CN106411744A - Method used for route processing and equipment thereof - Google Patents
Method used for route processing and equipment thereof Download PDFInfo
- Publication number
- CN106411744A CN106411744A CN201510469382.7A CN201510469382A CN106411744A CN 106411744 A CN106411744 A CN 106411744A CN 201510469382 A CN201510469382 A CN 201510469382A CN 106411744 A CN106411744 A CN 106411744A
- Authority
- CN
- China
- Prior art keywords
- address
- routing
- caching
- route
- external
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/742—Route cache; Operation thereof
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention aims at providing a method used for route processing and equipment thereof. Through detection, an external address is acquired, and the external address is mapped to a corresponding predetermined address. And then, matching query is performed in buffer memory or a route table so as to acquire route information. And finally, according to the route information, data packet processing is completed. Because the number of the predetermined addresses is controllable, a route caching number can be maintained to be at a lower level through mapping the plurality of external addresses to the predetermined addresses of a limited scope. Along with decrease of the caching number, a hot caching entry does not need to establish release again so that a caching hit rate can be increased to some extent and a utilization rate of CPU is reduced. Therefore, the route caching number is reduced and simultaneously system performance is guaranteed.
Description
Technical field
The application is related to computer realm, more particularly, to a kind of technology for route processing.
Background technology
Routing subsystem in operating system nucleus faces in the case that flow increasingly increases, due to big
The route-caching capacity measured outside ip address and lead to rises suddenly and sharply, so that systematic function declines, stability
It is affected.Two kinds of solutions are had, the first is that the path to table of query and routing is entered in prior art
Row optimizes, for example with dictionary tree (trie tree) etc., to improve search efficiency;Second is must
Route-caching function is turned off in the case of wanting.However, the first scheme is related to the adjustment on framework, can
Can need to carry out major change to kernel version, this is to a large amount of basic businesses based on original kernel version
Potential impact be huge;Even if second scheme solves stability problem to a certain extent,
But also bring huge performance cost, the cpu busy percentage for example substantially rising.
Content of the invention
This application provides a kind of method and apparatus for route processing, held with effectively solving route-caching
Amount rise suddenly and sharply so that systematic function decline problem.
A kind of one side according to the application, there is provided route processing method, wherein, the method bag
Include:
Detection treats whether the routing address of routing packets is external address;
When described routing address is external address, described routing address is mapped to obtain corresponding presumptive address;
Matching inquiry is carried out to obtain corresponding routing iinformation in route-caching according to described presumptive address;
Treat routing packets according to described RI-Pro.
Further, described when described routing address be external address, described routing address is mapped right
The presumptive address answered includes:When described routing address is external address, according to corresponding mask information by institute
State routing address and map to obtain corresponding presumptive address.
Further, the method also includes:Determined according to described route-caching corresponding caching relevant information
Corresponding mask information;Wherein, described when described routing address be external address, by described routing address
Map corresponding presumptive address includes:When described routing address is external address, believed according to described mask
Described routing address is mapped to obtain corresponding presumptive address by breath.
Further, described caching relevant information includes following at least any one:The appearance of described route-caching
Amount information;The present available capacity information of described route-caching;The caching record that described route-caching is supported
Maximum quantity information;The quantity information of the existing caching record of described route-caching.
It is further, described that carry out matching inquiry in route-caching according to described presumptive address right to obtain
The routing iinformation answered also includes:When described routing address mates miss in described route-caching, root
Carry out matching inquiry according to described routing address to obtain corresponding routing iinformation in corresponding routing table.
Further, the method also includes:According to described presumptive address and described updating route information
Route-caching.
Further, described detection treats whether the routing address of routing packets is that external address includes:According to
Corresponding subnet information detection treats whether the routing address of routing packets is external address.
Further, described detection treats whether the routing address of routing packets is that external address also includes:Inspection
Survey whether described routing address is legal address;Wherein, described when described routing address be external address,
By described routing address map corresponding presumptive address includes:When described routing address be external address and
Belong to legal address, described routing address is mapped to obtain corresponding presumptive address.
Further, described routing address includes following at least any one:The described source ground treating routing packets
Location, wherein, described treats that routing packets are the packet from external reception;The described destination treating routing packets
Location, wherein, described treat routing packets be intend be forwarded to outside packet.
Further, described routing address include described in treat the source address of routing packets, described treat route point
Group is the packet from external reception;Wherein, described detection treats whether the routing address of routing packets is outside
Address includes:When described when routing packets are not required to be forwarded, described in detection, treat the route of routing packets
Whether address is external address.
According to further aspect of the application, there is provided a kind of route processing equipment, wherein, this equipment
Including:
Detection means, treats for detection whether the routing address of routing packets is external address;
Mapping device, for being external address when described routing address, described routing address is mapped right
The presumptive address answered;
Inquiry unit, right to obtain for matching inquiry is carried out in route-caching according to described presumptive address
The routing iinformation answered;
Processing meanss, for treating routing packets according to described RI-Pro.
Further, described mapping device is used for:When described routing address is external address, according to correspondence
Mask information described routing address is mapped to obtain corresponding presumptive address.
Further, this equipment also includes:Mask determines device, for being corresponded to according to described route-caching
Caching relevant information determine corresponding mask information;Wherein, described mapping device is used for:When described road
It is external address by address, according to described mask information, described routing address is mapped corresponding predetermined
Location.
Further, described caching relevant information includes following at least any one:The appearance of described route-caching
Amount information;The present available capacity information of described route-caching;The caching record that described route-caching is supported
Maximum quantity information;The quantity information of the existing caching record of described route-caching.
Further, described inquiry unit is additionally operable to:When described routing address is in described route-caching
When joining miss, matching inquiry is carried out in corresponding routing table according to described routing address corresponding to obtain
Routing iinformation.
Further, this equipment also includes:Updating device, for according to described presumptive address and described road
Route-caching described in information updating.
Further, described detection means is used for:Treat the road of routing packets according to corresponding subnet information detection
Whether it is external address by address.
Further, described detection means is additionally operable to:Detect whether described routing address is legal address;
Wherein, described mapping device is used for:When described routing address is external address and belongs to legal address, will
Described routing address maps to obtain corresponding presumptive address.
Further, described routing address includes following at least any one:The described source ground treating routing packets
Location, wherein, described treats that routing packets are the packet from external reception;The described destination treating routing packets
Location, wherein, described treat routing packets be intend be forwarded to outside packet.
Further, described routing address include described in treat the source address of routing packets, described treat route point
Group is the packet from external reception;Wherein, described detection means is used for:Treat that routing packets are not required to when described
When to be forwarded, described in detection, treat whether the routing address of routing packets is external address.
Compared with prior art, the application obtains external address by detection, and described external address is reflected
Penetrate to obtain corresponding presumptive address, in route-caching or routing table, then carry out matching inquiry to obtain road
By information, finally according to the process of described routing iinformation complete paired data bag.Because described herein
The controllable quantity of presumptive address, can be narrow predetermined by being mapped to a large amount of external address
Location is so that route-caching quantity is maintained at a relatively low level;Even if in the concurrent situation of big flow
Down it is also possible to make route-caching quantity reduce several orders of magnitude, and reduce with caching quantity,
The cache entry of heat, without re-establishing release, can improve cache hit speed to a certain extent,
Reduce the utilization rate of CPU, thus ensure that the performance of system while reducing route-caching quantity.
Further, the application can also carry out address of cache operation using mask information, thus subtracting further
Few route-caching quantity;Moreover, it is also possible to the caching relevant information with reference to route-caching to determine and used
Mask information, thus avoiding cache overflow further to guarantee systematic function.Additionally, the application also may be used
Whether to detect this routing address before address of cache as legal address, for example, exclude Martian address, from
And reduce route-caching quantity further, also there is certain defense reaction to ddos attack.
Brief description
By reading the detailed description that non-limiting example is made made with reference to the following drawings, this Shen
Other features, objects and advantages please will become more apparent upon:
Fig. 1 illustrates a kind of method flow diagram for route processing according to the application one side;
Fig. 2 illustrates a kind of method flow for route processing according to one preferred embodiment of the application
Figure;
Fig. 3 illustrates a kind of equipment schematic diagram for route processing according to the application other side;
Fig. 4 illustrates to be illustrated according to a kind of equipment for route processing of one preferred embodiment of the application
Figure;
In accompanying drawing, same or analogous reference represents same or analogous part.
Specific embodiment
Below in conjunction with the accompanying drawings the application is described in further detail.
In one typical configuration of the application, terminal, the equipment of service network and trusted party all include
One or more processors (CPU), input/output interface, network interface and internal memory.
Internal memory potentially includes the volatile memory in computer-readable medium, random access memory
(RAM) and/or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash
RAM).Internal memory is the example of computer-readable medium.
It is permissible that computer-readable medium includes permanent and non-permanent, removable and non-removable media
Information Store is realized by any method or technique.Information can be computer-readable instruction, data knot
Structure, the module of program or other data.The example of the storage medium of computer includes, but are not limited to phase
Become internal memory (PRAM), static RAM (SRAM), dynamic random access memory
(DRAM), other kinds of random access memory (RAM), read only memory (ROM), electricity
Erasable Programmable Read Only Memory EPROM (EEPROM), fast flash memory bank or other memory techniques, read-only
Compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage,
Magnetic cassette tape, magnetic disk storage or other magnetic storage apparatus or any other non-transmission medium,
Can be used for storing the information that can be accessed by a computing device.Define according to herein, computer-readable
Medium does not include non-temporary computer readable media (transitory media), such as the data signal of modulation and
Carrier wave.
In this application, first, whether the source address of packet that detection obtains or destination address are outer
Portion address.Wherein, for the packet from external reception, detect its source address;Plan is forwarded to
Outside packet detects its destination address.Next, by mapping and must have substantial amounts of external address
The presumptive address of limit scope, thus reach the purpose reducing route-caching quantity.Finally, according to from road
By the process inquiring about the routing iinformation obtaining complete paired data bag in caching or routing table.
Route processing equipment in the application can include but is not limited to:Route in operating system nucleus
Standalone module in module in subsystem, operating system nucleus, the application of routing function can be realized
Program, router or switch etc. can realize the equipment of routing function.
Those skilled in the art will be understood that above-mentioned route processing equipment is only for example, and other are existing
Or the route processing equipment that is likely to occur such as is applicable to the application from now on, also should be included in the application and protect
Within shield scope, and here is incorporated herein with way of reference.
Fig. 1 illustrates a kind of method flow diagram for route processing according to the application one side.
The method comprising the steps of S11, step S12, step S13 and step S14.Specifically, exist
In step S11, equipment 1 detection treats whether the routing address of routing packets is external address;In step
In S12, when described routing address is external address, described routing address is mapped corresponding by equipment 1
Presumptive address;In step s 13, equipment 1 is mated in route-caching according to described presumptive address
Inquiry is to obtain corresponding routing iinformation;In step S14, equipment 1 is according to described RI-Pro
Described treat routing packets.
Here, described equipment 1 include but is not limited to user equipment, the network equipment or user equipment with
The network equipment passes through the mutually integrated equipment being constituted of network.Described user equipment its including but not limited to appoint
A kind of what mobile electronic product that can carry out man-machine interaction with user by touch pad, for example intelligent handss
Machine, PDA etc., described mobile electronic product can adopt any operating system, such as android operation
System, iOS operating system etc..Wherein, the described network equipment include one kind can be according to being previously set
Or storage instruction, automatically carry out the electronic equipment of numerical computations and information processing, its hardware include but
Be not limited to microprocessor, special IC (ASIC), programmable gate array (FPGA), numeral at
Reason device (DSP), embedded device etc..The described network equipment its including but not limited to computer, network
The cloud that main frame, single network server, multiple webserver collection or multiple server are constituted;Here,
Cloud is made up of a large amount of computers based on cloud computing (Cloud Computing) or the webserver, its
In, cloud computing is one kind of Distributed Calculation, being made up of a group loosely-coupled computer collection
Virtual supercomputer.Described network includes but is not limited to the Internet, wide area network, Metropolitan Area Network (MAN), local
Net, VPN, wireless self-organization network (Ad Hoc network) etc..Preferably, equipment 1 is gone back
Described user equipment, the network equipment or user equipment can be operate in and the network equipment, network set
Standby, touch terminal or the network equipment pass through the foot on the mutually integrated equipment being constituted of network with touch terminal
This program.Certainly, those skilled in the art will be understood that the said equipment 1 is only for example, and other are existing
Or the equipment 1 that will be likely to occur from now on be such as applicable to the application, also should be included in the application protection model
Within enclosing, and here is incorporated herein with way of reference.
It is constant work between each step of equipment 1.Specifically, in step s 11,
Equipment 1 persistently detects whether the routing address treating routing packets is external address;In step s 12,
When described routing address is external address, described routing address is persistently mapped corresponding predetermined by equipment 1
Address;In step s 13, equipment 1 continues to be mated in route-caching according to described presumptive address
Inquiry is to obtain corresponding routing iinformation;In step S14, equipment 1 continues according to described routing iinformation
Routing packets are treated, until equipment 1 stops the route that routing packets are treated in detection in step S11 described in process
Whether address is external address.
In step s 11, equipment 1 detection treats whether the routing address of routing packets is external address.
Specifically, described routing address includes following at least any one:The described source address treating routing packets,
Wherein, described treat that routing packets are the packet from external reception;The described destination address treating routing packets,
Wherein, described treat routing packets be intend be forwarded to outside packet.That is, routing packets include:From outside
The packet receiving and plan are forwarded to outside packet.Here, will be referred to as into direction from external reception packet
(ingress), will intend being forwarded to external packet referred to as outgoing direction (egress).On entering direction, described road
It is source address by address, whether detection source address is external address;On outgoing direction, described routing address
For purpose address, whether testing goal address is external address.
In the particular embodiment, described routing address include described in treat the source address of routing packets, described
Treat that routing packets are the packet from external reception;Wherein, in step s 11, routing packets are treated when described
When being not required to be forwarded, equipment 1 detect described in treat whether the routing address of routing packets is external address.
For example, the routing subsystem in operating system nucleus can be the packet receiving according to its destination
Location is forwarded, and described packet includes source address and destination address.If destination address is local,
Then this packet be not required to be forwarded;If destination address is not local, this packets need is forwarded
To next stage equipment.
For example, on entering direction, first judge packet belonging to described routing address the need of being forwarded,
When being not required to be forwarded, it is further continued for detecting whether described routing address is external address.And in outgoing direction
On, because clearly knowing that its destination address is non-local, therefore without judging whether that needs are forwarded.
Specifically, in step s 11, equipment 1 treats the road of routing packets according to corresponding subnet information detection
Whether it is external address by address.Here, entering on direction, whether detection source address is IP address in subnet;
On outgoing direction, whether testing goal address is IP address in subnet.
Preferably, in step s 11, equipment 1 also detects whether described routing address is legal address;
Wherein, in step s 12, when described routing address is external address and belongs to legal address, equipment 1
Described routing address is mapped to obtain corresponding presumptive address.
Here, described equipment 1 only maps to legal external address.By detecting described route ground
Whether location is illegal address, can be by martian packet (a packet that has an impossible
Source or destination IP, the packet comprising impossible source address or destination address) filter out,
Such as source address is that the IP address of 0.0.0.0 is such illegal address.Illegal address is filtered,
Thus DDoS (Distributed Denial of Service, distributed denial of service) is attacked serving one
Fixed defense reaction.
In step s 12, when described routing address is external address, described routing address is reflected by equipment 1
Penetrate to obtain corresponding presumptive address.Here, the described outside to IP address, non-illegal address in non-subnet
Address is mapped, and obtains described presumptive address.
Specifically, in step s 12, described routing address is reflected by equipment 1 according to corresponding mask information
Penetrate to obtain corresponding presumptive address.
For example, it is assumed that mapping to external address 202.114.1.*, mask is set to 24,
202.114.1.* all addresses be mapped into this presumptive address of 202.114.1.0.If mask is set
For 16, all addresses of 202.114.*.* are mapped into this presumptive address of 202.114.0.0.
If in extreme circumstances mask is set to 0, then in theory, all external address all will be mapped
To this presumptive address of 0.0.0.0.In order to reduce the dependency to special address 0.0.0.0, for mask it is
Presumptive address can be modified as other easy addresses indicating (such as with special handling by 0 situation
1.1.1.1).
Those skilled in the art will be understood that above-mentioned mapping mode is only for example, and other are existing or modern
The mapping mode being likely to occur afterwards is such as applicable to the application, also should be included in the application protection domain with
Interior, and here is incorporated herein with way of reference.
In step s 13, equipment 1 according to described presumptive address carry out in route-caching matching inquiry with
Obtain corresponding routing iinformation.
Here, described routing iinformation includes source address and destination address, described route-caching includes described
The described presumptive address that routing iinformation obtains with mapping.If existing described corresponding route letter in route-caching
Breath, then do not need routing table to be inquired about again.If for a brand-new external address, because on road
Do not preserve its corresponding routing iinformation by caching, so carrying out the knot of matching inquiry in route-caching
Fruit is cache miss, needs to carry out matching inquiry to routing table in the case of cache miss.Because looking into
Ask routing table and comprise various validity checkings and the distribution release of internal memory, speed is slower, therefore claims query routing
The mode of table is slow-path, and correspondingly, the mode of query routing caching is called fast path.
In the particular embodiment, for any one external address, it is all first query routing caching, that is,
Enter fast path, if cache hit, poll-final.If this external address is a brand-new address,
Do not have the corresponding routing iinformation of this external address in route-caching, then the Query Result of fast path
For cache miss, at this moment it is accomplished by by slow-path, routing table being inquired about.
Specifically, in step s 13, when described routing address mate in described route-caching miss
When, equipment 1 carries out matching inquiry to obtain corresponding road according to described routing address in corresponding routing table
By information.Here, for a brand-new external address, needs carry out coupling in corresponding routing table and look into
Ask to obtain corresponding routing iinformation.
Preferably, methods described can also include:Equipment 1 is believed according to described presumptive address and described route
Breath updates described route-caching.
In the particular embodiment, for a brand-new external address, carry out in corresponding routing table
Obtain corresponding routing iinformation after joining inquiry, need according to described presumptive address and described routing iinformation more
Newly described route-caching, writes route-caching the result of table of query and routing.So in next through street
During footpath query routing caching because in route-caching existing this external address relative recording, quickly
The Query Result in path be cache hit it is not necessary to inquire about to routing table again, thus improve inquiry
Efficiency.
In step S14, equipment 1 treats routing packets according to described RI-Pro.
Here, the described routing iinformation being obtained according to inquiry, turn to from the packet of external reception and plan
The packet being sent to outside is processed accordingly.
Fig. 2 illustrates a kind of method flow for route processing according to one preferred embodiment of the application
Figure.
The method comprising the steps of S21, step S25, step S22, step S23 and step S24.?
This, step S11, step S13, step in step S21, step S23, step S24 and Fig. 1
The content of S14 is identical or essentially identical, for simplicity's sake, repeats no more.
Specifically, in step s 25, equipment 1 is according to described route-caching corresponding caching relevant information
Determine corresponding mask information.Wherein, in step S22, when described routing address is external address,
Described routing address is mapped to obtain corresponding presumptive address according to described mask information by equipment 1.
Here, described caching relevant information includes following at least any one:The capacity letter of described route-caching
Breath;The present available capacity information of described route-caching;The caching record that described route-caching is supported is
Big quantity information;The quantity information of the existing caching record of described route-caching.
In the particular embodiment, the digit of mask can be adjusted according to the actually used situation of route-caching.
When available cache memory is more, then external address can be mapped to more presumptive address, mask digit is permissible
Take (such as mask is set to 24) more greatly;When available cache memory is less, then external address can be mapped to
Less presumptive address, mask digit takes less (for example mask is set to 0).
Fig. 3 illustrates a kind of equipment 1 for route processing according to the application other side, wherein,
Equipment 1 includes detection means 11, mapping device 12, inquiry unit 13 and processing meanss 14.
Specifically, described detection means 11 detection treats whether the routing address of routing packets is externally
Location;When described routing address is external address, described routing address is mapped right by described mapping device 12
The presumptive address answered;Described inquiry unit 13 carries out coupling in route-caching according to described presumptive address and looks into
Ask to obtain corresponding routing iinformation;Described processing meanss 14 treat road according to described RI-Pro
By being grouped.
Here, described equipment 1 include but is not limited to user equipment, the network equipment or user equipment with
The network equipment passes through the mutually integrated equipment being constituted of network.Described user equipment its including but not limited to appoint
A kind of what mobile electronic product that can carry out man-machine interaction with user by touch pad, for example intelligent handss
Machine, PDA etc., described mobile electronic product can adopt any operating system, such as android operation
System, iOS operating system etc..Wherein, the described network equipment include one kind can be according to being previously set
Or storage instruction, automatically carry out the electronic equipment of numerical computations and information processing, its hardware include but
Be not limited to microprocessor, special IC (ASIC), programmable gate array (FPGA), numeral at
Reason device (DSP), embedded device etc..The described network equipment its including but not limited to computer, network
The cloud that main frame, single network server, multiple webserver collection or multiple server are constituted;Here,
Cloud is made up of a large amount of computers based on cloud computing (Cloud Computing) or the webserver, its
In, cloud computing is one kind of Distributed Calculation, being made up of a group loosely-coupled computer collection
Virtual supercomputer.Described network includes but is not limited to the Internet, wide area network, Metropolitan Area Network (MAN), local
Net, VPN, wireless self-organization network (Ad Hoc network) etc..Preferably, equipment 1 is gone back
Described user equipment, the network equipment or user equipment can be operate in and the network equipment, network set
Standby, touch terminal or the network equipment pass through the foot on the mutually integrated equipment being constituted of network with touch terminal
This program.Certainly, those skilled in the art will be understood that the said equipment 1 is only for example, and other are existing
Or the equipment 1 that will be likely to occur from now on be such as applicable to the application, also should be included in the application protection model
Within enclosing, and here is incorporated herein with way of reference.
It is constant work between above-mentioned each device, here, it will be understood by those skilled in the art that " holding
Continuous " refer to that above-mentioned each device is wanted respectively in real time or according to mode of operation that set or real-time adjustment
Ask, for example described detection means 11 persistently detects whether the routing address treating routing packets is externally
Location;When described routing address is external address, described routing address is persistently mapped by described mapping device 12
Obtain corresponding presumptive address;Described inquiry unit 13 continues to be entered in route-caching according to described presumptive address
Row matching inquiry is to obtain corresponding routing iinformation;Described processing meanss 14 continue according to described routing iinformation
Routing packets are treated, until described detection means 11 stops the route ground that routing packets are treated in detection described in process
Whether location is external address.
Described detection means 11 detection treats whether the routing address of routing packets is external address.
Specifically, described routing address includes following at least any one:The described source address treating routing packets,
Wherein, described treat that routing packets are the packet from external reception;The described destination address treating routing packets,
Wherein, described treat routing packets be intend be forwarded to outside packet.That is, routing packets include:From outside
The packet receiving and plan are forwarded to outside packet.Here, will be referred to as into direction from external reception packet
(ingress), will intend being forwarded to external packet referred to as outgoing direction (egress).On entering direction, described road
It is source address by address, whether detection source address is external address;On outgoing direction, described routing address
For purpose address, whether testing goal address is external address.
In the particular embodiment, described routing address include described in treat the source address of routing packets, described
Treat that routing packets are the packet from external reception;Wherein, when described when routing packets are not required to be forwarded,
Described detection means 11 treats whether the routing address of routing packets is external address described in detecting.
For example, the routing subsystem in operating system nucleus can be the packet receiving according to its destination
Location is forwarded, and described packet includes source address and destination address.If destination address is local,
Then this packet be not required to be forwarded;If destination address is not local, this packets need is forwarded
To next stage equipment.
For example, on entering direction, first judge packet belonging to described routing address the need of being forwarded,
When being not required to be forwarded, it is further continued for detecting whether described routing address is external address.And in outgoing direction
On, because clearly knowing that its destination address is non-local, therefore without judging whether that needs are forwarded.
Specifically, described detection means 11 treats the routing address of routing packets according to corresponding subnet information detection
Whether it is external address.Here, entering on direction, whether detection source address is IP address in subnet;The side of going out
Upwards, whether testing goal address is IP address in subnet.
Preferably, described detection means 11 also detects whether described routing address is legal address;Wherein,
Described mapping device 12 is worked as described routing address and is external address and belongs to legal address, by described route ground
Location maps to obtain corresponding presumptive address.
Here, described mapping device 12 only maps to legal external address.By detecting described road
Whether it is illegal address by address, can be by martian packet (a packet that has an
Impossible source or destination IP, comprises the packet of impossible source address or destination address)
Filter out, such as source address is that the IP address of 0.0.0.0 is such illegal address.To illegal address
Filtered, thus attacking to DDoS (Distributed Denial of Service, distributed denial of service)
Hit and serve certain defense reaction.
When described routing address is external address, described routing address is mapped right by described mapping device 12
The presumptive address answered.Here, entering to the described external address of IP address in non-subnet, non-illegal address
Row mapping, obtains described presumptive address.
Specifically, described routing address is mapped right according to corresponding mask information by described mapping device 12
The presumptive address answered.
For example, it is assumed that mapping to external address 202.114.1.*, mask is set to 24,
202.114.1.* all addresses be mapped into this presumptive address of 202.114.1.0.If mask is set
For 16, all addresses of 202.114.*.* are mapped into this presumptive address of 202.114.0.0.
If in extreme circumstances mask is set to 0, then in theory, all external address all will be mapped
To this presumptive address of 0.0.0.0.In order to reduce the dependency to special address 0.0.0.0, for mask it is
Presumptive address can be modified as other easy addresses indicating (such as with special handling by 0 situation
1.1.1.1).
Those skilled in the art will be understood that above-mentioned mapping mode is only for example, and other are existing or modern
The mapping mode being likely to occur afterwards is such as applicable to the application, also should be included in the application protection domain with
Interior, and here is incorporated herein with way of reference.
Described inquiry unit 13 carries out matching inquiry to obtain according to described presumptive address in route-caching
Corresponding routing iinformation.
Here, described routing iinformation includes source address and destination address, described route-caching includes described
The described presumptive address that routing iinformation obtains with mapping.If existing described corresponding route letter in route-caching
Breath, then do not need routing table to be inquired about again.If for a brand-new external address, because on road
Do not preserve its corresponding routing iinformation by caching, so carrying out the knot of matching inquiry in route-caching
Fruit is cache miss, needs to carry out matching inquiry to routing table in the case of cache miss.Because looking into
Ask routing table and comprise various validity checkings and the distribution release of internal memory, speed is slower, therefore claims query routing
The mode of table is slow-path, and correspondingly, the mode of query routing caching is called fast path.
In the particular embodiment, for any one external address, it is all first query routing caching, that is,
Enter fast path, if cache hit, poll-final.If this external address is a brand-new address,
Do not have the corresponding routing iinformation of this external address in route-caching, then the Query Result of fast path
For cache miss, at this moment it is accomplished by by slow-path, routing table being inquired about.
Specifically, when described routing address mates miss in described route-caching, described inquiry dress
Put 13 and matching inquiry is carried out to obtain corresponding route letter in corresponding routing table according to described routing address
Breath.Here, for a brand-new external address, need to carry out in corresponding routing table matching inquiry with
Obtain corresponding routing iinformation.
Preferably, described equipment 1 can also include updating device (not shown), described updating device root
According to described presumptive address and route-caching described in described updating route information.
In the particular embodiment, for a brand-new external address, carry out in corresponding routing table
Obtain corresponding routing iinformation after joining inquiry, need according to described presumptive address and described routing iinformation more
Newly described route-caching, writes route-caching the result of table of query and routing.So in next through street
During footpath query routing caching because in route-caching existing this external address relative recording, quickly
The Query Result in path be cache hit it is not necessary to inquire about to routing table again, thus improve inquiry
Efficiency.
Described processing meanss 14 treat routing packets according to described RI-Pro.
Here, the described routing iinformation being obtained according to inquiry, turn to from the packet of external reception and plan
The packet being sent to outside is processed accordingly.
Fig. 4 illustrates a kind of equipment 1 for route processing according to one preferred embodiment of the application,
Wherein, described equipment 1 includes detection means 11 ', mapping device 12 ', inquiry unit 13 ', processes
Device 14 ' and mask determine device 15 '.
Here, detecting in described detection means 11 ', inquiry unit 13 ', processing meanss 14 ' and Fig. 3
Device 11, inquiry unit 13, processing meanss 14 content identical or essentially identical, for simplicity's sake,
Repeat no more.
Specifically, described mask determines that device 15 ' is true according to described route-caching corresponding caching relevant information
Fixed corresponding mask information.Wherein, when described routing address is external address, described mapping device 12 '
Described routing address is mapped to obtain by corresponding presumptive address according to described mask information.
Here, described caching relevant information includes following at least any one:The capacity letter of described route-caching
Breath;The present available capacity information of described route-caching;The caching record that described route-caching is supported is
Big quantity information;The quantity information of the existing caching record of described route-caching.
In the particular embodiment, the digit of mask can be adjusted according to the actually used situation of route-caching.
When available cache memory is more, then external address can be mapped to more presumptive address, mask digit is permissible
Take (such as mask is set to 24) more greatly;When available cache memory is less, then external address can be mapped to
Less presumptive address, mask digit takes less (for example mask is set to 0).
Compared with prior art, the application obtains external address by detection, and described external address is reflected
Penetrate to obtain corresponding presumptive address, in route-caching or routing table, then carry out matching inquiry to obtain road
By information, finally according to the process of described routing iinformation complete paired data bag.Because described herein
The controllable quantity of presumptive address, can be narrow predetermined by being mapped to a large amount of external address
Location is so that route-caching quantity is maintained at a relatively low level;Even if in the concurrent situation of big flow
Down it is also possible to make route-caching quantity reduce several orders of magnitude, and reduce with caching quantity,
The cache entry of heat, without re-establishing release, can improve cache hit speed to a certain extent,
Reduce the utilization rate of CPU, thus ensure that the performance of system while reducing route-caching quantity.
Further, the application can also carry out address of cache operation using mask information, thus subtracting further
Few route-caching quantity;Moreover, it is also possible to the caching relevant information with reference to route-caching to determine and used
Mask information, thus avoiding cache overflow further to guarantee systematic function.Additionally, the application also may be used
Whether to detect this routing address before address of cache as legal address, for example, exclude Martian address, from
And reduce route-caching quantity further, also there is certain defense reaction to ddos attack.
Obviously, those skilled in the art the application can be carried out various change and modification without deviating from
Spirit and scope.So, if these modifications of the application and modification belong to the application power
Within the scope of profit requirement and its equivalent technologies, then the application is also intended to comprise these changes and modification exists
Interior.
It should be noted that the application can be carried out in software and/or software with the assembly of hardware,
For example, can be using special IC (ASIC), general purpose computer or any other is similar hard
Part equipment is realizing.In one embodiment, the software program of the application can pass through computing device
To realize steps described above or function.Similarly, the software program of the application (includes related number
According to structure) can be stored in computer readable recording medium storing program for performing, for example, and RAM memory, magnetic
Or CD-ROM driver or floppy disc and similar devices.In addition, some steps of the application or function can adopt
Hardware, to realize, for example, coordinates thus executing the circuit of each step or function as with processor.
In addition, the part of the application can be applied to computer program, such as computer program
Instruction, when it is computer-executed, by the operation of this computer, can call or provide basis
The present processes and/or technical scheme.And call the programmed instruction of the present processes, may be deposited
Storage is in recording medium that fix or moveable, and/or passes through in broadcast or other signal bearing medias
Data flow and be transmitted, and/or be stored in the computer equipment according to described program instruction operation
In working storage.Here, a device is included according to an embodiment of the application, this device bag
Include the memorizer for storing computer program instructions and the processor for execute program instructions, its
In, when this computer program instructions is by this computing device, triggers this plant running and be based on aforementioned
Methods and/or techniques scheme according to multiple embodiments of the application.
It is obvious to a person skilled in the art that the application is not limited to the thin of above-mentioned one exemplary embodiment
Section, and in the case of without departing substantially from spirit herein or basic feature, can be with other concrete
Form realizes the application.Therefore, no matter from the point of view of which point, embodiment all should be regarded as exemplary
, and be nonrestrictive, scope of the present application is limited by claims rather than described above
Fixed, it is intended that all changes in the implication and scope of the equivalency of claim that fall are included
In the application.Any reference in claim should not be considered as the involved right of restriction will
Ask.Furthermore, it is to be understood that " inclusion " one word is not excluded for other units or step, odd number is not excluded for plural number.
In device claim, multiple units of statement or device can also be by a unit or device by soft
Part or hardware are realizing.The first, the second grade word is used for representing title, and is not offered as any spy
Fixed order.
Claims (20)
1. a kind of route processing method, wherein, the method includes:
Detection treats whether the routing address of routing packets is external address;
When described routing address is external address, described routing address is mapped to obtain corresponding presumptive address;
Matching inquiry is carried out to obtain corresponding routing iinformation in route-caching according to described presumptive address;
Treat routing packets according to described RI-Pro.
2. method according to claim 1, wherein, described when described routing address be external address,
By described routing address map corresponding presumptive address includes:
When described routing address is external address, according to corresponding mask information, described routing address is mapped
Obtain corresponding presumptive address.
3. method according to claim 2, wherein, the method also includes:
Corresponding mask information is determined according to described route-caching corresponding caching relevant information;
Wherein, described when described routing address be external address, described routing address is mapped corresponding
Presumptive address includes:
When described routing address is external address, according to described mask information, described routing address is mapped
Corresponding presumptive address.
4. method according to claim 3, wherein, described caching relevant information include following at least
Any one:
The capacity information of described route-caching;
The present available capacity information of described route-caching;
The maximum quantity information of the caching record that described route-caching is supported;
The quantity information of the existing caching record of described route-caching.
5. method according to any one of claim 1 to 4, wherein, described according to described predetermined
Address carries out matching inquiry in route-caching and is also included with obtaining corresponding routing iinformation:
When described routing address mates miss in described route-caching, existed according to described routing address
Carry out matching inquiry to obtain corresponding routing iinformation in corresponding routing table.
6. method according to claim 5, wherein, the method also includes:
According to described presumptive address and route-caching described in described updating route information.
7. method according to any one of claim 1 to 6, wherein, described detection treats route point
Whether the routing address of group is that external address includes:
Treat whether the routing address of routing packets is external address according to corresponding subnet information detection.
8. method according to claim 7, wherein, the routing address of routing packets is treated in described detection
Whether it is that external address also includes:
Detect whether described routing address is legal address;
Wherein, described when described routing address be external address, described routing address is mapped corresponding
Presumptive address includes:
When described routing address is external address and belongs to legal address, described routing address is mapped right
The presumptive address answered.
9. method according to any one of claim 1 to 8, wherein, described routing address includes
Below at least any one:
The described source address treating routing packets, wherein, described treats that routing packets are the packet from external reception;
The described destination address treating routing packets, wherein, described treat routing packets be intend be forwarded to outside
Packet.
10. method according to claim 9, wherein, described routing address include described in wait to route
The source address of packet, described treats that routing packets are the packet from external reception;
Wherein, described detection treats whether the routing address of routing packets is that external address includes:
When described when routing packets are not required to be forwarded, described in detection, treat that the routing address of routing packets is
No for external address.
A kind of 11. route processing equipment, wherein, this equipment includes:
Detection means, treats for detection whether the routing address of routing packets is external address;
Mapping device, for being external address when described routing address, described routing address is mapped right
The presumptive address answered;
Inquiry unit, right to obtain for matching inquiry is carried out in route-caching according to described presumptive address
The routing iinformation answered;
Processing meanss, for treating routing packets according to described RI-Pro.
12. equipment according to claim 11, wherein, described mapping device is used for:
When described routing address is external address, according to corresponding mask information, described routing address is mapped
Obtain corresponding presumptive address.
13. equipment according to claim 12, wherein, this equipment also includes:
Mask determines device, corresponding for being determined according to described route-caching corresponding caching relevant information
Mask information;
Wherein, described mapping device is used for:
When described routing address is external address, according to described mask information, described routing address is mapped
Corresponding presumptive address.
14. equipment according to claim 13, wherein, described caching relevant information include with down to
Few any one:
The capacity information of described route-caching;
The present available capacity information of described route-caching;
The maximum quantity information of the caching record that described route-caching is supported;
The quantity information of the existing caching record of described route-caching.
15. equipment according to any one of claim 11 to 14, wherein, described inquiry unit
It is additionally operable to:
When described routing address mates miss in described route-caching, existed according to described routing address
Carry out matching inquiry to obtain corresponding routing iinformation in corresponding routing table.
16. equipment according to claim 15, wherein, this equipment also includes:
Updating device, for according to described presumptive address and route-caching described in described updating route information.
17. equipment according to any one of claim 11 to 16, wherein, described detection means
For:
Treat whether the routing address of routing packets is external address according to corresponding subnet information detection.
18. equipment according to claim 17, wherein, described detection means is additionally operable to:
Detect whether described routing address is legal address;
Wherein, described mapping device is used for:
When described routing address is external address and belongs to legal address, described routing address is mapped right
The presumptive address answered.
19. equipment according to any one of claim 11 to 18, wherein, described routing address
Including following at least any one:
The described source address treating routing packets, wherein, described treats that routing packets are the packet from external reception;
The described destination address treating routing packets, wherein, described treat routing packets be intend be forwarded to outside
Packet.
20. equipment according to claim 19, wherein, described routing address include described in wait to route
The source address of packet, described treats that routing packets are the packet from external reception;
Wherein, described detection means is used for:
When described when routing packets are not required to be forwarded, described in detection, treat that the routing address of routing packets is
No for external address.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510469382.7A CN106411744B (en) | 2015-08-03 | 2015-08-03 | A kind of method and apparatus for route processing |
PCT/CN2016/090819 WO2017020718A1 (en) | 2015-08-03 | 2016-07-21 | Method and device for routing processing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510469382.7A CN106411744B (en) | 2015-08-03 | 2015-08-03 | A kind of method and apparatus for route processing |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106411744A true CN106411744A (en) | 2017-02-15 |
CN106411744B CN106411744B (en) | 2019-10-18 |
Family
ID=57942379
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510469382.7A Active CN106411744B (en) | 2015-08-03 | 2015-08-03 | A kind of method and apparatus for route processing |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN106411744B (en) |
WO (1) | WO2017020718A1 (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102045234A (en) * | 2009-10-09 | 2011-05-04 | 中国移动通信集团公司 | Buffering and overtime processing methods of route address mapping information as well as tunnel router |
CN102447747A (en) * | 2010-10-09 | 2012-05-09 | 中国移动通信集团公司 | Method, device and system for interacting with private network |
CN103686696A (en) * | 2012-09-19 | 2014-03-26 | 华为技术有限公司 | Method for sending data, gateway and sensor node |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101394333B (en) * | 2007-09-17 | 2016-01-20 | 华为技术有限公司 | The method E-Packeted, device and network system |
US9008096B2 (en) * | 2012-11-13 | 2015-04-14 | Microsoft Technology Licensing, Llc | Data packet routing |
-
2015
- 2015-08-03 CN CN201510469382.7A patent/CN106411744B/en active Active
-
2016
- 2016-07-21 WO PCT/CN2016/090819 patent/WO2017020718A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102045234A (en) * | 2009-10-09 | 2011-05-04 | 中国移动通信集团公司 | Buffering and overtime processing methods of route address mapping information as well as tunnel router |
CN102447747A (en) * | 2010-10-09 | 2012-05-09 | 中国移动通信集团公司 | Method, device and system for interacting with private network |
CN103686696A (en) * | 2012-09-19 | 2014-03-26 | 华为技术有限公司 | Method for sending data, gateway and sensor node |
Also Published As
Publication number | Publication date |
---|---|
CN106411744B (en) | 2019-10-18 |
WO2017020718A1 (en) | 2017-02-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104504003B (en) | The searching method and device of diagram data | |
CN103152357B (en) | A kind of defence method for DNS service, device and system | |
TWI606340B (en) | Method, computer readable storage medium and system for data caching | |
US20160269442A1 (en) | Methods and systems for improving analytics in distributed networks | |
CN106789831A (en) | The method and apparatus for recognizing network attack | |
KR101733000B1 (en) | Method and Apparatus for Collecting Cyber Incident Information | |
CN106302595A (en) | A kind of method and apparatus that server is carried out physical examination | |
US11797678B2 (en) | Memory scanning methods and apparatus | |
US20180139224A1 (en) | Collecting domain name system traffic | |
EP3295348A1 (en) | Method and device for defending against network attacks | |
CN107169346B (en) | The side-channel attack defence method and its device removed are remapped and cached based on dynamic memory | |
CN103049392B (en) | The implementation method of CACHE DIRECTORY and device | |
CN106685899A (en) | Method and device for identifying malicious access | |
CN112532598B (en) | Filtering method for real-time intrusion detection system | |
CN108303098A (en) | Robot path planning method and equipment | |
CN109379347A (en) | A kind of safety protecting method and equipment | |
CN114499939A (en) | Optimal path selection method and system based on knowledge graph, storable medium and electronic equipment | |
US20150269279A1 (en) | Loop detection in cuckoo hashtables | |
CN107798106A (en) | A kind of URL De-weight methods in distributed reptile system | |
JP2014186397A (en) | Cache memory device, information processor and cache memory control method | |
JP2011193343A (en) | Communications network monitoring system | |
CN106599247B (en) | Method and device for merging data files in LSM-tree structure | |
JP2019146137A (en) | Method for verifying transaction in blockchain network, and node for constituting the network | |
CN108334549A (en) | A kind of device data storage method, extracting method, storage platform and extraction platform | |
CN106302347A (en) | A kind of network attack treating method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |