US 9,813,357 B2
Filtration of network traffic using virtually-extended ternary content-addressable memory (TCAM)
Avoy Nanda, Dublin, CA (US); and Hoang Nguyen, San Jose, CA (US)
Assigned to Gigamon Inc., Santa Clara, CA (US)
Filed by Gigamon Inc., Santa Clara, CA (US)
Filed on Nov. 3, 2015, as Appl. No. 14/931,502.
Prior Publication US 2017/0126563 A1, May 4, 2017
Int. Cl. H04L 12/50 (2006.01); H04L 12/947 (2013.01)
CPC H04L 49/25 (2013.01) 24 Claims
OG exemplary drawing
 
1. A method of utilizing ternary content-addressable memory (TCAM) distributed across network appliances within a network traffic visibility fabric, the method comprising:
receiving a first data packet at a first ingress port of a first network appliance and a second data packet at a second ingress port of the first network appliance;
tagging, by the first network appliance, the first data packet with a first identifier based on the first ingress port;
tagging, by the first network appliance, the second data packet with a second identifier based on the second ingress port;
determining, by the first network appliance, whether each of the first data packet and the second data packet should be filtered using a first set of filtering rules stored within the first network appliance or a second set of filtering rules stored within a second network appliance,
wherein said determining is based on the identifier with which the first data packet and the second data packet are tagged;
upon determining that the first data packet should be filtered using the first set of filtering rules,
applying, by the first network appliance, a first filtering rule of the first set of filtering rules to the first data packet,
wherein the first filtering rule is determined based on the first identifier with which the first data packet is tagged; and
transmitting, by the first network appliance, the first data packet to the second network appliance; and
upon determining that the second data packet should be filtered using the second set of filtering rules,
transmitting, by the first network appliance, the second data packet to the second network appliance; and
applying, by the second network appliance, a second filtering rule of the second set of filtering rules to the second data packet,
wherein the second filtering rule is determined based on the second identifier with which the second data packet is tagged.