CN106411924B - A kind of method creating session forwarding-table item, the method and device that E-Packets - Google Patents
A kind of method creating session forwarding-table item, the method and device that E-Packets Download PDFInfo
- Publication number
- CN106411924B CN106411924B CN201610942104.3A CN201610942104A CN106411924B CN 106411924 B CN106411924 B CN 106411924B CN 201610942104 A CN201610942104 A CN 201610942104A CN 106411924 B CN106411924 B CN 106411924B
- Authority
- CN
- China
- Prior art keywords
- characteristic information
- message
- table item
- forwarding
- session forwarding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1096—Supplementary features, e.g. call forwarding or call holding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/10—Architectures or entities
- H04L65/102—Gateways
- H04L65/1033—Signalling gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
- H04L65/1104—Session initiation protocol [SIP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Multimedia (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a kind of method of creation session forwarding-table item, the method and device to E-Packet, and this method may include: to extract the source characteristic information and purpose characteristic information that receive at least one preset kind of characteristic information in message;Operation is exchanged if it is determined that executing to the source characteristic information and the purpose characteristic information, then cryptographic Hash is calculated according to the characteristic information after the execution exchange operation;Otherwise, cryptographic Hash is calculated according to original characteristic information;Corresponding node is determined according to the cryptographic Hash;When session forwarding-table item corresponding with the message is not present under the node, the session forwarding-table item is created under the node, and record the relevant information to E-Packet.In the technical solution of the application, operation is exchanged by first determining whether to execute source characteristic information and purpose characteristic information, the performance of forwarding device can be promoted.By creating session forwarding-table item directly under node, the matching efficiency to session forwarding-table item can be improved.
Description
Technical field
This application involves communication technique field more particularly to a kind of method for creating session forwarding-table item, E-Packet
Method and device.
Background technique
In the prior art, it when forwarding device creates session forwarding-table item, can be calculated according to the message received positive and negative
The cryptographic Hash of both direction obtains corresponding node, so that record corresponds to the session of the message respectively under corresponding node
The address information of forwarding-table item.
However, obtaining two nodes, and need at two since forwarding device calculates the cryptographic Hash of positive and negative both direction
Under node, record corresponds to the address information of the session forwarding-table item of the message respectively, so that it is a large amount of to occupy forwarding device
Process resource reduces the performance of forwarding device.Meanwhile actually two nodes records is all same session forwarding-table item
Address information causes to waste a large amount of memory headroom of forwarding device.
Summary of the invention
In view of this, the application provides a kind of method of creation session forwarding-table item, the method and device to E-Packet, it can
To promote the performance of forwarding device, and reduce to the forwarding device memory headroom when forwarding device creates session forwarding-table item
Waste.
To achieve the above object, it is as follows to provide technical solution by the application:
According to a first aspect of the present application, a kind of method for creating session forwarding-table item is proposed, forwarding device is applied to;
The described method includes:
When receiving message, extract in the message source characteristic information of at least one preset kind of characteristic information and
Purpose characteristic information;
It is described mutually according to execution when determining that executing exchange to the source characteristic information and the purpose characteristic information operates
Characteristic information after changing operation calculates cryptographic Hash;The source characteristic information and the purpose characteristic information are not executed mutually when determining
When changing operation, cryptographic Hash is calculated according to the original characteristic information of the message;
According to the cryptographic Hash being calculated, corresponding node is determined;
When session forwarding-table item corresponding with the message is not present under the node, under the node described in creation
Session forwarding-table item, and record the relevant information for forwarding the message.
According to a second aspect of the present application, a kind of method to E-Packet is proposed, forwarding device is applied to;The method
Include:
When receiving message, extract in the message source characteristic information of at least one preset kind of characteristic information and
Purpose characteristic information;
It is described mutually according to execution when determining that executing exchange to the source characteristic information and the purpose characteristic information operates
Characteristic information after changing operation calculates cryptographic Hash;The source characteristic information and the purpose characteristic information are not executed mutually when determining
When changing operation, cryptographic Hash is calculated according to the original characteristic information of the message;
According to the cryptographic Hash being calculated, corresponding node is determined;
Session forwarding-table item corresponding with the message is matched under the node, the session forwarding-table item is by above-mentioned wound
The method for building session forwarding-table item generates;
According to the session forwarding-table item being matched to, the message is forwarded.
According to the third aspect of the application, a kind of device for creating session forwarding-table item is proposed, forwarding device is applied to;
Described device includes:
Extraction unit extracts the source of at least one preset kind of characteristic information in the message when receiving message
Characteristic information and purpose characteristic information;
Computing unit, when determining that executing exchange to the source characteristic information and the purpose characteristic information operates, according to
Execute the characteristic information calculating cryptographic Hash exchanged after operation;When determining not to the source characteristic information and the purpose feature
When information executes exchange operation, cryptographic Hash is calculated according to the original characteristic information of the message;
Determination unit determines corresponding node according to the cryptographic Hash being calculated;
First creating unit, when session forwarding-table item corresponding with the message is not present under the node, described
The session forwarding-table item is created under node, and records the relevant information for forwarding the message.
According to the fourth aspect of the application, a kind of device to E-Packet is proposed, is applied to forwarding device;Described device
Include:
Extraction unit extracts the source of at least one preset kind of characteristic information in the message when receiving message
Characteristic information and purpose characteristic information;
Computing unit, when determining that executing exchange to the source characteristic information and the purpose characteristic information operates, according to
Execute the characteristic information calculating cryptographic Hash exchanged after operation;When determining not to the source characteristic information and the purpose feature
When information executes exchange operation, cryptographic Hash is calculated according to the original characteristic information of the message;
Determination unit determines corresponding node according to the cryptographic Hash being calculated;
Matching unit matches session forwarding-table item corresponding with the message, the session forwarding table under the node
Item is generated by the method for above-mentioned creation session forwarding-table item;
Retransmission unit forwards the message according to the session forwarding-table item being matched to.
By above technical scheme as it can be seen that in the technical solution of the application, on the one hand, by first determining whether to source feature
Information and purpose characteristic information, which execute, exchanges operation, it is ensured that and it is equal according to the calculated cryptographic Hash of positive and negative both direction, i.e.,
Session forwarding-table item is created under determining to same node, without creating same session forwarding-table item under two different nodes,
To improve the performance of forwarding device.Meanwhile saving the memory headroom of forwarding device.On the other hand, by directly saving
Point is lower to create session forwarding-table item, and records the relevant information to E-Packet, and forwarding device is saved when matching session forwarding-table item
The link for going to search session forwarding-table item according to address information is omited, to improve the matching efficiency to session forwarding-table item.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of session forwarding-table item in the related technology.
Fig. 2 is the flow chart of the method for forwarding device creation session forwarding-table item in the related technology.
Fig. 3 is a kind of flow chart of the method for creation session forwarding-table item that one exemplary embodiment of the application provides.
Fig. 4 is a kind of flow chart for method to E-Packet that one exemplary embodiment of the application provides.
Fig. 5 is a kind of method for creation session forwarding-table item that one exemplary embodiment of the application provides, and forwarding report
The flow chart of the method for text.
Fig. 6 is a kind of structural schematic diagram for session forwarding-table item that one exemplary embodiment of the application provides.
Fig. 7 is the structural schematic diagram for a kind of electronic equipment that one exemplary embodiment of the application provides.
Fig. 8 is a kind of block diagram of the device for creation session forwarding-table item that one exemplary embodiment of the application provides.
Fig. 9 is the structural schematic diagram for another electronic equipment that one exemplary embodiment of the application provides.
Figure 10 is a kind of block diagram for device to E-Packet that one exemplary embodiment of the application provides.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application.
It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority
Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from
In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determination ".
In actual network environment, due to the diversification of the flow by forwarding device, it is easy to hash-collision occur
The case where, i.e., according to same stream is not belonging to, (the five-tuple information of message is identical or source IP address and purpose IP address phase
Instead, and source port number and destination slogan are opposite) message, same cryptographic Hash is calculated, to exist under same node
Different session forwarding-table items, so, session forwarding-table item is created using structure as shown in Figure 1.As shown in Figure 1:
When there is the case where above-mentioned hash-collision, chained list is created under corresponding node, has recorded creation in chained list
The address information of session forwarding-table item, and it is matched with the five-tuple information of the session forwarding-table item.Each chain under same node
With Unidirectional chain-type structure connection between table.
For example, it is assumed that successively receive message a and message b, wherein message a and message b is not belonging to same stream, report
Literary a is matched with session forwarding-table item 1, and message b is matched with session forwarding-table item 2.The positive cryptographic Hash being calculated according to message a
It is 0, is also 0 according to the positive cryptographic Hash that message b is calculated.So, due to first receiving message a, so in node 0
(Node0) chained list 1 is created under, the address of the five-tuple information of recorded message a and session forwarding-table item 1 is believed in chained list 1
Breath creates chained list 2, the five-tuple information and session forwarding-table item 2 of recorded message b in chained list 2 then after chained list 1
Address information.
Fig. 2 is the flow chart of the method for forwarding device creation session forwarding-table item in the related technology.Refer to Fig. 2, the party
Method may comprise steps of:
Step 201, message is received.
Step 202, positive cryptographic Hash is calculated.
Step 203, reversed cryptographic Hash is calculated.
Wherein, positive cryptographic Hash is calculated according to the five-tuple information of message in forwarding device, then, by the five-tuple
Middle source IP address and purpose IP address are exchanged, and source port number and destination slogan are exchanged, then reversed cryptographic Hash is calculated.
Step 204, chained list, the address information of recording conversation forwarding-table item are created under corresponding node.
Wherein, when positive cryptographic Hash and equal reversed cryptographic Hash, if being not present and the message pair under corresponding node
The session forwarding-table item answered illustrates that forwarding device forwards the message received for the first time, then create session forwarding-table item, and will
For forwarding the relevant information (comprising five-tuple, done business etc.) of the message to be recorded in session forwarding-table item.Meanwhile at this
Chained list is created under node, and records the five-tuple information of the message in the chained list, and the ground of the session forwarding-table item created
Location information.When positive cryptographic Hash and unequal reversed cryptographic Hash, if being not present and the message pair under corresponding node
The session forwarding-table item answered then in the manner described above creates chained list, and record the message under corresponding node respectively
Five-tuple information, and creation session forwarding-table item address information.
Wherein, in session forwarding-table item include two parts content, a part for for forward the message relevant information (i.e.
The relevant information of above-mentioned record);It is reversed message (source IP address, purpose that another part, which is for forwarding relative to the message,
IP address and the message on the contrary, and source port number, destination slogan it is opposite with the message) relevant information, and at this point, the part
Content is sky.
Similarly, it when it is reversed message (hereinafter referred to as reversed message) that forwarding device, which is received relative to the message, presses
Positive cryptographic Hash and reversed cryptographic Hash are calculated according to the method for step 201-203.Then under the corresponding node of positive cryptographic Hash, root
According to the five-tuple of the reversed message, corresponding chained list is matched.Its matching process is divided into two steps:
The first step is matched according to the five-tuple information of the reversed message with the five-tuple of current chained list record;
Second step exchanges source IP address and purpose IP address if not matching that with the five-tuple of current chained list record, with
And source port number and destination slogan are exchanged, further according to the five-tuple information after exchange, believe with the five-tuple of current chained list record
Breath matching.
If being matched to chained list corresponding with the reversed message, then according to the chain under the corresponding node of positive cryptographic Hash
The relevant information for being used to forward the reversed message is recorded in corresponding session forwarding-table item the address information recorded in table.
As it can be seen that in the related art, when forwarding device receives the reversed message of the message, according to the reversed message
When the corresponding chained list of five-tuple information matches, corresponding chained list can be just successfully matched to twice by needing to match, and then cause to reduce
To the matching efficiency of session forwarding-table item.Simultaneously as forwarding device needs to calculate the cryptographic Hash of positive and negative both direction, obtain
Two nodes reduce the performance of forwarding device to occupy a large amount of process resource of forwarding device, and actually two are saved
Point record is all the address information of same session forwarding-table item, causes to waste a large amount of memory headroom of forwarding device.
Fig. 3 is a kind of flow chart of the method for creation session forwarding-table item shown in one exemplary embodiment of the application, should
Method is applied to forwarding device, may comprise steps of:
Step 301, when receiving message, the source for extracting at least one preset kind of characteristic information in the message is special
Reference breath and purpose characteristic information.
Step 302, when determine the source characteristic information and the purpose characteristic information are executed exchange operation when, according to holding
The row characteristic information calculating cryptographic Hash exchanged after operation;The source characteristic information and the purpose feature are not believed when determining
When breath executes exchange operation, cryptographic Hash is calculated according to the original characteristic information of the message.
Step 303, according to the cryptographic Hash being calculated, corresponding node is determined.
Step 304, when session forwarding-table item corresponding with the message is not present under the node, under the node
The session forwarding-table item is created, and records the relevant information for forwarding the message.
In the present embodiment, when there are the session forwarding-table items under the node, and in the session forwarding-table item not
When relevant information comprising forwarding the message, the relevant information is recorded in the session forwarding-table item.
In the present embodiment, it determines in the following manner and the source characteristic information and the purpose characteristic information is executed mutually
Change operation:
Determine whether the source characteristic information and the numerical values recited relationship of the purpose characteristic information meet preset relation;When
When the numerical values recited relationship meets preset relation, determination executes exchange to the source characteristic information and the purpose characteristic information
Operation.
In the present embodiment, when there is hash-collision, the end of chain structure under the node is created and the report
Text corresponding session forwarding-table item includes the session forwarding-table item according to other messages creation received in the chained list.
Fig. 4 is a kind of flow chart of method to E-Packet shown in one exemplary embodiment of the application, this method application
In forwarding device, may comprise steps of:
Step 401, when receiving message, the source for extracting at least one preset kind of characteristic information in the message is special
Reference breath and purpose characteristic information.
Step 402, when determine the source characteristic information and the purpose characteristic information are executed exchange operation when, according to holding
The row characteristic information calculating cryptographic Hash exchanged after operation;The source characteristic information and the purpose feature are not believed when determining
When breath executes exchange operation, cryptographic Hash is calculated according to the original characteristic information of the message.
Step 403, according to the cryptographic Hash being calculated, corresponding node is determined.
Step 404, session forwarding-table item corresponding with the message, the session forwarding-table item are matched under the node
It is generated by the method for above-mentioned creation session forwarding-table item as shown in Figure 3.
In the present embodiment, session forwarding table corresponding with the message is matched under the node in the following manner
:
When determining execution exchange operation, matched and the report according to the characteristic information after the execution exchange operation
The corresponding session forwarding-table item of text;
When determining that not executing the exchange operates, according to the original characteristic information matching of the message and the message pair
The session forwarding-table item answered.
Step 405, according to the session forwarding-table item being matched to, the message is forwarded.
By above technical scheme as it can be seen that in the technical solution of the application, on the one hand, by first determining whether to source feature
Information and purpose characteristic information, which execute, exchanges operation, it is ensured that and it is equal according to the calculated cryptographic Hash of positive and negative both direction, i.e.,
Session forwarding-table item is created under determining to same node, without creating same session forwarding-table item under two different nodes,
To simplify the process of creation session forwarding-table item, the performance of forwarding device is improved.Meanwhile saving the interior of forwarding device
Deposit space.On the other hand, by creating session forwarding-table item directly under node, and the relevant information to E-Packet is recorded, turned
Equipment is sent out when matching session forwarding-table item, the link for removing to search session forwarding-table item according to address information is omitted, to mention
The high matching efficiency to session forwarding-table item.
In order to make it easy to understand, below with reference to Fig. 5, for forwarding device to the treatment process for receiving message, to the application
Technical solution be described in detail.Fig. 5 is referred to, Fig. 5 is the creation session forwarding shown in one exemplary embodiment of the application
The method of list item, and the flow chart of method to E-Packet.As shown in figure 5, this method may comprise steps of:
Step 501, forwarding device receives message.
In the present embodiment, after forwarding device receives message, at least one for extracting characteristic information in message presets class
The source characteristic information and purpose characteristic information of type.For example, source characteristic information can be source port number and source IP address, purpose feature
Information can be destination slogan and purpose IP address.
Step 502, it is determined whether exchange source characteristic information and purpose characteristic information.
Step 503, cryptographic Hash is calculated according to characteristic information.
In the present embodiment, by determining it is pre- whether the numerical values recited relationship of source characteristic information and purpose characteristic information meets
If relationship, operation is exchanged to determine whether to execute source characteristic information and purpose characteristic information.
In the present embodiment, when determining that executing exchange to source characteristic information and purpose characteristic information operates, according to execution
Characteristic information after exchanging operation calculates cryptographic Hash;Operation is exchanged when determining not execute source characteristic information and purpose characteristic information
When, cryptographic Hash is calculated according to the original characteristic information of message.
For example, in the case where forwarding device does not use NAT business, that is, the problem of IP address conversion is not present, false
Surely the source characteristic information extracted is source port number and source IP address, and purpose characteristic information is purpose port numbers and purpose IP address.
Since port numbers length is smaller, it is easy to compare, so regulation first compares port numbers, when the numerical value of source port number is greater than destination port
Number numerical value when, source port number and destination slogan are executed and exchange operation, and source IP address and purpose IP address are executed
Exchange operation.When the numerical value of source port number is less than the numerical value of destination slogan, exchange operation is not executed.When the number of source port number
When value is equal to the numerical value of destination slogan, further compare the numerical values recited of source IP address and purpose IP address.Wherein, work as source IP
When the numerical value of address is greater than the numerical value of purpose IP address, source port number and destination slogan are executed and exchange operation, and to source
IP address and purpose IP address, which execute, exchanges operation;When the numerical value of source IP address is less than the numerical value of purpose IP address, do not execute
Exchange operation.And under normal circumstances, source IP address and purpose IP address will not be identical, to guarantee to determine whether
It executes and exchanges operation.Herein using " being greater than " numerical relation by way of example only, can also using " being less than " etc. other
Numerical relation, the application limit not to this.
For example, in one case, the characteristic information that forwarding device receives message is five-tuple information, wherein source IP
Address is 2001::1, purpose IP address 2002::2, source port number 2028, destination slogan 1024, agreement 6.It is aobvious
So, the numerical value of source port number is greater than the numerical value of destination slogan, therefore, executes to source port number and destination slogan and exchanges behaviour
Make, and source IP address and purpose IP address are executed and exchange operation.Execute the five-tuple information after exchanging operation are as follows: source IP
Location is 2002::2, purpose IP address 2001::1, source port number 1024, destination slogan 2048, agreement 6.It connects down
Then to calculate cryptographic Hash according to the five-tuple information that the execution is exchanged after operation.And when forwarding device is received relative to the message
Reversed message when, i.e. the five-tuple information of the reversed message are as follows: source IP address 2002::2, purpose IP address 2001::
1, source port number 1024, destination slogan 2048, agreement 6.Obviously, operation is exchanged without executing, next then basis
Original five-tuple information calculates cryptographic Hash.
For example, in another case, forwarding device receives the five-tuple information of message are as follows: source IP address (sip) is
3003::1, purpose IP address (dip) are 2002::1, and source port number (sport) is 1024, and destination slogan (dport) is
1024, agreement 17.The address size of IPv6 is 128bit, is divided into low 32bit, secondary low 32bit, secondary high 32bit, high 32bit
Successively compare, comparison procedure is as follows:
Sip=30030000_00000000_00000000_00000001
Dip=20020000_00000000_00000000_00000001
Step 1: comparing sport and dport, 1024=1024 is obtained, can not determine whether to exchange, carries out second step;
Step 2: comparing sip [31:0] and dip [31:0], 00000001=00000001 is obtained, can not be determined whether mutually
It changes, carries out third step;
Step 3: comparing sip [63:32] and dip [63:32], 00000000=00000000 is obtained, can not be determined whether mutually
It changes, carries out the 4th step;
Step 4: comparing sip [95:64] and dip [95:64], 00000000=00000000 is obtained, can not be determined whether mutually
It changes, carries out the 5th step;
Step 5: comparing sip [127:96] and dip [127:96], 30030000 > 20020000 are obtained, determines sip > dip.
Since the numerical value of source IP address is greater than the numerical value of purpose IP address, so being executed to source port number and destination slogan
Operation is exchanged, and source IP address and purpose IP address are executed and exchange operation.Execute the five-tuple information after exchanging operation are as follows:
Sip is 2002::1, dip 3003::1, sport 1024, dport 1024, agreement 17.It is following then according to the execution
Five-tuple information after exchanging operation calculates cryptographic Hash.And when forwarding device receives the reversed message relative to the message,
That is the five-tuple information of the reversed message are as follows: sip 2002::1, dip 3003::1, sport 1024, dport 1024,
Agreement is 17.Obviously, operation is exchanged without executing, cryptographic Hash is then next calculated according to original five-tuple information.Due to big
A part IP address high position is identical, so, in most cases, after the low 32bit of relatively low 32bit or secondary, it can compare
Numerical values recited, to improve the efficiency for comparing numerical values recited.
By above-mentioned regulation, so that when forwarding device receives message, however, it is determined that the source port number and purpose of message
Port numbers, which execute, exchanges operation, and executes to source IP address and purpose IP address and exchange operation, then when receiving relative to this
When the reversed message of message, operation is exchanged without executing, further such that when forwarding device receives message and relative to the report
When the reversed message of text, identical cryptographic Hash can be calculated according to identical characteristic information, determine same node.
Step 504, session forwarding-table item corresponding with message is received is judged whether there is, and if it exists, be then transferred to step
Otherwise 505a is transferred to step 505b.
In the present embodiment, according to the cryptographic Hash being calculated, corresponding node is determined, matching and reception under the node
To the corresponding session forwarding-table item of message.When determining that executing exchange operates in step 503, after exchanging operation according to execution
Characteristic information (for example, five-tuple information), matches with the five-tuple information of the session forwarding-table item under the node, if the two
Five-tuple information it is identical, then be corresponding session forwarding-table item, be not corresponding session forwarding-table item otherwise;When in step
When determining that not executing exchange operates in 503, according to the original characteristic information of message is received, with the session forwarding table under the node
The five-tuple information of item matches.Pass through above-mentioned matching way, it is only necessary to which matching once just can determine that the session of current matching turns
Whether forwarding list item is corresponding session forwarding-table item, to improve the matching efficiency to session forwarding-table item.
Step 505a judges the relevant information for whether receiving message in corresponding session forwarding-table item comprising forwarding, if
Include then to be transferred to step 506, otherwise, is transferred to step 507.
Step 505b creates session forwarding-table item under node, and records and this is forwarded to receive the relevant information of message.
It in the present embodiment, include two parts content in session forwarding-table item, a part is this receives report for forwarding
The relevant information of text;Another part is the relevant information for receiving the reversed message of message relative to this for forwarding.Pass through elder generation
Determine whether to execute source characteristic information and purpose characteristic information and exchange operation, it is ensured that is calculated according to positive and negative both direction
Cryptographic Hash it is equal, that is, determine to creating session forwarding-table item under same node, it is same without being created under two different nodes
One session forwarding-table item improves the performance of forwarding device to simplify the process of creation session forwarding-table item.Meanwhile it saving
The memory headroom of forwarding device is saved.
Step 506, according to relevant information, the message that forwards this to receive.
Step 507, in corresponding session forwarding-table item, record forwards this to receive the relevant information of message.
In the technical solution of the application, (need to create different sessions under same node when there is hash-collision
Forwarding-table item) when, session forwarding-table item is created by structure shown in fig. 6, as shown in Figure 6:
Session forwarding-table item is directly created under node, with Unidirectional chain-type between each session forwarding-table item under same node
Structure connection, when there is hash-collision, the chain structure end of session forwarding-table item, creates corresponding session under node
Forwarding-table item.
For example, in one case, when forwarding device receives message, and according to the characteristic information (example of the message
For example five-tuple information) cryptographic Hash that is calculated is when being 1, matching meeting corresponding with the message under determining to node 1 (Node1)
Talk about forwarding-table item, it is assumed that created session forwarding-table item 1 and session forwarding-table item 2 under Node1 at this time, then according to from left-hand
The right side successively matches session forwarding-table item 1 and session forwarding-table item 2.When session forwarding-table item 1 and session forwarding-table item 2 are not
When session forwarding-table item corresponding with the message, in the end (i.e. after session forwarding-table item 2) of chain structure, creates session and turn
Forwarding list item 3, and record the relevant information for forwarding the message.
In another case, when forwarding device receives message, and be calculated according to the characteristic information of the message
When cryptographic Hash is 3, matching session forwarding-table item corresponding with the message under determining to Node3, it is assumed that do not created under Node3 at this time
Session forwarding-table item (while explanation session forwarding-table item not corresponding with the message) was built, then was directly created at Node3
Session forwarding-table item 4, and record the relevant information for forwarding the message.
By above technical scheme as it can be seen that in the technical solution of the application, the case where forwarding device does not use NAT business
Under, the problem of since there is no IP address conversion, occur the probability very little of a large amount of hash-collisions under same node, so passing through
Session forwarding-table item is directly created under node, is closed under same node between each session forwarding-table item with the structure of Unidirectional chain-type
Connection is omitted the link for removing to search session forwarding-table item according to address information in the related technology, can be improved to session forwarding table
The matching efficiency of item.
Fig. 7 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Referring to FIG. 7,
In hardware view, which includes processor 702, internal bus 704, network interface 706, memory 708 and non-volatile
Property memory 710, is also possible that hardware required for other business certainly.Processor 702 is from nonvolatile memory 710
It reads corresponding computer program then to run into memory 702, forms the dress of creation session forwarding-table item on logic level
It sets.Certainly, other than software realization mode, the application is not precluded other implementations, such as logical device or soft or hard
The mode etc. that part combines, that is to say, that the executing subject of following process flow is not limited to each logic unit, can also be with
It is hardware or logical device.
Referring to FIG. 8, the device of the creation session forwarding-table item may include extraction unit in Software Implementation
801, computing unit 802, determination unit 803 and the first creating unit 804.Wherein:
Extraction unit 801 extracts at least one preset kind of characteristic information in the message when receiving message
Source characteristic information and purpose characteristic information;
Computing unit 802, when determining that executing exchange to the source characteristic information and the purpose characteristic information operates, root
Cryptographic Hash is calculated according to the characteristic information exchanged after operating is executed;It is not special to the source characteristic information and the purpose when determining
When reference breath executes exchange operation, cryptographic Hash is calculated according to the original characteristic information of the message;
Determination unit 803 determines corresponding node according to the cryptographic Hash being calculated;
First creating unit 804, when session forwarding-table item corresponding with the message is not present under the node, in institute
It states and creates the session forwarding-table item under node, and record the relevant information for forwarding the message.
Optionally, further includes:
Recording unit 805 when there are the session forwarding-table items under the node, and is not wrapped in the session forwarding-table item
When containing the relevant information for forwarding the message, the relevant information is recorded in the session forwarding-table item.
Optionally, the computing unit 802 is specifically used for:
Determine whether the source characteristic information and the numerical values recited relationship of the purpose characteristic information meet preset relation;
When the numerical values recited relationship meets preset relation, determines and the source characteristic information and the purpose feature are believed
Breath, which executes, exchanges operation.
Optionally, further includes:
Second creating unit 806, when there is hash-collision, the end of chain structure under the node, creation and institute
The corresponding session forwarding-table item of message is stated, includes the session forwarding table according to other messages creation received in the chained list
?.
Fig. 9 shows the schematic configuration diagram of another electronic equipment of the exemplary embodiment according to the application.
Referring to FIG. 9, in hardware view, the electronic equipment include processor 902, internal bus 904, network interface 906,
Memory 908 and nonvolatile memory 910, are also possible that hardware required for other business certainly.Processor 902 is from non-
Corresponding computer program is read in volatile memory 910 then to run into memory 902, and forwarding is formed on logic level
The device of message.Certainly, other than software realization mode, other implementations, such as logical device is not precluded in the application
Or mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each logic list
Member is also possible to hardware or logical device.
Referring to FIG. 10, the device to E-Packet may include extraction unit 1001, calculate in Software Implementation
Unit 1002, determination unit 1003, matching unit 1004 and retransmission unit 1005.Wherein:
Extraction unit 1001 extracts at least one preset kind of characteristic information in the message when receiving message
Source characteristic information and purpose characteristic information;
Computing unit 1002, when determining that executing exchange to the source characteristic information and the purpose characteristic information operates,
Cryptographic Hash is calculated according to the characteristic information exchanged after operating is executed;When determining not to the source characteristic information and the purpose
When characteristic information executes exchange operation, cryptographic Hash is calculated according to the original characteristic information of the message;
Determination unit 1003 determines corresponding node according to the cryptographic Hash being calculated;
Matching unit 1004, matches session forwarding-table item corresponding with the message under the node, and the session turns
Forwarding list item is generated by the method for creation session forwarding-table item such as of any of claims 1-4;
Retransmission unit 1005 forwards the message according to the session forwarding-table item being matched to.
Optionally, the matching unit 1004 is specifically used for:
When determining execution exchange operation, matched and the report according to the characteristic information after the execution exchange operation
The corresponding session forwarding-table item of text;
When determining that not executing the exchange operates, according to the original characteristic information matching of the message and the message pair
The session forwarding-table item answered.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with
It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying
Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (10)
1. a kind of method for creating session forwarding-table item, which is characterized in that be applied to forwarding device;The described method includes:
When receiving message, the source characteristic information and purpose of at least one preset kind of characteristic information in the message are extracted
Characteristic information;
Determine whether the source characteristic information and the numerical values recited relationship of the purpose characteristic information meet preset relation;
When the numerical values recited relationship meets preset relation, the source characteristic information and the purpose characteristic information are held in determination
Row exchanges operation, and calculates cryptographic Hash according to the characteristic information after the execution exchange operation;When the numerical values recited relationship not
When meeting preset relation, determines not execute the source characteristic information and the purpose characteristic information and exchange operation, and according to institute
It states the original characteristic information of message and calculates cryptographic Hash;
According to the cryptographic Hash being calculated, corresponding node is determined;
When session forwarding-table item corresponding with the message is not present under the node, the session is created under the node
Forwarding-table item, and record the relevant information for forwarding the message.
2. the method according to claim 1, wherein further include:
When there are the session forwarding-table items under the node, and does not include in the session forwarding-table item and forward the message
When relevant information, the relevant information is recorded in the session forwarding-table item.
3. the method according to claim 1, wherein further include:
When there is hash-collision, the end of chain structure under the node creates chained list corresponding with the message, described
Include the session forwarding-table item according to other messages creation received in chained list.
4. a kind of method to E-Packet, which is characterized in that be applied to forwarding device;The described method includes:
When receiving message, the source characteristic information and purpose of at least one preset kind of characteristic information in the message are extracted
Characteristic information;
Determine whether the source characteristic information and the numerical values recited relationship of the purpose characteristic information meet preset relation;
When the numerical values recited relationship meets preset relation, the source characteristic information and the purpose characteristic information are held in determination
Row exchanges operation, and calculates cryptographic Hash according to the characteristic information after the execution exchange operation;When the numerical values recited relationship not
When meeting preset relation, determines not execute the source characteristic information and the purpose characteristic information and exchange operation, and according to institute
It states the original characteristic information of message and calculates cryptographic Hash;
According to the cryptographic Hash being calculated, corresponding node is determined;
Session forwarding-table item corresponding with the message is matched under the node, the session forwarding-table item is by such as claim
The method that session forwarding-table item is created described in any one of 1-3 generates;
According to the session forwarding-table item being matched to, the message is forwarded.
5. according to the method described in claim 4, it is characterized in that, the matching under the node is corresponding with the message
Session forwarding-table item, comprising:
When determining execution exchange operation, matched and the message pair according to the characteristic information after the execution exchange operation
The session forwarding-table item answered;
It is corresponding with the message according to the original characteristic information matching of the message when determining that not executing the exchange operates
Session forwarding-table item.
6. a kind of device for creating session forwarding-table item, which is characterized in that be applied to forwarding device;Described device includes:
Extraction unit extracts the source feature of at least one preset kind of characteristic information in the message when receiving message
Information and purpose characteristic information;
Computing unit, determines whether the source characteristic information and the numerical values recited relationship of the purpose characteristic information meet default pass
System;When the numerical values recited relationship meets preset relation, the source characteristic information and the purpose characteristic information are held in determination
Row exchanges operation, and calculates cryptographic Hash according to the characteristic information after the execution exchange operation;When the numerical values recited relationship not
When meeting preset relation, determines not execute the source characteristic information and the purpose characteristic information and exchange operation, and according to institute
It states the original characteristic information of message and calculates cryptographic Hash;
Determination unit determines corresponding node according to the cryptographic Hash being calculated;
First creating unit, when session forwarding-table item corresponding with the message is not present under the node, in the node
The lower creation session forwarding-table item, and record the relevant information for forwarding the message.
7. device according to claim 6, which is characterized in that further include:
Recording unit when there are the session forwarding-table items under the node, and does not include forwarding in the session forwarding-table item
When the relevant information of the message, the relevant information is recorded in the session forwarding-table item.
8. device according to claim 6, which is characterized in that further include:
Second creating unit, when there is hash-collision, the end of chain structure under the node is created and the message pair
The chained list answered includes the session forwarding-table item according to other messages creation received in the chained list.
9. a kind of device to E-Packet, which is characterized in that be applied to forwarding device;Described device includes:
Extraction unit extracts the source feature of at least one preset kind of characteristic information in the message when receiving message
Information and purpose characteristic information;
Computing unit, determines whether the source characteristic information and the numerical values recited relationship of the purpose characteristic information meet default pass
System;When the numerical values recited relationship meets preset relation, the source characteristic information and the purpose characteristic information are held in determination
Row exchanges operation, and calculates cryptographic Hash according to the characteristic information after the execution exchange operation;When the numerical values recited relationship not
When meeting preset relation, determines not execute the source characteristic information and the purpose characteristic information and exchange operation, and according to institute
It states the original characteristic information of message and calculates cryptographic Hash;
Determination unit determines corresponding node according to the cryptographic Hash being calculated;
Matching unit, matches corresponding with message session forwarding-table item under the node, the session forwarding-table item by
The method of creation session forwarding-table item as claimed in any one of claims 1-3 generates;
Retransmission unit forwards the message according to the session forwarding-table item being matched to.
10. device according to claim 9, which is characterized in that the matching unit is specifically used for:
When determining execution exchange operation, matched and the message pair according to the characteristic information after the execution exchange operation
The session forwarding-table item answered;
It is corresponding with the message according to the original characteristic information matching of the message when determining that not executing the exchange operates
Session forwarding-table item.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610942104.3A CN106411924B (en) | 2016-10-24 | 2016-10-24 | A kind of method creating session forwarding-table item, the method and device that E-Packets |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610942104.3A CN106411924B (en) | 2016-10-24 | 2016-10-24 | A kind of method creating session forwarding-table item, the method and device that E-Packets |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106411924A CN106411924A (en) | 2017-02-15 |
| CN106411924B true CN106411924B (en) | 2019-07-09 |
Family
ID=58013621
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610942104.3A Active CN106411924B (en) | 2016-10-24 | 2016-10-24 | A kind of method creating session forwarding-table item, the method and device that E-Packets |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106411924B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109981463B (en) * | 2019-02-25 | 2021-07-27 | 网易(杭州)网络有限公司 | Information processing method, device, gateway and storage medium |
| CN112491723B (en) * | 2020-12-07 | 2022-03-01 | 上海励驰半导体有限公司 | Gateway message forwarding method, device, storage medium and gateway |
| CN113098954B (en) * | 2021-03-30 | 2022-10-25 | 平安科技(深圳)有限公司 | Message forwarding method and device, computer equipment and storage medium |
| CN113765804A (en) * | 2021-08-05 | 2021-12-07 | 中移(杭州)信息技术有限公司 | Message forwarding method, device, equipment and computer readable storage medium |
| CN114221847B (en) * | 2021-12-10 | 2024-01-23 | 北京天融信网络安全技术有限公司 | Network session management method, device and equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404193A (en) * | 2010-09-17 | 2012-04-04 | 华为技术有限公司 | Method and edge device capable of generating forward list item, forwarding message and obtaining address |
| CN103051542A (en) * | 2012-12-11 | 2013-04-17 | 武汉烽火网络有限责任公司 | Method for realizing connectivity detection based on data link layer Ethernet MAC (media access control) address |
| CN104683267A (en) * | 2013-11-26 | 2015-06-03 | 浙江大华系统工程有限公司 | Data forwarding method, data forwarding device, and switching equipment |
-
2016
- 2016-10-24 CN CN201610942104.3A patent/CN106411924B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102404193A (en) * | 2010-09-17 | 2012-04-04 | 华为技术有限公司 | Method and edge device capable of generating forward list item, forwarding message and obtaining address |
| CN103051542A (en) * | 2012-12-11 | 2013-04-17 | 武汉烽火网络有限责任公司 | Method for realizing connectivity detection based on data link layer Ethernet MAC (media access control) address |
| CN104683267A (en) * | 2013-11-26 | 2015-06-03 | 浙江大华系统工程有限公司 | Data forwarding method, data forwarding device, and switching equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106411924A (en) | 2017-02-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106411924B (en) | A kind of method creating session forwarding-table item, the method and device that E-Packets | |
| EP2944056B1 (en) | Distributed traffic inspection in a telecommunications network | |
| CN105491060B (en) | Method, apparatus, client and the equipment of defending distributed denial of service attack | |
| CN108173982B (en) | NAT (network Address translation) processing method and device for cross-board message | |
| CN102970227B (en) | The method and apparatus of VXLAN message repeating is realized in ASIC | |
| US8059562B2 (en) | Listener mechanism in a distributed network system | |
| US10148560B2 (en) | Enhanced error signaling and error handling in a network environment with segment routing | |
| US9992101B2 (en) | Parallel multipath routing architecture | |
| CN106878194B (en) | Message processing method and device | |
| CN109361606B (en) | Message processing system and network equipment | |
| US20200322313A1 (en) | Data Transfer Method and Virtual Switch | |
| CN108881328B (en) | Data packet filtering method and device, gateway equipment and storage medium | |
| CN103188042B (en) | A kind of matching process of IP packet and coupling accelerator | |
| CN110417657A (en) | A kind of method and device handling multicast data message | |
| CN106921578B (en) | Method and device for generating forwarding table item | |
| US20230042747A1 (en) | Message Processing Method and Device, Storage Medium, and Electronic Device | |
| CN106341338B (en) | A kind of retransmission method and device of message | |
| CN105337881A (en) | Data message processing method, service node and stream guiding point | |
| CN102325124A (en) | Flow-guiding function-supported application identification equipment and method | |
| CN104702564A (en) | Tethering user identification method and device | |
| CN103281257A (en) | Method and device for processing protocol message | |
| CN102201996B (en) | Method and equipment for forwarding message in network address translation (NAT) environment | |
| CN111049947B (en) | Message forwarding method and device, electronic equipment and storage medium | |
| CN116545921A (en) | Message forwarding method, device, equipment and storage medium based on ECMP | |
| CN108259348A (en) | A kind of message transmitting method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant after: Hangzhou Dipu Polytron Technologies Inc Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant before: Hangzhou Dipu Technology Co., Ltd. |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |