logical groups within the fabric.
  • each device may be placed into multiple zones to achieve compartmentalization of data for security purposes. For instance, by dividing up device ports into groups, data access can be limited for some users to specific groups of servers that store confidential data in a SAN network. Traffic within one SAN zone can be strictly prohibited from entering another SAN zone, even when one SAN zone fails. In contrast, traffic within a TI zone is allowed to leave the TI zone under certain circumstances, for example when there is a failure in the TI zone and when the failover option is enabled.
  • TI zones take place within a SAN zone.
  • a TI zone and the corresponding non-TI zones all belong to the same SAN zone.
  • a TI zone isolates data flows over different ISLs to control the ports and path used when routing traffic between fabrics. By assigning specific paths for data flows, TI zones also minimize congestion and improve fabric utilization.
  • General SAN zoning does not change a data flow's routing; it only partitions the SAN into logical groups and enforces access security between the groups.
  • the traffic isolation feature introduced in the previous section provides capability to isolate traffic between N_Ports or E_Ports across a particular path defined within layer-two fabrics.
  • TI zones can also be extended to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.
  • FCRs Fibre Channel routers
  • One embodiment of the present invention allows a TI zone comprising one or more EX_Ports.
  • EX_Ports couple a Fibre Channel router to a Fibre Channel switch. On the switch side the port looks like a normal E_Port, but on the router side the port is an EX_Port.
  • a TI zone over FCR typically has two portions: TI zones within the edge and TI zones within network backbone.
  • TI zones within edge device include ports that couple switches to network appliances.
  • TI zones within the network backbone are the portions including E_Ports and EX_Ports that inter-couple switches.
  • TI zone 200 in FIG. 2 includes ports 1 and 6 within the edge devices and ports 2, 3, 4, and 5 within the network backbone. While the main focus of TI zones over FCR is in the backbone fabrics, this feature works in conjunction with TI zones within edge devices to achieve desired end-to-end network routing. In other words, a TI zone within edge is used to route traffic between end devices and proxy devices to a particular EX_Port, and a TI zone within network backbone is used to secure a dedicated path within the backbone fabrics.
  • the dedicated path within the backbone may comprise a set of EX_Ports or a tunnel based on virtual E_Ports (VE_Ports) across one or more FCRs.
  • FIG. 8 illustrates a TI zone configuration with a Fibre-Channel-over-IP (FCIP) tunnel.
  • TI zone 800 in FIG. 8 includes a list of port (1,4; 2,4; 2,6; 3,2; 3,8; 4,4).
  • a FCIP tunnel 802 couples VE_Port 6 of switch domain 2 to VE_Port 2 of switch domain 3. Hence traffic flows belonging to TI zone 800 are carried over FCIP tunnel 802 between switch domains 2 and 3.
  • a TI zone can include a set of switch ports used for specific traffic flows.
  • a data flow that belongs to the TI zone is forwarded to a next-hop port within the zone.
  • TI zones allow users to assign a data flow to specific inter-switch links (ISLs) to isolate traffic and reduce congestion within a switch fabric.
  • ISLs inter-switch links
  • TI zones can also be used to dedicate ISLs to high-priority data flows, and control the route for inter-switch traffic.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

One embodiment of the present invention provides a system that facilitates traffic isolation (TI) in a network. During operation, the system configures a set of switch ports as members of a TI zone. The switch ports are part of an end-to-end path across one or more switch domains between a source and a destination. The switch ports within the TI zone and outside the TI Zone belong to a common storage area network (SAN) zone which compartmentalizes data for security purposes. The system then determines whether a data flow entering a switch domain belongs to the TI zone. The system subsequently forwards the data flow to the next port within the TI zone if the data flow belongs to the TI zone.

Description

BACKGROUND
1. Field
The present disclosure relates to network management. More specifically, the present disclosure relates to a method and system for facilitating traffic isolation (TI) zones in a network.
2. Related Art
The proliferation of the Internet and e-commerce continues to fuel revolutionary changes in the network industry. Today, a significant number of transactions, from real-time stock trades to retail sales, auction bids, and credit-card payments, are conducted online. Consequently, many enterprises rely on existing storage area networks (SANs), not only to perform conventional storage functions such as data backup, but also to carry out an increasing number of egalitarian network functions such as building large server farms.
Historically, conventional network appliances (e.g., data-center servers, disk arrays, backup tape drives) mainly use a SAN network to transfer large blocks of data. Therefore, the switches provide only basic patch-panel-like functions. In the past decade, however, drastic advances occurred in almost all the network layers, ranging from physical transmission media, computer hardware and architecture, to operating system (OS) and application software.
For example, a single-wavelength channel in an optical fiber can provide 10 Gbps of transmission capacity. With wavelength-division-multiplexing (WDM) technology, a single strand of fiber can provide 40, 80, or 160 Gbps aggregate capacity. Meanwhile, computer hardware is becoming progressively cheaper and faster. Expensive high-end servers can now be readily replaced by a farm of many smaller, cheaper, and equally fast computers. In addition, OS technologies, such as virtual machines, have unleashed the power of fast hardware and provide an unprecedented versatile computing environment.
As a result of these technological advances, a conventional SAN switch fabric faces a much more heterogeneous, versatile, and dynamic environment. The limited network functions in such switches can hardly meet these demands. For instance, applications that require high bandwidth, such as backup applications, may cause congestion in the fabric and impact other critical application performance. Hence, there is a need for options to segregate some applications from others and to assign dedicated paths to certain applications.
SUMMARY
One embodiment of the present invention provides a system that facilitates traffic isolation (TI) in a network. During operation, the system configures a set of switch ports as members of a TI zone. The switch ports are part of an end-to-end path across one or more switch domains between a source and a destination. The switch ports within the TI zone and outside the TI Zone belong to a common storage area network (SAN) zone which compartmentalizes data for security purposes. The system then determines whether a data flow entering a switch domain belongs to the TI zone. The system subsequently forwards the data flow to the next-hop port within the TI zone if the data flow belongs to the TI zone. When the data flow does not belong to the TI zone, the system prevents the data flow from reaching a port within the TI zone.
In a variation on this embodiment, the system uses the TI zone to enforce one or more Quality-of-Service (QoS) parameters for a QoS class
In a variation on this embodiment, the system configures the switch ports as members of the TI zone by first propagating the TI zone configuration across one or more switch domains. The system then determines whether a local switch domain is part of the TI zone. The system subsequently updates a local forwarding table with the TI zone configuration.
In a variation on this embodiment, the system forwards a data flow which does not belong to the TI zone to a port that belongs to the TI-zone, if no port outside the TI zone is available to forward this data flow to its destination.
In a variation on this embodiment, the system forwards a data flow which belongs to the TI zone to a port outside the TI zone, if the next-hop port within the TI zone for this data flow is not available.
In a variation on this embodiment, the system drops a data flow which belongs to the TI zone, if the next port within the TI zone for this data flow is not available.
In a variation on this embodiment, the switch ports configured as part of the TI zone are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.
In a further variation, the TI zone comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form the end-to-end path.
In a further variation, the TI zone comprises one or more EX_Ports and is configured to traverse fibre channel routers (FCRs) and FCR-coupled fabrics.
BRIEF DESCRIPTION OF THE FIGURES
FIG. 1 illustrates an exemplary FC network that facilitates traffic isolation, in accordance with an embodiment of the present invention.
FIG. 2 illustrates an exemplary use of a TI zone, in accordance with an embodiment of the present invention.
FIG. 3 illustrates another exemplary use of a TI zone, in accordance with an embodiment of the present invention.
FIG. 4 illustrates exemplary configurations of TI zones comprising of E_Ports, in accordance with an embodiment of the present invention.
FIG. 5 presents a flowchart illustrating the process of enabling a TI zone configuration, in accordance with an embodiment of the present invention.
FIG. 6 presents a flowchart illustrating the process of forwarding a flow at a switch, in accordance with an embodiment of the present invention.
FIG. 7 illustrates how a TI zone with a failover option enabled switches over to an alternate path, in accordance with an embodiment of the present invention.
FIG. 8 illustrates exemplary configurations of TI zones comprising of VE_Ports coupled by a FCIP tunnel, in accordance with an embodiment of the present invention.
DETAILED DESCRIPTION
The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not limited to the embodiments shown, but is to be accorded the widest scope consistent with the claims.
The data structures and code described in this detailed description are typically stored on a computer-readable storage medium, which may be any device or medium that can store code and/or data for use by a computer system. This includes, but is not limited to, application-specific integrated circuits (ASIC), field-programmable gate arrays (FPGA), volatile memory, non-volatile memory, magnetic and optical storage, or other media capable of storing computer-readable media now known or later developed.
Overview
Embodiments of the present invention facilitate traffic isolation (TI) zones in a Fibre Channel (FC) network. TI zones allow users to assign a data flow to specific inter-switch links (ISLs) to isolate traffic within a switch fabric. This configuration provides the option to segregate some applications from others with dedicated, separate paths through the switch fabric. For example, backup applications often require guaranteed high bandwidth, and assigning them to dedicated paths within a TI zone helps reduce congestion and prevent them from impacting other critical application performance. TI zones can also be used to dedicate inter-switch links (ISLs) to high-priority data flows, and control the route for inter-switch traffic. Such configuration can facilitate enforcement of different Quality-of-Service (QoS) classes. For example, a TI zone can be dedicated to a higher-priority QoS classes, so that lower-priority traffic is precluded from consuming the bandwidth allocated to the higher-priority QoS class.
A TI zone can include a set of switch ports used for specific traffic flows. When a TI zone is enforced, a data flow entering a starting switch port is forwarded to a next-hop port within the same TI zone. Under normal conditions, traffic outside the TI zone is precluded from entering the TI zone. Hence, TI zones can effectively facilitate traffic isolation. In come cases, if the next-hop port cannot be reached due to link failure, the data flow can be forwarded to a port on an alternative path outside the zone. This configuration is possible when the failover option is enabled. In case the failover option is disabled, data flows belonging to the zone can be optionally dropped if there is a link failure in the TI zone.
Network Architecture
The heterogeneous nature of modern FC networks imposes many new challenges, among which traffic management deals with controlling and allocating network bandwidth and minimizing congestion at switch ports. Embodiments of the present invention facilitate TI zones as one of the traffic management services, which allocate specific ISLs to data flows. This ensures that a data flow belonging to a particular zone is isolated from traffic from other zones and can enjoy dedicated network resources, which is valuable especially for high-bandwidth traffic.
FIG. 1 illustrates an exemplary FC network to which traffic isolation zones can be applied, in accordance with an embodiment of the present invention. In this example, an FC switch fabric 100 includes four switch modules, 102, 104, 106, and 108. Each switch module is coupled to a group of network appliances. For example, switch module 102 is coupled to a number of servers 110 and a number of disk arrays 112.
A respective network appliance can communicate with any appliance (referred to as “target”) in the FC network. For example, one of the servers 110 can transfer data to and from one of tape backup devices 116. Note that, since the switch modules are not coupled in a fully meshed topology, the data frames transferred between servers 110 and tape devices 116 traverse three switch modules 102, 104, and 106. In general, the switch modules are coupled by ISLs, such as ISL 114. In one embodiment, a network operator can specify and enforce a TI zone, for example, a dedicated switched path coupling server 110 and tape devices 116, through the switch fabric. This TI zone includes a number switch ports and ISLs. Traffic outside the TI zone is precluded from entering the TI zone. This way, the network operator can guarantee the service quality between server 110 and tape devices 116.
As shown in FIG. 1, large-port-count FC switch fabrics often include a number of smaller, interconnected individual switches. The internal connectivity of a switch fabric can be based on a variety of topologies. In this disclosure, the term “switch fabric” refers to a number of inter-coupled FC switch modules. The terms “switch module” and “switch” refer to an individual switch which can be coupled to other switch modules to form a larger port-count switch fabric. The term “edge device” refers to any network appliance, either physical or logical, coupled to a switch. The term “switch domain” refers to a unique identifier for each switch and creates an address for each device coupled to the switch.
A switch typically has two types of ports: a fabric port (denoted as F_Port), which can couple to a network appliance, and an extension port (E_Port), which can couple to another switch. A network appliance communicates with a switch through a host bus adapter (HBA). The HBA provides the interface between an appliance's internal bus architecture and the external FC network. An HBA has at least one node port (N_Port), which couples to an F_Port on a switch through an optical transceiver and a fiber optic link. More details on FC network architecture, protocols, naming/address convention, and various standards are available in the documentation available from the NCITS/ANSI T11 committee (www.t11.org) and publicly available literature, such as “Designing Storage Area Networks,” by Tom Clark, 2nd Ed., Addison Wesley, 2003, the disclosure of which is incorporated by reference in its entirety herein.
FIG. 2A and FIG. 2B illustrates an exemplary use of a TI zone. Switch domain 202 is coupled to servers 210 and 220, and switch domain 206 is coupled to backup tape devices 212 and disk array 222. Assume that the shortest path between switch domain 202 and switch domain 206 is through switch domain 208, while there exists an alternate path between switch domain 202 and switch domain 206 through switch domain 204. Assume further that data flows between servers 210 and 220 and backup tape devices 212 and disk array 222 follow a shortest path 201 across switch domains 202, 208, and 206.
In the network shown in FIG. 2A, shortest path 201 is shared by all applications that may communicate between switch domain 202 and 206. Hence, when a backup application initiates a sustained high-bandwidth communication session between server 210 and backup tape devices 212, other applications such as the communication between server 220 and disk array 222 will experience high latency and low performance on the same path 201.
The application of TI zone provides a graceful solution to this problem in accordance with embodiments of the present invention. As illustrated in FIG. 2B, a TI zone 200 is created to include ports 1 and 2 on switch domain 202, ports 3 and 4 on switch domain 204, and ports 5 and 6 on switch domain 206. By assigning the backup application between server 210 and backup tape devices 212 to TI zone 200, the high-bandwidth backup data flow is isolated on a dedicated path from switch domains 202, through switch domain 204, to switch domain 206. Other applications between server 220 and disk array 222 remain on shortest path 201 and are not affected by the sustained backup application.
FIG. 3 illustrates another use for TI zones, where a data flow belongs to a TI zone 300 between a server 310 which is coupled to a switch domain 302, and a disk array 312 which is coupled to a switch domain 304 via switch domain 306. This specific path is different from a shortest path 301 and ensures the bidirectional data flow takes the exact same route in both directions. In general, embodiments of the present invention provide a method that controls the ports and path used when routing traffic between fabrics. By isolating traffic, the TI zone can also prevent high-bandwidth traffic from causing congestion and improves fabric utilization.
Traffic Isolation Zones
In accordance with embodiments of the present invention, TI zones allow network administrators to provision a certain set of E_Ports on one or more switches to carry only designated data flows. TI zones assign specific paths to the data flows belonging to the zone, and control the route for inter-switch traffic. TI zones can provide dedicated ISLs to high-priority data flows. TI zones can also be used to force high-volume (but lower priority) data flows onto specific ISLs to limit the impact on other critical applications in the switch fabric. In either case, a TI zone can include a set of switch ports used for specific traffic flows.
When a TI zone is created, a data flow entering a switch from the starting N_Port or E_Port is forwarded to the next E_Port within the zone. If the next E_Port within the TI zone is not available (e.g. due to network congestion or link failure), the data flow can be forwarded to its destination using an E_Port outside the zone if the failover option enabled. In a TI zone with the failover option disabled, when any of the E_Ports within the TI zone goes down, the TI zone is deemed unavailable and data flows belonging to the zone can be optionally dropped.
In one embodiment, an E_Port belonging to a particular TI zone may not carry any other data flows outside the zone, unless that E_Port is the only way to reach the destination and the failover option is enabled. If the failover option is disabled, that E_Port is precluded from carrying any other data flows outside the zone under any circumstance.
In some embodiments, a TI zone can be provisioned to carry traffic of a given QoS class. Dedicating the TI zone to one or more QoS classes can guarantee a certain amount of bandwidth, a minimum delay, and a minimum packet loss rate. In general, a number of QoS parameters, such as bandwidth, end-to-end delay, and in-order packet delivery, can be enforced within a TI zone. In addition, more than one TI zones may be provisioned for one QoS class. In case one TI zone fails (e.g., due to port or link failure), another TI zone can be used the carry the protected traffic.
Ideally, a few general rules may be followed when TI zones are configured. For example, to limit the management overhead, a maximum number (e.g., 255) of TI zones can be created in one switch fabric. Second, a port configured to be in a TI zone may not be a member of other TI zones. In other words, a given port can only be a member of a single TI zone because the port can only be on a single path to any specific domain to ensure successful traffic isolation. This “non-duplication” rule is enforced during zone creation/modification. Lastly, to use a trunk port for a TI zone, all the ports in the trunk group become part of the same TI zone. Mixing different TI zones in a trunk group or configuring only a subset of the ports in the trunk group might result in unpredictable behavior.
In one embodiment, a TI zone can be created for a switch using command-line interface (CLI) with options and a port list of (domain, index) format, where domain is the switch domain ID and index is the port number. The port world-wide name (WWN) can also be used for TI over Fibre Channel router (FCR) support. Below is an example of the command:
    • zone --create -t ti “redzone” -p “1,1; 2,4; 2,6; 3,8”
      The command zone takes the operations such as create, add, remove, delete, activate, deactivate and show. The object type ti after the -t option specifies that the zone is of the traffic isolation type, and redzone is the name of the TI zone configured. The TI zone is identified by a port list (1,1; 2,4; 2,6; 3,8), which comprises port 1 of switch domain 1, port 4 and port 6 of switch domain 2, and port 8 of switch domain 3.
Embodiments of the present invention provide the following CLI syntax to manage TI zones:
Synopsis:
zone --operation -t objtype [-o optionlist] name -p portlist
operation ::=create, add, remove, delete, activate, deactivate or show
objtype ::=ti (traffic isolation zone)
optionlist ::=a (activate), d (deactivate), n (no-failover), f (failover)
portlist :: =D,I (Domain, Index)
TI Zone Create
zone --create -t objtype [-o optionlist] name portlist -p portlist
Create a TI Zone with specified options and the portlist. By default, the zone is created with failover enabled and the zone will be activated.
Examples
Create a Traffic Isolation Zone with failover enabled and activate the zone. zone --create -t ti “redzone” -p “1,1; 2,4; 1,8; 2,6”
Create a Traffic Isolation Zone with failover disabled and deactivated. zone --create -t ti -o dn “redzone” -p “1,1; 2,4; 1,8; 2,6”
TI Zone Add/Remove Members and Options
zone --add [-o optionlist] name portlist -p portlist <<use without portlist to add options>>
zone --remove name portlist -p portlist <<use without portlist to remove options>>
Zone --add command allows users to add portlist members and failover option to an existing TI zone. Zone --remove command allows user to remove portlist members from existing zones. If the last member of a TI zone is removed, the TI zone name will be removed from the defined TI zone lists.
Examples
    • Add port members to an existing TI zone.
      zone --add “redzone” -p “3,4; 3,6”
    • Add option to disable/enable failover for a TI zone.
      zone --add -o n “redzone”
      zone --add -o f “greenzone” -p “3,4”
    • Remove portlist member from an existing TI zone.
      zone -remove “bluezone” -p “3,4; 3,6”
TI Zone Activate/Deactivate
zone --activate name.....[name]
zone --deactivate name.....[name]
Zone activate/deactivate command allows user to activate/deactivate TI zone.
Examples
    • zone --activate redzone
    • zone --deactivate bluezone
TI Zone Deletion
zone --delete name.....[name]
Zone --delete command will delete TI zones from the defined TI zone lists completely. Users will be prompted to confirm delete action.
Examples
    • zone --delete bluezone
TI Zone Show
zone --show
The zone --show command without any specified name will display all the TI zones in defined configuration. Zone --show command can be executed for one zone. This command will display the zone name, portlists, failover option and status.
Examples
zone --show
Zone Name: green_zone:
List of port: 2,2; 3,3; 5,3; 4,11;
Failover: Enabled
Status: Activated
Zone Name: blue_zone:
List of port: 1,2; 1,3; 3,3; 4,5;
Failover: Enabled
Status: Activated
Zone Name: red_zone:
List of port: 9,2; 9,3; 8,3; 8,5;
Failover: Disabled
Status: Deactivated
zone --show blue_zone
Zone Name: blue_zone:
List of port: 1,2; 1,3; 3,3; 4,5
Failover: Enabled
Status: Activated
FIG. 4 illustrates an exemplary switch fabric comprising five switch domains 1 to 5, in which three TI zones are created. TI zone 420 facilitates communication between a host 430 and a host 432 though a list of ports (1,2; 2,2; 2,1; 5,2) across switch domains 1, 2, and 5. TI zone 422 includes a list of ports (5,4; 2, 7; 2,6; 3,2; 3,6; 4,2), which are part of a path that traverses switch domains 5, 2, 3, and 4. Applications accessing a disk array 434 from host 432 may send and receive data flows on TI zone 422. The third TI zone 424 configured in this example provides an end-to-end dedicated path between host 430 and disk array 434 across switch domains 1, 2, 3, and 4. The port list for TI zone 424 is (1,4; 2,4; 2,8; 3,4; 3,8; 4,4). Note that all three TI zones shown in FIG. 4 include only E_Ports. The set of ISLs between the E_Ports form an end-to-end path from the ingress switch domain to the egress switch domain.
For example, TI zone 424 creates a dedicated path from switch domains 1 to 4 through the core switch domains 2 and 3. All data flows belonging to TI zone 424 and entering domain 1 from host 430 will be forwarded to port 4 on switch domain 1. Other data flows from host 430 outside this zone will be routed to port 2 regardless of their destination. Similarly, any traffic entering switch domain 2 on port 2 will be routed to port 6 when heading for switch domain 3 or domain 4 because port 4 and port 8 on switch domain 2 are dedicated to TI zone 424.
FIG. 5 presents a flowchart illustrating the process of enabling a TI zone after it is created, in accordance with embodiments of the present invention. During operation, the system first initializes a TI zone for a number of switches (operation 502). The system then propagates the TI zone configuration information to all involved switches (operation 504). Next, the system determines if the new TI zone configuration applies to a local switch (operation 506). If so, the forwarding table of the local switch will be updated with the new TI zone information (operation 508).
A TI zone configuration is interpreted by the local switch and the switch only considers the forwarding update required for its local ports. In one embodiment, a switch is not required to determine whether the TI zones accurately provide dedicated end-to-end paths through the entire switch fabric. This allows routing to be determined at the time TI zones are activated, eliminating a significant amount of overhead that would be required to dynamically route data flows belonging to TI zones in real-time.
In one embodiment, TI zones provide traffic isolation in a “best effort” fashion that works as long as the “lowest-cost path” rule holds in fabric shortest-path first (FSPF) routing. In other words, FSPF routing rules can take precedence over the TI zones. This means that data flows from one TI zone may have to share E_Ports with other data flows when no equal-cost paths can be found. Furthermore, when an E_Port in the preferred TI zone fails, data flows belonging to that TI zone will be switched to a failover path that is the next lowest-cost path to the destination. Similarly, a data flow outside the zone will use an E_Port from this TI zone if no alternative path exists.
In some embodiments, the following rules apply if the TI zone is not the lowest-cost path: when the TI zone path is broken, data flows belonging to this TI zone will switch over to the lowest-cost path which is not part of the TI zone if the failover option is enabled. If the failover option is disabled, the data flows belonging to this TI zone will be blocked. The following rules apply if the TI zone is the only lowest-cost path: if the failover option is enabled, non-TI-zone as well as TI-zone data flows can use the dedicated TI-zone path. If the failover option is disabled, the non-TI zone data flows will be blocked.
FIG. 6 presents a flowchart illustrating the process of making decisions on how to forward a data flow at a switch, in accordance with an embodiment of the present invention. During operation, the system first receives a data flow (operation 602). The system then determines whether the flow belongs to a TI zone (operation 604). If not, the data flow is forwarded to a non-TI zone port (operation 614). If the flow belongs to a TI zone, the system further determines whether the next-hop port within the TI zone is available (operation 606). If the next-hop port on the TI zone is available, the data flow is forwarded to that port (operation 608). If the port within that TI zone is not available, the system then decides whether the TI zone failover option is enabled (operation 610). If so, the data flow is forwarded to a non-TI zone port on the failover path (operation 614). Otherwise, the data flow is dropped (operation 612).
FIG. 7 illustrates how a TI zone with the failover option enabled switches over to an alternate path, in accordance with an embodiment of the present invention. Consider a TI zone 700 that traverses an ISL 720 and an ISL 722 in the example in FIG. 7. When ISL 720 goes offline, data flows belonging to TI zone 700 will automatically switch over to the failover path that spans ISL 724 and ISL 726 between switch domain 1 (702) and switch domain 3 (706) through switch domain 5 (704). If the failover option is disabled, however, TI zone 700 will be deemed unavailable and data flows belonging to the zone are dropped. On the other hand, if a TI Zone is the only path to reach another domain, non-TI zone traffic may be forwarded on the TI zone path as well. For example, in FIG. 7, if ISL 724 is offline, all the traffic from switch domain 1 (702) to switch domain 4 (708) will be forwarded via ISL 720, regardless of whether the traffic belongs to TI zone 700.
Hence, during the configuration of a TI zone with the failover option disabled, special cautions need to be taken to avoid segmenting a subset of switches from the fabric. Segmentation happens when there is no route to reach switch ports outside the zone from switch ports within the zone. Before deployment of a TI zone with failover disabled, the topology is ideally reviewed to ensure that all switches in the fabric have a path to reach other switches in the fabric. A partially configured TI zone without a full path between a source and a destination might result in fabric-wide operation failure. Recovery from the failure could be difficult since operators may need to take switches offline one by one to locate the broken ISL.
Note that the TI zone in FC networks should be distinguished from the general SAN zoning, which is a method of arranging Fibre Channel devices into logical groups within the fabric. In general SAN zoning, each device may be placed into multiple zones to achieve compartmentalization of data for security purposes. For instance, by dividing up device ports into groups, data access can be limited for some users to specific groups of servers that store confidential data in a SAN network. Traffic within one SAN zone can be strictly prohibited from entering another SAN zone, even when one SAN zone fails. In contrast, traffic within a TI zone is allowed to leave the TI zone under certain circumstances, for example when there is a failure in the TI zone and when the failover option is enabled. Furthermore, traffic outside a TI zone might also be allowed to enter the TI zone under similar circumstances. In general, the designation of TI zones takes place within a SAN zone. In other words, a TI zone and the corresponding non-TI zones all belong to the same SAN zone. A more detailed discussion on general SAN zoning can be found in “Designing Storage Area Networks,” by Tom Clark, 2nd Ed., Addison Wesley, 2003.
In contrast, a TI zone isolates data flows over different ISLs to control the ports and path used when routing traffic between fabrics. By assigning specific paths for data flows, TI zones also minimize congestion and improve fabric utilization. General SAN zoning, on the other hand, does not change a data flow's routing; it only partitions the SAN into logical groups and enforces access security between the groups.
TI Zones Over FCR
The traffic isolation feature introduced in the previous section provides capability to isolate traffic between N_Ports or E_Ports across a particular path defined within layer-two fabrics. However, TI zones can also be extended to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics. One embodiment of the present invention allows a TI zone comprising one or more EX_Ports. EX_Ports couple a Fibre Channel router to a Fibre Channel switch. On the switch side the port looks like a normal E_Port, but on the router side the port is an EX_Port.
A TI zone over FCR typically has two portions: TI zones within the edge and TI zones within network backbone. TI zones within edge device include ports that couple switches to network appliances. TI zones within the network backbone are the portions including E_Ports and EX_Ports that inter-couple switches. For example, TI zone 200 in FIG. 2 includes ports 1 and 6 within the edge devices and ports 2, 3, 4, and 5 within the network backbone. While the main focus of TI zones over FCR is in the backbone fabrics, this feature works in conjunction with TI zones within edge devices to achieve desired end-to-end network routing. In other words, a TI zone within edge is used to route traffic between end devices and proxy devices to a particular EX_Port, and a TI zone within network backbone is used to secure a dedicated path within the backbone fabrics.
In another embodiment, the dedicated path within the backbone may comprise a set of EX_Ports or a tunnel based on virtual E_Ports (VE_Ports) across one or more FCRs. FIG. 8 illustrates a TI zone configuration with a Fibre-Channel-over-IP (FCIP) tunnel. TI zone 800 in FIG. 8 includes a list of port (1,4; 2,4; 2,6; 3,2; 3,8; 4,4). A FCIP tunnel 802 couples VE_Port 6 of switch domain 2 to VE_Port 2 of switch domain 3. Hence traffic flows belonging to TI zone 800 are carried over FCIP tunnel 802 between switch domains 2 and 3.
In a summary, embodiments of the present invention facilitate TI zones in a network to manage dedicate route. A TI zone can include a set of switch ports used for specific traffic flows. A data flow that belongs to the TI zone is forwarded to a next-hop port within the zone. TI zones allow users to assign a data flow to specific inter-switch links (ISLs) to isolate traffic and reduce congestion within a switch fabric. TI zones can also be used to dedicate ISLs to high-priority data flows, and control the route for inter-switch traffic.
The foregoing descriptions of embodiments of the present invention have been presented only for purposes of illustration and description. They are not intended to be exhaustive or to limit this disclosure. Accordingly, many modifications and variations will be apparent to practitioners skilled in the art. The scope of the present invention is defined by the appended claims.

Claims (24)

What is claimed is:
1. A method for facilitating traffic isolation in a switch, the method comprising:
configuring one or more ports of the switch as members of first a traffic isolation zone, wherein a traffic isolation zone is a subset of ports in the switch and precludes a data flow not belonging to the traffic isolation zone from reaching a port within the traffic isolation zone;
identifying that a data flow belongs to the first traffic isolation zone based on the subset of ports belonging to the first traffic isolation zone;
in response to a port of the first traffic isolation zone being available, associating the data flow with the port as an output port;
in response to the port not being available, determining whether a failover option for the first traffic isolation zone is enabled; and
in response to the failover option being enabled, associating the data flow with a second port as an output port, wherein the second port is a member of a second traffic isolation zone, and wherein the second traffic isolation zone is distinct from the first traffic isolation zone.
2. The method of claim 1, further comprising:
using the first traffic isolation zone to enforce one or more Quality-of-Service (QoS) parameters for a QoS class.
3. The method of claim 1, wherein configuring the ports as members of the first traffic isolation zone comprises:
propagating the configuration of the first traffic isolation zone across one or more switches;
determining whether a local switch is part of the first traffic isolation zone; and
updating a local forwarding table with the configuration of the first traffic isolation zone.
4. The method of claim 1, wherein the method further comprises associating the data flow with the second port as an output port in response to a next-hop port within the first traffic isolation zone for the data flow not being available, wherein a next-hop port within the second traffic isolation zone for the data flow is available.
5. The method of claim 1, wherein the method further comprises dropping the data flow belonging to the first traffic isolation zone in response to the failover option not being enabled.
6. The method of claim 1, wherein the ports configured as members of the first traffic isolation zone are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.
7. The method of claim 6, wherein the first traffic isolation zone comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form an end-to-end path.
8. The method of claim 6, wherein the first traffic isolation zone comprises one or more EX_Ports and is configurable to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.
9. A non-transitory computer-readable medium storing instructions which when executed by a computer cause the computer to perform a method for facilitating traffic isolation in a network, the method comprising:
configuring one or more ports of a switch as members of a first logical group, wherein a logical group is a subset of ports in the switch and precludes a data flow not belonging to the logical group from reaching a port within the logical group;
identifying that a packet belongs to the first logical group based on the subset of ports belonging to the first traffic isolation zone;
in response to a port of the first logical group being available, associating the packet with the port as an output port;
in response to the port not being available, determining whether a failover option for the first logical group is enabled; and
in response to the failover option being enabled, associating the packet with a second port as an output port, wherein the second port is a member of a second logical group, and wherein the second logical group is distinct from the first logical group.
10. The computer-readable medium of claim 9, wherein the method further comprises using the first logical group to enforce one or more Quality-of-Service (QoS) parameters for a QoS class.
11. The computer-readable medium of claim 9, wherein configuring the ports as members of the first logical group comprises:
propagating the configuration of the first logical group across one or more switches;
determining whether a local switch is part of the first logical group; and
updating a local forwarding table with the configuration of the first logical group.
12. The computer-readable medium of claim 9, wherein the method further comprises associating the packet with the second port as an output port in response to a next-hop port within the first logical group for the packet not being available, wherein a next-hop port within the second logical group for the data flow is available.
13. The computer-readable medium of claim 9, wherein the method further comprises dropping the packet belonging to the first logical group in response to the failover option not being enabled.
14. The computer-readable medium of claim 9, wherein the ports configured as members of the first logical group are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.
15. The computer-readable medium of claim 14, wherein the first logical group comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form an end-to-end path.
16. The computer-readable medium of claim 14, wherein the first logical group comprises one or more EX_Ports and is configurable to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.
17. A switch for facilitating traffic isolation in a network, the switch comprising:
a set of ports operable as members of a first logical group, wherein a logical group is a subset of ports in the switch and precludes a data flow not belonging to the logical group from reaching a port within the logical group;
a logical-group mapping module adapted to:
identify that a packet belongs to the first logical group based on the subset of ports belonging to the first logical group; and
determine whether a failover option for the first logical group is enabled in response to a port of the first logical group not being available;
and
a forwarding module adapted to:
associate the packet with the port as an output port in response to the port being available; and
associate the packet with a second port as an output port in response to the failover option being enabled, wherein the second port is a member of a second logical group, and wherein the second logical group is distinct from the first logical group.
18. The switch of claim 17, further comprising a Quality-of-Service (QoS) enforcement module adapted to enforce one or more QoS parameters for a QoS class based on the first logical group.
19. The switch of claim 17, further comprising a logical-group configuration module adapted to:
propagate the configuration of the first logical group across one or more switches;
determine whether a local switch domain is part of the logical group; and
update a local forwarding table with the configuration of the first logical group.
20. The switch of claim 17, wherein the forwarding module is further adapted to associate the packet with the second port as an output port in response to a next-hop port within the first logical group for the packet not being available, wherein a next-hop port within the second logical group for the data flow is available.
21. The switch of claim 17, wherein the forwarding module is further operable to drop the packet belonging to the first logical group port in response to the failover option not being enabled.
22. The switch of claim 21, wherein the ports are adapted to operate as members of the first logical group are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.
23. The switch of claim 21, wherein the first logical group comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form an end-to-end path.
24. The switch of claim 21, wherein the first logical group comprises one or more EX_Ports and is operable to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.
US12/550,227 2009-08-28 2009-08-28 Method and system for traffic isolation in a network Expired - Fee Related US9270580B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/550,227 US9270580B1 (en) 2009-08-28 2009-08-28 Method and system for traffic isolation in a network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12/550,227 US9270580B1 (en) 2009-08-28 2009-08-28 Method and system for traffic isolation in a network

Publications (1)

Publication Number Publication Date
US9270580B1 true US9270580B1 (en) 2016-02-23

Family

ID=55314790

Family Applications (1)

Application Number Title Priority Date Filing Date
US12/550,227 Expired - Fee Related US9270580B1 (en) 2009-08-28 2009-08-28 Method and system for traffic isolation in a network

Country Status (1)

Country Link
US (1) US9270580B1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160218970A1 (en) * 2015-01-26 2016-07-28 International Business Machines Corporation Method to designate and implement new routing options for high priority data flows
US10225331B1 (en) * 2015-09-23 2019-03-05 EMC IP Holding Company LLC Network address translation load balancing over multiple internet protocol addresses
US10359958B2 (en) * 2010-12-27 2019-07-23 International Business Machines Corporation Method and system for managing a storage network to reduce power consumption
US10394469B2 (en) 2017-08-07 2019-08-27 Cisco Technology, Inc. Detecting and handling solicited IO traffic microbursts in a fibre channel storage area network
CN112532521A (en) * 2020-10-30 2021-03-19 中盈优创资讯科技有限公司 Outflow node information identification method for NetFlow flow
US11223531B2 (en) 2010-07-06 2022-01-11 Nicira, Inc. Method and apparatus for interacting with a network information base in a distributed network control system with multiple controller instances
US20230035311A1 (en) * 2021-07-28 2023-02-02 Dell Products L.P. Automated zoning set selection triggered by switch fabric notifications
US11677588B2 (en) * 2010-07-06 2023-06-13 Nicira, Inc. Network control apparatus and method for creating and modifying logical switching elements
US11979280B2 (en) 2010-07-06 2024-05-07 Nicira, Inc. Network control apparatus and method for populating logical datapath sets

Citations (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5633861A (en) 1994-12-19 1997-05-27 Alcatel Data Networks Inc. Traffic management and congestion control for packet-based networks
US5638359A (en) 1992-12-14 1997-06-10 Nokia Telecommunications Oy Method for congestion management in a frame relay network and a node in a frame relay network
US5719853A (en) 1993-12-22 1998-02-17 Nec Corporation Congestion control method in an ATM network based on threshold values of node queue length
US5970048A (en) 1993-11-30 1999-10-19 Nokia Telecommunications Oy Control of overload situations in frame relay network
US6014383A (en) 1997-02-10 2000-01-11 Compaq Computer Corporation System and method for controlling multiple initiators in a fibre channel environment
US6091725A (en) 1995-12-29 2000-07-18 Cisco Systems, Inc. Method for traffic management, traffic prioritization, access control, and packet forwarding in a datagram computer network
US6160793A (en) 1998-10-13 2000-12-12 Nokia Telecommunications, Oy ECN-based approach for congestion management in hybrid IP-ATM networks
US6185189B1 (en) 1997-06-13 2001-02-06 International Business Machines Corporation Method for adapting committed information rate over frame relay switched network
US6233236B1 (en) 1999-01-12 2001-05-15 Mcdata Corporation Method and apparatus for measuring traffic within a switch
US6381642B1 (en) 1999-10-21 2002-04-30 Mcdata Corporation In-band method and apparatus for reporting operational statistics relative to the ports of a fibre channel switch
US6427114B1 (en) 1998-08-07 2002-07-30 Dinbis Ab Method and means for traffic route control
US20030021223A1 (en) * 2001-07-27 2003-01-30 International Business Machines Corporation Network node failover using path rerouting by manager component or switch port remapping
US20030090997A1 (en) * 2001-11-01 2003-05-15 Telefonaktiebolaget Lm Ericsso (Publ) Arrangement and method for protection switching
US20030195956A1 (en) * 2002-04-15 2003-10-16 Maxxan Systems, Inc. System and method for allocating unique zone membership
US6724722B1 (en) 1999-03-19 2004-04-20 Lucent Technologies Inc. Managing congestion and potential traffic growth in an information network
US20040078599A1 (en) * 2001-03-01 2004-04-22 Storeage Networking Technologies Storage area network (san) security
US6765919B1 (en) * 1998-10-23 2004-07-20 Brocade Communications Systems, Inc. Method and system for creating and implementing zones within a fibre channel system
US20060002293A1 (en) * 2004-07-02 2006-01-05 Alcatel Transport network restoration method supporting extra traffic
US20060002292A1 (en) * 2004-06-30 2006-01-05 Zarlink Semiconductor Inc. Method and apparatus providing rapid end-to-end failover in a packet switched communications network
US20060023707A1 (en) * 2004-07-30 2006-02-02 Makishima Dennis H System and method for providing proxy and translation domains in a fibre channel router
US20060215663A1 (en) * 2005-03-28 2006-09-28 Cisco Technology, Inc. Zone based quality of service in a fibre channel fabric
US20060262784A1 (en) * 2005-05-19 2006-11-23 Cisco Technology, Inc. Technique for in order delivery of traffic across a storage area network
US7145868B2 (en) 1997-11-28 2006-12-05 Alcatel Canada Inc. Congestion management in a multi-port shared memory switch
US7167472B2 (en) 2001-04-18 2007-01-23 Brocade Communications Systems, Inc. Fibre channel zoning by device name in hardware
US20070070901A1 (en) 2005-09-29 2007-03-29 Eliezer Aloni Method and system for quality of service and congestion management for converged network interface devices
US20070253326A1 (en) * 2006-04-28 2007-11-01 Alcatel System and method for resilient VPLS over multi-nodal APS protected provider edge nodes
US7352740B2 (en) 2003-04-29 2008-04-01 Brocade Communciations Systems, Inc. Extent-based fibre channel zoning in hardware
US7366194B2 (en) 2001-04-18 2008-04-29 Brocade Communications Systems, Inc. Fibre channel zoning by logical unit number in hardware
US7430203B2 (en) 2004-01-29 2008-09-30 Brocade Communications Systems, Inc. Fibre channel zoning hardware for directing a data packet to an external processing device

Patent Citations (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5638359A (en) 1992-12-14 1997-06-10 Nokia Telecommunications Oy Method for congestion management in a frame relay network and a node in a frame relay network
US5970048A (en) 1993-11-30 1999-10-19 Nokia Telecommunications Oy Control of overload situations in frame relay network
US5719853A (en) 1993-12-22 1998-02-17 Nec Corporation Congestion control method in an ATM network based on threshold values of node queue length
US5633861A (en) 1994-12-19 1997-05-27 Alcatel Data Networks Inc. Traffic management and congestion control for packet-based networks
US6091725A (en) 1995-12-29 2000-07-18 Cisco Systems, Inc. Method for traffic management, traffic prioritization, access control, and packet forwarding in a datagram computer network
US6014383A (en) 1997-02-10 2000-01-11 Compaq Computer Corporation System and method for controlling multiple initiators in a fibre channel environment
US6185189B1 (en) 1997-06-13 2001-02-06 International Business Machines Corporation Method for adapting committed information rate over frame relay switched network
US7145868B2 (en) 1997-11-28 2006-12-05 Alcatel Canada Inc. Congestion management in a multi-port shared memory switch
US6427114B1 (en) 1998-08-07 2002-07-30 Dinbis Ab Method and means for traffic route control
US6160793A (en) 1998-10-13 2000-12-12 Nokia Telecommunications, Oy ECN-based approach for congestion management in hybrid IP-ATM networks
US6765919B1 (en) * 1998-10-23 2004-07-20 Brocade Communications Systems, Inc. Method and system for creating and implementing zones within a fibre channel system
US6980525B2 (en) 1998-10-23 2005-12-27 Brocade Communications Systems, Inc. Method and system for creating and implementing zones in hardware within a fiber channel system
US7120128B2 (en) 1998-10-23 2006-10-10 Brocade Communications Systems, Inc. Method and system for creating and implementing zones within a fibre channel system
US7283486B2 (en) 1998-10-23 2007-10-16 Brocade Communications Systems, Inc. Method and system for creating and implementing zones within a fibre channel system
US6233236B1 (en) 1999-01-12 2001-05-15 Mcdata Corporation Method and apparatus for measuring traffic within a switch
US6724722B1 (en) 1999-03-19 2004-04-20 Lucent Technologies Inc. Managing congestion and potential traffic growth in an information network
US6381642B1 (en) 1999-10-21 2002-04-30 Mcdata Corporation In-band method and apparatus for reporting operational statistics relative to the ports of a fibre channel switch
US20040078599A1 (en) * 2001-03-01 2004-04-22 Storeage Networking Technologies Storage area network (san) security
US7366194B2 (en) 2001-04-18 2008-04-29 Brocade Communications Systems, Inc. Fibre channel zoning by logical unit number in hardware
US7167472B2 (en) 2001-04-18 2007-01-23 Brocade Communications Systems, Inc. Fibre channel zoning by device name in hardware
US20030021223A1 (en) * 2001-07-27 2003-01-30 International Business Machines Corporation Network node failover using path rerouting by manager component or switch port remapping
US20030090997A1 (en) * 2001-11-01 2003-05-15 Telefonaktiebolaget Lm Ericsso (Publ) Arrangement and method for protection switching
US20030195956A1 (en) * 2002-04-15 2003-10-16 Maxxan Systems, Inc. System and method for allocating unique zone membership
US7352740B2 (en) 2003-04-29 2008-04-01 Brocade Communciations Systems, Inc. Extent-based fibre channel zoning in hardware
US7430203B2 (en) 2004-01-29 2008-09-30 Brocade Communications Systems, Inc. Fibre channel zoning hardware for directing a data packet to an external processing device
US20060002292A1 (en) * 2004-06-30 2006-01-05 Zarlink Semiconductor Inc. Method and apparatus providing rapid end-to-end failover in a packet switched communications network
US20060002293A1 (en) * 2004-07-02 2006-01-05 Alcatel Transport network restoration method supporting extra traffic
US20060023707A1 (en) * 2004-07-30 2006-02-02 Makishima Dennis H System and method for providing proxy and translation domains in a fibre channel router
US20060215663A1 (en) * 2005-03-28 2006-09-28 Cisco Technology, Inc. Zone based quality of service in a fibre channel fabric
US20060262784A1 (en) * 2005-05-19 2006-11-23 Cisco Technology, Inc. Technique for in order delivery of traffic across a storage area network
US20070070901A1 (en) 2005-09-29 2007-03-29 Eliezer Aloni Method and system for quality of service and congestion management for converged network interface devices
US20070253326A1 (en) * 2006-04-28 2007-11-01 Alcatel System and method for resilient VPLS over multi-nodal APS protected provider edge nodes

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11677588B2 (en) * 2010-07-06 2023-06-13 Nicira, Inc. Network control apparatus and method for creating and modifying logical switching elements
US12028215B2 (en) 2010-07-06 2024-07-02 Nicira, Inc. Distributed network control system with one master controller per logical datapath set
US11979280B2 (en) 2010-07-06 2024-05-07 Nicira, Inc. Network control apparatus and method for populating logical datapath sets
US11223531B2 (en) 2010-07-06 2022-01-11 Nicira, Inc. Method and apparatus for interacting with a network information base in a distributed network control system with multiple controller instances
US11509564B2 (en) 2010-07-06 2022-11-22 Nicira, Inc. Method and apparatus for replicating network information base in a distributed network control system with multiple controller instances
US11539591B2 (en) 2010-07-06 2022-12-27 Nicira, Inc. Distributed network control system with one master controller per logical datapath set
US11876679B2 (en) 2010-07-06 2024-01-16 Nicira, Inc. Method and apparatus for interacting with a network information base in a distributed network control system with multiple controller instances
US10359958B2 (en) * 2010-12-27 2019-07-23 International Business Machines Corporation Method and system for managing a storage network to reduce power consumption
US10084859B2 (en) * 2015-01-26 2018-09-25 International Business Machines Corporation Method to designate and implement new routing options for high priority data flows
US20160218970A1 (en) * 2015-01-26 2016-07-28 International Business Machines Corporation Method to designate and implement new routing options for high priority data flows
US10225331B1 (en) * 2015-09-23 2019-03-05 EMC IP Holding Company LLC Network address translation load balancing over multiple internet protocol addresses
US10394469B2 (en) 2017-08-07 2019-08-27 Cisco Technology, Inc. Detecting and handling solicited IO traffic microbursts in a fibre channel storage area network
US10606492B2 (en) 2017-08-07 2020-03-31 Cisco Technology, Inc. Detecting and handling solicited IO traffic microbursts in a fibre channel storage area network
CN112532521A (en) * 2020-10-30 2021-03-19 中盈优创资讯科技有限公司 Outflow node information identification method for NetFlow flow
US11750457B2 (en) * 2021-07-28 2023-09-05 Dell Products L.P. Automated zoning set selection triggered by switch fabric notifications
US20230035311A1 (en) * 2021-07-28 2023-02-02 Dell Products L.P. Automated zoning set selection triggered by switch fabric notifications

Similar Documents

Publication Publication Date Title
US9270580B1 (en) Method and system for traffic isolation in a network
JP7509876B2 (en) SYSTEM AND METHOD FOR SUPPORTING TARGET GROUPS FOR CONGESTION CONTROL IN A PRIVATE FABRIC IN A HIGH PERFORMANCE COMPUTING ENVIRONMENT - Patent application
US8160072B1 (en) Method and system for facilitating QoS zoning in a network
US12101218B2 (en) Transmit specific traffic along blocked link
KR102340683B1 (en) System and method for supporting partition-aware routing in a multi-tenant cluster environment
JP6752815B2 (en) Systems and methods for efficient network isolation and load balancing in a multi-tenant cluster environment
US9158570B2 (en) Method and system for facilitating quality of service in edge devices in a fibre channel network
US9794192B2 (en) Method and device for allocating packet switching resource
US9325619B2 (en) System and method for using virtual lanes to alleviate congestion in a fat-tree topology
US8767558B2 (en) Custom routing decisions
KR101538560B1 (en) Switching system, switching control method, and memory medium
US10445124B2 (en) Managing virtual computing nodes using isolation and migration techniques
US10084691B2 (en) Scalable framework for managing QoS requirements after a switch link failover in a switch fabric network
EP3066795A1 (en) Virtual port channel bounce in overlay network
WO2014054281A1 (en) Control apparatus, control method thereof, and program
CN106411735B (en) A kind of method for configuring route and device
US10003528B2 (en) Scalable framework for managing switch link failovers in a switch fabric network
US20240154918A1 (en) Efficient port reconfiguration
WO2014064976A1 (en) Network device, control method, and program
US9729470B2 (en) Method, apparatus, and system for implementing node port virtualization on fibre channel
Šeremet et al. Evolving IP/MPLS network in order to meet 5G requirements
Dell
US9900673B2 (en) Software defined optical network

Legal Events

Date Code Title Description
AS Assignment

Owner name: BROCADE COMMUNICATIONS SYSTEMS, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ABRAHAM, VINEET M.;GNANASEKARAN, SATHISH K.;TADISINA, SHASHANK R.;AND OTHERS;SIGNING DATES FROM 20090828 TO 20090831;REEL/FRAME:023308/0977

AS Assignment

Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATE

Free format text: SECURITY AGREEMENT;ASSIGNORS:BROCADE COMMUNICATIONS SYSTEMS, INC.;FOUNDRY NETWORKS, LLC;INRANGE TECHNOLOGIES CORPORATION;AND OTHERS;REEL/FRAME:023814/0587

Effective date: 20100120

AS Assignment

Owner name: FOUNDRY NETWORKS, LLC, CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT;REEL/FRAME:034804/0793

Effective date: 20150114

Owner name: BROCADE COMMUNICATIONS SYSTEMS, INC., CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:WELLS FARGO BANK, NATIONAL ASSOCIATION, AS COLLATERAL AGENT;REEL/FRAME:034804/0793

Effective date: 20150114

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

CC Certificate of correction
AS Assignment

Owner name: BROCADE COMMUNICATIONS SYSTEMS LLC, CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:BROCADE COMMUNICATIONS SYSTEMS, INC.;REEL/FRAME:044891/0536

Effective date: 20171128

AS Assignment

Owner name: AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITED, SINGAPORE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BROCADE COMMUNICATIONS SYSTEMS LLC;REEL/FRAME:047270/0247

Effective date: 20180905

Owner name: AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BROCADE COMMUNICATIONS SYSTEMS LLC;REEL/FRAME:047270/0247

Effective date: 20180905

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20200223