CN100359885C - Method for forwarding data by strategic stream mode and data forwarding equipment - Google Patents
Method for forwarding data by strategic stream mode and data forwarding equipment Download PDFInfo
- Publication number
- CN100359885C CN100359885C CNB021248931A CN02124893A CN100359885C CN 100359885 C CN100359885 C CN 100359885C CN B021248931 A CNB021248931 A CN B021248931A CN 02124893 A CN02124893 A CN 02124893A CN 100359885 C CN100359885 C CN 100359885C
- Authority
- CN
- China
- Prior art keywords
- packet
- entry
- psfb
- forwarding
- stream
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to a method for retransmitting data by strategic stream modes and data retransmitting equipment. Being different from the one-by-one conventional retransmitting mode, the present invention uses the concept of data packet retransmitting based on data stream processing, simplifies the processing of retransmitting planes, and greatly improves the retransmitting efficiency of routers, or two or three layers of exchangers. Through an extensible retransmitting table of the strategic stream, the present invention can support various current and future application, such as Ipv 4 single cast retransmitting, multicasting retransmitting, strategic routing, fire wall, IPV6, MPLS, virtual private networks, 2 layer retransmitting, GTP (GPRS TunnelingProtocol), mobile IP, etc. Under the preconditions that signaling protocol, such as routing among nodes is not additionally introduced, all protocol (such as IETF series protocol) in mutual connection and communication in the original Internet network is constant, and the architecture and the hardware design of routing switching equipment are not changed, the present invention greatly improves the retransmitting efficiency, and is suitable for two or three layer routing switching equipment for access layers, concourse layers, backbone layers, etc. in current and future broadband IP networks, etc.
Description
Technical field
The present invention relates to the data transmission in network technology, specifically, relate to a kind of method and data transfer equipment of in network, transmitting data with strategic stream mode, it can improve routing table or transmit seek rate and forward efficiency, and goes for two or three layers of route exchange device such as Access Layer, convergence-level and backbone layer in the present and following broadband IP network and the equipment such as SGSN, GGSN, IGSN and PDSN in the mobile internet.
Background technology
Adopted the longest matching algorithm (LPM on traditional ip router based on purpose IP address search, Longest Prefix Match), and forward data packets one by one or handle at each packet, its search efficiency is lower and can't support complicated and variable business demand.If the user has new business demand, as tactful route, fire compartment wall and mobile IP etc., because search strategy that different application needs is different and algorithm, must construct different entries and support different application, so just caused the prolongation in the low and equipment development cycle of packet forward efficiency, and equipment also is difficult to realize surface speed forwarding.And at present increased popularity MPLS technology has adopted at network edge node and has shone upon information such as three layers routing and QoS with two layers of mark (Label) of fixed length, so just improved the efficient of transmitting at the server node, but caused having introduced complicated MPLS signaling system equally, increased the burden of router, improved maintenance and development cost, made the interoperability between the equipment become more complicated.The privately owned solution of some other producer, Netflow as Cisco has partly adopted the thought of handling based on stream, but it only is applied to charge and use and quicken, and can not be applicable in the forwarding of packet, so it still needs and other technology (as Cisco Express Forwarding) of processing is packet-by-packet used together.Given this, the present invention proposes notion based on the surface speed forwarding (Wirespeed Policy Stream Forwarding) of strategy stream, the present invention is not additionally introducing between node signaling protocol such as route, is guaranteeing in the former Internet net that all interconnection agreements (as the IETF serial protocols) are constant and do not change fully under the prerequisite of router architecture and hardware designs, improved the search efficiency of IP list item greatly, reduced the cost and the time of equipment development, and the business customizing interface of dynamic tailor can be provided for the user.The present invention goes for two or the three layers of route exchange device such as Access Layer, convergence-level and backbone layer in the present and following broadband IP network, and method of the present invention is to suitable equally based on SGSN, GGSN in two or three layers of route exchange device such as the Access Layer in the network of Ipv6, convergence-level and backbone layer and the mobile internet, IGSN (GPRS/WCDMA) and PDSN equipment such as (CDMA 2000/1X).
The general description of prior art
Networks development trend trends towards at present: intelligentized edge and access node add simple core node (Intelligent Edge ﹠amp; Dumb Core), that promptly finishes intelligence at edge and access node generates and to the control of user's stream with carrier-class is professional, and transmits at the IP that core node is finished simple high speed.In the networking topology of metropolitan area network, access node and convergence-level node just need can the convergence terminal user flow, and can provide various value-added services according to the demand of operator.But, because user's business demand has uncertainty (Uncertainty) and diversity (Versatility), so this network equipment that just requires the edge and insert side must have enhanced scalability and the ability that good custom service can be provided to the user.
In present convergence-level and the edge network equipment,, often adopted the mode of programmable network processing unit (NPU) and many CPU parallel processing in order to support various application.At every kind of concrete application, the route entry of network equipment structure different size is searched by each packet, and this has just caused searching the linearity reduction of performance and the exponential increase of programming complexity along with the increase of using.Different types of service means that the Forwarding plane at packet will use different search strategies and method, adopts longest prefix match (LPM) as singlecast router; Strategy route and ACL (Access Control List (ACL)) have adopted coupling (List by List Match) one by one, and multicast path is by difference (PIM or DVMRP) and topological different (Shared Tree or Source Tree) according to agreement, adopted<*, G 〉,<S, G〉etc. different search strategies; MPLS has adopted LPM at fringe node, searches (Exact Match) and adopted accurately at core node.And different search strategies just must cause equipment implementing complexity increase, forward efficiency to reduce and maintenance workload strengthens.
Several aspects that the prior art deficiency is embodied
I. the problem and shortage of transmitting based on the IP of packet
In prior network device, the overwhelming majority has adopted the IP based on bag to transmit.And in the process that bag is transmitted, need in routing table, search the IP bag purpose IP address, revise TTL (Time To Live), to packet make amendment and recomputate verification and etc. operation.Among these steps, revise ttl value and recomputate CRC check and etc. the time less of required cost, and searching of routing table is wherein the most consuming time.Traditional route querying is based on the longest matched and searched of purpose IP address, promptly finds one and the longest coupling clauses and subclauses of purpose IP address prefix in route.Following three clauses and subclauses are for example arranged in routing table (table 1):
| Prefix( 12bit) | Output Index |
| P1=0101 000000 | Ethernet 1/1 |
| P2=0101 110100 | |
| P3=0101 101011 | FDDI 3/1 |
Table 1 routing table
If a packet is arranged, its preceding 12 bit are 01010110111, and then it will mate P1, sends from Ethernet 1/1.And if its preceding 12 bit are 0101101011, then it can mate prefix P3, sends from FDDI 3/1.In the most frequently used longest prefix match scheme, mainly be based on the lookup scheme of Radix Trie table, this algorithm implements comparatively simple, but efficient is lower, under the poorest situation, needs 32 or 128 internal storage access (corresponding respectively to IPv4 or IPv6).And in some improved algorithm, the efficient of searching greatly improves, but still needs 0 (log2W) inferior, and wherein W is the bit figure place of IP address.If also promptly under the IPv4 situation, need 5 times, and under the IPV6 situation, need 7 times.
In order to improve the speed of searching, some producer or research institution have adopted special memory, as Content Addressable Memory (CAM) or Ternary CAM, but these memory price are very expensive, and need be to the row design again of the existing hardware configuration of router.In addition, some producer has adopted the expressway by caching technology (Cache), and the route entry that is about to visit recently deposits in the high-speed cache, when the IP bag enters router, at first searches the route among the Cache, just goes to visit routing table when can not find.Under the environment of some flow-rate ratio than equilibrium, adopt route Cache can improve access speed greatly, but under most of applicable cases (core of enterprise network and Internet), often destination address presents randomness and sudden, so route Cache technology often only is applicable to small-sized router.
Along with increase professional on the internet, in the process that the IP bag is transmitted and searched, may not need LPM simply, and need mate (List by List) one by one, the performance that traditional in this case IP transmits can sharply descend.As in ACL (Access Control List (ACL)) uses, if the clauses and subclauses of ACL are 300, consider under the worst situation, IP traffic that includes 300 a packets in the end entry (the 300) can obtain coupling, each packet in this data flow just need carry out 300 times internal storage access like this, entire stream then needs 300*300=90, and 000 visit just can be finished the ACL list item and search.
In addition, different business often needs different search strategies, and this has caused more under the mode of transmitting based on packet, and Forwarding plane is realized complexity and inefficiency.Because present high-performance router or access device, often in the process of transmitting, adopted separating of Forwarding plane and control plane, in the process of transmitting, adopted ASIC or network processing unit to realize, this has just caused the chip of Forwarding plane to realize extremely difficult or programming development cycle and length, is difficult to support complicated application.Based on the Ipv6 and the mobile interconnected network equipment similar deficiency is arranged too for those.
As from the foregoing, there is following problem in the IP forwarding based on packet:
1. in search procedure, cause search efficiency low based on the search strategy of long coupling to the IP address.
In addition, in the application that need search one by one, search efficiency is more low.
2. be difficult to the network enabled edge side and insert the side gusset complexity and changeable application.The difference of various application
Searching algorithm causes equipment to need the function of reprogramming or redesign ASIC.Even but the quick variation that such work also can't be caught up with application and demand, for example present a lot of three-tier switch equipment can't support that application such as NAT or PPPoE are exactly an illustration.
3. the interface of business customizing can't be provided, owing to adopt complicated algorithm rather than the unified forwarding strategy searched at Forwarding plane in the existing equipment, also can't have extensibility even realized present existing function like this, can't possess the ability of supporting the new business that may occur other future.
4. based on the Ipv6 and the mobile interconnected network equipment the similar deficiency of above 1-3 point is arranged too for those.
The problem and shortage that II, MPLS transmit
The MPLS technology is present popular IP switching technology.So-called MPLS, i.e. multi protocol label exchange.Label switched, the forwarding mechanism that refers to bottom has adopted simple label switched, and mark is incited somebody to action sign in return.When label switched with ATM or FR (frame relay) during as its link layer protocol, mark also corresponding employing VPI/VCI or DLCI.When the link layer of label switched is FDDI, Etherne t or PPP, because do not have label information in their original forms fully, must add extra encapsulation, what label switched adopted is the form of Shim.
Two layers of retransmission technique that MPLS adopts topology to drive.But when adopting MPLS to transmit, it need finish the mapping of forwarding equivalence class (FEC, Forwarding Equal Class) to mark (Label) at fringe node equally, then carries out quick forwarding based on mark at core node.Therefore, this means that the node at network edge need carry out the longest matched and searched and complicated strategy processing (as VPN, NAT and PPPOE) to each packet equally.In addition, for the Signalling exchange between support node, it has introduced complicated signaling protocol, as LDP (CR-LDP) or RSVP-TE, increase with regard to the software complexity that has caused equipment, and, the two big standards of present MPLS support that this has also caused the difficulty of network interoperability because being respectively different manufacturers.
As Fig. 1 basic composition of a MPLS network as can be seen.A typical mpls domain consists of the following components: LER (label edge router), LSR (label switch router) and LSP (label switch path).Wherein, LER is the edge router that is positioned at mpls domain, it is divided into different forwarding equivalence class FEC (ForwardingEquivalence Classes) to the packet that enters mpls domain according to certain rule, and packet is added the operation of (going into LER) or deletion (going out LER) mark according to different FEC; LSR is the middle switching node of mpls domain, and it finishes searching of mark and replacement process; LSP (Label Switching Path) then is the label switch path of being set up according to LDP by LSR and LER.Wherein LSR and LER can expand the IP routing function by traditional ATM and fr switch, also can be the High Speed IP routers of operation mpls protocol.
Shown that as Fig. 2 a typical IP bag is by the MPLS network condition.The I P that is 192.4.2.1 when a destination address wraps the boundary node LER that arrives mpls domain
InThe time, LER
InTo at first carry out the network layer parsing and carry out the FEC classification this bag, the standard of classification can have following three kinds: destination address prefix, host address or host address+QoS.Then, show to find an exit mark by searching FTN (FEC to NHILE), and finish the mapping on FEC to the LSP.When each intermediate node of bag process, LSR will search ILM (Incoming Label Mapping) according to the longest matching algorithm, finish (going into mark+incoming interface) mapping, will go into mark and replace to out mark, and the IP bag is forwarded to outgoing interface to (going out mark+outgoing interface).As the last LER that arrives of IP bag
OutThe time, LER
OutAt first mark is ejected stack, according to destination address the IP bag is carried out the IP layer then and transmit.
Though the MPLS scheme is transmitted to compare at fringe node with traditional IP and has been improved the efficient of transmitting, but still has the following disadvantages:
1, MPLS is in the complex process of fringe node to packet, and identical with the IP forwarding based on bag, it still needs to carry out the longest matched and searched, finishes the mapping from FEC to Label, therefore long and equipment complexity of the construction cycle of the edge device that causes equally.
2, the realization of MPLS need be introduced complicated MPLS signaling, increases the development cost and the maintenance cost of equipment greatly.IETF RFC relevant with MPLS and draft are nearly individual surplus in the of 80, and the equipment development merchant implements very complicated, and operator also is difficult to safeguard.
3, owing to two kinds of signaling protocols of support in the standard of MPLS, LDP (CR-LDP) and RSVP, and manufacturer that this two big sign is respectively different supports.So the use mpls protocol can cause the interoperability of the network equipment to have problems.
4, because MPLS and existing IP data network protocol are incompatible, need build new MPLS network again, for the equipment of route and three layers of switching node, if realize the MPLS function, just need to introduce signaling protocol between additional nodes, all interconnection agreements (as the IETF serial protocols) during former Internet nets change because will support MPLS, need to change router software architecture and whole software design;
5. based on the Ipv6 and the mobile interconnected network equipment similar deficiency is arranged too for those.The problem and shortage of III, CEF+Netflow (technology)
Fig. 3 shows the CEF technology that adopts on the cisco 12000 router of Cisco.Cisco has adopted CEF (Cisco Express Forwarding) technology in high-end router.The CEF technology is different from traditional route-cache mechanism, often is about to recently the route entry of visit and puts into Cache, with the seek rate of raising IP bag, and has adopted brand-new forwarding mechanism.Have two kinds of tables among the CEF, forwarding information base (FIB, Forwarding Information Base) and adjacency list (Adjacency Table).As figure below four, at first, routing engine operation Routing Protocol (comprising clean culture and multicast), and generation routing table, derive fib table by routing table then, can think that FIB is a subclass (shadow) of routing table, it comprises IP address and corresponding output port to next jumping of purpose IP prefix.Clauses and subclauses in FIB and the routing table are to concern one to one.When network topology changes, the corresponding variation will take place in FIB, and routing engine downloads to each ply-yarn drill to lastest imformation at any time.Link layer (layer 2) address that adjacency list then includes next jumping that connects at each outbound port (can be used for finishing the encapsulation of the packet that sends referring to figure below.Transmitting the link layer medium of supporting at present fast has: ATM, Frame Relay, Ethernet, FDDI, PPP, LAPS and HDLC.In general, adjacency list can obtain by operation ARP.And realize multicast path by the time, the data structure of transmitting fast is different with clean culture, multicast routing table is mapped as the pair of an inbound port to one group of outbound port with the pair of source IP address and multicast group.
In order to support application such as charging and ACL acceleration, Cisco has also used when using CEF and has also adopted netflow technology, has also promptly adopted the processing mode based on Flow.NetFlow itself does not transmit the IP data, and it needs and the CEF of Cisco uses together.It has adopted<and source address, destination address, source port, destination interface, protocol type, TOS, go into physical port〉identify a Flow, wrap statistics with byte at each Flow then, and when at some application (as ACL), it has adopted first packet of each Flow has been delivered to software processes, generates entry and quickens later forwarding afterwards.
Because the design of netflow technology is just in order to use and provide the acceleration function of some application at charging, it can not be transmitted packet separately, in addition, its entry design is not considered support and the expansion of complicated applications as authentication and tunnel protocol, for example, there are not fields such as source physical address and VLAN ID.Because netflow technology itself does not provide the function (not pointing to the link layer information of next jumping in entry) of transmitting packet, it must use (this is NetFlow and maximum difference of the present invention) together with other retransmission technique based on packet (as CEF or Fast Switching) of Cisco.
Therefore CEF technology and the netflow technology of Cisco have the following disadvantages:
1.CEF technology remains the IP retransmission technique based on bag, it has still adopted the mode of long matched and searched, and handles at each packet, and search efficiency is lower and be difficult to support complicated applications.
2.NetFlow introduced the thought of handling based on Flow in the technology, still, the design philosophy of itself is not in order to provide strategy circulation fast to send out and design, so it can only support application such as chargings, and processing is quickened in processing such as ACL.And in general clean culture and multicast forwarding, still adopted other quick retransmission technique of CEF or Cisco.
Shine upon Flow ID 3.CEF+NetFlow adopted seven fixing tuples, the application of technical support is less and lack flexibility, it is the simple technology based on three layers of processing, there be not the support of consideration to two-layer protocol, lack two layers of necessary information in the list item, can't support authentication function (as source port, VLAN ID and source MAC), two layers to transmit and mobile internet is used based on two layers.In addition, NetFlow does not support application such as NAT at present.
4. based on the Ipv6 and the mobile interconnected network equipment similar deficiency is arranged too for those.
Summary of the invention
Therefore, the purpose of this invention is to provide a kind of method and data transfer equipment of in the network equipment, transmitting data with strategic stream mode, it can improve routing table lookup speed and forward efficiency, and goes for two or three layers of route exchange device such as Access Layer, convergence-level and backbone layer in the present and following broadband IP network and the equipment such as SGSN, GGSN, IGSN and PDSN in the mobile internet.
The invention provides a kind of method of in the network equipment, transmitting data with strategic stream mode, described hairnet network equipment comprises an at least one Forwarding plane and a control plane, and this method may further comprise the steps: the packet that (a) receives at least one data flow at a Forwarding plane; (b) calculate the stream ID of this data flow of sign according to the polynary set of properties of this packet at Forwarding plane; (c) Forwarding plane removes to search a tactful stream forwarding list (PSFB) according to the stream ID that step (b) is drawn according to accurate coupling, if find coupling then carry out step (d), otherwise enters step (e); (d) if the coupling of discovery is then carried out related content according to described PSFB entry to this packet and revised and transmit and operate, enter step (h) then and handle next packet; (e) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane will be delivered to control plane to this packet; (f) control plane is searched relevant routing table and professional entry for this packet, obtain next and jump pairing forwarding information and service related information, and generation is used for the PSFB entry of this data flow, this PSFB table comprises stream ID that described packet is calculated, next jumps pairing forwarding information and service related information, wherein control plane is from the professional entry relevant with this packet, obtain the business operation type that to carry out this packet place data flow, be policing type, and this policing type is put into described PSFB entry; (g) control plane is distributed to described Forwarding plane with this PSFB entry; (h) to subsequently packet in this data flow, use this PSFB entry to carry out described step (c) and the operation of forwarding (d) at described Forwarding plane, it is forwarded to corresponding recipient.
The present invention also provides a kind of and transmits the data transfer equipment of data with strategic stream mode, comprises at least one Forwarding plane, its each receive the packet of at least one data flow; With a control plane, described Forwarding plane comprises: stream ID calculating section is used for calculating the stream ID that identifies this data flow according to the polynary set of properties of this packet; Search part, be used for going to search the tactful stream forwarding list (PSFB) of a memory, see if there is the PSFB entry that the stream ID with this packet is complementary according to accurate coupling; Revise and transmit part, if the coupling of discovery is then carried out related content according to described PSFB entry to this packet and revised and transmit operation, the next packet of Forwarding plane diversion treatments is delivered to control plane as not matching with this packet then; Wherein, there are routing table relevant and professional entry in the described control plane with data forwarding, and comprise: the PSFB table generates part, be used to the described not packet of coupling to search relevant routing table and professional entry, obtain next and jump pairing forwarding information and service related information, and generation is used for the PSFB entry of this data flow, this PSFB table comprises stream ID that described packet is calculated, next jumps pairing forwarding information routing table and the professional entry relevant with data forwarding with service related information, and this PSFB entry is distributed to described Forwarding plane; The strategy processing section is used for from the professional entry relevant with this packet, obtains the business operation type that should carry out this packet place data flow, i.e. policing type, and this policing type put into described PSFB entry; Memory is used to store the PSFB entry of described generation, and is that the packet subsequently of same data flow is searched use for described Forwarding plane.
Description of drawings
The description to specific embodiments of the invention below in conjunction with accompanying drawing will make of the present invention above-mentioned more clear with other characteristics and advantage.
Fig. 1 shows the basic composition of MPLS network in the prior art;
Fig. 2 shows in the prior art situation of a typical IP bag by the MPLS network;
Fig. 3 shows the CEF technology that adopts on the cisco 12000 router of Cisco in the prior art.
Fig. 4 A and 4B show the flow chart of an embodiment of transmitting the method for data in the network equipment with strategic stream mode of the present invention.
Fig. 5 shows the schematic block diagram of the formation of the data transfer equipment of transmitting data with strategic stream mode of the present invention.
Fig. 6 illustrates the implement porter layout of application of the present invention;
Fig. 7 illustrates the interface card layout of data transfer equipment of the present invention.
Embodiment
Below in conjunction with accompanying drawing the preferred embodiments of the present invention are described in detail.
The notion of sending out as the strategy circulation on basis of the present invention is at first described.Strategy circulation is sent out and has been adopted fully the thinking handled based on stream rather than based on the thought of processing data packets, the main practice is: for the different pieces of information bag in the same data flow, the network equipment should be identical to its behavior (Action).In addition, for Forwarding plane, it does not need to know which kind of oneself should adopt search algorithm (clean culture, multicast, IPv4 or Ipv6) to packet, and is opposite, it only need know its outbound port and next hop information, and which kind of strategy of this employing is made amendment to packet.Therefore, the strategy circulation is sent out and adopted unified forwarding entry and the single algorithm (ExactMatch) of accurately searching efficiently in Forwarding plane, has so just simplified the processing of Forwarding plane, has improved search efficiency.
Specifically, the exchange of so-called strategy stream, it is not to search exchange at some concrete IP packets, but adopted specific I P data flow is transmitted the thought of processing.The exchange of strategy stream has been adopted<source IP address, purpose IP address, the source protocol port, the purpose protocol port, protocol type etc.〉polynary group (adopting five-tuple to illustrate in an embodiment of the present invention) identify a data flow, because this polynary group can and identify a data flow uniquely, what it can be unique determines a stream goes into physical port and tos field, does not therefore need to identify a data flow with one seven tuple as Cisco NetFlow.At specific Stream, the network equipment is the unique stream ID of this distribution of flows (Stream ID), and only need carry out complicated tabling look-up to first packet of this data flow and search, and by the specific transactions operation of customization to it.Control plane finish search and customized type of service after, generation strategy stream forwarding list order (Policy Stream ForwardingTable), and by routing engine with this entry distribution (Distribute) to Forwarding plane.Entry includes the outgoing interface information of next jumping and indicates the policing type field of class of business.And packet will be done unified processing to this Stream according to the policing type of this business operation when transmitting.Because for Forwarding plane, it will be indifferent to the strategy of searching, and be concerned about just whether this data flow can be forwarded and should be forwarded to that outgoing interface, so just the processing procedure of the Forwarding plane of simplification greatly.
In above mentioned example, stream for 300 packets, carry out same acl lookup operation, the network equipment of sending out based on circulation of the present invention only need carry out (300+299) inferior internal storage access, also be that an average packet only need carry out (300+299)/300 and time searches, promptly search for 1.99 times.Forwarding performance is compared with the network equipment of handling based on each packet (worst condition) and has been improved 150 times nearly.Method of the present invention to based on two or three layers of route exchange device such as the Access Layer in the network of Ipv6, convergence-level and backbone layer and etc. GGSN, SGSN, IGSN and PDSN mobile internet equipment suitable equally.
Provide the explanation of relational language of the present invention below 3:
Control Plane (control plane): provide route and signaling capability and other network equipments mutual and processing protocol bag, according to user's configuration together for Forwarding plane generate institute when transmitting according to various entries and strategy, processing is unusually or other option bag.It can be concentrated or distributed,
Forwarding Plane (Forwarding plane): finish per-packet and handle, the processing that realization is arrived layer 7 to the layer 2 that transmits packet, provide multiple forwarding (layer 2, IP, MPLS and PPPoE) mode and safety (NAT and VPN) strategy to handle, finish counting statistical variable.
Policy Stream Forwarding Base (PSFB, the strategy stream forwarding list): this table exists only in Forwarding plane (Forwarding Plane), and it comprises polynary group (as five-tuple), stream ID, uses all relevant information to the policing type of flow operation and with forwarding.
Link-layer Adjacency Table (link adjacency list): this table exists only in Forwarding plane, deposits outbound port and corresponding link layer information (as MAC Address).
Uni-cast Routing Table (URT, unicast routing table): this table exists only in control plane, and this table includes the clean culture route selection information that is generated by Routing Protocols such as RIP, OSPF and BGP, entry search the longest coupling of employing.
Multicast Routing Table (MRT, multicast routing table): this table exists only in control plane, and this table includes by Routing Protocols such as PIM SM/DM and DVMRP and generates the multicast route selection information, the searching according to the difference of multicast protocol and difference of entry.
Access Control List (Access Control List (ACL)): this table exists only in control plane, and this table includes the essential information to packet filtering, and the employing of searching of entry is mated one by one.
Policy-Based Routing Table (tactful routing table): this table exists only in Forwarding plane and control plane, so-called tactful route is meant the longest matched and searched that searching of routing table is not based on destination address, and being based on searching of strategy (as source address), its mode of searching has adopted one by one searches.Method of the present invention is to suitable equally based on the relational language in SGSN, GGSN, IGSN and the PDSN equipment in two or three layers of route exchange device such as the Access Layer in the network of Ipv6, convergence-level and backbone layer and the mobile internet.
Basic function and operation
Fig. 4 A and 4B show the flow chart of an embodiment of transmitting the method for data in the network equipment with strategic stream mode of the present invention.
Shown in Fig. 4 A and 4B, the example following (is example with the five-tuple) of process is sent out in complete strategy circulation of method of the present invention:
(1) after packet at first enters the network equipment, Forwarding plane at first according to for example<source address, destination address, source protocol port, purpose protocol port, protocol type five meta-attribute groups according to the HASH algorithm, calculate corresponding Stream ID.
Here, an example of the algorithm of five-tuple calculating stream ID is as follows:
If can be used for the size of storage list purpose memory space is m, be t less than the largest prime number of m.And the storage of stream forwarding list adopts the algorithm of hash+ chain address to solve conflict, is about to the identical entry of key value and is placed in the same chained list, and the position of entry in chained list is p.
At first calculate one 32 Integer n um by (source IP address * 1+ purpose IP address * 3+ protocol type * 5+ source protocol port * 7+ purpose protocol port * 9), just can calculate out the key (key) of hash then to the t delivery by num, because the hash algorithm may have conflict, therefore same key value may corresponding a plurality of num, but their positions in chained list are unique, so with key value high 24 as Stream ID, p as the least-significant byte of Stream ID just can unique identification one 32 Stream ID.
Also be Stream ID=((source IP address * 1+ purpose IP address * 3+ protocol type * 5+ source protocol port * 7+ purpose protocol port * 9) MOD t)<<8 (moving to left 8)+p.
Certainly, the algorithm of this stream ID also can adopt other form or other algorithm, as long as it can calculate a unique stream ID value corresponding to the polynary set of properties of a data flow.
(2) Forwarding plane removes search strategy stream forwarding list (PSFB) according to the stream ID that (1) is drawn according to accurately searching accurate coupling (ExactMatch) or hashing algorithm.If discovery is mated then is carried out (3), otherwise carries out (5).
(3) if the coupling of discovery, at first know which kind of business operation of needs according to policing type, draw outbound port (Output Port) and link corresponding layer message (as MAC Address) (annotating :) herein according to Output Port Index list item adjacency list (Adjacency Table) list item pointed then if multicast forwarding then is the outbound port tabulation.
(4) Forwarding plane carries out the policing action to packet, and carry out TTL subtract one and calculation check and wait operation after, this packet is sent from outbound port, and with the set again of Expired Flag position, and arrives (9)
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane will be delivered to control plane to this packet.
(6) Forwarding plane is searched relevant routing table and professional entry (as PPPoE, NAT), obtain next and jump pairing outbound port and link layer information and service related information, and structure PSFB entry (following Fig. 5), the content of entry comprises information such as stream ID, outbound port index (being the outbound port tabulation in multicast) and policing type.
(7) control plane is distributed to Forwarding plane to this entry.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation is handled next strategy stream or packet.
For other polynary group (may be hexa-atomic group or eight tuples), will be different with actual routing table purpose according to using, do similar processing and get final product.Method of the present invention is suitable equally to moving interconnected network based on two or three layers of route exchange device such as the Access Layer in the network of Ipv6, convergence-level and backbone layer and SGSN, GGSN, IGSN and PDSN etc.
Strategy stream forwarding list order is described
Be the example that example provides tactful stream forwarding list purpose specific definition below with the five-tuple.For other polynary set of properties, will be different with actual routing table purpose according to using, do similar processing and get final product.
Source IP (4 bytes/32 bytes): the source IP address of data flow is 4 bytes during Ipv4, is 32 bytes during Ipv6.
Destination IP (4 byte): the purpose IP address of data flow is 4 bytes during Ipv4, is 32 bytes during Ipv6.
Protocol Type (2 byte): protocol type
Source Protocol Port (2 byte): the source protocol port, decide port into which kind of agreement by protocol type
Destination Protocol Port (2 byte): the purpose protocol port, decide port into which kind of agreement by protocol type
Stream ID (4 byte): by unique stream ID of the pairing data flow of above five-tuple
Start of Time (4 byte): zero-time, the zero-time of data flow is used for chargeing.
End of Time (4 byte): the concluding time, the concluding time of data flow, be used for chargeing.
Alias Port (2 byte): pseudo-port, the protocol port after the conversion is used for network address translation
Alias Address (4 byte): pseudo-IP address, the IP address after the conversion is used for network address translation
Session ID (2 byte): session id is used for PPPoE
Quality of Services (4 byte): the QoS/CoS parameter is used for the scheduling to data flow.
Multicast Port (32 byte): the multicast port sign, indicate multicast port by bit manipulation, support 32*8=256 port altogether
Source MAC (6 byte): the pairing MAC Address of source IP address of expression data flow is used for source MAC filtration, WEB authentication and 802.1x
Source Port (2 byte): identification data stream institute from the source physical port, be used for WEB and authenticate and 802.1X
Tunnel ID (2 byte): tunnel ID is used to support the VPN agreement, as L2TP.
Gateway IP (4 byte): gateway ip address is used to support mobile IP.
Transmit Packet (4 byte): the number of the packet of transmission is used for chargeing
Transmit Byte (4 byte): the byte number of transmission is used for chargeing
VLAN ID (4 byte): VLAN ID is used to support 802.1Q and authentication protocol (as the WEB authentication)
Forwarding Flag (1 byte): transmit flag bit, whether decision transmits this bag, is used for authentication and ACL.
DSCP (4 byte): be used for differentiated service.
Policy Type (4 byte): policing type, show data flow is flowed which kind of business operation type that this carries out, can carry out business customizing by webmaster flexible configuration or user.
Expired Timer (1 byte): overtime timer, judge whether this stream forwarding list order is overtime.
TCP Flag (1 byte): the TCP flag bit is used for judging whether TCP stream finishes.
The method of this section is to describing same being suitable for based on the tactful stream forwarding list order in Ipv6 and the mobile internet.
The TCP stream of burst and the processing policy of non-TCP stream
Because the limited size of the entry of PSFB (Policy Stream Forwarding Base) is in the size of SDRAM (or internal memory of other kind), so under a lot of situation of the stream of the online moment burst of Internet, may cause tactful stream forwarding list order to surpass hardware constraints, so the present invention adopt distinctive mechanism to come the flow of level and smooth moment.For this reason, the present invention adopts following two kinds of mechanism to avoid this situation to send.
At first, the present invention is sent in the process of first packet of data flow of control plane at Forwarding plane, adopted queuing mechanism, also promptly control the data packet length of queuing in the unit interval, and the degree of depth of formation is decided by remaining SDRAM (or other kind internal memory) space, when the PSFB entry was excessive, the present invention reduced the packet number of lining up in the unit interval by reducing queue depth like this.In addition, the practice that the present invention adopts is to shorten the ageing time of newly-built entry, and promptly the ageing time of entry shortens along with diminishing of entry space.Entry will be accelerated aging speed like this, and the entry space is strengthened relatively.
Another big technical problem in the stream exchange is exactly the replacement problem that how to solve entry.In the data flow,, can wrap the chain of finishing data flow of tearing open by the FIN of TCP towards the connection of TCP.But,, so just can't judge whether a data flow finishes according to specific packet owing to a large amount of stream in the internet application is based on the connectionless traffic of IP or UDP.For this reason, the present invention has adopted dual mode: connect for normal TCP, the present invention determines whether deleting these clauses and subclauses by judging FIN bag and RESET bag.And for flowing based on disconnected data flow and the improper TCP that closes, the present invention adopts the mode of periodic refresh, promptly start a timer (the big I of initial value is configured by webmaster) at control plane, periodically remove to check the Expired Flag of entry among the PSFB of Forwarding plane, be that (this value can be different and different according to protocol type for a fixed value during this Expired Flag initialization, and according to the dynamic adjustment of the size of table space), and do and subtract an operation, if this value is reduced to zero, then delete these clauses and subclauses.
The method of this section is suitable equally to the processing policy that TCP stream and non-TCP based on the burst in Ipv6 and the mobile internet flow.
The intercommunication example of ISMP
ISMP (Intelligent Stream Management Protocol) is used for simple, the general agreement (a five-tuple example) that the equipment resource management of intra-node is sent out in the strategy circulation.It is the important component part that technology is sent out in the strategy circulation.It is mainly used in the exchanges data and the information Control of control plane and Forwarding plane, and it adopts the Master-Slave mode, transmits purpose by the Master control flows and adds, deletes, and finishes business customizing and the attribute modification of user to data flow.In addition, Forwarding plane also can initiatively provide event message to control plane, as statistical information and stream mode.The coding of ISMP message adopts the coded system of TLV, the i.e. mode of type, length and value.
ISSMP supports four kinds of message: the entry management, and the stream attribute management, condition managing message and exchanges data message are as follows to the effect and the function declaration of each type of message:
Entry management (Table Management): be positioned at control plane, be used for the admin table purpose and set up and delete.
1. the stream entry adds (Add Table):
This message is finished by control plane and is added a stream forwarding list order to Forwarding plane.Message format and be described as follows table 2:
0 7 15 31
| Version | Type | Length |
| Flow ID (stream ID) | ||
| The purpose card number | Keep the position | Sequence number |
| Stream forwarding list order (128 byte) | ||
| CRC 32 (verification and) | ||
Table 2 stream entry adds message format
Wherein, version number is 1, represents that present version is 1; Type is 1, promptly flows entry and adds; Length field is 32, i.e. the length of whole message; The purpose card number: i.e. the message card number that will send if be 0xff, promptly is broadcast to all cards; Keep the position: reserved field is used for byte-aligned; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
2. stream entry deletion (Delete Table):
This message is finished stream forwarding list order of control plane announcement Forwarding plane deletion.Message format and be described as follows table 3:
| Version | Type | Length |
| Flow ID (stream ID) | ||
| The purpose card number | Keep the position | Sequence number |
| Stream forwarding list order (128 byte) | ||
| CRC 32 (verification and) | ||
Table 3 stream entry deletion message format
Wherein, except type field is 2, beyond the deletion of expression stream entry, other contents in table adds identical with the stream entry.
3. branch's deletion (Delete Branch):
This message is deleted all entries relevant with certain outbound port, form such as following table 4 by control plane announcement Forwarding plane:
| Version | Type | Length |
| Flow ID (stream ID) | ||
| The purpose card number | Outbound port number | Sequence number |
| CRC 32 (verification and) | ||
Table 4 branch deletion message format
Wherein, version number is 1; Type is 3, i.e. branch's entry deletion; Length field is 32, i.e. the length of whole message;
The purpose card number: i.e. the message card number that will send if be 0xff, promptly is broadcast to all cards; Outbound port: need the relevant port of the relevant clauses and subclauses of deletion; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
4. delete all entries (Delete All):
This message is finished control plane announcement Forwarding plane and is deleted all forwarding entries, form such as following table 5:
| Version | Type | Length |
| Flow ID (stream ID) | ||
| The purpose card number | Keep the position | Sequence number |
| CRC 32 (verification and) | ||
All entry message formats of table 5 deletion
Wherein, version number is 1; Type is 4, promptly full entry deletion; Length field is 32, i.e. the length of whole message;
The purpose card number: i.e. the message card number that will send if be 0xff, promptly is broadcast to all cards; Outbound port: need the relevant port of the relevant clauses and subclauses of deletion; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
Stream attribute management (Attribute Management): be positioned at control plane, finish the business customizing and the attribute modification function of convection current.
1. flow entry business customizing (Services customization):
This entry is finished the function of control plane customization Forwarding plane type of service.The coding of message and be described as follows table 6:
| Version | Type | Length |
| Flow ID (stream ID) | ||
| The purpose card number | Keep the position | Sequence number |
| Type of service | Length | Traffic value |
| …… | ||
| CRC 32 (verification and) | ||
Table 6 stream entry business customizing message format
Wherein, version number is 1; Type is 5, i.e. business customizing; Length field is 32, i.e. the length of whole message;
The purpose card number: i.e. the message card number that will send if be 0xff, promptly is broadcast to all cards; The business that message need customize has adopted the TLV coding, supports 64 kinds of types of service at most in same message; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
2. service attribute is revised (Service Attribute Modification):
This message is finished the modification of the service attribute of control plane announcement Forwarding plane, as the speed and the qos parameter of stream.The coded format of message and be described as follows table 7:
| Version | Type | Length |
| Flow ID (stream ID) | ||
| The purpose card number | Keep the position | Sequence number |
| Service attribute | Length | The service attribute value of revising |
| …… | ||
| CRC 32 (verification and) | ||
Table 7 service attribute is revised message format
Wherein, version number is 1; Type is 6, and promptly service attribute is revised; Length field is 32, i.e. the length of whole message;
The purpose card number: i.e. the message card number that will send if be 0xff, promptly is broadcast to all cards; Service attribute: adopted the TLV coding, in same message, supported 64 kinds of service attributes to revise at most; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
State and statistical message (State and Statistics Message): be positioned at control plane, state can make control plane obtain statistical counting and the state information relevant with each stream with statistical message.
1. flow statistical counting (Report Stream Statistics)
Finish Forwarding plane to the bag of control plane broadcast data streams in zero-time and the statistical counting of byte.The coding of message and form such as following table 8:
| Version | Type | Length |
| Flow ID (stream ID) | ||
| Sequence number | Keep the position | |
| Zero-time (4 byte) | ||
| Concluding time (4 byte) | ||
| Bag statistical counting (4 byte) | ||
| Byte count (4 byte) | ||
| CRC 32 (verification and) | ||
Table 8 stream statistical message form
Wherein, version number is 1; Type is 7, and promptly statistical information reports; Length field is 32, i.e. the length of whole message;
Zero-time: the i.e. time of data flow establishment; Concluding time: the concluding time of data flow; Bag statistical counting: the packet number of being passed through in the time at starting and ending; Byte count: the packet number of being passed through in the time at starting and ending; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.CRC 32: the integrality that is used for this packet content of verification.
2. stream mode reports (Report Stream State)
Finish the state of Forwarding plane to the control plane broadcast data streams.Its message format and be described as follows table 9:
Wherein, version number is 1; Type is 8, and promptly stream mode reports; Length field is 32, i.e. the length of whole message;
The Business Stream state that reports has adopted the TLV coding, supports 64 kinds of types of service at most in same message; Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
| Version | Type | Length |
| Flow ID (stream ID) | ||
| Sequence number | Keep the position | |
| Type of service | Length | Traffic value |
| …… | ||
| CRC 32 (verification and) | ||
Table 9 stream mode reporting message form
Exchanges data message (Packet Exchange Message): protocol package (controlling packet) mutual that is used for control plane and Forwarding plane.The form of message and be described as follows table 10
| Version | Type | Length | |
| Sequence number | The purpose card number | Keep the position | |
| Packet content | |||
| CRC32 (verification and) | |||
Table 10 exchanges data message format
Wherein, version number is 1; Type is 9, i.e. Jiao Huan packet; Length field is 32, i.e. length of data package;
The purpose card number: i.e. the numbering of purpose card, if be 0, then expression is a main control card, is 0xff, then expression is a broadcast packet.Sequence number: 16, be used for retransmitting, guarantee the reliable transmission of message.
For other polynary group, will be different with actual routing table purpose according to using, do similar processing and get final product.The method of this section is to suitable equally with the intercommunication example that moves the ISMP in the interconnected network based on Ipv6.
The realization of multiple access and pass-through mode
Below be that example is described and how to be sent out a technology by the strategy circulation support present several business and its peculiar enhanced scalability on router or three-layer switching equipment with the five-tuple.
1. support the IPv4 clean culture to transmit:
(1) after packet entered router or three-layer switching equipment, Forwarding plane is basis<source address, destination address, source protocol port, purpose protocol port, protocol type at first〉calculate corresponding Stream ID.
(2) Forwarding plane removes to search stream forwarding list (PSFB) according to the stream ID that (1) is drawn according to accurately searching (Exact Match).If discovery is mated then is carried out (3), otherwise carries out (5).
(3) if the coupling of discovery, at first know that according to policing type needs carry out clean culture IPv4 and transmit, draw outbound port (Output Port) and link corresponding layer message (as MAC Address) according to Output Port Index list item adjacency list (Adjacency Table) list item pointed then.
(4) Forwarding plane carry out to packet carry out TTL subtract one and calculation check and wait operation after, this packet is sent from outbound port, and with the set again of Expired Flag position, and arrives (9)
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane need then be delivered to control plane to first packet of data flow by data interaction message (PEM).
(6) control plane is searched URT (unicast routing table), and find next by the longest matching algorithm and jump pairing outbound port and link layer information, and structure PSFB entry, the content of entry comprises stream ID, outbound port index and policing type (singlecast router).
(7) control plane is distributed to Forwarding plane by stream entry interpolation message with this entry.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation is handled next packet.
The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
2 multicast forwarding:
(1) after packet at first entered the network equipment, Forwarding plane is basis<source address, destination address, source protocol port, purpose protocol port, protocol type at first〉calculate corresponding Stream ID.
(2) Forwarding plane removes to search stream forwarding list (PSFB) according to the stream ID that (1) is drawn according to accurately searching (Exact Match).If discovery is mated then is carried out (3), otherwise carries out (5).
(3) if the coupling of discovery at first learns that according to policing type needs carry out multicast forwarding.Carry out bit manipulation according to the Multicast Port position in the PSFB list item then and judge, and draw all outbound ports (Output Port) and link corresponding layer message (as MAC Address) by the pairing adjacency list of institute's set (Adjacency Table) list item.
(4) Forwarding plane carry out to packet carry out TTL subtract one and calculation check and wait to operate after, this packet is sent from all outbound ports, and with the set again of Expired Flag position.
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane need then be delivered to control plane to first packet of data flow by data interaction message (PEM).
(6) control plane is at first searched unicast routing table (URT) and is carried out RPF (Reverse PathForwarding), decide this bag whether can be forwarded, according to the difference of agreement, pass through<* G respectively then 〉,<S, G〉or<RPT, S, G〉search multicast routing table (MRT), draw port list, and structure PSFB, the content of entry comprises stream ID, Multicast Port and policing type (multicast path by).
(7) control plane is distributed to Forwarding plane by stream entry interpolation (Add Table) message with this entry.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation is handled next packet.
The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
3.PPPoE be forwarded to the IP interface
(1) after packet at first entered the network equipment, Forwarding plane is basis<source address, destination address, source protocol port, purpose protocol port, protocol type at first〉calculate corresponding Stream ID.
(2) Forwarding plane removes to search stream forwarding list (PSFB) according to the stream ID that (1) is drawn according to accurately searching (Exact Match).If discovery is mated then is carried out (3), otherwise carries out (5).
(3) if the coupling of discovery, at first learn that according to policing type needs carry out PPPoE and handle, according to the Session ID in the PSFB list item, source physical port and source MAC the corresponding contents of packet is compared checking then, if authentication failed then jumps to (9).Otherwise draw outbound port (Output Port) and link corresponding layer message (as MAC Address) by the pairing adjacency list of outbound port index (Adjacency Table) list item.
(4) Forwarding plane carry out to packet go PPPoE packet header, TTL subtract one and calculation check and etc. after the operation, this packet is sent from all outbound ports, and with the set again of Expired Flag position.
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane need then be delivered to control plane to first packet of data flow by data interaction message (PEM).
(6) whether control plane session (Session) list item of at first searching PPPoE decides this bag can be forwarded, if could would search unicast routing table (URT) and construct PSFB, the content of entry comprises stream ID, action type, Session ID, source MAC and source physical port (be used for authentication and filter) and policing type (PPPoE forwarding).
(7) control plane is distributed to Forwarding plane by stream entry interpolation (Table Add) message with this entry.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation carries out the processing to next packet.
The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
4.NAT+ clean culture is transmitted
(1) after packet at first entered the network equipment, Forwarding plane is basis<source address, destination address, source protocol port, purpose protocol port, protocol type at first〉calculate corresponding Stream ID.
(2) (Exact Match or hashing algorithm remove to search stream forwarding list (PSFB) to the stream ID that drawn according to (1) of Forwarding plane according to accurately searching.If discovery is mated then is carried out (3), otherwise carries out (5).
(3), at first learn that according to policing type needs carry out that NAT handles and clean culture is transmitted, then by using Alias Port in the PSFB list item and the related content in the Alias IPAddress replacement data bag in the list item of PSFB if find coupling.
(4) Forwarding plane carry out to packet TTL subtract one and calculation check and wait to operate after, this packet is sent from all outbound ports, and with the set again of Expired Flag position.
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane need then be delivered to control plane to first packet of data flow by data interaction message (PEM).
(6) control plane is at first searched nat translation table, if entry does not exist, then be new Alias Port of this allocation of packets and from address pool, redistribute an Alias Adddress, if can, then search unicast routing table (URT) and construct PSFB, the content of entry comprises stream ID, AliasPort, Alias Address and policing type (NAT and clean culture are transmitted).
(7) control plane is distributed to Forwarding plane by stream entry interpolation (Add Table) message with this entry.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation carries out the processing to next packet.
The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
5.IPv6 transmit
(1) after packet at first entered the network equipment, Forwarding plane is basis<source address, destination address, source protocol port, purpose protocol port, protocol type at first〉calculate corresponding Stream ID.
(2) Forwarding plane removes to search stream forwarding list (PSFB) according to the stream ID that (1) is drawn according to accurately searching (Exact Match).If discovery is mated then is carried out (3), otherwise carries out (5).
(3) if the coupling of discovery, at first know that according to policing type needs carry out IPv6 and transmit, draw outbound port (Output Port) and link corresponding layer message (as MAC Address) according to Output Port Index list item adjacency list (Adjacency Table) list item pointed then.
(4) Forwarding plane carry out to packet carry out TTL subtract one and calculation check and wait operation after, this packet is sent from outbound port, and with the set again of Expired Flag position, and arrives (9)
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane need then be delivered to control plane to first packet of data flow by data interaction message (PEM).
(6) control plane is searched the IPv6 routing table, and find next by the longest matching algorithm and jump pairing outbound port and link layer information, and structure PSFB entry, the content of entry comprises stream ID, outbound port index and policing type (singlecast router).
(7) control plane is distributed to Forwarding plane by stream entry interpolation message with this entry.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation is handled next packet.
The method of this section is suitable equally to the network based on Ipv6.
From above flow process as can be seen, in clean culture, multicast, in the repeating process of IPv4 and IPv6, the process that the strategy circulation is sent out is basic identical, only need search same PSFB table at Forwarding plane, difference only is (3), (4) with (6) part and professional relevant content, therefore, strategy circulation is sent out and can additionally do not introduced between node signaling protocol such as route as can be seen, guarantee in the former Internet net that all interconnection agreements (as the IETF serial protocols) are constant and do not change fully under the prerequisite of router architecture and hardware designs, support the application of various complexity.Below be that the example of supporting other common application is sent out in the strategy circulation:
1.802.1X
The EAP bag is sent to control plane and by after the authentication, generates PSFB, is assigned to control plane.The entry content comprises: source port, source MAC (being used for filtering), outbound port and link layer information.Data flow packet is subsequently searched this PSFB entry and is done corresponding operation and gets final product.
(2.ACL Access Control List (ACL))
Access list (ACL) is based on the fire compartment wall of packet filtering.It is an orderly statement collection, by information in the matching message and access list parameter, permit message by or the refusal message by certain interface.The main effect of access list is based on the standard of having set up and allows or refuse message flow, and like this, the packet filtering standard will determine the access list type that realized.
For router interface, an access list must be applied on certain interface after creating, and it could the generation effect.Because the data flow by interface is two-way, so access list will be applied on the specific direction of interface outside direction or inside direction.Herein, term " inside (inbound) " expression data flow flows to router, and " outside (outbound) " expression data flow flows out from router.
Therefore, first bag of data flow is sent to control plane to carry out the filtering rod purpose and mates one by one, knows that then this data flow is to transmit or abandon, if should transmit, goes to search corresponding routing table again, draws outbound port and next jumps link layer information.The entry content comprises; Transmit flag bit, outbound port and next jumping link layer information.Data flow packet is subsequently searched this PSFB entry and is done corresponding operation and gets final product.
3. tactful route:
Data flow first the bag, be sent to the coupling one by one that control plane carries out tactful route entry, find corresponding entry position after, generate corresponding PSFB entry, and download to Forwarding plane.The entry content comprises: outbound port, next jumping link layer information and forwarding flag bit.Data flow packet is subsequently searched this PSFB entry and is done corresponding operation and gets final product.
4.WEB authentication:
Authentication data packet send control plane to handle, and first bag of data flow send control plane to handle, and searches corresponding route entry, and is distributed to Forwarding plane.The entry content comprises: source physical port, source IP address, VLAN ID, forwarding flag bit, outbound port and next jumping link layer information.
5. mobile IP:
Mobile node is at first finished the registration home agent (being router).Then, first bag of data flow is sent to control plane, encapsulates according to the tunnel encapsulation form of RFC2003 or RFC2004, and generates and transmit entry and be distributed to Forwarding plane.The entry content comprises: source IP address, gateway IP (Gateway IP), tunnel ID, outbound port and next jumping link layer message.Data flow packet is subsequently searched this PSFB entry and is done corresponding operation and gets final product.
6. charge:
At each data flow, when entry is created, write zero-time by control plane, when entry wears out deletion, write down the concluding time.In the repeating process, the number and the byte number of the packet that record sends.When entry was expired, with the statistical counting of five-tuple, FlowID and bag and byte, the time of starting and ending was delivered to control plane, and give accounting server by control plane, server comprises<source IP according to the charging source information that router provided, purpose IP, source protocol port, purpose protocol port, protocol type, the bag counting, byte technology, zero-time, concluding time 〉, generate unified bill by the charging policy (based on duration, flow or service quality) of server.
The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
Layout and the implementation method of the present invention on equipment
Fig. 5 shows the schematic block diagram of the formation of the data transfer equipment of transmitting data with strategic stream mode of the present invention.As shown in Figure 5, this data transfer equipment comprises an at least one Forwarding plane and a control plane, and this Forwarding plane comprises: stream ID calculating section is used for calculating the stream ID that identifies this data flow according to the polynary set of properties of this packet; Search part, be used for going to search the tactful stream forwarding list (PSFB) of a memory, see if there is the PSFB entry that the stream ID with this packet is complementary according to accurate coupling; Revise and transmit part, if the coupling of discovery is then carried out related content according to described PSFB entry to this packet and revised and transmit operation, the next packet of Forwarding plane diversion treatments is delivered to control plane as not matching with this packet then;
There are routing table relevant and professional entry in the described control plane with data forwarding, and comprise: the PSFB table generates part, be used to the described not packet of coupling to search relevant routing table and professional entry, obtain next and jump pairing forwarding information and service related information, and generation is used for the PSFB entry of this data flow, this PSFB table comprises stream ID that described packet is calculated, next jumps pairing forwarding information routing table and the professional entry relevant with data forwarding with service related information, and this PSFB entry is distributed to described Forwarding plane;
This equipment also comprises memory, is used to store the PSFB entry of described generation, and is that the packet subsequently of same data flow is searched use for described Forwarding plane.
Described control plane also comprises: tactful processing section, be used for from the professional entry relevant with this packet, obtain the business operation type that to carry out this packet place data flow, it is policing type, and this policing type put into described PSFB entry, use for this entire stream, and described forwarding information comprise this data flow next jump pairing outbound port index and link layer information.
The modification of described Forwarding plane and the policing type of transmitting this data flow of part from described PSFB table are learnt the business operation that the packet to this data flow should carry out, and described packet carried out described policing action, then according to described next jump pairing outbound port index and link layer information is transmitted this packet.
Described Forwarding plane can comprise that a PSFB shows more new portion, be used to judge whether the aging conditions of PSFB and decision delete, wherein, connect situation for non-TCP and be connected situation with the improper TCP that closes, in the PSFB table, an overtime sign is set, the every packet that is mated of this PSFB table uses and once promptly refreshes this overtime sign, and described control plane also comprises a timer, go to check this sign at regular intervals, if this sign is not refreshed within a certain period of time, illustrate that this PSFB table is aging, then delete this PSFB table; For the data flow that normal TCP connects, by the end of judging that FIN bag and RESET wrap the specified data bag, and whether decision deletes PSFB table.This time can be by the webmaster setting.
The modification of described Forwarding plane and forwarding part are after carrying out described policing action, to this packet carry out TTL subtract one and calculation check and or revise operation such as source MAC after, again this packet is sent from outbound port, and with the overtime sign set again in the corresponding PSFB table of this data flow.
This equipment can also comprise a queuing processing section, be used in the process of first packet that described each Forwarding plane is sent to the data flow of the control plane processing of ranking, promptly control the data packet length of queuing in the unit interval, the degree of depth of this formation is decided by the remaining entry memory space of this memory.
This equipment can also comprise the memory space control section, is used for shortening along with diminishing of described memory entry space the ageing time of newly-built PSFB entry, makes entry accelerate aging speed, and the entry space is strengthened relatively.
Described memory can comprise a SRAM and a SDRAM, is used for storing described PSFB entry with two-step way, and wherein storage is flowed the index of ID corresponding to each on SRAM, and actual PSFB entry is stored among the SDRAM, the list item among the described index point SDRAM.In addition, the strategy circulation is sent out institute's use memory and is not limited to SRAM and SDRAM, and storage mode also is not limited to above-mentioned secondary storage mode.
The application example of the said equipment of the present invention is below described, i.e. concrete application on the HSR-2002 of Wuhan Firberhome Networks company (High-speed Switched Router 2002).
The HSR-2002 of Wuhan Firberhome Networks company development is the route exchange device that is positioned metropolitan area network convergence-level and metropolitan area network trunk layer, and it is supported the multiple interfaces kind and has business generation ability flexibly.When HSR-2002 is positioned the network equipment of metropolitan area network convergence-level, it is mainly finished the tandem of Access Layer upper level link in the metropolitan area network (Metro Aggregation), can insert signals such as Fast Ethernet, Gigabit Ethernet and low speed ATM at user side, and provide IN service to generate (Service Creation) function, for operator provides various value-added functionalitys, and link to each other with metropolitan area network trunk layer equipment by GE or PoS in network layer.In addition, HSR-2002 also can be connected with the local ring of SDH by Packet Over Sonet/SDH interface, perhaps forms annular or star network by GE, forms the trunk of metropolitan area network, and links to each other with backbone network equipment by OC-48 POS.
From the demand of networking, need to realize inter-domain protocol such as agreement and BGP-4 in the territories such as RIP and OSPF on the HSR-2002, support agreements such as PPP, Ethernet, LAPS and HDLC at link layer.From application point of view, HSR-2002 can provide and realize that clean culture, multicast and MPLS transmit, and application such as NAT, Firewall, VPN, Virtual Router and mobile IP are provided.In addition, consider the networking mode of present domestic Access Layer, last this of HSR-2002 can provide the support of two layers of application (VLAN).As the value-added functionality that offers operator, HSR-2002 can provide at present based on the bandwidth constraints of port and PPPoE Session and QoS and guarantee.From concerning user's management view, HSR-2002 can provide the authentication mode based on PPPoE at present, and can realize charging to customer flow by Radius.In addition, bind and web authentication for three grades that go back supported vlans+IP+MAC.The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
The frame of HSR-2002 adopt industrial standard 19 " cabinet, dish column pitch 25.4mm, 16 groove positions altogether, wherein master cpu and swapdisk take 2 groove positions, remains 14 groove positions and offer the ply-yarn drill use, ply-yarn drill is 9U.
Fig. 6 illustrates the implement porter layout of application of the present invention.Among Fig. 6, black arrow is represented high speed data bus, and green arrow is represented the High-speed Control bus.
As shown in Figure 6, switching card is connected with each ply-yarn drill by the data/address bus of high speed serialization, and this data/address bus provides the high-speed data channel of router; And adopted control bus at a high speed between master control transaction card and each interface card, it is used to provide routing table, ACL and verification table purpose and upgrades, and the transmission of control data bag and network management data bag.Wherein, the running software of control plane is on the CPU of master cpu and each ply-yarn drill, and Forwarding plane is by on the network processing unit that is distributed in each ply-yarn drill (NetworkProcessor), is realized by wherein microcode.The ISMP agreement then runs between the protocol software and the microcode on the network processing unit of risc processor on the interface card.
When adopting the strategy circulation to send out, first packet of each data flow will be delivered on the risc processor of interface card by network processing unit, finish searching and other business operation (as mobile IP) of routing table by it.Then, it will generate a PSFB entry, and it is downloaded among SRAM and the SDRAM.Owing to adopted accurately and searched, and the mode of two-stage storage has been adopted in the storage of the entry of PSFB, the index that at first on SRAM, has corresponding each Stream ID, and by the actual entry among this index point SDRAM, and the index of this list item has adopted the algorithm of Hash.Under the present circumstances, every the stream forwarding list order is 128Bytes, and on HSR-2002, each interface card is supported 64K Stream, therefore the shared SDRAM space of PSFB is the 128*64K=8M space, and the space that the present invention uses is the 8MBytes space that begins from SDRAM initial address 0x3ff0000.And SRAM be owing to only need deposit correlation table purpose index, therefore only needs the initial address among the SRAM that 64K*4=256KBytes space, the present invention use to be 0xc120000.And because each stream all is unidirectional, so each stream exists only in each ply-yarn drill, so whole system can be supported 64K*14=896K Stream.If considering on average has 20 Stream when each user surfs the Net, then HSR-2002 can support 45K altogether, and promptly 45,000 users are simultaneously online.
Fig. 7 illustrates the interface card layout of data transfer equipment of the present invention.As shown in Figure 7, in HSR-2002, the process that the strategy circulation is sent out is as follows:
1) packet enters HSR-2002, enters into network processing unit by physical chip and framer, and the microcode in the network processing unit is basis<source address, source protocol port, purpose protocol port, protocol type at first〉calculate corresponding Stream ID.
(2) microcode removes to search stream forwarding list (PSFB) according to the stream ID that (1) is drawn according to accurately searching (Exact Match) in SRAM.If discovery is mated then is carried out (3), otherwise carries out (5).
(3) if the coupling of discovery, then find list item among the SDRAM according to the index of SRAM, at first know which kind of business operation of needs according to policing type, draw outbound port (Output Port) and link corresponding layer message (as MAC Address) (annotating :) herein according to Output Port Index list item adjacency list (Adjacency Table) list item pointed then if multicast forwarding then is the outbound port tabulation.
(4) microcode is carried out the policing action to packet, and carry out TTL subtract one and calculation check and wait operation after, this packet is sent from outbound port, and with the set again of Expired Flag position, and arrives (9)
(5) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, microcode will be handled the risc processor that this packet is delivered on the interface card by the exchanges data message of ISMP.
(6) the control plane software on the risc processor is searched relevant routing table and professional entry (as PPPoE, NAT), obtain next and jump pairing outbound port and link layer information and service related information, and structure PSFB entry, the content of entry comprises information such as stream ID, outbound port index (being the outbound port tabulation in multicast) and policing type.
(7) this software is distributed to control plane by the table interpolation message of ISMP with this entry, writes the corresponding space of SDRAM and SRAM.
(8) data flow packet subsequently search this PSFB entry and do (3) and (4) operation get final product.
(9) end operation is handled next packet.
Adopted the surface speed forwarding technology that circulation is sent out based on strategy, HSR-2002 can support 45,000 user's online to insert at most, and IPV4 clean culture, the multicast forwarding ability of linear speed can be provided and support application such as PPPoE, web authentication and NAT.
In addition, it can seamless finishing with the network equipments other producers interconnect.The method of this section is to suitable equally with mobile interconnected network based on Ipv6.
From above detailed description of the present invention as can be seen, technical advantage of the present invention and innovative point are as follows:
1. different with the MPLS technology, do not changing the device hardware structure and do not introducing under the prerequisite of signaling between other networks, just, improved forwarding performance, and supported multiple application by changing the logic flow of device interior.
2. transmit differently based on bag IP with traditional, adopted, only need do a complex process to a data flow and get final product, improved forwarding performance greatly based on the stream processing rather than based on the thought of each processing data packets.
3. the Netflow technology with Cisco is different, in transmitting, adopt unification and unique tactful work flow to deliver order first, do not need to introduce other forwarding entry, do not need to remove to search different entries yet, simplified the processing of Forwarding plane (Simplified Forwarding Plane) greatly according to the difference of class of business.
4. in the searching of Forwarding plane, adopted the unified mode of accurately searching, rather than traditional mode of long coupling, make the number of times of access memory greatly reduce, search efficiency improves greatly, has solved based on the search strategy of long coupling to cause the low problem of search efficiency.
5. adopt polynary group (as source IP address, purpose IP address, source port, destination interface and protocol type etc.) to identify an IP operation stream, adopt unified tactful stream forwarding list PSFB at Forwarding plane, and provide abundant extendible list item, can decide processing according to the business operation type to packet, can be used for increasing various needs of users uses, and, make customized service become possibility for the first time for the user provides the interface of custom service.
6. need search application to what packet mated one by one with respect to ACL or tactful route etc., tactful stream method improves the forwarding performance exponentially of router or three-layer switching equipment.
7. need not carry out complicated network processing unit programming, reduce the time of equipment development greatly and reduced the equipment development cost at different should spending.
8. the method that the present invention constructed makes and adopts specialized large scale integrated circuit to support extendible Network to become possibility.
In sum, strategy circulation is sent out technology and has been adopted based on strategy stream rather than at the thinking of each processing data packets, additionally do not introducing between node signaling protocol such as route, guaranteeing in the former Internet net that all interconnection agreements (as the IETF serial protocols) are constant and do not change fully under the prerequisite of router architecture and hardware designs, improve the forward efficiency of Forwarding plane greatly, made the strategy forwarding of linear speed become possibility.In addition, it has adopted unified tactful stream forwarding list (PSFB), and this also makes the network equipment that the ability of business customizing can be provided to operator when supporting multiple application, can satisfy present user and operator to the multifarious demand of business.At last, concerning the equipment development merchant, the strategy circulation is sent out technology and has been adopted the Forwarding plane of simplifying, and this will significantly reduce the development of Forwarding plane, and the feasible ASIC that adopts realizes that complicated Network becomes possibility.Method of the present invention is to suitable equally based on SGSN, GGSN, IGSN and PDSN equipment in two or three layers of route exchange device such as the Access Layer in the network of Ipv6, convergence-level and backbone layer and the mobile internet.
More than use preferred embodiment, narrated and illustrated principle of the present invention.Clearly, without departing from the spirit and scope of the present invention, those skilled in the art can make amendment and modification to invention on structure and details.All these variations and change all should drop in the claims range of definition.
Claims (28)
1, a kind of method of in the network equipment, transmitting data with strategic stream mode, the described network equipment comprises an at least one Forwarding plane and a control plane, it is characterized in that, this method may further comprise the steps:
(a) receive the packet of at least one data flow at a Forwarding plane;
(b) calculate the stream ID of this data flow of sign according to the polynary set of properties of this packet at Forwarding plane;
(c) Forwarding plane removes to search a tactful stream forwarding list (PSFB) according to the stream ID that step (b) is drawn according to accurate coupling, if find coupling then carry out step (d), otherwise enters step (e);
(d) if the coupling of discovery is then carried out related content according to described PSFB entry to this packet and revised and transmit and operate, enter step (h) then and handle next packet;
(e) if there is not entry coupling, illustrate that then this is that first bag or the PSFB entry of data flow is aging, Forwarding plane will be delivered to control plane to this packet;
(f) control plane is searched relevant routing table and professional entry for this packet, obtain next and jump pairing forwarding information and service related information, and generation is used for the PSFB entry of this data flow, this PSFB table comprises stream ID that described packet is calculated, next jumps pairing forwarding information and service related information, wherein control plane is from the professional entry relevant with this packet, obtain the business operation type that to carry out this packet place data flow, be policing type, and this policing type is put into described PSFB entry;
(g) control plane is distributed to described Forwarding plane with this PSFB entry; With
(h), use this PSFB entry to carry out described step (c) and the operation of forwarding (d) at described Forwarding plane, it is forwarded to corresponding recipient to subsequently packet in this data flow.
2, method according to claim 1, wherein said policing type uses for this entire stream, and described forwarding information comprise this data flow next jump pairing outbound port index and link layer information.
3, method according to claim 2, wherein in described step (d), the policing type of this data flow of Forwarding plane from described PSFB table is learnt the business operation that the packet to this data flow should carry out, and described packet carried out described policing action, then according to described next jump pairing outbound port and link layer information is transmitted this packet.
4, method according to claim 3, an overtime sign is set in PSFB in the wherein said Forwarding plane table to be used for non-TCP and to connect situation and be connected situation with the improper TCP that closes, the every packet that is mated of this PSFB table uses and once promptly refreshes this overtime sign, described control plane goes to check this sign at regular intervals, if this sign is not refreshed within a certain period of time, illustrate that this PSFB table is aging, then delete this PSFB table.
5, method according to claim 4, wherein, after in described step (d), carrying out described policing action, to this packet carry out TTL subtract one and calculation check and or revise operation such as source MAC after, again this packet is sent from outbound port, and with the overtime sign set again in the corresponding PSFB table of this data flow.
6, method according to claim 5, wherein, described PSFB entry is to be stored in the memory, in being sent to the process of first packet of data flow of control plane, described each Forwarding plane adopts queuing mechanism, promptly control the data packet length of queuing in the unit interval, the degree of depth of this formation is decided by the remaining entry memory space of this memory.
7, method according to claim 6 wherein shortens the ageing time of newly-built PSFB entry along with diminishing of described entry space, make entry accelerate aging speed, makes the corresponding increasing in entry space.
8, method as claimed in claim 7, wherein the data flow that connects for normal TCP by the end of judging that FIN bag and RESET wrap the specified data bag, and determines whether to delete PSFB table.
9, the method for claim 1, the calculating of the ID of stream described in the wherein said step (b) is to adopt hashing algorithm, and described PSFB entry has the index of corresponding each stream ID, and by the actual entry among this index point PSFB, and the index of this list item adopts hashing algorithm.
10, the method for claim 1, wherein said control plane and Forwarding plane can be same physical entity in logic.
11. according to one of any described method of claim 1-10, the polynary set of properties of wherein said packet comprises any m combination among session id, type of service TOS, MPLS mark and the tunnel ID of the going into physical port, go out physical port of packet, VLAN ID VLAN ID, destination address-comprise IPv4, IPv6 or MAC Address, source address-comprise IPv4, IPv6 or MAC Address, protocol type, purpose protocol port, source protocol port, PPPoE agreement; An and subclass of included following content in the described tactful stream forwarding list, and comprising at least in the described PSFB entry: be wherein one of the policing type of the described stream ID that generates of a data flow and data flow and the multicast port that is used for the outbound port index of clean culture or is used for multicast.
12, method as claimed in claim 11 wherein, is transmitted data flow for the IPv4 clean culture, and for first packet, (e) sends to control plane by data interaction message with first packet in described step; Search the URT unicast routing table at described step (f) control plane, find next by the longest matching algorithm and jump pairing outbound port and link layer information, and structure PSFB entry, the content of entry comprises stream I D, outbound port index and policing type-singlecast router, and by stream entry interpolation message this entry is distributed to Forwarding plane at step (g) control plane; For follow-up packet, at first know that according to policing type needs carry out clean culture IPv4 and transmit in described step (d), draw outbound port and link corresponding layer message according to outbound port index list item adjacency list list item pointed then, Forwarding plane carry out to packet carry out TTL subtract one and calculation check and wait to operate after, this packet is sent from outbound port, and with overtime sign set again.
13, method as claimed in claim 11, wherein, for IPv4 multicast forwarding data flow, for first packet, (e) sends to control plane by data interaction message with first packet in described step; At first search unicast routing table URT in described step (f) at control plane and carry out reverse path forwarding RPF, decide this bag whether can be forwarded, according to the difference of agreement, pass through<* G respectively then 〉,<S, G〉or<RPT, S, G〉search multicast routing table MRT, draw port list, and structure PSFB, the content of entry comprise stream ID, multicast port and policing type-multicast path by; And add message at step (g) control plane by the stream entry this entry is distributed to Forwarding plane; For follow-up packet, at first learn that according to policing type needs carry out multicast forwarding in described step (d), carrying out bit manipulation according to the multicast port position in the PSFB list item then judges, and draw all outbound ports and link corresponding layer forwards plane by the pairing adjacency list list item of institute's set and carry out that packet is carried out TTL and subtract one and after calculation check and waiting operates, this packet is sent from outbound port, and with overtime sign set again.
14, method as claimed in claim 11 wherein, for the PPPoE data flow, for first packet, sends to control plane by data interaction message (PEM) with first packet in described step (e); Whether the session entry of at first searching PPPoE at control plane in described step (f) decides this bag can be forwarded, if could would search unicast routing table URT and construct PSFB, the content of entry comprises that stream ID, action type, session id, source MAC and source physical port and policing type-PPPoE transmit; And add message at step (g) control plane by the stream entry this entry is distributed to Forwarding plane; For follow-up packet, at first learn that according to policing type needs carry out PPPoE and handle in described step (d), according to the session id in the PSFB list item, source physical port and source MAC the corresponding contents of packet is compared checking then, if authentication failed, then finish the operation of this packet, remove to handle next packet; Otherwise draw outbound port and link corresponding layer message by the pairing adjacency list list item of outbound port index; Forwarding plane also carry out to packet go PPPoE packet header, TTL subtract one and calculation check and etc. after the operation, this packet is sent from all outbound ports, and with the set again of overtime sign.
15, method as claimed in claim 11 wherein, is transmitted data flow for the NAT+ clean culture, and for first packet, (e) sends to control plane by data interaction message with first packet in described step; (f) at first searches nat translation table at control plane in described step, if entry does not exist, then be new pseudo-port of this allocation of packets and from address pool, redistribute a dummy address, if can, then search unicast routing table URT and construct PSFB, the content of entry comprises stream ID, pseudo-port, dummy address and policing type-NAT and clean culture forwarding; And add message at step (g) control plane by the stream entry this entry is distributed to Forwarding plane; For follow-up packet, at first learn that according to policing type needs carry out the NAT processing and clean culture is transmitted in described step (d), then by pseudo-port in the usefulness PSFB list item in the list item of PSFB and the related content in the replacement data bag of pseudo-IP address; Forwarding plane carry out to packet TTL subtract one and calculation check and wait operation after, this packet is sent from all outbound ports, and with the set again of overtime sign.
16, method as claimed in claim 11 wherein, is transmitted data flow for IPv6, and for first packet, (e) sends to control plane by data interaction message with first packet in described step; (f) searches the IPv6 routing table at control plane in described step, and find next by the longest matching algorithm and jump pairing outbound port and link layer information, and structure PSFB entry, the content of entry comprises stream ID, outbound port index and policing type-singlecast router; And add message at step (g) control plane by the stream entry this entry is distributed to Forwarding plane; For follow-up packet, at first know that according to policing type needs carry out IPv6 and transmit in described step (d), draw outbound port and link corresponding layer message according to outbound port index list item adjacency list list item pointed then; Forwarding plane carry out to packet carry out TTL subtract one and calculation check and wait operation after, this packet is sent from outbound port, and with the set again of overtime sign.
17, method as claimed in claim 11, wherein said tactful stream forwarding list order PSFB support IPv4, IPv6 clean culture and multicast forwarding, two layers transmit-comprise the application of transmitting-comprising LSR and LER and PPPoE, network address translation, 802.1X, WEB authentication, tactful route, Access Control List (ACL), charging, Virtual Private Network, GTP and mobile IP based on VLAN, MPLS, its particular content is decided by application and policing type.
18, method as claimed in claim 17 wherein at each data flow, when entry is created, writes zero-time by control plane, when entry wears out deletion, writes down the concluding time; In the repeating process, the number and the byte number of the packet that record sends; When entry is expired, with polynary group, the statistical counting of stream ID and bag and byte, the time of starting and ending is delivered to control plane, and give accounting server by control plane, server is according to charging source information that router provided, comprise: source MAC, target MAC (Media Access Control) address, source IP address, purpose IP address, source protocol port, purpose protocol port, protocol type, the bag counting, byte count, zero-time, concluding time, generate unified bill based on duration, flow, application or service quality by the charging policy of server.
19, a kind ofly transmit the data transfer equipment of data, comprise at least one Forwarding plane with strategic stream mode, its each receive the packet of at least one data flow; With a control plane, it is characterized in that,
Described Forwarding plane comprises:
Stream ID calculating section is used for calculating the stream ID that identifies this data flow according to the polynary set of properties of this packet;
Search part, be used for going to search the tactful stream forwarding list (PSFB) of a memory, see if there is the PSFB entry that the stream ID with this packet is complementary according to accurate coupling;
Revise and transmit part, if the coupling of discovery is then carried out related content according to described PSFB entry to this packet and revised and transmit operation, the next packet of Forwarding plane diversion treatments is delivered to control plane as not matching with this packet then;
Wherein, there are routing table relevant and professional entry in the described control plane, and comprise with data forwarding:
The PSFB table generates part, be used to the described not packet of coupling to search relevant routing table and professional entry, obtain next and jump pairing forwarding information and service related information, and generation is used for the PSFB entry of this data flow, this PSFB table comprises stream ID that described packet is calculated, next jumps pairing forwarding information routing table and the professional entry relevant with data forwarding with service related information, and this PSFB entry is distributed to described Forwarding plane;
The strategy processing section is used for from the professional entry relevant with this packet, obtains the business operation type that should carry out this packet place data flow, i.e. policing type, and this policing type put into described PSFB entry;
Memory is used to store the PSFB entry of described generation, and is that the packet subsequently of same data flow is searched use for described Forwarding plane.
20, equipment according to claim 19, wherein said policing type uses for this entire stream, and described forwarding information comprise this data flow next jump pairing outbound port index and link layer information.
21, equipment according to claim 20, the modification of wherein said Forwarding plane and the policing type of transmitting this data flow of part from described PSFB table are learnt the business operation that the packet to this data flow should carry out, and described packet carried out described policing action, then according to described next jump pairing outbound port index and link layer information is transmitted this packet.
22, equipment according to claim 21, wherein said Forwarding plane comprises that a PSFB shows more new portion, be used to judge whether the aging conditions of PSFB and decision delete, wherein, connect situation for non-TCP and be connected situation with the improper TCP that closes, in the PSFB table, an overtime sign is set, the every packet that is mated of this PSFB table uses and once promptly refreshes this overtime sign, and described control plane also comprises a timer, go to check this sign at regular intervals, if this sign is not refreshed within a certain period of time, illustrate that this PSFB table is aging, then delete this PSFB table; For the data flow that normal TCP connects, by the end of judging that FIN bag and RESET wrap the specified data bag, and whether decision deletes PSFB table.
23, equipment according to claim 22, the modification of wherein said Forwarding plane and forwarding part are after carrying out described policing action, to this packet carry out TTL subtract one and calculation check and or revise operation such as source MAC after, again this packet is sent from outbound port, and with the overtime sign set again in the corresponding PSFB table of this data flow.
24, according to one of any described equipment of claim 19-23, also comprise a queuing processing section, be used in the process of first packet that described each Forwarding plane is sent to the data flow of the control plane processing of ranking, promptly control the data packet length of queuing in the unit interval, the degree of depth of this formation is decided by the remaining entry memory space of this memory.
25, according to one of any described equipment of claim 19-23, also comprise the memory space control section, be used for shortening the ageing time of newly-built PSFB entry, make entry accelerate aging speed, make the corresponding increasing in entry space along with diminishing of described memory entry space.
26, according to one of any described equipment of claim 19-23, wherein, described memory can comprise a SRAM and a SDRAM, be used for storing described PSFB entry with two-step way, wherein storage is flowed the index of ID corresponding to each on SRAM, and actual PSFB entry is stored among the SDRAM, the list item among the described index point SDRAM.
27, according to one of any described equipment of claim 19-23, wherein said control plane and Forwarding plane can be same physical entity in logic.
28, according to one of any described equipment of claim 19-23, wherein said equipment is one of among GGSN, SGSN, IGSN and the PDSN in router, the network switch or the mobile internet.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021248931A CN100359885C (en) | 2002-06-24 | 2002-06-24 | Method for forwarding data by strategic stream mode and data forwarding equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021248931A CN100359885C (en) | 2002-06-24 | 2002-06-24 | Method for forwarding data by strategic stream mode and data forwarding equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1466340A CN1466340A (en) | 2004-01-07 |
| CN100359885C true CN100359885C (en) | 2008-01-02 |
Family
ID=34142756
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB021248931A Expired - Fee Related CN100359885C (en) | 2002-06-24 | 2002-06-24 | Method for forwarding data by strategic stream mode and data forwarding equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100359885C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102158419A (en) * | 2011-05-23 | 2011-08-17 | 深圳市共进电子有限公司 | Method for realizing expedited forwarding of data packets in home gateway |
Families Citing this family (74)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100464547C (en) * | 2004-03-03 | 2009-02-25 | 联想(北京)有限公司 | A method for implementing information transmission between equipments of different communication protocols |
| CN100342740C (en) * | 2004-05-06 | 2007-10-10 | 日本电气株式会社 | Data transmission system and data transmission method |
| CN100334860C (en) * | 2004-11-01 | 2007-08-29 | 杭州华为三康技术有限公司 | Message intercommunication method with improved forwarding performance of equipment |
| CN100438496C (en) * | 2004-12-19 | 2008-11-26 | 华为技术有限公司 | Network transmission method for multi-protocol label exchange VPN |
| CN100454893C (en) | 2005-03-21 | 2009-01-21 | 中兴通讯股份有限公司 | Rapid multicast realizing method |
| CN100387019C (en) * | 2005-04-04 | 2008-05-07 | 华为技术有限公司 | Method for realizing cross-mixed network multi-protocol tag exchange virtual special network |
| JP4558577B2 (en) * | 2005-05-12 | 2010-10-06 | パナソニック株式会社 | Packet relay method and home agent |
| CN100442770C (en) * | 2005-09-28 | 2008-12-10 | 华为技术有限公司 | Method for realizing muti-casting in BGP/MPLS VPN |
| WO2007073690A1 (en) * | 2005-12-27 | 2007-07-05 | Huawei Technologies Co., Ltd. | Worldwide interoperability for microwave access system and service flow arrangement method in the system |
| CN1996991B (en) * | 2006-01-06 | 2012-02-29 | 华为技术有限公司 | Configuration method of the service flow strategy in WiMAX network |
| CN101043440B (en) * | 2006-03-25 | 2011-02-16 | 华为技术有限公司 | Method for supporting multi-service flow operation in WiMAX network |
| CN101001363B (en) * | 2006-06-29 | 2011-01-12 | 华为技术有限公司 | System and method of data single broadcasting |
| CN100558047C (en) * | 2007-01-26 | 2009-11-04 | 华为技术有限公司 | A kind of management method of route table items and system |
| CN101047650B (en) * | 2007-04-19 | 2010-09-15 | 杭州华三通信技术有限公司 | Transmission table association method and equipment |
| CN101296222B (en) * | 2007-04-25 | 2011-02-02 | 北京天融信网络安全技术有限公司 | Method for improving hardware acceleration performance of fire wall chip |
| CN101110772B (en) | 2007-08-13 | 2010-06-09 | 杭州华三通信技术有限公司 | Device and method for handling message |
| CN101431511B (en) * | 2007-11-09 | 2013-03-06 | 友讯科技股份有限公司 | Method for penetrating fire wall and establishing on-line channel between network terminal apparatus |
| CN101594345B (en) * | 2008-05-26 | 2016-04-06 | 电信科学技术研究院 | A kind of processing method of containing parameter message and system, equipment |
| CN101631135A (en) * | 2008-07-15 | 2010-01-20 | 华为技术有限公司 | Method and device for two-layer intercommunication for data stream |
| US8307422B2 (en) * | 2008-08-14 | 2012-11-06 | Juniper Networks, Inc. | Routing device having integrated MPLS-aware firewall |
| US20120020217A1 (en) * | 2008-12-30 | 2012-01-26 | Shaun Wakumoto | Storing network flow information |
| CN101540724B (en) * | 2009-04-28 | 2011-04-20 | 杭州华三通信技术有限公司 | Retransmitting method of supporting policy routing and device thereof |
| CN101621416B (en) * | 2009-08-05 | 2012-06-06 | 中兴通讯股份有限公司 | Method and device for determining protection type |
| CN101674193B (en) * | 2009-08-21 | 2012-01-11 | 曙光信息产业(北京)有限公司 | Management method of transmission control protocol connection and device thereof |
| CN102104528B (en) * | 2009-12-21 | 2012-10-10 | 中国移动通信集团山西有限公司 | Network system applied in rural area and service message transmission method |
| CA2786429A1 (en) * | 2010-01-06 | 2011-07-14 | Nec Corporation | Communication control system and communication control method |
| CN102136986B (en) * | 2010-01-22 | 2013-11-06 | 杭州华三通信技术有限公司 | Load sharing method and exchange equipment |
| CN102457430B (en) * | 2010-10-20 | 2015-04-08 | 正文科技股份有限公司 | Network package processing method and routing equipment |
| CN102595508B (en) | 2011-01-14 | 2016-09-28 | 中兴通讯股份有限公司 | A kind of policy control method and system |
| CN102164078B (en) * | 2011-03-25 | 2014-07-02 | 北京星网锐捷网络技术有限公司 | Policy routing method, device and system |
| CN102164150B (en) * | 2011-05-18 | 2013-08-14 | 北京星网锐捷网络技术有限公司 | Method, device, server and system for delivering strategies |
| WO2012106869A1 (en) * | 2011-07-06 | 2012-08-16 | 华为技术有限公司 | Message processing method and related device thereof |
| CN103095665A (en) * | 2011-11-07 | 2013-05-08 | 中兴通讯股份有限公司 | Method and device of improving firewall processing performance |
| CN102420759B (en) * | 2011-11-30 | 2015-01-21 | 福建星网锐捷网络有限公司 | Method, device and system for establishing label switching path, and corresponding equipment |
| CN102546405B (en) * | 2011-12-27 | 2015-05-13 | 华为技术有限公司 | Business processing method and device of protocol stack |
| CN102497385B (en) * | 2011-12-31 | 2015-09-16 | 曙光信息产业股份有限公司 | A kind of network traffics auditing method and auditing system |
| CN102694727A (en) * | 2012-05-21 | 2012-09-26 | 太仓市同维电子有限公司 | Method and device for realizing transmission acceleration of network data packets |
| CN102664816B (en) * | 2012-05-30 | 2015-08-19 | 迈普通信技术股份有限公司 | The device and method that a kind of fast finding MPLS transmits |
| HUE032319T2 (en) * | 2012-06-12 | 2017-09-28 | Huawei Tech Co Ltd | Method, system and device for processing data packet |
| CN102821169B (en) * | 2012-08-10 | 2015-12-09 | 华为技术有限公司 | A kind of method that in network, MAC Address list item creates and the network equipment |
| CN102801824B (en) * | 2012-08-28 | 2015-07-01 | 山石网科通信技术有限公司 | Method and system for processing NAT equipment, NAPT equipment and TCP application drainage |
| CN102882790A (en) * | 2012-10-12 | 2013-01-16 | 北京锐安科技有限公司 | IPv6 (Internet Protocol version 6) real-time dataflow processing method |
| CN102904813B (en) * | 2012-11-05 | 2016-03-02 | 华为技术有限公司 | A kind of method of message repeating and relevant device |
| CN102970224B (en) * | 2012-12-07 | 2015-05-06 | 重庆金美通信有限责任公司 | Method compatible with ATM (asynchronous transfer mode) system and based on IP (Internet protocol) switched network for realizing MPLS (multi-protocol label switching) message forwarding |
| CN103036801B (en) * | 2012-12-18 | 2019-06-14 | 网神信息技术(北京)股份有限公司 | The processing method and processing device of data packet |
| CN103905316B (en) | 2012-12-27 | 2018-04-24 | 中国科学院声学研究所 | A kind of multi-protocols routing system and method applied with network integration driving |
| CN103973553A (en) * | 2013-01-24 | 2014-08-06 | 华为技术有限公司 | Data packet processing method and network device |
| WO2014153758A1 (en) * | 2013-03-28 | 2014-10-02 | 华为技术有限公司 | Message transmission method, switching device and controller |
| WO2014205660A1 (en) * | 2013-06-26 | 2014-12-31 | 华为技术有限公司 | Method, apparatus and routing device for forwarding data packet |
| JP2015057879A (en) * | 2013-08-05 | 2015-03-26 | アカデミア・グルニチョ−フトニチャ・イム・スタニスワヴァ・スタシツ・ヴ・クラクフ | Packet multipath routing device and method for using thereof in computer networking |
| CN103428211B (en) * | 2013-08-07 | 2016-12-28 | 华南理工大学 | Network authentication system based on switch and authentication method thereof |
| CN104660507B (en) * | 2013-11-22 | 2018-11-16 | 华为技术有限公司 | The control method and device of forwarding data flow routing |
| CN104734986B (en) * | 2013-12-19 | 2018-12-25 | 华为技术有限公司 | A kind of message forwarding method and device |
| US20150188731A1 (en) * | 2013-12-27 | 2015-07-02 | Daniel P. Daly | Programmable Distributed Networking |
| CN105099992B (en) * | 2014-04-29 | 2018-07-24 | 杭州迪普科技股份有限公司 | A kind of message modification device and method |
| EP3122012B1 (en) * | 2014-05-16 | 2019-08-14 | Huawei Technologies Co., Ltd. | Data processing method and apparatus for openflow network |
| CN104009924B (en) * | 2014-05-19 | 2017-04-12 | 北京东土科技股份有限公司 | Message processing method and device based on TCAM and FPGA |
| NO3073701T3 (en) * | 2015-03-27 | 2018-03-03 | ||
| CN106330492B (en) * | 2015-06-23 | 2019-11-26 | 华为技术有限公司 | A kind of method, apparatus and system configuring user equipment forwarding table |
| CN105357126A (en) * | 2015-11-12 | 2016-02-24 | 国电南瑞科技股份有限公司 | Lookup table optimization method for parallel redundancy protocol (PRP)/high reliable seamless redundancy (HSR) message dropping algorithm |
| CN105656801B (en) * | 2015-12-31 | 2018-10-30 | 迈普通信技术股份有限公司 | A kind of concurrency control method and device |
| CN107203635B (en) * | 2017-06-07 | 2020-08-11 | 南开大学 | Thumbnail constructing method of directed label graph in stream mode based on minimum thumbnail |
| US20190028409A1 (en) * | 2017-07-19 | 2019-01-24 | Alibaba Group Holding Limited | Virtual switch device and method |
| CN107959603B (en) * | 2017-10-27 | 2020-11-03 | 新华三技术有限公司 | Forwarding control method and device |
| CN107682257A (en) * | 2017-11-21 | 2018-02-09 | 凌云天博光电科技股份有限公司 | Data transmission method and system |
| CN110535771A (en) * | 2018-05-24 | 2019-12-03 | 中兴通讯股份有限公司 | A kind of data forwarding method, the network equipment and computer readable storage medium |
| CN110098977B (en) * | 2019-04-12 | 2020-11-06 | 中国科学院声学研究所 | Network data packet in-sequence storage method, computer device and storage medium |
| CN112511362B (en) * | 2019-09-16 | 2022-07-19 | 中国移动通信有限公司研究院 | Method, device, equipment and medium for testing equipment forwarding performance |
| US11323369B2 (en) * | 2020-05-18 | 2022-05-03 | Juniper Networks, Inc. | Transforming a multi-level hybrid hierarchical forwarding information base format |
| CN111614689B (en) * | 2020-05-27 | 2021-02-19 | 北京天融信网络安全技术有限公司 | Message forwarding method and device for state firewall |
| CN114079634B (en) * | 2020-08-21 | 2024-03-12 | 深圳市中兴微电子技术有限公司 | Message forwarding method and device and computer readable storage medium |
| CN112511495A (en) * | 2020-11-05 | 2021-03-16 | 方一信息科技(上海)有限公司 | Distributed firewall-oriented network system and interface card data flow acceleration processing method |
| CN112333850B (en) * | 2020-11-24 | 2022-08-16 | 展讯半导体(成都)有限公司 | Method for preventing downlink desynchronization, communication device and readable storage medium |
| CN113783974B (en) * | 2021-09-09 | 2023-06-13 | 烽火通信科技股份有限公司 | Method and device for dynamically issuing MAP domain rule |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000060819A1 (en) * | 1999-04-03 | 2000-10-12 | Top Layer Networks, Inc. | Process for automatic detection of and quality of service adjustment for bulk data transfers |
-
2002
- 2002-06-24 CN CNB021248931A patent/CN100359885C/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000060819A1 (en) * | 1999-04-03 | 2000-10-12 | Top Layer Networks, Inc. | Process for automatic detection of and quality of service adjustment for bulk data transfers |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102158419A (en) * | 2011-05-23 | 2011-08-17 | 深圳市共进电子有限公司 | Method for realizing expedited forwarding of data packets in home gateway |
| CN102158419B (en) * | 2011-05-23 | 2016-05-04 | 深圳市共进电子股份有限公司 | In home gateway, realize the method for packet expedited forwarding |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1466340A (en) | 2004-01-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100359885C (en) | Method for forwarding data by strategic stream mode and data forwarding equipment | |
| US7453884B2 (en) | Apparatus and method for scalable and dynamic traffic engineering in a data communication network | |
| US8942242B2 (en) | Method and apparatus for self-learning of VPNS from combinations of unidirectional tunnels in MPLS/VPN networks | |
| US6522627B1 (en) | Managing internet protocol connection oriented services | |
| US6977932B1 (en) | System and method for network tunneling utilizing micro-flow state information | |
| JP5291122B2 (en) | Ethernet network controlled by IP forwarding with link state protocol | |
| EP1158724A2 (en) | Packet processor with programmable application logic | |
| US20040252722A1 (en) | Apparatus and method for implementing VLAN bridging and a VPN in a distributed architecture router | |
| US7277386B1 (en) | Distribution of label switched packets | |
| CN101447919A (en) | Systems and methods for carrier Ethernet using referential tables for forwarding decisions | |
| JP2001237876A (en) | Buildup method for ip virtual private network and the ip virtual private network | |
| WO2013059683A1 (en) | Comprehensive multipath routing for congestion and quality-of-service in communication networks | |
| CN102474451B (en) | Connect internal layer and outer MPLS label | |
| Vuppala et al. | Layer-3 switching using virtual network ports | |
| CN1973503A (en) | Flow processing | |
| Cittadini et al. | MPLS virtual private networks | |
| Hunt | A review of quality of service mechanisms in IP-based networks—integrated and differentiated services, multi-layer switching, MPLS and traffic engineering | |
| US20220385560A1 (en) | Network-topology discovery using packet headers | |
| WO2021164245A1 (en) | Load sharing method and first network device | |
| Cisco | Introduction to Cisco MPLS VPN Technology | |
| Cisco | Introduction to MPLS VPN Technology | |
| JP5204294B2 (en) | Packet transfer device | |
| O'Neill et al. | An overview of Internet protocols | |
| Yongtang et al. | Non-SPF routing algorithm based on ordered semi-group preference algebra | |
| Semeria et al. | Multiprotocol label switching |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170329 Address after: 430074 East Lake high tech Development Zone, Hubei Province, No. 6, No., high and new technology development zone, No. four Patentee after: Fenghuo Communication Science &. Technology Co., Ltd. Address before: 430074 Hubei Province, Wuhan City Road, No. 88 hospital Patentee before: Wuhan Fenghuo Network Co., Ltd. |
|
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080102 Termination date: 20190624 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |