+

WO2018001242A1 - Procédé et appareil de traitement de message de données - Google Patents

Procédé et appareil de traitement de message de données Download PDF

Info

Publication number
WO2018001242A1
WO2018001242A1 PCT/CN2017/090326 CN2017090326W WO2018001242A1 WO 2018001242 A1 WO2018001242 A1 WO 2018001242A1 CN 2017090326 W CN2017090326 W CN 2017090326W WO 2018001242 A1 WO2018001242 A1 WO 2018001242A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
port
vlan
processing
domain
Prior art date
Application number
PCT/CN2017/090326
Other languages
English (en)
Chinese (zh)
Inventor
张平平
陈志伟
孙军欢
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018001242A1 publication Critical patent/WO2018001242A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks

Definitions

  • the present invention relates to the field of communications devices, and in particular, to a data packet processing method and apparatus.
  • SDN Software Defined Network
  • SDN is a new type of network innovation architecture. It is an implementation of network virtualization. Its core technology OpenFlow OpenFlow through the control plane and data plane of network equipment. Separate and separate, thus achieving flexible control of network traffic, making the network more intelligent as a pipeline. What SDN does is to separate the control of the network device, managed by a centralized controller, without relying on the underlying network devices (routers, switches, firewalls), shielding the differences from the underlying network devices.
  • the control of the network device is completely open, and the user can customize any network routing and transmission rule policies that he wants to implement according to his own expectations, which makes the network more flexible and intelligent.
  • the approach taken to achieve the effect of dual mode forwarding is: at SDN
  • the switch is planned in advance, and it is planned which ports are SDN ports for processing SDN domain services, and which ports are traditional ports for handling traditional domain services.
  • the service that can be carried by a port has been determined: the SDN port can only process the SDN domain service.
  • the SDN port receives the unknown unicast packet, it will transmit the packet to the CPU. (Central Processing Unit), the CPU encapsulates the packet and sends it to the controller, and the controller determines the forwarding processing rule of the packet.
  • a traditional port can only be used for traditional domain services. If a traditional port of an SDN switch receives a data packet, it will flood the data packet.
  • the data packet processing method and device provided by the embodiment of the present invention mainly solve the technical problem: when the dual-mode service processing of the network device is implemented in the prior art, the network device of the SDN domain and the traditional network are simply The ports of the device are physically fused. The ports of the network device cannot be reused, resulting in low resource utilization and low network flexibility.
  • an embodiment of the present invention provides a packet processing method, including:
  • the port is configured with the SDN domain VLAN identifier and the traditional domain VLAN identifier, and the packet carries the VLAN information.
  • the processing manner of the packet is determined according to the VLAN information carried in the packet and the VLAN identifier configured on the port, and the packet is processed accordingly.
  • the embodiment of the invention further provides a message processing device, including:
  • a receiving module configured to receive a packet transmitted by a port of the network device, where the port is configured with an SDN domain VLAN identifier and a traditional domain VLAN identifier, where the packet carries VLAN information;
  • the processing module is configured to determine a processing manner of the packet according to the VLAN information carried in the packet and the VLAN identifier configured on the port, and perform corresponding processing on the packet.
  • the embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the message processing method of any of the foregoing.
  • the SDN domain VLAN identifier and the traditional domain VLAN identifier are configured on the port in advance, and after receiving the packet transmitted by the port, according to the packet carrying the packet.
  • the VLAN ID and the VLAN ID configured on the corresponding port determine how the packet is processed.
  • the same port on the network device can process the service of the SDN domain and the service of the traditional domain at the same time, and the corresponding port is not separately set for the service of the SDN domain and the service of the traditional domain, thereby saving the network device.
  • Port resources enable optimal configuration of resources.
  • FIG. 1 is a flowchart of a packet processing method according to Embodiment 1 of the present invention.
  • FIG. 2 is a flowchart of processing a data packet of an unknown unicast SDN domain according to Embodiment 1 of the present invention
  • FIG. 3 is a flowchart of processing a data packet of an unknown unicast SDN domain according to Embodiment 1 of the present invention
  • FIG. 4 is a schematic structural diagram of a packet processing apparatus according to Embodiment 2 of the present invention.
  • FIG. 5 is a schematic structural diagram of a switch according to Embodiment 3 of the present invention.
  • FIG. 6 is a flowchart of processing a packet by a switch according to Embodiment 3 of the present invention.
  • FIG. 7 is a schematic diagram of an application scenario of a packet processing method according to Embodiment 3 of the present invention.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • this embodiment provides a packet processing method, as shown in FIG. 1:
  • the network device in this embodiment may be a switch or a router.
  • the SDN domain VLAN ID and the traditional domain VLAN ID can be configured on the port of the network device.
  • the VLAN ID of the SDN domain configured for the port of the network device is VLAN 3 to VLAN 9.
  • the VLAN ID of the traditional domain is VLAN 13 to VLAN 19. This indicates that the port can handle the SDN domain services of VLANs 3 to 9 and the traditional domain services of VLANs 13 to 19. It can be understood that the VLAN identifier of the SDN domain and the VLAN identifier of the legacy domain should be different under the same port.
  • the packet should contain at least the VLAN information of the packet.
  • the VLAN information can be used to determine the processing mode of the packet according to the VLAN identifier configured on the port that receives the packet.
  • S104 Determine, according to the VLAN information carried in the packet and the VLAN identifier configured on the port that transmits the packet, the processing mode of the packet, and perform corresponding processing on the packet.
  • the hardware forwarding table stores some packet forwarding rules corresponding to the destination information, where the destination information includes the destination IP address or the destination MAC address of the packet. Taking the destination information as an IP address as an example, for a packet whose destination information is "125.120.218.106", the forwarding rule stored in the hardware forwarding table is transmitted from port 4; taking the destination information as a MAC address as an example, If the destination MAC address is "00-01-6C-06-A6-29", the packet is output from port 7 of the network device. Therefore, after receiving a packet, the port of the network device can pass The packet destination information carried in the packet is queried in the hardware forwarding table.
  • the network device can directly follow the packet according to the hardware.
  • the forwarding rules in the forwarding table are transmitted. For those packets that cannot be queried from the hardware forwarding table, that is, packets that do not record forwarding rules in the hardware forwarding table, we call it "unknown unicast.”
  • flooding is a data stream delivery technology used by switches and bridges to send data streams received by an interface from all interfaces except the interface.
  • the virtual forwarding instance corresponding to the VLAN information in the packet, and corresponding to the port configured with the VLAN identifier corresponding to the VLAN information.
  • the correspondence between the virtual forwarding instance and the port can be one-to-one, but more often than one-to-many.
  • the VLAN information carried in a packet is VLAN 3.
  • VLAN 3 a virtual forwarding instance A can be obtained.
  • the virtual forwarding instance A corresponds to all the ports in the network device configured with the VLAN ID of VLAN 3. Therefore, the information of all the ports with the VLAN 3 identifier in the network device can be obtained through the virtual forwarding instance as a medium.
  • port 1, port 7, and port 8 all have the VLAN ID of VLAN 3. Therefore, port 1, port 7, and port 8 are the ports associated with the VLAN information in the packet.
  • the SDN domain processes the unknown unicast packets differently from the traditional ones.
  • the SDN port usually encapsulates the packets by using the protocol of the SDN domain, and then transmits the packets to the controller.
  • the controller processes the packets according to a series of algorithms. After the calculation, the forwarding processing rule for the message is determined. Then, after receiving the forwarding processing rule sent by the controller, the forwarding processing may be performed according to the forwarding processing rule. The rule forwards the packet accordingly.
  • each port of the network device processes only one type of service, either an SDN domain service or a traditional domain service, so each port only receives the related services of the type that can be processed by itself.
  • the SDN domain VLAN identifier and the traditional domain VLAN identifier are configured for one port at the same time. Therefore, one port can carry two types of services, that is, the SDN domain and the traditional domain. Therefore, the port of the network device in this embodiment is used.
  • the received packet may not be simply a packet of the SDN domain or a packet of the traditional domain.
  • the processing of these two types of messages is very different. Therefore, in this embodiment, after receiving the packet transmitted by the port of the network device, it is necessary to determine the processing manner for the packet, and it should be understood that determining the processing manner for the packet is actually the packet. Types are distinguished.
  • the SDN domain VLAN of VLAN 3 to VLAN 9 is configured for a port of the network device, and the traditional domain VLAN of VLAN 13 to VLAN 19 is also configured.
  • the VLAN information carried in the packet received by the port is VLAN 1.
  • the network device cannot process the packet. Therefore, the packet can be directly discarded.
  • the device determines whether the packet is an unknown unicast data packet. Determining whether a packet is an unknown unicast data packet can be mainly divided into two processes:
  • Any packet carries a protocol identifier. If a packet is a data packet, it may carry a relatively common TCP protocol identifier or a UDP protocol identifier. If it is a protocol packet, the protocol it carries is The identity is no longer the normal TCP protocol identifier or UDP protocol identifier. A specific type of protocol identifier is stored in the ACL. After obtaining the protocol identifier carried in the packet, the ACL can be searched in the ACL to determine that the protocol identifier carried in the packet is in the ACL. does it exist.
  • the packet is a protocol packet.
  • the protocol packet processing mode is simple and can be directly controlled.
  • the CPU sent to the network device is sent by the CPU to the protocol stack module in the network device for processing. If the corresponding protocol identifier does not exist in the ACL, the packet is a data packet.
  • the hardware forwarding table has been introduced in the foregoing, and the forwarding rules of the messages sent to these destinations are stored in the hardware forwarding table in units of destination information. Therefore, when a packet is received, the destination information carried in the packet may be found in the hardware forwarding table according to the destination information carried in the packet. If yes, the packet is not unknown.
  • the broadcast packet can be directly forwarded by the network device. If the destination information carried in the packet does not exist in the hardware forwarding table, it indicates that the network device does not currently know which specific packet should be forwarded to. On the port, therefore, the message belongs to an unknown unicast message.
  • the packet may be determined to belong to the SDN domain or the legacy domain according to the VLAN information in the packet and the VLAN identifier of the port transmitting the packet.
  • the method may be that the VLAN information in the packet matches the VLAN identifier of the SDN domain in the packet. If the matching succeeds, the packet belongs to the SDN domain. If the matching is unsuccessful, the packet belongs to the traditional domain. . Similarly, the VLAN information of the packet can be matched with the traditional domain VLAN identifier of the port. If the match is successful, the packet belongs to the traditional domain. Otherwise, the packet belongs to the SDN domain.
  • the SDN domain can process the unknown unicast data packets.
  • Figure 2 For the processing flow of unknown unicast data packets in the SDN domain, see Figure 2:
  • S202 Encapsulate the packet by using a protocol of the SDN domain, and then transmit the packet to the controller.
  • the packet is sent to the protocol stack module in the network device, and the SDN protocol stack in the protocol stack module is used to match the packet according to the SDN domain protocol.
  • the encapsulation process is performed, and the upper layer protocol tag is added and transmitted to the controller.
  • the SDN protocol mainly includes OpenFlow and the like.
  • the controller After receiving the encapsulated message, the controller determines how the message should be sent to its destination according to a series of algorithms or processing rules. These forwarding rules are included in the processing table and delivered to the network device.
  • the packet may be sent out according to the forwarding rule included in the processing table.
  • the packet indicating that the destination information is A should be sent out on the network device's port 3, according to the indication.
  • the message is transmitted to port 3.
  • the processing table can be updated to facilitate subsequent network device processing of subsequent packets.
  • the packet can be processed according to the forwarding rule corresponding to the destination information A.
  • the switchable chip can obtain a virtual forwarding instance from the forwarding control module. If the VLAN identifier of each port is different in a switch, the virtual forwarding instance can be obtained only according to the packet. The included VLAN information is carried out. If the two ports of a switch are the SDN port and the traditional port, and the two ports are configured with the same VLAN ID, you can obtain the virtual forwarding instance based on the VLAN information in the packet and receive the packet. The identification information of the port is used to obtain the virtual forwarding instance. The forwarding control module determines whether the packet is received by the SDN port or received by the traditional port according to the identification information of the port, so that the packet is allocated virtual forwarding according to the actual situation. Example.
  • S304 Determine, according to the virtual forwarding instance, a port that is a flooding outlet of the packet.
  • the virtual forwarding instance corresponds to the VLAN information in the packet. It also corresponds to the port configured with the VLAN ID corresponding to the VLAN information.
  • the mapping between the virtual forwarding instance and the port can be one-to-one, but more The situation is one-to-many.
  • the SDN domain uses the protocol of the SDN domain to encapsulate the packet, and the process of encapsulation processing is generally performed by the CPU of the network device. Therefore, when the packet is determined When the MPLS domain belongs to the unknown unicast data packet, the forwarding control module can also obtain the corresponding virtual forwarding instance.
  • the virtual forwarding instance indicates that the flooding exit of the packet is the CPU.
  • the present invention provides a scheme for configuring the same VLAN identifier for an SDN port and a legacy port.
  • the same VLAN is configured on different ports, which can effectively save VLAN resources and improve resource utilization. .
  • the underlying switching chip will report the MAC information or routing information of the packet after receiving the message, and then report the learning message to the upper layer software for processing by the upper layer software, but for the SDN domain, It is not necessary to need such a learning message, and therefore, it can be discarded directly. Therefore, in this embodiment, after receiving the learning message, it may first determine whether the learning message is an SDN domain, and if so, discard it directly, and if not, hand the learning message to the upper layer software for processing.
  • the SDN domain VLAN identifier and the traditional domain VLAN identifier can be configured on one port at the same time, and the VLAN information carried in the packet and the corresponding port are received when the packet is received.
  • the configured VLAN ID determines how the packet is processed.
  • the same port on the network device can process the service of the SDN domain and the service of the traditional domain at the same time, and the corresponding port is not separately set for the service of the SDN domain and the service of the traditional domain, thereby saving the network device.
  • the port resource realizes the optimal configuration of resources, which is beneficial to the improvement of network application flexibility.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • the present embodiment provides a message processing apparatus.
  • the message processing apparatus 40 shown in FIG. 4 includes a receiving module 402 and a processing module 404.
  • the receiving module 402 is configured to receive a message transmitted by the network device port.
  • the network device in this embodiment may be a switch or a router.
  • the SDN domain VLAN ID and the traditional domain VLAN ID can be configured on the port of the network device.
  • the VLAN ID of the SDN domain configured for the port of the network device is VLAN 3 to VLAN 9.
  • the VLAN ID of the traditional domain is VLAN 13 to VLAN 19. This indicates that the port can handle the SDN domain services of VLANs 3 to 9 and the traditional domain services of VLANs 13 to 19. It can be understood that the VLAN identifier of the SDN domain and the VLAN identifier of the legacy domain should be different under the same port.
  • the packet should contain at least the VLAN information of the packet.
  • the VLAN information can be used to determine the processing mode of the packet according to the VLAN identifier configured on the port that receives the packet.
  • the processing module 404 determines the processing mode of the packet according to the VLAN information carried in the packet and the VLAN identifier configured on the port for transmitting the packet, and performs corresponding processing on the packet.
  • the hardware forwarding table stores some packet forwarding rules corresponding to the destination information, where the destination information includes the destination IP address or the destination MAC address of the packet. Taking the destination information as an IP address as an example, for a packet whose destination information is "125.120.218.106", the forwarding rule stored in the hardware forwarding table is transmitted from port 4; taking the destination information as a MAC address as an example, If the destination MAC address is "00-01-6C-06-A6-29", the packet is output from port 7 of the network device. Therefore, after receiving a packet, the port of the network device can query the destination information of the packet carried in the packet to the hardware forwarding table. If it is found that the destination of the packet has been recorded in the hardware forwarding table.
  • the forwarding rule of the information the network device can directly transmit the packet according to the forwarding rule in the hardware forwarding table. For those packets that cannot be queried from the hardware forwarding table, that is, packets that do not record forwarding rules in the hardware forwarding table, we call it "unknown unicast.”
  • flooding is a data stream delivery technology used by switches and bridges to send data streams received by an interface from all interfaces except the interface.
  • the virtual forwarding instance corresponding to the VLAN information in the packet, and corresponding to the port configured with the VLAN identifier corresponding to the VLAN information.
  • the correspondence between the virtual forwarding instance and the port can be one-to-one, but more often than one-to-many.
  • the VLAN information carried in a packet is VLAN 3.
  • VLAN 3 a virtual forwarding instance A can be obtained.
  • the virtual forwarding instance A corresponds to all the ports in the network device configured with the VLAN ID of VLAN 3. Therefore, the information of all the ports with the VLAN 3 identifier in the network device can be obtained through the virtual forwarding instance as a medium.
  • port 1, port 7, and port 8 all have the VLAN ID of VLAN 3. Therefore, port 1, port 7, and port 8 are the ports associated with the VLAN information in the packet.
  • the SDN domain processes the unknown unicast packets differently from the traditional ones.
  • the SDN port usually encapsulates the packets by using the protocol of the SDN domain, and then transmits the packets to the controller.
  • the controller processes the packets according to a series of algorithms. After the calculation, the forwarding processing rule for the message is determined. Then, after receiving the forwarding processing rule sent by the controller, the packet may be forwarded according to the forwarding processing rule.
  • each port of the network device processes only one type of service, either an SDN domain service or a traditional domain service, so each port only receives the related services of the type that can be processed by itself.
  • the SDN domain VLAN identifier and the traditional domain VLAN identifier are configured for one port at the same time. Therefore, one port can carry two types of services, that is, the SDN domain and the traditional domain. Therefore, the port of the network device in this embodiment is used. Connect The received packet may no longer be simply a message in the SDN domain or a message in the traditional domain. However, the processing of these two types of messages is very different. Therefore, in this embodiment, after receiving the packet transmitted by the port of the network device, it is necessary to determine the processing manner for the packet, and it should be understood that determining the processing manner for the packet is actually the packet. Types are distinguished.
  • the SDN domain VLAN of VLAN 3 to VLAN 9 is configured for a port of the network device, and the traditional domain VLAN of VLAN 13 to VLAN 19 is also configured.
  • the VLAN information carried in the packet received by the port is VLAN 1.
  • the network device cannot process the packet. Therefore, the packet can be directly discarded.
  • the device determines whether the packet is an unknown unicast data packet. Determining whether a packet is an unknown unicast data packet can be mainly divided into two processes:
  • Any packet carries a protocol identifier. If a packet is a data packet, it may carry a relatively common TCP protocol identifier or a UDP protocol identifier. If it is a protocol packet, the protocol it carries is The identity is no longer the normal TCP protocol identifier or UDP protocol identifier. A specific type of protocol identifier is stored in the ACL. After obtaining the protocol identifier carried in the packet, the ACL can be searched in the ACL to determine that the protocol identifier carried in the packet is in the ACL. does it exist.
  • the packet is a protocol packet.
  • the protocol packet is processed in a simple manner. You can control the CPU directly to send it to the CPU of the network device. The protocol is sent to the protocol stack module in the network device for processing. If the corresponding protocol identifier does not exist in the ACL, the packet is a data packet.
  • the hardware forwarding table has been introduced in the foregoing, and the forwarding rules of the messages sent to these destinations are stored in the hardware forwarding table in units of destination information. Therefore, when receiving a message, it can also be based on the message.
  • the destination information is carried in the hardware forwarding table to check whether the destination information carried in the packet exists. If it exists, the packet is not an unknown unicast packet, and can be directly forwarded by the network device; If the destination information of the packet does not exist in the hardware forwarding table, the network device does not know which port to forward the packet to. The packet belongs to the unknown unicast packet.
  • the packet may be determined to belong to the SDN domain or the legacy domain according to the VLAN information in the packet and the VLAN identifier of the port transmitting the packet.
  • the method may be that the VLAN information in the packet matches the VLAN identifier of the SDN domain in the packet. If the matching succeeds, the packet belongs to the SDN domain. If the matching is unsuccessful, the packet belongs to the traditional domain. . Similarly, the VLAN information of the packet can be matched with the traditional domain VLAN identifier of the port. If the match is successful, the packet belongs to the traditional domain. Otherwise, the packet belongs to the SDN domain.
  • the processing module 404 can process the processing manner of the unknown unicast data packet according to the SDN domain:
  • the processing module 404 encapsulates the packet by using the protocol of the SDN domain and transmits the packet to the controller.
  • the processing module 404 sends the packet to the protocol stack module in the network device, and the SDN protocol stack in the protocol stack module is based on the SDN domain protocol.
  • the packet is encapsulated, and the upper layer protocol tag is added to the controller.
  • the SDN protocol mainly includes OpenFlow and the like.
  • the controller After receiving the encapsulated message, the controller determines how the message should be sent to its destination according to a series of algorithms or processing rules. These forwarding rules are included in the processing table and delivered to the network device.
  • the processing module 404 receives a processing table for the message sent by the controller.
  • the processing module 404 forwards the message according to the processing table and further includes information included in the processing table. New to hardware forwarding table.
  • the packet may be sent according to the forwarding rule included in the processing table. For example, if the packet indicating that the destination information is A in the processing table should be sent by the port 3 of the network device, Transfer the message to port 3 according to the instructions. For all the data packets whose destination information is A in the SDN domain, the data packet can be forwarded from port 3 according to the forwarding rule. Therefore, in order to facilitate subsequent network device processing of subsequent packets, the processing module 404 can The processing table is updated to the hardware forwarding table. After the packet whose destination information is also A is reappeared in the subsequent process, the packet can be processed according to the forwarding rule corresponding to the destination information A.
  • the processing module 404 can process the processing manner of the unknown unicast data packet according to the traditional domain:
  • the processing module 404 obtains a corresponding virtual forwarding instance according to the VLAN information included in the packet.
  • the switchable chip can obtain a virtual forwarding instance from the forwarding control module. If the VLAN identifier of each port is different in a switch, the virtual forwarding instance can be obtained only according to the packet. The included VLAN information is carried out. If the two ports of a switch are the SDN port and the traditional port, and the two ports are configured with the same VLAN ID, you can obtain the virtual forwarding instance based on the VLAN information in the packet and receive the packet. The identification information of the port is used to obtain the virtual forwarding instance. The forwarding control module determines whether the packet is received by the SDN port or received by the traditional port according to the identification information of the port, so that the packet is allocated virtual forwarding according to the actual situation. Example.
  • the virtual forwarding instance corresponds to the VLAN information in the packet. It also corresponds to the port configured with the VLAN ID corresponding to the VLAN information.
  • the mapping between the virtual forwarding instance and the port can be one-to-one, but more The situation is one-to-many.
  • the processing module 404 determines, as the virtual forwarding instance, a port that is a flooding outlet of the packet.
  • the SDN domain protocol is used to encapsulate the packet processing, and the process of encapsulation processing is generally performed by the network device.
  • the CPU performs the process. Therefore, when it is determined that the packet belongs to the SDN domain and the unknown unicast data packet, the forwarding control module may also obtain the corresponding virtual forwarding instance, but the virtual forwarding instance indicates the flooding of the packet.
  • the exit is CPU.
  • processing module 404 floods the message to determine each port.
  • the present invention provides a scheme for configuring the same VLAN identifier for an SDN port and a legacy port.
  • the same VLAN is configured on different ports, which can effectively save VLAN resources and improve resource utilization. .
  • the underlying switching chip will report the MAC information or routing information of the packet after receiving the message, and then report the learning message to the upper layer software for processing by the upper layer software, but for the SDN domain, It is not necessary to need such a learning message, and therefore, it can be discarded directly. Therefore, in this embodiment, after receiving the learning message, the processing module 404 may first determine whether the learning message is an SDN domain, and if so, discard it directly, and if not, hand the learning message to the upper layer software for processing. .
  • the packet processing apparatus 40 provided in this embodiment may be deployed on a switch or a router, where the receiving module 402 may be implemented by a switch chip in a switch or a router, and the processing module 404 may be replaced by a switch chip in a switch or a router.
  • the CPU is implemented together.
  • the controller may be a physical device or an application running on a general purpose server.
  • the packet processing apparatus 40 of the present embodiment can simultaneously configure the SDN domain VLAN identifier and the traditional domain VLAN identifier on one port, and according to the VLAN information and the corresponding port carried in the packet when receiving the packet transmission packet.
  • the VLAN ID configured below determines how the packet is processed.
  • the same port on the network device can process the service of the SDN domain and the service of the traditional domain at the same time, and the corresponding port is not separately set for the service of the SDN domain and the service of the traditional domain, thereby saving the network device.
  • the port resource realizes the optimal configuration of resources, which is beneficial to the improvement of network application flexibility.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • the message processing method and the second embodiment in the first embodiment are provided below with reference to specific examples.
  • the packet processing device is described.
  • the network device in this embodiment takes a switch as an example. However, those skilled in the art should understand that the network device may also be a router.
  • FIG. 5 shows a switch in this embodiment. Schematic diagram of the structure:
  • the switch 5 includes a switch chip 51 and a CPU 52.
  • the switch chip 51 receives the message transmitted by the external device through the port.
  • the switch provides a configuration interface.
  • the user can configure the configuration of the switch 5 from the configuration interface. For example, the user can configure the VLAN ID of the SDN domain and the VLAN ID of the traditional domain on one port 511 of the switch chip 5.
  • the port 511 receives the packet.
  • the switch chip 51 After receiving the packet, the switch chip 51 can extract the VLAN information contained in the packet.
  • the switch chip 51 determines whether the extracted VLAN information exists in the configuration of the port 511.
  • the switch chip 51 determines whether the message is a data message.
  • the device can determine whether the packet is a data packet according to the protocol identifier and the access control list included in the packet. If yes, execute S605, otherwise, execute S606.
  • the switch chip 51 discards the packet.
  • the switch cannot process the packet. Therefore, the packet can be directly discarded.
  • the switch chip 51 determines whether the message is an unknown unicast message.
  • the device determines whether the data packet is an unknown unicast packet according to the destination information carried in the hardware forwarding table and the packet. If yes, execute S607; otherwise, execute S608.
  • the switch chip 51 sends the message to the CPU.
  • the packet is a data packet, it indicates that the packet is a protocol packet.
  • the protocol packet is processed in a simple manner and can be directly sent to the CPU of the network device.
  • the switch chip 51 determines whether the packet belongs to the SDN domain according to the VLAN information in the packet and the VLAN identifier of the port that transmits the packet.
  • the VLAN information in the packet is matched with the VLAN ID of the SDN domain in the packet. If the matching succeeds, the packet belongs to the SDN domain. If the matching is unsuccessful, the packet is reported. The text belongs to the traditional domain.
  • the switch chip 51 forwards the packet according to the hardware forwarding table.
  • the forwarding process may be directly performed according to the corresponding forwarding rule.
  • the switch chip floods the packet.
  • the packet can be reported to the CPU. If the packet is a Layer 2 service, it is based on the ACL (Access Control List ACL). If it is a Layer 3 service, it is routed. If the result of the judgment is no, the packet belongs to the traditional domain, and the packet can be directly flooded according to the processing manner of the unknown unicast data packet.
  • ACL Access Control List ACL
  • S610 The CPU determines, according to the VLAN information in the packet and the VLAN identifier of the port that transmits the packet, whether the packet belongs to the SDN domain.
  • the packets reported to the CPU are not all unicast data packets of the SDN domain, and may be protocol packets of the traditional domain. Therefore, the CPU needs to judge before performing the encapsulation process. When the judgment result is yes, Then execute S611.
  • the CPU encapsulates the packet by using a protocol of the SDN domain.
  • the controller 6 After receiving the encapsulated message, the controller 6 determines how the message should be sent to its destination according to a series of algorithms or processing rules. These forwarding rules will be included in the processing table It is sent to the forwarding control module in the CPU.
  • FIG. 7 is an application scenario of the packet processing method provided by the embodiment: the server 71 and the server 72 respectively access the network device 73 and the network device 74, and the connection ports of the network devices 73 and 74 are SDN ports, and the server The forwarding of service traffic of 71 and 72 is controlled by the SDN control plane.
  • the servers 71 and 72 access the storage network and also access through the SDN instance port, but this part of the traffic goes away from the traditional control plane and is not controlled by the SDN controller. Since the servers 71 and 72 are accessed through a single network card, the connection ports of the network device 73 and the network device 74 and the servers 71 and 72 must follow the traditional plane control plane from the SDN control plane.
  • the packet processing method and device provided in this embodiment can ensure that the same port is controlled by the traditional protocol layer and can be controlled by the controller, which saves port resources and greatly increases the flexibility of application of the SDN switch in some scenarios. Sex.
  • modules or steps of the above embodiments of the present invention can be implemented by a general computing device, which can be concentrated on a single computing device or distributed among multiple computing devices.
  • they may be implemented by program code executable by the computing device, such that they may be stored in a computer storage medium (ROM/RAM, disk, optical disk) by a computing device, and at some
  • the steps shown or described may be performed in an order different than that herein, or they may be separately fabricated into individual integrated circuit modules, or a plurality of modules or steps may be fabricated into a single integrated circuit module. . Therefore, the invention is not limited to any particular combination of hardware and software.
  • the data packet processing method and apparatus provided by the embodiment of the present invention have the following beneficial effects: the same port on the network device can simultaneously process the service of the SDN domain and the service of the traditional domain, and need not be separately
  • the services of the SDN domain and the services of the traditional domain are respectively set to corresponding ports, thereby saving port resources of the network device and realizing optimal resource configuration.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Les modes de réalisation de la présente invention concernent un procédé et un appareil de traitement de message de données. Le procédé comprend les étapes suivantes : un identificateur VLAN de domaine SDN et un identificateur VLAN de domaine classique sont préconfigurés sur un port ; après réception d'un message transmis par le port, un moyen de traitement dudit message est déterminé en fonction d'informations VLAN contenues dans le message et d'un identificateur VLAN configuré pour le port correspondant. Le moyen est tel que le même port d'un dispositif de réseau peut traiter simultanément un service de domaine SDN et un service de domaine classique. Comme il n'est pas nécessaire d'établir des ports séparés pour un service de domaine SDN et un service de domaine classique, des ressources de port du dispositif de réseau sont économisées et une configuration de ressource optimale est obtenue.
PCT/CN2017/090326 2016-06-30 2017-06-27 Procédé et appareil de traitement de message de données WO2018001242A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610514793.8A CN107566237B (zh) 2016-06-30 2016-06-30 一种数据报文处理方法及装置
CN201610514793.8 2016-06-30

Publications (1)

Publication Number Publication Date
WO2018001242A1 true WO2018001242A1 (fr) 2018-01-04

Family

ID=60785835

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/090326 WO2018001242A1 (fr) 2016-06-30 2017-06-27 Procédé et appareil de traitement de message de données

Country Status (2)

Country Link
CN (1) CN107566237B (fr)
WO (1) WO2018001242A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110830371A (zh) * 2019-11-13 2020-02-21 迈普通信技术股份有限公司 报文重定向方法、装置、电子设备及可读存储介质
CN113079030A (zh) * 2020-05-29 2021-07-06 新华三信息安全技术有限公司 配置信息下发方法和接入设备
CN113452593A (zh) * 2021-06-10 2021-09-28 烽火通信科技股份有限公司 一种olt vxlan与多切片共存的方法和装置
CN114205185A (zh) * 2020-09-16 2022-03-18 厦门网宿有限公司 一种控制报文的代理方法及装置
WO2023104054A1 (fr) * 2021-12-07 2023-06-15 中兴通讯股份有限公司 Module de traitement de réseau, procédé de traitement de données, nœud de réseau et support d'enregistrement
EP4311181A4 (fr) * 2021-04-14 2024-07-31 Huawei Technologies Co., Ltd. Procédé de traitement de paquet de dcn, dispositif de réseau et système

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109495370B (zh) * 2018-12-29 2020-11-24 瑞斯康达科技发展股份有限公司 一种基于vpls的报文传输方法及装置
CN113497799B (zh) * 2020-04-08 2022-09-16 维沃移动通信有限公司 协议架构确定方法、装置及设备

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103763146A (zh) * 2014-01-29 2014-04-30 杭州华三通信技术有限公司 一种软件定义网络控制器及其生成转发信息的方法
US20150043382A1 (en) * 2013-08-09 2015-02-12 Nec Laboratories America, Inc. Hybrid network management
CN104823417A (zh) * 2012-11-29 2015-08-05 华为技术有限公司 由OpenFlow交换机和其它可编程交换机组成的混合网络的变换和统一控制

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100553220C (zh) * 2007-08-22 2009-10-21 杭州华三通信技术有限公司 一种实现vlan内下行用户隔离的方法及设备
CN105429870B (zh) * 2015-11-30 2018-10-02 北京瑞和云图科技有限公司 Sdn环境下的vxlan安全网关装置及其应用方法
CN105357099A (zh) * 2015-12-18 2016-02-24 南京优速网络科技有限公司 一种基于sdn的虚拟专用网络的实现方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104823417A (zh) * 2012-11-29 2015-08-05 华为技术有限公司 由OpenFlow交换机和其它可编程交换机组成的混合网络的变换和统一控制
US20150043382A1 (en) * 2013-08-09 2015-02-12 Nec Laboratories America, Inc. Hybrid network management
CN103763146A (zh) * 2014-01-29 2014-04-30 杭州华三通信技术有限公司 一种软件定义网络控制器及其生成转发信息的方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ZHANG, WEIFENG: "Deep Analysis of SDN-Interest, Strategy, Technology and Practice", vol. 31, 31 January 2014 (2014-01-31), pages 113 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110830371A (zh) * 2019-11-13 2020-02-21 迈普通信技术股份有限公司 报文重定向方法、装置、电子设备及可读存储介质
CN113079030A (zh) * 2020-05-29 2021-07-06 新华三信息安全技术有限公司 配置信息下发方法和接入设备
CN113079030B (zh) * 2020-05-29 2022-05-24 新华三信息安全技术有限公司 配置信息下发方法和接入设备
CN114205185A (zh) * 2020-09-16 2022-03-18 厦门网宿有限公司 一种控制报文的代理方法及装置
CN114205185B (zh) * 2020-09-16 2023-03-24 厦门网宿有限公司 一种控制报文的代理方法及装置
EP4311181A4 (fr) * 2021-04-14 2024-07-31 Huawei Technologies Co., Ltd. Procédé de traitement de paquet de dcn, dispositif de réseau et système
CN113452593A (zh) * 2021-06-10 2021-09-28 烽火通信科技股份有限公司 一种olt vxlan与多切片共存的方法和装置
CN113452593B (zh) * 2021-06-10 2022-06-03 烽火通信科技股份有限公司 一种olt vxlan与多切片共存的方法和装置
WO2023104054A1 (fr) * 2021-12-07 2023-06-15 中兴通讯股份有限公司 Module de traitement de réseau, procédé de traitement de données, nœud de réseau et support d'enregistrement

Also Published As

Publication number Publication date
CN107566237B (zh) 2021-06-29
CN107566237A (zh) 2018-01-09

Similar Documents

Publication Publication Date Title
WO2018001242A1 (fr) Procédé et appareil de traitement de message de données
Bakshi Considerations for software defined networking (SDN): Approaches and use cases
CN109561108B (zh) 一种基于策略的容器网络资源隔离控制方法
CN102857416B (zh) 一种实现虚拟网络的方法、控制器和虚拟网络
US20160301603A1 (en) Integrated routing method based on software-defined network and system thereof
EP2567529B1 (fr) Spécification de priorité dans une réponse d'un protocole de recherche et de configuration d'interface de station virtuelle
CN104022953B (zh) 基于开放流Openflow的报文转发方法和装置
US9992104B2 (en) Communication method, communication system, resource pool management system, switch device and control device
US9331936B2 (en) Switch fabric support for overlay network features
US11190435B2 (en) Control apparatus, communication system, tunnel endpoint control method, and program
US9559896B2 (en) Network-assisted configuration and programming of gateways in a network environment
WO2014136864A1 (fr) Appareil de réécriture de paquet, appareil de commande, système de communication, procédé de transmission de paquet et programme
US9900238B2 (en) Overlay network-based original packet flow mapping apparatus and method therefor
US20170346731A1 (en) Selective rule management based on traffic visibility in a tunnel
US20100054260A1 (en) Method and Apparatus to Switch Packets between Virtual Ports
JP2019500822A (ja) 仮想マシンパケット制御
CN104158745B (zh) 一种实现数据包转发的方法及系统
CN107395532A (zh) 一种基于sdn的多租户虚拟网络隔离方法
EP2915315B1 (fr) Mise à l'échelle otv au moyen d'adresses mac virtuelles de site
WO2016115836A1 (fr) Procédé et appareil de traitement d'état de routage et/ou d'informations de politique
WO2023103461A1 (fr) Procédé et système de duplication pour multidiffusion et de transfert de message inter-carte reposant sur une architecture clos
KR101797112B1 (ko) 컨테이너 네트워크 관리 시스템
EP3902211B1 (fr) Procédé de transfert de paquets et dispositif de réseau
CN105516116A (zh) 一种基于ForCES控制件控制OpenFlow交换机的系统及协议转换方法
KR101797115B1 (ko) 컨테이너 네트워크의 컨테이너 네트워킹 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17819239

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17819239

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载