CN102355511A - MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same - Google Patents

MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same Download PDF

Info

Publication number
CN102355511A
CN102355511A CN2011103384936A CN201110338493A CN102355511A CN 102355511 A CN102355511 A CN 102355511A CN 2011103384936 A CN2011103384936 A CN 2011103384936A CN 201110338493 A CN201110338493 A CN 201110338493A CN 102355511 A CN102355511 A CN 102355511A
Authority
CN
China
Prior art keywords
mac address
communication pattern
address table
opened
selected communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011103384936A
Other languages
Chinese (zh)
Other versions
CN102355511B (en
Inventor
肖宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruijie Networks Co Ltd
Original Assignee
Fujian Star Net Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Star Net Communication Co Ltd filed Critical Fujian Star Net Communication Co Ltd
Priority to CN201110338493.6A priority Critical patent/CN102355511B/en
Publication of CN102355511A publication Critical patent/CN102355511A/en
Application granted granted Critical
Publication of CN102355511B publication Critical patent/CN102355511B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Small-Scale Networks (AREA)

Abstract

The invention discloses an MAC (Media Access Control) address table access control method, as well as an apparatus and a network device for the same. The method comprises the following steps of: refusing to execute the operation of adding the MAC address of a configured communication protocol to an MAC address table while configuring the communication protocol which is opened already on a device port and has a selected communication mode, and running the communication protocol; and when some messages reach the port, receiving the messages while judging that the messages are opened already and have a selected communication mode. With the method, space in the MAC address table is saved, and the problem of smaller capacity of the MAC address table is solved; and memory occupation ratio is reduced, speed and efficiency of message forwarding are improved and performance of the device is improved.

Description

Mac address table access control method, device and the network equipment
Technical field
The present invention relates to network communications technology field, refer to a kind of mac address table access control method, device and the network equipment especially.
Background technology
Existing network communication mode has three kinds: clean culture, broadcasting, multicast.Why routing device can directly send message to the node that receives message; Rather than with broadcast mode all nodes are sent message as hub; Reason is the routing device media interviews control that can discern all nodes that are connected on the network (Media Access Control, MAC) address, and be stored in them in the mac address table; This MAC Address is identification local area network (LAN) (Local Area Network, LAN) sign of node.Mac address table is deposited in the buffer memory of routing device, and in the time need sending message to the node of target MAC (Media Access Control) address, routing device is just searched the node location of this target MAC (Media Access Control) address in mac address table, directly send message to the node that finds then.
Address filtering is the method for message on the screen that generally uses of Ethernet; The message that various target MAC (Media Access Control) address are arranged on the Ethernet, wherein some is the message that receive, some then is the message that should not receive; Be operated in routing device on the Ethernet through the mac address table of oneself is set; Come the message on the network is filtered, select the message that oneself should receive, avoid that unnecessary message is received the processing that increases the weight of system and bear.
So-called mac address table capacity is meant the quantity of the MAC Address that the mac address table of routing device can be stored at most, and the quantity of the MAC Address that can store is many more, and the quantity of the agreement that can move on the routing device is just many more, and the function that can realize is also just many more.But the mac address table capacity of some routing devices is less in practical application, the MAC Address that can store just seldom, the function that routing device can be realized is very limited.
At present, generally adopt the software mac address table to solve hardware mac address table capacity problem of smaller, the configuration of software mac address table and the method for address filtering have following two kinds:
A kind of is accurate address table mode; All allow the target MAC (Media Access Control) address of the message of reception to this mode with depositing the Ethernet routing device in the mac address table, and each arrives the message of Ethernet routing device and at first in the hardware mac address table, inquires about, when not having the MAC Address of inquiry in the hardware mac address table; In the software mac address table, inquire about again; If find the MAC Address of coupling, then receive this message, otherwise just reject this message.
Another kind is a Hash address table mode, does not directly deposit the target MAC (Media Access Control) address of the message that allows reception in the mac address table of this mode, but deposits the table of one 512 bit.The Ethernet routing device allows the target MAC (Media Access Control) address of the message of reception; Through one 32 CRCs (Cyclic Redundancy Check; CRC) calculate, obtain one 0 to 511 numerical value in the scope, remove the index mac address table with this numerical value; The bit that can represent the message that permission receives is set to 1, and the bit of the message of expression rejection is set to 0.This mode is with accurately the address table mode is the same; Each arrives the message of Ethernet routing device and at first in the hardware mac address table, inquires about, and when not having the MAC Address of inquiry in the hardware mac address table, calculates CRC and obtains a numerical value; Go to inquire about in the Hash address table with this numerical value again; If find the numerical value of coupling, then receive this message, otherwise just reject this message.
Inquiry is during MAC Address in above-mentioned two kinds of software mac address tables, all needs to filter one by one for the MAC Address of each arrival, takies very big internal memory, and the speed and the efficient of message forwarding are lower, influence the performance of equipment.
Therefore, in the prior art, adopt the software mac address table to carry out address filtering when overcoming hardware mac address table capacity smaller defect, the speed and the efficient that have caused message to be transmitted are lower, and then influence equipment performance.
Summary of the invention
The embodiment of the invention provides a kind of mac address table access control method and device; In order to solve the hardware mac address table capacity problem of smaller that exists in the prior art; And the speed and the efficient that exist message to transmit when adopting the software mac address table to carry out address filtering are lower, and then influence the problem of equipment performance.
A kind of mac address table access control method comprises:
On the configuration device port during communication protocol of opened selected communication pattern, the operation of the media interviews control MAC Address of not carrying out the said communication protocol of adding configuration in the mac address table, and move said communication protocol;
When message arrives said device port, when judging said message and be the message of opened selected communication pattern, receive said message.
A kind of mac address table access control apparatus comprises:
The address configuration unit, when being used for the communication protocol of selected communication pattern opened on the configuration device port, the operation of the media interviews control MAC Address of not carrying out the said communication protocol of adding configuration in the mac address table, and move said communication protocol;
The access process unit is used for when message arrives said device port, when judging said message and whether be the message of opened selected communication pattern, receives said message.
A kind of network equipment comprises above-mentioned mac address table access control apparatus.
Beneficial effect of the present invention is following:
A kind of mac address table access control method and device that the embodiment of the invention provides; During the communication protocol of this method opened selected communication pattern on the configuration device port; The operation of the media interviews control MAC Address of not carrying out the said communication protocol of adding configuration in the mac address table, and move said communication protocol; When message arrives said port, when judging said message and be the message of opened selected communication pattern, receive said message.This scheme is after device port is opened selected communication pattern; On the configuration device port during communication protocol of opened selected communication pattern; Need not carry out the operation of the MAC Address of the communication protocol of in mac address table, adding configuration; Because the MAC Address of opened selected communication pattern need not add in the mac address table, has just saved the space in the MAC face of land, has also just solved mac address table capacity problem of smaller; And, because device port opened selected communication pattern, when the message that arrives is the message of opened selected communication pattern; Receive and get final product; Need not to inquire about in the mac address table MAC Address,, need not arrive and inquire about MAC Address in the mac address table owing to directly receive the message of opened selected communication pattern; The mode of the MAC Address that carries with respect to the message that need in mac address table, inquire about each arrival in the prior art; Reduce the internal memory occupation rate, also just improved speed and efficient that message is transmitted, improved the performance of equipment.
Description of drawings
Fig. 1 is the flow chart of the mac address table access control method in the embodiment of the invention;
Fig. 2 is the method flow diagram that the judgement in the embodiment of the invention starts speed-limiting switch;
Fig. 3 is the method flow diagram of the deletion MAC Address in the embodiment of the invention;
Fig. 4 closes the method flow diagram of speed-limiting switch for the judgement in the embodiment of the invention;
Fig. 5 is the structural representation of the mac address table access control apparatus in the embodiment of the invention;
Fig. 6 is the flow chart of the mac address table access control method in the embodiment of the invention one;
Fig. 7 is the flow chart of the mac address table access control method in the embodiment of the invention two.
Embodiment
To the hardware mac address table capacity problem of smaller that exists in the prior art; And the speed and the efficient that exist message to transmit when adopting the software mac address table to carry out address filtering are lower; And then influence the problem of equipment performance; A kind of mac address table access control method that the embodiment of the invention provides, as shown in Figure 1, specifically comprise the steps:
Step S11: on the configuration device port during communication protocol of opened selected communication pattern; The operation of the MAC Address of not carrying out the communication protocol of adding configuration in the mac address table; And the operational communications agreement wherein, and the MAC Address of the communication protocol of configuration is the MAC Address of selected communication pattern.
The communication pattern of device port such as switch, routing device has isotypes such as broadcasting, multicast, clean culture; Therefore, can select one or more communication patterns in the device port according to actual needs, when device port is opened selected communication pattern; The message of this communication pattern can have been received; For example, when broadcasting of opening the routing device port and multicast, just broadcasting packet and multicast message can have been received.
Because broadcasting, multicast, clean culture or the like plurality of communication schemes is arranged; Radio Broadcasting Agreements, multicast protocol, unicast protocol or the like various communications protocols is arranged so accordingly; And each communication protocol comprises a plurality of communication protocols; For example multicast protocol has routing information protocol (Routing Information Protocol; RIP), ospf (Open Shortest Path First, OSPF) agreement, Virtual Router Redundancy Protocol (Virtual Router Redundancy Protocol, VRRP) or the like communication protocol.On equipment such as routing device, can dispose various communications protocols simultaneously, for example dispose multicast protocol and Radio Broadcasting Agreements simultaneously, can dispose a plurality of multicast protocols simultaneously again, for example dispose RIP and VRRP simultaneously.Accordingly, the communication protocol that disposes on can sweep equipment.
Each communication protocol all has the MAC Address of its use, and for example the operable MAC Address of ospf protocol is 0100.5E00.0005.The selected communication pattern of supposing device port is a multicast, and the multicast of device port is opened, when the configuration ospf protocol, need 0100.5E00.0005 be increased in the mac address table in the prior art.In the present embodiment, because the ospf protocol of configuration is a multicast protocol, the 0100.5E00.0005 that therefore need not add ospf protocol is in mac address table.
During the communication protocol of the communication pattern of on the configuration device port, not opening, the MAC Address of communication protocol that needs to add the communication pattern of not opening on the device port of configuration is in mac address table.
Step S12: when message arrives device port, judge that whether message is the message of opened selected communication pattern, if, execution in step S14; Otherwise, execution in step S13.
After the communication protocol operation of configuration, when message arrived device port, device port need judge that at first whether the message of arrival is the message of opened selected communication pattern, the result of judgement not simultaneously, follow-up step is also different.
Step S13: judge the MAC Address that carries in this message whether with mac address table in MAC Address be complementary, if, execution in step S14; Otherwise, execution in step S15.
For the message that is judged as the selected communication pattern that is not opened, also need further judge the MAC Address that carries in the message whether with mac address table in MAC Address be complementary, when judged result not simultaneously, follow-up step is also inequality.
When MAC Address that message carries can with mac address table in store the MAC Address coupling time, message can be received; Otherwise message is rejected.
Step S14: receive this message.
For being judged as is the message of opened selected communication pattern and MAC Address that message carries and the MAC Address in the mac address table when being complementary, and this message is received.
Step S15: this message of rejection.
When message is not the message of opened selected communication pattern, and the MAC Address that carries and the MAC Address in the mac address table be not when matching, and this message is rejected.
Concrete; On the configuration device port among the above-mentioned steps S11 during communication protocol of opened selected communication pattern; The operation of the MAC Address of not carrying out the communication protocol of adding configuration in the mac address table; Specifically comprise: during configuration protocol, whether whether the communication protocol of judging configuration be the communication protocol of selected communication pattern and judge should selected communication pattern opened on device port; When the communication protocol of configuration be selected communication pattern communication protocol and should selected communication pattern on device port when opened, the operation of the MAC Address of not carrying out the communication protocol of adding configuration in the mac address table.
Concrete, as shown in Figure 2 after the operational communications agreement among the above-mentioned steps S11, also comprise the steps:
Step S21: after the communication protocol of the opened selected communication pattern that operation is disposed, the count value of the communication protocol operation number of the selected communication pattern that record is opened adds 1.
Step S22: judge that this count value adds the speed-limiting switch startup value that whether reaches setting after 1, if, execution in step S23; Otherwise, execution in step S24.
Because the communication protocol that has requires the selected communication pattern of device port to be in the state of opening when operation; The communication protocol that has does not require that the selected communication pattern of device port is in the state of opening when operation; A kind of more excellent mode is the operation number that the count value record possesses the communication protocol of following two conditions: the first, and the communication protocol of opened selected communication pattern; The second, this communication protocol requires the selected communication pattern of device port to be in the state of opening.The count value of operation number that possesses the communication protocol of above-mentioned two conditions according to record adds the speed-limiting switch startup value that whether reaches setting after 1, determines whether opening speed-limiting switch.
Step S23: the speed that starts the data message of the opened selected communication pattern of speed-limiting switch restriction reception is not more than the message inbound pacing of setting.
Message comprises protocol massages and data message; Protocol massages quantity is generally fewer; And the communication protocol that has can not normally not moved when receiving protocol massages, does not therefore limit the inbound pacing of protocol massages, only limits the inbound pacing of common data message.
Can limit the speed of receiving data packets at device port; Also can receive all data messages by device port; All data messages that device storage receives, the speed of restriction receiving data packets when these data messages being sent to the unit of handling these messages in the equipment.
Step S24: the speed that does not limit the message that receives opened selected communication pattern.
In the present embodiment, if the selected communication pattern of device port is a multicast, when device port is opened multicast; All multicast messages all can be received in the network of equipment place so; When a large amount of multicast messages is received, can causes CPU usage too high, even can cause the equipment paralysis.Too high for fear of CPU usage, can speed limit receiving group message.The message that can certainly speed limit receives unicast message or the like other communication patterns.When speed limit receives the message of a certain communication pattern, can speed limit not receive in the present embodiment, for example, in speed limit receiving group message, can speed limit not receive unicast message for the message of other communication patterns.Certainly optional, speed limit receives the message of plurality of communication schemes simultaneously, for example, and while speed limit receiving group message and unicast message.Here only be to describe the instance that is not limited only to enumerate for example.
On equipment, can move a plurality of communication protocols simultaneously with a kind of communication pattern; Count value can be set write down operation number with a kind of communication protocol of communication pattern; The operation number of count value record cast communication agreement for example is set; When a cast communication agreement operation was arranged, count value just added 1.Set speed-limiting switch startup value; When after this count value adds 1, reaching speed-limiting switch startup value; The message that arrives comprises two kinds; A kind of is data message, and a kind of is that agreement is moved needed protocol massages, when the count value of the communication protocol operation number that writes down opened selected communication pattern adds the speed-limiting switch startup value that reaches setting after 1; The speed that starts the data message of the opened selected communication pattern of speed-limiting switch restriction reception is not more than the message inbound pacing of setting, does not limit the speed of the protocol massages that receives opened selected communication pattern.Speed-limiting switch startup value can be made as 1 or other numerical value, that is to say, can after first cast communication agreement of operation, start speed-limiting switch, starts speed-limiting switch in the time of also can reaching speed-limiting switch startup value in the operation number of cast communication agreement.Can set the message inbound pacing; After speed-limiting switch starts, receive message with the speed of the message inbound pacing that is not more than setting, so just can avoid when the message of a large amount of same a kind of communication patterns is received; Make CPU usage too high, even can cause the problem of equipment paralysis.
Specify the grouping operating position of shining upon the IP address that obtains by the MAC Address of multicast message below.
The target MAC (Media Access Control) address of multicast message is mapped as Class D IP address, and scope is from 224.0.0.0 to 239.255.255.255.D class address can not appear at the source IP address field of multicast message.In the unicast message transmission course, transmission path is to be routed to destination address from source address, utilizes " hop-by-hop " principle (hop-by-hop) in IP network, to transmit.Yet when carrying out multicast, the destination address of message is not one, but one group, form group address.All message receiving nodes all join in the group, and in case after adding, the message that flows to group address begins to the receiving node transmission immediately, all the node members in the group can both receive message.Member in the multicast group is dynamic, and node can add or leave multicast group at any time.
Multicast group can be permanent also can be interim.In the multicast group address, some is distributed by official, is called permanent multicast group.The IP address of permanent multicast group changes never, but the member of permanent multicast group can change, and quantity also can be arbitrarily.The IP multicast address that impermanent multicast group is used can use for interim multicast group.Wherein: 224.0.0.0~224.0.0.255 is permanent multicast group address, and distribution is not done in the 224.0.0.0 reservation, and other address supplies Routing Protocol to use; 224.0.1.0~224.0.1.255 is a public multicast address, can be used for the Internet; 224.0.2.0~238.255.255.255 is interim group address, and is effective in the network-wide basis; 239.0.0.0~239.255.255.255 is the local management multicast address, and is only effective in specific local scope.It is thus clear that 224.0.0.1~224.0.0.255 uses as Routing Protocol, do not do speed limit when in this scheme, receiving this quasi-protocol message, other multicast group messages are all done speed limit.So both can guarantee Routing Protocol operation, and can avoid occurring the too high situation of CPU usage simultaneously again and occur.
More than introduced the detailed process of mac address table access control method when configuration protocol, the detailed process of mac address table access control side when following mask body is presented in the deleting communication agreement.
More excellent, the mac address table access control method in the present embodiment, as shown in Figure 3, also comprise the steps:
Step S31: communication protocol that need to confirm deletion.
Step S32: whether the communication protocol that judgement will be deleted is the communication protocol of opened selected communication pattern, if, execution in step S33; Otherwise, execution in step S34.
When the deleting communication agreement, can judge that whether the communication protocol that will delete be the communication protocol of opened selected communication pattern, when judged result not simultaneously, follow-up step is also different.
Step S33: do not carry out the operation of the MAC Address in the deletion mac address table, execution in step S35.
When judged result is the communication protocol of opened selected communication pattern for the communication protocol that will delete, need not delete the MAC Address in the mac address table.Because the communication protocol that will delete is the communication protocol of opened selected communication pattern; So when this communication protocol of configuration; The operation of the MAC Address that just need not carry out the selected communication pattern that add to use this communication protocol in the mac address table; Therefore when the deleting communication agreement, need not delete the MAC Address in the mac address table.
Step S34: the MAC Address of the communication protocol that will delete in the deletion mac address table, execution in step S35.
When judged result is not the communication protocol of opened selected communication pattern for the communication protocol that will delete, delete directly that the MAC Address of this communication protocol gets final product in the mac address table.Because the communication protocol that will delete is not the communication protocol of opened selected communication pattern; So when this communication protocol of configuration; Add this MAC Address in mac address table, therefore when the deleting communication agreement, just needed this MAC Address in the deletion mac address table.
Step S35: this communication protocol of deletion after the communication protocol that will delete out of service.
No matter whether need delete the MAC Address in the mac address table, finally all be to want the communication protocol that will delete out of service, deletes this communication protocol then.
After the deleting communication agreement, can also monitor the communication protocol operation number of opened selected communication pattern, determine whether to close speed-limiting switch.
More excellent, as shown in Figure 4 after this communication protocol of the deletion among the above-mentioned steps S35, also comprise the steps:
Step S41: after the communication protocol of the opened selected communication pattern that deletion is disposed, the count value of the communication protocol operation number of the selected communication pattern that record is opened subtracts 1.
Step S42: judge that this count value subtracts the speed-limiting switch close value that whether reaches setting after 1, if, execution in step S43; Otherwise, execution in step S44.
Step S43: close the restriction of speed-limiting switch cancellation for the speed of the data message that receives opened selected communication pattern.
Step S44: the speed of the message of the selected communication pattern that the maintenance reception is opened is not more than the message inbound pacing of setting.
The communication protocol of an opened selected communication pattern of every deletion, the count value of the communication protocol operation number of this communication pattern of record will subtract 1 on equipment.After setting the speed-limiting switch close value, when after this count value subtracts 1, reaching the speed-limiting switch close value, just close the restriction of speed-limiting switch cancellation for the speed of the message that receives opened selected communication pattern.The speed-limiting switch close value can be made as 0 or other numerical value; That is to say; Can when closing the communication protocol of last this communication pattern, close speed-limiting switch; Also can after the communication protocol of the opened selected communication pattern of deletion, when reaching the speed-limiting switch close value, this count value close speed-limiting switch.
A kind of more excellent mode, this count value can write down the operation number of the communication protocol that possesses following two conditions: the first, and the communication protocol of opened selected communication pattern; The second, this communication protocol requires the selected communication pattern of device port to be in the state of opening.The count value of operation number that possesses the communication protocol of above-mentioned two conditions according to record adds the speed-limiting switch close value that whether reaches setting after 1, determines whether closing speed-limiting switch.
More excellent, mac address table comprises software mac address table and hardware mac address table.
After the MAC Address of the communication protocol that will delete in the deletion mac address table among the above-mentioned steps S34; Also comprise: when the MAC Address quantity in the software mac address table is not more than hardware mac address table capacity, whether opened selected communication pattern is arranged on the judgment device port; When device port has opened selected communication pattern, the selected communication pattern that the closing device port is opened.
Mac address table can comprise software mac address table and hardware mac address table, when needs add MAC Address, at first adds in the software mac address table, adds in the hardware mac address table again; Accordingly, when needs deletion MAC Address, at first delete the MAC Address in the software mac address table, delete the MAC Address in the hardware mac address table again.Behind the MAC Address in deletion software mac address table; When the MAC Address quantity in the software mac address table is not more than hardware mac address table capacity; When that is to say the space that hardware MAC table in addition can store M AC address, whether opened selected communication pattern is arranged on the judgment device port; When device port had opened selected communication pattern, the selected communication pattern that the closing device port is opened that is to say that the flow process that adopts prior art adds or delete MAC Address.
More excellent; After definite device port has the selected communication pattern of having opened; Before the opened selected communication pattern of closing device port, also comprise: whether the communication protocol of judging the opened selected communication pattern of operation requires the selected communication pattern of device port to be in the state of opening; When the communication protocol of the opened selected communication pattern that moves does not require that all the selected communication pattern of device port is in the state of opening, the selected communication pattern that the closing device port is opened.
When device port has the communication protocol of the opened selected communication pattern of opened selected communication pattern and operation not require that all the selected communication pattern of device port is in the state of opening; Close opened selected communication pattern again, can guarantee like this to be under the open mode and could the normal communication protocol of moving normally to move at the selected communication pattern of device port.
The above is the idiographic flow of deleting communication agreement.Introduce a preferred scheme below, the MAC Address quantity in the hardware mac address table does not reach before the capacity of hardware mac address table, according to the MAC Address in prior art interpolation or the deletion hardware mac address table; When the MAC Address quantity in the hardware mac address table reaches the hardware mac address capacity, select the communication pattern of device port again, and open the selected communication pattern of device port.
More excellent; On the configuration device port before the above-mentioned steps S11 before the communication protocol of opened selected communication pattern; Also comprise:, judge whether to have opened selected communication pattern when the MAC Address quantity in the software mac address table during greater than hardware mac address table capacity; If, the MAC Address of opened selected communication pattern in the deletion hardware mac address table; Otherwise, after opening selected communication pattern on the device port, the MAC Address of opened selected communication pattern in the deletion hardware mac address table.
Mac address table can comprise software mac address table and hardware mac address table, when needs add MAC Address, at first adds in the software mac address table; In adding the hardware mac address table to; Because the capacity of hardware mac address table is limited, the number that is to say the MAC Address that the hardware mac address table can be stored is limited, so; When the MAC Address quantity in the hardware mac address table is enough, perhaps delete MAC Address according to the flow process interpolation of prior art; When the MAC Address quantity in the software mac address table during, that is to say whether the judgment device port had opened selected communication pattern when the hardware mac address table can not be stored all MAC Address in all software mac address tables greater than hardware mac address table capacity; If, the MAC Address of opened selected communication pattern in the deletion hardware mac address table; Otherwise, after opening selected communication pattern on the device port, delete the MAC Address of selected communication pattern opened in the hardware mac address table, thereby discharge the space of hardware mac address table, store the MAC Address of the communication pattern of not opening.
More excellent, above-mentionedly determine MAC Address quantity in the software mac address table greater than after the hardware mac address table capacity, judge whether to have opened before the selected communication pattern, also comprise: the quantity of the MAC Address of each communication pattern in the statistics hardware mac address table; The communication pattern that MAC Address quantity is maximum is set to selected communication pattern.
The method of selected communication pattern can have a variety of, has just enumerated the maximum communication pattern of MAC Address quantity here and has been set to selected communication pattern and a kind of method.Certainly, also can be set to selected communication pattern by the minimum communication pattern of MAC Address, specifically can set as required rule is set, set some or several communication patterns and be selected communication pattern.
This method is after device port is opened selected communication pattern; On the configuration device port during communication protocol of opened selected communication pattern; Need not in mac address table, to add MAC Address; Only add the MAC Address of the communication pattern of not opening in the mac address table, this has just solved mac address table capacity problem of smaller in the prior art; And, because device port has been opened selected communication pattern, when selected communication pattern message arrives; Receive and get final product; Need not in mac address table, to inquire about MAC Address again, the mode with respect to the MAC Address that carries in the message that need arrive each arrival of inquiry in the mac address table in the prior art has reduced the internal memory occupation rate; Also just improve speed and efficient that message is transmitted, improved the performance of equipment.
Based on same inventive concept, the embodiment of the invention also provides a kind of mac address table access control apparatus, and this mac address table access control apparatus can be arranged in the network equipment, and its structure is as shown in Figure 5, comprising:
Address configuration unit 10, when being used for the communication protocol of selected communication pattern opened on the configuration device port, the operation of the MAC Address of not carrying out the communication protocol of adding configuration in the mac address table, and the communication protocol of operation configuration.
Access process unit 20 is used for when message arrives device port, when judging this message and whether be the message of opened selected communication pattern, receives this message.
More excellent, above-mentioned address configuration unit 10, during the communication protocol of the communication pattern that is used for not opening on the configuration device port, the MAC Address of communication protocol that adds configuration is in mac address table.
Above-mentioned access process unit 20 also is used for when the message of judging arrival is not the message of opened selected communication pattern, when MAC Address of confirming to carry in this message and the MAC Address in the mac address table are complementary, receives this message.
Concrete, above-mentioned address configuration unit 10 specifically is used for: during configuration protocol, whether whether the communication protocol of judging configuration be the communication protocol of selected communication pattern and judge should selected communication pattern opened on device port; When the communication protocol of configuration be selected communication pattern communication protocol and should selected communication pattern on device port when opened, the operation of the MAC Address of not carrying out the said communication protocol of adding configuration in the mac address table.
More excellent, above-mentioned address configuration unit 10 also is used for: after the operational communications agreement, the count value of the communication protocol operation number of the selected communication pattern that record is opened adds 1; When said count value added the speed-limiting switch startup value that reaches setting after 1, the speed of the data message of the selected communication pattern that the 20 startup speed-limiting switch restriction receptions of notice access process unit are opened was not more than the message inbound pacing of setting.
More excellent, above-mentioned address configuration unit 10, when also being used for the deleting communication agreement, whether the communication protocol that judgement will be deleted is the communication protocol of opened selected communication pattern; If do not carry out the operation of the MAC Address in the deletion mac address table; Otherwise, the MAC Address of the communication protocol that will delete in the deletion mac address table; This communication protocol of deletion after the communication protocol that will delete out of service.
More excellent, above-mentioned address configuration unit 10 also is used for: delete after this communication protocol, the count value of the communication protocol operation number of the selected communication pattern that record is opened subtracts 1; When this count value subtracted the speed-limiting switch close value that reaches setting after 1, the restriction of speed-limiting switch cancellation for the speed of the data message that receives opened selected communication pattern closed in notice access process unit 20.
More excellent, above-mentioned mac address table comprises software mac address table and hardware mac address table.
Above-mentioned address configuration unit 10; Also be used for deleting after the communication protocol MAC Address that mac address table will delete; When the MAC Address quantity in the software mac address table is not more than hardware mac address table capacity, whether opened selected communication pattern is arranged on the judgment device port; When device port has opened selected communication pattern, the selected communication pattern that the closing device port is opened.
More excellent; Above-mentioned address configuration unit 10; Also be used for after definite device port has the selected communication pattern of having opened; Before the opened selected communication pattern of closing device port, judge whether the communication protocol of the opened selected communication pattern of operation requires the selected communication pattern of device port to be in the state of opening; When the communication protocol of the opened selected communication pattern that moves does not require that all the selected communication pattern of device port is in the state of opening, the selected communication pattern that the closing device port is opened.
More excellent; Above-mentioned address configuration unit 10; Also be used for before the communication protocol of selected communication pattern opened on the configuration device port,, judge whether to have opened selected communication pattern when the MAC Address quantity in the software mac address table during greater than hardware mac address table capacity; If, the MAC Address of opened selected communication pattern in the deletion hardware mac address table; Otherwise, after opening selected communication pattern on the device port, the MAC Address of opened selected communication pattern in the deletion hardware mac address table.
More excellent; Above-mentioned address configuration unit 10; Also be used for: the MAC Address quantity of determining the software mac address table judges whether to have opened before the selected communication pattern greater than after the hardware mac address table capacity, the quantity of each communication pattern MAC Address in the statistics hardware mac address table; The communication pattern that MAC Address quantity is maximum is as selected communication pattern.
Specify the overall flow of mac address table access control method below with two concrete embodiment:
Embodiment one
Present embodiment is the idiographic flow that example is explained the mac address table access control method with the configuration protocol, and concrete steps are as shown in Figure 6:
Step S501: the MAC Address quantity in the monitoring software mac address table.
Step S502: whether judge MAC Address quantity in the software mac address table greater than hardware mac address table capacity, if, execution in step S503; Otherwise, execution in step S501.
Step S503: the quantity of the MAC Address of each communication pattern in the statistical software mac address table; The communication pattern that MAC Address quantity is maximum is set to selected communication pattern.
When the maximum communication pattern of MAC Address quantity was one, selected communication pattern was one; When the maximum communication pattern of MAC Address quantity was two, selected communication pattern was two.Also can select the communication pattern of maximum communication pattern of MAC Address quantity and MAC Address quantity more than second, with these two communication patterns as selected communication pattern.
Step S501-step S503 is the MAC Address quantity through each communication pattern in the monitoring software mac address table; The maximum communication pattern of MAC Address quantity is set is selected communication pattern; Here only be to have enumerated a method that selected communication pattern is set; The communication pattern that the MAC Address minimum number can certainly be set is selected communication pattern, one or several communication patterns perhaps is set according to actual needs is selected communication pattern.
Step S504: judge whether to have opened selected communication pattern, if, execution in step S506; Otherwise, execution in step S505.
Step S505: on device port, open selected communication pattern, execution in step S506.
Here only set when the quantity of software mac address table MAC Address surpasses the hardware mac address capacity; Just can select communication pattern; And open selected communication pattern, can certainly open one or more selected communication patterns according to actual needs at any time.
Step S506: the MAC Address of opened selected communication pattern in the deletion hardware mac address table.
Step S504-step S506 judges to selected communication pattern whether selected communication pattern is opened, if open, and the MAC Address of opened selected communication pattern in the deletion hardware mac address table; If do not open; After opening the selected communication pattern of device port; The MAC Address of opened selected communication pattern in the deletion hardware mac address table; So just discharged the space of hardware mac address table,, thereby can solve the capacity problem of smaller of mac address table in the prior art because a part of MAC Address need not be stored in the mac address table again.
Step S507: during configuration protocol, judge whether the communication protocol of configuration is the communication protocol of selected communication pattern, if, execution in step S508; Otherwise, execution in step S511.
Step S508: whether judgement should be selected communication pattern opened on device port, if, execution in step S510; Otherwise, execution in step S509.
Step S509: open the selected communication pattern of device port, execution in step S510.
Step S510: the operation of the MAC Address of not carrying out the communication protocol of adding configuration in the mac address table, the communication protocol of operation configuration.
Step S511: the MAC Address that adds the communication protocol that disposes moves the communication protocol of configuration in mac address table.
Whether above-mentioned is the process of configuration protocol, after having disposed communication protocol, when message arrives, can be the message of selected communication pattern according to the message that arrives just, determines whether to arrive and matees MAC Address in the mac address table.When the message that arrives is the message of opened selected communication pattern, receive this message and get final product, owing to the message of opened selected communication pattern need not mate MAC Address again in mac address table,, improved equipment performance so reduced the CPU occupation rate; When the message that arrives is not the message of opened selected communication pattern, when the MAC Address that carries when message matees with the MAC Address in the mac address table, receive this message.
Optional; When adding, the count value of the communication protocol operation number of the opened selected communication pattern of record reaches after 1 when setting the limit switch startup value that changes; Can limit the speed of the data message that receives opened selected communication pattern with the message inbound pacing of setting; The data message quantity of the opened selected communication pattern that so just can avoid receiving is too much, and the too high harmful effect that equipment is produced of the CPU usage that causes.
Embodiment two
Present embodiment is the idiographic flow that example is explained the mac address table access control method with the deleting communication agreement, and concrete steps are as shown in Figure 7:
Step S601: communication protocol that need to confirm deletion.
Step S602: whether the communication protocol that judgement will be deleted is the communication protocol of opened selected communication pattern, if, execution in step S603; Otherwise, execution in step S604.
Step S603: do not carry out the operation of the MAC Address in the deletion mac address table, execution in step S609.
Step S604: the MAC Address of the communication protocol that will delete that disposes in the deletion mac address table, execution in step S605.
Step S605: the MAC Address quantity in the monitoring software mac address table.
Step S606: whether judge MAC Address quantity in the software mac address table less than hardware mac address table capacity, if, execution in step S607; Otherwise, execution in step S609.
Step S607: whether opened selected communication pattern is arranged on the judgment device port, if, execution in step S608; Otherwise, execution in step S609.
Step S608: the selected communication pattern that the closing device port is opened, execution in step S609.
After step S605-step S608 is the MAC Address in the deletion mac address table; Judge that MAC Address quantity in the software mac address table whether less than the capacity of hardware mac address, judges just whether hardware mac address can store the MAC Address in all software mac address tables.When the MAC Address quantity in the software mac address table during, the selected communication pattern that the closing device port is opened, still adopt prior art to add or delete MAC Address less than the hardware mac address capacity.
A kind of preferred mode is after determining device port the selected communication pattern of having opened is arranged; Whether the communication protocol of judging the opened selected communication pattern that is moving again requires the selected communication pattern of device port to be in the state of opening; When the communication protocol of the opened selected communication pattern of all operations does not require that all the selected communication pattern of device port is in the state of opening; Execution in step S608 again, the selected communication pattern that the closing device port is opened.The communication protocol that can guarantee to require the selected communication pattern of device port to be in the state of opening like this can normally be moved.
Step S609: this communication protocol of deletion after the communication protocol that will delete out of service.
Whether said process is the process of the communication protocol of deletion configuration, after the deleting communication agreement, be the message of selected communication pattern according to the message that arrives, and determines whether to arrive and matees MAC Address in the mac address table.When the message that arrives is the message of opened selected communication pattern, receive this message and get final product, owing to the message of opened selected communication pattern need not mate MAC Address again in mac address table,, improved equipment performance so reduced the CPU occupation rate; When the message that arrives is not the message of opened selected communication pattern, when the MAC Address that carries when message matees with the MAC Address in the mac address table, receive this message.
Optional; When deletion is when selecting the communication protocol of communication pattern; The count value of the communication protocol operation number of the selected communication pattern that record is opened subtracts 1; When this count value subtracts the speed-limiting switch close value that reaches setting after 1, close the restriction of speed-limiting switch cancellation for the speed of the data message that receives opened selected communication pattern.When the data message of opened selected communication pattern arrives, normally receive this data message.
Above-mentioned explanation illustrates and has described the preferred embodiments of the present invention; But as previously mentioned; Be to be understood that the present invention is not limited to the form that this paper discloses, should do not regard eliminating as, and can be used for various other combinations, modification and environment other embodiment; And can in invention contemplated scope described herein, change through the technology or the knowledge of above-mentioned instruction or association area.And change that those skilled in the art carried out and variation do not break away from the spirit and scope of the present invention, then all should be in the protection range of accompanying claims of the present invention.

Claims (19)

1. a mac address table access control method is characterized in that, comprising:
On the configuration device port during communication protocol of opened selected communication pattern, the operation of the media interviews control MAC Address of not carrying out the said communication protocol of adding configuration in the mac address table, and move said communication protocol;
When message arrives said device port, when judging said message and be the message of opened selected communication pattern, receive said message.
2. the method for claim 1 is characterized in that, also comprises:
During the communication protocol of the communication pattern of not opening on the configuration device port, the MAC Address of the communication protocol of not opening communication pattern that adds configuration is in mac address table;
When judging said message and be not the message of opened selected communication pattern, when MAC Address of confirming to carry in the said message and the MAC Address in the mac address table are complementary, receive said message.
3. the method for claim 1 is characterized in that, after the said communication protocol of said operation, also comprises:
The count value of the communication protocol operation number of the selected communication pattern that record is opened adds 1;
When said count value added the speed-limiting switch startup value that reaches setting after 1, the speed that starts the data message of the opened selected communication pattern of speed-limiting switch restriction reception was not more than the message inbound pacing of setting.
4. the method for claim 1 is characterized in that, also comprises:
During the deleting communication agreement, whether the communication protocol that judgement will be deleted is the communication protocol of opened selected communication pattern;
If do not carry out the operation of the MAC Address in the deletion mac address table; Otherwise, the MAC Address of the communication protocol that will delete in the deletion mac address table;
This communication protocol of deletion after the communication protocol that will delete out of service.
5. method as claimed in claim 4 is characterized in that, after this communication protocol of said deletion, also comprises:
The count value of the communication protocol operation number of the selected communication pattern that record is opened subtracts 1;
When said count value subtracts the speed-limiting switch close value that reaches setting after 1, close the restriction of speed-limiting switch cancellation for the speed of the data message that receives opened selected communication pattern.
6. method as claimed in claim 4 is characterized in that, said mac address table comprises software mac address table and hardware mac address table;
After the MAC Address of the communication protocol that will delete in the said deletion mac address table, also comprise:
When the MAC Address quantity in the software mac address table is not more than hardware mac address table capacity, whether opened selected communication pattern is arranged on the judgment device port;
When device port has opened selected communication pattern, the selected communication pattern that the closing device port is opened.
7. method as claimed in claim 6 is characterized in that, confirms that device port has after the selected communication pattern of having opened, and before the opened selected communication pattern of closing device port, also comprises:
Whether the communication protocol of judging the opened selected communication pattern of operation requires the selected communication pattern of device port to be in the state of opening;
When the communication protocol of the opened selected communication pattern that moves does not require that all the selected communication pattern of device port is in the state of opening, the selected communication pattern that the closing device port is opened.
8. the method for claim 1 is characterized in that, said mac address table comprises software mac address table and hardware mac address table;
Before the communication protocol of opened selected communication pattern, also comprise on the said configuration device port:
When the MAC Address quantity in the software mac address table during, judge whether to have opened selected communication pattern greater than hardware mac address table capacity;
If, the MAC Address of opened selected communication pattern in the deletion hardware mac address table;
Otherwise, after opening selected communication pattern on the device port, the MAC Address of opened selected communication pattern in the deletion hardware mac address table.
9. method as claimed in claim 8 is characterized in that, determines MAC Address quantity in the software mac address table greater than after the hardware mac address table capacity, judges whether to have opened before the selected communication pattern, also comprises:
The quantity of the MAC Address of each communication pattern in the statistics hardware mac address table;
The communication pattern that MAC Address quantity is maximum is set to selected communication pattern.
10. a mac address table access control apparatus is characterized in that, comprising:
The address configuration unit, when being used for the communication protocol of selected communication pattern opened on the configuration device port, the operation of the media interviews control MAC Address of not carrying out the said communication protocol of adding configuration in the mac address table, and move said communication protocol;
The access process unit is used for when message arrives said device port, when judging said message and whether be the message of opened selected communication pattern, receives said message.
11. device as claimed in claim 10 is characterized in that, said address configuration unit, and during the communication protocol of the communication pattern that also is used for not opening on the configuration device port, the MAC Address of said communication protocol that adds configuration is in mac address table;
Said access control unit also is used for when judging said message and be not the message of opened selected communication pattern, when MAC Address of confirming to carry in the said message and the MAC Address in the mac address table are complementary, receives said message.
12. device as claimed in claim 10 is characterized in that, said address configuration unit also is used to move after the said communication protocol, and the count value of the communication protocol operation number of the selected communication pattern that record is opened adds 1; When said count value added the speed-limiting switch startup value that reaches setting after 1, the speed of the data message of the selected communication pattern that notice access process unit starting speed-limiting switch restriction reception is opened was not more than the message inbound pacing of setting.
13. device as claimed in claim 10 is characterized in that, said address configuration unit, and when also being used for the deleting communication agreement, whether the communication protocol that judgement will be deleted is the communication protocol of opened selected communication pattern; If do not carry out the operation of the MAC Address in the deletion mac address table; Otherwise, the MAC Address of the communication protocol that will delete in the deletion mac address table;
This communication protocol of deletion after the communication protocol that will delete out of service.
14. device as claimed in claim 13 is characterized in that, said address configuration unit also is used to delete after the said communication protocol, and the count value of the communication protocol operation number of the selected communication pattern that record is opened subtracts 1; When said count value subtracts the speed-limiting switch close value that reaches setting after 1, notify said access process unit to close the restriction of speed-limiting switch cancellation for the speed of the data message that receives opened selected communication pattern.
15. device as claimed in claim 13 is characterized in that, said mac address table comprises software mac address table and hardware mac address table;
Said address configuration unit; Also be used for deleting after the MAC Address of the communication protocol that mac address table will delete; When the MAC Address quantity in the software mac address table is not more than hardware mac address table capacity, whether opened selected communication pattern is arranged on the judgment device port; When device port has opened selected communication pattern, the selected communication pattern that the closing device port is opened.
16. device as claimed in claim 15; It is characterized in that; Said address configuration unit; Also be used for: after definite device port has the selected communication pattern of having opened, before the opened selected communication pattern of closing device port, judge whether the communication protocol of the opened selected communication pattern of operation requires the selected communication pattern of device port to be in the state of opening; When the communication protocol of the opened selected communication pattern that moves does not require that all the selected communication pattern of device port is in the state of opening, the selected communication pattern that the closing device port is opened.
17. device as claimed in claim 10 is characterized in that, said mac address table comprises software mac address table and hardware mac address table;
Said address configuration unit also was used for before the communication protocol of selected communication pattern opened on the configuration device port, when the MAC Address quantity in the software mac address table during greater than hardware mac address table capacity, judged whether to have opened selected communication pattern; If, the MAC Address of opened selected communication pattern in the deletion hardware mac address table; Otherwise, after opening selected communication pattern on the device port, the MAC Address of opened selected communication pattern in the deletion hardware mac address table.
18. device as claimed in claim 17; It is characterized in that; Said address configuration unit; The MAC Address quantity that also is used for determining the software mac address table judges whether to have opened before the selected communication pattern greater than after the hardware mac address table capacity, the quantity of each communication pattern MAC Address in the statistics hardware mac address table; The communication pattern that MAC Address quantity is maximum is as selected communication pattern.
19. a network equipment is characterized in that, comprises arbitrary described mac address table access control apparatus like claim 10-18.
CN201110338493.6A 2011-10-31 2011-10-31 MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same Expired - Fee Related CN102355511B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110338493.6A CN102355511B (en) 2011-10-31 2011-10-31 MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110338493.6A CN102355511B (en) 2011-10-31 2011-10-31 MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same

Publications (2)

Publication Number Publication Date
CN102355511A true CN102355511A (en) 2012-02-15
CN102355511B CN102355511B (en) 2015-01-21

Family

ID=45579004

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110338493.6A Expired - Fee Related CN102355511B (en) 2011-10-31 2011-10-31 MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same

Country Status (1)

Country Link
CN (1) CN102355511B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103391244A (en) * 2013-07-30 2013-11-13 上海斐讯数据通信技术有限公司 Forwarding method for large-flow data packets

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150457A (en) * 2007-10-25 2008-03-26 中兴通讯股份有限公司 Testing method for Ethernet media access control table capacity
US7957374B2 (en) * 2008-10-22 2011-06-07 Fortinet, Inc. Mechanism for enabling layer two host addresses to be shielded from the switches in a network
CN102164091A (en) * 2011-05-13 2011-08-24 北京星网锐捷网络技术有限公司 Method for building MAC (Media Access Control) address table and provider edge device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150457A (en) * 2007-10-25 2008-03-26 中兴通讯股份有限公司 Testing method for Ethernet media access control table capacity
US7957374B2 (en) * 2008-10-22 2011-06-07 Fortinet, Inc. Mechanism for enabling layer two host addresses to be shielded from the switches in a network
CN102164091A (en) * 2011-05-13 2011-08-24 北京星网锐捷网络技术有限公司 Method for building MAC (Media Access Control) address table and provider edge device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103391244A (en) * 2013-07-30 2013-11-13 上海斐讯数据通信技术有限公司 Forwarding method for large-flow data packets

Also Published As

Publication number Publication date
CN102355511B (en) 2015-01-21

Similar Documents

Publication Publication Date Title
US8089882B2 (en) Load-aware network path configuration
JP4458289B2 (en) Cluster system, cluster member, failure recovery method and program
JP5880560B2 (en) Communication system, forwarding node, received packet processing method and program
CN107948076B (en) Method and device for forwarding message
US8102879B2 (en) Application layer metrics monitoring
US8509075B2 (en) Data-type-based network path configuration
EP2506511B1 (en) Versatile source port enforcement for data networks
RU2558624C2 (en) Control device, communication system, communication method and record medium containing communication programme recorded to it
RU2612599C1 (en) Control device, communication system, method for controlling switches and program
CN105357146B (en) Buffer queue saturation attack defence method, apparatus and system in egress gateways
CN102577275A (en) Relay control device, relay control system, relay control method, and relay control program
US10333790B2 (en) Method and system for selective route download in network devices
US20140365684A1 (en) Diameter route learning
CN103595638B (en) A kind of MAC address learning method and device
US20160164690A1 (en) Communication system
CN104852855A (en) Congestion control method, device and equipment
KR101658299B1 (en) Control apparatus, communication system, node control method and program
CN102281165A (en) Fault detection method based on QoS, system and apparatus thereof
CN101483584B (en) Method and apparatus for policy and charging rule functional entity information maintenance
CN100499549C (en) Apparatus and base station equipment for transmitting IP message in WiMAX network
CN101369994A (en) Method, apparatus and system for implementing multicast group member management protocol proxy
US20160112242A1 (en) Docsis provisioning of point-to-point ethernet
EP2773072B1 (en) Control apparatus, communication system, virtual network management method, and program
CN102355511B (en) MAC (Media Access Control) address table access control method, as well as apparatus and network device for the same
CN104767720A (en) OpenFlow message tracking and filtering method in software defined network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: 350002 19 Building, Citrus Industrial Park, 618 Jinshan Road, Cangshan District, Fuzhou, Fujian.

Patentee after: RUIJIE NETWORKS Co.,Ltd.

Address before: 350002 19 Building, Citrus Industrial Park, 618 Jinshan Road, Cangshan District, Fuzhou, Fujian.

Patentee before: Fujian Star-net Ruijie Network Co.,Ltd.

CP01 Change in the name or title of a patent holder
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150121

Termination date: 20211031

CF01 Termination of patent right due to non-payment of annual fee