WO2014119602A1 - Control apparatus, switch, communication system, switch control method and program - Google Patents

Control apparatus, switch, communication system, switch control method and program Download PDF

Info

Publication number
WO2014119602A1
WO2014119602A1 PCT/JP2014/051913 JP2014051913W WO2014119602A1 WO 2014119602 A1 WO2014119602 A1 WO 2014119602A1 JP 2014051913 W JP2014051913 W JP 2014051913W WO 2014119602 A1 WO2014119602 A1 WO 2014119602A1
Authority
WO
WIPO (PCT)
Prior art keywords
control
switch
control channel
channel
information
Prior art date
Application number
PCT/JP2014/051913
Other languages
French (fr)
Japanese (ja)
Inventor
亮佑 河合
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Publication of WO2014119602A1 publication Critical patent/WO2014119602A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0659Management of faults, events, alarms or notifications using network fault recovery by isolating or reconfiguring faulty entities

Definitions

  • the present invention is based on a Japanese patent application: Japanese Patent Application No. 2013-015091 (filed on January 30, 2013), and the entire contents of the application are incorporated herein by reference.
  • the present invention relates to a control device, a switch, a communication system, a switch control method, and a program, and more particularly, to a control device, a communication system, a switch control method, and a program for centralized control of switches.
  • Patent Document 1 and Non-Patent Documents 1 and 2 propose a technique called OpenFlow that realizes the above-described centralized control type network.
  • OpenFlow captures communication as an end-to-end flow and performs path control, failure recovery, load balancing, and optimization on a per-flow basis.
  • the OpenFlow switch specified in Non-Patent Document 2 includes a secure channel for communication with the OpenFlow controller, and operates according to a flow table that is appropriately added or rewritten from the OpenFlow controller. For each flow, a set of match conditions (Match Fields), flow statistical information (Counters), and instructions (Instructions) that define processing contents are defined for each flow (non-patented). (Refer to “5.2 Flow Table” in Document 2).
  • the OpenFlow switch searches the flow table for an entry having a matching condition (see “5.3 Matching” in Non-Patent Document 2) that matches the header information of the received packet. If an entry that matches the received packet is found as a result of the search, the OpenFlow switch updates the flow statistical information (counter) and processes the processing (designated) in the instruction field of the entry for the received packet. Perform packet transmission, flooding, discard, etc. from the port. On the other hand, if no entry matching the received packet is found as a result of the search, the OpenFlow switch sends an entry setting request to the OpenFlow controller via the secure channel, that is, a control for processing the received packet. An information transmission request (Packet-In message) is transmitted. The OpenFlow switch receives a flow entry whose processing content is defined and updates the flow table. As described above, the OpenFlow switch performs packet transfer using the entry stored in the flow table as control information.
  • a matching condition see “5.3 Matching” in Non-Patent Document 2
  • the OpenFlow switch updates the flow statistical information (counter
  • a control channel for communication between the control device of the network on the central control side and the switch As a control channel for communication between the control device of the network on the central control side and the switch, a control channel is prepared, and a control channel is provided in the data network between the switches without providing a control network.
  • the in-band control method is a realistic method when the network becomes large, and it is considered that OpenFlow will spread in the future to be applied to large-scale networks and server virtualization environments.
  • the in-band control method has two major problems.
  • the first problem is that even if a failure or the like of a switch on the path constituting the control channel has occurred, even if the switch and the switch connected thereto become uncontrollable, the control device immediately It is a point that cannot be detected.
  • the second problem is that even if the control device can detect that the switch has become uncontrollable, for example, by confirming the existence of the switch, the control channel is not reconfigured unless the control channel is reconstructed by some means. It is a point that the control of the switch which used the system cannot be resumed.
  • Non-Patent Document 3 it is necessary to add a function for interpreting special frames to each switch, which may offset the advantage of the in-band control method that can be applied to a large-scale network.
  • An object of the present invention is to provide a control device, a switch, a communication system, a switch control method, and a program that can contribute to the improvement of fault tolerance and availability of a network that uses an in-band control method for a control channel.
  • a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information of a control channel configured using the data transfer channel between the switches
  • a channel management unit a switch control unit that controls the switch group via the control channel, and a control channel reconfiguration unit that changes a path of the control channel based on information obtained from the switch.
  • a control device is provided.
  • a switch that includes a routing table for transferring control packets to a control device and rewrites the routing table in response to an instruction to change the control channel from the control device.
  • a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information of a control channel configured using the data transfer channel between the switches
  • a channel management unit a switch control unit that controls the switch group via the control channel, and a control channel reconfiguration unit that changes a path of the control channel based on information obtained from the switch.
  • a communication system including a control device and a switch group for processing a received packet based on control information set by the control device via the control channel.
  • a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information on a control channel configured using the data transfer channel between the switches
  • a control device comprising a channel management unit and a switch control unit that controls the switch group via the control channel receives information indicating a state of a data transfer channel used as the control channel from the switch.
  • a method for controlling a switch including a step of obtaining, and a step of changing a route of the control channel based on information obtained from the switch. This method is linked to a specific machine, which is a control device that controls the switch group through a control channel configured using a data transfer channel between switches.
  • a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information on a control channel configured using the data transfer channel between the switches
  • a computer having a channel management unit and a switch control unit that controls the switch group via the control channel acquires information indicating the state of the data transfer channel used as the control channel from the switch.
  • This program can be recorded on a computer-readable (non-transient) storage medium. That is, the present invention can be embodied as a computer program product.
  • a topology storage unit 315 that stores connection relationships between switches 33-1 to 33-4 connected by a data transfer channel, and a control channel management unit 313
  • a control device 31A including a switch control unit 312 that controls the switch group via a control channel configured using a data transfer channel, and a control channel reconfiguration unit 314.
  • control channel management unit 313 manages information on the control channel configured using the data transfer channel between the switches 33-1 to 33-4. Then, the control channel reconfiguring unit 314 performs an operation of changing the route of the control channel based on information obtained from the switch.
  • the switch 33-4 of the switch 33-3 is connected.
  • the control channel reconfiguration unit 314 refers to the topology storage unit 315 and determines that an alternative route passing through the switches 33-1 33-2, and 33-4 can be configured, and is shown in FIG.
  • the route of the control channel of the switch 33-4 is changed.
  • the trigger for the control channel reconfiguring unit 314 to change the control channel path is not limited to the failure of the switch port on the control channel.
  • the path of the control channel can be changed in response to the occurrence of congestion in the data transfer channel that accommodates the control channel or the new connection of the host to the switch controlled by the control channel.
  • control channel can be flexibly changed, it becomes possible to improve the fault tolerance and availability of the centralized control network.
  • FIG. 4 is a diagram illustrating the configuration of the communication system according to the first embodiment of this invention.
  • a switch 33 hereinafter referred to as “switch 33” when the switches are not particularly distinguished
  • a control device 31 that controls the switch 33 are shown.
  • switch 33 only one switch 33 is shown, but a plurality of switches 33 may be connected to the control device 31.
  • the control device 31 can control not only these directly connected switches but also other switches connected in a stack via the switch 33.
  • the control device 31 includes a path calculation unit 311, a switch control unit 312, a control channel management unit 313, a topology storage unit 315, and a control channel information storage unit 316.
  • the topology storage unit 315 stores topology information of a network configured by a switch to be controlled by the control device 31.
  • the network topology information stored in the topology storage unit 315 may be set by a network administrator, or the control device 31 using information collected from the switch 33 using LLDP (Link Layer Discovery Protocol) or the like. May be automatically generated.
  • LLDP Link Layer Discovery Protocol
  • the route calculation unit 311 When the route calculation unit 311 receives a route calculation request from the switch control unit 312, the route calculation unit 311 refers to the topology information stored in the topology storage unit 315 and calculates a route between any switches.
  • the Dijkstra method or the like can be used as a route calculation method.
  • the routes calculated by the route calculation unit 311 include not only a route for transferring data packets but also a route (control channel) for transferring control packets between the control device 31 and an arbitrary switch. Therefore, the path calculation unit 311 has an alternative path calculation function of the control channel reconfiguration unit 314 described above.
  • the switch control unit 312 Upon receiving a control information (flow entry) transmission request message (corresponding to “Packet-In message” in Non-Patent Document 2) from the switch 33, the switch control unit 312 requests the route calculation unit 311 to calculate a route.
  • the switch control unit 312 receives a route from the route calculation unit 311, the switch control unit 312 generates control information (flow entry) for transferring a packet along the route to the switch 33 on the route, and sends the control information to the switch 33 on the route.
  • the switch control unit 312 determines the control information (flow entry).
  • Information on the switch in which the control information (flow entry) is set (described later flow entry owner information), and information on the switch controlled by the control channel (described later control channel owner information)
  • the operation of saving in 316 is performed.
  • control channel management unit 313 receives control information (flow entry) as control channel configuration information and information on the switch in which the control information (flow entry) is set (described later).
  • control information flow entry
  • Flow entry owner information and switch information (control channel owner information described later) controlled by the control channel are stored in the control channel information storage unit 316.
  • control channel management unit 313 When the control channel management unit 313 receives a port failure status notification (for example, notified by “Port Status message” in Non-Patent Document 2) from the switch 33 via the switch control unit 312, the control channel management unit 313 receives the control channel. With reference to the information storage unit 316, the control channel affected by the failure of the port of the switch is searched, and when the affected control channel is found, the route calculation unit 311 is requested to calculate an alternative route. When the alternative route is calculated by the route calculation unit 311, the control channel management unit 313 replaces the control channel via the switch control unit 312 and is held in the control channel information storage unit 316. Update control information (flow entry).
  • a port failure status notification for example, notified by “Port Status message” in Non-Patent Document 2
  • the control channel management unit 313 receives the control channel.
  • the control channel affected by the failure of the port of the switch is searched, and when the affected control channel is found, the route calculation unit 311 is requested to calculate an alternative route.
  • FIG. 5 is a diagram illustrating an example of control channel information held in the control channel information storage unit 316.
  • the content of control information (flow entry) consisting of a combination of a match condition, a counter, and an instruction, information on the switch in which the control information (flow entry) is set (flow entry owner information), An entry associating information (switch channel owner information described later) of a switch controlled by the control channel is shown.
  • the control channel information in FIG. 5 includes the control information (flow entry) set in the switch on the control channel of the switch 33-4 via the switches 33-1 and 33-2 in FIG. DPID) and the control target switch of the control channel are associated with each other.
  • FIG. 6 is a block diagram showing a detailed configuration of the switch 33.
  • the switch 33 includes a routing table 331 that defines next hop information of a control packet to be transmitted to the control device 31, and a control information storage unit 333 that stores control information (flow entry) received from the control device 31.
  • a packet processing unit 332 that searches the control information (flow entry) stored in the control information storage unit 333 for control information (flow entry) having a matching condition that matches the received packet, and processes the packet; It has. As a result of the search, the packet processing unit 332 requests the control device 31 to send a control information (flow entry) transmission request when control information (flow entry) having matching conditions matching the received packet is not found. .
  • the packet processing unit 332 When receiving the control information (flow entry) from the control device 31, the packet processing unit 332 stores the received control information (flow entry) in the control information storage unit 333. Further, when the packet to be transmitted is a control packet addressed to the control device 31, the packet processing unit 332 transmits the control packet from the port defined in the routing table 331.
  • FIG. 7 is a diagram illustrating a configuration example of control information (flow entry) set in the control information storage unit 333 of the switch 33 by the control device 31.
  • the control information (flow entry) corresponds to a match condition, a counter that records statistical information of a packet that matches the match condition, and an instruction that indicates processing contents to be applied to the packet that matches the match condition. It is configured with.
  • the match condition is configured by any combination of fields from layer 1 to layer 4.
  • Each information can be set with a wild card. As instructions, it is possible to designate packet transfer (Output), discard (Drop), header rewriting (SET), and the like.
  • match condition in FIG. 7 is not limited to the illustrated example.
  • an IPv6 header or the like can be added to the match condition.
  • the counter field may be omitted.
  • Each unit (processing means) of the control device 31 and the switch 33 shown in FIGS. 4 and 6 is executed by a computer program that causes a computer constituting these devices to execute the above-described processes using the hardware. It can also be realized.
  • the switch 33-1 directly connected to the control device 31 transmits a control packet (for example, a Hello message of Non-Patent Document 2) to the control device 31 according to its own routing table 331.
  • the control channel is established.
  • the switch 33-2 switch 33-3) tries to establish a control channel with the control device 31, the first control packet from the switch 33-2 (switch 33-3)
  • the switch 33-3) is transferred to the switch 33-1 according to its own routing table 331.
  • the switch 33-1 receives the first control packet from the switch 33-2 (switch 33-3)
  • the switch 33-1 matches the corresponding match from the control information (flow entry) set in the control information storage unit 333. Search for control information (flow entry) with conditions.
  • control information (flow entry) corresponding to the first control packet from the switch 33-2 (switch 33-3) is not set in the switch 33-1, so that the switch 33-1 does not control.
  • the device 31 is requested to transmit control information (flow entry) by a Packet-In message.
  • FIG. 9 is a flowchart showing the operation (control channel establishment operation) of the control device 31 triggered by reception of the transmission request for the control information (flow entry).
  • the control channel establishment operation of the control device 31 will be described with reference to FIG.
  • the switch 33-1 receives a new packet (control packet of the switch 33-2 or 33-3) from an arbitrary switch (step S001)
  • the route calculation unit 311 sends a transmission request for control information (flow entry).
  • the header of the packet received (Packet-In message) is analyzed, and the transfer path is calculated.
  • the control device 31 uses the switch control unit 312 to generate control information (flow entry) to be set for the switch on the transfer path (step S003).
  • the control device 31 controls not only control information (flow entry) for transferring a control packet from the switch to the control device 31, but also control information (flow entry) for transferring a control packet from the control device 31 to the switch. ) May be generated.
  • the control device 31 determines whether or not the calculated route is a control channel (step S004). Whether or not the calculated route is a control channel is determined whether or not the destination IP address of the target packet matches the IP address of the control device 31, and the reception port of the packet in the switch 33-1 is the switch 33-2. Alternatively, the determination can be made based on whether the connection port is 33-3.
  • control channel management unit 313 stores control information (flow entry) set in the control channel information storage unit 316 in the switch on the path shown in FIG. ) And two pieces of owner information are stored (step S005).
  • control device 31 sets the flow entry generated by the switch control unit 312 to the switch on the route calculated in step S003 (step S006).
  • control device 31 sends a control information (flow entry) transmission request (Packet-In message) to the switch 33-1 that is the transmission source of the control information (flow entry) transmission request (Packet-In message). Is instructed to transfer the packet that triggered the request according to the calculated route (step S007; using the Packet-Out message of Non-Patent Document 2).
  • control packet that triggered the transmission request (Packet-In message) of the control information (flow entry) and the subsequent control packet are the control information (flow entry) set in the switch on the path constituting the control channel. ) And transferred.
  • the switch 33-2 or 33-3 is added to the control target of the control device 31.
  • the switch 33-4 transmits a control packet to the switch 33-2 or 33-3 determined in its own routing table 331
  • the switch 33-2 or 33-3 transmits to the control device 31.
  • a packet-in message requests transmission of control information (flow entry) for processing the control packet from the switch 33-4.
  • the control device 31 calculates a necessary route and sets control information (flow entry), so that the switch 33-4 is added to the control target of the control device 31.
  • establishment of a control channel between the control device 31 and the switches 33-1 to 33-4 is realized.
  • FIG. 11 is a flowchart showing the operation (control channel switching operation) of the control device 31 according to the first embodiment of the present invention.
  • the control channel switching operation of the control device 31 will be described with reference to FIG. First, when each of the switches 33-1 to 33-4 detects a link down of a connection port with another switch, the switch 33-1 to 33-4 transmits a failure notification (port down) to the control device 31.
  • control channel management unit 313 searches the control channel information storage unit 316 for a control channel affected by the failure of the port of the switch. (Step S102). The presence of a control channel that is affected by a failure of a port of a switch is searched for an entry in which the flow entry owner information (switch information) of the entry illustrated in FIG. 5 matches the output port defined in the instruction field. Can be found at
  • control device 31 uses the path calculation unit 311. , Calculate alternative routes. Further, in the control device 31, the switch control unit 312 generates control information (flow entry) to be set for the switch on this alternative route (step S104).
  • step S105 when the alternative route can be calculated and control information (flow entry) can also be generated (Yes in step S105), the control device 31 switches the switch on the alternative route calculated in step S104 to the switch.
  • the flow entry generated by the control unit 312 is set (step S106). Further, the control device 31 instructs the switch on the previous control channel to delete the control information (flow entry) for the control channel that is no longer needed, if necessary.
  • control device 31 instructs the switch of the alternative path owner calculated in step S104 to switch the control channel (step S107). Specifically, processing for instructing rewriting of the routing table 331 is performed so as to change the port that outputs the packet addressed to the control device 31.
  • step S103 If it is determined in step S103 that control channel replacement is not required (No in step S103) and if an alternative route cannot be calculated in step S105 (No in step S105), the topology information in the topology storage unit 315 is used. A process of removing the corresponding switch and excluding it from the control target is performed.
  • control channel replacement For example, it is assumed that the control channel of the In-band control method as shown by the double arrow in FIG. 10 has been established by repeating the series of processing shown in FIG.
  • the control device 31 that has received the notification refers to the control channel information held in the control channel information storage unit 316, and the control channel affected by the failure of the link is the control channel of the switch 33-2 and the switch It is determined that the control channel is 33-4. And the control apparatus 31 calculates an alternative path
  • control device 31 deletes the control information (flow entry) set in the switch on the previous control channel, and causes the switch on the new control channel to transfer the control packet along the alternative route. Send control information (flow entry).
  • control device 31 instructs the switch 33-2 and the switch 33-4 in which the control channel is changed to change the control channel (rewrite the routing table 331).
  • the control channel replacement is completed.
  • the first method is a method using UDP (User Datagram Protocol).
  • UDP User Datagram Protocol
  • a port for switching the control channel is prepared in advance in the switch 33 and is set in the Listen state.
  • the switch 33 rewrites the routing table 331 and reconnects the control channel.
  • the rewriting contents of the routing table 331 may be included in the control channel switching instruction.
  • the second method is a method in which control information (flow entry) for rewriting the routing table is set in advance in the control information storage unit 333 of the switch 33.
  • control information (flow entry) in which predetermined matching conditions and instructions (processing contents) for decoding a packet by the network processor and rewriting the routing table 331 are set. Then, by causing the switch 33 to transmit a packet from the nearest switch, the routing table can be rewritten and the control channel can be reconnected.
  • the rewriting contents of the routing table 331 can be controlled by setting a plurality of control information (flow entries) having different match conditions and rewriting contents of the routing table 331 and changing a packet transmitted to the switch.
  • the routing table 331 of the switch 33-4 in FIG. 12 when the routing table 331 of the switch 33-4 in FIG. 12 is to be rewritten, a packet from the switch 33-4 to the control device 31 is transmitted to the switch 33-2 on the route before re-transition and is transmitted to the control device 31. Will not reach.
  • the routing table 331 can be reliably rewritten.
  • a mechanism such as an electronic signature as a method for solving this problem. That is, when the control channel is established, the control device 31 and the switch 33 exchange their public keys with each other. When a failure occurs, the control device 31 issues a control channel switching instruction to the corresponding switch 33. The hash value is encrypted with the private key of the control device 31 itself to create an electronic signature. Then, the control device 31 encrypts the control channel switching instruction with the public key of the switch 33, adds an electronic signature, and transmits it to the switch 33. When the switch 33 receives the encrypted control channel switching instruction, the switch 33 decrypts the control channel switching instruction using the private key of the switch 33 itself. Next, the hash value of the control channel redirection instruction is obtained with the public key of the control device 31 exchanged in advance, and compared with the hash value sent from the control device 31 to confirm that it has not been tampered with.
  • control channel is replaced when triggered by the reception of the port down notification from the switch.
  • the control channel can be re-established when a host is newly connected to the switch controlled by the control.
  • the occurrence of congestion in the data transfer channel can be confirmed by the controller 31 inquiring from the switch 33 the value of the counter that records the statistical information of the packet that matches the matching condition in the control information (flow entry).
  • a new connection of the host to the switch 33 can be detected by receiving from the switch 33 a Packet-In message for a packet transmitted from the host.
  • the control channel reconfiguration unit transmits a control channel change instruction to the switch using UDP (User Datagram Protocol), A control device that causes the switch to rewrite a routing table for transferring control packets to the control device.
  • UDP User Datagram Protocol
  • Control information for rewriting the routing table for transferring the control packet to the control device is set in the switch, A control device that causes the switch to rewrite a routing table for transferring control packets to the control device by transmitting a control channel change instruction packet that matches the control information to the switch.
  • Control device 33 31, 31A Control device 33, 33-1 to 33-4 Switch 311 Path calculation unit 312 Switch control unit 313 Control channel management unit 314 Control channel reconfiguration unit 315 Topology storage unit 316 Control channel information storage unit 331 Routing table 332 Packet processing 333 Control information storage unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The objective of the invention is to contribute to the improvement of resistance to troubles and of availability for a centralized control type of network using, as a control channel, a data transfer channel between switches. A control apparatus comprises: a topology storage unit that stores a connectional relationship between switches connected by a data transfer channel; a control channel management unit that manages the information of a control channel configured by use of the data transfer channel between the switches; a switch control unit that controls a group of switches via the control channel; and a control channel reconfiguration unit that changes paths of the control channel on the basis of information acquired from the switches.

Description

制御装置、スイッチ、通信システム、スイッチの制御方法及びプログラムControl device, switch, communication system, switch control method and program
 [関連出願についての記載]
 本発明は、日本国特許出願:特願2013-015091号(2013年 1月30日出願)に基づくものであり、同出願の全記載内容は引用をもって本書に組み込み記載されているものとする。
 本発明は、制御装置、スイッチ、通信システム、スイッチの制御方法及びプログラムに関し、特に、スイッチを集中制御する制御装置、通信システム、スイッチの制御方法及びプログラムに関する。 [Description of related applications]
The present invention is based on a Japanese patent application: Japanese Patent Application No. 2013-015091 (filed on January 30, 2013), and the entire contents of the application are incorporated herein by reference.
The present invention relates to a control device, a switch, a communication system, a switch control method, and a program, and more particularly, to a control device, a communication system, a switch control method, and a program for centralized control of switches.
 近年、ネットワーク機器のパケット転送機能と経路制御等の制御機能とを分離する形態のネットワークが注目を浴びている。このようなネットワークでは、ネットワーク機器がパケット転送機能を担い、ネットワーク機器の外部に分離したコントローラが制御機能を担うことになる。このようにすることで、制御が容易になり柔軟性に富んだネットワークを構築することが可能になる。 In recent years, attention has been focused on a network in which a packet transfer function of a network device and a control function such as route control are separated. In such a network, the network device is responsible for the packet transfer function, and the controller separated outside the network device is responsible for the control function. In this way, it becomes possible to construct a network that is easy to control and rich in flexibility.
 特許文献1、非特許文献1、2に、上記集中制御型のネットワークを実現するオープンフローという技術が提案されている。オープンフローは、通信をエンドツーエンドのフローとして捉え、フロー単位で経路制御、障害回復、負荷分散、最適化を行うものである。非特許文献2に仕様化されているオープンフロースイッチは、オープンフローコントローラとの通信用のセキュアチャネルを備え、オープンフローコントローラから適宜追加または書き換え指示されるフローテーブルに従って動作する。フローテーブルには、フロー毎に、パケットヘッダと照合するマッチ条件(Match Fields)と、フロー統計情報(Counters)と、処理内容を定義したインストラクション(Instructions)と、の組が定義される(非特許文献2の「5.2 Flow Table」の項参照)。 Patent Document 1 and Non-Patent Documents 1 and 2 propose a technique called OpenFlow that realizes the above-described centralized control type network. OpenFlow captures communication as an end-to-end flow and performs path control, failure recovery, load balancing, and optimization on a per-flow basis. The OpenFlow switch specified in Non-Patent Document 2 includes a secure channel for communication with the OpenFlow controller, and operates according to a flow table that is appropriately added or rewritten from the OpenFlow controller. For each flow, a set of match conditions (Match Fields), flow statistical information (Counters), and instructions (Instructions) that define processing contents are defined for each flow (non-patented). (Refer to “5.2 Flow Table” in Document 2).
 例えば、オープンフロースイッチは、パケットを受信すると、フローテーブルから、受信パケットのヘッダ情報に適合するマッチ条件(非特許文献2の「5.3 Matching」参照)を持つエントリを検索する。検索の結果、受信パケットに適合するエントリが見つかった場合、オープンフロースイッチは、フロー統計情報(カウンタ)を更新するとともに、受信パケットに対して、当該エントリのインストラクションフィールドに記述された処理内容(指定ポートからのパケット送信、フラッディング、廃棄等)を実施する。一方、検索の結果、受信パケットに適合するエントリが見つからなかった場合、オープンフロースイッチは、セキュアチャネルを介して、オープンフローコントローラに対してエントリ設定の要求、即ち、受信パケットを処理するための制御情報の送信要求(Packet-Inメッセージ)を送信する。オープンフロースイッチは、処理内容が定められたフローエントリを受け取ってフローテーブルを更新する。このように、オープンフロースイッチは、フローテーブルに格納されたエントリを制御情報として用いてパケット転送を行う。 For example, when the OpenFlow switch receives a packet, the OpenFlow switch searches the flow table for an entry having a matching condition (see “5.3 Matching” in Non-Patent Document 2) that matches the header information of the received packet. If an entry that matches the received packet is found as a result of the search, the OpenFlow switch updates the flow statistical information (counter) and processes the processing (designated) in the instruction field of the entry for the received packet. Perform packet transmission, flooding, discard, etc. from the port. On the other hand, if no entry matching the received packet is found as a result of the search, the OpenFlow switch sends an entry setting request to the OpenFlow controller via the secure channel, that is, a control for processing the received packet. An information transmission request (Packet-In message) is transmitted. The OpenFlow switch receives a flow entry whose processing content is defined and updates the flow table. As described above, the OpenFlow switch performs packet transfer using the entry stored in the flow table as control information.
特開2011-170718号公報JP 2011-170718 A
 以下の分析は、本発明によって与えられたものである。上記集中制御側のネットワークの制御装置とスイッチ間の通信用の制御チャネルとしては、制御用のネットワークを用意する方式と、制御用のネットワークを設けずに、スイッチ間のデータ用のネットワークに制御チャネルを収容する方式(以下、「In-band制御方式」という。例えば、非特許文献3参照)とがある。In-band制御方式は、ネットワークが大規模になった場合の現実的な手法であり、今後、オープンフローが大規模なネットワークやサーバ仮想化環境に適用するために普及していくと考えられる。 The following analysis is given by the present invention. As a control channel for communication between the control device of the network on the central control side and the switch, a control channel is prepared, and a control channel is provided in the data network between the switches without providing a control network. (Hereinafter referred to as “In-band control method”, for example, see Non-Patent Document 3). The in-band control method is a realistic method when the network becomes large, and it is considered that OpenFlow will spread in the future to be applied to large-scale networks and server virtualization environments.
 しかしながら、In-band制御方式には、大きく2つの問題点がある。第1の問題点は、制御チャネルを構成する経路上のスイッチ等の障害等が発生したことにより、当該スイッチ及びその先に接続されたスイッチが制御不能になったとしても、制御装置が直ちにそれを検出できない点である。 However, the in-band control method has two major problems. The first problem is that even if a failure or the like of a switch on the path constituting the control channel has occurred, even if the switch and the switch connected thereto become uncontrollable, the control device immediately It is a point that cannot be detected.
 第2の問題点は、制御装置が、スイッチの生存確認を行うなどして、スイッチが制御不能となったことを検出できたとしても、何らかの手段で制御チャネルを再構築しなければ当該制御チャネルを利用していたスイッチの制御を再開できないという点である。 The second problem is that even if the control device can detect that the switch has become uncontrollable, for example, by confirming the existence of the switch, the control channel is not reconfigured unless the control channel is reconstructed by some means. It is a point that the control of the switch which used the system cannot be resumed.
 非特許文献3では、各スイッチに特殊フレームを解釈させる機能を追加させる必要があり、大規模ネットワークに適用可能というIn-band制御方式の利点を相殺してしまう可能性がある。 In Non-Patent Document 3, it is necessary to add a function for interpreting special frames to each switch, which may offset the advantage of the in-band control method that can be applied to a large-scale network.
 本発明は、制御チャネルにIn-band制御方式を用いるネットワークの耐障害性、可用性の向上に貢献できる制御装置、スイッチ、通信システム、スイッチの制御方法及びプログラムを提供することを目的とする。 An object of the present invention is to provide a control device, a switch, a communication system, a switch control method, and a program that can contribute to the improvement of fault tolerance and availability of a network that uses an in-band control method for a control channel.
 第1の視点によれば、データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更する制御チャネル再構成部と、を備えた制御装置が提供される。 According to the first aspect, a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information of a control channel configured using the data transfer channel between the switches A channel management unit, a switch control unit that controls the switch group via the control channel, and a control channel reconfiguration unit that changes a path of the control channel based on information obtained from the switch. A control device is provided.
 第2の視点によれば、制御装置への制御パケットの転送用のルーティングテーブルを備え、前記制御装置からの前記制御チャネルの変更指示に応じて、前記ルーティングテーブルを書き換えるスイッチが提供される。 According to a second aspect, there is provided a switch that includes a routing table for transferring control packets to a control device and rewrites the routing table in response to an instruction to change the control channel from the control device.
 第3の視点によれば、データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更する制御チャネル再構成部と、を備えた制御装置と、前記制御チャネルを介して制御装置から設定された制御情報に基づいて、受信パケットを処理するスイッチ群と、を含む通信システムが提供される。 According to a third aspect, a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information of a control channel configured using the data transfer channel between the switches A channel management unit, a switch control unit that controls the switch group via the control channel, and a control channel reconfiguration unit that changes a path of the control channel based on information obtained from the switch. There is provided a communication system including a control device and a switch group for processing a received packet based on control information set by the control device via the control channel.
 第4の視点によれば、データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、を備えた制御装置が、前記スイッチから、前記制御チャネルとして使用されているデータ転送チャネルの状態を示す情報を取得するステップと、前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更するステップと、を含むスイッチの制御方法が提供される。本方法は、スイッチ間のデータ転送チャネルを用いて構成された制御チャネルを介して前記スイッチ群を制御する制御装置という、特定の機械に結びつけられている。 According to a fourth aspect, a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information on a control channel configured using the data transfer channel between the switches A control device comprising a channel management unit and a switch control unit that controls the switch group via the control channel receives information indicating a state of a data transfer channel used as the control channel from the switch. There is provided a method for controlling a switch, including a step of obtaining, and a step of changing a route of the control channel based on information obtained from the switch. This method is linked to a specific machine, which is a control device that controls the switch group through a control channel configured using a data transfer channel between switches.
 第5の視点によれば、データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、を備えたコンピュータに、前記スイッチから、前記制御チャネルとして使用されているデータ転送チャネルの状態を示す情報を取得する処理と、前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更する処理と、を実行させるプログラムが提供される。なお、このプログラムは、コンピュータが読み取り可能な(非トランジエントな)記憶媒体に記録することができる。即ち、本発明は、コンピュータプログラム製品として具現することも可能である。 According to a fifth aspect, a topology storage unit that stores a connection relationship between switches connected by a data transfer channel, and a control that manages information on a control channel configured using the data transfer channel between the switches A computer having a channel management unit and a switch control unit that controls the switch group via the control channel acquires information indicating the state of the data transfer channel used as the control channel from the switch. And a program for executing a process of changing the route of the control channel based on information obtained from the switch. This program can be recorded on a computer-readable (non-transient) storage medium. That is, the present invention can be embodied as a computer program product.
 本発明によれば、制御チャネルにIn-band制御方式を用いる集中制御型ネットワークの耐障害性、可用性の向上に貢献することが可能となる。 According to the present invention, it is possible to contribute to the improvement of fault tolerance and availability of a centralized control network that uses an in-band control method for a control channel.
本発明の一実施形態の構成を示す図である。It is a figure which shows the structure of one Embodiment of this invention. 本発明の一実施形態の動作を説明するための図である。It is a figure for demonstrating operation | movement of one Embodiment of this invention. 本発明の一実施形態の動作を説明するための図である。It is a figure for demonstrating operation | movement of one Embodiment of this invention. 本発明の第1の実施形態の通信システムの構成を示す図である。It is a figure which shows the structure of the communication system of the 1st Embodiment of this invention. 本発明の第1の実施形態の制御装置の制御チャネル情報記憶部に保持される制御チャネル情報の一例を示す図である。It is a figure which shows an example of the control channel information hold | maintained at the control channel information storage part of the control apparatus of the 1st Embodiment of this invention. 本発明の第1の実施形態のスイッチの詳細構成を示す図である。It is a figure which shows the detailed structure of the switch of the 1st Embodiment of this invention. 本発明の第1の実施形態のスイッチに保持される制御情報(フローエントリ)の構成を示す図である。It is a figure which shows the structure of the control information (flow entry) hold | maintained at the switch of the 1st Embodiment of this invention. 本発明の第1の実施形態の動作を説明するための図である。It is a figure for demonstrating the operation | movement of the 1st Embodiment of this invention. 本発明の第1の実施形態の制御装置の動作(制御チャネル確立動作)を表したフローチャートである。It is a flowchart showing operation | movement (control channel establishment operation | movement) of the control apparatus of the 1st Embodiment of this invention. 本発明の第1の実施形態の制御装置による制御チャネル確立動作を説明するための図である。It is a figure for demonstrating the control channel establishment operation | movement by the control apparatus of the 1st Embodiment of this invention. 本発明の第1の実施形態の制御装置の動作(制御チャネル張替え動作)を表したフローチャートである。It is a flowchart showing operation | movement (control channel switching operation) of the control apparatus of the 1st Embodiment of this invention. 本発明の第1の実施形態の制御装置による制御チャネル張替え動作を説明するための図である。It is a figure for demonstrating the control channel switching operation | movement by the control apparatus of the 1st Embodiment of this invention.
 はじめに本発明の一実施形態の概要について図面を参照して説明する。なお、この概要に付記した図面参照符号は、理解を助けるための一例として各要素に便宜上付記したものであり、本発明を図示の態様に限定することを意図するものではない。 First, an outline of an embodiment of the present invention will be described with reference to the drawings. Note that the reference numerals of the drawings attached to this summary are attached to the respective elements for convenience as an example for facilitating understanding, and are not intended to limit the present invention to the illustrated embodiment.
 本発明は、その一実施形態において、図1に示すように、データ転送チャネルによって接続されたスイッチ33-1~33-4間の接続関係を記憶するトポロジ記憶部315と、制御チャネル管理部313と、データ転送チャネルを用いて構成された制御チャネルを介して前記スイッチ群を制御するスイッチ制御部312と、制御チャネル再構成部314と、を備えた制御装置31Aにて実現できる。 In one embodiment of the present invention, as shown in FIG. 1, a topology storage unit 315 that stores connection relationships between switches 33-1 to 33-4 connected by a data transfer channel, and a control channel management unit 313 And a control device 31A including a switch control unit 312 that controls the switch group via a control channel configured using a data transfer channel, and a control channel reconfiguration unit 314.
 より具体的には、制御チャネル管理部313は、スイッチ33-1~33-4間のデータ転送チャネルを用いて構成された制御チャネルの情報を管理する。そして、制御チャネル再構成部314は、スイッチから得られた情報を元に、制御チャネルの経路を変更する動作を行う。 More specifically, the control channel management unit 313 manages information on the control channel configured using the data transfer channel between the switches 33-1 to 33-4. Then, the control channel reconfiguring unit 314 performs an operation of changing the route of the control channel based on information obtained from the switch.
 例えば、図2に示すように、制御装置31Aとスイッチ33-1~33-4間にそれぞれ制御チャネル(両矢線で図示)が張られている状況において、スイッチ33-3のスイッチ33-4との接続ポートに障害が発生したとする。この場合、制御チャネル再構成部314は、トポロジ記憶部315を参照して、スイッチ33-1、33-2、33-4を経由する代替経路を構成可能であると判断し、図3に示すように、スイッチ33-4の制御チャネルの経路を変更する。なお、制御チャネル再構成部314が制御チャネルの経路を変更する契機としては、上記した制御チャネル上のスイッチのポートの故障に限られない。例えば、制御チャネルを収容しているデータ転送チャネルにおける輻輳の発生、当該制御チャネルによって制御されるスイッチへのホストの新規接続などの契機で、制御チャネルの経路の変更を行うことができる。 For example, as shown in FIG. 2, in a situation where a control channel (shown by a double arrow line) is provided between the control device 31A and the switches 33-1 to 33-4, the switch 33-4 of the switch 33-3 is connected. Suppose that a failure occurs in the connection port. In this case, the control channel reconfiguration unit 314 refers to the topology storage unit 315 and determines that an alternative route passing through the switches 33-1 33-2, and 33-4 can be configured, and is shown in FIG. As described above, the route of the control channel of the switch 33-4 is changed. The trigger for the control channel reconfiguring unit 314 to change the control channel path is not limited to the failure of the switch port on the control channel. For example, the path of the control channel can be changed in response to the occurrence of congestion in the data transfer channel that accommodates the control channel or the new connection of the host to the switch controlled by the control channel.
 以上のように制御チャネルを柔軟に変更することが可能となるため、集中制御型ネットワークの耐障害性、可用性の向上させることが可能となる。 As described above, since the control channel can be flexibly changed, it becomes possible to improve the fault tolerance and availability of the centralized control network.
[第1の実施形態]
 続いて、本発明の第1の実施形態について図面を参照して詳細に説明する。図4は、本発明の第1の実施形態の通信システムの構成を示す図である。図4を参照すると、スイッチ33(以下、スイッチを特に区別しないときは、「スイッチ33」と記す。)と、スイッチ33を制御する制御装置31と、が示されている。なお、図4では、1台のスイッチ33のみが示されているが、制御装置31に複数のスイッチ33が接続されていてもよい。また、制御装置31は、これら直接接続されたスイッチのみならず、スイッチ33を介して、スタック状に接続された他のスイッチも制御可能となっている。 [First Embodiment]
Next, a first embodiment of the present invention will be described in detail with reference to the drawings. FIG. 4 is a diagram illustrating the configuration of the communication system according to the first embodiment of this invention. Referring to FIG. 4, a switch 33 (hereinafter referred to as “switch 33” when the switches are not particularly distinguished) and a control device 31 that controls the switch 33 are shown. In FIG. 4, only one switch 33 is shown, but a plurality of switches 33 may be connected to the control device 31. Further, the control device 31 can control not only these directly connected switches but also other switches connected in a stack via the switch 33.
 制御装置31は、経路計算部311と、スイッチ制御部312と、制御チャネル管理部313と、トポロジ記憶部315と、制御チャネル情報記憶部316とを備えている。 The control device 31 includes a path calculation unit 311, a switch control unit 312, a control channel management unit 313, a topology storage unit 315, and a control channel information storage unit 316.
 トポロジ記憶部315は、制御装置31の制御対象となるスイッチによって構成されているネットワークのトポロジ情報を記憶する。なお、トポロジ記憶部315に格納するネットワークのトポロジ情報は、ネットワーク管理者が設定することとしてもよいし、LLDP(Link Layer Discovery Protocol)等を用いてスイッチ33から収集した情報を用いて制御装置31が自動生成するものとしてもよい。 The topology storage unit 315 stores topology information of a network configured by a switch to be controlled by the control device 31. The network topology information stored in the topology storage unit 315 may be set by a network administrator, or the control device 31 using information collected from the switch 33 using LLDP (Link Layer Discovery Protocol) or the like. May be automatically generated.
 経路計算部311は、スイッチ制御部312から経路計算要求を受けると、トポロジ記憶部315に記憶されているトポロジ情報を参照して、任意のスイッチ間の経路を計算する。なお、経路計算の方法としては、ダイクストラ法などを用いることができる。経路計算部311が計算する経路は、データパケットを転送する経路のほか、制御装置31と任意のスイッチ間の制御パケットを転送する経路(制御チャネル)も含まれる。従って、経路計算部311は、上述した制御チャネル再構成部314の代替経路計算機能を担っている。 When the route calculation unit 311 receives a route calculation request from the switch control unit 312, the route calculation unit 311 refers to the topology information stored in the topology storage unit 315 and calculates a route between any switches. The Dijkstra method or the like can be used as a route calculation method. The routes calculated by the route calculation unit 311 include not only a route for transferring data packets but also a route (control channel) for transferring control packets between the control device 31 and an arbitrary switch. Therefore, the path calculation unit 311 has an alternative path calculation function of the control channel reconfiguration unit 314 described above.
 スイッチ制御部312は、スイッチ33から制御情報(フローエントリ)の送信要求メッセージ(非特許文献2の「Packet-Inメッセージ」に相当)を受信すると、経路計算部311に経路の計算を依頼する。また、スイッチ制御部312は、経路計算部311から経路を受け取ると、当該経路上のスイッチ33に、経路に沿ってパケットを転送させる制御情報(フローエントリ)を生成し、経路上のスイッチ33に設定する。さらに、スイッチ制御部312は、制御チャネル管理部313を介して、前記生成した制御情報(フローエントリ)が制御チャネルを構築するための制御情報(フローエントリ)である場合、当該制御情報(フローエントリ)と、その制御情報(フローエントリ)が設定されているスイッチの情報(後記フローエントリオーナー情報)と、制御チャネルによって制御されるスイッチの情報(後記制御チャネルオーナー情報)とを制御チャネル情報記憶部316に保存する動作を行う。 Upon receiving a control information (flow entry) transmission request message (corresponding to “Packet-In message” in Non-Patent Document 2) from the switch 33, the switch control unit 312 requests the route calculation unit 311 to calculate a route. When the switch control unit 312 receives a route from the route calculation unit 311, the switch control unit 312 generates control information (flow entry) for transferring a packet along the route to the switch 33 on the route, and sends the control information to the switch 33 on the route. Set. Furthermore, when the generated control information (flow entry) is control information (flow entry) for constructing a control channel via the control channel management unit 313, the switch control unit 312 determines the control information (flow entry). ), Information on the switch in which the control information (flow entry) is set (described later flow entry owner information), and information on the switch controlled by the control channel (described later control channel owner information) The operation of saving in 316 is performed.
 制御チャネル管理部313は、スイッチ制御部312からの要求に応じて、制御チャネルの構成情報として、制御情報(フローエントリ)と、その制御情報(フローエントリ)が設定されているスイッチの情報(後記フローエントリオーナー情報)と、制御チャネルによって制御されるスイッチの情報(後記制御チャネルオーナー情報)とを制御チャネル情報記憶部316に保存する動作を行う。 In response to a request from the switch control unit 312, the control channel management unit 313 receives control information (flow entry) as control channel configuration information and information on the switch in which the control information (flow entry) is set (described later). Flow entry owner information) and switch information (control channel owner information described later) controlled by the control channel are stored in the control channel information storage unit 316.
 また、制御チャネル管理部313は、スイッチ制御部312を介して、スイッチ33からポートの障害の状態通知(例えば、非特許文献2の「Port Statusメッセージ」より通知される)を受信すると、制御チャネル情報記憶部316を参照して、当該スイッチのポートの障害によって影響を受ける制御チャネルを検索し、影響を受ける制御チャネルが見つかった場合、経路計算部311に、代替経路の計算を依頼する。そして、経路計算部311にて代替経路が計算されると、制御チャネル管理部313は、スイッチ制御部312を介して、制御チャネルの張り替えを行うとともに、制御チャネル情報記憶部316に保持されている制御情報(フローエントリ)を更新する。 When the control channel management unit 313 receives a port failure status notification (for example, notified by “Port Status message” in Non-Patent Document 2) from the switch 33 via the switch control unit 312, the control channel management unit 313 receives the control channel. With reference to the information storage unit 316, the control channel affected by the failure of the port of the switch is searched, and when the affected control channel is found, the route calculation unit 311 is requested to calculate an alternative route. When the alternative route is calculated by the route calculation unit 311, the control channel management unit 313 replaces the control channel via the switch control unit 312 and is held in the control channel information storage unit 316. Update control information (flow entry).
 図5は、制御チャネル情報記憶部316に保持される制御チャネル情報の一例を示す図である。図5の例では、マッチ条件、カウンタ及びインストラクションとの組からなる制御情報(フローエントリ)の内容と、当該制御情報(フローエントリ)が設定されているスイッチの情報(フローエントリオーナー情報)と、当該制御チャネルによって制御されるスイッチの情報(後記制御チャネルオーナー情報)とを対応付けたエントリが示されている。図5の制御チャネル情報は、図10のスイッチ33-1、33-2を経由するスイッチ33-4の制御チャネル上のスイッチに設定されている制御情報(フローエントリ)と、そのスイッチのID(DPID)と、制御チャネルの制御対象スイッチとを対応付けた内容となっている。 FIG. 5 is a diagram illustrating an example of control channel information held in the control channel information storage unit 316. In the example of FIG. 5, the content of control information (flow entry) consisting of a combination of a match condition, a counter, and an instruction, information on the switch in which the control information (flow entry) is set (flow entry owner information), An entry associating information (switch channel owner information described later) of a switch controlled by the control channel is shown. The control channel information in FIG. 5 includes the control information (flow entry) set in the switch on the control channel of the switch 33-4 via the switches 33-1 and 33-2 in FIG. DPID) and the control target switch of the control channel are associated with each other.
 図6は、スイッチ33の詳細構成を示すブロック図である。図6を参照すると、スイッチ33は、制御装置31に送信する制御パケットの次ホップ情報を定めたルーティングテーブル331と、制御装置31から受信した制御情報(フローエントリ)を格納する制御情報記憶部333と、制御情報記憶部333に格納されている制御情報(フローエントリ)の中から受信パケットに適合するマッチ条件を持つ制御情報(フローエントリ)を検索して、パケットを処理するパケット処理部332とを備えている。パケット処理部332は、前記検索の結果、受信パケットに適合するマッチ条件を持つ制御情報(フローエントリ)が見つからなかった場合、制御装置31に対し、制御情報(フローエントリ)の送信要求を依頼する。パケット処理部332は、制御装置31から制御情報(フローエントリ)を受信すると、制御情報記憶部333に受信した制御情報(フローエントリ)を格納する。また、パケット処理部332は、送信しようとするパケットが制御装置31宛ての制御パケットである場合、ルーティングテーブル331に定められたポートから制御パケットを送信する。 FIG. 6 is a block diagram showing a detailed configuration of the switch 33. Referring to FIG. 6, the switch 33 includes a routing table 331 that defines next hop information of a control packet to be transmitted to the control device 31, and a control information storage unit 333 that stores control information (flow entry) received from the control device 31. A packet processing unit 332 that searches the control information (flow entry) stored in the control information storage unit 333 for control information (flow entry) having a matching condition that matches the received packet, and processes the packet; It has. As a result of the search, the packet processing unit 332 requests the control device 31 to send a control information (flow entry) transmission request when control information (flow entry) having matching conditions matching the received packet is not found. . When receiving the control information (flow entry) from the control device 31, the packet processing unit 332 stores the received control information (flow entry) in the control information storage unit 333. Further, when the packet to be transmitted is a control packet addressed to the control device 31, the packet processing unit 332 transmits the control packet from the port defined in the routing table 331.
 ここで、スイッチ33の制御情報記憶部333に保持される制御情報(フローエントリ)について説明する。図7は、制御装置31によってスイッチ33の制御情報記憶部333に設定される制御情報(フローエントリ)の構成例を示す図である。図7を参照すると、制御情報(フローエントリ)は、マッチ条件と、マッチ条件に適合したパケットの統計情報を記録するカウンタと、マッチ条件に適合したパケットに適用する処理内容を示すインストラクションとを対応付けて構成される。マッチ条件は、図7の下段に示すように、レイヤー1からレイヤー4までのフィールドの任意の組み合わせによって構成される。なお、各情報にはワイルドカードを設定可能となっている。インストラクションとしては、パケットの転送(Output)、廃棄(Drop)、ヘッダ書換え(SET~)等を指定することが可能となっている。 Here, the control information (flow entry) held in the control information storage unit 333 of the switch 33 will be described. FIG. 7 is a diagram illustrating a configuration example of control information (flow entry) set in the control information storage unit 333 of the switch 33 by the control device 31. Referring to FIG. 7, the control information (flow entry) corresponds to a match condition, a counter that records statistical information of a packet that matches the match condition, and an instruction that indicates processing contents to be applied to the packet that matches the match condition. It is configured with. As shown in the lower part of FIG. 7, the match condition is configured by any combination of fields from layer 1 to layer 4. Each information can be set with a wild card. As instructions, it is possible to designate packet transfer (Output), discard (Drop), header rewriting (SET), and the like.
 なお、図7のマッチ条件は、例示した態様に限られない。例えば、IPv6ヘッダ等をマッチ条件に追加することもできる。また、カウンタフィールドは省略してもよい。 Note that the match condition in FIG. 7 is not limited to the illustrated example. For example, an IPv6 header or the like can be added to the match condition. The counter field may be omitted.
 なお、図4、図6に示した制御装置31及びスイッチ33の各部(処理手段)は、これらの装置を構成するコンピュータに、そのハードウェアを用いて、上記した各処理を実行させるコンピュータプログラムにより実現することもできる。 Each unit (processing means) of the control device 31 and the switch 33 shown in FIGS. 4 and 6 is executed by a computer program that causes a computer constituting these devices to execute the above-described processes using the hardware. It can also be realized.
 続いて、本実施形態の動作について図面を参照して詳細に説明する。はじめに、図8に示す構成において、制御装置31が、スイッチ33-1~33-4との制御チャネルを確立する動作について説明する。 Subsequently, the operation of the present embodiment will be described in detail with reference to the drawings. First, the operation of the control device 31 for establishing the control channel with the switches 33-1 to 33-4 in the configuration shown in FIG. 8 will be described.
 図8に示す構成では、制御装置31に直接接続されているスイッチ33-1が自身のルーティングテーブル331に従い、制御装置31に制御パケット(例えば、非特許文献2のHelloメッセージ)を送信することで、制御チャネルの確立が行われる。次に、スイッチ33-2(スイッチ33-3)が制御装置31との制御チャネルを確立しようとすると、スイッチ33-2(スイッチ33-3)からの最初の制御パケットは、スイッチ33-2(スイッチ33-3)自身のルーティングテーブル331に従って、スイッチ33-1に転送される。一方、スイッチ33-1は、スイッチ33-2(スイッチ33-3)から前記最初の制御パケットを受信すると、制御情報記憶部333に設定される制御情報(フローエントリ)の中から、該当するマッチ条件を持つ制御情報(フローエントリ)を検索する。しかしながら、この時点では、スイッチ33-2(スイッチ33-3)から前記最初の制御パケットに対応する制御情報(フローエントリ)はスイッチ33-1に設定されていないので、スイッチ33-1は、制御装置31に対して、Packet-Inメッセージにて、制御情報(フローエントリ)の送信を要求する。 In the configuration illustrated in FIG. 8, the switch 33-1 directly connected to the control device 31 transmits a control packet (for example, a Hello message of Non-Patent Document 2) to the control device 31 according to its own routing table 331. The control channel is established. Next, when the switch 33-2 (switch 33-3) tries to establish a control channel with the control device 31, the first control packet from the switch 33-2 (switch 33-3) The switch 33-3) is transferred to the switch 33-1 according to its own routing table 331. On the other hand, when the switch 33-1 receives the first control packet from the switch 33-2 (switch 33-3), the switch 33-1 matches the corresponding match from the control information (flow entry) set in the control information storage unit 333. Search for control information (flow entry) with conditions. However, at this time, the control information (flow entry) corresponding to the first control packet from the switch 33-2 (switch 33-3) is not set in the switch 33-1, so that the switch 33-1 does not control. The device 31 is requested to transmit control information (flow entry) by a Packet-In message.
 図9は、前記制御情報(フローエントリ)の送信要求の受信を契機とする制御装置31の動作(制御チャネル確立動作)を表したフローチャートである。以下、図9を参照して、制御装置31の制御チャネル確立動作について説明する。まず、スイッチ33-1が任意のスイッチから、新規パケット(スイッチ33-2又は33-3の制御パケット)を受信すると(ステップS001)、経路計算部311で、制御情報(フローエントリ)の送信要求(Packet-Inメッセージ)を受けたパケットのヘッダを解析し、転送経路を計算する。さらに、制御装置31は、スイッチ制御部312にて、この転送経路上のスイッチに設定する制御情報(フローエントリ)を生成する(ステップS003)。なお、このときに、制御装置31は、スイッチから制御装置31への制御パケットを転送する制御情報(フローエントリ)だけでなく、制御装置31からスイッチへの制御パケットを転送する制御情報(フローエントリ)を生成するようにしてもよい。 FIG. 9 is a flowchart showing the operation (control channel establishment operation) of the control device 31 triggered by reception of the transmission request for the control information (flow entry). Hereinafter, the control channel establishment operation of the control device 31 will be described with reference to FIG. First, when the switch 33-1 receives a new packet (control packet of the switch 33-2 or 33-3) from an arbitrary switch (step S001), the route calculation unit 311 sends a transmission request for control information (flow entry). The header of the packet received (Packet-In message) is analyzed, and the transfer path is calculated. Further, the control device 31 uses the switch control unit 312 to generate control information (flow entry) to be set for the switch on the transfer path (step S003). At this time, the control device 31 controls not only control information (flow entry) for transferring a control packet from the switch to the control device 31, but also control information (flow entry) for transferring a control packet from the control device 31 to the switch. ) May be generated.
 次に、制御装置31は、制御チャネル管理部313にて、前記計算した経路が制御チャネルであるか否かを判定する(ステップS004)。前記計算した経路が制御チャネルであるか否かは、対象パケットの宛先IPアドレスが、制御装置31のIPアドレスと一致するか否かと、スイッチ33-1における当該パケットの受信ポートがスイッチ33-2又は33-3の接続ポートであるか否か等により判別することができる。 Next, in the control channel management unit 313, the control device 31 determines whether or not the calculated route is a control channel (step S004). Whether or not the calculated route is a control channel is determined whether or not the destination IP address of the target packet matches the IP address of the control device 31, and the reception port of the packet in the switch 33-1 is the switch 33-2. Alternatively, the determination can be made based on whether the connection port is 33-3.
 ここで、計算した経路が制御チャネルであると判定した場合、制御チャネル管理部313は、制御チャネル情報記憶部316に、図5に示した、当該経路上のスイッチに設定する制御情報(フローエントリ)の内容と、2つのオーナー情報を保存する(ステップS005)。 If it is determined that the calculated path is a control channel, the control channel management unit 313 stores control information (flow entry) set in the control channel information storage unit 316 in the switch on the path shown in FIG. ) And two pieces of owner information are stored (step S005).
 その後、制御装置31は、ステップS003で計算した経路上のスイッチに、スイッチ制御部312にて生成したフローエントリを設定する(ステップS006)。 Thereafter, the control device 31 sets the flow entry generated by the switch control unit 312 to the switch on the route calculated in step S003 (step S006).
 最後に、制御装置31は、制御情報(フローエントリ)の送信要求(Packet-Inメッセージ)の送信元のスイッチ33-1に対して、制御情報(フローエントリ)の送信要求(Packet-Inメッセージ)の契機となったパケットを、前記計算した経路に従い転送するよう指示する(ステップS007;非特許文献2のPacket-Outメッセージを利用)。 Finally, the control device 31 sends a control information (flow entry) transmission request (Packet-In message) to the switch 33-1 that is the transmission source of the control information (flow entry) transmission request (Packet-In message). Is instructed to transfer the packet that triggered the request according to the calculated route (step S007; using the Packet-Out message of Non-Patent Document 2).
 以上により、制御情報(フローエントリ)の送信要求(Packet-Inメッセージ)の契機となった制御パケット及び以降の制御パケットは、制御チャネルを構成する経路上のスイッチに設定された制御情報(フローエントリ)に従い、転送される。 As described above, the control packet that triggered the transmission request (Packet-In message) of the control information (flow entry) and the subsequent control packet are the control information (flow entry) set in the switch on the path constituting the control channel. ) And transferred.
 以上の処理により、スイッチ33-2又は33-3が制御装置31の制御対象に追加される。同様に、スイッチ33-4が、自身のルーティングテーブル331にて定められたスイッチ33-2又は33-3に対して制御パケットを送信すると、スイッチ33-2又は33-3が、制御装置31に対して、Packet-Inメッセージにて、スイッチ33-4からの制御パケットを処理するための制御情報(フローエントリ)の送信を要求する。そして、制御装置31が、必要な経路の計算と制御情報(フローエントリ)の設定を実行することで、スイッチ33-4が制御装置31の制御対象に追加される。最終的に、図10に示すように、制御装置31とスイッチ33-1~33-4との制御チャネルの確立が実現される。 Through the above processing, the switch 33-2 or 33-3 is added to the control target of the control device 31. Similarly, when the switch 33-4 transmits a control packet to the switch 33-2 or 33-3 determined in its own routing table 331, the switch 33-2 or 33-3 transmits to the control device 31. On the other hand, a packet-in message requests transmission of control information (flow entry) for processing the control packet from the switch 33-4. Then, the control device 31 calculates a necessary route and sets control information (flow entry), so that the switch 33-4 is added to the control target of the control device 31. Finally, as shown in FIG. 10, establishment of a control channel between the control device 31 and the switches 33-1 to 33-4 is realized.
 図11は、本発明の第1の実施形態の制御装置31の動作(制御チャネル張替え動作)を表したフローチャートである。以下、図11を参照して、制御装置31の制御チャネル張り替え動作について説明する。まず、スイッチ33-1~33-4は、それぞれ他のスイッチとの接続ポートのリンクダウンを検出すると、制御装置31に対して、障害通知(ポートダウン)を送信する。 FIG. 11 is a flowchart showing the operation (control channel switching operation) of the control device 31 according to the first embodiment of the present invention. Hereinafter, the control channel switching operation of the control device 31 will be described with reference to FIG. First, when each of the switches 33-1 to 33-4 detects a link down of a connection port with another switch, the switch 33-1 to 33-4 transmits a failure notification (port down) to the control device 31.
 制御装置31は、障害通知(ポートダウン)を受信すると(ステップS101)、制御チャネル管理部313にて、制御チャネル情報記憶部316に、当該スイッチのポートの障害によって影響を受ける制御チャネルを検索する(ステップS102)。なお、あるスイッチのポートの障害によって影響を受ける制御チャネルの存在は、図5に例示したエントリのフローエントリオーナー情報(スイッチ情報)と、インストラクションフィールドに定められた出力ポートが一致するエントリを探すことで見つけることができる。 When the control device 31 receives a failure notification (port down) (step S101), the control channel management unit 313 searches the control channel information storage unit 316 for a control channel affected by the failure of the port of the switch. (Step S102). The presence of a control channel that is affected by a failure of a port of a switch is searched for an entry in which the flow entry owner information (switch information) of the entry illustrated in FIG. 5 matches the output port defined in the instruction field. Can be found at
 前記検索の結果、ポートダウンの影響を受ける制御チャネルが見つかった場合、即ち、制御チャネルの張替えが必要であると判断した場合(ステップS103のYes)、制御装置31は、経路計算部311にて、代替経路を計算する。さらに、制御装置31は、スイッチ制御部312にて、この代替経路上のスイッチに設定する制御情報(フローエントリ)を生成する(ステップS104)。 As a result of the search, when a control channel affected by the port down is found, that is, when it is determined that the control channel needs to be replaced (Yes in step S103), the control device 31 uses the path calculation unit 311. , Calculate alternative routes. Further, in the control device 31, the switch control unit 312 generates control information (flow entry) to be set for the switch on this alternative route (step S104).
 前記代替経路の計算の結果、代替経路が計算でき、制御情報(フローエントリ)も生成できた場合(ステップS105のYes)、制御装置31は、ステップS104で計算した代替経路上のスイッチに、スイッチ制御部312にて生成したフローエントリを設定する(ステップS106)。また、制御装置31は、必要に応じて、従前の制御チャネル上のスイッチに対し、不要となった制御チャネル用の制御情報(フローエントリ)の削除を指示する。 As a result of the calculation of the alternative route, when the alternative route can be calculated and control information (flow entry) can also be generated (Yes in step S105), the control device 31 switches the switch on the alternative route calculated in step S104 to the switch. The flow entry generated by the control unit 312 is set (step S106). Further, the control device 31 instructs the switch on the previous control channel to delete the control information (flow entry) for the control channel that is no longer needed, if necessary.
 最後に、制御装置31は、ステップS104で計算した代替経路のオーナーのスイッチに対して、制御チャネルの張替えを指示する(ステップS107)。具体的には、制御装置31宛てのパケットを出力するポートを変更するようルーティングテーブル331の書き換えを指示する処理が行われる。 Finally, the control device 31 instructs the switch of the alternative path owner calculated in step S104 to switch the control channel (step S107). Specifically, processing for instructing rewriting of the routing table 331 is performed so as to change the port that outputs the packet addressed to the control device 31.
 なお、ステップS103において制御チャネルの張替えが不要であると判断した場合(ステップS103のNo)及びステップS105において代替経路が計算できなかった場合(ステップS105のNo)、トポロジ記憶部315のトポロジ情報から該当するスイッチを外し、制御対象から除外する処理が行われる。 If it is determined in step S103 that control channel replacement is not required (No in step S103) and if an alternative route cannot be calculated in step S105 (No in step S105), the topology information in the topology storage unit 315 is used. A process of removing the corresponding switch and excluding it from the control target is performed.
 ここで、具体例を示して制御チャネルの張替えを説明する。例えば、図8に示す一連の処理を繰り返すことにより、図10の両矢線に示すようなIn-band制御方式の制御チャネルが確立されていたものとする。 Here, a specific example will be described to explain the control channel replacement. For example, it is assumed that the control channel of the In-band control method as shown by the double arrow in FIG. 10 has been established by repeating the series of processing shown in FIG.
 図10の状態から、例えば、スイッチ33-1とスイッチ33-2間のリンクに障害が発生したものとする。このとき、スイッチ33-1は、制御装置31に対して、スイッチ33-2との接続ポートのポートダウンを通知する。 From the state of FIG. 10, for example, assume that a failure has occurred in the link between the switch 33-1 and the switch 33-2. At this time, the switch 33-1 notifies the control device 31 that the port connected to the switch 33-2 is down.
 前記通知を受けた制御装置31は、制御チャネル情報記憶部316に保持される制御チャネル情報を参照して、当該リンクの障害により影響を受ける制御チャネルは、スイッチ33-2の制御チャネルと、スイッチ33-4の制御チャネルであると判定する。そして、制御装置31は、経路計算部311にて、例えば、図12に示すような代替経路を計算する。 The control device 31 that has received the notification refers to the control channel information held in the control channel information storage unit 316, and the control channel affected by the failure of the link is the control channel of the switch 33-2 and the switch It is determined that the control channel is 33-4. And the control apparatus 31 calculates an alternative path | route as shown, for example in FIG.
 そして、制御装置31は、従前の制御チャネル上のスイッチに設定されていた制御情報(フローエントリ)を削除するとともに、新しい制御チャネル上のスイッチに対し、前記代替経路に沿って制御パケットを転送させる制御情報(フローエントリ)を送信する。 Then, the control device 31 deletes the control information (flow entry) set in the switch on the previous control channel, and causes the switch on the new control channel to transfer the control packet along the alternative route. Send control information (flow entry).
 最後に、制御装置31は、制御チャネルの変更が生じたスイッチ33-2と、スイッチ33-4に対して、制御チャネルの張り替え(ルーティングテーブル331の書き換え)を指示する。以上により、制御チャネルの張り替えが完了する。 Finally, the control device 31 instructs the switch 33-2 and the switch 33-4 in which the control channel is changed to change the control channel (rewrite the routing table 331). Thus, the control channel replacement is completed.
 なお、スイッチに対して、ルーティングテーブル331の書き換えを指示する方法としては、次の2つ方法が考えられる。
(1)第1の方法は、UDP(User Datagram Protocol)を利用する方法である。予めスイッチ33に、制御チャネル張替え用のポートを用意して、Listen状態にしておく。そして、制御装置31から制御チャネル張替え指示を受けると、スイッチ33は、ルーティングテーブル331を書き換えた上で、制御チャネルの再接続を行う。ルーティングテーブル331の書き換え内容は制御チャネル張替え指示に含めればよい。 Note that the following two methods are conceivable as a method of instructing the switch to rewrite the routing table 331.
(1) The first method is a method using UDP (User Datagram Protocol). A port for switching the control channel is prepared in advance in the switch 33 and is set in the Listen state. When receiving the control channel switching instruction from the control device 31, the switch 33 rewrites the routing table 331 and reconnects the control channel. The rewriting contents of the routing table 331 may be included in the control channel switching instruction.
(2)第2の方法は、スイッチ33の制御情報記憶部333に、ルーティングテーブルの書き換えを実行させる制御情報(フローエントリ)を事前に設定しておく方法である。例えば、所定のマッチ条件と、ネットワークプロセッサによるパケットの解読とルーティングテーブル331の書き換えを行わせるインストラクション(処理内容)とを設定した制御情報(フローエントリ)を設定しておく。そして、当該スイッチ33に対し、最寄のスイッチからパケットを送信させることで、ルーティングテーブルの書き換えと制御チャネルの再接続を行わせることができる。ルーティングテーブル331の書き換え内容は、マッチ条件とルーティングテーブル331の書き換え内容とが異なる複数の制御情報(フローエントリ)を設定しておき、当該スイッチに送信するパケットを変更することで制御できる。 (2) The second method is a method in which control information (flow entry) for rewriting the routing table is set in advance in the control information storage unit 333 of the switch 33. For example, control information (flow entry) in which predetermined matching conditions and instructions (processing contents) for decoding a packet by the network processor and rewriting the routing table 331 are set. Then, by causing the switch 33 to transmit a packet from the nearest switch, the routing table can be rewritten and the control channel can be reconnected. The rewriting contents of the routing table 331 can be controlled by setting a plurality of control information (flow entries) having different match conditions and rewriting contents of the routing table 331 and changing a packet transmitted to the switch.
 最後に、上記制御チャネルの張替えを一般的なTCP(Transmission Control Protocol)で実現しない理由について説明する。それは、制御装置31と、スイッチ33がネゴシエーションしてTCP通信を確立するときに、スイッチ33からのパケットが、書き換え前のルーティングテーブル331に従って障害が起きている経路に送信されてしまい、失敗する可能性があるためである。 Finally, the reason why the above control channel replacement is not realized by a general TCP (Transmission Control Protocol) will be described. That is, when the control device 31 and the switch 33 negotiate to establish TCP communication, the packet from the switch 33 is transmitted to the path in which the failure has occurred according to the routing table 331 before rewriting, and may fail. It is because there is sex.
 例えば、図12のスイッチ33-4のルーティングテーブル331を書き換えようとしたとき、スイッチ33-4から制御装置31へのパケットは、張り替え前の経路上のスイッチ33-2に送信されて制御装置31に到達しないことになる。この点、上述した2つのルーティングテーブル331の書換指示方法によれば、確実にルーティングテーブル331を書き換えさせることができる。 For example, when the routing table 331 of the switch 33-4 in FIG. 12 is to be rewritten, a packet from the switch 33-4 to the control device 31 is transmitted to the switch 33-2 on the route before re-transition and is transmitted to the control device 31. Will not reach. In this regard, according to the above-described rewriting instruction method for the two routing tables 331, the routing table 331 can be reliably rewritten.
 また、上述した2つのルーティングテーブル331の書換指示方法を利用するにあたっては、セキュリティを考慮することが好ましい。例えば、悪意のある第三者が制御装置31になりすまして、ルーティングテーブル331の書換を指示することで、スイッチが乗っ取られることを可能性がある。 Also, when using the above-described two routing table 331 rewrite instruction methods, it is preferable to consider security. For example, there is a possibility that a malicious third party impersonates the control device 31 and instructs the rewriting of the routing table 331 to take over the switch.
 この問題を解決する方法としては、電子署名等の仕組みを利用することが考えられる。即ち、制御チャネル確立時、制御装置31とスイッチ33はお互いの公開鍵を交換しておくようにする。そして、障害発生時、制御装置31は該当スイッチ33に対して制御チャネル張替え指示を出すが、そのハッシュ値を制御装置31自身の秘密鍵で暗号化して電子署名を作成する。そして、制御装置31はスイッチ33の公開鍵で制御チャネル張替え指示を暗号化し、電子署名を付加してスイッチ33に送信する。スイッチ33は、暗号化された制御チャネル張替え指示を受信すると、スイッチ33自身の秘密鍵を用いて制御チャネル張替え指示を復号する。次に、前記事前に交換した制御装置31の公開鍵で制御チャネル張替え指示のハッシュ値を求め、制御装置31から送られてきたハッシュ値と比較し、改ざんされていないことを確認する。 It is conceivable to use a mechanism such as an electronic signature as a method for solving this problem. That is, when the control channel is established, the control device 31 and the switch 33 exchange their public keys with each other. When a failure occurs, the control device 31 issues a control channel switching instruction to the corresponding switch 33. The hash value is encrypted with the private key of the control device 31 itself to create an electronic signature. Then, the control device 31 encrypts the control channel switching instruction with the public key of the switch 33, adds an electronic signature, and transmits it to the switch 33. When the switch 33 receives the encrypted control channel switching instruction, the switch 33 decrypts the control channel switching instruction using the private key of the switch 33 itself. Next, the hash value of the control channel redirection instruction is obtained with the public key of the control device 31 exchanged in advance, and compared with the hash value sent from the control device 31 to confirm that it has not been tampered with.
 以上のように、本実施形態によれば、OpenFlowに代表される集中制御型のネットワークにおいて、In-band制御方式でスイッチを制御する場合の耐障害性、可用性の向上させることが可能となる。具体的には、ポートの状態変化から制御チャネルへの影響有無を判断し、最小限のダウンタイムで問題に対処することができる。 As described above, according to the present embodiment, it is possible to improve fault tolerance and availability when a switch is controlled by an in-band control method in a centralized control type network represented by OpenFlow. Specifically, it is possible to determine whether or not there is an influence on the control channel from a change in the state of the port, and to deal with the problem with a minimum of downtime.
 そして、必要に応じて、制御チャネルの代替経路を計算してその制御チャネルの張替えを行ない、スイッチの制御を継続することができるようになる。 Then, if necessary, it is possible to calculate an alternative route for the control channel and replace the control channel to continue control of the switch.
 以上、本発明の各実施形態を説明したが、本発明は、上記した実施形態に限定されるものではなく、本発明の基本的技術的思想を逸脱しない範囲で、更なる変形・置換・調整を加えることができる。例えば、各図面に示したネットワーク構成や要素の構成は、本発明の理解を助けるための一例であり、これらの図面に示した構成に限定されるものではない。 Although the embodiments of the present invention have been described above, the present invention is not limited to the above-described embodiments, and further modifications, substitutions, and adjustments are possible without departing from the basic technical idea of the present invention. Can be added. For example, the network configuration and the configuration of elements shown in the drawings are examples for helping understanding of the present invention, and are not limited to the configurations shown in these drawings.
 また例えば、上記した実施形態では、スイッチからのポートダウン通知の受信を契機として、制御チャネルを張り替えるものとして説明したが、制御チャネルを収容しているデータ転送チャネルにおける輻輳の発生、当該制御チャネルによって制御されるスイッチへのホストの新規接続などの契機で、制御チャネルの張り直しを行うことができる。なお、データ転送チャネルにおける輻輳の発生は、制御装置31がスイッチ33から制御情報(フローエントリ)内のマッチ条件に適合したパケットの統計情報を記録するカウンタの値を問い合わせることで確認できる。また、スイッチ33へのホストの新規接続は、前記ホストから送信されたパケットについてのPacket-Inメッセージをスイッチ33から受信することで検出できる。 In addition, for example, in the above-described embodiment, the control channel is replaced when triggered by the reception of the port down notification from the switch. However, the occurrence of congestion in the data transfer channel that accommodates the control channel, the control channel The control channel can be re-established when a host is newly connected to the switch controlled by the control. The occurrence of congestion in the data transfer channel can be confirmed by the controller 31 inquiring from the switch 33 the value of the counter that records the statistical information of the packet that matches the matching condition in the control information (flow entry). Further, a new connection of the host to the switch 33 can be detected by receiving from the switch 33 a Packet-In message for a packet transmitted from the host.
 最後に、本発明の好ましい形態を要約する。
[第1の形態]
 (上記第1の視点による制御装置参照)
[第2の形態]
 第1の形態の制御装置において、
 前記制御チャネル再構成部は、前記制御チャネルの経路上のスイッチに障害が発生したことを契機として、前記制御チャネルの経路を変更する制御装置。
[第3の形態]
 第1又は第2の形態の制御装置において、
 前記制御チャネルの経路上のデータ転送チャネルに輻輳が発生したことを契機として、前記制御チャネルの経路を変更する制御装置。
[第4の形態]
 第1から第3いずれか一の形態の制御装置において、
 制御チャネル再構成部は、UDP(User Datagram Protocol)を用いて、前記スイッチに対し、制御チャネルの変更指示を送信し、
 前記スイッチに、前記制御装置への制御パケットの転送用のルーティングテーブルを書き換えさせる制御装置。
[第5の形態]
 第1から第3いずれか一の形態の制御装置において、
 前記スイッチに、前記制御装置への制御パケットの転送用のルーティングテーブルを書き換えさせる制御情報を設定しておき、
 前記スイッチに対し、前記制御情報にマッチする制御チャネルの変更指示用のパケットを送信することにより、前記スイッチに、前記制御装置への制御パケットの転送用のルーティングテーブルを書き換えさせる制御装置。
[第6の形態]
 第4又は第5の形態の制御装置において、
 前記スイッチに対する前記制御チャネルの変更指示に、所定の電子署名を付加する制御装置。
[第7の形態]
 (上記第2の視点によるスイッチ参照)
[第8の形態]
 (上記第3の視点による通信システム参照)
[第9の形態]
 (上記第4の視点によるスイッチの制御方法参照)
[第10の形態]
 (上記第5の視点によるプログラム参照)
 なお、上記第7~第10の形態は、第1の形態と同様に、第2~第6の形態に展開することが可能である。 Finally, a preferred form of the invention is summarized.
[First embodiment]
(Refer to the control device according to the first viewpoint)
[Second form]
In the control device of the first form,
The control device that changes the path of the control channel when the failure occurs in a switch on the path of the control channel.
[Third embodiment]
In the control device of the first or second form,
A control device that changes a path of the control channel when congestion occurs in a data transfer channel on the path of the control channel.
[Fourth form]
In the control device according to any one of the first to third aspects,
The control channel reconfiguration unit transmits a control channel change instruction to the switch using UDP (User Datagram Protocol),
A control device that causes the switch to rewrite a routing table for transferring control packets to the control device.
[Fifth embodiment]
In the control device according to any one of the first to third aspects,
Control information for rewriting the routing table for transferring the control packet to the control device is set in the switch,
A control device that causes the switch to rewrite a routing table for transferring control packets to the control device by transmitting a control channel change instruction packet that matches the control information to the switch.
[Sixth embodiment]
In the control device of the fourth or fifth aspect,
A control device that adds a predetermined electronic signature to the control channel change instruction to the switch.
[Seventh form]
(Refer to the switch from the second viewpoint above.)
[Eighth form]
(Refer to the communication system according to the third viewpoint)
[Ninth Embodiment]
(Refer to the switch control method from the fourth point of view)
[Tenth embodiment]
(Refer to the program from the fifth viewpoint above)
Note that the seventh to tenth embodiments can be developed into the second to sixth embodiments as in the first embodiment.
 なお、上記の特許文献および非特許文献の各開示を、本書に引用をもって繰り込むものとする。本発明の全開示(請求の範囲を含む)の枠内において、さらにその基本的技術思想に基づいて、実施形態ないし実施例の変更・調整が可能である。また、本発明の請求の範囲の枠内において種々の開示要素(各請求項の各要素、各実施形態ないし実施例の各要素、各図面の各要素等を含む)の多様な組み合わせ、ないし選択が可能である。すなわち、本発明は、請求の範囲を含む全開示、技術的思想にしたがって当業者であればなし得るであろう各種変形、修正を含むことは勿論である。特に、本書に記載した数値範囲については、当該範囲内に含まれる任意の数値ないし小範囲が、別段の記載のない場合でも具体的に記載されているものと解釈されるべきである。 It should be noted that the disclosures of the above patent documents and non-patent documents are incorporated herein by reference. Within the scope of the entire disclosure (including claims) of the present invention, the embodiments and examples can be changed and adjusted based on the basic technical concept. Further, various combinations or selections of various disclosed elements (including each element of each claim, each element of each embodiment or example, each element of each drawing, etc.) within the scope of the claims of the present invention. Is possible. That is, the present invention of course includes various variations and modifications that could be made by those skilled in the art according to the entire disclosure including the claims and the technical idea. In particular, with respect to the numerical ranges described in this document, any numerical value or small range included in the range should be construed as being specifically described even if there is no specific description.
 31、31A 制御装置
 33、33-1~33-4 スイッチ
 311 経路計算部
 312 スイッチ制御部
 313 制御チャネル管理部
 314 制御チャネル再構成部
 315 トポロジ記憶部
 316 制御チャネル情報記憶部
 331 ルーティングテーブル
 332 パケット処理部
 333 制御情報記憶部 31, 31A Control device 33, 33-1 to 33-4 Switch 311 Path calculation unit 312 Switch control unit 313 Control channel management unit 314 Control channel reconfiguration unit 315 Topology storage unit 316 Control channel information storage unit 331 Routing table 332 Packet processing 333 Control information storage unit

Claims (10)

  1.  データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、
     前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、
     前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、
     前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更する制御チャネル再構成部と、を備えた制御装置。     A topology storage unit for storing connection relationships between switches connected by a data transfer channel;
    A control channel management unit that manages information of a control channel configured using the data transfer channel between the switches;
    A switch control unit for controlling the switch group via the control channel;
    A control channel reconfiguration unit configured to change a path of the control channel based on information obtained from the switch;
  2.  前記制御チャネル再構成部は、前記制御チャネルの経路上のスイッチに障害が発生したことを契機として、前記制御チャネルの経路を変更する請求項1の制御装置。 The control device according to claim 1, wherein the control channel reconfiguration unit changes the path of the control channel when a failure occurs in a switch on the path of the control channel.
  3.  前記制御チャネル再構成部は、前記制御チャネルの経路上のデータ転送チャネルに輻輳が発生したことを契機として、前記制御チャネルの経路を変更する請求項1又は2の制御装置。 The control device according to claim 1 or 2, wherein the control channel reconfiguration unit changes a path of the control channel when congestion occurs in a data transfer channel on the path of the control channel.
  4.  制御チャネル再構成部は、UDP(User Datagram Protocol)を用いて、前記スイッチに対し、制御チャネルの変更指示を送信し、
     前記スイッチに、前記制御装置への制御パケットの転送用のルーティングテーブルを書き換えさせる請求項1から3いずれか一の制御装置。     The control channel reconfiguration unit transmits a control channel change instruction to the switch using UDP (User Datagram Protocol),
    4. The control device according to claim 1, wherein the switch rewrites a routing table for transferring a control packet to the control device. 5.
  5.  前記スイッチに、前記制御装置への制御パケットの転送用のルーティングテーブルを書き換えさせる制御情報を設定しておき、
     前記スイッチに対し、前記制御情報にマッチする制御チャネルの変更指示用のパケットを送信することにより、前記スイッチに、前記制御装置への制御パケットの転送用のルーティングテーブルを書き換えさせる請求項1から3いずれか一の制御装置。     Control information for rewriting the routing table for transferring the control packet to the control device is set in the switch,
    4. The control switch change instruction packet matching the control information is transmitted to the switch so that the switch rewrites a routing table for transferring the control packet to the control device. One of the control devices.
  6.  前記スイッチに対する前記制御チャネルの変更指示に、所定の電子署名を付加する請求項4又は5の制御装置。 The control device according to claim 4 or 5, wherein a predetermined electronic signature is added to the control channel change instruction to the switch.
  7.  請求項4から6いずれか一の制御装置に対する制御パケットの転送用のルーティングテーブルを備え、
     前記制御装置からの前記制御チャネルの変更指示に応じて、前記ルーティングテーブルを書き換えるスイッチ。     A routing table for transferring control packets to the control device according to claim 4;
    A switch for rewriting the routing table in response to an instruction to change the control channel from the control device.
  8.  データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、
     前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、
     前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、
     前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更する制御チャネル再構成部と、を備えた制御装置と、
     前記制御チャネルを介して制御装置から設定された制御情報に基づいて、受信パケットを処理するスイッチ群と、を含む通信システム。     A topology storage unit for storing connection relationships between switches connected by a data transfer channel;
    A control channel management unit that manages information of a control channel configured using the data transfer channel between the switches;
    A switch control unit for controlling the switch group via the control channel;
    A control device comprising a control channel reconfiguration unit that changes the path of the control channel based on information obtained from the switch;
    A switch group that processes received packets based on control information set by a control device via the control channel.
  9.  データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、
     前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、
     前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、を備えた制御装置が、
     前記スイッチから、前記制御チャネルとして使用されているデータ転送チャネルの状態を示す情報を取得するステップと、 
     前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更するステップと、を含むスイッチの制御方法。     A topology storage unit for storing connection relationships between switches connected by a data transfer channel;
    A control channel management unit that manages information of a control channel configured using the data transfer channel between the switches;
    A control device comprising: a switch control unit that controls the switch group via the control channel;
    Obtaining information indicating a state of a data transfer channel used as the control channel from the switch;
    Changing the path of the control channel based on information obtained from the switch.
  10.  データ転送チャネルによって接続されたスイッチ間の接続関係を記憶するトポロジ記憶部と、
     前記スイッチ間の前記データ転送チャネルを用いて構成された制御チャネルの情報を管理する制御チャネル管理部と、
     前記制御チャネルを介して前記スイッチ群を制御するスイッチ制御部と、を備えたコンピュータに、
     前記スイッチから、前記制御チャネルとして使用されているデータ転送チャネルの状態を示す情報を取得する処理と、
     前記スイッチから得られた情報を元に、前記制御チャネルの経路を変更する処理と、を実行させるプログラム。     A topology storage unit for storing connection relationships between switches connected by a data transfer channel;
    A control channel management unit that manages information of a control channel configured using the data transfer channel between the switches;
    A computer comprising a switch control unit that controls the switch group via the control channel,
    A process of acquiring information indicating a state of a data transfer channel used as the control channel from the switch;
    A program for executing a process of changing a route of the control channel based on information obtained from the switch.
PCT/JP2014/051913 2013-01-30 2014-01-29 Control apparatus, switch, communication system, switch control method and program WO2014119602A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013015091 2013-01-30
JP2013-015091 2013-01-30

Publications (1)

Publication Number Publication Date
WO2014119602A1 true WO2014119602A1 (en) 2014-08-07

Family

ID=51262315

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/051913 WO2014119602A1 (en) 2013-01-30 2014-01-29 Control apparatus, switch, communication system, switch control method and program

Country Status (1)

Country Link
WO (1) WO2014119602A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016117303A1 (en) * 2015-01-19 2016-07-28 日本電気株式会社 Communication control system, communication control method, and recording medium for same
WO2020027181A1 (en) * 2018-08-01 2020-02-06 日本電気株式会社 Switch, control device, communication system, communication control method and program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS6281146A (en) * 1985-10-03 1987-04-14 Nec Corp Constituting system for network controlling bus network
JP2012129864A (en) * 2010-12-16 2012-07-05 Hitachi Ltd Communication system and method for controlling user access device
WO2012101692A1 (en) * 2011-01-28 2012-08-02 Nec Corporation Communication system, control information relay device, control device, and control information transmission method and program

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS6281146A (en) * 1985-10-03 1987-04-14 Nec Corp Constituting system for network controlling bus network
JP2012129864A (en) * 2010-12-16 2012-07-05 Hitachi Ltd Communication system and method for controlling user access device
WO2012101692A1 (en) * 2011-01-28 2012-08-02 Nec Corporation Communication system, control information relay device, control device, and control information transmission method and program

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016117303A1 (en) * 2015-01-19 2016-07-28 日本電気株式会社 Communication control system, communication control method, and recording medium for same
RU2679555C1 (en) * 2015-01-19 2019-02-11 Нек Корпорейшн Communication control system, communication control method and record media
US10462016B2 (en) 2015-01-19 2019-10-29 Nec Corporation Communication control system, communication control method, and recording medium
WO2020027181A1 (en) * 2018-08-01 2020-02-06 日本電気株式会社 Switch, control device, communication system, communication control method and program
JPWO2020027181A1 (en) * 2018-08-01 2021-08-02 日本電気株式会社 Switches, control devices, communication systems, communication control methods and programs
JP7067623B2 (en) 2018-08-01 2022-05-16 日本電気株式会社 Switches, control devices, communication systems, communication control methods and programs
US11522815B2 (en) 2018-08-01 2022-12-06 Nec Corporation Switch, control apparatus, communication system, communication control method and program

Similar Documents

Publication Publication Date Title
JP6053003B2 (en) Transmission system, transmission apparatus, and transmission method
JP5494668B2 (en) Information system, control server, virtual network management method and program
JP5850068B2 (en) Control device, communication system, communication method, and program
JP5534037B2 (en) Information system, control device, virtual network providing method and program
JP5994851B2 (en) Transfer device control device, transfer device control method, communication system, and program
JP5585660B2 (en) Communication system, control device, processing rule setting method and program
US20150207675A1 (en) Path Control System, Control Apparatus, Edge Node, Path Control Method, And Program
WO2012090993A1 (en) Information system, control device, communication method and program
WO2011118574A1 (en) Communications system, control device, delay measuring method, and program
WO2011118586A1 (en) Communication system, control device, forwarding node, method for updating processing rules, and program
US20150256455A1 (en) Communication system, path information exchange apparatus, communication node, forwarding method for path information and program
JP5991385B2 (en) Control information management apparatus, control information presentation method, and program
WO2014104277A1 (en) Control apparatus, communication system, communication node control method and program
WO2014119602A1 (en) Control apparatus, switch, communication system, switch control method and program
JP5991427B2 (en) Control device, communication system, control information transmission method and program
JP6206493B2 (en) CONTROL DEVICE, COMMUNICATION SYSTEM, RELAY DEVICE CONTROL METHOD, AND PROGRAM
JP2017050708A (en) Communication system, control unit, switch, communication method, and program
JP2014160951A (en) Switch, control device, communication system, management method for control channel, and program
WO2014175335A1 (en) Controller, computer system, method for controlling communication, and program
JP6128132B2 (en) COMMUNICATION DEVICE, CONTROL DEVICE, COMMUNICATION SYSTEM, PACKET PROCESSING METHOD, COMMUNICATION DEVICE CONTROL METHOD, AND PROGRAM
JP6314970B2 (en) COMMUNICATION SYSTEM, CONTROL DEVICE, COMMUNICATION METHOD, AND PROGRAM
WO2014142081A1 (en) Transfer node, control device, communication system, packet processing method and program
WO2014027687A1 (en) Communication system, control information recording device, control device, control information recording method and program
JP2016225933A (en) Control device, control method for relay device, program, and communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14745427

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14745427

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP