Access control list circuit implementation method and circuit thereof

A technology of an access control list and an implementation method, which is applied in the field of an access control list circuit implementation method and the circuit thereof, can solve the problems of high manufacturing cost, limited size of a rule base, and high cost, and achieves the effects of flexible application and reduced search power consumption.

Active Publication Date: 2021-04-16
芯启源(南京)半导体科技有限公司
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Because TCAM will access all stored entries in one clock cycle, its search power consumption is a big disadvantage, and the manufacturing cost of TCAM is more expensive than that of general storage devices, and the size of the rule base that can be stored is limited, so it is necessary to use TCAM to implement ACL relatively expensive solution

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control list circuit implementation method and circuit thereof
  • Access control list circuit implementation method and circuit thereof
  • Access control list circuit implementation method and circuit thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] Embodiment 1, according to figure 2 An access control list circuit includes 8 Module circuits, 8 priority RAMs, 8 grouping and merging logic modules and a configuration control RAM.

[0034] By cascading several Module circuits according to different configuration information, keywords of different bit widths are searched.

[0035] The Module circuit includes a bit selection module, a Hash RAM, a data RAM, a keyword selection logic module, and a number of logic operation units; the bit selection module generates the address of the Hash RAM according to configuration information; the Hash RAM is in the figure The Hash RAM is used to store the storage address of the rule base entries; the data RAM is the Data RAM in the figure, and is used to store the rule base.

Embodiment 2

[0036] Embodiment 2, according to image 3 , Module circuit includes bit selection module, hash RAM, 40 data RAMs, keyword selection logic module and several logic operation units.

[0037] The data RAM is composed of several BinRAMs, and the BinRAM stores 2-bit-wide rule information, and the bit width of the rule base entries stored in the data RAM is determined by the number of BinRAMs contained therein.

Embodiment 3

[0038] Example 3, Figure 5 The mapping method between the 2bit rule and the 2bit keyword is given. The keyword 00 hits 00, 0X, X0 and XX in the rule, where "X" means "don't care", that is, the bit status is not considered when matching, so for There are multiple hits in keyword search; the rule base is the hit result of combining rules with keywords, and the rule base will be delivered to 40 Bin RAMs in the data RAM in advance.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an access control list circuit implementation method. The method comprises the following steps: S1, mapping an input keyword through a hash algorithm to obtain a hash keyword; S2, retrieving the storage address of the corresponding rule entry in the Hash RAM according to the hash keyword in the step S1; S3, performing retrieval in a rule base storage RAM through the storage address of the rule entry retrieved in the step S2, and obtaining a corresponding storage rule after retrieval; S4, enabling the grouping merging logic to perform operation grouping on results retrieved in the step S3 by configuring and controlling grouping merging information in the RAM to obtain multiple groups of search results; S5, enabling the priority RAM to give the search result with the highest priority according to each group of search results and the configuration information. Compared with the prior art, the method does not need to access all rule bases any more, so the search power consumption is reduced; and the keywords with different bit widths are searched according to different configuration information, and configurable priority options are supported.

Description

technical field [0001] The invention relates to the field of integrated circuit design, in particular to an access control list circuit realization method and a circuit thereof. Background technique [0002] In the current network technology, with the rapid development of optical fiber communication technology, the link transmission rate is no longer the main obstacle to the rate increase, and the classified forwarding rate of network devices such as security gateways and routers is becoming the main bottleneck for improving the network rate. In the future communication technology, not only the communication rate, but also the communication service quality such as firewall, VPN, differentiated service and other mechanisms are more concerned about the development trend. Most of these necessary communication services are based on access control list (ACL) technology. [0003] ACL is the English abbreviation of Access Control List, and the Chinese name is Access Control List. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F12/06G06F30/31G06F111/20
CPCY02D10/00
Inventor 夏磊项禹陈盈安卢笙
Owner 芯启源(南京)半导体科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap