CN106411744A - Method used for route processing and equipment thereof - Google Patents

Method used for route processing and equipment thereof Download PDF

Info

Publication number
CN106411744A
CN106411744A CN201510469382.7A CN201510469382A CN106411744A CN 106411744 A CN106411744 A CN 106411744A CN 201510469382 A CN201510469382 A CN 201510469382A CN 106411744 A CN106411744 A CN 106411744A
Authority
CN
China
Prior art keywords
address
routing
caching
route
external
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510469382.7A
Other languages
Chinese (zh)
Other versions
CN106411744B (en
Inventor
宋卓
李易
李�雨
刘泓昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201510469382.7A priority Critical patent/CN106411744B/en
Priority to PCT/CN2016/090819 priority patent/WO2017020718A1/en
Publication of CN106411744A publication Critical patent/CN106411744A/en
Application granted granted Critical
Publication of CN106411744B publication Critical patent/CN106411744B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/742Route cache; Operation thereof

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention aims at providing a method used for route processing and equipment thereof. Through detection, an external address is acquired, and the external address is mapped to a corresponding predetermined address. And then, matching query is performed in buffer memory or a route table so as to acquire route information. And finally, according to the route information, data packet processing is completed. Because the number of the predetermined addresses is controllable, a route caching number can be maintained to be at a lower level through mapping the plurality of external addresses to the predetermined addresses of a limited scope. Along with decrease of the caching number, a hot caching entry does not need to establish release again so that a caching hit rate can be increased to some extent and a utilization rate of CPU is reduced. Therefore, the route caching number is reduced and simultaneously system performance is guaranteed.

Description

A kind of method and apparatus for route processing
Technical field
The application is related to computer realm, more particularly, to a kind of technology for route processing.
Background technology
Routing subsystem in operating system nucleus faces in the case that flow increasingly increases, due to big The route-caching capacity measured outside ip address and lead to rises suddenly and sharply, so that systematic function declines, stability It is affected.Two kinds of solutions are had, the first is that the path to table of query and routing is entered in prior art Row optimizes, for example with dictionary tree (trie tree) etc., to improve search efficiency;Second is must Route-caching function is turned off in the case of wanting.However, the first scheme is related to the adjustment on framework, can Can need to carry out major change to kernel version, this is to a large amount of basic businesses based on original kernel version Potential impact be huge;Even if second scheme solves stability problem to a certain extent, But also bring huge performance cost, the cpu busy percentage for example substantially rising.
Content of the invention
This application provides a kind of method and apparatus for route processing, held with effectively solving route-caching Amount rise suddenly and sharply so that systematic function decline problem.
A kind of one side according to the application, there is provided route processing method, wherein, the method bag Include:
Detection treats whether the routing address of routing packets is external address;
When described routing address is external address, described routing address is mapped to obtain corresponding presumptive address;
Matching inquiry is carried out to obtain corresponding routing iinformation in route-caching according to described presumptive address;
Treat routing packets according to described RI-Pro.
Further, described when described routing address be external address, described routing address is mapped right The presumptive address answered includes:When described routing address is external address, according to corresponding mask information by institute State routing address and map to obtain corresponding presumptive address.
Further, the method also includes:Determined according to described route-caching corresponding caching relevant information Corresponding mask information;Wherein, described when described routing address be external address, by described routing address Map corresponding presumptive address includes:When described routing address is external address, believed according to described mask Described routing address is mapped to obtain corresponding presumptive address by breath.
Further, described caching relevant information includes following at least any one:The appearance of described route-caching Amount information;The present available capacity information of described route-caching;The caching record that described route-caching is supported Maximum quantity information;The quantity information of the existing caching record of described route-caching.
It is further, described that carry out matching inquiry in route-caching according to described presumptive address right to obtain The routing iinformation answered also includes:When described routing address mates miss in described route-caching, root Carry out matching inquiry according to described routing address to obtain corresponding routing iinformation in corresponding routing table.
Further, the method also includes:According to described presumptive address and described updating route information Route-caching.
Further, described detection treats whether the routing address of routing packets is that external address includes:According to Corresponding subnet information detection treats whether the routing address of routing packets is external address.
Further, described detection treats whether the routing address of routing packets is that external address also includes:Inspection Survey whether described routing address is legal address;Wherein, described when described routing address be external address, By described routing address map corresponding presumptive address includes:When described routing address be external address and Belong to legal address, described routing address is mapped to obtain corresponding presumptive address.
Further, described routing address includes following at least any one:The described source ground treating routing packets Location, wherein, described treats that routing packets are the packet from external reception;The described destination treating routing packets Location, wherein, described treat routing packets be intend be forwarded to outside packet.
Further, described routing address include described in treat the source address of routing packets, described treat route point Group is the packet from external reception;Wherein, described detection treats whether the routing address of routing packets is outside Address includes:When described when routing packets are not required to be forwarded, described in detection, treat the route of routing packets Whether address is external address.
According to further aspect of the application, there is provided a kind of route processing equipment, wherein, this equipment Including:
Detection means, treats for detection whether the routing address of routing packets is external address;
Mapping device, for being external address when described routing address, described routing address is mapped right The presumptive address answered;
Inquiry unit, right to obtain for matching inquiry is carried out in route-caching according to described presumptive address The routing iinformation answered;
Processing meanss, for treating routing packets according to described RI-Pro.
Further, described mapping device is used for:When described routing address is external address, according to correspondence Mask information described routing address is mapped to obtain corresponding presumptive address.
Further, this equipment also includes:Mask determines device, for being corresponded to according to described route-caching Caching relevant information determine corresponding mask information;Wherein, described mapping device is used for:When described road It is external address by address, according to described mask information, described routing address is mapped corresponding predetermined Location.
Further, described caching relevant information includes following at least any one:The appearance of described route-caching Amount information;The present available capacity information of described route-caching;The caching record that described route-caching is supported Maximum quantity information;The quantity information of the existing caching record of described route-caching.
Further, described inquiry unit is additionally operable to:When described routing address is in described route-caching When joining miss, matching inquiry is carried out in corresponding routing table according to described routing address corresponding to obtain Routing iinformation.
Further, this equipment also includes:Updating device, for according to described presumptive address and described road Route-caching described in information updating.
Further, described detection means is used for:Treat the road of routing packets according to corresponding subnet information detection Whether it is external address by address.
Further, described detection means is additionally operable to:Detect whether described routing address is legal address; Wherein, described mapping device is used for:When described routing address is external address and belongs to legal address, will Described routing address maps to obtain corresponding presumptive address.
Further, described routing address includes following at least any one:The described source ground treating routing packets Location, wherein, described treats that routing packets are the packet from external reception;The described destination treating routing packets Location, wherein, described treat routing packets be intend be forwarded to outside packet.
Further, described routing address include described in treat the source address of routing packets, described treat route point Group is the packet from external reception;Wherein, described detection means is used for:Treat that routing packets are not required to when described When to be forwarded, described in detection, treat whether the routing address of routing packets is external address.
Compared with prior art, the application obtains external address by detection, and described external address is reflected Penetrate to obtain corresponding presumptive address, in route-caching or routing table, then carry out matching inquiry to obtain road By information, finally according to the process of described routing iinformation complete paired data bag.Because described herein The controllable quantity of presumptive address, can be narrow predetermined by being mapped to a large amount of external address Location is so that route-caching quantity is maintained at a relatively low level;Even if in the concurrent situation of big flow Down it is also possible to make route-caching quantity reduce several orders of magnitude, and reduce with caching quantity, The cache entry of heat, without re-establishing release, can improve cache hit speed to a certain extent, Reduce the utilization rate of CPU, thus ensure that the performance of system while reducing route-caching quantity. Further, the application can also carry out address of cache operation using mask information, thus subtracting further Few route-caching quantity;Moreover, it is also possible to the caching relevant information with reference to route-caching to determine and used Mask information, thus avoiding cache overflow further to guarantee systematic function.Additionally, the application also may be used Whether to detect this routing address before address of cache as legal address, for example, exclude Martian address, from And reduce route-caching quantity further, also there is certain defense reaction to ddos attack.
Brief description
By reading the detailed description that non-limiting example is made made with reference to the following drawings, this Shen Other features, objects and advantages please will become more apparent upon:
Fig. 1 illustrates a kind of method flow diagram for route processing according to the application one side;
Fig. 2 illustrates a kind of method flow for route processing according to one preferred embodiment of the application Figure;
Fig. 3 illustrates a kind of equipment schematic diagram for route processing according to the application other side;
Fig. 4 illustrates to be illustrated according to a kind of equipment for route processing of one preferred embodiment of the application Figure;
In accompanying drawing, same or analogous reference represents same or analogous part.
Specific embodiment
Below in conjunction with the accompanying drawings the application is described in further detail.
In one typical configuration of the application, terminal, the equipment of service network and trusted party all include One or more processors (CPU), input/output interface, network interface and internal memory.
Internal memory potentially includes the volatile memory in computer-readable medium, random access memory (RAM) and/or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash RAM).Internal memory is the example of computer-readable medium.
It is permissible that computer-readable medium includes permanent and non-permanent, removable and non-removable media Information Store is realized by any method or technique.Information can be computer-readable instruction, data knot Structure, the module of program or other data.The example of the storage medium of computer includes, but are not limited to phase Become internal memory (PRAM), static RAM (SRAM), dynamic random access memory (DRAM), other kinds of random access memory (RAM), read only memory (ROM), electricity Erasable Programmable Read Only Memory EPROM (EEPROM), fast flash memory bank or other memory techniques, read-only Compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, Magnetic cassette tape, magnetic disk storage or other magnetic storage apparatus or any other non-transmission medium, Can be used for storing the information that can be accessed by a computing device.Define according to herein, computer-readable Medium does not include non-temporary computer readable media (transitory media), such as the data signal of modulation and Carrier wave.
In this application, first, whether the source address of packet that detection obtains or destination address are outer Portion address.Wherein, for the packet from external reception, detect its source address;Plan is forwarded to Outside packet detects its destination address.Next, by mapping and must have substantial amounts of external address The presumptive address of limit scope, thus reach the purpose reducing route-caching quantity.Finally, according to from road By the process inquiring about the routing iinformation obtaining complete paired data bag in caching or routing table.
Route processing equipment in the application can include but is not limited to:Route in operating system nucleus Standalone module in module in subsystem, operating system nucleus, the application of routing function can be realized Program, router or switch etc. can realize the equipment of routing function.
Those skilled in the art will be understood that above-mentioned route processing equipment is only for example, and other are existing Or the route processing equipment that is likely to occur such as is applicable to the application from now on, also should be included in the application and protect Within shield scope, and here is incorporated herein with way of reference.
Fig. 1 illustrates a kind of method flow diagram for route processing according to the application one side.
The method comprising the steps of S11, step S12, step S13 and step S14.Specifically, exist In step S11, equipment 1 detection treats whether the routing address of routing packets is external address;In step In S12, when described routing address is external address, described routing address is mapped corresponding by equipment 1 Presumptive address;In step s 13, equipment 1 is mated in route-caching according to described presumptive address Inquiry is to obtain corresponding routing iinformation;In step S14, equipment 1 is according to described RI-Pro Described treat routing packets.
Here, described equipment 1 include but is not limited to user equipment, the network equipment or user equipment with The network equipment passes through the mutually integrated equipment being constituted of network.Described user equipment its including but not limited to appoint A kind of what mobile electronic product that can carry out man-machine interaction with user by touch pad, for example intelligent handss Machine, PDA etc., described mobile electronic product can adopt any operating system, such as android operation System, iOS operating system etc..Wherein, the described network equipment include one kind can be according to being previously set Or storage instruction, automatically carry out the electronic equipment of numerical computations and information processing, its hardware include but Be not limited to microprocessor, special IC (ASIC), programmable gate array (FPGA), numeral at Reason device (DSP), embedded device etc..The described network equipment its including but not limited to computer, network The cloud that main frame, single network server, multiple webserver collection or multiple server are constituted;Here, Cloud is made up of a large amount of computers based on cloud computing (Cloud Computing) or the webserver, its In, cloud computing is one kind of Distributed Calculation, being made up of a group loosely-coupled computer collection Virtual supercomputer.Described network includes but is not limited to the Internet, wide area network, Metropolitan Area Network (MAN), local Net, VPN, wireless self-organization network (Ad Hoc network) etc..Preferably, equipment 1 is gone back Described user equipment, the network equipment or user equipment can be operate in and the network equipment, network set Standby, touch terminal or the network equipment pass through the foot on the mutually integrated equipment being constituted of network with touch terminal This program.Certainly, those skilled in the art will be understood that the said equipment 1 is only for example, and other are existing Or the equipment 1 that will be likely to occur from now on be such as applicable to the application, also should be included in the application protection model Within enclosing, and here is incorporated herein with way of reference.
It is constant work between each step of equipment 1.Specifically, in step s 11, Equipment 1 persistently detects whether the routing address treating routing packets is external address;In step s 12, When described routing address is external address, described routing address is persistently mapped corresponding predetermined by equipment 1 Address;In step s 13, equipment 1 continues to be mated in route-caching according to described presumptive address Inquiry is to obtain corresponding routing iinformation;In step S14, equipment 1 continues according to described routing iinformation Routing packets are treated, until equipment 1 stops the route that routing packets are treated in detection in step S11 described in process Whether address is external address.
In step s 11, equipment 1 detection treats whether the routing address of routing packets is external address.
Specifically, described routing address includes following at least any one:The described source address treating routing packets, Wherein, described treat that routing packets are the packet from external reception;The described destination address treating routing packets, Wherein, described treat routing packets be intend be forwarded to outside packet.That is, routing packets include:From outside The packet receiving and plan are forwarded to outside packet.Here, will be referred to as into direction from external reception packet (ingress), will intend being forwarded to external packet referred to as outgoing direction (egress).On entering direction, described road It is source address by address, whether detection source address is external address;On outgoing direction, described routing address For purpose address, whether testing goal address is external address.
In the particular embodiment, described routing address include described in treat the source address of routing packets, described Treat that routing packets are the packet from external reception;Wherein, in step s 11, routing packets are treated when described When being not required to be forwarded, equipment 1 detect described in treat whether the routing address of routing packets is external address.
For example, the routing subsystem in operating system nucleus can be the packet receiving according to its destination Location is forwarded, and described packet includes source address and destination address.If destination address is local, Then this packet be not required to be forwarded;If destination address is not local, this packets need is forwarded To next stage equipment.
For example, on entering direction, first judge packet belonging to described routing address the need of being forwarded, When being not required to be forwarded, it is further continued for detecting whether described routing address is external address.And in outgoing direction On, because clearly knowing that its destination address is non-local, therefore without judging whether that needs are forwarded.
Specifically, in step s 11, equipment 1 treats the road of routing packets according to corresponding subnet information detection Whether it is external address by address.Here, entering on direction, whether detection source address is IP address in subnet; On outgoing direction, whether testing goal address is IP address in subnet.
Preferably, in step s 11, equipment 1 also detects whether described routing address is legal address; Wherein, in step s 12, when described routing address is external address and belongs to legal address, equipment 1 Described routing address is mapped to obtain corresponding presumptive address.
Here, described equipment 1 only maps to legal external address.By detecting described route ground Whether location is illegal address, can be by martian packet (a packet that has an impossible Source or destination IP, the packet comprising impossible source address or destination address) filter out, Such as source address is that the IP address of 0.0.0.0 is such illegal address.Illegal address is filtered, Thus DDoS (Distributed Denial of Service, distributed denial of service) is attacked serving one Fixed defense reaction.
In step s 12, when described routing address is external address, described routing address is reflected by equipment 1 Penetrate to obtain corresponding presumptive address.Here, the described outside to IP address, non-illegal address in non-subnet Address is mapped, and obtains described presumptive address.
Specifically, in step s 12, described routing address is reflected by equipment 1 according to corresponding mask information Penetrate to obtain corresponding presumptive address.
For example, it is assumed that mapping to external address 202.114.1.*, mask is set to 24, 202.114.1.* all addresses be mapped into this presumptive address of 202.114.1.0.If mask is set For 16, all addresses of 202.114.*.* are mapped into this presumptive address of 202.114.0.0. If in extreme circumstances mask is set to 0, then in theory, all external address all will be mapped To this presumptive address of 0.0.0.0.In order to reduce the dependency to special address 0.0.0.0, for mask it is Presumptive address can be modified as other easy addresses indicating (such as with special handling by 0 situation 1.1.1.1).
Those skilled in the art will be understood that above-mentioned mapping mode is only for example, and other are existing or modern The mapping mode being likely to occur afterwards is such as applicable to the application, also should be included in the application protection domain with Interior, and here is incorporated herein with way of reference.
In step s 13, equipment 1 according to described presumptive address carry out in route-caching matching inquiry with Obtain corresponding routing iinformation.
Here, described routing iinformation includes source address and destination address, described route-caching includes described The described presumptive address that routing iinformation obtains with mapping.If existing described corresponding route letter in route-caching Breath, then do not need routing table to be inquired about again.If for a brand-new external address, because on road Do not preserve its corresponding routing iinformation by caching, so carrying out the knot of matching inquiry in route-caching Fruit is cache miss, needs to carry out matching inquiry to routing table in the case of cache miss.Because looking into Ask routing table and comprise various validity checkings and the distribution release of internal memory, speed is slower, therefore claims query routing The mode of table is slow-path, and correspondingly, the mode of query routing caching is called fast path.
In the particular embodiment, for any one external address, it is all first query routing caching, that is, Enter fast path, if cache hit, poll-final.If this external address is a brand-new address, Do not have the corresponding routing iinformation of this external address in route-caching, then the Query Result of fast path For cache miss, at this moment it is accomplished by by slow-path, routing table being inquired about.
Specifically, in step s 13, when described routing address mate in described route-caching miss When, equipment 1 carries out matching inquiry to obtain corresponding road according to described routing address in corresponding routing table By information.Here, for a brand-new external address, needs carry out coupling in corresponding routing table and look into Ask to obtain corresponding routing iinformation.
Preferably, methods described can also include:Equipment 1 is believed according to described presumptive address and described route Breath updates described route-caching.
In the particular embodiment, for a brand-new external address, carry out in corresponding routing table Obtain corresponding routing iinformation after joining inquiry, need according to described presumptive address and described routing iinformation more Newly described route-caching, writes route-caching the result of table of query and routing.So in next through street During footpath query routing caching because in route-caching existing this external address relative recording, quickly The Query Result in path be cache hit it is not necessary to inquire about to routing table again, thus improve inquiry Efficiency.
In step S14, equipment 1 treats routing packets according to described RI-Pro.
Here, the described routing iinformation being obtained according to inquiry, turn to from the packet of external reception and plan The packet being sent to outside is processed accordingly.
Fig. 2 illustrates a kind of method flow for route processing according to one preferred embodiment of the application Figure.
The method comprising the steps of S21, step S25, step S22, step S23 and step S24.? This, step S11, step S13, step in step S21, step S23, step S24 and Fig. 1 The content of S14 is identical or essentially identical, for simplicity's sake, repeats no more.
Specifically, in step s 25, equipment 1 is according to described route-caching corresponding caching relevant information Determine corresponding mask information.Wherein, in step S22, when described routing address is external address, Described routing address is mapped to obtain corresponding presumptive address according to described mask information by equipment 1.
Here, described caching relevant information includes following at least any one:The capacity letter of described route-caching Breath;The present available capacity information of described route-caching;The caching record that described route-caching is supported is Big quantity information;The quantity information of the existing caching record of described route-caching.
In the particular embodiment, the digit of mask can be adjusted according to the actually used situation of route-caching. When available cache memory is more, then external address can be mapped to more presumptive address, mask digit is permissible Take (such as mask is set to 24) more greatly;When available cache memory is less, then external address can be mapped to Less presumptive address, mask digit takes less (for example mask is set to 0).
Fig. 3 illustrates a kind of equipment 1 for route processing according to the application other side, wherein, Equipment 1 includes detection means 11, mapping device 12, inquiry unit 13 and processing meanss 14.
Specifically, described detection means 11 detection treats whether the routing address of routing packets is externally Location;When described routing address is external address, described routing address is mapped right by described mapping device 12 The presumptive address answered;Described inquiry unit 13 carries out coupling in route-caching according to described presumptive address and looks into Ask to obtain corresponding routing iinformation;Described processing meanss 14 treat road according to described RI-Pro By being grouped.
Here, described equipment 1 include but is not limited to user equipment, the network equipment or user equipment with The network equipment passes through the mutually integrated equipment being constituted of network.Described user equipment its including but not limited to appoint A kind of what mobile electronic product that can carry out man-machine interaction with user by touch pad, for example intelligent handss Machine, PDA etc., described mobile electronic product can adopt any operating system, such as android operation System, iOS operating system etc..Wherein, the described network equipment include one kind can be according to being previously set Or storage instruction, automatically carry out the electronic equipment of numerical computations and information processing, its hardware include but Be not limited to microprocessor, special IC (ASIC), programmable gate array (FPGA), numeral at Reason device (DSP), embedded device etc..The described network equipment its including but not limited to computer, network The cloud that main frame, single network server, multiple webserver collection or multiple server are constituted;Here, Cloud is made up of a large amount of computers based on cloud computing (Cloud Computing) or the webserver, its In, cloud computing is one kind of Distributed Calculation, being made up of a group loosely-coupled computer collection Virtual supercomputer.Described network includes but is not limited to the Internet, wide area network, Metropolitan Area Network (MAN), local Net, VPN, wireless self-organization network (Ad Hoc network) etc..Preferably, equipment 1 is gone back Described user equipment, the network equipment or user equipment can be operate in and the network equipment, network set Standby, touch terminal or the network equipment pass through the foot on the mutually integrated equipment being constituted of network with touch terminal This program.Certainly, those skilled in the art will be understood that the said equipment 1 is only for example, and other are existing Or the equipment 1 that will be likely to occur from now on be such as applicable to the application, also should be included in the application protection model Within enclosing, and here is incorporated herein with way of reference.
It is constant work between above-mentioned each device, here, it will be understood by those skilled in the art that " holding Continuous " refer to that above-mentioned each device is wanted respectively in real time or according to mode of operation that set or real-time adjustment Ask, for example described detection means 11 persistently detects whether the routing address treating routing packets is externally Location;When described routing address is external address, described routing address is persistently mapped by described mapping device 12 Obtain corresponding presumptive address;Described inquiry unit 13 continues to be entered in route-caching according to described presumptive address Row matching inquiry is to obtain corresponding routing iinformation;Described processing meanss 14 continue according to described routing iinformation Routing packets are treated, until described detection means 11 stops the route ground that routing packets are treated in detection described in process Whether location is external address.
Described detection means 11 detection treats whether the routing address of routing packets is external address.
Specifically, described routing address includes following at least any one:The described source address treating routing packets, Wherein, described treat that routing packets are the packet from external reception;The described destination address treating routing packets, Wherein, described treat routing packets be intend be forwarded to outside packet.That is, routing packets include:From outside The packet receiving and plan are forwarded to outside packet.Here, will be referred to as into direction from external reception packet (ingress), will intend being forwarded to external packet referred to as outgoing direction (egress).On entering direction, described road It is source address by address, whether detection source address is external address;On outgoing direction, described routing address For purpose address, whether testing goal address is external address.
In the particular embodiment, described routing address include described in treat the source address of routing packets, described Treat that routing packets are the packet from external reception;Wherein, when described when routing packets are not required to be forwarded, Described detection means 11 treats whether the routing address of routing packets is external address described in detecting.
For example, the routing subsystem in operating system nucleus can be the packet receiving according to its destination Location is forwarded, and described packet includes source address and destination address.If destination address is local, Then this packet be not required to be forwarded;If destination address is not local, this packets need is forwarded To next stage equipment.
For example, on entering direction, first judge packet belonging to described routing address the need of being forwarded, When being not required to be forwarded, it is further continued for detecting whether described routing address is external address.And in outgoing direction On, because clearly knowing that its destination address is non-local, therefore without judging whether that needs are forwarded.
Specifically, described detection means 11 treats the routing address of routing packets according to corresponding subnet information detection Whether it is external address.Here, entering on direction, whether detection source address is IP address in subnet;The side of going out Upwards, whether testing goal address is IP address in subnet.
Preferably, described detection means 11 also detects whether described routing address is legal address;Wherein, Described mapping device 12 is worked as described routing address and is external address and belongs to legal address, by described route ground Location maps to obtain corresponding presumptive address.
Here, described mapping device 12 only maps to legal external address.By detecting described road Whether it is illegal address by address, can be by martian packet (a packet that has an Impossible source or destination IP, comprises the packet of impossible source address or destination address) Filter out, such as source address is that the IP address of 0.0.0.0 is such illegal address.To illegal address Filtered, thus attacking to DDoS (Distributed Denial of Service, distributed denial of service) Hit and serve certain defense reaction.
When described routing address is external address, described routing address is mapped right by described mapping device 12 The presumptive address answered.Here, entering to the described external address of IP address in non-subnet, non-illegal address Row mapping, obtains described presumptive address.
Specifically, described routing address is mapped right according to corresponding mask information by described mapping device 12 The presumptive address answered.
For example, it is assumed that mapping to external address 202.114.1.*, mask is set to 24, 202.114.1.* all addresses be mapped into this presumptive address of 202.114.1.0.If mask is set For 16, all addresses of 202.114.*.* are mapped into this presumptive address of 202.114.0.0. If in extreme circumstances mask is set to 0, then in theory, all external address all will be mapped To this presumptive address of 0.0.0.0.In order to reduce the dependency to special address 0.0.0.0, for mask it is Presumptive address can be modified as other easy addresses indicating (such as with special handling by 0 situation 1.1.1.1).
Those skilled in the art will be understood that above-mentioned mapping mode is only for example, and other are existing or modern The mapping mode being likely to occur afterwards is such as applicable to the application, also should be included in the application protection domain with Interior, and here is incorporated herein with way of reference.
Described inquiry unit 13 carries out matching inquiry to obtain according to described presumptive address in route-caching Corresponding routing iinformation.
Here, described routing iinformation includes source address and destination address, described route-caching includes described The described presumptive address that routing iinformation obtains with mapping.If existing described corresponding route letter in route-caching Breath, then do not need routing table to be inquired about again.If for a brand-new external address, because on road Do not preserve its corresponding routing iinformation by caching, so carrying out the knot of matching inquiry in route-caching Fruit is cache miss, needs to carry out matching inquiry to routing table in the case of cache miss.Because looking into Ask routing table and comprise various validity checkings and the distribution release of internal memory, speed is slower, therefore claims query routing The mode of table is slow-path, and correspondingly, the mode of query routing caching is called fast path.
In the particular embodiment, for any one external address, it is all first query routing caching, that is, Enter fast path, if cache hit, poll-final.If this external address is a brand-new address, Do not have the corresponding routing iinformation of this external address in route-caching, then the Query Result of fast path For cache miss, at this moment it is accomplished by by slow-path, routing table being inquired about.
Specifically, when described routing address mates miss in described route-caching, described inquiry dress Put 13 and matching inquiry is carried out to obtain corresponding route letter in corresponding routing table according to described routing address Breath.Here, for a brand-new external address, need to carry out in corresponding routing table matching inquiry with Obtain corresponding routing iinformation.
Preferably, described equipment 1 can also include updating device (not shown), described updating device root According to described presumptive address and route-caching described in described updating route information.
In the particular embodiment, for a brand-new external address, carry out in corresponding routing table Obtain corresponding routing iinformation after joining inquiry, need according to described presumptive address and described routing iinformation more Newly described route-caching, writes route-caching the result of table of query and routing.So in next through street During footpath query routing caching because in route-caching existing this external address relative recording, quickly The Query Result in path be cache hit it is not necessary to inquire about to routing table again, thus improve inquiry Efficiency.
Described processing meanss 14 treat routing packets according to described RI-Pro.
Here, the described routing iinformation being obtained according to inquiry, turn to from the packet of external reception and plan The packet being sent to outside is processed accordingly.
Fig. 4 illustrates a kind of equipment 1 for route processing according to one preferred embodiment of the application, Wherein, described equipment 1 includes detection means 11 ', mapping device 12 ', inquiry unit 13 ', processes Device 14 ' and mask determine device 15 '.
Here, detecting in described detection means 11 ', inquiry unit 13 ', processing meanss 14 ' and Fig. 3 Device 11, inquiry unit 13, processing meanss 14 content identical or essentially identical, for simplicity's sake, Repeat no more.
Specifically, described mask determines that device 15 ' is true according to described route-caching corresponding caching relevant information Fixed corresponding mask information.Wherein, when described routing address is external address, described mapping device 12 ' Described routing address is mapped to obtain by corresponding presumptive address according to described mask information.
Here, described caching relevant information includes following at least any one:The capacity letter of described route-caching Breath;The present available capacity information of described route-caching;The caching record that described route-caching is supported is Big quantity information;The quantity information of the existing caching record of described route-caching.
In the particular embodiment, the digit of mask can be adjusted according to the actually used situation of route-caching. When available cache memory is more, then external address can be mapped to more presumptive address, mask digit is permissible Take (such as mask is set to 24) more greatly;When available cache memory is less, then external address can be mapped to Less presumptive address, mask digit takes less (for example mask is set to 0).
Compared with prior art, the application obtains external address by detection, and described external address is reflected Penetrate to obtain corresponding presumptive address, in route-caching or routing table, then carry out matching inquiry to obtain road By information, finally according to the process of described routing iinformation complete paired data bag.Because described herein The controllable quantity of presumptive address, can be narrow predetermined by being mapped to a large amount of external address Location is so that route-caching quantity is maintained at a relatively low level;Even if in the concurrent situation of big flow Down it is also possible to make route-caching quantity reduce several orders of magnitude, and reduce with caching quantity, The cache entry of heat, without re-establishing release, can improve cache hit speed to a certain extent, Reduce the utilization rate of CPU, thus ensure that the performance of system while reducing route-caching quantity. Further, the application can also carry out address of cache operation using mask information, thus subtracting further Few route-caching quantity;Moreover, it is also possible to the caching relevant information with reference to route-caching to determine and used Mask information, thus avoiding cache overflow further to guarantee systematic function.Additionally, the application also may be used Whether to detect this routing address before address of cache as legal address, for example, exclude Martian address, from And reduce route-caching quantity further, also there is certain defense reaction to ddos attack.
Obviously, those skilled in the art the application can be carried out various change and modification without deviating from Spirit and scope.So, if these modifications of the application and modification belong to the application power Within the scope of profit requirement and its equivalent technologies, then the application is also intended to comprise these changes and modification exists Interior.
It should be noted that the application can be carried out in software and/or software with the assembly of hardware, For example, can be using special IC (ASIC), general purpose computer or any other is similar hard Part equipment is realizing.In one embodiment, the software program of the application can pass through computing device To realize steps described above or function.Similarly, the software program of the application (includes related number According to structure) can be stored in computer readable recording medium storing program for performing, for example, and RAM memory, magnetic Or CD-ROM driver or floppy disc and similar devices.In addition, some steps of the application or function can adopt Hardware, to realize, for example, coordinates thus executing the circuit of each step or function as with processor.
In addition, the part of the application can be applied to computer program, such as computer program Instruction, when it is computer-executed, by the operation of this computer, can call or provide basis The present processes and/or technical scheme.And call the programmed instruction of the present processes, may be deposited Storage is in recording medium that fix or moveable, and/or passes through in broadcast or other signal bearing medias Data flow and be transmitted, and/or be stored in the computer equipment according to described program instruction operation In working storage.Here, a device is included according to an embodiment of the application, this device bag Include the memorizer for storing computer program instructions and the processor for execute program instructions, its In, when this computer program instructions is by this computing device, triggers this plant running and be based on aforementioned Methods and/or techniques scheme according to multiple embodiments of the application.
It is obvious to a person skilled in the art that the application is not limited to the thin of above-mentioned one exemplary embodiment Section, and in the case of without departing substantially from spirit herein or basic feature, can be with other concrete Form realizes the application.Therefore, no matter from the point of view of which point, embodiment all should be regarded as exemplary , and be nonrestrictive, scope of the present application is limited by claims rather than described above Fixed, it is intended that all changes in the implication and scope of the equivalency of claim that fall are included In the application.Any reference in claim should not be considered as the involved right of restriction will Ask.Furthermore, it is to be understood that " inclusion " one word is not excluded for other units or step, odd number is not excluded for plural number. In device claim, multiple units of statement or device can also be by a unit or device by soft Part or hardware are realizing.The first, the second grade word is used for representing title, and is not offered as any spy Fixed order.

Claims (20)

1. a kind of route processing method, wherein, the method includes:
Detection treats whether the routing address of routing packets is external address;
When described routing address is external address, described routing address is mapped to obtain corresponding presumptive address;
Matching inquiry is carried out to obtain corresponding routing iinformation in route-caching according to described presumptive address;
Treat routing packets according to described RI-Pro.
2. method according to claim 1, wherein, described when described routing address be external address, By described routing address map corresponding presumptive address includes:
When described routing address is external address, according to corresponding mask information, described routing address is mapped Obtain corresponding presumptive address.
3. method according to claim 2, wherein, the method also includes:
Corresponding mask information is determined according to described route-caching corresponding caching relevant information;
Wherein, described when described routing address be external address, described routing address is mapped corresponding Presumptive address includes:
When described routing address is external address, according to described mask information, described routing address is mapped Corresponding presumptive address.
4. method according to claim 3, wherein, described caching relevant information include following at least Any one:
The capacity information of described route-caching;
The present available capacity information of described route-caching;
The maximum quantity information of the caching record that described route-caching is supported;
The quantity information of the existing caching record of described route-caching.
5. method according to any one of claim 1 to 4, wherein, described according to described predetermined Address carries out matching inquiry in route-caching and is also included with obtaining corresponding routing iinformation:
When described routing address mates miss in described route-caching, existed according to described routing address Carry out matching inquiry to obtain corresponding routing iinformation in corresponding routing table.
6. method according to claim 5, wherein, the method also includes:
According to described presumptive address and route-caching described in described updating route information.
7. method according to any one of claim 1 to 6, wherein, described detection treats route point Whether the routing address of group is that external address includes:
Treat whether the routing address of routing packets is external address according to corresponding subnet information detection.
8. method according to claim 7, wherein, the routing address of routing packets is treated in described detection Whether it is that external address also includes:
Detect whether described routing address is legal address;
Wherein, described when described routing address be external address, described routing address is mapped corresponding Presumptive address includes:
When described routing address is external address and belongs to legal address, described routing address is mapped right The presumptive address answered.
9. method according to any one of claim 1 to 8, wherein, described routing address includes Below at least any one:
The described source address treating routing packets, wherein, described treats that routing packets are the packet from external reception;
The described destination address treating routing packets, wherein, described treat routing packets be intend be forwarded to outside Packet.
10. method according to claim 9, wherein, described routing address include described in wait to route The source address of packet, described treats that routing packets are the packet from external reception;
Wherein, described detection treats whether the routing address of routing packets is that external address includes:
When described when routing packets are not required to be forwarded, described in detection, treat that the routing address of routing packets is No for external address.
A kind of 11. route processing equipment, wherein, this equipment includes:
Detection means, treats for detection whether the routing address of routing packets is external address;
Mapping device, for being external address when described routing address, described routing address is mapped right The presumptive address answered;
Inquiry unit, right to obtain for matching inquiry is carried out in route-caching according to described presumptive address The routing iinformation answered;
Processing meanss, for treating routing packets according to described RI-Pro.
12. equipment according to claim 11, wherein, described mapping device is used for:
When described routing address is external address, according to corresponding mask information, described routing address is mapped Obtain corresponding presumptive address.
13. equipment according to claim 12, wherein, this equipment also includes:
Mask determines device, corresponding for being determined according to described route-caching corresponding caching relevant information Mask information;
Wherein, described mapping device is used for:
When described routing address is external address, according to described mask information, described routing address is mapped Corresponding presumptive address.
14. equipment according to claim 13, wherein, described caching relevant information include with down to Few any one:
The capacity information of described route-caching;
The present available capacity information of described route-caching;
The maximum quantity information of the caching record that described route-caching is supported;
The quantity information of the existing caching record of described route-caching.
15. equipment according to any one of claim 11 to 14, wherein, described inquiry unit It is additionally operable to:
When described routing address mates miss in described route-caching, existed according to described routing address Carry out matching inquiry to obtain corresponding routing iinformation in corresponding routing table.
16. equipment according to claim 15, wherein, this equipment also includes:
Updating device, for according to described presumptive address and route-caching described in described updating route information.
17. equipment according to any one of claim 11 to 16, wherein, described detection means For:
Treat whether the routing address of routing packets is external address according to corresponding subnet information detection.
18. equipment according to claim 17, wherein, described detection means is additionally operable to:
Detect whether described routing address is legal address;
Wherein, described mapping device is used for:
When described routing address is external address and belongs to legal address, described routing address is mapped right The presumptive address answered.
19. equipment according to any one of claim 11 to 18, wherein, described routing address Including following at least any one:
The described source address treating routing packets, wherein, described treats that routing packets are the packet from external reception;
The described destination address treating routing packets, wherein, described treat routing packets be intend be forwarded to outside Packet.
20. equipment according to claim 19, wherein, described routing address include described in wait to route The source address of packet, described treats that routing packets are the packet from external reception;
Wherein, described detection means is used for:
When described when routing packets are not required to be forwarded, described in detection, treat that the routing address of routing packets is No for external address.
CN201510469382.7A 2015-08-03 2015-08-03 A kind of method and apparatus for route processing Active CN106411744B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510469382.7A CN106411744B (en) 2015-08-03 2015-08-03 A kind of method and apparatus for route processing
PCT/CN2016/090819 WO2017020718A1 (en) 2015-08-03 2016-07-21 Method and device for routing processing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510469382.7A CN106411744B (en) 2015-08-03 2015-08-03 A kind of method and apparatus for route processing

Publications (2)

Publication Number Publication Date
CN106411744A true CN106411744A (en) 2017-02-15
CN106411744B CN106411744B (en) 2019-10-18

Family

ID=57942379

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510469382.7A Active CN106411744B (en) 2015-08-03 2015-08-03 A kind of method and apparatus for route processing

Country Status (2)

Country Link
CN (1) CN106411744B (en)
WO (1) WO2017020718A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102045234A (en) * 2009-10-09 2011-05-04 中国移动通信集团公司 Buffering and overtime processing methods of route address mapping information as well as tunnel router
CN102447747A (en) * 2010-10-09 2012-05-09 中国移动通信集团公司 Method, device and system for interacting with private network
CN103686696A (en) * 2012-09-19 2014-03-26 华为技术有限公司 Method for sending data, gateway and sensor node

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101394333B (en) * 2007-09-17 2016-01-20 华为技术有限公司 The method E-Packeted, device and network system
US9008096B2 (en) * 2012-11-13 2015-04-14 Microsoft Technology Licensing, Llc Data packet routing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102045234A (en) * 2009-10-09 2011-05-04 中国移动通信集团公司 Buffering and overtime processing methods of route address mapping information as well as tunnel router
CN102447747A (en) * 2010-10-09 2012-05-09 中国移动通信集团公司 Method, device and system for interacting with private network
CN103686696A (en) * 2012-09-19 2014-03-26 华为技术有限公司 Method for sending data, gateway and sensor node

Also Published As

Publication number Publication date
CN106411744B (en) 2019-10-18
WO2017020718A1 (en) 2017-02-09

Similar Documents

Publication Publication Date Title
CN104504003B (en) The searching method and device of diagram data
CN103152357B (en) A kind of defence method for DNS service, device and system
TWI606340B (en) Method, computer readable storage medium and system for data caching
US20160269442A1 (en) Methods and systems for improving analytics in distributed networks
CN106789831A (en) The method and apparatus for recognizing network attack
KR101733000B1 (en) Method and Apparatus for Collecting Cyber Incident Information
CN106302595A (en) A kind of method and apparatus that server is carried out physical examination
US11797678B2 (en) Memory scanning methods and apparatus
US20180139224A1 (en) Collecting domain name system traffic
EP3295348A1 (en) Method and device for defending against network attacks
CN107169346B (en) The side-channel attack defence method and its device removed are remapped and cached based on dynamic memory
CN103049392B (en) The implementation method of CACHE DIRECTORY and device
CN106685899A (en) Method and device for identifying malicious access
CN112532598B (en) Filtering method for real-time intrusion detection system
CN108303098A (en) Robot path planning method and equipment
CN109379347A (en) A kind of safety protecting method and equipment
CN114499939A (en) Optimal path selection method and system based on knowledge graph, storable medium and electronic equipment
US20150269279A1 (en) Loop detection in cuckoo hashtables
CN107798106A (en) A kind of URL De-weight methods in distributed reptile system
JP2014186397A (en) Cache memory device, information processor and cache memory control method
JP2011193343A (en) Communications network monitoring system
CN106599247B (en) Method and device for merging data files in LSM-tree structure
JP2019146137A (en) Method for verifying transaction in blockchain network, and node for constituting the network
CN108334549A (en) A kind of device data storage method, extracting method, storage platform and extraction platform
CN106302347A (en) A kind of network attack treating method and apparatus

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant