CN104468384B - A kind of system and method for realizing multi-priority services - Google Patents

Abstract

A system and method for realizing multi-service priority, relating to the technical field of computer communication, the system includes an SDN controller, at least one VxLAN gateway and at least two VLAN switches, the SDN controller includes a northbound interface processing module, an IP processing Module, ARP processing module, topology management module, intercommunication domain management module, SDN OpenFlow interface module; each VxLAN gateway includes configuration management module, VxLAN OpenFlow interface module, flow table management module, tunnel encapsulation processing module, tunnel decapsulation processing module, Application layer service identification processing module, VxLAN packet sending and receiving module; each VLAN switch includes VLAN sending and receiving packet module, VLANID module. The present invention has no requirements on hardware performance, does not need to use a dedicated communication processor, and reduces equipment cost.

Description

A system and method for realizing multi-service priority

technical field

The invention relates to the technical field of computer communication, specifically a system and method for realizing multi-service priority.

Background technique

SDN (software defined networking, software defined network) is a hot topic in the current network communication field, and it is strongly sought after by major network equipment manufacturers because of its isolated switch control and forwarding functions. In recent years, with the rapid development of network technology and applications and the diversification of network access forms, the network has become more and more complex, and at the same time, user services have become more and more complex.

According to the statistics of my country's Internet business traffic, P2P services currently occupy a large amount of broadband in various services. The emergence of a large number of P2P services on the network causes extreme network congestion and brings losses to operators and enterprise users. For operators, due to the continuous increase of online time and traffic of broadband users, the network needs to be expanded, resulting in increased network costs and maintenance costs; Ensure the key business quality of enterprise users. Therefore, in order to ensure that the limited broadband can better serve key businesses and applications. Different services need to be identified, and different processing sequences are used for different services.

In the prior art, a network device with dedicated hardware added based on a hardware acceleration framework of a dedicated communication processor has appeared. P2P flow control processing, QoS processing and other tasks are all processed by dedicated hardware. Although the above tasks are processed by additional hardware, although the business processing performance of network equipment is not affected, these dedicated communication processors generally have a relatively high cost and are not suitable for use. On low-end and mid-end devices.

Contents of the invention

Aiming at the defects in the prior art, the object of the present invention is to provide a system and method for realizing multi-service priority. The present invention has no requirements on hardware performance, and does not need to use a dedicated communication processor, which reduces equipment costs.

In order to achieve the above object, the technical solution adopted by the present invention is: a system for realizing multi-service priority, including an SDN controller, at least one VxLAN gateway and at least two VLAN switches, and each VxLAN gateway includes: a flow table management module , save the processing flow of the data flow reported by the SDN controller to the VxLAN gateway; the tunnel encapsulation processing module is used to obtain the processing flow of the current upstream data flow, add a VxLAN tunnel and add priority to the current upstream data flow according to the processing flow, and form encapsulated data Packets, forward the upstream data flow to the three-layer network according to the priority; use the reserved field of the VxLAN Header to store the priority value; the tunnel decapsulation processing module is used to obtain the processing flow of the current downstream data flow, according to the processing flow The data flow removes the VxLAN tunnel, and modifies the VLAN ID to form a decapsulated data packet, so that the current downlink data flow can communicate in the two-layer network; the application layer service identification processing module is used to analyze the uplink data packet received by the VxLAN gateway/ Downlink data packet, and identify its business type, convert it into uplink data flow/downlink data flow, and forward to the flow table management module; the SDN controller includes: IP processing module, used for other than ARP data type Data type processing; ARP processing module, used to request/reply ARP messages for the SDN controller agent, and obtain the topology information of the destination user for the controller; topology management module, used to obtain global network topology information for the SDN controller; interworking domain The management module is used to receive and read the communication configuration between the SDN controller and all VxLAN gateways, and forward the communication configuration to the topology management module; the SDN OpenFlow interface module is used to receive and process the OpenFlow message reported by the VxLAN gateway to the SDN controller; Send the processing data packet of the SDN controller to the VxLAN gateway.

On the basis of the above technical solution, each VxLAN gateway also includes: a configuration management module, which is used to read the parameter information after the VxLAN gateway program runs, and obtain the SDN controller IP address and OpenFlow port that the VxLAN gateway needs to connect to through the parameters; VxLAN The OpenFlow interface module is used to establish a connection between the VxLAN gateway and the SDN controller; report the data flow not found by the VxLAN gateway in the flow table management module to the SDN controller; receive and process the processing flow issued by the SDN controller; VxLAN The sending and receiving packet module is used to receive the data packet of each network port of the VxLAN gateway; it is used to forward the data packet after tunnel encapsulation and the data packet after decapsulation according to the network port required by the SDN controller; the SDN controller also It includes a northbound interface processing module, which is used for receiving the priority policies of different services issued by the application interface for the SDN controller.

On the basis of the above technical solution, the VxLAN transceiver module includes a VxLAN packet receiving submodule and a VxLAN packet sending submodule; the VxLAN packet receiving submodule is used to receive the data packets of each network port of the VxLAN gateway; the VxLAN packet sending module The packet sub-module is used to forward the tunnel-encapsulated data packets and decapsulated data packets according to the network port required by the SDN controller. The tunnel-encapsulated data packets are forwarded through the WAN port of the VxLAN gateway, and the decapsulated data packets are passed through Forwarding by the LAN port of the VxLAN gateway; forwarding according to priority.

On the basis of the above-mentioned technical scheme, each VLAN switch includes: a VLAN transceiver module for receiving data packets of each network port of the VLAN; for sending the received uplink data packets to the VxLAN gateway; for receiving the downlink data packets The packet is sent to the user belonging to the VLAN; the VLANID module is used to add a VLAN header to the upstream data packet received by the VLAN switch, and remove the VLAN header to the downstream data packet.

On the basis of the above-mentioned technical scheme, the VLAN sending and receiving packet module includes a VLAN receiving submodule and a VLAN sending submodule; the VLAN receiving submodule is used to receive the data packets of each network port of the VLAN; the VLAN sending submodule Module for sending the received uplink data packet to the VxLAN gateway; the received downlink data packet is sent to the user belonging to the VLAN; the VLAN ID module includes a VLAN ID adding submodule and a VLAN ID deleting submodule; the VLAN The ID adding submodule is used to add a VLAN header to the uplink data packet received by the VLAN switch, and the VLAN header includes VLAN ID information; the VLAN ID deletion submodule is used to remove the VLAN header from the downlink data packet received by the VLAN switch.

On the basis of the above technical solution, the topology management module includes a VxLAN gateway management submodule, a VLAN switch management submodule and a user management submodule; the VxLAN gateway management submodule is used to save the VxLAN of all VxLAN gateways according to the communication configuration Communication information; the VLAN switch management submodule is used to store the VLAN communication information of all VLAN switches, and the VLAN communication information includes the VLAN ID of the VLAN switch, the VNI value of the intercommunication domain, and the WAN port IP address of the VxLAN gateway to which the VLAN switch belongs; The user management sub-module is used to save user information under all VLAN switches, and the user information includes: the user's IP address, MAC address, and the WAN port IP address of the VxLAN gateway to which the user belongs.

The present invention also provides a method for realizing multi-service priority based on the above system, including the source user, the first VLAN switch used by the source user and the first VxLAN gateway; the destination user, the second VLAN switch used by the destination user, and the second VxLAN gateway; the method comprises the following steps: Step S1. Preset the intercommunication domain configuration of all VxLAN gateways in the intercommunication domain management module of the SDN controller, and the VxLAN gateway WAN port and the next hop route are all set with IP addresses; processed at the northbound interface The module presets all application layer business priorities; Step S2. The source user initiates a request to the destination user, and sends the data packet to the first VxLAN gateway through the first VLAN switch, and the first VLAN switch adds a VLAN header to the data packet at the same time; Step S3. The application layer service identification processing module of the first VxLAN gateway analyzes the application layer service type of the data packet, and sets it as the APP ID value; forms a data flow by the five-tuple and the APP ID value of the data packet; step S4. The flow table management module of the first VxLAN gateway checks whether the data flow exists, if not, then report the data packet and the APP ID value to the SDN OpenFlow interface module of the SDN controller, and go to step S5; The processing flow of processing, go to step S7; Step S5.SDN OpenFlow interface module judges whether data packet belongs to ARP type, if so, then forward to ARP processing module, go to step S9, if not, then go to step S6; S6. carry out IP process processing, go to step S7; Step S7. the application layer business identification processing module in the second VxLAN gateway parses the priority value of the data packet received, and prioritizes the high downlink data packet of priority processing, at 2. Perform a query in the flow table management module of the VxLAN gateway. If the search fails, report the data packet to the SDN controller and go to step S8; if the search is successful, perform processing according to the processing flow in the flow table and go to step S10 ; Step S8.SDN controller informs the second VxLAN gateway to decapsulate the VxLAN header by an OpenFlow message and revises the VLAN ID value in the data packet to be the VLAN ID of the second VLAN switch; the SDN controller informs the second VxLAN gateway by an OpenFlow message to create a new The data flow; the flow table management module of the second VxLAN gateway adds the data flow to the flow table, and the tunnel decapsulation processing module of the second VxLAN gateway resolves the data packets in the data flow, removes the data packet VxLAN header and Modify the VLAN ID value, and forward the modified data packet from the LAN port to the second VLAN switch, and go to step S10; step S9. carry out ARP process processing, and go to step S10; step S10. the second VLAN switch deletes the data packet VLAN ID header, and forward it to the destination user; Step S11. The destination user responds differently to different types of data packets.

On the basis of the above technical solution, the following steps are also included: Step S12. The second VLAN switch receives the uplink data packet replied by the destination user, adds a VLAN header to the data packet, and sends it to the second VxLAN gateway; Step S13. The second The VxLAN gateway forms a data flow through the quintuple of the current data packet, and the flow table management module of the second VxLAN gateway checks whether the data flow exists, if so, then process according to the flow processing, and end; if not, then go to step S14 ; Step S14. The second VxLAN gateway reports the current data packet to the SDN OpenFlow interface module of the SDN controller, and goes to step S5.

On the basis of the above-mentioned technical solution, in step S6, the specific steps of carrying out the IP flow process are: step S601. judge whether the data packet belongs to the IP data packet, if not, then the data packet is discarded; if so, then will be forwarded to IP processing module, go to step S602; Step S602.SDN controller compares the APP ID value in the data packet obtained with the APP ID value of relevant business in the northbound interface processing module, if equal, then determine the priority of this data packet If not equal, then continue to compare the APP ID values of other services; the topology management module of the SDN controller inquires whether the address of the source user exists, if so, go to step S604, if not, then go to step S603; step S603 The topology management module determines the first VxLAN gateway, the first VLAN switch and the VNI value that the source user belongs to through the data packet, and saves the user information of the source user; step S604.Whether the address of the topology management module of the SDN controller queries the destination user exists, Otherwise, step S9 is forwarded; if so, go to step S605; step S605.SDN controller obtains the value of encapsulating the VxLAN header and the value of the data output port through the configuration information of the first VxLAN gateway; the SDN OpenFlow interface module passes the OpenFlow message to Encapsulate the value of the VxLAN header, the value of the outgoing port, and the priority value to inform the first VxLAN gateway and create a new data flow. The flow table management module of the first VxLAN gateway adds the data flow to the flow table. The first VxLAN gateway The tunnel encapsulation processing module parses the data packets in the data flow, encapsulates the VxLAN headers for the data packets, and forwards the encapsulated data packets from the WAN port to the second VxLAN gateway, and turns to step S10.

On the basis of the above-mentioned technical solution, in step S9, the specific steps of the described ARP flow processing are: step S901.ARP processing module judges the ARP data type of the packet, if it is an ARP request packet, then go to step S903; If it is an ARP reply packet, then go to step S902; step S902. Whether the address of the source user is inquired by the topology management module of the SDN controller, if not, then the topology management module determines the second address to which the destination user belongs by the ARP reply packet. The VxLAN gateway, the second VLAN switch and the VNI value save the user information of the destination user and end; if so, end; the topology management module of step S903.SDN controller checks whether the address of the source user exists, if not, then the topology management module Determine the first VxLAN gateway, the first VLAN switch and the VNI value that the source user belongs to through the ARP request packet, save the user information of the source user, and go to step S904; if so, then go directly to step S904; step S904.SDN controller The topology management module inquires whether the address of the destination user exists, and if so, then proceeds to step S905; if not, then proceeds to step S906; step S905.SDN controller directly acts on behalf of the destination user, replies the data packet and ends; step S906 .The ARP processing module in the SDN controller converts the ARP request packet into an ARP proxy request packet, and sends it to all VxLAN gateways in the same intercommunication domain as the first VxLAN gateway, and all VxLAN gateways send the ARP proxy request The data packet is forwarded to the VLAN switch through the LAN port, and then go to step S10.

The beneficial effects of the present invention are:

1. In the present invention, after the VxLAN (Virtual extensible LAN, virtual extensible local area network) gateway receives the data packet, the data packet is carried out to the business identification process by the application layer business identification processing module. This module has the format recognition function of different business data packets, and can Quickly identify the type of business data packets, does not require special hardware to identify the type of business, so there is no requirement for hardware performance, no need to use a dedicated communication processor, reducing equipment costs.

2. In the present invention, the priority strategy is configured through the WEB interface, so it has the flexibility of real-time operation and ensures the service quality of key business at any time.

3. In the present invention, the priority policy value is set in the VxLAN Header reserved bit, and the reserved bit has 4 bytes, so it has scalability.

Description of drawings

Fig. 1 is the structural block diagram that realizes multi-service priority system in the embodiment of the present invention;

Fig. 2 is the structural block diagram of SDN controller in the embodiment of the present invention;

Fig. 3 is the structural block diagram of VxLAN gateway in the embodiment of the present invention;

Fig. 4 is the structural block diagram of VLAN switch in the embodiment of the present invention;

Fig. 5 is the structural block diagram of VxLAN Header in the embodiment of the present invention;

FIG. 6 is a flowchart of a method for implementing multiple service priorities in an embodiment of the present invention;

FIG. 7 is an IP processing flow in a method for realizing multi-service priority in an embodiment of the present invention;

FIG. 8 is an ARP processing flow in the method for implementing multiple service priorities in the embodiment of the present invention.

detailed description

The present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments.

Referring to shown in Fig. 1, a kind of system that realizes multi-service priority includes SDN controller, at least one VxLANGateway (VxLAN gateway) and at least two VLAN (Virtual Local Area Network, virtual local area network) switches, described SDN controller It is connected to each VxLAN gateway through the OpenFlow protocol, and each VxLAN gateway is connected to at least two VLAN switches; the SDN controller includes a northbound interface processing module, an IP processing module, an ARP processing module, a topology management module, and an interworking Domain management module, SDN OpenFlow interface module; each VxLAN gateway includes configuration management module, VxLANOpenFlow interface module, flow table management module, tunnel encapsulation processing module, tunnel decapsulation processing module, application layer business identification processing module, VxLAN sending and receiving packet module; Each VLAN switch includes a VLAN sending and receiving packet module and a VLANID module.

Referring to shown in Fig. 2, described SDN controller comprises IP processing module, is used for the processing of other data types except ARP data type; SDN controller reports OpenFlow message through VxLAN gateway, obtains the application layer business type of this OpenFlow message ( The application layer service identification type is set to the APP ID value), the SDN controller obtains the priority of the service type according to the northbound interface processing module, and sends the priority to the reported data packet; at the same time, encapsulates the VxLAN tunnel for the uplink data packet, Remove tunnel encapsulation and modify VLAN ID for downlink data packets. According to the communication configuration, the processing flow of other data types other than the ARP data type reported by the VxLan gateway is obtained. The processing flow includes the delivery of the priority value (Priority), as shown in Figure 5. The VxLAN Header has 8 bytes, of which the first The first byte and the 5th, 6th, and 7th bytes have been used, and the 2nd, 3rd, 4th, and 8th bytes are reserved. Here, the 8th byte is used to store the priority value, and the priority value is defined as Priority(1 ~255); if not enough, expand the 2nd, 3rd, 4th bytes. VLAN ID modification, tunnel encapsulation and tunnel decapsulation. The VxLAN header contains all data encapsulated by the VxLAN tunnel, including the Ethernet header, IP header, UDP header, and VxLAN Header.

The ARP processing module is used to request/reply the ARP message for the SDN controller agent (re-broadcasting the agent query at the LAN port of the first VxLAN gateway), and to obtain the topology information of the destination user for the controller; specifically, the ARP processing module is The SDN controller receives the data packet reported by the VxLAN gateway. When the destination user is not found in the user topology, the SDN controller sends broadcast data requesting the MAC address of the destination user to all VxLAN gateways in the same intercommunication domain. Reply data to get the user information.

The topology management module is used to obtain global network topology information for the SDN controller; the topology management module includes a VxLAN gateway management submodule, a VLAN switch management submodule and a user management submodule; a VxLAN gateway management submodule, a VLAN switch management submodule and a user management module The management submodules are related to each other through a linked list (there is a VLAN switch structure under the VxLAN gateway structure, and there is a user structure under the VLAN switch structure), and the VxLAN gateway management submodule, VLAN switch management submodule and user management submodule can pass through the linked list look up each other. The VxLAN gateway management submodule is used to save the VxLAN communication information of all VxLAN gateways according to the communication configuration; the VLAN switch management submodule is used to save the VLAN communication information of all VLAN switches, and the VLAN communication information includes the VLAN ID of the VLAN switch , intercommunication domain VNI (VxLANNetwork Identifier, VxLAN network identifier) value, and the WAN port IP address of the VxLAN gateway to which the VLAN switch belongs; the user management submodule is used to store user information under all VLAN switches, and the user information includes: user IP address, MAC address, and IP address of the WAN port of the VxLAN gateway to which the user belongs.

The intercommunication domain management module is used to receive and read the communication configuration between the SDN controller and all VxLAN gateways, and forward the communication configuration to the topology management module; specifically, the communication configuration in the intercommunication domain management module is configured through the web interface or Configuration file configuration, communication configuration can be configured through the web interface, and can also be configured from the configuration file. Communication configuration includes IP address of VxLAN gateway, LAN (Local Area Network, local area network) port value, MAC address of LAN port, WAN (WideArea Network, wide area network) port value, MAC address of WAN port, WAN port IP address, WAN port One-hop routing IP address and next-hop routing MAC address. Intercommunication between specified VxLAN gateways can be achieved by configuring the WAN port IP address and next-hop routing IP address of the VxLAN gateway.

The SDN OpenFlow interface module is used to receive and process the OpenFlow message reported by the VxLANOpenFlow interface module to the SDN controller; send the processing data packet of the SDN controller to the VxLANOpenFlow interface module.

The northbound interface processing module is used for receiving the priority policies of different services issued by the application interface for the SDN controller. It may be XML (Extensible Markup Language, Extensible Markup Language), and may also be a data format such as JSON (JavaScript Object Notation, JavaScript Object Notation). Specifically, the communication configuration in the northbound interface processing module is configured through a web interface, and the user assigns priorities through application layer services. Application layer services can be roughly divided into video conferencing, online audio, instant messaging, financial software, mail sending and receiving, etc.

Referring to Fig. 3, each VxLAN gateway includes a flow table management module, which saves the processing flow of the data flow reported by the SDN controller to the VxLAN gateway; specifically, the flow table management module of the VxLAN gateway saves the SDN controller's report to the VxLAN gateway. During the processing flow of the flow, after the VxLAN gateway receives the upstream data flow or the downstream data flow, the flow table management module checks whether the current upstream data flow or the downstream data flow exists, and if so, determines that the current upstream data flow or the downstream data flow is not sent for the first time, Process and send the current upstream or downstream data flow according to the current upstream data flow or downstream data flow processing flow; otherwise, determine that the current upstream data flow or downstream data flow is the first transmission, and pass the current upstream data flow or downstream data flow through the VxLANOpenFlow interface module Send to the SDN controller OpenFlow interface module.

The tunnel encapsulation processing module is used to obtain the processing flow of the current upstream data flow through the flow table management module after the VxLAN gateway receives the upstream data flow, and add a VxLAN tunnel and add priority to the current upstream data flow according to the processing flow to form an encapsulated data packet , forward the upstream data flow to the three-layer network according to the priority; use the VxLAN Header header reserved field (the last 1 byte) to store the priority value, and define the priority value as Priority (1~255).

The tunnel decapsulation processing module is used for after the VxLAN gateway receives the downlink data flow, the VxLAN gateway obtains the processing flow of the current downlink data flow through the flow table management module, removes the VxLAN tunnel for the current downlink data flow according to the processing flow, and modifies the VLAN ID, Form a decapsulated data packet so that the current downlink data flow can communicate in the Layer 2 network.

The application layer service identification processing module is used to analyze the upstream data packet/downlink data packet received by the VxLAN gateway, identify its service type, convert it into upstream data flow/downstream data flow, and forward it to the flow table management module; specifically Yes, after the VxLAN gateway receives the upstream data packet, it analyzes the application layer service type of the data packet (acquires the APP ID value), and forms an upstream data flow in combination with the five-tuple principle and the APP ID value, and forwards it to the flow table management module; VxLAN After the gateway receives the downlink data packet, it parses the application layer business priority value in the data packet (obtains the Priority value), forms a downlink data flow by combining the quintuple principle and the Priority value, and forwards the priority according to the principle of higher priority first. The high data flow is sent to the flow table management module.

The configuration management module is used to read the parameter information after the VxLAN gateway program runs, and obtain the SDN controller IP address and OpenFlow port that the VxLAN gateway needs to connect to through the parameters.

The VxLANOpenFlow interface module adopts the OpenFlow protocol standard, which is used to establish a connection between the VxLAN gateway and the SDN controller; report the data flow that the VxLAN gateway does not find in the flow table management module to the SDN controller; receive and process the data sent by the SDN controller processing flow.

The VxLAN transceiver module is used to receive the data packet of each network port of the VxLAN gateway; it is used to forward the tunnel encapsulated data packet and the decapsulated data packet according to the network port required by the SDN controller; the VxLAN transceiver packet The module includes a VxLAN packet receiving submodule and a VxLAN packet sending submodule; the VxLAN packet receiving submodule is used to receive the data packets of each network port of the VxLAN gateway; the VxLAN packet sending submodule is used to reconcile the tunnel encapsulated data packets The encapsulated data packet is forwarded according to the network port required by the SDN controller, the tunnel encapsulated data packet is forwarded through the WAN port of the VxLAN gateway, and the decapsulated data packet is forwarded through the LAN port of the VxLAN gateway; it is forwarded according to the priority.

As shown in Figure 4, each VLAN switch includes a VLAN transceiver module for receiving packets of each network port of the VLAN; for sending the received uplink data packets to the VxLAN gateway; for sending the received downlink data packets to the VxLAN gateway; The user belonging to the VLAN; the VLANID module is used to add a VLAN header to the upstream data packet received by the VLAN switch, and remove the VLAN header to the downstream data packet. Preferably, the VLAN sending and receiving packet module includes a VLAN receiving submodule and a VLAN sending submodule; the VLAN receiving submodule is used to receive packets of each network port of the VLAN; the VLAN sending submodule is used to send The received uplink data packet is sent to the VxLAN gateway; the received downlink data packet is sent to the user belonging to the VLAN; the VLANID module includes a VLAN ID adding submodule and a VLAN ID deleting submodule; the VLAN ID adding submodule uses It is used to add a VLAN header to the upstream data packet received by the VLAN switch, and the VLAN header includes VLAN ID information; the VLAN ID deletion sub-module is used to remove the VLAN header from the downstream data packet received by the VLAN switch.

Referring to Fig. 6, the method for realizing multi-service priority based on the above-mentioned system includes the source user, the first VLAN switch used by the source user and the first VxLAN gateway; the destination user, the second VLAN switch used by the destination user, and the second VxLAN gateway. The method includes the following steps:

Step S1: Preset the intercommunication domain configuration of all VxLAN gateways in the intercommunication domain management module of the SDN controller, and set the IP address for the WAN port of the VxLAN gateway and the next-hop route; preset all application layer services in the northbound interface processing module Among them, all application layer business priorities are preset in the northbound interface processing module of the SDN controller, the video conference priority is 1, the video conference priority is 2, the online audio priority is 3, and the instant messaging priority is 4 , The priority of financial software is 5, and the priority of sending and receiving emails is 6.

Step S2: When the source user initiates a request to the destination user, the data packet is sent to the first VxLAN gateway through the first VLAN switch, and at the same time, the first VLAN switch adds a VLAN header to the data packet.

Step S3: the application layer service identification processing module of the first VxLAN gateway parses the application layer service type of the data packet, and sets it as the APP ID value; forms a data flow through the five-tuple and the APP ID value of the data packet; the five The tuple includes the source IP address, destination IP address, source MAC address, destination MAC address and data type of the current video conference data packet.

Step S4: The flow table management module of the first VxLAN gateway checks whether the data flow exists, and if not, reports the data packet and the APP ID value to the SDN OpenFlow interface module of the SDN controller, and turns to step S5; The processing flow in the flow table is processed, and then goes to step S7.

Step S5: The SDN OpenFlow interface module judges whether the data packet belongs to the ARP type, and if so, forwards it to the ARP processing module, and turns to step S9, and if not, turns to step S6.

Step S6: Perform IP flow processing, go to step S7.

Step S7: the application layer service identification processing module in the second VxLAN gateway parses the priority value of the received data packet, and prioritizes the downlink data packets with high priority (the smaller the Priority value, the more priority), in the second VxLAN gateway Query in the flow table management module, if the search fails, report the data packet to the SDN controller, and go to step S8; if the search is successful, process according to the processing flow in the flow table, and go to step S10.

Step S8: The OpenFlow interface module in the second VxLAN gateway reports the data flow to the SDN controller, and the SDN controller finds the second VLAN under the second VxLAN gateway in the topology management module by reporting the value of the VNI in the data packet The switch is under this VNI. The SDN controller informs the second VxLAN gateway to decapsulate the VxLAN header through OFPT_PACKET_OUT and modifies the VLAN ID value in the data packet to be the VLAN ID of the second VLAN switch; the SDN controller informs the second VxLAN gateway to create the data flow through OFPT_FLOW_MOD; the second After the OpenFlow interface module of the VxLAN gateway receives the OFPT_FLOW_MOD message, the flow table management module of the second VxLAN gateway adds the data flow to the flow table, and the tunnel decapsulation processing module of the second VxLAN gateway parses the data packets in the data flow, Remove the VxLAN header of the data packet and modify the VLAN ID value, and forward the modified data packet from the LAN port to the second VLAN switch, and go to step S10.

Step S9: Perform ARP flow processing, go to step S10.

Step S10: the second VLAN switch deletes the VLAN ID header of the data packet, and forwards it to the destination user; specifically, after the receiving module of the second VLAN switch receives the downlink data packet, it forwards it to the VLAN ID deletion submodule, This module deletes the VLAN ID of the data packet, and the packet sending module of the second VLAN switch sends the data packet with the VLAN ID removed to the destination user.

Step S11: The destination user responds differently to different types of data packets.

Step S12: the second VLAN switch receives the uplink data packet replied by the destination user, adds a VLAN header to the data packet, and sends it to the second VxLAN gateway; specifically, after the receiving module of the second VLAN switch receives the uplink data packet, Forwarding to the VLAN ID adding submodule, the module adds a VLAN header to the data packet, and the VLAN packet sending submodule sends the data packet to the second VxLAN gateway.

Step S13: the second VxLAN gateway forms a data stream through the quintuple of the current data packet, and the flow table management module of the second VxLAN gateway checks whether the data stream exists, if so, process according to the stream processing, and end; if not, Then go to step S14.

Step S14: The second VxLAN gateway reports the current data packet to the SDN OpenFlow interface module of the SDN controller, and goes to step S5.

Referring to Fig. 7, the specific steps for performing IP flow processing are:

Step S601. Determine whether the data packet belongs to an IP data packet, if not, discard the data packet; if yes, forward the data packet to the IP processing module, and go to step S602.

Step S602. The SDN controller compares the APP ID value in the obtained data packet with the APP ID value of the relevant service in the northbound interface processing module, and if they are equal, then determine the priority value of the data packet, and if not, continue Compare the APP ID values of other services; specifically, to process the current non-ARP type IP data packets, the northbound interface processing module in the SDN controller obtains the video conference level as 1, and compares the APP ID value in the reported data packets with the northbound interface The value comparison of the video conference APP ID in the interface processing module (the application layer service identification APP ID value between the controller and the switch is consistent) values are equal, indicating that the service is a video conference, and the priority level of the data packet is determined to be 1, that is, the Priority value is 1. If it is not equal, continue to compare other business APP IDs until all business comparisons are over. If it is still not found, determine that the APP ID value is the default value 0; according to the principle that the smaller the priority value, the higher the priority, the SDN controller processes the video first. For the conference data packet, the topology management module of the SDN controller inquires whether the address of the source user exists, if yes, go to step S604, if not, go to step S603.

Step S603. The topology management module determines the first VxLAN gateway, the first VLAN switch and the VNI value to which the source user belongs through the data packet, and saves the user information of the source user.

Step S604. The topology management module of the SDN controller inquires whether the address of the destination user exists, otherwise forward to step S9; if yes, go to step S605.

Step S605. The SDN controller obtains the value of the encapsulated VxLAN header and the value of the outgoing port of the data through the configuration information of the first VxLAN gateway; the SDN OpenFlow interface module encapsulates the value of the VxLAN header, the value of the outgoing port, and the value of the priority port through OFPT_PACKET_OUT Level value informs the first VxLAN gateway, informs the first VxLAN gateway to create the data flow through OFPT_FLOW_MOD, after the OpenFlow interface module of the first VxLAN gateway receives the OFPT_FLOW_MOD message, the flow table management module of the first VxLAN gateway adds the data flow to the flow table. After receiving the OFPT_PACKET_OUT message, the tunnel encapsulation processing module of the first VxLAN gateway parses the data packet in the data flow, and encapsulates the VxLAN header to the data packet, and the last byte in the VxLAN Header is no longer a value of 0, and is the Priority value of 1, forward the encapsulated data packet from the WAN port to the second VxLAN gateway, and go to step S10. Wherein, the value of said acquisition encapsulation VxLAN header includes and the value of the data outbound port; wherein, the source MAC address of the VxLAN header is the MAC address of the first VxLAN gateway WAN port, the destination MAC address is the next-hop routing MAC address, and the Ethernet The data type carried by the network is IPv4, the source IPv4 address of the IPv4 header is the IPv4 address of the WAN port of the first VxLAN gateway, the destination IPv4 address is the IPv4 address of the next hop route, the data type carried by IPv4 is UDP, and the UDP source port and destination port are both 4789, add 8 bytes of VxLAN Header after the UDP header, the VNI value in the VxLAN Header is the VNI value to which the first VLAN switch belongs, and the priority value in the VxLAN Header is the value obtained by the SDN controller from the northbound interface processing module , the value of the data outgoing port is the value of the WAN port of the first VxLAN gateway.

Referring to Fig. 8, the specific steps for performing ARP process processing are:

Step S901. The ARP processing module judges the ARP data type of the data packet, if it is an ARP request data packet, then go to step S903; if it is an ARP reply data packet, then go to step S902.

Step S902. Whether the topology management module of the SDN controller inquires whether the address of the source user exists, if not, the topology management module determines the second VxLAN gateway, the second VLAN switch and the VNI value to which the destination user belongs through the ARP reply packet, and saves the destination User information of the user and end; if so, end; specifically, the user management submodule determines the second VxLAN gateway to which the destination user belongs through the VxLAN gateway IP address in the current ARP reply packet; through the current ARP reply packet VLAN header The VLAN ID in determines the VLAN and VNI values of the destination user, saves the user information of the destination user, and ends.

Step S903. Whether the topology management module of the SDN controller inquires whether the address of the source user exists, if not, the topology management module determines the first VxLAN gateway, the first VLAN switch and the VNI value to which the source user belongs through the ARP request packet, and saves the source For the user information of the user, go to step S904; if so, go directly to step S904; specifically, the user management submodule determines the first VxLAN gateway to which the source user belongs through the first VxLAN gateway address in the data packet; The VLAN ID in the packet VLAN header determines the VLAN and VNI values of the source user, and stores the user information of the source user.

Step S904. The topology management module of the SDN controller inquires whether the address of the destination user exists, if yes, go to step S905; if not, go to step S906.

Step S905. The SDN controller directly acts on behalf of the destination user, replies to the data packet and ends.

Step S906. The ARP processing module in the SDN controller converts the ARP request packet into an ARP proxy request packet. Specifically, modify the ARP request packet so that the source IP is 0.0.0.0, and the source MAC is the VxLAN gateway LAN port MAC, the ARP proxy request packet with the same destination IP. Send the ARP proxy request packet to all VxLAN gateways in the same intercommunication domain as the first VxLAN gateway, and all VxLAN gateways forward the ARP proxy request packet to the VLAN switch through the LAN port, and go to step S10.

The working method when the present invention actually uses comprises the following steps:

A. Prepare five hardware devices (such as computers, virtual machines, etc.) whose operating system is Linux. One of the five devices is an SDN controller, two are VxLAN gateways, and two are VLAN switches. Set the corresponding IP addresses for the five devices respectively. The IP address of the WAN port of the VxLAN gateway and the IP address of the next hop route need to be configured so that the WAN data packets of the VxLAN gateway can be sent to the layer-3 network.

B. Write the configuration management module of the VxLAN gateway. The configuration management module is mainly used to serve the VxLAN OpenFlow interface module in the VxLAN gateway. The VxLAN gateway is connected to the SDN controller through the OpenFlow protocol. The VxLAN gateway needs to know the IP address of the SDN controller and the OpenFlow port . In reality, in order to increase the flexibility of the project, the IP address of the connected SDN controller cannot be hard-coded in the program. It can be configured through the parameters after the program is running. Configure the parameters of the management module to obtain the IP address of the SDN controller and the OpenFlow port.

C. Write the SDN OpenFlow interface module of the SDN controller and the VxLAN OpenFlow interface module of the VxLAN gateway. The OpenFlow interface can separate the ability of the switch to process data and forward data, and realize the SDN environment.

D. Write the intercommunication domain management module of the SDN controller, because the VLAN ID under a VLAN switch has 4096 values, in reality, it is necessary to realize the communication between a VxLAN gateway and another VxLAN gateway. In order to isolate the communication of each group, it is necessary To use VNI to distinguish, users need to configure intercommunication domains.

The configuration of the interworking domain can configure the interworking domain through the interface of the application layer, and then write the configuration into the database of the SDN controller or send the configuration information of the interworking domain to the SDN controller through the interface of the application layer or create an interworking domain configuration file on the SDN controller .

E. Write the topology management module of the SDN controller. The topology management module realizes that the SDN controller has global topology information. The topology management module saves the topology information in the form of a Hash linked list.

F. Write the ARP processing module of the SDN controller. The ARP processing module mainly realizes the basic information of the destination IPv4 user.

G. Write the IP processing module of the SDN controller. The IP processing module mainly implements the processing of other IP types of data except the ARP type. It mainly tells the VxLAN gateway how to encapsulate the VxLAN header for the IP data packet, determine the priority of the data packet, and remove Modification of VxLAN header and VLAN ID value.

H. Write the northbound interface processing module of the SDN controller. The northbound interface processing module mainly realizes the priority strategy of different services set by the user; the interface data format set by the user can be multi-style, which can be XML or JSON.

I. Write the VxLAN gateway flow table management module in the VxLAN gateway. The user's upstream data flow uses the 5-tuple and APPID to determine whether the flow exists; the user's downstream data flow uses the 5-tuple and Priority to determine whether the flow exists. It can be determined according to the actual situation. For example, version 1.0 of the OpenFlow protocol is an 11-tuple.

J. Writing the tunnel encapsulation processing module and the tunnel decapsulation processing module in the VxLAN gateway mainly realizes sending the data packets of the layer-2 network (IPv4 layer-2 network or IPv6 layer-2 network) to the layer-3 network (IPv4 layer-3 network or IPv6 layer-3 network) network), and then reversely send the layer-3 network to the layer-2 network.

K. Write the application layer service identification module in the VxLAN gateway. User uplink data packets need to parse the APP ID value; user downlink data packets need to parse the Priority value, and use this value to determine the business processing order.

L. Write the sending and receiving packet module in the VxLAN gateway. The sending and receiving packet module mainly realizes that it can capture the user's uplink and downlink data packets, and transfer the data packets to other modules for processing.

The present invention is not limited to the above-mentioned embodiments. For those of ordinary skill in the art, without departing from the principle of the present invention, some improvements and modifications can also be made, and these improvements and modifications are also considered protection of the present invention. within range. The content not described in detail in this specification belongs to the prior art known to those skilled in the art.

Claims (8)

1. A kind of 1. system for realizing multi-priority services, it is characterised in that including SDN controllers, an at least VxLAN gateway and At least two VLAN interchangers,

   Every VxLAN gateway includes：

   Flow table management module, preserve handling process of the SDN controllers to VxLAN gateway reported data streams；

   Tunnel encapsulation processing module, it is current up according to handling process for obtaining the handling process of current upstream Data flow adds VxLAN tunnels and adds priority, forms encapsulated data packet, three layers are flowed to according to priority forwarding uplink data In network；Priority value is deposited using VxLAN Header heads reserved field；

   Tunnel decapsulation processing module, it is when front lower according to handling process for obtaining the handling process of current downlink data flow Row data diffluence is except VxLAN tunnels and changes VLAN ID, decapsulation packet is formed, so that proper preceding downstream data flow can Communicated in double layer network；

   Using layer service recognition processing module, the upstream data bag/downlink data packet received for parsing VxLAN gateways, and Its type of service is identified, is converted into upstream/downstream data flow, and is forwarded to flow table management module；

   The SDN controllers include：

   IP Process Module, the processing for other data types in addition to ARP data types；

   ARP processing modules, for for SDN controllers proxy requests/reply ARP message, opening up for purpose user to be obtained for controller Flutter information；

   Topology Management module, for obtaining global network topology information for SDN controllers；

   Intercommunication area management module, for receiving and reading the configuration of the communication between SDN controllers and all VxLAN gateways, forwarding Communication is configured to Topology Management module；

   SDN OpenFlow interface modules, the OpenFlow that SDN controllers are reported to for receiving and handling VxLAN gateways disappear Breath；The processing data bags of SDN controllers is issued to VxLAN gateways；

   Every VxLAN gateway also includes：

   Configuration management module, for reading the postrun parameter information of VxLAN gateway programs, pass through parameter acquiring VxLAN gateways Need SDN controllers IP address and the OpenFlow ports connected；

   VxLAN OpenFlow interface modules, for establishing connection between VxLAN gateways and SDN controllers；Report VxLAN nets Close the data not found in flow table management module and flow to SDN controllers；Receive and handle the processing stream that SDN controllers issue Journey；

   VxLAN send and receive packets modules, the packet of each network interface for receiving VxLAN gateways；For by after tunnel encapsulation Packet after packet and decapsulation, forwarded according to the network interface of SDN controllers requirement；

   The SDN controllers also include northbound interface processing module, for the difference issued for SDN controllers reception application interface The priority policy of business；

   Every VLAN interchanger includes：

   VLAN send and receive packets modules, the packet of each network interface for receiving VLAN；For the upstream data bag of reception to be sent out Deliver to VxLAN gateways；The downlink data packet of reception is sent to affiliated VLAN user；

   VLANID modules, the upstream data bag for being received for VLAN interchangers adds VLAN heads, downlink data packet removes VLAN heads.
2. 2. the system as claimed in claim 1 for realizing multi-priority services, it is characterised in that：The VxLAN send and receive packets module Give out a contract for a project submodule including VxLAN packet receivings submodule and VxLAN；

   The VxLAN packet receivings submodule, the packet of each network interface for receiving VxLAN gateways；

   The VxLAN gives out a contract for a project submodule, for by the packet after tunnel encapsulation and the packet after decapsulation, being controlled according to SDN The network interface of device requirement processed is forwarded, and the packet after tunnel encapsulation is forwarded by the WAN mouths of VxLAN gateways, the data after decapsulation Bag is forwarded by the LAN mouths of VxLAN gateways；Forwarded according to priority.
3. 3. the system as claimed in claim 1 for realizing multi-priority services, it is characterised in that：The VLAN send and receive packets module bag Include VLAN packet receivings submodule and VLAN gives out a contract for a project submodule；

   The VLAN packet receivings submodule, the packet of each network interface for receiving VLAN；

   The VLAN gives out a contract for a project submodule, for the upstream data bag of reception to be sent to VxLAN gateways；By the downlink data of reception Bag is sent to belonging VLAN user；

   The VLAN ID modules include VLAN ID addition submodules and VLAN ID delete submodule；

   The VLAN ID add submodule, for the upstream data bag addition VLAN heads received for VLAN interchangers, VLAN heads Portion includes VLAN id informations；

   VLAN ID delete submodule, and the downlink data packet for being received for VLAN interchangers removes VLAN heads.
4. 4. the system as claimed in claim 1 for realizing multi-priority services, it is characterised in that：

   The Topology Management module includes VxLAN gateway managements submodule, VLAN switch managements submodule and user management Module；

   The VxLAN gateway managements submodule, for preserving the VxLAN communication informations of all VxLAN gateways according to communication configuration；

   The VLAN switch managements submodule, for preserving the vlan communication information of all VLAN interchangers, vlan communication letter Breath includes the WAN mouths IP of the VxLAN gateways belonging to VLAN ID, intercommunication area VNI values and the VLAN interchangers of VLAN interchangers Address；

   The user management submodule, for preserving the user profile under all VLAN interchangers, user profile includes：User's IP address, MAC Address, the WAN mouth IP address of the affiliated VxLAN gateways of user.
5. 5. the method for realizing multi-priority services based on system described in claim 1, it is characterised in that including source user, source The first VLAN interchangers and the first VxLAN gateways that user uses；The 2nd VLAN interchangers that purpose user, purpose user use And the 2nd VxLAN gateways；

   This method comprises the following steps：

   Step S1. presets the intercommunication configuration of territory of all VxLAN gateways, VxLAN gateways in the intercommunication area management module of SDN controllers WAN mouths and next-hop route all set IP address；All application layer service priority are preset in northbound interface processing module；

   Step S2. source users are initiated to ask to purpose user, and packet is sent to the first VxLAN nets by the first VLAN interchangers Close, while the first VLAN interchangers are that the packet adds VLAN heads；

   The application layer type of service that packet is parsed using layer service recognition processing module of the VxLAN gateways of step S3. the first, will It is set to APP ID values；A data stream is formed by the five-tuple and APP ID values of packet；

   The flow table management module of the VxLAN gateways of step S4. the first checks that the data flow whether there is, if it is not, then by packet and APP ID values report to the SDN OpenFlow interface modules of SDN controllers, go to step S5；If so, then according in the flow table Handling process handled, go to step S7；

   Step S5.SDN OpenFlow interface modules judge whether packet belongs to ARP types, if so, being then forwarded to ARP processing Module, step S9 is gone to, if it is not, then going to step S6；

   Step S6. carries out IP flow processings, goes to step S7；

   The priority of the packet received using the parsing of layer service recognition processing module in the VxLAN gateways of step S7. the 2nd Value, the high downlink data packet of priority treatment priority, is inquired about, if looking into the flow table management module of the 2nd VxLAN gateways Look for unsuccessfully, packet is reported into SDN controllers, goes to step S8；If search successfully, according to the handling process in the flow table Handled, go to step S10；

   Step S8.SDN controllers inform the 2nd VxLAN gateways decapsulation VxLAN heads by OpenFlow message and change number According to the VLAN ID that the VLAN ID values in bag are the 2nd VLAN interchangers；SDN controllers inform second by OpenFlow message The newly-built data flow of VxLAN gateways；The data flow is added in flow table by the flow table management module of the 2nd VxLAN gateways, and second The tunnel decapsulation processing module of VxLAN gateways parses the packet in the data flow, removes packet VxLAN heads and repaiies Change VLAN ID values, and amended packet is forwarded to the 2nd VLAN interchangers from LAN mouths, go to step S10；

   Step S9. carries out ARP flow processings, goes to step S10；

   The VLAN interchangers of step S10. the 2nd delete the VLAN ID heads of packet, and forward it to purpose user；

   The user of step S11. mesh carries out different replies to different types of data bag.
6. 6. the method as claimed in claim 5 for realizing multi-priority services, it is characterised in that further comprising the steps of：

   The VLAN interchangers of step S12. the 2nd receive the upstream data bag that purpose user replys, and VLAN heads are added for the packet Portion, send to the 2nd VxLAN gateways；

   The VxLAN gateways of step S13. the 2nd form a data stream by the five-tuple of current data packet, the 2nd VxLAN gateways Flow table management module checks that data flow whether there is, if so, then being handled according to the stream process, terminates；If it is not, then go to step Rapid S14；

   The VxLAN gateways of step S14. the 2nd report to current data packet the SDN OpenFlow interface modules of SDN controllers, turn To step S5.
7. 7. the method as claimed in claim 5 for realizing multi-priority services, it is characterised in that in step S6, the carry out IP Flow processing concretely comprises the following steps：

   Step S601. judges whether packet belongs to IP packets, if it is not, then by data packet discarding；If so, it will then be forwarded to IP Processing module, go to step S602；

   Step S602.SDN controllers are by related service in the APP ID values in the packet of acquisition and northbound interface processing module APP ID values be compared, if equal, it is determined that the priority value of the packet, if unequal, continue to compare other industry The APP ID values of business；The address of the Topology Management module polls source user of SDN controllers whether there is, if so, going to step S604, if it is not, then going to step S603；

   Step S603. Topology Managements module determines that the first VxLAN gateways, the first VLAN belonging to source user exchange by packet Machine and VNI values, preserve the user profile of source user；

   The address of the Topology Management module polls purpose user of step S604.SDN controllers whether there is, and otherwise forward step S9；If so, go to step S605；

   Step S605.SDN controllers are obtained the value on packaging V xLAN heads and are somebody's turn to do by the configuration information of the first VxLAN gateways Data are gone out the value of port；SDN OpenFlow interface modules by OpenFlow message the value on packaging V xLAN heads, go out The value of port, priority value inform the first VxLAN gateways and the newly-built data flow, the flow table management module of the first VxLAN gateways The data flow is added in flow table, the tunnel encapsulation processing module of the first VxLAN gateways parses the data in the data flow Bag, gives packet encapsulation VxLAN heads, and the packet after encapsulation is forwarded into the 2nd VxLAN gateways from WAN mouths, goes to Step S10.
8. 8. the method as claimed in claim 5 for realizing multi-priority services, it is characterised in that in step S9, the carry out ARP Flow processing concretely comprises the following steps：

   Step S901.ARP processing modules judge the ARP data types of packet, if ARP request packet, then go to step Rapid S903；If ARP replys packet, then step S902 is gone to；

   The address of the Topology Management module polls source user of step S902.SDN controllers whether there is, if it is not, then Topology Management Module determines the 2nd VxLAN gateways, the 2nd VLAN interchangers and the VNI values belonging to purpose user by ARP reply packets, protects Deposit the user profile of purpose user and end；If so, then terminate；

   The address of the Topology Management module polls source user of step S903.SDN controllers whether there is, if it is not, then Topology Management Module determines the first VxLAN gateways, the first VLAN interchangers and the VNI values belonging to source user by ARP request packet, preserves The user profile of source user, go to step S904；If so, then pass directly to step S904；

   The address of the Topology Management module polls purpose user of step S904.SDN controllers whether there is, if so, then going to step Rapid S905；If it is not, then go to step S906；

   Step S905.SDN controllers directly act on behalf of purpose user, and packet is replied and terminated；

   The ARP request packet is converted to ARP proxy request data by the ARP processing modules in step S906.SDN controllers Bag, and send to all VxLAN gateways with the first VxLAN gateways under same intercommunication area, all VxLAN gateways should ARP proxy request data package is forwarded to VLAN interchangers by LAN mouths, goes to step S10.