| 摘要 |
A network packet broker (NPB) for processing network visibility/monitoring data from SPAN (Switched Port ANalyser) ports or network TAPs and forwarding it to instruments for security, performance monitoring and the like using ports 30. The NPB consists of a switch chip 24 with associated TCAM 25 (ternary content addressable memory) and a CPU 26 with associated memory 28. The switch chip processes the monitoring packets and applies forward/drop rules to filter/aggregate packet flows to one or more instruments. The rules may be applied by directing look-ups to the TCAM. Specifically the switch chip is arranged such that all rules are applied in a single pass. Packets pass through only one filter engines between ingress and egress, multiple filter engines in series are not used. The CPU includes a rule generator 34. This takes configuration instructions/maps/filters input via the NPB user interface 32 and processes them to manage overlaps and resolve them into rules for the one pass filter engines in the switch chip. |
