CN100337441C - Method for table lookup in packet forwarding - Google Patents
Method for table lookup in packet forwarding Download PDFInfo
- Publication number
- CN100337441C CN100337441C CNB031223486A CN03122348A CN100337441C CN 100337441 C CN100337441 C CN 100337441C CN B031223486 A CNB031223486 A CN B031223486A CN 03122348 A CN03122348 A CN 03122348A CN 100337441 C CN100337441 C CN 100337441C
- Authority
- CN
- China
- Prior art keywords
- look
- packet
- type
- lookup
- forwarding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to a table lookup method for forwarding data packets, with which tables can be looked up via lookup table input data (KEY) with type lookup table differential domain. First of all, at least one KEY width mode is set up as required; data packets are classified based on packet header types according to different lookup tables; then the lookup KEY in which the type differential domain and a destination address (DA) domain are set is built; the types of the lookup table are differentiated via the type differential domain. Two lookup KEY width modes of 72 bit and 288 bit can be used or only one mode of 288 bit is used. The present invention provides a lookup method supporting the processing of all tables, so that route exchange equipment can fully support various IPv4/IPv6 lookup operations, help to look up all tables via hardware acceleration and effectively raise the handling ability of the equipment.
Description
Technical field
The present invention relates to electric numerical data and handle, relate in particular to a kind of look-up method of in equipment such as router, switch, transmitting packet.
Background technology
In the design of router and switch, must carry out the processing of tabling look-up for data, so that find the next node of packet, at present in the process of hardware handles, the common employing of searching at the IP bag has two kinds of implementation methods: the one, adopt special-purpose content adressable memory (CAM, Content Address Memory), can search content corresponding fast; The 2nd, adopt the special algorithm of searching, the outside utilizes static random-access memory (SSRAM) and dynamic random access memory (SDRAM) to come storage item.
Along with popularizing and extensive use of internet (Internet), IP agreement (Internet Protocol) is constantly perfect, the agreement that increases newly is more and more, for example: GRE (Generic RoutingEncapsulation, be common routed encapsulation), L2TP (Layer 2 tunneling protocol, be Layer 2 Tunneling Protocol), IPSec (IP Security, be IP safety), MPLS (MultiprotocolLabel Switching, be multiprotocol label switching), IP/IP (IP Encapsulation within IP, be IP encapsulation IP) etc., the content of tabling look-up also becomes increasingly complex.Along with present IPv6 (InternetProtocol version 6, be internet the 6th release protocol) research go deep into, by IPv4 (InternetProtocol version 4, be internet the 4th release protocol) must adopt tunneling technique and NAT-PT technology such as (network address translation-protocol conversions) again to the IPv6 transition, kind of tabling look-up and the scope that relates to are complicated more.
In realization, the general independently lookup table mode that adopts separately, promptly use independently MPLS table, IPv4 clean culture/multicast table, the MAC table, the L2TP table waits list item separately, the list item kind is more and more like this, external devices and interface are also more and more, and length each is different, realize complicated, usually in realization, can only take into account wherein one or both, adopt hardware to realize (be generally the traffic classification table and IPv4 clean culture/multicast is searched) in 1~2 important table, and all the other tables think that flow is little, adopt software to realize or the realization of the static random memory (SRAM) in chip internal uses sheet linear search, therefore for edge or gateway product, such performance must not satisfy growing network application needs, and cause route exchange device network-adaptive ability low, if L2TP adopts software to realize, work as equipment so and be applied in the many fields of L2TP service traffics, the port performance just reduces greatly, the traffic affecting forwarding performance, and random memory (RAM) causes the list item number few in the use sheet, is unfavorable for the large-scale application of network.
Prior art also adopts unified KEY (the input data of the look-up table) width of searching to table look-up, in IPv4, utilize such KEY that searches, for example 256, can be suitable for any wherein a kind of purposes of tabling look-up, but the result who tables look-up has bigger waste for most searching, as searching for common IPv4 clean culture, searching KEY only needs about 32bit (the IP address is 32), therefore all the other KEY spaces of searching of 224 have just all been wasted, and adopt existing unification search the KEY width, usually can only be as a kind of application of searching type, multiple needs that can not compatible IPv6 can not well be supported searching of IPv6.
Summary of the invention
Technical problem to be solved by this invention is: overcome the available data bag and transmit when adopting independent list item to table look-up, outside list item kind is many, realize complicated, and adopt unified when searching the KEY width and tabling look-up, can only be as a kind of deficiency of searching type application, a kind of look-up method of supporting the processing of whole list items is provided, thereby make route exchange device can support the table lookup operation of various IPv4/IPv6 comprehensively, all can hardware-acceleratedly realize for all look-up tables, improve the disposal ability of equipment effectively.
The present invention solves the problems of the technologies described above the technical scheme that is adopted to be:
The look-up method of this forwarding packet is characterized in that: adopt the look-up table input data (KEY) that have the type classification territory to table look-up, may further comprise the steps:
At first construct at least one and search KEY width pattern;
Packet header type according to packet is classified packet by different look-up tables;
Structure is searched KEY, search type classification territory and destination address (DA) territory are set among the KEY, determine type classification field width degree according to the classification situation of described packet, utilize described type classification territory that look-up table-type is distinguished, and table look-up according to described destination address domain, described destination address domain is determined according to the domain of dependence of determining forward-path in the packet packet header.
The described KEY of searching can adopt 72 and 288 two kinds of width patterns, or only adopts 288 a kind of width patterns.
Look-up table is divided into 16 classes, adopts 4 described type classification territories to distinguish different look-up table-type.
Can adopt Hash (HASH) or other algorithm is certain fixing length with destination address domain among the described KEY of searching or the unification of type classification territory.
Internet Protocol (IP) type can be contained in described type classification territory, also can contain the ATM(Asynchronous Transfer Mode) type.
In system, safeguard a forwarding information base that comprises various tunnel information tables and common forwarding information table,, forwarding information base is searched, determine that next jumps out mouth by the described KEY of searching carrying out the tunnel when handling.
Beneficial effect of the present invention is: the present invention is directed to these contradictory problems in the field of searching at present, simplified the kind of tabling look-up, various list items are merged into a kind of lookup table mode, look-up table-type adopts the difference of type classification territory, same physical isolation table can be supported IPv4 simultaneously, IPv6, L2TP, MPLS, GRE, IP/IP, IPSec, 6to4, automatic tunnel, manual tunnel, the multiple content of searching of scopes such as NAT-PT, list item space can be shared use fully, make route exchange device can support the table lookup operation of various IPv4/IPv6 comprehensively, all can hardware-acceleratedly realize for all look-up tables, improved the disposal ability of equipment effectively.
When utilizing the present invention to carry out the tunnel processing, can find forwarding information base by this general KEY that searches, can comprise various tunnel information tables and common forwarding information table in the forwarding information base, all look-up tables can be searched by the KEY that searches of Unified Form, interface to outside look-up table has only one, thereby the realization of very convenient hardware, can form a general flow process of searching, the invention provides a kind of processing that both can support whole list items, the efficient ways of the performance of tabling look-up comprehensively and effectively can be provided again.
Description of drawings
Fig. 1 does not wait width to search the KEY schematic diagram for the present invention;
Fig. 2 utilizes the present invention to search the general process chart of searching that KEY searches.
Embodiment
With embodiment the present invention is described in further detail with reference to the accompanying drawings below:
At first construct one or two and search KEY width pattern, for example 72bit and 288bit.
When IP traffic enters data processing unit, at first according to the type in packet header of packet with packet according to different look-up table classification, and provide and search the KEY value accordingly, can setting data bag look-up table be 16 classes here: IPv4 clean culture, IPv4 multicast, MPLS, L2TP, GRE, IP/IP, IPSec, IPv6 clean culture, IPv6 multicast, 6to4 tunnel ....
Make up according to following dual mode then and search KEY, use 4bit type classification territory (16 types) to show and search type:
| 4bit | 68bit |
| The table type | The destination address of packet (DA) |
Perhaps
| 4bit | 284bit |
| The table type | The destination address of packet (DA) |
Destination address (DA, Destination Address) determines according to the domain of dependence in packet packet header, as:
When the IPv4 clean culture: DA=purpose IPv4 address
When the IPv4 multicast: IPv4 address, DA=source+group IPv4 address
When MPLS: the DA=label
When the IPv6 clean culture: DA=purpose IPv6 address
DA also can be the HASH value or the combined value in IP address and TOS territories such as (COS).
For searching of IPv6, can only adopt the KEY method of 288bit to search.
If adopt two kinds of methods of searching KEY of 72bit+288bit, the look-up table that then has two types of sizes physically, because all look-up tables have been classified as these two types, therefore can in same physical medium, realize, be illustrated in figure 1 as and do not wait width to search the KEY schematic diagram, in realization, can redistribute the logical space size of these two tables, thereby reach the dynamic adjustment of hardware store resource according to the needs of using.
The present invention also can adopt the single KEY width pattern of searching, the KEY that searches of 288bit only is provided, search KEY and cover whole spaces of searching, utilize the type classification territory of searching KEY to come the classification searching list item then, can search content by compatible all IPv4/IPv6 equally.
Certainly, the present invention also can adopt HASH or other algorithms, will search DA territory among the KEY or the unification of type classification territory on certain fixing length, and is for example that the DA territory is unified to 144bit, and the type classification territory is unified to 2bit, can reach purpose of the present invention equally.
In addition, except the IP type, also can contain the ATM(Asynchronous Transfer Mode) type in the type classification territory, utilize the present invention can realize equally tabling look-up comprehensively and effectively.
When a node support is handled as the forwarding of the encapsulation process of tunnel portal node, tunnel intermediate node and the decapsulation of tunnel egress node when handling, the processing of must tabling look-up accordingly, prior art is to search by look-up table mode independently, such as:
MPLS searches the tunnel table that should safeguard a MPLS,
L2TP searches the tunnel table that should safeguard a L2TP,
The IPv6 clean culture is searched and should be safeguarded IPv6 unicast table or the like.
Like this in execution is searched, make up according to corresponding protocols and independently to search after the KEY, at first to judge and search which kind of agreement, find corresponding look-up table then, the look-up table that a plurality of different agreements in hardware is realized, will occur, it is self-existent separately respectively searching interface, realizes it being very disadvantageous for hardware.
The present invention combines the search KEY of all look-up tables by Unified Form, interface to outside look-up table has only one, the realization of very convenient hardware, form a general handling process of searching, as shown in Figure 2 (this flow process does not embody by the tunnel and receives and dispatches statistical counting, carries out the function of authentification of user):
1, receives Frame from the link layer interface.
2, data link layer (L2) is handled, and divests link layer packaging.
3, which kind of agreement the data message of determining isl frame is, makes the agreement of current processing protocol (CrP) for the indication of L2 protocol number territory, for example, to Ethernet, is IPv4 when Eth_Type is 0800.
4, by the requirement of CrP agreement the data message is done validity checking, and from heading, obtaining current destination address (DA), destination address (DA) index is according to the territory that is used for determining message forwarding path in the message, for example, DA is purpose IP address in the IP bag, and DA is the mark in the labeled slots in the MPLS bag.
5, remove to search the forwarding information base of CrP correspondence by the DA among the general KEY of searching of the present invention, include various tunnel information tables and common forwarding information table in the forwarding information base.
6, judge that whether this node is the used tunnel exit of this message, identifies tunnel type simultaneously.If this node is the used tunnel exit of this message, make then that CrP is the agreement of the data message in the tunnel, divest tunnel encapsulation, again message is done validity checking, from heading, obtain current DA, carry out forwarding lookup again; If this node is not the used tunnel exit of this message, then continue subsequent treatment.
When judging " this node whether the used tunnel exit of this message ",, then can directly judge according to the top layer mark if " current processing protocol " is MPLS; If " current processing protocol " is IPv4, deterministic process is as follows:
If purpose IP address is this node then
The if protocol number is TCP or UDP then
The if port numbers is the well-known port numbers then that is used for the tunnel
This node is a tunnel exit;
else
Be not;
end if;
Else if protocol number is the then that is used for tunnel protocol
This node is a tunnel exit;
else
Be not;
end if;
else
Be not;
end if;
If " current processing protocol " is other agreements, should do according to the regulation of this agreement.
7, in the forwarding information base, next jumps out mouth can be common outlet, also can be a tunnel portal, usage flag be distinguished this two classes outlet in the forwarding information base, is the inlet in certain bar tunnel if next jumps out mouth, then judge whether to enter the tunnel, if do not enter the tunnel, then carry out common searching, the packaging information after searching is taken out, and upgrade corresponding statistical management information, just direct then L2 link layer packaging sends;
If enter the tunnel, then be transferred in the tunnel handling process, obtain the distribution protocol type of tunnel type and use, and obtain structure distribution protocol packet header necessary information, carry out tunnel encapsulation, judge whether then and can directly determine the link layer outlet according to tunnel information, if can, then link layer packaging sends; If cannot, make then that CrP is a distribution protocol, make that current destination address DA is the DA in distribution protocol packet header, carry out forwarding lookup again.
System safeguards the tunnel information table in forwarding information base, look into the necessary information (information that comprises structure distribution protocol heading and structure tunnel protocol heading needs) that this table can obtain carrying out tunnel encapsulation according to tunnel portal ID (Identifier, i.e. identifier).
For MPLS,, can directly determine the link layer outlet according to tunnel information because it is connection-oriented; And for the tunnel that uses IPv4 as bearing protocol, generally can only determine the IPv4 address of tunnel egress node when setting up the tunnel, can not directly determine link layer outlet, therefore need look into the link layer outlet of once transmitting again with the specified data bag at this node.But, in some special application scenarios (for example, use the tunnel to insert as the user, channel message must receive from the interface of appointment or send), just can determine this tunnel link corresponding layer outlet when setting up the tunnel, just not need to look into once again to have transmitted in this case.
By above flow process, if because configuration error, causing the DA in the distribution protocol packet header in the tunnel information is exactly this node, the circulation of " encapsulating a decapsulation " can occur, this might make a packet by unlimited processing, thereby has a strong impact on the forwarding handling property of node.For fear of the generation of this situation, can be when obtaining distribution protocol header DA, judge whether this node DA of this DA, if then with data packet discarding; Another kind method is, is limited in the node the number of times of a packet encapsulation and the number of times of decapsulation, when the number of times of encapsulation or decapsulation exceeds certain value, abandons this packet.
When utilizing this general KEY of searching of the present invention that forwarding information base is searched, can all look-up tables be searched by the KEY that searches of Unified Form, can form a general flow process of searching, the interface of outside look-up table is had only one, the realization of very convenient hardware.
Claims (6)
1, a kind of look-up method of transmitting packet is characterized in that: adopt the look-up table input data that have the type classification territory to table look-up, may further comprise the steps:
At first construct the width pattern of at least one look-up table input data;
Packet header type according to packet is classified packet by different look-up tables;
Make up look-up table input data, in the look-up table input data type classification territory and destination address domain are set, determine type classification field width degree according to the classification situation of described packet, utilize described type classification territory that look-up table-type is distinguished, and table look-up according to described destination address domain, described destination address domain is determined according to the domain of dependence of determining forward-path in the packet packet header.
2, the look-up method of forwarding packet according to claim 1 is characterized in that: 72 and 288 two kinds of width patterns of described look-up table input The data, or only adopt 288 a kind of width patterns.
3, the look-up method of forwarding packet according to claim 1 and 2 is characterized in that: look-up table is divided into 16 classes, adopts 4 described type classification territories to distinguish different look-up table-type.
4, the look-up method of forwarding packet according to claim 1 and 2 is characterized in that: adopting hash algorithm is certain fixing length with destination address domain or the unification of type classification territory in the described look-up table input data.
5, the look-up method of forwarding packet according to claim 1 and 2 is characterized in that: IP type or ATM type are contained in described type classification territory.
6, the look-up method of forwarding packet according to claim 1 and 2, it is characterized in that: in system, safeguard a forwarding information base that comprises various tunnel information tables and common forwarding information table, when carrying out the tunnel processing, by described look-up table input data forwarding information base is searched, determined that next jumps out mouth.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031223486A CN100337441C (en) | 2003-04-30 | 2003-04-30 | Method for table lookup in packet forwarding |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031223486A CN100337441C (en) | 2003-04-30 | 2003-04-30 | Method for table lookup in packet forwarding |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1543131A CN1543131A (en) | 2004-11-03 |
| CN100337441C true CN100337441C (en) | 2007-09-12 |
Family
ID=34321002
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031223486A Expired - Fee Related CN100337441C (en) | 2003-04-30 | 2003-04-30 | Method for table lookup in packet forwarding |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100337441C (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101043428B (en) * | 2006-05-30 | 2012-05-02 | 华为技术有限公司 | Routing retransmitting method and system |
| CN101217435B (en) * | 2008-01-16 | 2011-03-16 | 中兴通讯股份有限公司 | L2TP over IPSEC remote access method and device |
| CN109376789B (en) * | 2018-10-31 | 2020-12-08 | 钟祥博谦信息科技有限公司 | Network packet classification algorithm and system |
| US11722525B2 (en) * | 2021-04-14 | 2023-08-08 | Cisco Technology, Inc. | IPsec processing of packets in SoCs |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2000270021A (en) * | 1999-03-17 | 2000-09-29 | Nippon Telegr & Teleph Corp <Ntt> | Packet classification system |
| WO2001005116A2 (en) * | 1999-07-13 | 2001-01-18 | Alteon Web Systems, Inc. | Routing method and apparatus |
| US6457058B1 (en) * | 1998-09-29 | 2002-09-24 | Cisco Technology, Inc. | Network switch with hash table look up |
| US20030031167A1 (en) * | 2001-02-28 | 2003-02-13 | Singh Abhishek Ranjan | Methods and system for efficient route lookup |
| CN1399475A (en) * | 2001-07-25 | 2003-02-26 | 华为技术有限公司 | Quick flow-searching method |
-
2003
- 2003-04-30 CN CNB031223486A patent/CN100337441C/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6457058B1 (en) * | 1998-09-29 | 2002-09-24 | Cisco Technology, Inc. | Network switch with hash table look up |
| JP2000270021A (en) * | 1999-03-17 | 2000-09-29 | Nippon Telegr & Teleph Corp <Ntt> | Packet classification system |
| WO2001005116A2 (en) * | 1999-07-13 | 2001-01-18 | Alteon Web Systems, Inc. | Routing method and apparatus |
| US20030031167A1 (en) * | 2001-02-28 | 2003-02-13 | Singh Abhishek Ranjan | Methods and system for efficient route lookup |
| CN1399475A (en) * | 2001-07-25 | 2003-02-26 | 华为技术有限公司 | Quick flow-searching method |
Non-Patent Citations (1)
| Title |
|---|
| 通信技术 殷国泉 李乐民,11.13,IP多播的快速转发 2002 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1543131A (en) | 2004-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7174427B2 (en) | Device and method for handling MPLS labels | |
| CN1798101A (en) | Network device and method for disposing grouping | |
| CN101035060A (en) | Integrated processing method for three-folded content addressable memory message classification | |
| CN1863133A (en) | Method and apparatus for transmitting message | |
| Bando et al. | FlashTrie: beyond 100-Gb/s IP route lookup using hash-based prefix-compressed trie | |
| CN1453962A (en) | Internetwork protocol and method for setting main machine address and selecting source address | |
| CN1774900A (en) | A bounded index extensible hash-based IPv6 address lookup method | |
| CN101247308A (en) | Tunnel packet processing method for implementing IPv6 traversing IPv4 based on network processor | |
| CN1875585A (en) | Dynamic unknown L2 flooding control with MAC limits | |
| CN1706155A (en) | Shared port address translation on a router behaving as NAT and NAT-PT gateway | |
| CN101505279B (en) | Route searching method and apparatus | |
| CN1874313A (en) | Method of processing packet and metwork device | |
| CN1913454A (en) | Method and device for implementing sharing IP message load | |
| CN101030947A (en) | Method and apparatus for transmitting message | |
| CN1866845A (en) | Virtual identifying method for multicast forwarding table output port | |
| CN1216473C (en) | TCAM high-speed search method and system supporting multiple nexthop | |
| CN1691629A (en) | Method for implementing layer-2 equipment interconnection in resilient packet ring (RPR) based network | |
| CN106713144A (en) | Read-write method of message exit information and forwarding engine | |
| CN1773949A (en) | Switching in method for virtual special network and realizing apparatus | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| CN100337441C (en) | Method for table lookup in packet forwarding | |
| CN105515995B (en) | Message processing method and device | |
| US8730961B1 (en) | System and method for optimizing router lookup | |
| CN1697421A (en) | Method for implementing tunnel relay in network for carrying out conversion of network address | |
| EP2958288B1 (en) | A method of modifying packets to a generic format for enabling programmable modifications and an apparatus thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070912 Termination date: 20180430 |