公开(公告)号：US09391958B2

公开(公告)日：2016-07-12

申请号：US14318830

申请日：2014-06-30

Applicant: JUNIPER NETWORKS, INC.

Inventor： Venkatasubramanian Swaminathan ,  Deepak Goel ,  Jianhui Huang ,  John Keen ,  Jean-Marc Frailong ,  Srinivasan Jagannadhan ,  Srilakshmi Adusumalli

IPC: H04L29/06

CPC classification number: H04L63/0263 ,  H04L63/02 ,  H04L63/0209

Abstract: A firewall device may include a forwarding component that includes a filter block. The filter block may obtain a first hardware-implemented filter, where a hardware implementation limits the first hardware-implemented filter to a maximum quantity of rules; determine whether a last rule associated with the accessed hardware-implemented filter includes a split-filter action, where the split-filter action identifies a second hardware-implemented filter; and link the second hardware-implemented filter to the first hardware-implemented filter to make the second hardware-implemented filter a logical continuation of the first hardware-implemented filter, in response to determining that the last rule includes the split-filter action. The filter block may further determine whether a particular rule of the first hardware-implemented filter includes a next-filter action, where the next filter action identifies a third hardware-implemented filter; and process the third hardware-implemented filter independently of the sequence of hardware attachment points.

Abstract translation: 防火墙设备可以包括包括过滤器块的转发组件。 滤波器块可以获得第一硬件实现的滤波器，其中硬件实现将第一硬件实现的滤波器限制为最大数量的规则; 确定与所访问的硬件实现的过滤器相关联的最后规则是否包括拆分过滤器动作，其中分割过滤器动作标识第二硬件实现的过滤器; 以及响应于确定所述最后一个规则包括所述分割过滤器动作，将所述第二硬件实现的过滤器链接到所述第一硬件实现的过滤器，以使得所述第二硬件实现的过滤器是所述第一硬件实现的过滤器的逻辑延续。 滤波器块还可以确定第一硬件实现的滤波器的特定规则是否包括下一个滤波器动作，其中下一个滤波器动作识别第三硬件实现的滤波器; 并且独立于硬件连接点的顺序处理第三个硬件实现的过滤器。

公开(公告)号：US09116814B1

公开(公告)日：2015-08-25

申请号：US14092072

申请日：2013-11-27

Applicant: JUNIPER NETWORKS, INC.

Inventor： Jianhui Huang ,  Sharada Yeluri ,  Jean-Marc Frailong ,  Jeffrey G. Libby ,  Anurag P. Gupta ,  Paul Coelho

IPC: G06F12/00 ,  G06F12/08 ,  G06F12/12

CPC classification number: G06F12/0855 ,  G06F12/0815 ,  G06F12/0868 ,  G06F12/0891 ,  G06F12/12 ,  Y02D10/13

Abstract: A data read/write system includes a system clock, a single port memory, a cache memory that is separate from the single port memory, and a controller coupled to an instruction pipeline. The controller receives, via the instruction pipeline, first data to write to an address of the single port memory, and further receives, via the instruction pipeline, a request to read second data from the single port memory. The controller stores the first data in the cache memory, and retrieves the second data from either the cache memory or the single port memory during one or more first clock cycles of the system clock. The controller copies the first data from the cache memory and stores the first data at the address in the single port memory during a second clock cycle of the system clock that is different than the one or more first clock cycles.

Abstract translation: 数据读/写系统包括系统时钟，单端口存储器，与单端口存储器分开的高速缓存存储器，以及耦合到指令流水线的控制器。 控制器经由指令流水线接收第一数据以写入单端口存储器的地址，并且经由指令流水线接收从单端口存储器读取第二数据的请求。 控制器将第一数据存储在高速缓冲存储器中，并且在系统时钟的一个或多个第一时钟周期期间从高速缓冲存储器或单端口存储器检索第二数据。 控制器从高速缓冲存储器复制第一数据，并且在系统时钟的不同于一个或多个第一时钟周期的第二时钟周期期间将第一数据存储在单端口存储器中的地址处。