CN101540724A - Retransmitting method of supporting policy routing and device thereof - Google Patents
Retransmitting method of supporting policy routing and device thereof Download PDFInfo
- Publication number
- CN101540724A CN101540724A CN200910082740A CN200910082740A CN101540724A CN 101540724 A CN101540724 A CN 101540724A CN 200910082740 A CN200910082740 A CN 200910082740A CN 200910082740 A CN200910082740 A CN 200910082740A CN 101540724 A CN101540724 A CN 101540724A
- Authority
- CN
- China
- Prior art keywords
- next hop
- service processing
- information
- hop information
- processing unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000001360 synchronised effect Effects 0.000 claims abstract description 21
- 238000012545 processing Methods 0.000 claims description 131
- 238000012986 modification Methods 0.000 claims description 13
- 230000004048 modification Effects 0.000 claims description 13
- 239000000284 extract Substances 0.000 claims description 3
- 101150045440 ISP1 gene Proteins 0.000 description 4
- 101100353471 Mus musculus Prss28 gene Proteins 0.000 description 4
- 101100509103 Schizosaccharomyces pombe (strain 972 / ATCC 24843) ish1 gene Proteins 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 101710128742 Cytochrome b6-f complex iron-sulfur subunit 2 Proteins 0.000 description 3
- 101000610620 Homo sapiens Putative serine protease 29 Proteins 0.000 description 3
- 102100040345 Putative serine protease 29 Human genes 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 235000008694 Humulus lupulus Nutrition 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000009466 transformation Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a retransmitting method of supporting policy routing and a device thereof. The method comprises the following steps: a next hop ID is distributed to the next information of the policy routing, the corresponding relationship between the next information and the next hop ID is synchronized on an interface plate and a business plate; the interface plate carries out the policy routing on a retransmitting message so as to obtain next hop information; the next ID which is corresponding to the next information is transmitted to the business plate, wherein, the next ID is carried in the message; the business plate resumes the next information which is corresponding to the next hop ID according to the corresponding relationship so as to retransmit according to the resumed next information. The invention can support policy routing descend hierarchy business without configuring and reexecuting the policy routing function on the business plate.
Description
Technical Field
The present invention relates to routing technologies in the field of communications, and in particular, to a forwarding method and apparatus for supporting policy routing.
Background
The policy routing technology is a technology for routing based on a policy. The general routing is performed through the destination IP, and the policy routing may perform routing with other characteristics of the packet by configuring a policy, for example, routing according to the source IP, so as to implement routing more flexibly.
Generally, the packet forwarding of the high-end Network routing device is implemented by using NP (Network Processor) and ASIC (Application Specific Integrated Circuit) hardware. NPs are programmable and flexible to implement, but generally have lower performance than ASIC chips and much higher cost than ASIC chips. But ASICs are not programmable and therefore their functionality is fixed and only limited changes can be achieved by configuration.
At present, many devices adopt a frame structure, and an interface board in the device is responsible for forwarding flow. In order to save cost and improve forwarding performance, ASIC hardware is usually used to implement an interface board, and since the ASIC is not programmable, the function of the interface board is relatively fixed. When a certain outlet of an interface board implemented by using an ASIC wants to configure a complex service, if the ASIC does not support such a service, for example, NAT (network Address Translation) service, a service processing unit responsible for service processing is needed, and the service processing unit can be implemented by executing a corresponding service processing function by using a CPU on an existing board in the device, or by using an extra board, that is, a service board, that is, a board specially used for service processing.
Taking NAT service as an example, if NAT needs to be performed on traffic at a certain outlet of an interface board, the traffic is configured to be forwarded to an NAT service board or a CPU at the outlet, and after NAT transformation is completed by the NAT service board or the CPU, the traffic is forwarded out. When forwarding the traffic after service, the forwarding table is normally searched by the destination IP, and routing forwarding is performed according to the search result. However, if the traffic is already policy-routed in the interface board before the service is made, and the route is selected according to the destination IP after the service is made, the routes selected before and after the service is made may be inconsistent, and a message that should go out from the interface 1 is sent to the interface 2, which may cause a forwarding error, and even cause the network to be unable to pass.
Fig. 1 shows an existing forwarding scheme supporting policy routing, which can solve the above problem, and referring to fig. 1, in the scheme, a policy routing is configured on an interface board and a service board at the same time, the interface board performs policy routing on traffic that needs to be made, and acquires next hop information corresponding to a next hop IP from a layer 3 forwarding table of the interface board according to a next hop device IP address (next hop IP for short) of the policy routing, where the next hop information is used to indicate from which outlet of which chip (for example, NAT service board) the traffic is forwarded, and the next hop information generally includes a destination chip, an egress port, an egress VLAN, and the like. The interface board sends the flow to the service board through the NAT outlet according to the content of the next hop information. After NAT service processing is carried out on the received traffic by the service board, strategy routing is carried out on the traffic after service processing again and the traffic is forwarded, so that the routes selected before and after service processing are the same. However, this solution has some drawbacks:
firstly, the method must implement policy routing on the NAT service board or CPU, which at least increases the workload, and since policy routing is usually implemented by ACL (Access Control List) technology, and implementing ACL by software is generally relatively CPU resource consuming, the service processing capability of the service board is seriously affected.
Secondly, the strategy route is configured on the interface board and the service board simultaneously, and the workload of maintaining the strategy route is increased.
In addition, because the matching relationship of the ACL is complex, the implementation on the interface board and the implementation on the service board may be different, which may also cause some routing inconsistency.
Disclosure of Invention
In view of this, the present invention provides a forwarding method supporting policy routing, which can support the service after policy routing, but does not need to configure and re-execute the policy routing function on the service processing unit.
The method is applied to the equipment which adopts an interface board realized by ASIC hardware to realize strategy routing and adopts a service processing unit to realize service processing, and the method comprises the following steps:
distributing a next hop ID for the next hop information of the strategy route, and synchronizing the corresponding relation between the next hop information and the next hop ID to the interface board and the service processing unit;
aiming at a strategy route matched with the flow needing service processing, modifying the next hop information corresponding to the strategy route in an interface board forwarding table; the modification is as follows: modifying the content of a target chip field in the next hop information into a corresponding service processing unit identifier, and replacing the content of a borrowable field in the next hop information into a preset strategy routing mark and a next hop ID corresponding to the next hop information according to the corresponding relation of synchronization to an interface board; the conditions satisfied by the borrowable field are: the content before the replacement of the borrowable field is not the information needed by the service processing unit for service processing and forwarding;
when the flow to be forwarded hits a strategy route, the interface board forwards the flow to a corresponding service processing unit according to modified next hop information corresponding to the hit strategy route, and the forwarded flow carries a strategy route mark and a next hop ID;
after the service processing unit performs service processing on the received traffic, for the traffic carrying the policy routing mark, the corresponding next hop information is searched in the corresponding relationship synchronized to itself according to the next hop ID carried by the traffic, and forwarding processing is performed according to the searched next hop information.
Preferably, the borrowable field is an egress virtual local area network VLAN field in the next hop information and/or an egress port field in the next hop information.
Preferably, the next hop ID allocated for the next hop information is sequentially encoded starting from 0.
Wherein, synchronizing the correspondence between the next hop information and the next hop ID to the interface board and the service processing unit is: synchronizing the corresponding relation between the next hop information and the next hop ID to all single boards in the equipment; or, the corresponding relation of the next hop information of the policy route is issued to the interface board issued by the policy route, and the corresponding relation is issued to the corresponding service processing unit.
Preferably, the allocating the next hop ID to the next hop information of the policy routing is: allocating a next hop ID to the next hop device IP address corresponding to the next hop information;
the synchronizing the corresponding relationship between the next hop information and the next hop ID to the interface board and the service processing unit is: synchronizing the corresponding relation between the IP address of the next hop equipment and the next hop ID to the interface board and the service processing unit;
the content of the borrowable field in the next hop information is replaced by a preset policy routing flag and the next hop ID corresponding to the next hop information is: extracting a corresponding next hop ID from the corresponding relation according to the next hop equipment IP address corresponding to the next hop information, and replacing the content of the borrowable field in the next hop information with a preset strategy routing mark and the extracted next hop ID;
searching corresponding next hop information in the corresponding relation synchronized to the flow according to the next hop ID carried by the flow, and forwarding according to the searched next hop information comprises the following steps: and searching the corresponding next hop IP in the corresponding relation synchronized to the next hop IP according to the next hop ID carried by the flow, inquiring a forwarding table in the service processing unit according to the searched next hop IP, and performing forwarding processing.
The invention also provides a forwarding device supporting the policy routing, which can support the policy routing and then serve as services without configuring and re-executing the policy routing function on the service processing unit.
The device comprises at least one service processing unit and at least one interface board realized by ASIC hardware; the device also comprises a policy routing configuration unit and an item modification unit;
the policy routing configuration unit is configured to allocate a next hop ID to next hop information of the policy routing, and synchronize a correspondence between the next hop information and the next hop ID to the interface board and the service processing unit;
the table item modifying unit is used for modifying the next hop information corresponding to the policy route in the forwarding table of the interface board aiming at the policy route matched with the flow needing service processing; the modification is as follows: modifying the content of a target chip field in the next hop information into a corresponding service processing unit identifier, and replacing the content of a borrowable field in the next hop information into a preset strategy routing mark and a next hop ID corresponding to the next hop information according to the corresponding relation of synchronization to an interface board; the conditions satisfied by the borrowable field are: the content before the replacement of the borrowable field is not the information needed by the service processing unit for service processing and forwarding;
the interface board is used for forwarding the flow to the corresponding service processing unit according to the modified next hop information corresponding to the hit policy route when the flow to be forwarded hits the policy route, and the forwarded flow carries a policy route mark and a next hop ID;
and the service processing unit is used for searching corresponding next hop information in the corresponding relation synchronized to the service processing unit according to the next hop ID carried by the traffic and forwarding the searched next hop information according to the searched next hop information aiming at the traffic carrying the strategy routing mark after the received traffic is subjected to service processing.
Preferably, the borrowable field used by the entry modification unit is an outgoing VLAN field in next hop information and/or an outgoing port field in next hop information.
Preferably, the next hop ID allocated by the policy routing configuration unit for next hop information is encoded in sequence starting from 0.
When synchronizing, the policy routing configuration unit synchronizes the correspondence between the next hop information and the next hop ID to all boards in the device; or, the corresponding relation of the next hop information of the policy route is issued to the interface board issued by the policy route, and the corresponding relation is issued to the corresponding service processing unit.
Preferably, when the policy routing configuration unit allocates a next hop ID to the next hop information, the policy routing configuration unit allocates a next hop ID to the next hop device IP address corresponding to the next hop information, and synchronizes a correspondence between the next hop device IP address and the next hop ID to the interface board and the service processing unit;
when modifying the borrowable field, the table item modifying unit extracts the corresponding next hop ID from the corresponding relation of the synchronization to the interface board according to the next hop equipment IP address corresponding to the next hop information, and replaces the content of the borrowable field in the next hop information by the preset strategy routing mark and the extracted next hop ID;
when the service processing unit forwards the flow carrying the policy routing mark, the corresponding next hop IP is searched in the corresponding relation synchronized to the service processing unit according to the next hop ID carried by the flow, and the forwarding table in the service processing unit is inquired according to the searched next hop IP, and the forwarding processing is carried out.
According to the technical scheme, the embodiment of the invention adopts the borrowable field of the message to carry the next hop information, and because the borrowable field is not long enough to carry the original next hop information, the invention allocates the next hop ID for the next hop information, and adopts the shorter ID to represent the longer information content, so that the next hop information can be contained in the limited space of the borrowable field. Meanwhile, the corresponding relationship between the two is synchronized to the interface board and the service processing unit, so that the interface board and the service processing unit know the corresponding relationship, the interface board can carry the next hop ID corresponding to the next hop information in the message sent to the service processing unit according to the corresponding relationship, and the service processing unit can also find the real next hop information according to the corresponding relationship, so as to forward the information. Therefore, the invention not only can support the business after the strategy routing, but also does not need to configure and re-execute the strategy routing function on the business board or the CPU, thereby simplifying the realization.
In order to reduce the storage burden of the service processing unit, preferably, the correspondence between the next hop information and the next hop ID is not directly configured, but the correspondence between the IP address of the next hop device corresponding to the next hop information and the next hop ID is configured, and the correspondence between the IP and the ID is synchronized into the service processing unit.
Meanwhile, the strategy routing does not need to be maintained on the interface board and the service processing unit, so that the maintenance workload is reduced, the user configuration is simplified, and the user does not need to perform multiple configurations.
In addition, the service processing unit omits the strategy route search, only needs to search the next hop information according to the next hop ID, the search process only needs one-time matching, and the matching process is simplified because the next hop ID is shorter, thereby saving the limited execution resources in the service board and improving the service processing performance of the service processing unit.
Thirdly, the method keeps the consistency of the policy routing before and after the business is made, and avoids the inconsistency between the realization of ASIC and the realization of the policy routing by software/business board.
Drawings
Fig. 1 is a schematic diagram of a policy routing scheme in the prior art.
Fig. 2 is a flowchart of a forwarding method supporting policy routing according to an embodiment of the present invention.
Fig. 3 is a flowchart of a forwarding method supporting policy routing in the second embodiment of the present invention.
Fig. 4 is a schematic structural diagram of a forwarding device supporting policy routing in an embodiment of the present invention.
Detailed Description
The invention is described in detail below by way of example with reference to the accompanying drawings.
The invention provides a forwarding scheme supporting policy routing, which is applied to an interface board realized by ASIC hardware to realize policy routing and a device for realizing service processing by a service processing unit, and the basic idea is as follows: the result of the policy routing is brought to the service processing unit, that is, the next hop information of the policy routing is brought to the service processing unit, so that the service processing unit does not need to execute the policy routing again, and the policy routing function is prevented from being configured and executed again on the service processing unit.
The service processing unit is a functional module responsible for service processing, and may be a service board or a CPU executing service processing operations. For simplicity, the service board is taken as an example in the following description.
Embodiments of the present invention borrow one or more borrowable fields in next hop information to carry next hop information. The conditions that the borrowable field must satisfy are: the content before replacement of the borrowable field, that is, the content carried by the borrowable field in the prior art, is not information required to be used when the service board performs service and forwarding processing.
The embodiment of the invention selects the output VLAN field or the output port field in the next hop information as the borrowable field, and because the service board can re-determine the final output VLAN and the output port after completing the service, the output VLAN and the output port which are determined after the service are taken as the standard no matter whether the output VLAN and the output port which are searched before and after the service are the same, the output VLAN and the output port which are determined by the interface board are not required to use information in the process of the service board making the service and forwarding, and can be used as the borrowable field.
Since various protocols have the egress port field, the application range of adopting the egress port field to carry the next hop information is the most extensive. At present, most protocols also have an outgoing VLAN field, so the application range of adopting the outgoing VLAN field to carry the information of the next hop can also meet the requirements of most occasions. In practice, according to different protocols adopted by the traffic, other fields may also be selected as the borrowable field, as long as the field is selected to satisfy the condition of the borrowable field.
The flow of the present invention will be described in detail below with reference to the accompanying drawings. For convenience of description, the following embodiments take policy routing followed by NAT service as an example, and assume that NAT is completed through a special NAT service board and an outgoing VLAN is used to carry information of a next hop.
Example one
Fig. 2 is a flowchart of a forwarding method supporting policy routing in an embodiment of the present invention. As shown in fig. 2, the process includes the following steps:
step 201: when configuring the strategy route, distributing the next hop code, namely the next hop ID, for the next hop information of the strategy route.
Since the outgoing VLAN has only less than 2 bytes and is not enough to accommodate the next hop information, this embodiment assigns an ID to the next hop information, and uses a shorter ID to represent longer information content, so that the next hop information can be accommodated in the limited space of the outgoing VLAN field.
Step 202: and synchronizing the corresponding relation between the next hop information and the next hop ID to the related interface board and the NAT service board.
The method comprises the following specific steps: and issuing the corresponding relation of the next hop information of the policy route to an interface board issued by the policy route. For example, if the next hop information of the policy route PR1 is F1, and the ID1 allocated to F1 is 0, the correspondence between F1 and ID1 is issued to the interface board issued by the policy route PR 1. For the service board, the embodiment synchronizes the correspondence to the relevant service board, that is, the NAT service board of the embodiment.
It is also possible to synchronize to all boards in the device for simplicity.
Step 203: when NAT service is configured, next hop information corresponding to a policy route in an interface board forwarding table is modified aiming at the policy route needing NAT flow matching; the modification operation specifically includes: modifying the content of a target chip field in the next hop information into an identifier of the NAT service board, for example, filling a chip number of the NAT service board into the target chip field; and replacing the content of the borrowable field in the next hop information with a strategy routing mark and the next hop ID corresponding to the next hop information according to the corresponding relation of the synchronization to the interface board.
The purpose of filling the policy routing flag in the borrowable field is to indicate that the traffic carrying the policy routing flag is traffic processed by policy routing, the information carried in the borrowable field is modified information, and the service board needs to be processed by the method and the device.
Preferably, the next hop ID is encoded sequentially starting from 0, so that 256 pieces of next hop information can be supported by one byte. Since there are not many direct next hops for a network device, one byte may be allocated to represent the next hop ID, and another byte may store the policy routing tag.
Of course, if more next hops need to be supported, more bytes may be allocated, for example, all bytes of the outgoing VLAN field are used to indicate the next hop, and the outgoing port field is used to store a policy routing flag; or, the next hop is represented by adding all bytes of the output VLAN field and partial bytes of the output port field, and the policy routing mark is stored by using the rest bytes of the output port field. In practice, the policy routing flag can be represented by a bit of 0 or 1 at a predetermined position.
Step 204: after the flow enters the interface board, the interface board executes the strategy route. When the flow to be forwarded hits the strategy route, the interface board forwards the next hop information after modification corresponding to the hit strategy route, because the content of the target chip field is modified into the identification of the NAT service board, the flow is forwarded to the NAT service board for processing, and simultaneously the next hop ID and the strategy route mark are also carried in the VLAN field and enter the NAT service board.
Step 205: and the NAT service board carries out NAT service processing on the received traffic, then synchronizes to the corresponding relation of the traffic carrying the strategy routing mark according to the next hop ID carried by the traffic to search the corresponding next hop information, and forwards the traffic by adopting the searched next hop information.
And for the traffic which does not carry the policy routing mark, after NAT service processing is carried out, a destination IP forwarding table is searched for routing forwarding according to the existing processing mode.
This flow ends by this point.
As can be seen from the flow shown in fig. 2, in the embodiment of the present invention, the carried next hop ID is used in the packet completing the policy routing, and the real next hop information is recovered in the service board according to the next hop ID, so that not only the service after the policy routing can be supported, but also the policy routing function does not need to be configured and re-executed on the service board or the CPU, thereby simplifying the implementation.
Meanwhile, the invention only needs to modify the forwarding table configuration of the interface board without adding new execution steps, thereby meeting the non-programmable limit of the interface board realized by ASIC.
Because the strategy routing is not required to be maintained on the interface board and the service board, the maintenance workload is reduced, the user configuration is simplified, and the user does not need to perform multiple configurations.
In addition, the service board omits the strategy route search, only needs to search the next hop information according to the next hop ID, the search process only needs one-time matching, and the next hop ID is shorter, so that the matching process is simplified, the limited execution resources in the service board are saved, and the service processing performance of the service board is improved. Thirdly, the method keeps the consistency of the policy routing before and after the business is made, and avoids the inconsistency between the realization of ASIC and the realization of the policy routing by software/business board.
Example two
In the first embodiment, the service board needs to store the corresponding relationship, and the storage burden of the service board is increased because the complete next hop information is longer. Preferably, in order to reduce the storage burden of the service board, the corresponding relationship between the next hop information and the next hop ID may not be directly configured, but the corresponding relationship between the next hop IP corresponding to the next hop information and the next hop ID is configured, and the corresponding relationship between the IP and the ID is synchronized to the service board.
Fig. 3 is a flowchart of a forwarding method supporting policy routing in the second embodiment of the present invention. As shown in fig. 3, the process includes the following steps:
step 301: and when the strategy route is configured, allocating a next hop ID for the next hop IP of the strategy route.
Step 302: and synchronizing the corresponding relation between the next hop IP and the next hop ID to the related interface board and the NAT service board. It is also possible to synchronize to all boards in the device for simplicity.
Step 303: when NAT service is configured, next hop information corresponding to a policy route in an interface board forwarding table is modified aiming at the policy route which needs to be subjected to NAT flow matching. The modifying operation includes: modifying the content of the field of the target chip into the identification of the NAT service board; and extracting the corresponding next hop ID from the corresponding relation between the synchronization and the interface board according to the next hop IP corresponding to the next hop information, and replacing the content in the borrowable field with a strategy routing mark and the extracted next hop ID.
Step 304: after the flow enters the interface board, the interface board executes the strategy route. When the flow to be forwarded hits the strategy route, the interface board forwards the flow to the NAT service board according to the modified next hop information corresponding to the hit strategy route, and the next hop ID and the strategy route mark are also carried in the VLAN field and enter the NAT service board.
Step 305: and the NAT service board carries out NAT service processing on the received traffic, then searches the corresponding next hop IP in the corresponding relation synchronized to the NAT service board according to the next hop ID carried by the traffic aiming at the traffic carrying the strategy routing mark, queries an NAT service board forwarding table by the searched next hop IP and carries out forwarding processing.
And for the traffic which does not carry the policy routing mark, after NAT service processing is carried out, a destination IP forwarding table is searched for routing forwarding according to the existing processing mode.
The route forwarding table in the NAT service board does not need to be modified, and the existing forwarding table can be used.
This flow ends by this point.
For the convenience of understanding, the scheme of the second embodiment of the present invention is described below by taking the internet on the NAT as an example.
Assuming 2 network outlets, each connected to an ISP (service provider), one of which is connected to ISP1 and the next hop of which is IP1, and the other of which is connected to ISP2 and the next hop of which is IP2, the 2 interfaces are each configured with a NAT.
In the example, the flow is distributed according to the source IP, and it is assumed that users with 10.0.0.1/16 network segments are configured to surf the internet through ISP1, users with 10.1.0.1/16 network segments surf the internet through ISP2, and the default route is directed to ISP 2.
When configuring the policy routing, firstly configuring the policy routing PR1 for the traffic with the matching source IP of 10.0.0.1/16, and the next hop IP corresponding to PR1 is IP 1. When the policy route is issued, an ID 0 is allocated to the IP1, and the correspondence between the ID 0 and the IP1 is synchronized to the interface board and the NAT service board issued by the policy route PR1, or synchronized to all boards for simple processing.
Configuring a policy route PR2 for the traffic with the matching source IP of 10.1.0.1/16, wherein the next hop IP of PR2 is IP2, when the policy route is issued, assigning the ID corresponding to the IP2 to be 1, and synchronizing the corresponding relation between the ID to be 1 and the IP2 to an interface board and a NAT service board issued by the policy route PR 2. It is also possible to synchronize to all boards for simple processing.
When the NAT service is configured, a NAT outlet of the ISP1 is configured, and next hop information corresponding to a policy route PR1 of which the next hop equipment is ISP1 is modified: the content of the destination chip field is modified into the chip number of the NAT service board, and meanwhile, the ID (identity) 0 and the policy routing mark are stored in the output VLAN field.
When configuring the NAT outlet of the ISP2, modifying the next hop information corresponding to the policy route PR2 of which the next hop equipment is ISP 2: the content of the destination chip field is modified into the chip number of the NAT service board, and meanwhile, the ID1 and the policy routing mark are stored in the output VLAN field.
When a user in a 10.0.0.1 network segment initiates an external access, the user can hit the policy routing PR1 and inquire the next hop information for forwarding, because the target chip is modified into an NAT service board at this time, the message is forwarded to the NAT service board, the outgoing VLAN information is also carried on the NAT service board, and the NAT service board obtains the policy routing mark and the ID from the outgoing VLAN field as 0.
After the NAT service board completes NAT processing, it knows that the message is forwarded after policy routing through the policy routing flag carried in the message, then queries the next hop IP1 with ID 0, queries the forwarding table with IP1 to obtain the next hop information, and performs forwarding processing. If the embodiment scheme is adopted, the next hop information is directly inquired according to the ID of 0, and forwarding processing is carried out.
If the message does not carry the policy routing mark, the destination IP is used to inquire the forwarding table for normal routing forwarding processing, so that the real outlet and the originally configured outlet can be completely consistent. If the default route is hit by querying the routing table with the destination IP, the message will go out of ISP 2.
In order to implement the foregoing forwarding method, an embodiment of the present invention further provides a forwarding device supporting policy routing. Fig. 4 is a schematic structural diagram of a forwarding device supporting policy routing in an embodiment of the present invention. As shown in fig. 4, the apparatus includes: the system comprises a policy routing configuration unit, a table item modification unit, at least one interface board realized by ASIC hardware and at least one service processing unit. Fig. 4 shows a case where two interface boards use one service processing unit to perform service processing. Wherein,
and the policy routing configuration unit is used for distributing a next hop ID for the next hop information of the policy routing and synchronizing the corresponding relation between the next hop information and the next hop ID to the interface board and the service processing unit. During synchronization, the corresponding relationship can be synchronized to all the single boards in the forwarding device; or, the corresponding relation of the next hop IP of the policy route is sent to the interface board sent by the policy route, and the corresponding relation is sent to the corresponding service processing unit.
In order to reduce the storage burden of the service processing unit, a next hop ID may be assigned to the next hop IP corresponding to the next hop information, and the correspondence between the next hop IP and the next hop ID may be synchronized to the interface board and the service processing unit.
The table item modifying unit is used for modifying the next hop information corresponding to the strategy route in the forwarding table of the interface board aiming at the strategy route matched with the flow needing to be subjected to service processing; the modification is as follows: and modifying the content of a target chip field in the next hop information into a service processing unit identifier corresponding to the service, and replacing the content of the borrowable field in the next hop information into a preset strategy routing mark and a next hop ID corresponding to the next hop information according to the corresponding relation of synchronization to the interface board. The condition that the borrowable field meets is that the content before replacement is not information required by the service processing unit for service processing and forwarding. The outgoing VLAN field in the next hop information or the outgoing port field in the next hop information may be selected or used in combination.
If the corresponding relation configured by the policy routing configuration unit is the corresponding relation between the next hop IP and the next hop ID, the table item modifying unit extracts the corresponding next hop ID from the corresponding relation synchronized to the interface board according to the next hop IP corresponding to the next hop information when modifying the borrowable field, and replaces the content of the borrowable field with: a policy routing flag and the extracted next hop ID.
And the interface board is used for carrying out strategy routing on the flow to be forwarded, when the flow to be forwarded hits the modified strategy routing, the flow is forwarded to the corresponding service processing unit according to the modified next hop information corresponding to the hit strategy routing, and the forwarded flow carries the next hop ID and the strategy routing mark.
The service processing unit may be a service board or a CPU, and is configured to perform service processing on the received traffic, query, according to a next hop ID carried by the traffic, corresponding next hop information for the traffic carrying the policy routing flag, and perform forwarding processing according to the found next hop information. And inquiring a forwarding table stored by the IP according to the destination IP aiming at the traffic not carrying the routing mark, and forwarding the traffic.
If the corresponding relation configured by the policy routing configuration unit is the corresponding relation between the next hop IP and the next hop ID, the service processing unit searches the corresponding next hop IP in the corresponding relation synchronized to the service processing unit according to the next hop ID carried by the flow aiming at the flow carrying the policy routing mark, so as to query a forwarding table in the service processing unit by the searched next hop IP and perform forwarding processing.
In summary, the above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A forwarding method for supporting policy routing is applied to an interface board realized by ASIC hardware to realize policy routing, and a service processing unit is adopted to realize service processing, and is characterized in that the method comprises the following steps:
distributing a next hop ID for the next hop information of the strategy route, and synchronizing the corresponding relation between the next hop information and the next hop ID to the interface board and the service processing unit;
aiming at a strategy route matched with the flow needing service processing, modifying the next hop information corresponding to the strategy route in an interface board forwarding table; the modification is as follows: modifying the content of a target chip field in the next hop information into a corresponding service processing unit identifier, and replacing the content of a borrowable field in the next hop information into a preset strategy routing mark and a next hop ID corresponding to the next hop information according to the corresponding relation of synchronization to an interface board; the conditions satisfied by the borrowable field are: the content before the replacement of the borrowable field is not the information needed by the service processing unit for service processing and forwarding;
when the flow to be forwarded hits a strategy route, the interface board forwards the flow to a corresponding service processing unit according to modified next hop information corresponding to the hit strategy route, and the forwarded flow carries a strategy route mark and a next hop ID;
after the service processing unit performs service processing on the received traffic, for the traffic carrying the policy routing mark, the corresponding next hop information is searched in the corresponding relationship synchronized to itself according to the next hop ID carried by the traffic, and forwarding processing is performed according to the searched next hop information.
2. The method of claim 1, wherein the borrowable field is an egress Virtual Local Area Network (VLAN) field in next hop information and/or an egress port field in next hop information.
3. The method of claim 1, wherein the next hop ID allocated for next hop information is sequentially encoded starting from 0.
4. The method of claim 1, wherein synchronizing the correspondence between the next hop information and the next hop ID to the interface board and the service processing unit is: synchronizing the corresponding relation between the next hop information and the next hop ID to all single boards in the equipment; or, the corresponding relation of the next hop information of the policy route is issued to the interface board issued by the policy route, and the corresponding relation is issued to the corresponding service processing unit.
5. The method according to any one of claims 1 to 4, wherein said assigning the next hop ID to the next hop information of the policy route is: allocating a next hop ID to the next hop device IP address corresponding to the next hop information;
the synchronizing the corresponding relationship between the next hop information and the next hop ID to the interface board and the service processing unit is: synchronizing the corresponding relation between the IP address of the next hop equipment and the next hop ID to the interface board and the service processing unit;
the content of the borrowable field in the next hop information is replaced by a preset policy routing flag and the next hop ID corresponding to the next hop information is: extracting a corresponding next hop ID from the corresponding relation according to the next hop equipment IP address corresponding to the next hop information, and replacing the content of the borrowable field in the next hop information with a preset strategy routing mark and the extracted next hop ID;
searching corresponding next hop information in the corresponding relation synchronized to the flow according to the next hop ID carried by the flow, and forwarding according to the searched next hop information comprises the following steps: and searching the corresponding next hop IP in the corresponding relation synchronized to the next hop IP according to the next hop ID carried by the flow, inquiring a forwarding table in the service processing unit according to the searched next hop IP, and performing forwarding processing.
6. A forwarding device supporting policy routing, the device comprising: at least one service processing unit and at least one interface board realized by ASIC hardware; the device is characterized by also comprising a policy routing configuration unit and a table item modification unit;
the policy routing configuration unit is configured to allocate a next hop ID to next hop information of the policy routing, and synchronize a correspondence between the next hop information and the next hop ID to the interface board and the service processing unit;
the table item modifying unit is used for modifying the next hop information corresponding to the policy route in the forwarding table of the interface board aiming at the policy route matched with the flow needing service processing; the modification is as follows: modifying the content of a target chip field in the next hop information into a corresponding service processing unit identifier, and replacing the content of a borrowable field in the next hop information into a preset strategy routing mark and a next hop ID corresponding to the next hop information according to the corresponding relation of synchronization to an interface board; the conditions satisfied by the borrowable field are: the content before the replacement of the borrowable field is not the information needed by the service processing unit for service processing and forwarding;
the interface board is used for forwarding the flow to the corresponding service processing unit according to the modified next hop information corresponding to the hit policy route when the flow to be forwarded hits the policy route, and the forwarded flow carries a policy route mark and a next hop ID;
and the service processing unit is used for searching corresponding next hop information in the corresponding relation synchronized to the service processing unit according to the next hop ID carried by the traffic and forwarding the searched next hop information according to the searched next hop information aiming at the traffic carrying the strategy routing mark after the received traffic is subjected to service processing.
7. The apparatus of claim 6, wherein the borrowable field used by the entry modification unit is an egress VLAN field in next hop information and/or an egress port field in next hop information.
8. The apparatus of claim 6, wherein the next hop ID allocated by the policy routing configuration unit for next hop information is encoded sequentially starting from 0.
9. The apparatus according to claim 6, wherein the policy routing configuration unit synchronizes a correspondence between next hop information and next hop ID to all boards in the apparatus during synchronization; or, the corresponding relation of the next hop information of the policy route is issued to the interface board issued by the policy route, and the corresponding relation is issued to the corresponding service processing unit.
10. The apparatus according to any one of claims 6 to 9, wherein when the policy routing configuration unit allocates a next hop ID for the next hop information, the policy routing configuration unit allocates a next hop ID for a next hop device IP address corresponding to the next hop information, and synchronizes a correspondence between the next hop device IP address and the next hop ID to the interface board and the service processing unit;
when modifying the borrowable field, the table item modifying unit extracts the corresponding next hop ID from the corresponding relation of the synchronization to the interface board according to the next hop equipment IP address corresponding to the next hop information, and replaces the content of the borrowable field in the next hop information by the preset strategy routing mark and the extracted next hop ID;
when the service processing unit forwards the flow carrying the policy routing mark, the corresponding next hop IP is searched in the corresponding relation synchronized to the service processing unit according to the next hop ID carried by the flow, and the forwarding table in the service processing unit is inquired according to the searched next hop IP, and the forwarding processing is carried out.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009100827403A CN101540724B (en) | 2009-04-28 | 2009-04-28 | Retransmitting method of supporting policy routing and device thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009100827403A CN101540724B (en) | 2009-04-28 | 2009-04-28 | Retransmitting method of supporting policy routing and device thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101540724A true CN101540724A (en) | 2009-09-23 |
CN101540724B CN101540724B (en) | 2011-04-20 |
Family
ID=41123720
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2009100827403A Expired - Fee Related CN101540724B (en) | 2009-04-28 | 2009-04-28 | Retransmitting method of supporting policy routing and device thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101540724B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106533882A (en) * | 2016-11-18 | 2017-03-22 | 杭州迪普科技股份有限公司 | Message processing method and device |
CN115150317A (en) * | 2022-06-22 | 2022-10-04 | 杭州迪普科技股份有限公司 | Routing table item issuing method and device, electronic equipment and computer readable medium |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100359885C (en) * | 2002-06-24 | 2008-01-02 | 武汉烽火网络有限责任公司 | Method for forwarding data by strategic stream mode and data forwarding equipment |
CN100561978C (en) * | 2006-04-26 | 2009-11-18 | 华为技术有限公司 | A kind of strategy route device and method |
CN101005500A (en) * | 2006-12-31 | 2007-07-25 | 中国科学院计算技术研究所 | Method for verifying houndary gateway protocol route strategy based on autonomous system recation |
-
2009
- 2009-04-28 CN CN2009100827403A patent/CN101540724B/en not_active Expired - Fee Related
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106533882A (en) * | 2016-11-18 | 2017-03-22 | 杭州迪普科技股份有限公司 | Message processing method and device |
CN106533882B (en) * | 2016-11-18 | 2019-12-06 | 杭州迪普科技股份有限公司 | Message processing method and device |
CN115150317A (en) * | 2022-06-22 | 2022-10-04 | 杭州迪普科技股份有限公司 | Routing table item issuing method and device, electronic equipment and computer readable medium |
CN115150317B (en) * | 2022-06-22 | 2023-09-12 | 杭州迪普科技股份有限公司 | Routing table entry issuing method and device, electronic equipment and computer readable medium |
Also Published As
Publication number | Publication date |
---|---|
CN101540724B (en) | 2011-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108574639B (en) | EVPN message processing method, device and system | |
US20090063706A1 (en) | Combined Layer 2 Virtual MAC Address with Layer 3 IP Address Routing | |
US11381543B2 (en) | Mitigating network/hardware address explosion in network devices | |
CN107113241B (en) | Route determining method, network configuration method and related device | |
US10461958B2 (en) | Packet transmission method and apparatus | |
CN106878199B (en) | Configuration method and device of access information | |
US7936668B2 (en) | Methods and apparatus for distributing label information | |
CN112787921A (en) | Message transmission method, proxy node and storage medium | |
JP4789425B2 (en) | Route table synchronization method, network device, and route table synchronization program | |
CN104734955A (en) | Network function virtualization implementation method, wide-band network gateway and control device | |
WO2022166465A1 (en) | Message processing method and related apparatus | |
US12015548B2 (en) | Method and device for identification management and optimized forwarding in large-scale polymorphic network | |
JP2010124129A (en) | Virtual computer transmission method, system, management device, and program | |
CN101635681B (en) | Service processing method and network equipment | |
WO2022007702A1 (en) | Message processing method and network device | |
CN101540724B (en) | Retransmitting method of supporting policy routing and device thereof | |
CN102394828A (en) | Message transmission method and device during cross-VPN (virtual private network) visit | |
US20170214603A1 (en) | Domain control method and domain control device | |
CN114338518B (en) | Route processing method and network equipment | |
CN104168186B (en) | A kind of message forwarding method and system based on bridge | |
JP2023542677A (en) | Route identification allocation methods, systems, and apparatus, devices, and storage media | |
CN115208857A (en) | Address allocation method, device and equipment | |
CN114531360A (en) | Semantic name acquisition method, device, equipment and storage medium | |
CN114697220B (en) | Message processing method and related device | |
US12126531B2 (en) | Route processing method and network device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
CP03 | Change of name, title or address | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110420 Termination date: 20200428 |
|
CF01 | Termination of patent right due to non-payment of annual fee |