 |
Claims  |
|
|
What is claimed is:
1. A network interfacing apparatus comprising:
a plurality of working ports coupled to a plurality of nodes;
an address table for storing addresses of said working ports;
an attachment port coupled to a network for receiving an incoming information packet therefrom, and sending an outgoing information packet thereto, said incoming packet containing a destination address;
an incoming packet controller coupled to said working ports, said address table, and said attachment port, said controller determining whether said destination address matches any of the addresses stored in said address table, and in response to
a destination address match, said controller sending said incoming packet to said working ports;
a packet scrambler coupled to the incoming packet controller for providing a scrambled information packet so that in response to a destination address match, the corresponding working port receives the incoming information packet and at least one
other working ports receives the scrambled information packet;
an outgoing packet controller coupled to said working ports, said address table, and said attachment port, said outgoing controller receiving said outgoing information packet from one of said working ports, and determining whether an outgoing
address contained in said outgoing packet matches any of the addresses stored in said address table, and if no outgoing address match is found, said controller sending said outgoing packet to said network via said attachment port;
a repeater for coupling said working ports to each other: and
a cascade interface for coupling external working ports to said repeater to increase the number of working ports interfaced by said apparatus.
2. The apparatus of claim 1, wherein said controller prevents said incoming packet from being sent to said working ports if no destination address match is found.
3. The apparatus of claim 1, further comprising:
an address table controller coupled to said working ports and said address table for determining whether all of said working ports are active, said address table controller removing the address of any inactive working port from said address
table.
4. The apparatus of claim 1, further comprising arbitration logic for coordinating information transfer between said cascade interface and said external working ports.
5. The apparatus of claim 1, wherein said outgoing controller prevents said outgoing packet from being sent to said network if an outgoing address match is found.
6. The apparatus of claim 1, wherein said incoming controller prevents said incoming packet from being sent to said working ports if no destination address match is found.
7. The apparatus of claim 5, wherein said incoming controller prevents said incoming packet from being sent to said working ports if no destination address match is found.
8. The apparatus of claim 1, further comprising:
a packet scrambler for providing a scrambled information packet to at least one of said working ports having an address which does not match said destination address.
9. The apparatus of claim 1, further comprising:
a packet scrambler for providing a scrambled information packet to at least one of said working ports having an address which does not match said outgoing address.
10. The apparatus of claim 1, further comprising:
an address table controller coupled to said working ports and said address table for determining whether all of said working ports are active, said address table controller removing the address of any inactive working port from said address
table.
11. The apparatus of claim 1, wherein said outgoing packet contains a source working port address, and wherein said apparatus further comprises:
an address table controller coupled to said working ports and said address table for receiving said outgoing packet and determining whether said source working port address matches any of the addresses stored in said address table, and if no
match if found, said address table controller storing said source working port address in said address table.
12. The apparatus of claim 1, further comprising:
a repeater for coupling said working ports to each other.
13. The apparatus of claim 12, further comprising:
a cascade interface for coupling external working ports to said repeater to increase the number of working ports interfaced by said apparatus.
14. The apparatus of claim 13, further comprising arbitration logic for coordinating information transfer between said cascade interface and said external working ports.
15. A method for interfacing a plurality of working ports having addresses associated therewith to a network, with the ports coupling to each other by a repeater, and with a cascade interface coupling external working ports to the repeater to
increase the number of working ports interfaced by the network the method comprising the steps of:
receiving an incoming information packet having a destination address contained therein;
determining whether said destination address matches any of the addresses associated with the working ports;
sending said incoming information packet to said working ports if a destination address match is found so that the working port corresponding to the destination address receives the incoming information packet;
sending a scrambled information packet to the working ports if the destination address match is found so that at least one working port having an address which does not match said destination address receives the scrambled information packet;
receiving an outgoing information packet from one of said working ports, said outgoing packet containing an outgoing address:
determining whether said outgoing address matches any of the addresses associated with the working ports; and
sending said outgoing information packet to the network if an outgoing address match is not found.
16. The method of claim 15, further comprising the step of:
preventing said incoming information packet from being sent to said working ports if a destination address match is not found.
17. The method of claim 15, further comprising the steps of:
preventing said outgoing information packet from being sent to the network if an outgoing address match is found.
18. The method of claim 15, further comprising the step of:
sending a scrambled information packet instead of said incoming information packet to at least one of said working ports having an address which does not match said destination address.
19. The method of claim 15, further comprising the step of:
sending a scrambled information packet to at least one of said working ports having an address which does not match said outgoing address. |
|
 |
|
 |
Claims |
|
|
|
Description |
|
|
FIELD OF THE INVENTION
This invention relates generally to local area networks and more particularly to an apparatus and method for efficiently and cost-effectively interfacing a plurality of nodes to a network.
BACKGROUND OF THE INVENTION
Local area networks are used on a regular basis to link together multiples nodes, such as personal computers, workstations, servers, etc., to allow the nodes to share information and resources with each other. For small networks, a simple
configuration may be used wherein each of the nodes is coupled directly to the network backbone. For more complicated networks having large numbers of nodes, however, direct coupling becomes highly inefficient. To improve efficiency on the more
complicated networks, the method of "segmenting" is often applied. According to this method, the various nodes in the network are separated into a plurality of groups known as "segments", with each segment typically comprising a plurality of nodes which
communicate regularly with each other. All of the nodes in a segment are usually networked to each other to form a sub-network, and the segment is coupled to the network backbone through a single segment port. By coupling the nodes to the network and
to each other in this manner, connectivity with the network backbone is preserved while keeping to a minimum the number of ports actually coupled to the backbone. For even more complicated networks, each segment may be divided into sub-segments, and
these sub-segments may be further divided into super sub-segments to create a complex hierarchy. The segmenting principle can be extended to any desired level. Segmenting nodes in this manner has been found to improve network efficiency.
A device which is commonly used in segmenting applications is a bridge. A bridge provides a link between two entities. The coupled entities may be two separate segments or they may be a network and a segment. Currently, a wide variety of
bridges are available, with most bridges being general purpose bridges having two sides, each side dealing with a large number of nodes as well as other bridges. A typical bridge comprises a first controller for dealing with a first side of the bridge,
and a second controller for dealing with a second side of the bridge. In operation, the first controller receives an information packet from one of the nodes on the first side, and determines whether the packet is destined for one of the nodes on that
same side (the first side). If so, the packet is prevented from being sent to the second side. If, however, the packet is not destined for the same side, the first controller assumes that it is destined for the other side (the second side) and sends
the packet to that other side. The second controller functions in a similar fashion.
Notice from the above description that when a packet is sent from one side to the other, there is no verification that the packet is actually destined for one of the nodes on the receiving side. There is only verification that the packet is not
destined for the side on which the packet originated. As a result, it is possible that each side of the bridge may receive from the other side extraneous packets which were not actually destined for the receiving side. These extraneous packets impose
unnecessary traffic on the receiving side which, in turn, adversely affects the efficiency of that side. A more efficient interfacing device is needed.
Another drawback of the currently available bridges is that they are too costly for many applications. Because the available bridges are general purpose devices, they are relatively versatile, and along with this versatility comes higher cost.
While versatility may be useful in some situations, it is not needed in many straightforward applications. For example, if all that is needed is to interface a segment having a plurality of nodes to a network, using a general purpose bridge is a waste
of resources. For such applications, a simple and more cost effective interfacing device would be more desirable. Such a device, however, is not believed to be currently available.
SUMMARY OF THE INVENTION
In view of the shortcomings of the prior art, the present invention provides a cost effective and efficient apparatus for interfacing a plurality of nodes to a network. The apparatus of the present invention preferably comprises a plurality of
working ports for coupling to the plurality of nodes, an address table for storing the addresses of the working ports, an attachment port for coupling to a network, an incoming packet controller, and an outgoing packet controller. In operation, the
apparatus of the present invention receives an incoming information packet from the network through the attachment port, and passes the packet on to the incoming packet controller. The controller extracts a destination address from the packet and
determines whether it matches one of the addresses stored in the address table. If an address match is found, then it is determined that the packet is destined for one of the working ports, and in response, the controller sends the incoming packet to
the working ports. On the other hand, if no destination address match is found, the controller prevents the incoming packet from being sent to the working ports. By so doing, the controller ensures that no unnecessary signal traffic is imposed on the
working ports.
With regard to outgoing information packets sent by the working ports, the outgoing packet controller receives such packets and determines whether an outgoing address (which in effect is a destination address) contained in the packet matches one
of the addresses in the address table. If an address match is not found, the outgoing packet is sent to the network via the attachment port. However, if an address match is found, it means that the packet is destined for one of the working ports. In
such a case, the outgoing controller allows the packet to be repeated to the working ports but prevents it from being sent to the network. By so doing, the outgoing controller prevents extraneous packets from cluttering up the network, thereby
increasing network efficiency.
The apparatus of the present invention preferably further comprises a packet scrambler and a cascade interface. The packet scrambler provides, for each information packet destined for one of the working ports, a scrambled information packet
which is sent to all of the working ports except for the port for which the information packet is destined. This serves to ensure that only the intended node receives the information packet. The packet scrambler increases information security by making
it more difficult for one node to monitor information flowing into and out of the other nodes. The cascade interface provides additional circuitry and logic for accommodating the coupling of additional working ports to the apparatus of the invention.
This cascade interface gives the apparatus of the invention the ability to freely expand the number of working nodes that it interfaces to the network without altering the basic apparatus configuration.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a functional block diagram of a system 10 in which the apparatus 20 of the present invention may be implemented.
FIG. 2 is an operational flow diagram for the incoming packet controller 38 of FIG. 1.
FIG. 3 is an operational flow diagram for the outgoing packet controller 42 of FIG. 1.
FIG. 4 is a detailed block diagram of the apparatus 20 of the present invention.
FIG. 5 is an operational flow diagram for the incoming packet filter and scrambler 82 of FIG. 4.
FIG. 6 is an operational flow diagram for the outgoing packet filter and scrambler 88 of FIG. 4.
FIG. 7 is an operational flow diagram for the frame buffer interface 84 of FIG. 4.
FIG. 8 is an operational flow diagram for the SAT update control 94 of FIG. 4.
FIG. 9 is a block diagram of a system wherein a plurality of apparatuses 20a, 20b are cascaded together.
FIG. 10 is a block diagram of cascade interface 100a showing the inputs to and outputs from the interface.
FIG. 11 is an operational flow diagram for the cascade interface 100a.
FIG. 12 is a block diagram of cascade interface 100b showing the inputs to and outputs from the interface.
FIG. 13 is an operational flow diagram for the cascade interface 100b.
FIG. 14 is an operational flow diagram for arbitration logic 202.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
With reference to FIG. 1, there is shown a system 10 in which the apparatus 20 of the present invention may be implemented to interface a plurality of nodes 22.sub.1 -22.sub.n to a network 24. Network 24 may be an Ethernet or some other type of
network, and the network portion to which apparatus 20 is coupled may be the network backbone, a link between other segments, or some other link to an overall network. The nodes 22.sub.1 -22.sub.n which are interfaced with network 24 may be personal
computers, workstations, servers, or some other type of data terminal equipment. Apparatus 20 is designed to be able to interface a wide variety of components to the network 24. In addition to nodes 22 and network 24, apparatus 20 is also preferably
coupled to Manchester decoders 26a, 26b and frame buffer 28. As will be explained below, these external components 26a, 26b, 28 aid the apparatus 20 in performing its interfacing function.
As shown in FIG. 1, apparatus 20 preferably comprises an attachment port 30, an interface control 32, a plurality of working ports 34.sub.1 -34.sub.n, and a multiport repeater 36. The attachment port 30 couples apparatus 20 to network 24 to
serve as an interface thereto. It is through port 30 that incoming information packets are received from network 24 and outgoing information packets are sent to network 24. The repeater 36 and working ports 34.sub.1 -34.sub.n together form an interface
to the nodes 22. Preferably, each port 34.sub.1 -34.sub.n is coupled to only one node, and all of the ports 34.sub.1 -34.sub.n are preferably coupled to each other by repeater 36 so that all of the nodes 22.sub.1 -22.sub.n can freely share information
with each other.
Information packets enter and exit apparatus 20 through attachment port 30 and working ports 34. Which packets are actually transferred from working ports 34 to attachment port 30, and vice versa, is controlled by interface control 32.
Interface control 32 preferably comprises an incoming packet controller 38, a source address table (SAT) 40 for storing the addresses of the working ports 34, and an outgoing packet controller 42. To describe the operation of controllers 38 and 42,
reference will be made to FIGS. 2 and 3, wherein operational flow diagrams are provided for controllers 38 and 42, respectively.
As shown in FIG. 2, the incoming packet controller 38 operates by first monitoring 50 the attachment port 30 for incoming information packets from the network 24. When an incoming packet is detected, controller 38 receives 52 the packet, and
determines 54 whether the packet is destined for one of the working ports 34. This determination is preferably carried out by extracting a destination address from the incoming packet and comparing this address to the addresses stored in the SAT 40. If
a destination address match is found, it means that the packet is destined for one of the working ports 34. In response, controller 38 temporarily stores 56 the packet in frame buffer 28 and thereafter sends 58 the packet to the multiport repeater 36,
which in turn, broadcasts the packet to the working ports 34. On the other hand, if a destination address match is not found, controller 38 prevents 60 the packet from being sent to the working ports 34 so that no unnecessary signal traffic is imposed
on the working ports 34. This helps to optimize signal traffic within the working port segment.
Outgoing packet controller 42 functions in a similar manner. As shown in FIG. 3, controller 42 begins operation by monitoring 62 the working ports 34 for outgoing information packets. When an outgoing packet is detected, controller 42 receives
64 the packet and determines 66 whether it is destined for one of the working ports 34 or for the network 24. Preferably, the outgoing packet contains an outgoing address which specifies the intended destination of the packet. Controller 42 compares
the outgoing address with the addresses stored in the SAT 40, and if there is an address match, the controller 42 knows that the packet is destined for one of the working ports 34 and not for the network 24. In response, controller 42 allows the packet
to be repeated to the working ports 34 so that the packet may reach its intended destination, but prevents 72 the packet from being sent to the network 24. By so doing, controller 42 localizes inter-working port traffic and prevents unnecessary network
traffic. If, on the other hand, the outgoing address does not match any of the addresses in the SAT 40, then it means that the outgoing information packet is destined for an external node, i.e. a node on the network 24. In such a case, controller 42
temporarily stores 68 the packet in frame buffer 28 and thereafter sends 70 the packet to the network 24 via the attachment port 30. Signal traffic is thus coordinated by the apparatus 20 of the present invention.
With reference to FIG. 4, apparatus 20 will now be described in greater detail. As shown in FIG. 4, apparatus 20 preferably first comprises an attachment port 30 for interfacing with network 24. In the preferred embodiment, port 30 takes the
form of an attachment unit interface (AUI) port 30 (in conformance with the IEEE 802.3 AUI port standard) which is coupled to network 24 to receive information packets therefrom and to send information packets thereto. The network 24 to which port 30 is
coupled is preferably an Ethernet, and on this type of network, information packets are typically transmitted in Manchester encoded format. Thus, port 30 preferably comprises a Manchester encoder 31 for converting data into the proper format, and port
30 is preferably coupled to external Manchester decoder 26a for sending encoded data thereto and receiving decoded data therefrom. Port 30 is preferably further coupled to first-in-first-out packet buffer (FIFO) 80 and media access controller (MAC) 92.
The function of FIFO 80 is to receive incoming information packets from port 30 and to temporarily store these packets for subsequent processing. FIFO 80 relieves the apparatus 20 of the burden of having to process the packets as they are received. The
function of MAC 92 is to implement the protocol and control functions necessary for transferring data between port 30 and frame buffer 28. Preferably, MAC 92 is of general construction and is in conformance with the IEEE 802.3 MAC standard. Together,
port 30, FIFO 80, and MAC 92 form the interface to the network 24.
The interface to the nodes 22 is formed by working ports 34, multiport repeater 36, and MAC 90. Ports 34.sub.1 -34.sub.n are each preferably coupled to one corresponding node 22.sub.1 -22.sub.n to exchange signals therewith, and all of the ports
34 are preferably coupled to each other by repeater 36 to allow the ports 34 to communicate with each other. In accordance with the present invention, working ports 34 may be of any type, but in the preferred embodiment, they take the form of twisted
pair ports which are in conformance with the IEEE 802.3 10BASE-T standard. From time to time, it is necessary for signals to be exchanged between repeater 36 and frame buffer 28. This signal exchange is controlled by MAC 90, which implements the
necessary protocol and control functions. MAC 90 is preferably of standard construction and is in conformance with the IEEE 802.3 MAC standard.
As mentioned above, repeater 36 couples all of the working ports 34 to each other. Repeater 36 is preferably a broadcast repeater, conforming with the IEEE 802.3 repeater standard, which sends every message from or to any working port 34 to all
of the other working ports 34. For security reasons, however, it may not always be desirable for all nodes to receive all information. Thus, in the preferred embodiment, each working port 34 further comprises a scrambling mechanism (not shown) for
selectively providing scrambled signals to its corresponding node. This mechanism preferably takes the form of a multiplexer having two inputs. A first input is coupled to repeater 36 for receiving the actual information, and a second input is coupled
to a scrambled signal source (not shown). Which input is coupled to the multiplexer output is controlled by a select control signal. Thus, by sending the proper control signals to ports 34, each of the working ports 34 can be made to send either actual
information or scrambled information to its corresponding node. Signal security within the system is thus enhanced.
Thus far, the interfaces to the network 24 and the nodes 22 have been described. The mechanism which controls the interaction between these two interfaces comprises the incoming packet filter and scrambler 82, outgoing packet filter and
scrambler 88, source address table 86, and frame buffer interface 84. Preferably, source address table 86 contains the addresses of all of the active working ports 34 in apparatus 20. These addresses are checked by components 82 and 88 for packet
filtering purposes. In the preferred embodiment, incoming packet filter 82 and frame buffer interface 84 work together to carry out the functions of the incoming packet controller 38 shown in FIG. 1, and outgoing packet filter 88 and frame buffer
interface 84 cooperate to function as the outgoing packet controller 42. Components 82, 84, 88 are preferably implemented using hardware logic, but it should be noted that the functions of these components 82, 84, 88 may also be implemented by a
processor under the control of a software program.
Components 82, 88 and 84 will now be described in greater detail. FIGS. 5, 6, and 7 provide operational flow diagrams for incoming packet filter and scrambler 82, outgoing packet filter and scrambler 88, and frame buffer interface 84,
respectively. As shown in FIG. 5, filter 82 begins operation by receiving 102 an incoming information packet from the FIFO 80. Filter 82 extracts 104 a destination address from this packet and compares it to the addresses stored in SAT 86 to determine
106 whether there is a destination address match. If no address match is found, it means that the packet is not destined for one of the working ports 34. Thus, filter 82 generates and sends 114 a "prevent" control signal to buffer interface 84 to
prevent the interface 84 from sending the packet to the ports 34. On the other hand, if an address match is found, then it can be concluded that one of the working ports 34.sub.1 -34.sub.n is the intended destination of the packet. Consequently, filter
82 generates and sends 108 a "send" control signal to the buffer interface 84 to instruct the interface 84 to send the packet on to the working ports 34. In addition, filter 82 generates and sends 110 an "unscramble" control signal to the scrambling
mechanism of the destination port, and generates and sends 112 a "scramble" control signal to the scrambling mechanisms of all of the other working ports 34. These control signals cause scrambled packets to be sent to every node except for the node
coupled to the destination port. By so doing, filter 82 ensures that only the destination node receives the actual information. Hence, none of the nodes 22 in the segment can monitor information sent to the other nodes 22.
Frame buffer interface 84 works in conjunction with filter 82 to perform the incoming packet filtering function. With reference to the left portion of FIG. 7, buffer interface 84 begins operation by receiving 132 an incoming packet from the FIFO
80. As soon as interface 84 receives the packet, it begins storing 134 the packet in a section of the frame buffer 28 reserved for incoming packets. As the packet is being stored, interface 84 receives 136 a control signal from filter 82. This control
signal may be a "send" signal or it may be a "prevent" signal. If a "prevent" signal is received, interface 84 stops storing 144 the incoming packet, which in effect, causes the packet to be discarded. Hence, the incoming packet is not forwarded to the
ports 34. If, however, a "send" control signal is received, interface 84 completes the storing 140 of the incoming packet and, at the appropriate time, sends 142 the completely stored packet to MAC 90 for forwarding to repeater 36. The incoming packet
is thus passed on to repeater 36 and eventually to the desired destination node.
Referring now to FIG. 6, the outgoing packet filter and scrambler 88 operates in a similar fashion. Filter 88 begins by receiving 116 an outgoing packet from the multiport repeater 36. This packet may have originated from any of the nodes 22
coupled to ports 34. Filter 88 extracts 118 an outgoing address from this packet and compares 120 it to the addresses stored in SAT 86. If an address match is found, it means that the packet is destined for one of the ports 34 in the segment; thus, the
packet need not be sent on to the network 24. In such a case, filter 88 generates and sends 122 a "prevent" control signal to interface 84 to prevent interface 84 from forwarding the packet on to network 24. In addition, filter 88 generates and sends
124 an "unscramble" control signal to the scrambling mechanism of the destination port, and generates and sends 126 a "scramble" control signal to the scrambling mechanism of all of the other ports. These control signals cause each of the ports 34,
except for the destination port, to send a scrambled packet to its corresponding node. Thus, only the node attached to the destination port receives the actual packet. If, on the other hand, no outgoing address match is found, it can be concluded that
the packet is destined for an external node on the network 24. Hence, filter 88 generates and sends 128 a "send" signal to interface 84 to instruct the interface 84 to forward the packet on to the network 24. In addition, filter 88 generates and sends
130 a "scramble" control signal to the scrambling mechanisms of all of the working ports 34. This prevents all of the nodes 22 from receiving the outgoing packet, which is destined for an external node. Signal security is thus preserved.
As was the case with filter 82, frame buffer interface 84 interacts with filter 88 to carry out the outgoing packet filtering function. Interface 84 performs its function by first receiving 146 an outgoing packet from repeater 36. As soon as
this packet is received, interface 84 begins storing 148 the packet in a portion of the frame buffer 28 reserved for outgoing packets. While the packet is being stored, interface 84 receives 150 a control signal from filter 88. If the signal is not a
"send" signal but is rather a "prevent" signal, then interface 84 stops storing 158 the packet. This in effect discards the packet, thereby preventing the packet from being sent to network 24. On the other hand, if the control signal from filter 88 is
a "send" signal, interface 84 completes storing 154 the packet in frame buffer 28 and, at an appropriate time, sends 156 the completely stored packet to MAC 92. MAC 92 thereafter forwards the packet to attachment port 30 and eventually to network 24.
In this manner, outgoing packets from nodes 22 are sent to external nodes coupled to the network 24.
The components described thus far implement the primary packet filtering/scrambling functions of the apparatus 20. To enhance functionality, apparatus 20 preferably further comprises an SAT update control 94 and an external CPU interface 96
(FIG. 4). These components 94, 96 facilitate the maintenance of the SAT 86. As shown in FIG. 4, CPU interface 96 preferably couples SAT update control 94 to an external CPU. Interface 96 receives instructions from the external CPU and passes these
instruction on to update control 94. Update control 94 receives these instructions, as well as signals from repeater 36, and maintains the SAT 86 accordingly. An operational flow diagram for update control 94 is provided in FIG. 8. In the preferred
embodiment, update control 94 is preferably implemented in hardware logic, but it should be noted that control 94 may also be implemented using a processor and software. Interface 96 is likewise preferably implemented using hardware logic. The
structure of interface 96 will vary depending upon which processor is used as the external processor. Thus, interface 96 | | |
