CN104243344A - Effective data packet capturing method and request redirection server - Google Patents
Effective data packet capturing method and request redirection server Download PDFInfo
- Publication number
- CN104243344A CN104243344A CN201410532211.XA CN201410532211A CN104243344A CN 104243344 A CN104243344 A CN 104243344A CN 201410532211 A CN201410532211 A CN 201410532211A CN 104243344 A CN104243344 A CN 104243344A
- Authority
- CN
- China
- Prior art keywords
- packet
- value
- effective
- data packets
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides an effective data packet capturing method. The effective data packet capturing method can be used for implementing a request redirection server. The request redirection server is capable of introducing requests of network users into a cache system close to the users so as to increase resource download speed of the users. The effective data packet capturing method includes introducing network flow comprising effective packets into receiving access ports of the redirection server, receiving all the data packets entering the ports and transmitting to a network layer protocol stack by the access ports, acquiring target IP (internet protocol) addresses of the data packets by the network layer protocol stack, reserving or forwarding the data packets with the target IP addresses not local IP addresses in a routing manner and filtering the data packets on the basis of the preset filtering rule, storing memory addresses of the data packets meeting the filtering rules into corresponding descriptor rings of effective packet buffer areas, and directly deleting the data packets not meeting any filtering rules from a memory. The effective data packet capturing method solves the problem than an effective data packet capturing method based on packet capturing sometimes loses packets and consumes system resources.
Description
Technical field
The present invention relates to caching system request redirecting technique field, the Internet, particularly relate to a kind of effective data packets catching method and request Redirect Server.
Background technology
The request of Internet user to Internet resources is redirected to the nearer edge cache server of distance users by the Internet caching system, to realize the object improving user resources speed of download and reduce flow between net.
Request redirection module is a nucleus module of the Internet caching system, and effectively catching of bag is the basis that request is redirected.
First request redirection module needs to catch the HTTP request of user, P2P get-peer asks and the effective data packets such as DNS request, then by these effectively bag carry out analysis and construct it and be redirected and wrap and send to user, with realization, user is asked to the object be redirected, therefore effectively the catching method of bag is the key factor of request redirection module performance.
Traditional effective Packet capturing method, normally based on the thought of packet capturing, Unix/Linux platform can use Libpcap storehouse carry out packet capturing, and effective its step of Packet capturing method based on packet capturing is as follows:
Step 1) network packet arrives and receives after network interface, and first received network interface receives and is cached in reception buffer zone;
Step 2) network interface generation hardware interrupts, CPU response is interrupted and performs interrupt handling routine, interrupt processing copies packet to kernel memory headroom and is submitted to the process of upper-layer protocol stack, meanwhile packet capturing module utilizes the Socket created from link layer driver, obtain the copy of this packet, then by Tap function, packet is issued BPF (BSD Packet Filter) filter;
Step 3) BPF filter filters packet one by one according to the predefined filtering rule of user, and the effective data packets meeting filtering rule is cached to corresponding buffering area, and the packet not meeting filtering rule is deleted.
There are following two shortcomings in the effective Packet capturing method based on packet capturing:
1) packet capturing module obtains a copy entering network interface packet by the mode of data copy, when network traffics are larger, a large amount of memory copying can consume a lot of system resource;
2) there is certain delay in packet copy, can produce a large amount of packet losses when network traffics are larger.
Summary of the invention
The shortcoming of prior art in view of the above, the present invention is directed to existing the Internet caching system request redirection module and propose a kind of effective Packet capturing method newly, the method carries out Packet Filtering and effective Packet capturing on protocol stack basis, do not carry out network packet capturing and packet copy, thus solve existing effective Packet capturing method based on packet capturing and there is packet loss and consume the problem of a large amount of system resource.
For realizing above-mentioned target and other related objectives, the invention provides a kind of effective data packets catching method, comprising: the reception network interface network traffics comprising effective data packets being guided to request Redirect Server; Described reception network interface is set to promiscuous mode so that the packet that target MAC (Media Access Control) address is not this network interface MAC Address can be received, and is submitted to the process of network layer protocol stack; Network layer protocol stack resolution data head, to obtain the object IP address of packet, judges whether the object IP address of described packet is local IP address; If so, then described packet is pressed legacy protocol stack flow processing; If not, then carry out the process of valid data Packet capturing, comprise: the value obtaining this packet correlated characteristic, the value of correlated characteristic is substituted into each filtering rule characteristic of correspondence logical operation expression formula in filtering rule list to calculate, judge whether packet mates this filtering rule according to the value of described result of calculation; If the match is successful, then in the effective bag buffer descriptor ring memory address of this packet indicated stored in filtering rule; If all filtering rules all do not have, the match is successful, then delete this packet.
Optionally, the correlated characteristic of described packet is at least one proposition being relevant to this packet, the value of described correlated characteristic is the true-false value of this proposition, described characteristic logic operation expression is the combination of sentences of each related proposition of packet, and the result of calculation of described characteristic logic operation expression refers to the true-false value of this combination of sentences.
Optionally, the correlated characteristic of described packet comprises: attributive character and byte feature; Described attributive character comprises: whether the attribute information value of packet meets exists predetermined operation relation with preset value; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
Optionally, described attributive character comprises: in data packet header, whether and between preset value the value of every terms of information exists predetermined relational calculus relation; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
Optionally, by network of relation link, carry out light splitting or at Exit Road by the mode doing Port Mirroring, the described network traffics comprising effective data packets are guided to request Redirect Server reception network interface.
For realizing above-mentioned target and other related objectives, the invention provides a kind of request Redirect Server, comprising: the reception network interface of Redirect Server network interface card, for receiving the network data flow being directed to described request Redirect Server; Described reception network interface is set to promiscuous mode, can receive all packets entering network interface, and is submitted to the process of network layer protocol stack; Effective Packet capturing module, comprises network layer protocol stack and effective bag analysis engine; Described network layer protocol stack is used for resolution data head to obtain the object IP address of packet, judges whether the object IP address of described packet is local IP address; If so, then described packet is pressed legacy protocol stack flow processing; If not, then described packet is given described effective bag analysis engine and carry out effective Packet capturing process; Described effective bag analysis engine is used for filtering packet and catching effective data packets, comprise: the value obtaining this packet correlated characteristic, the value of correlated characteristic is substituted into each filtering rule characteristic of correspondence logical operation expression formula in filtering rule list to calculate, judge whether packet mates this filtering rule according to the value of described result of calculation; If the match is successful, then in the effective bag buffer descriptor ring memory address of this packet indicated stored in filtering rule; If all filtering rules all do not have, the match is successful, then delete this packet; Request redirection module, for the request of user to Internet resources is directed to caching server, it reads, analyze effective data packets, and constructs corresponding respond packet and send to user, realizes the guiding to user's request with this.
Optionally, the correlated characteristic of described packet is at least one proposition being relevant to this packet, the value of described correlated characteristic is the true-false value of this proposition, described characteristic logic operation expression is the combination of sentences of each related proposition of packet, and the result of calculation of described characteristic logic operation expression refers to the true-false value of this combination of sentences.
Optionally, the correlated characteristic of described packet comprises: attributive character and byte feature; Described attributive character comprises: whether the attribute information value of packet meets exists predetermined operation relation with preset value; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
Optionally, described attributive character comprises: in data packet header, whether and between preset value the value of every terms of information exists predetermined relational calculus relation; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
Optionally, by network of relation link, carry out light splitting or at Exit Road by the mode doing Port Mirroring, the described network traffics comprising effective data packets are guided to request Redirect Server reception network interface.
As mentioned above, the one request Redirect Server that the invention provides a kind of effective data packets catching method based on protocol stack and realize based on the method, the network resource request of Internet user can be directed to the nearer edge cache server of distance users by this request Redirect Server, to improve the speed that user resources obtain, and reduce settlement between different carriers cost.Effective Packet capturing method based on protocol stack comprises the reception network interface network traffics comprising effective data packets being guided to request Redirect Server; Described reception network interface is set to promiscuous mode so that the packet that target MAC (Media Access Control) address is not this network interface MAC Address can be received, and is submitted to the process of network layer protocol stack; Network layer protocol stack resolution data head, to obtain the object IP address of packet, judges whether the object IP address of described packet is local IP address; If so, then described packet is pressed legacy protocol stack flow processing; If not, then carry out the process of valid data Packet capturing, comprise: the value obtaining this packet correlated characteristic, the value of correlated characteristic is substituted into each filtering rule characteristic of correspondence logical operation expression formula in filtering rule list to calculate, judge whether packet mates this filtering rule according to the value of described result of calculation, if the match is successful, then in the effective bag buffer descriptor ring memory address of this packet indicated stored in filtering rule; If all filtering rules all do not have, the match is successful, then delete this packet.There is packet loss and consume the problem of a large amount of system resource in effective Packet capturing method that this invention solves based on packet capturing.
Accompanying drawing explanation
Fig. 1 is shown as the network environment configuration diagram applied in one embodiment of the invention.
Fig. 2 is shown as the schematic flow sheet of the effective data packets catching method in one embodiment of the invention.
Fig. 3 a to Fig. 3 d is shown as the key data structure schematic diagram of the effective data packets catching method application in one embodiment of the invention.
Fig. 4 is shown as the structural representation of the request Redirect Server in one embodiment of the invention.
Fig. 5 Redirect Server capture-data bag be shown as in one embodiment of the invention is laid equal stress on the application program result schematic diagram of directional data bag.
Element numbers explanation
1 request Redirect Server
11 network interface cards
111 receive network interface
12 effective Packet capturing modules
121 network layer protocol stacks
122 effective bag analysis engines
13 request redirection module
S1 ~ S7 method step
Embodiment
Below by way of specific instantiation, embodiments of the present invention are described, those skilled in the art the content disclosed by this specification can understand other advantages of the present invention and effect easily.The present invention can also be implemented or be applied by embodiments different in addition, and the every details in this specification also can based on different viewpoints and application, carries out various modification or change not deviating under spirit of the present invention.It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combine mutually.
Applied environment of the present invention is the network environment based on ICP/IP protocol stack, as internet.The present invention can be applied to the Internet caching system, is the improvement for asking Redirect Server effective data packets acquiring technology in the Internet caching system; Consult and Figure 1 shows that a Internet caching system embodiment, the Internet caching system is primarily of request Redirect Server and buffer memory server cluster composition, and main operational principle and flow process are: in (1) net, Internet user initiates the request to the outer resource of net; (2) this request data package is directed to the reception network interface of request Redirect Server; (3) ask Redirect Server to be caught, analyze this request data package and wrap to produce corresponding being redirected and send to the interior user of net; (4) after user receives the redirected packet of request, the request of user to the outer resource of net is directed into caching server, user initiates resource request to caching server again, if the resource of now user's request is buffered in caching server, then the resource that user asks directly is sent to user by caching server, otherwise caching server initiates back source request to source station, send to user after Gains resources and buffer memory is carried out to the resource got.
Refer to Fig. 2, the invention provides a kind of effective data packets catching method, comprising:
Step S1: the reception network interface network traffics comprising effective data packets being guided to request Redirect Server.
In one embodiment, can by network of relation link, carry out light splitting or at Exit Road by doing the modes such as Port Mirroring, the described network traffics comprising effective data packets are guided to the reception network interface of request Redirect Server, described reception network interface can be that the network interface card on request request Redirect Server provided.
Step S2: described reception network interface is set to promiscuous mode so that all packets entering network interface can be received, and is submitted to the process of network layer protocol stack.
In one embodiment, for linux server, can by perform shell-command: its eth0 network interface is arranged to promiscuous mode by ifconfig eth0 promisc.
Step S3: network layer protocol stack resolution data head, to obtain the object IP address of packet, judges whether the object IP address of described packet is local IP address.
In one embodiment, whether the object IP address namely judging packet is the machine (request Redirect Server) IP address, does not abandon or routing forwarding but carry out processing to catch effective data packets at the network layer protocol stack packet that is non-native IP address by object IP address.
Step S4: if so, then described packet is pressed legacy protocol stack flow processing.
In one embodiment, for the linux main frame that non-route pattern runs ICP/IP protocol stack, network layer protocol stack is resolved IP head and is judged whether the object IP of this IP packet is local IP address, process if then process packet and be submitted to upper-layer protocol after removing IP head, network layer decides to be submitted to the process of that upper-layer protocol stack according to the Protocal field of IP data header, and conventional upper-layer protocol has the agreements such as TCP, UDP, ICMP, IGMP.
Step S5: if not, then carry out the process of valid data Packet capturing, comprise: the value calculating this packet correlated characteristic, the value of correlated characteristic is substituted into the logical operation expression formula that in filtering rule list, each filtering rule is corresponding calculate, judge whether packet mates this filtering rule according to the value of described result of calculation.
In one embodiment, first network layer protocol stack is modified, at network layer protocol stack, to be divided into object IP address be local IP address and object IP address to packet is the packet of non-native IP address, and the packet being non-native IP address for object IP address does not carry out routing forwarding or abandon but directly give effective bag analysis engine carrying out effective Packet capturing process.
Effective Packet capturing of effective bag analysis engine based on the feature of packet, comprising attributive character and byte feature.Attributive character is a kind of macroscopic description for packet attribute information, and byte feature is then describe for the one of packet in byte aspect; Described attributive character comprises: whether and between preset value the attribute information value of packet exists predetermined relational calculus relation; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.For example, " destination slogan equals 80 " is an attributive character of packet, if the value of Destination port field is 80 in the TCP head of a packet, then the value of its this attributive character is 1, otherwise the value of its this attributive character is 0, " the object IP address of packet is 221.181.122.4 " is also an attributive character of data of description bag in addition, if the object IP address of packet IP head is 221.181.122.4, then this attributive character value is 1, otherwise is then 0." tcp [20:2]=0x4745 " is a byte feature of packet, if continuous two byte values offseting 20 bytes in the tcp data of a packet equal 0x4745, then the value of this byte feature is 1, otherwise this byte characteristic value is 0." dport=80 and (tcp [20:2]=0x4745 or tcp [20:2]=0x4854) " is the logical operation expression formula of above-mentioned feature, and the value for this logical operation expression formula of HTTP packet mailing to 80 ports is 1.
As shown in Figure 3 a, effectively bag feature global table is used for storing all correlated characteristics effectively wrapped in one embodiment, and wherein every bar feature comprises 5 fields, respectively: characteristic type, characteristic parameter, relational operator, preset value, characteristic value.Characteristic type takies 1 byte of memory space, and for representing that this feature is byte feature or attributive character, wherein attributive character is 0, and byte is characterized as 1; Characteristic parameter takies 16 byte of memory spaces, and characteristic parameter is description such as port, dport etc. about feature; Preset value takies 16 byte of memory spaces, is the preset value 80 etc. of the preset value such as port characteristic parameter about characteristic parameter; Relational operator takies 1 byte of memory space, for describing the relational calculus type between the characteristic parameter of this feature and preset value, such as > ,=, < etc.; Characteristic value takies 2 byte of memory spaces, represents the true-false value of this feature for certain packet, and during effective bag feature global table initialization, this field is set to-1; Therefore for above-mentioned three features: dport=80, tcp [20:2]=0x4745, tcp [20:2]=0x4854 saving as in effective bag global table (0, dport ,=, 80,-1), (1, tcp [20:2] ,=, 0x4745,-1), (1, tcp [20:2] ,=, 0x4854 ,-1).
As shown in Figure 3 b, described filter rule list for storing all effective packet filtering rules, comprising 3 fields, respectively: MD5 value, follow-up expression formula, pointer point.MD5 value takies 16 byte of memory spaces, the MD5 value of stored filter rule character string, such as the l6 position MD5 value of filtering characters string " dport=80 and (tcp [20:2]=0x4745 or tcp [20:2]=0x4854) " is d1b83e5a1c6e4332, store M D5 value and directly the object of stored filter rule character string be to save memory space on the one hand, be the seek rate in order to improve relevance filtering rule on the other hand, follow-up expression formula takies 40 byte of memory spaces, for storing the follow-up expression formula of the characteristic logic expression formula that filtering rule is correlated with, for above-mentioned filtering rule: dport=80 and (tcp [20:2]=0x4745 or tcp [20:2]=0x4854), wherein the index of dport=80 in effective bag feature global table is 0, the index of tcp [20:2]=0x4745 in effective bag feature global table is 1, the index of tcp [20:2]=0x4854 in effective bag feature global table is 2, then this logical implication expression formula is rewritten as 0 & (1|2), the follow-up expression formula of this logical expression is 012| &, therefore the follow-up expression formula field store value of this filtering rule is 012| &, pointer point stores the address of effective bag descriptor rings metadata corresponding to this filtering rule.
In one embodiment, the initialize routine of effective bag analysis engine reads all effective packet filtering rules and creates the data structure shown in Fig. 3, according to the relevant field in effective packet filtering rules initialization effective bag feature global table and filter rule list.First effective Packet capturing process calculates characteristic value in effective bag feature global table according to packet, then scan each filtering rule in filter rule list successively, the value of correlated characteristic in effective bag mark sheet is substituted into the follow-up expression formula of filtering rule and calculates the value of this follow-up expression formula and judge whether this packet mates this filtering rule with this.
Step S6: if the match is successful, then in the effective bag buffer descriptor ring indicated stored in filtering rule by the memory address of this packet.
As shown in Figure 3 b, in one embodiment, its effective bag descriptor rings Metadata can be found by the pointer point field of filtering rule, effective bag descriptor rings Metadata is the management data structures of effective bag descriptor rings, take the memory headroom of 24 bytes, this data structure comprises 4 fields: free-point, avail-point, free-num, avail-num, wherein free-point takies 8 byte of memory spaces, points to first empty descriptor in effective bag buffer descriptor ring; Avail-point takies 8 byte of memory spaces, to point in effective bag buffer descriptor ring first available descriptor; Avail-num takies 4 byte of memory spaces, represents available effective bag descriptor quantity in effective bag descriptor rings; Free-num takies 4 byte of memory spaces, represents effective bag descriptor rings hollow descriptor quantity.Whenever the effective package informatin needing storage one new, first empty descriptor is got by free-point, relevant information is recorded to the memory headroom that this descriptor is corresponding, then free-point clockwise after move a position, free-num performs and subtracts an operation, and avail-num performs and adds an operation; When needs read from effective bag descriptor rings one effectively wrap time, first available descriptor address is got by avail-point, an effective data packets is read according to the information of this descriptor record, then avail-point clockwise after move a position, free-num performs and adds an operation, and avail-num performs and subtracts 1 operation.
In one embodiment, in effective bag descriptor rings, each descriptor comprises an index field, and this field takies 4 byte of memory spaces, and represent an index value of effectively bag global index table, the data structure of effective bag concordance list is such as shown in Fig. 3 c.When effective bag that record one is new, first an empty descriptor is found according to effective bag descriptor rings Metadata, if effectively bag first time mates filtering rule for this, then find an empty index entry from effectively wrapping global index's table, record the index value of this index entry in effective bag concordance list, index entry Num field puts 1, the memory address of this packet of point field store of index entry, is then recorded to the index field in descriptor by the index value of effective for this index entry place bag concordance list; If this effective bag has mated filtering rule above, then find corresponding index entry according to the index value in effective bag concordance list of record, the Num field of this index entry is performed and adds an operation, the index value of this index entry place concordance list is stored into the index field of descriptor simultaneously.When reading effective bag of given filter rule, first according to filtered, pointer point field find effective bag descriptor rings Metadata of this filtering rule, an available descriptor is found according to Metadata, an index entry in finding effectively bag global index to show according to the index field of this descriptor, find according to the point field in index entry and read this and effectively wrap, the Num field of index entry judges whether Num is 0 after performing and subtracting an operation simultaneously, if be 0, delete effective bag that point points to, point puts NULL and upgrades effectively bag global index epi-position figure simultaneously.
As shown in Figure 3 d, in one embodiment, described effective bag global index epi-position figure takies the memory headroom that 64 take advantage of 8 bytes, for recording the free message of all index entries in effective bag concordance list, and each index entry correspondence effectively in bag global index table and 1 Bit in concordance list bitmap.If a certain Bit in concordance list bitmap is 0, then represent that the index entry of its correspondence is empty index entry, if be 1, represent that the index entry of its correspondence is non-NULL.The free message adopting independent bitmap to record global index's table is the seek rate in order to improve empty index entry.
Step S7: the match is successful if all filtering rules all do not have, then delete this packet.
In one embodiment, the packet not mating all filtering rules is not our interested packet, is directly deleted from kernel memory headroom by packet.
Be different from the processing method that conventional network layer protocol stack is the packet of non-native IP address to object IP address, in effective Packet capturing method, packet is divided into two classes by network layer protocol stack: the packet of to be the packet of the machine IP and object IP address be in object IP address non-native IP address, object IP address is that the handling process of the packet traditionally protocol stack of local IP address processes, and object IP address is that the packet of non-native IP address does not directly abandon or routing forwarding but carry out Packet Filtering to obtain effective data packets.
As shown in Figure 4, the invention provides a kind of request Redirect Server 1, portion of techniques details and said method similar, therefore repeat no more; Request Redirect Server 1 chief component comprises: the receives data packets network interface 111 request Redirect Server 1 being monitored network interface card 11, valid data report trapping module 12 chief component is network layer protocol stack 121 through special modification and effective bag analysis engine 122, and request redirection module 13.Receives data packets network interface 111 be configured to promiscuous mode make its can receive all enter network interface card 11 packet and be submitted to network layer protocol stack 121 and process.The network layer protocol stack 121 of valid data report trapping module have passed through aforesaid amendment makes it not abandon the packet that object IP address is non-native IP address or routing forwarding but give effective bag analysis engine 122 and process, effective bag analysis engine 122 pairs of packets carry out analysis and filter and are cached to by the packet memory address meeting filter condition in effective bag buffer descriptor ring corresponding to this filtering rule, do not deleted from internal memory by the packet of any filter rule match, wherein said effective data packets can comprise http get asks bag, p2p get-peer asks bag and dns request packet etc.And then request redirection module 13 reads effective data packets and to reach, the request of user to resource is redirected to caching server to produce the redirected packet of its request with this to effectively wrapping to analyze from effective bag buffer area descriptor rings.
The operation principle of request Redirect Server 1 is described for redirected user's HTTP request, first the flow comprising user's HTTP request is directed to and receives network interface 111, reception network interface 111 receives all packets and is submitted to network layer protocol stack 121 and processes, object IP address is that the packet of non-native IP address is given effective bag analysis engine 122 and processed by network layer protocol stack 121, and wherein this part packet just comprises the HTTP request of user.Effective bag analysis engine 122 carries out analysis and filter to this part packet, is stored in effective bag buffer descriptor ring by HTTP request packet as effective data packets and by its memory address.Request redirection module 13 reads HTTP 302 that then HTTP request bag construct this request bag and is redirected and wraps and send to the user of HTTP request from effective bag buffer descriptor ring, wherein the 302 location fields being redirected packet point to caching server, when user receives after this HTTP 302 is redirected packet, this HTTP request of user is directed into caching server, and HTTP request packet and HTTP 302 are redirected an example of packet as shown in Figure 5.
In sum, the invention provides the request Redirect Server of a kind of effective data packets catching method based on protocol stack and application realization thereof, the network resource request of Internet user can be directed to the nearer edge cache server of distance users by this request Redirect Server, to improve the speed that user resources obtain, and reduce settlement between different carriers cost.The method comprises and will comprise the data flow of effective data packets by being directed to the reception network interface of request Redirect Server someway; The reception network interface of request Redirect Server is set to promiscuous mode with make driving receive packet that object mac address is non-network interface mac address and packet data delivery is given network layer protocol stack to process; Network layer protocol stack resolution data head is to obtain the object IP address of packet, judge whether object IP address is local IP address, if local IP address is then according to normal this packet of protocol stack flow processing, if object IP address is not local IP address, then this packet is given effective bag analysis engine and process; Effective bag analysis engine obtains the associated eigenvalue of packet and the combination of composition characteristic value, is mated by the characteristic value combinations obtained with the characteristic value combinations of each filtering rule in filtering rule list; If the match is successful, in the effective bag buffer descriptor ring indicated stored in rule by the memory address of this packet, if strictly all rules does not all have, the match is successful, deletes this packet; Realize a group system in addition to call, manage effective bag analysis engine and read effective data packets; There is the problem of packet loss and influential system performance in this invention effective Packet capturing method solved based on packet capturing.
Above-described embodiment is illustrative principle of the present invention and effect thereof only, but not for limiting the present invention.Any person skilled in the art scholar all without prejudice under spirit of the present invention and category, can modify above-described embodiment or changes.Therefore, such as have in art usually know the knowledgeable do not depart from complete under disclosed spirit and technological thought all equivalence modify or change, must be contained by claim of the present invention.
Claims (10)
1. an effective data packets catching method, is characterized in that, comprising:
The network traffics comprising effective data packets are guided to the reception network interface of request Redirect Server;
Described reception network interface is set to promiscuous mode so that the packet that target MAC (Media Access Control) address is not this network interface MAC Address can be received, and is submitted to the process of network layer protocol stack;
Network layer protocol stack resolution data head, to obtain the object IP address of packet, judges whether the object IP address of described packet is local IP address;
If so, then described packet is pressed legacy protocol stack flow processing;
If not, then carry out the process of valid data Packet capturing, comprise: the value obtaining this packet correlated characteristic, the value of correlated characteristic is substituted into each filtering rule characteristic of correspondence logical operation expression formula in filtering rule list to calculate, judge whether packet mates this filtering rule according to the value of described result of calculation;
If the match is successful, then in the effective bag buffer descriptor ring memory address of this packet indicated stored in filtering rule;
If all filtering rules all do not have, the match is successful, then delete this packet.
2. effective data packets catching method according to claim 1, it is characterized in that, the correlated characteristic of described packet is at least one proposition being relevant to this packet, the value of described correlated characteristic is the true-false value of this proposition, described characteristic logic operation expression is the combination of sentences of each related proposition of packet, and the result of calculation of described characteristic logic operation expression refers to the true-false value of this combination of sentences.
3. effective data packets catching method according to claim 2, is characterized in that, the correlated characteristic of described packet comprises: attributive character and byte feature; Described attributive character comprises: whether the attribute information value of packet meets exists predetermined operation relation with preset value; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
4. effective data packets catching method according to claim 3, is characterized in that, described attributive character comprises: in data packet header, whether and between preset value the value of every terms of information exists predetermined relational calculus relation; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
5. effective data packets catching method according to claim 1, it is characterized in that, by on network of relation link, carry out light splitting or at Exit Road by the mode doing Port Mirroring, the described network traffics comprising effective data packets are guided to request Redirect Server reception network interface.
6. ask a Redirect Server, it is characterized in that, comprising:
The reception network interface of request Redirect Server network interface card, for receiving the network data flow being directed to described request Redirect Server; Described reception network interface is set to promiscuous mode, can receive all packets entering network interface, and is submitted to the process of network layer protocol stack;
Effective Packet capturing module, comprises network layer protocol stack and effective bag analysis engine; Described network layer protocol stack is used for resolution data packet header to obtain the object IP address of packet, judges whether the object IP address of described packet is local IP address; If so, then described packet is pressed legacy protocol stack flow processing; If not, then described packet is given described effective bag analysis engine and carry out effective Packet capturing process;
Described effective bag analysis engine is used for filtering packet and catching effective data packets, comprise: the value obtaining this packet correlated characteristic, the value of correlated characteristic is substituted into each filtering rule characteristic of correspondence logical operation expression formula in filtering rule list to calculate, judge whether packet mates this filtering rule according to the value of described result of calculation; If the match is successful, then in the effective bag buffer descriptor ring memory address of this packet indicated stored in filtering rule; If all filtering rules all do not have, the match is successful, then delete this packet;
Request redirection module, for the request of user to Internet resources is directed to caching server, it reads, analyze effective data packets, and constructs corresponding respond packet and send to user, realizes the guiding to user's request with this.
7. request Redirect Server according to claim 6, it is characterized in that, the correlated characteristic of described packet is at least one proposition being relevant to this packet, the value of described correlated characteristic is the true-false value of this proposition, described characteristic logic operation expression is the combination of sentences of each related proposition of packet, and the result of calculation value that described characteristic logic computing is expressed refers to the true-false value of this combination of sentences.
8. request Redirect Server according to claim 7, is characterized in that, the correlated characteristic of described packet comprises: attributive character and byte feature; Described attributive character comprises: whether the attribute information value of packet meets exists predetermined operation relation with preset value; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
9. request Redirect Server according to claim 8, is characterized in that, described attributive character comprises: in data packet header, whether and between preset value the value of every terms of information exists predetermined relational calculus relation; Described byte feature comprises: whether and between predetermined value the value of the predetermined quantity byte that packet content obtains under certain deviation amount exists predetermined relational calculus relation.
10. request Redirect Server according to claim 6, it is characterized in that, by on network of relation link, carry out light splitting or at Exit Road by the mode doing Port Mirroring, the described network traffics comprising effective data packets are guided to request Redirect Server reception network interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410532211.XA CN104243344B (en) | 2014-10-11 | 2014-10-11 | A kind of effective data packets catching method and request Redirect Server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410532211.XA CN104243344B (en) | 2014-10-11 | 2014-10-11 | A kind of effective data packets catching method and request Redirect Server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104243344A true CN104243344A (en) | 2014-12-24 |
| CN104243344B CN104243344B (en) | 2018-06-19 |
Family
ID=52230722
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410532211.XA Active CN104243344B (en) | 2014-10-11 | 2014-10-11 | A kind of effective data packets catching method and request Redirect Server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104243344B (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106293888A (en) * | 2015-06-04 | 2017-01-04 | 北京国双科技有限公司 | The packet capturing of data, deposit method and the packet capturing of data, deposit device |
| CN106304127A (en) * | 2015-05-13 | 2017-01-04 | 苏州简约纳电子有限公司 | A kind of LTE data surface descending error-detection error-correction method |
| CN108123888A (en) * | 2016-11-29 | 2018-06-05 | 中兴通讯股份有限公司 | Load-balancing method, the apparatus and system of message |
| CN109996201A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | A kind of Network Access Method and the network equipment |
| CN110120895A (en) * | 2019-04-11 | 2019-08-13 | 北京字节跳动网络技术有限公司 | Test method, apparatus, medium and the electronic equipment of mobile terminal communication |
| CN110198251A (en) * | 2019-04-02 | 2019-09-03 | 腾讯科技(深圳)有限公司 | A kind of method and device obtaining client address |
| CN111782140A (en) * | 2020-06-18 | 2020-10-16 | 杭州安恒信息技术股份有限公司 | Network data packet storage method and device, computer equipment and storage medium |
| CN113810428A (en) * | 2021-09-30 | 2021-12-17 | 深圳市九洲电器有限公司 | Safety control system and safety control method of edge computing equipment |
| CN114338440A (en) * | 2021-12-28 | 2022-04-12 | 杭州安恒信息技术股份有限公司 | Packet capturing method, device and system and computer readable storage medium |
| CN115037594A (en) * | 2022-06-06 | 2022-09-09 | 湖南匡安网络技术有限公司 | Transparent proxy method and system based on data packet redirection |
| TWI792728B (en) * | 2021-11-29 | 2023-02-11 | 瑞昱半導體股份有限公司 | Device for packet processing acceleration |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1937554A (en) * | 2006-09-30 | 2007-03-28 | 南京信风软件有限公司 | Method for making P2P file download flow localized |
| CN1972240A (en) * | 2005-11-24 | 2007-05-30 | 武汉烽火网络有限责任公司 | Fast package filter processing method and its apparatus |
| US7493389B2 (en) * | 1998-10-29 | 2009-02-17 | Cisco Technology, Inc. | Methods and apparatus for redirecting network cache traffic |
| CN102301682A (en) * | 2011-04-29 | 2011-12-28 | 华为技术有限公司 | Method and system for network caching, domain name system redirection sub-system thereof |
| CN102833791A (en) * | 2011-06-16 | 2012-12-19 | 中兴通讯股份有限公司 | Packet domain content caching system for radio network controller (RNC) and implementing method thereof |
-
2014
- 2014-10-11 CN CN201410532211.XA patent/CN104243344B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7493389B2 (en) * | 1998-10-29 | 2009-02-17 | Cisco Technology, Inc. | Methods and apparatus for redirecting network cache traffic |
| CN1972240A (en) * | 2005-11-24 | 2007-05-30 | 武汉烽火网络有限责任公司 | Fast package filter processing method and its apparatus |
| CN1937554A (en) * | 2006-09-30 | 2007-03-28 | 南京信风软件有限公司 | Method for making P2P file download flow localized |
| CN102301682A (en) * | 2011-04-29 | 2011-12-28 | 华为技术有限公司 | Method and system for network caching, domain name system redirection sub-system thereof |
| CN102833791A (en) * | 2011-06-16 | 2012-12-19 | 中兴通讯股份有限公司 | Packet domain content caching system for radio network controller (RNC) and implementing method thereof |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106304127B (en) * | 2015-05-13 | 2019-11-01 | 苏州简约纳电子有限公司 | A kind of LTE data surface downlink error-detection error-correction method |
| CN106304127A (en) * | 2015-05-13 | 2017-01-04 | 苏州简约纳电子有限公司 | A kind of LTE data surface descending error-detection error-correction method |
| CN106293888A (en) * | 2015-06-04 | 2017-01-04 | 北京国双科技有限公司 | The packet capturing of data, deposit method and the packet capturing of data, deposit device |
| CN108123888A (en) * | 2016-11-29 | 2018-06-05 | 中兴通讯股份有限公司 | Load-balancing method, the apparatus and system of message |
| CN109996201A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | A kind of Network Access Method and the network equipment |
| CN109996201B (en) * | 2018-01-02 | 2021-01-15 | 中国移动通信有限公司研究院 | Network access method and network equipment |
| CN110198251A (en) * | 2019-04-02 | 2019-09-03 | 腾讯科技(深圳)有限公司 | A kind of method and device obtaining client address |
| CN110198251B (en) * | 2019-04-02 | 2022-08-02 | 腾讯科技(深圳)有限公司 | Method and device for obtaining client address |
| CN110120895A (en) * | 2019-04-11 | 2019-08-13 | 北京字节跳动网络技术有限公司 | Test method, apparatus, medium and the electronic equipment of mobile terminal communication |
| CN111782140A (en) * | 2020-06-18 | 2020-10-16 | 杭州安恒信息技术股份有限公司 | Network data packet storage method and device, computer equipment and storage medium |
| CN113810428A (en) * | 2021-09-30 | 2021-12-17 | 深圳市九洲电器有限公司 | Safety control system and safety control method of edge computing equipment |
| TWI792728B (en) * | 2021-11-29 | 2023-02-11 | 瑞昱半導體股份有限公司 | Device for packet processing acceleration |
| CN114338440A (en) * | 2021-12-28 | 2022-04-12 | 杭州安恒信息技术股份有限公司 | Packet capturing method, device and system and computer readable storage medium |
| CN115037594A (en) * | 2022-06-06 | 2022-09-09 | 湖南匡安网络技术有限公司 | Transparent proxy method and system based on data packet redirection |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104243344B (en) | 2018-06-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104243344A (en) | Effective data packet capturing method and request redirection server | |
| CN111371779B (en) | Firewall based on DPDK virtualization management system and implementation method thereof | |
| CN104901997B (en) | System and method for the direct storage access in content center network | |
| JP3459183B2 (en) | Packet verification method | |
| JP3464610B2 (en) | Packet verification method | |
| US8812727B1 (en) | System and method for distributed load balancing with distributed direct server return | |
| US7760733B1 (en) | Filtering ingress packets in network interface circuitry | |
| JP3492920B2 (en) | Packet verification method | |
| EP3229407A1 (en) | Application signature generation and distribution | |
| US20080310416A1 (en) | Vlan server | |
| US9356844B2 (en) | Efficient application recognition in network traffic | |
| CN106911778A (en) | A kind of flow bootstrap technique and system | |
| US20030018914A1 (en) | Stateful packet forwarding in a firewall cluster | |
| KR20140143155A (en) | Offloading packet processing for networking device virtualization | |
| US20080101222A1 (en) | Lightweight, Time/Space Efficient Packet Filtering | |
| CN112118167B (en) | Method for quickly transmitting cross-network tunnel data | |
| CN110061921B (en) | Cloud platform data packet distribution method and system | |
| CN105939284A (en) | Message control strategy matching method and device | |
| US20220006782A1 (en) | Efficient matching of feature-rich security policy with dynamic content using user group matching | |
| JP6783501B2 (en) | Information transmission system, information communication device, information transmission device, and program | |
| Barbette et al. | Building a chain of high-speed VNFs in no time | |
| US20050086325A1 (en) | Method and apparatus for network content insertion and phase insertion | |
| US20110231480A1 (en) | Server apparatus, network access method, and computer program | |
| CN111030970B (en) | Distributed access control method and device and storage equipment | |
| US7844731B1 (en) | Systems and methods for address spacing in a firewall cluster |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |