In one embodiment, a method is provided. The method includes receiving a data packet via an ingress interface of the network device. The method also includes determining whether the data packet comprises an Internet Protocol version 4 (IPV4) or an Internet Protocol version 6 (IPV6) packet. The method further includes in response to determining that the packet comprises an IPV4 packet, identifying a first entry in an adjacency table. The first entry is associated with an address prefix. The address prefix is associated with first Internet Protocol (IP) address of the data packet. The first entry indicates a next hop for the data packet. The adjacency table comprises a second entry associated with the address prefix. The method further includes forwarding the packet to the next hop indicated by the first entry in the adjacency table, via an egress interface of the network device.

A network device includes a port, a transmission pipeline and a time-stamping circuit. The port is configured for connecting to a network. The transmission pipeline includes multiple pipeline stages and is configured to process packets and to send the packets to the network via the port. The time-stamping circuit is configured to temporarily suspend at least some processing of at least a given packet in the transmission pipeline, to verify whether a pipeline stage having a variable processing delay, located downstream from the time-stamping circuit, meets an emptiness condition, and, only when the pipeline stage meets the emptiness condition, to time-stamp the given packet and resume the processing of the given packet.

An apparatus and method is disclosed for segment routing (SR) over label distribution protocol (LDP). In one embodiment, the method includes a node receiving a packet with an attached segment ID. In response, the node may attach a label to the packet. Thereafter, the node may forward the packet with the attached label and segment ID to another node via a label switched path (LSP).

Systems and methods for routing traffic through a network along Label-Switched Paths (LSPs) that may extend across multiple autonomous systems include performing Internet Protocol (IP) routing lookups as a packet is transmitted along the LSP. In one implementation, a packet having a predetermined value (which may be inserted by an upstream network device) is received at a network device after travelling along a first segment of an LSP. In response to identifying the predetermined label value of the packet, the network device may perform an IP routing lookup using IP routing information included in the packet to identify a next hop for the packet. The network device may then update a label of the packet such that the packet is routed along a second segment of the LSP and transmit the communication packet to the next hop.

In one embodiment, a method includes performing, by a router, a destination address lookup of an IP packet in a Forwarding Information Base (FIB) and identifying, by the router, an equal cost multi-path (ECMP) object from the destination address lookup. The ECMP object includes a plurality of paths for forwarding the IP packet to a destination associated with a destination address. The method further includes determining, by the router, a source interface associated with the IP packet, determining, by the router, that the source interface matches an egress interface associated with a path among the plurality of paths, and communicating, by the router, the IP packet based on the path to the destination using the egress interface.

In one embodiment, a method includes performing, by a router, a destination address lookup of an IP packet in a Forwarding Information Base (FIB) and identifying, by the router, an equal cost multi-path (ECMP) object from the destination address lookup. The ECMP object includes a plurality of paths for forwarding the IP packet to a destination associated with a destination address. The method further includes determining, by the router, a source interface associated with the IP packet, determining, by the router, that the source interface matches an egress interface associated with a path among the plurality of paths, and communicating, by the router, the IP packet based on the path to the destination using the egress interface.

A method and apparatus of a network element that processes network data using a transformed packet classification list in a network element is described. A network element receives a packet classification list and transforms a first set of the plurality of range sets corresponding to a first one of the two or more types of packet characteristics into a first set of range labels. In addition, the network element transforms a second set of the plurality of range sets corresponding to a second one of the two or more types of packet characteristics into a second set of range labels. The network element may create a set of combination labels. The network element further processes network data by performing a first lookup to derive a first combination packet label, performing a second lookup of at least the first combination packet label, and applying a rule resulting from the second lookup to the network data.

A network device includes a port, a transmission pipeline and a time-stamping circuit. The port is configured for connecting to a network. The transmission pipeline includes multiple pipeline stages and is configured to process packets and to send the packets to the network via the port. The time-stamping circuit is configured to temporarily suspend at least some processing of at least a given packet in the transmission pipeline, to verify whether a pipeline stage having a variable processing delay, located downstream from the time-stamping circuit, meets an emptiness condition, and, only when the pipeline stage meets the emptiness condition, to time-stamp the given packet and resume the processing of the given packet.

A method for processing network communications, the method including receiving a network packet at a network device and performing at least one lookup for the packet in one or more first lookup tables in which the one or more first lookup tables are programmed to include at least one of an exact match or longest prefix match (LPM) table entry. The method includes obtaining a security source segment and a security destination segment based upon the result of the at least one lookup for the packet in the one or more first lookup tables. The method further includes performing a lookup in a second lookup table based upon the security source segment and security destination segment in which the second lookup table is programmed in a content addressable memory. Based upon the result of the lookup in the second lookup table, processing a forwarding decision for the packet according to the security source segment and security destination segment.

A method for processing network communications, the method including receiving a network packet at a network device and performing at least one lookup for the packet in one or more first lookup tables in which the one or more first lookup tables are programmed to include at least one of an exact match or longest prefix match (LPM) table entry. The method includes obtaining a security source segment and a security destination segment based upon the result of the at least one lookup for the packet in the one or more first lookup tables. The method further includes performing a lookup in a second lookup table based upon the security source segment and security destination segment in which the second lookup table is programmed in a content addressable memory. Based upon the result of the lookup in the second lookup table, processing a forwarding decision for the packet according to the security source segment and security destination segment.