CN112953949B

CN112953949B - Message header processing method, device, equipment and storage medium of network message

Info

Publication number: CN112953949B
Application number: CN202110227379.XA
Authority: CN
Inventors: 李洪杰
Original assignee: Eversec Beijing Technology Co Ltd
Current assignee: Eversec Beijing Technology Co Ltd
Priority date: 2021-03-01
Filing date: 2021-03-01
Publication date: 2023-01-06
Anticipated expiration: 2041-03-01
Also published as: CN112953949A

Abstract

The embodiment of the invention discloses a method, a device, equipment and a storage medium for processing a message header of a network message, wherein the method comprises the following steps: receiving an original network message, and analyzing the type of a protocol header; mirror processing the original network message to obtain a mirror network message; searching a target mirror image session identifier corresponding to the protocol header type and the instruction identifier of the message header output instruction in an identifier mapping table; determining target output port information and target message header length corresponding to the target mirror image session identification in a length mapping table; the table entries in the identifier mapping table and the length mapping table are obtained based on configuration information in a message header output instruction acquired by a control plane; and intercepting data with the length of a target message header in the mirror image network message from the initial position of the message as a mirror image message header, and outputting the mirror image message header to a target port and/or a target port group corresponding to the target output port information. The message header is output under the condition that the normal operation of the convergence and shunt equipment is ensured, and the performance pressure of the back-end equipment is reduced.

Description

Message header processing method, device, equipment and storage medium of network message

Technical Field

Embodiments of the present invention relate to communications technologies, and in particular, to a method, an apparatus, a device, and a storage medium for processing a packet header of a network packet.

Background

In the field of network security, it is generally necessary to collect network messages from each network node, and send the analyzed ticket data or the original network message to a back-end device for finer-grained analysis. Based on the performance of the back-end device or the side-focusing consideration of analyzing the network message, sometimes the load part of the network message does not need to be concerned, and the requirement can be met only by analyzing the message header part of the network message.

In the prior art, platforms such as MPIS (Microprocessor without internal interlocking pipeline Stages) multi-core or X86 are generally used for header output Processing, but the Processing performance depends on network cards, CPUs (Central Processing units) and PCIE (Peripheral Component Interconnect Express) bandwidths. Since the convergence and shunt device needs to perform line speed processing on each port in most application scenarios. The method cannot meet the requirements of large data volume and port linear speed forwarding of the convergence and shunt equipment. Therefore, how to implement the output of the packet header on the aggregation and offloading device becomes a technical problem to be solved urgently.

Disclosure of Invention

The embodiment of the invention provides a method, a device, equipment and a storage medium for processing a message header of a network message, which can realize the output of the message header on a convergence and diversion device.

In a first aspect, an embodiment of the present invention provides a method for processing a packet header of a network packet, where the method is applied to a convergence and offloading device with a programmable switching chip, and includes:

receiving an original network message, and analyzing a protocol header type of the original network message;

performing mirror image processing on the original network message to obtain a mirror image network message;

searching a target mirror image session identification corresponding to the protocol header type and the instruction identification of the message header output instruction in an identification mapping table;

determining target output port information and target message header length corresponding to the target mirror image session identification in a length mapping table; wherein, the table entries in the identifier mapping table and the length mapping table are obtained based on the configuration information in the message header output instruction obtained by the control plane;

and intercepting data of the length of the target message header in the mirror image network message from the initial position of the mirror image network message as a mirror image message header, and outputting the mirror image message header to a target port and/or a target port group corresponding to the target output port information.

In a second aspect, an embodiment of the present invention further provides a packet header processing apparatus for a network packet, including:

the message receiving module is used for receiving an original network message and analyzing the protocol header type of the original network message;

the message mirror image module is used for carrying out mirror image processing on the original network message to obtain a mirror image network message;

the identification searching module is used for searching a target mirror image session identification corresponding to the protocol header type and the instruction identification of the message header output instruction in an identification mapping table;

a length determining module, configured to determine, in a length mapping table, target output port information and a target packet header length corresponding to the target mirror session identifier; wherein, the table entries in the identifier mapping table and the length mapping table are obtained based on the configuration information in the message header output instruction acquired by the control plane;

and the message header output module is used for intercepting data with the length of the target message header in the mirror image network message from the initial position of the mirror image network message as a mirror image message header and outputting the mirror image message header to a target port and/or a target port group corresponding to the target output port information.

In a third aspect, an embodiment of the present invention further provides a convergence and offloading device, where the convergence and offloading device includes:

one or more processors;

one or more programmable switching chips;

a memory for storing one or more programs,

when the one or more programs are executed by the one or more programmable switching chips, the one or more programmable switching chips are enabled to implement the message header processing method of the network message provided by any embodiment of the invention;

and when the one or more programs are executed by the one or more processors, causing the one or more processors to implement the message header processing method of the network message according to any embodiment of the present invention.

In a fourth aspect, an embodiment of the present invention further provides a storage medium containing computer-executable instructions, where the computer-executable instructions are used to execute a method for processing a packet header of a network packet according to any embodiment of the present invention.

According to the embodiment of the invention, the original network message is subjected to mirror image processing, the corresponding target output port information and the target message header length are quickly determined based on the identification mapping table and the length mapping table, and the message header of the mirror image network message is subjected to truncation output based on the target message length, so that the problem that the message header cannot be directly output through the convergence and distribution equipment in the prior art is solved, the message header is output under the condition of ensuring the normal operation of the convergence and distribution equipment, and the performance pressure of back-end equipment is reduced.

Drawings

Fig. 1 is a flowchart of a method for processing a header of a network packet according to an embodiment of the present invention;

fig. 2 is a schematic diagram of a header of a TCP network packet according to an embodiment of the present invention;

fig. 3 is a flowchart of another method for processing a header of a network packet according to a second embodiment of the present invention;

fig. 4 is a flowchart of a method for processing a header on a control plane according to a third embodiment of the present invention;

fig. 5 is a flowchart of a method for processing a header on a data plane according to a third embodiment of the present invention;

fig. 6 is a schematic structural diagram of a packet header processing apparatus of a network packet according to a fourth embodiment of the present invention;

fig. 7 is a schematic structural diagram of a convergence and shunt device according to a fifth embodiment of the present invention.

Detailed Description

The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some structures related to the present invention are shown in the drawings, not all of them.

Example one

The embodiment is applicable to the case of outputting the message header of the network message through the convergence and diversion device, and the method can be executed by a message header processing device of the network message, and the device can be realized in a software and/or hardware manner. The device can be configured in a convergence and shunt device with a programmable switching chip. The programmable switching chip can be a switching chip which can realize the message header output function by compiling a code through a compiling language. For example, a Tofino series programmable switching chip introduced by Barefoot corporation is programmable based on P4 language in a data plane, which greatly expands the use scenarios of a network switching chip and a convergence and shunt device, and enables some complex functions to be implemented on the switching chip through programming.

Fig. 1 is a flowchart of a method for processing a packet header of a network packet according to an embodiment of the present invention, and as shown in fig. 1, the method includes:

step S110, receiving the original network message, and analyzing the protocol header type of the original network message.

The original network packet may include a header and a payload, among other things. For example, fig. 2 is a schematic diagram of a header of a TCP network packet according to an embodiment of the present invention. As shown in fig. 2, a header of the TCP network packet includes three layers of protocols, i.e., an ETH (ethernet), an IPV4 (Internet Protocol Version 4 ) and a TCP (Transmission Control Protocol), and a PAYLOAD part is a load. The load part does not need to output, and only needs to output the ETH, IPV4 and TCP three-layer protocol part. The protocol in the header may include at least one of: IPV4, IPV6 (Internet Protocol Version 6 ), TCP, UDP (User Datagram Protocol), SCTP (Stream Control Transmission Protocol), multilayer VLAN (Virtual Local Area Network), MPLS (Multi-Protocol Label Switching), and the like. The protocol header type may be determined by a protocol. For example, IP type. The protocol header type may also be determined by a combination of at least two protocols. For example of the IPV4-TCP type.

And step S120, carrying out mirror image processing on the original network message to obtain a mirror image network message.

The mirror image network message obtained after the mirror image processing may have the same message header as the original network message. Under the condition that the programmable exchange chip does not support to directly cut off the original network message, the original network message is subjected to mirror image processing through the mirror image function of the programmable exchange chip, and the mirror image network message obtained after mirror image processing can support the selection of an output port and the length of an output message.

In addition, the message header output to the original network message is essentially to perform truncation operation on the network message. However, for the switching chip, in consideration of performance, when the original network packet has not completely entered the convergence and shunt device, the decoding process is already started, and the subsequent table lookup logic is already expanded along with the completion of decoding, in this case, difficulty is caused to the realization of the truncation function of the original network packet. Therefore, the original network message can be decoded when entering the convergence and shunt device, when the analyzed target message information meets the preset condition, the original network message can be subjected to mirror image processing after the original network message completely enters the convergence and shunt device, so that the message header output processing is performed based on the obtained mirror image network message, and the message header can be output on the convergence and shunt device under the condition of ensuring the normal operation of the convergence and shunt device.

Step S130, searching a target mirror image conversation mark corresponding to the protocol header type and the instruction mark of the message header output instruction in the mark mapping table.

The message header output command may be triggered when receiving configuration information input by a user and detecting that the user opens a message header output function, and is used to indicate an action related to outputting a message header that needs to be performed. For example, the packet header output instruction may be used to indicate a parsing manner of configuration information in the packet header output instruction, so as to transmit parsed instruction information to the data plane, and write the parsed instruction information into a corresponding table entry of a corresponding table in the data plane. The configuration information may include output port information, filtering rule information, and the like. In addition, the packet header output instruction may also be used to indicate an output manner of the packet header (for example, output through a load balancing group, a replication group, and/or a port) and/or a modification manner of the mirror Network packet (for example, delete a VLAN (Virtual Local Area Network) identifier or delete a tunnel encapsulation, etc.). The instruction identification of the message header output instruction is used for uniquely identifying the message header output instruction. For example, when the user opens the message header output function in the Action of the Action, the instruction identifier may be an Action identifier of the Action.

The table entries in the identifier mapping table and the length mapping table are obtained based on configuration information in a message header output instruction acquired by a control plane. The system of the converging-diverging device comprises at least a control plane and a data plane. The control plane can be used for acquiring and analyzing configuration information in the message header output instruction, obtaining instruction information and transmitting the instruction information to the data plane. The data plane may be used to initialize an identification mapping table based on the received instruction information. The instruction information may include output port information, an instruction identifier of a packet header output instruction, a preset protocol header type, a packet header length corresponding to the protocol header type, and/or packet information in the filtering rule information. And the identification mapping table is used for storing the protocol header type of each mirror session, the instruction identification of the message header output instruction and the mirror session identification of the mirror session in a related manner.

Specifically, the identifier mapping table is traversed, and a corresponding target mirror session identifier in the identifier mapping table is searched based on the protocol header type of the original network packet and the instruction identifier of the packet header output instruction.

Step S140, determining the target output port information and the target packet header length corresponding to the target mirror session identifier in the length mapping table.

Specifically, the length mapping table is traversed, a target mirror session identifier in the length mapping table is searched, and target output port information and a target packet header length corresponding to the target mirror session identifier are determined.

The target output port information may be port information of a target port and/or a target port group to be output. For example, the target output port information may include a port type and identification information corresponding to each port type. The port types may include ports, load balancing groups, replication groups, and/or other types of ports or port groups.

The target header length may be a header length corresponding to a protocol header type of the original network packet. The length of the message header can be stored in preset association with the corresponding protocol header type. For example, when initializing the length mapping table, all protocol header types that are preset and supported may be enumerated, and a packet header length corresponding to each protocol header type may be obtained.

The data plane may further initialize a length mapping table based on the received instruction information, where the length mapping table stores a mirror session identifier of the mirror session, output port information in the mirror session, and a packet header length corresponding to a protocol header type in the mirror session in association with the mirror session identifier.

The mirror session identifier is identification information of the mirror session, and may be used to associate the identifier mapping table and the length mapping table. The mirror session may be established based on the output port information and the protocol header type, and may be used to associate the output port information, the protocol header type, and a packet header length corresponding to the protocol header type. For example, for each mirror image session, initializing an identifier mapping table based on a protocol header type in the mirror image session, an instruction identifier of a message header output instruction, and a mirror image session identifier of the mirror image session; initializing a length mapping table based on a mirror image session identification of a mirror image session, output port information in the mirror image session and a message header length corresponding to a protocol header type in the mirror image session.

According to the embodiment, the incidence relation between the identification mapping table and the length mapping table is established through the mirror image session identification, so that the target output port information and the target message header length corresponding to the original network message are quickly determined based on the protocol header type and the instruction identification, and the message header output efficiency is improved.

It should be noted that the steps S120 to S140 are not limited to the above execution sequence. For example, steps S130-S140 may be performed first, and then step S120 may be performed. Alternatively, step S120 may also be performed in parallel with steps S130-S140.

And S150, from the initial position of the mirror image network message, intercepting data of the length of the target message header in the mirror image network message as a mirror image message header, and outputting the mirror image message header to a target port and/or a target port group corresponding to the information of the target output port.

Specifically, after obtaining the mirror image network message and determining the target output port information and the target message header length, the data of the mirror image network message is cut off from the initial position of the mirror image network message according to the target message header length to obtain a mirror image message header, and the mirror image message header is output to a target port and/or a target port group corresponding to the target output port information.

Illustratively, as shown in fig. 2, an original network packet is received from the network, and the protocol header type of the original network packet is parsed out to be IPV4-TCP type. And carrying out mirror image processing on the original network message to obtain a corresponding mirror image network message. And determining that the corresponding target output port information is port1 and the target message header length is 55 in the identifier mapping table and the length mapping table, and intercepting 55 bytes of data from the initial position of the mirror image network message, namely the initial position of the ETH protocol, to obtain a mirror image message header containing three-layer protocols of ETH, IPV4 and TCP. And outputting the mirror image message header to a target port corresponding to port 1.

The embodiment of the invention rapidly determines the corresponding target output port information and the target message header length based on the identification mapping table and the length mapping table by mirroring the original network message, and cuts off and outputs the message header of the mirrored network message based on the target message length, thereby solving the problem that the message header cannot be directly output through the convergence and shunt equipment in the prior art, realizing the output of the message header under the condition of ensuring the normal operation of the convergence and shunt equipment, and reducing the performance pressure of the back-end equipment.

Example two

Fig. 3 is a flowchart of another method for processing a packet header of a network packet according to a second embodiment of the present invention, where the second embodiment is optimized based on the foregoing embodiment, and as shown in fig. 3, the method includes:

step S201, when detecting the message header output instruction, acquiring output port information, instruction identifier, preset protocol header type, and message header length corresponding to the protocol header type in the message header output instruction.

The system of the converging-diverging device comprises at least a control plane and a data plane. A user may input and output port information and/or configuration information such as filtering rule information through a Command Line on a Command Line Interface (CLI), and may also start a packet header output function through the Command Line. Then, the convergence and diversion device can call an interface of the control plane, acquire and analyze the configuration information through the control plane to obtain instruction information, and issue the instruction information to various tables of the data plane. The programmable switching chip realizes the function corresponding to the data plane when executing the message header processing method of the network message provided by the embodiment of the invention.

Illustratively, when detecting a packet header output instruction, the control plane obtains an instruction identifier of the packet header output instruction and output port information input by a user, and enumerates a preset supported protocol header type and a packet header length corresponding to the protocol header type.

Step S202, establishing a mirror session based on each output port information and each protocol header type, and generating a mirror session identifier of the mirror session.

For example, the control plane may enumerate all preset protocol header types, associate each output port information with each protocol header type, establish a mirror session corresponding to each association relationship, and generate a mirror session identifier of the mirror session. Wherein the mirror session may be used to associate the output port information with the protocol header type.

Optionally, before establishing the mirroring session based on each output port information and each protocol header type, the method may further include:

analyzing the output port information to obtain port types and identification information corresponding to each port type;

if the port type is a load balancing group, establishing a link aggregation group to establish a mirror image session based on the first identification information of each link aggregation group and each protocol header type;

if the port type is a replication group, establishing a multicast group to establish a mirror image session based on the second identification information of each multicast group and each preset protocol header type;

and if the port type is the port, establishing a mirror image session based on the third identification information of the port and each preset protocol header type.

Among other things, a Link Aggregation Group (LAG) may be used to provide a load balancing output function. When the port type is a load balancing group, it is described that a mirror image message header needs to be output to each port in the load balancing group, a link aggregation group can be established, a mirror image session is established between the first identification information lag of each link aggregation group and each protocol header type, after the mirror image message header is intercepted, the corresponding link aggregation group is determined through the first identification information, and then the mirror image message header is output through the link aggregation group, so that the mirror image message header is output to the load balancing group.

The multicast group may be used to provide a duplicate output function. When the port type is a replication group, it indicates that a mirror image message header needs to be output to each port in the replication group, a multicast group can be established, and a mirror image session is established between the second identification information mug of each multicast group and each protocol header type, so that after the mirror image message header is intercepted, the corresponding multicast group is determined through the second identification information, and then the mirror image message header is output through the multicast group, thereby realizing that the mirror image message header is output to the replication group.

When the port type is a port, it indicates that a mirror image header needs to be output to a single port, a mirror image session can be directly established between the third identification information port of each port and each protocol header type, so that after the mirror image header is intercepted, the corresponding port is determined through the third identification information, and then the mirror image header is directly output through the port, thereby realizing the purpose of outputting the mirror image header to the port.

In the embodiment, the port types and the identification information corresponding to the port types are obtained by analyzing the output port information, and different mirror image sessions are established according to different port types, so that the output port types of subsequent mirror image message headers are enriched, and the flexibility and the usability of message header output are improved.

Further, if the replication group includes a load balancing group, after the multicast group is established, the method may further include:

and establishing a link aggregation group and mounting the link aggregation group on the nodes of the multicast group.

Specifically, if the analyzed port type is a replication group and the replication group includes a load balancing group, after the multicast group is established, a link aggregation group is established, and the link aggregation group is mounted on a node of the multicast group, so that when the mirror packet header is output to the multicast group, the mirror packet header is further output to the link aggregation group through the multicast group.

In this embodiment, the link aggregation group is mounted on the node of the multicast group, so that the header output processing of the complex port group is realized, and the flexibility and the availability of the header output are further improved.

Step S203, the protocol header type, the instruction identifier and the mirror session identifier are associated and written into the table entry of the identifier mapping table.

Illustratively, for each preset supported protocol header type, the control plane writes the protocol header type, the instruction identifier, and the mirror session identifier corresponding to the protocol header type into an entry of an identifier mapping table of the data plane in an associated manner. The identification mapping table of the data plane may be a user-defined programming table.

For example, table 1 is an identification mapping table provided in the second embodiment of the present invention. Wherein, key1 represents protocol header type, key2 represents instruction identifier of message header output instruction, action _ data represents mirror image session identifier, and Entry represents table Entry serial number. As shown in table 1, if the IPV4-TCP packet is an IPV 1-TCP packet and an Action1 is bound, the corresponding mirror session identifier is 1. And if the IPV4-TCP message is bound with the Action 2, the corresponding mirror image session identifier is 4.

TABLE 1

Entry	Key1	Key2	Action_data
				1	IPV4->TCP	Action 1	1
2	TPV4->UDP	Action 1	2
				3	IPV4->SCTP	Action 1	3
…	...	...	...
				10	IPV4->TCP	Action 2	4
11	TPV4->UDP	Action 2	5
				12	IPV4->SCTP	Action 2	6
...	...	...	...

Step S204, the mirror image conversation mark, the output port information and the message header length corresponding to the protocol header type of each mirror image conversation are associated and written into the table entry of the length mapping table.

Illustratively, for each mirror session, the control plane writes the mirror session identifier of the mirror session, the output port information in the mirror session, and the packet header length corresponding to the protocol header type in the mirror session into the table entry of the length mapping table of the data plane in an associated manner. The length mapping table of the data plane may be an inherent table in the programmable chip. For example, on the data plane, the tof family programmable switch chip provides an image type, abstracts an API (Application Programming Interface) associated with the image type into an operation on a table, where a Key value of the table is a digital serial number, for example, a mirror session identifier may be written into the table, the mirror session identifier is stored in the form of a digital serial number, and a data field includes a plurality of fields, for example, output port information and a header length of a packet may be included. In the message header output function, this embodiment focuses on information such as an output port, an output multicast group, an output link aggregation group, and an output message length. For example, a plurality of rule tables may be configured, and the filtered original network packet is output from port1 and port 2, respectively, and if the packet header output function is simultaneously turned on, all combinations of the packet header length and the port number need to be traversed in the length mapping table. Table 2 is a length mapping table provided in the second embodiment of the present invention.

TABLE 2

Entry	Key1	Action_data1	Action_data2
				1	1(IPV4->TCP)	port 1	55
2	2(TPV4->UDP)	port 1	43
				3	3(IPV4->SCTP)	port 1	47
…	...	...	…
				10	10(IPV4->TCP)	port 2	55
11	11(TPV4->UDP)	port 2	43
				12	12(IPV4->SCTP)	port 2	47
...	...	...	...

Key1 represents mirror image session identification, action _ data1 represents a port number, action _ data2 represents a message header length, and Entry represents a table Entry sequence number. As shown in table 2, in the example in the synchronization step S203, the two mirror sessions 1 and 4 direct the intercepted packet head to different ports, and the lengths of the intercepted packets are both 55 bytes. If the port type of the output port information is a load balancing group when the mirror session is established, then the Action _ data1 in table 2 may be the first identification information lag of the link aggregation group. If the port type is a replication group, action _ data1 in table 2 may be the second identification information mug of the multicast group.

It should be noted that IPV4 in table 2 does not consider the option field, and TCP does not consider the extension header. The length of the header in Action _ data2 may or may not include the length of the mirror extension header, and may specifically be determined according to whether the mirror extension header is added after the mirror processing.

The embodiment establishes a mirror session through each output port information and each protocol header type, generates a mirror session identifier of the mirror session, initializes an identifier mapping table based on the protocol header type, the instruction identifier and the mirror session identifier, initializes a length mapping table based on a message header length corresponding to the mirror session identifier, the output port information and the protocol header type of each mirror session, and realizes configuration of the identifier mapping table and the length mapping table. In the embodiment, the incidence relation between the output port information and the protocol header type is established by using the mirror image session, and the identifier mapping table and the length mapping table are associated based on the mirror image session identifier, so that the subsequent table lookup efficiency is improved. Meanwhile, the length mapping table can be an inherent table in the programmable chip, and the effect of outputting the message header by using the length mapping table in the programmable chip is realized by self-defining the identification mapping table and establishing the incidence relation between the length mapping table and the length mapping table.

And S205, receiving the original network message, and analyzing the protocol header type and the target message information of the original network message.

The target packet information may include packet information of the original network packet, such as quintuple information, protocol information, packet version information, and/or packet entity information. The protocol information may include identification information of the protocol in the original network message, etc.

Specifically, an original network message in a network is received, and the original network message is analyzed to obtain a protocol header type and target message information of the original network message.

Step S206, searching whether the rule table corresponding to the target message information has the target message information, if yes, executing step S207, otherwise, returning to execute step S205.

Wherein, the items in the rule table are obtained by the control plane based on the obtained filtering rule information configuration. The data plane has at least one rule table in addition to an identification mapping table and a length mapping table. For example, the rule tables may include exact match tables and/or derivative match tables, and the like. The exact match table may be filtered based on the exact information such as quintuple information, protocol information, message version information, or message keywords. The derivative matching table may be filtered based on the derivative information of the original network packet.

Specifically, whether the target message information exists in a rule table corresponding to the target message information is searched, if yes, it is indicated that the original network message to which the target message information belongs is a network message to be subjected to mirroring, that is, a network message of a message header needs to be output, and step S207 is continuously executed; if not, it indicates that the original network packet to which the target packet information belongs is not the network packet to be processed, filters the network packet, and returns to execute step S205.

The network message of which the target message information is not in the rule table can be directly filtered without processing, and normal packet receiving and sending operations can also be performed in the aggregation and distribution equipment.

According to the method and the device, the target message information of the original network message is analyzed, and filtering is performed based on the corresponding rule table, so that the original network message of which the message header needs to be output is quickly screened out, the message header can be output according to the configuration of a user, and the method and the device are more targeted. Meanwhile, the network messages without message headers are filtered, and then the network messages with the message headers are subjected to mirror image processing, so that the processing load of the convergence and shunt device is reduced, and the system power consumption of the convergence and shunt device is reduced.

Optionally, before searching whether the rule table corresponding to the target packet information has the target packet information, the method may further include:

acquiring message information in the filtering rule information;

and writing the message information into a corresponding rule table so as to determine the original network message to be subjected to mirror image processing based on the rule table.

The message information may be information for initializing a corresponding rule table in the filtering rule information, or may be the filtering rule information itself.

Illustratively, the control plane obtains message information in the filtering rule information, and writes the message information into a corresponding rule table in the data plane. And after receiving the original network message, the data plane analyzes the original network message to obtain target message information. If the target message information has a corresponding rule table, the data plane searches whether the target message information exists in the corresponding rule table, if so, the original network message is subjected to mirror image processing, and if not, the original network message is filtered.

The embodiment initializes the rule table based on the message information in the filtering rule information, is simple to operate, and improves the efficiency of screening the network messages.

Optionally, the number of the target packet information is at least two, and accordingly, searching whether the rule table corresponding to the target packet information has the target packet information may include:

acquiring at least two rule tables corresponding to at least two pieces of target message information and priorities respectively corresponding to the at least two rule tables;

and searching whether corresponding target message information exists in the rule table according to the sequence of the priority from high to low.

The priority of the rule table can be preset or custom-configured by a user in a command line.

Illustratively, the target packet information includes quintuple information and a MAC address, which respectively correspond to the quintuple information rule table and the MAC address rule table. Wherein, the priority of the quintuple information rule table is higher than that of the MAC address rule table. Firstly, searching whether the quintuple information exists in a quintuple information rule table, if so, directly performing mirror image processing on the original network message, and if not, continuously searching whether the MAC address exists in an MAC address rule table. If the target message information exists, the original network message corresponding to the target message information can be directly subjected to mirror image processing, and if the target message information does not exist, the original network message corresponding to the target message information can be filtered.

The method and the device determine the searching sequence based on the priority of the rule table, optimize the table searching logic and improve the accuracy of screening the network messages.

And step S207, carrying out mirror image processing on the original network message to obtain a mirror image network message.

Exemplarily, if the rule table corresponding to the target message information has the target message information, that is, the hit rule, the mirror function in the entry flow of the data plane may be opened, and the mirror processing may be performed on the original network message to obtain the mirror network message.

Step S208, a target mirror image conversation mark corresponding to the protocol header type and the instruction mark of the message header output instruction is searched in the mark mapping table.

Illustratively, based on the validity of the protocol header (i.e. the type of the protocol header), and the instruction identifier of the message header output instruction, the corresponding target mirror session identifier is looked up in the identifier mapping table.

Optionally, after searching the target mirror session identifier corresponding to the protocol header type and the instruction identifier of the packet header output instruction in the identifier mapping table, the method may further include:

in the inlet flow, if the protocol header output function is started and a target mirror image session identifier is found, adding a mirror image extension header before a mirror image network message so as to identify the mirror image network message according to the mirror image extension header in the outlet flow; the mirror image extension header at least comprises a target mirror image session identifier;

if the protocol head output function is not started, adding a bridge extension head before the original network message.

Illustratively, the ingress flow may include at least a first decode (Parser) stage and a first group of packets (decaparser) stage. In the first decoding phase, the data plane parses the original network packet. If the protocol header output function is started and the target Mirror image session identification is found, in the first packet grouping stage, the data plane adds a Mirror image (Mirror) extension header before the Mirror image network message, and transmits the reference Mirror image network message added with the Mirror image extension header to the outlet process. If the protocol header output function is not started, in the first group of packet stage, the data plane adds a Bridge (Bridge) extension header before the original network message, and transmits the reference original network message after adding the Bridge extension header to the egress flow. The egress flow may include at least a second decoding stage and a second packet stage. In the second decoding stage, if the mirror image extension header is analyzed, the data plane may determine that the corresponding network packet is a reference mirror image network packet. If the bridge extension header is analyzed, the data plane can determine that the corresponding network message is a reference original network message.

In the embodiment, the mirror image extension header is added before the mirror image network message to distinguish the original network message, so that the mirror image network message can be conveniently and rapidly identified in the follow-up process, and the output efficiency of the message header is improved. Meanwhile, based on hardware limitation, data sharing cannot be realized between the inlet flow and the outlet flow, that is, the custom variable can only be used in the inlet flow but cannot be used in the outlet flow. For the problem, in this embodiment, the target mirror image session identifier obtained by searching is added to the mirror image extension header, so that the target mirror image session identifier is transmitted to the egress process for processing by referring to the mirror image network packet, thereby solving the problem of transmission between the reentry process and the egress process of the target mirror image session identifier.

Further, after adding the mirror extension header before mirroring the network packet, the method may further include:

in the exit flow, analyzing the network message in the exit flow, and judging whether a mirror image expansion head exists in the network message according to the analysis result;

if yes, determining that the network message is a reference mirror network message, acquiring a target mirror session identifier in a mirror extension header of the reference mirror network message, and continuing to execute step S209.

Exemplarily, in a second decoding stage of the egress process, the data plane parses the network packet in the egress process, and determines whether a mirror extension header exists in the network packet according to a parsing result. If yes, the network packet is determined to be a reference mirror network packet, and step S209 is continuously executed. If not, determining the network message as a reference original network message, and performing other corresponding operations on the reference original network message.

Correspondingly, the step S210, starting from the initial position of the mirror network packet, intercepting data of the target packet header length in the mirror network packet as the mirror packet header, which may include:

and intercepting data of the length of the target message header in the reference mirror image network message from the initial position of the reference mirror image extension header, and deleting the mirror image extension header from the intercepted data to obtain the mirror image message header. The length of the target message header comprises the length of a mirror image message header and the length of a mirror image extension header.

Illustratively, if a mirror extension header is added before mirroring the network packet, and the packet header length in the length mapping table further includes the length of the mirror extension header. For example, the mirror extension header may be one byte in length. The determined target header length in this case comprises the mirror header length of the mirror network packet and the length of the mirror extension header. And in the second group of packet stages of the outlet process, the data plane intercepts the data of the length of the target message header in the reference mirror image network message from the initial position of the reference mirror image extension header, and intercepts the mirror image extension header to obtain the mirror image message header.

Illustratively, if the mirror extension header is added before the mirror network packet, and the packet header length in the length mapping table does not include the length of the mirror extension header. The determined target header length in this case comprises only the mirror header length of the mirror network packet. And intercepting data of the length of the target message header in the reference mirror image network message as a mirror image message header from the end position of the mirror image extension header.

In the embodiment, the network message after the mirror image processing is identified based on the mirror image extension header in the outlet process, and the mirror image extension header is intercepted, so that the output mirror image message header only comprises the mirror image message header, and the accuracy of message header output is improved.

Step S209, determining the target output port information and the target message header length corresponding to the target mirror image session identification in the length mapping table.

Step S210, starting from the initial position of the mirror image network packet, intercepting data of the length of the target packet header in the mirror image network packet as a mirror image packet header, and outputting the mirror image packet header to a target port and/or a target port group corresponding to the target output port information.

Optionally, outputting the mirror packet header to a target port and/or a target port group corresponding to the target output port information may include:

if the target output port information is first identification information of the target link aggregation group, outputting a mirror network message of the target message header length to the target link aggregation group corresponding to the first identification information, so as to output the mirror network message of the target message header length through the target link aggregation group;

if the target output port information is the second identification information of the target multicast group, outputting a mirror image network message of the target message header length to the target multicast group corresponding to the second identification information so as to output the mirror image network message of the target message header length through the target multicast group;

and if the target output port information is the third identification information of the target port, outputting the mirror image network message with the target message header length to the target port corresponding to the third identification information, so as to output the mirror image network message with the target message header length through the target port.

In this embodiment, according to the type of the identification information of the target output port information, the corresponding target link aggregation group, target multicast group, and/or target port is determined, and the mirror network packet with the length of the target packet header is output to the corresponding target link aggregation group, target multicast group, and/or target port, so that the output of multiple types of ports of the convergence and offloading device is realized, and the flexibility and the availability of packet header output are improved.

The embodiment of the invention obtains the port types and the identification information corresponding to each port type by analyzing the output port information, establishes different mirror image sessions according to different port types, establishes the association relationship between the output port information and the protocol header type by using the mirror image sessions, and associates the identification mapping table and the length mapping table based on the mirror image session identification, thereby improving the subsequent table look-up efficiency. The embodiment of the invention analyzes the target message information of the original network message and filters the message based on the corresponding rule table, so that the output pertinence of the message header is stronger, the processing load of the convergence and shunt equipment is reduced, and the system power consumption of the convergence and shunt equipment is reduced. The embodiment of the invention realizes the output function of the message header in the convergence and diversion equipment by performing mirror image processing on the original network message, quickly determining the corresponding target output port information and the target message header length based on the identification mapping table and the length mapping table, and performing cutoff output on the mirror image network message, can complete the filtering of the network message and the output of the message header based on the rule table under the condition of port linear speed, and reduces the bandwidth and performance pressure of back-end equipment.

EXAMPLE III

On the basis of the foregoing embodiments, the present embodiment provides a specific implementation manner of working of a control plane and a data plane in a system of a convergence and offloading device.

Fig. 4 is a flowchart of a method for processing a header on a control plane according to a third embodiment of the present invention. As shown in fig. 4, the user can input the filtering rule information and the output port information through the command line, and open the header output function through the command line. The filtering rule information may include quintuple filtering rule information and the like. When the control plane detects the message header output instruction, the command line is analyzed to obtain quintuple filtering rule information and output port information. And issuing the quintuple filtering rule information to the data plane, and writing the quintuple filtering rule information into a quintuple information rule table of the data plane. And the control plane judges whether to output the load balancing group in the replication group or not according to the output port information, if so, establishes a link aggregation group and mounts the link aggregation group on a node of the multicast group. Otherwise, enumerating all supported protocol header types and corresponding message header lengths. A plurality of mirror sessions are created using a combination of the output port information and the protocol header type, and corresponding mirror session identifications are generated. Creating the list item of the protocol head type, the instruction identification of the message head output instruction and the mirror image conversation identification, and writing the list item association into the identification mapping table of the data plane. And for each mirror image session, creating a table entry of the message header length corresponding to the mirror image session identifier, the output port information and the protocol header type, and writing the table entry into a length mapping table of a data plane in a correlated manner. And finishing the configuration and successfully issuing.

Fig. 5 is a flowchart of a method for processing a header on a data plane according to a third embodiment of the present invention. As shown in fig. 5, the data plane receives an original network packet from the network, and parses the original network packet through a Parser stage of an Ingress flow, for example, parsing out a protocol header type and quintuple information. And searching a quintuple information rule table by utilizing the quintuple information, and if the rule is hit, opening a mirror function in the Ingress flow. And the data plane judges whether a message header output instruction exists or not, if not, other action processing flows are carried out on the filtered original network message, and a Bridge expansion header is added before the original network message in the stage of the delay of the Ingress flow. If yes, mirror image processing is carried out on the filtered original network message, and the original network message is discarded. Wherein MIRROR _ type = ING _ MIRROR represents the MIRROR processing. And searching the identification mapping table according to the type of the protocol header and the instruction identification of the message header output instruction to obtain a corresponding target mirror image session identification. In a Deparser stage of an Ingress flow, adding a Mirror extension header before a Mirror network message, wherein the Mirror extension header at least comprises a target Mirror session identifier. The Mirror network message added with the Mirror extension header and the original network message added with the Bridge extension header are both transmitted to an Egress flow. Analyzing the network message at the Egress process in the stage of the segment of the Egress process, if a Mirror extension head exists, determining corresponding target output port information and the length of the target message head according to a length mapping table, and in the stage of the decorser of the Egress process, removing the Mirror extension head, intercepting the Mirror message head, and packaging and sending a packet. If there is no Mirror extension header, the processing flow of other Egress flows is performed, for example, table lookup is normally performed in MAU (table lookup unit), and finally, the packet is packed and sent in the Deparser phase of the Egress flow.

By enumerating the message header lengths of the supported protocols in advance, when a user issues configuration to output the message header to a certain port, the embodiment of the invention can establish a plurality of mirror image sessions with the same output port and various message header lengths on a control plane, and initialize an identification mapping table and a length mapping table. And then determining a mirror image forwarding mode of the original network message through table lookup. When a user issues configuration to output a mirror image message header to a load balancing group in a replication group, a multicast group can be established in advance through a control plane, a link aggregation group is mounted on the multicast group, then a plurality of mirror image sessions of the same multicast group with a plurality of message header lengths are issued, and the mirror image forwarding mode of an original network message is still determined through table lookup. The problem that the functions of a non-programmable switching chip in the prior art are solidified when leaving a factory, so that the adaptability to a new protocol and the resource utilization are naturally disadvantaged, and the message header output function cannot be realized is solved, functions of flow aggregation and distribution, ACL filtration, tunnel message processing and the like of aggregation and distribution equipment are ensured, the linear speed processing and forwarding of all ports can be realized under the average message length of the existing network, and the message header output on the aggregation and distribution equipment is also realized, namely, the linear speed processing of the ports can be realized, and the performance pressure of back-end equipment can be greatly reduced.

Example four

Fig. 6 is a schematic structural diagram of a packet header processing apparatus of a network packet according to a fourth embodiment of the present invention. The device can be realized by software and/or hardware, can be generally integrated in the converging-diverging device with the programmable switching chip, and can realize the output of the message header on the converging-diverging device by executing the message header processing method of the network message. As shown in fig. 6, the apparatus includes:

the message receiving module 310 is configured to receive an original network message and analyze a protocol header type of the original network message;

the message mirroring module 320 is configured to perform mirroring processing on the original network message to obtain a mirrored network message;

the identifier searching module 330 is configured to search, in an identifier mapping table, a target mirror session identifier corresponding to the protocol header type and the instruction identifier of the packet header output instruction;

a length determining module 340, configured to determine, in a length mapping table, target output port information and a target packet header length corresponding to the target mirror session identifier; wherein, the table entries in the identifier mapping table and the length mapping table are obtained based on the configuration information in the message header output instruction obtained by the control plane;

a message header output module 350, configured to intercept, from an initial position of the mirror network message, data of the target message header length in the mirror network message as a mirror message header, and output the mirror message header to a target port and/or a target port group corresponding to the target output port information.

Optionally, the apparatus further comprises:

the message information analysis module is used for analyzing the target message information of the original network message before the mirror image processing is carried out on the original network message to obtain a mirror image network message;

the rule table searching module is used for searching whether the target message information exists in a rule table corresponding to the target message information or not; wherein, the table items in the rule table are obtained by the configuration of the control plane based on the acquired filtering rule information; and if so, executing mirror image processing on the original network message to obtain a mirror image network message.

Optionally, the number of the target packet information is at least two, and the rule table lookup module is specifically configured to:

acquiring at least two rule tables corresponding to at least two pieces of target message information and priorities corresponding to the at least two rule tables respectively;

and searching whether the corresponding target message information exists in the rule table according to the sequence of the priority from high to low.

Optionally, the apparatus further comprises:

the message information acquisition module is used for acquiring the message information in the filtering rule information before searching whether the target message information exists in a rule table corresponding to the target message information;

and the rule table writing module is used for writing the message information into a corresponding rule table so as to determine the original network message to be subjected to mirroring processing based on the rule table.

Optionally, the apparatus further comprises:

a mirror image extension head adding module, configured to, after searching for a target mirror image session identifier corresponding to the protocol header type and the instruction identifier of the packet header output instruction in an identifier mapping table, in an ingress flow, add a mirror image extension head before the mirror image network packet if a protocol header output function is turned on and the target mirror image session identifier is found, so as to identify the mirror image network packet according to the mirror image extension head in an egress flow; wherein, the mirror image extension header at least comprises the target mirror image session identifier;

and the bridge extension header adding module is used for adding a bridge extension header before the original network message if the protocol header output function is not started.

Optionally, the apparatus further comprises:

the mirror image extension head judging module is used for analyzing the network message in the outlet flow after adding the mirror image extension head before the mirror image network message, and judging whether the mirror image extension head exists in the network message according to the analysis result;

an identifier obtaining module, configured to determine that the network packet is a reference mirror network packet if the network packet exists, obtain a target mirror session identifier in a mirror extension header of the reference mirror network packet, and perform a step of determining, in a length mapping table, target output port information and a target packet header length corresponding to the target mirror session identifier;

accordingly, the message header output module 350 is specifically configured to:

intercepting data of the length of the target message header in the reference mirror image network message from the initial position of the reference mirror image extension header, and deleting the mirror image extension header from the intercepted data to obtain a mirror image message header; wherein the target message header length includes the length of the mirror image message header and the length of the mirror image extension header.

Optionally, the packet header output module 350 is specifically configured to:

if the target output port information is first identification information of a target link aggregation group, outputting a mirror image network message of the target message header length to the target link aggregation group corresponding to the first identification information, so as to output the mirror image network message of the target message header length through the target link aggregation group;

if the target output port information is second identification information of a target multicast group, outputting a mirror image network message of the target message header length to the target multicast group corresponding to the second identification information, so as to output the mirror image network message of the target message header length through the target multicast group;

if the target output port information is third identification information of a target port, outputting the mirror image network message of the target message header length to the target port corresponding to the third identification information, so as to output the mirror image network message of the target message header length through the target port.

Optionally, the apparatus further comprises:

an information obtaining module, configured to obtain, before searching for a target mirror session identifier corresponding to the protocol header type and an instruction identifier of a packet header output instruction in an identifier mapping table, when the packet header output instruction is detected, output port information, the instruction identifier, a preset protocol header type, and a packet header length corresponding to the protocol header type in the packet header output instruction;

a session establishing module, configured to establish a mirror session based on each piece of output port information and each piece of protocol header type, and generate a mirror session identifier of the mirror session;

an identifier mapping table writing module, configured to write the protocol header type, the instruction identifier, and the mirror session identifier association into an entry of an identifier mapping table;

a length mapping table writing module, configured to write the mirror session identifier, the output port information, and a packet header length association corresponding to the protocol header type of each mirror session into a table entry of a length mapping table.

Optionally, the apparatus further comprises:

the port analysis module is used for analyzing the output port information to obtain port types and identification information corresponding to the port types before mirror image session is established based on each output port information and each protocol header type;

a first mirror image session establishing module, configured to establish a link aggregation group if the port type is a load balancing group, so as to establish a mirror image session based on first identification information of each link aggregation group and each protocol header type;

a second mirror image session establishing module, configured to establish a multicast group if the port type is a replication group, so as to establish a mirror image session based on the second identification information of each multicast group and each preset protocol header type;

and the third mirror image session establishing module is used for establishing a mirror image session based on the third identification information of the port and each preset protocol header type if the port type is the port.

Optionally, if the duplication group includes a load balancing group, the second mirror session establishing module is specifically further configured to:

The message header processing device of the network message provided by the embodiment of the invention can execute the message header processing method of the network message provided by any embodiment of the invention, and has the corresponding functional module and the beneficial effect of the execution method.

EXAMPLE five

Fig. 7 is a schematic structural diagram of an aggregation and offloading device according to a fifth embodiment of the present invention, as shown in fig. 7, the aggregation and offloading device includes a processor 400, a memory 410, an input device 420, an output device 430, and a programmable switching chip 440; the number of the processors 400 in the convergence and shunt device may be one or more, and one processor 400 is taken as an example in fig. 7; the number of the programmable switching chips 440 in the convergence and shunt device may be one or more, and one programmable switching chip 440 is taken as an example in fig. 7; the processor 400, the memory 410, the input device 420, the output device 430, and the programmable switching chip 440 in the convergence and shunt device may be connected by a bus or other means, and fig. 7 illustrates an example of connection by a bus.

The memory 410 is used as a computer-readable storage medium, and can be used to store software programs, computer-executable programs, and modules, such as program instructions and/or modules corresponding to the packet header processing method of the network packet in the embodiment of the present invention (for example, the packet receiving module 310, the packet mirroring module 320, the identifier searching module 330, the length determining module 340, and the packet header output module 350 in the packet header processing apparatus of the network packet). The processor 400 and the programmable switching chip 440 execute various functional applications and data processing of the convergence and offloading device by running software programs, instructions and modules stored in the memory 410, that is, implement the above-mentioned message header processing method for network messages.

The memory 410 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 410 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the memory 410 may further include a memory remotely located with respect to the processor 400 and a memory remotely located with respect to the programmable switching chip 440, which may be connected to the aggregate offload device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The input device 420 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function controls of the convergence shunting device. The output device 430 may include a display device such as a display screen.

EXAMPLE five

An embodiment of the present invention further provides a storage medium containing computer-executable instructions, where the computer-executable instructions are executed by a computer processor to perform a packet header processing method of a network packet, and the method is applied to a convergence and offloading device with a programmable switching chip, and the method includes:

carrying out mirror image processing on the original network message to obtain a mirror image network message;

and from the initial position of the mirror image network message, intercepting the data with the length of the target message header in the mirror image network message as a mirror image message header, and outputting the mirror image message header to a target port and/or a target port group corresponding to the target output port information.

Of course, the storage medium containing the computer-executable instructions provided in the embodiments of the present invention is not limited to the above-described method operations, and may also perform related operations in the packet header processing method of the network packet provided in any embodiment of the present invention.

From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, which can be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.

It should be noted that, in the embodiment of the apparatus for processing a packet header of a network packet, each unit and each module included in the apparatus are only divided according to functional logic, but are not limited to the above division, as long as the corresponding function can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.

It is to be noted that the foregoing description is only exemplary of the invention and that the principles of the technology may be employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims

1. A message header processing method of network message is applied to a convergence and shunt device with a programmable switching chip, and comprises the following steps:

receiving an original network message and analyzing the protocol header type of the original network message;

searching a target mirror image session identification corresponding to the protocol header type and the instruction identification of the message header output instruction in an identification mapping table; the message header output instruction is triggered when receiving configuration information input by a user and detecting that the user starts a message header output function, and is used for indicating actions which need to be executed and are related to outputting a message header;

determining target output port information and target message header length corresponding to the target mirror image session identification in a length mapping table; wherein, the table entries in the identifier mapping table and the length mapping table are obtained based on the configuration information in the message header output instruction acquired by the control plane;

2. The method of claim 1, further comprising, before mirroring the original network packet to obtain a mirrored network packet:

analyzing the target message information of the original network message;

searching whether the target message information exists in a rule table corresponding to the target message information; wherein, the table items in the rule table are obtained by the configuration of the control plane based on the acquired filtering rule information;

and if so, executing mirror image processing on the original network message to obtain a mirror image network message.

3. The method according to claim 2, wherein the number of the target packet information is at least two, and the searching whether the target packet information exists in a rule table corresponding to the target packet information comprises:

4. The method according to claim 2, wherein before searching whether the target packet information exists in a rule table corresponding to the target packet information, the method further comprises:

acquiring message information in filtering rule information;

5. The method of claim 1, after searching the identifier mapping table for the target mirror session identifier corresponding to the protocol header type and the instruction identifier of the packet header output instruction, further comprising:

in an inlet flow, if a protocol header output function is started and the target mirror image session identifier is found, adding a mirror image extension header before the mirror image network message so as to identify the mirror image network message according to the mirror image extension header in an outlet flow; wherein, the mirror image extension header at least comprises the target mirror image session identifier;

if the protocol head output function is not started, adding a bridge expansion head before the original network message.

6. The method of claim 5, after adding a mirror extension header before the mirror network packet, further comprising:

in an export flow, analyzing a network message in the export flow, and judging whether the mirror image expansion head exists in the network message according to an analysis result;

if the network message exists, determining that the network message is a reference mirror image network message, acquiring a target mirror image session identifier in a mirror image extension head of the reference mirror image network message, and executing the step of determining target output port information and target message head length corresponding to the target mirror image session identifier in a length mapping table;

correspondingly, the intercepting, from the initial position of the mirror network packet, data of the length of the target packet header in the mirror network packet as a mirror packet header includes:

intercepting data of the length of the target message header in the reference mirror image network message from the initial position of the mirror image extension header of the reference mirror image network message, and deleting the mirror image extension header from the intercepted data to obtain a mirror image message header; wherein the target message header length includes the length of the mirror image message header and the length of the mirror image extension header.

7. The method according to claim 1, wherein the outputting the mirror packet header to the destination port and/or the destination port group corresponding to the destination output port information comprises:

if the target output port information is third identification information of a target port, outputting a mirror image network message of the target message header length to the target port corresponding to the third identification information, so as to output the mirror image network message of the target message header length through the target port.

8. The method of claim 1, prior to looking up a target mirroring session id corresponding to the protocol header type and the instruction id of the packet header output instruction in an id mapping table, further comprising:

when a message header output instruction is detected, acquiring output port information, an instruction identifier, a preset protocol header type and a message header length corresponding to the protocol header type in the message header output instruction;

establishing a mirror image session based on each output port information and each protocol header type, and generating a mirror image session identifier of the mirror image session;

writing the protocol header type, the instruction identifier and the mirror image session identifier into a table entry of an identifier mapping table in an associated manner;

and writing the mirror image session identification, the output port information and the message header length association corresponding to the protocol header type of each mirror image session into a table entry of a length mapping table.

9. The method of claim 8, further comprising, prior to establishing a mirroring session based on each of the output port information and each of the protocol header types:

analyzing the output port information to obtain port types and identification information corresponding to the port types;

if the port type is a load balancing group, establishing a link aggregation group so as to establish a mirror image session based on the first identification information of each link aggregation group and each protocol header type;

and if the port type is a port, establishing a mirror image session based on the third identification information of the port and each preset protocol header type.

10. The method of claim 9, wherein if the replication group comprises a load balancing group, after establishing the multicast group, further comprising:

11. A message header processing device of a network message, wherein the message header processing device is configured in a convergence and offloading device with a programmable switching chip, comprising:

the identification searching module is used for searching a target mirror image session identification corresponding to the protocol header type and the instruction identification of the message header output instruction in an identification mapping table; the message header output instruction is triggered when receiving configuration information input by a user and detecting that the user starts a message header output function, and is used for indicating actions which need to be executed and are related to outputting a message header;

a length determining module, configured to determine, in a length mapping table, target output port information and a target packet header length corresponding to the target mirror session identifier; wherein, the table entries in the identifier mapping table and the length mapping table are obtained based on the configuration information in the message header output instruction obtained by the control plane;

and the message header output module is used for intercepting data of the length of the target message header in the mirror image network message from the initial position of the mirror image network message as a mirror image message header and outputting the mirror image message header to a target port and/or a target port group corresponding to the information of the target output port.

12. A convergence and shunt device, comprising:

one or more processors;

one or more programmable switching chips;

a memory for storing one or more programs,

when the one or more programs are executed by the one or more programmable switching chips, causing the one or more programmable switching chips to implement the message header processing method of a network message according to any one of claims 1-7;

and when executed by the one or more processors, cause the one or more processors to implement the method for header processing of a network packet according to any one of claims 8-10.

13. A storage medium containing computer-executable instructions, which when executed by a computer processor, perform a method of header processing of a network packet according to any of claims 1-10.