CN103179040A - Data packet fuzzy matching method of software router - Google Patents
Data packet fuzzy matching method of software router Download PDFInfo
- Publication number
- CN103179040A CN103179040A CN2013100779622A CN201310077962A CN103179040A CN 103179040 A CN103179040 A CN 103179040A CN 2013100779622 A CN2013100779622 A CN 2013100779622A CN 201310077962 A CN201310077962 A CN 201310077962A CN 103179040 A CN103179040 A CN 103179040A
- Authority
- CN
- China
- Prior art keywords
- matching
- fuzzy
- packet
- fuzzy matching
- router
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data packet fuzzy matching method of a software router. By combining accurate matching with fuzzy matching, efficient accurate matching is utilized for buffering fuzzy matching; by combining fuzzy matching rules, accurate values in each protocol field are extracted from data packets to substitute for wildcards in the fuzzy matching rules so as to generate corresponding accurate matching rules, and hash values of the fields are computed and then updated in an accurate matching table; and when the router receives data packets with same protocol fields, matching result can be found in the accurate matching table quickly, one-by-one matching in a fuzzy matching table is not needed, and accordingly data packet fuzzy matching efficiency of the router is improved greatly.
Description
Technical field
The present invention relates to computer network communication field, relate in particular to and according to predefined matched rule, network packet is carried out the method for fuzzy matching in a kind of software router.
Background technology
Along with the generally application of Internet technology and the sharply expansion of Internet Users, various new Internet service forms continue to bring out.Traditional hardware router has been difficult to adapt to flexible, changeable Internet service demand in a lot of applications.Therefore, a lot of software routers begin to obtain to use.Because the function of software router can be upgraded and replace rapidly, thereby can tackle well the new demand that constantly proposes in the Internet.Yet the performance of software router but becomes it can not be by the bottleneck of large scale deployment and application.The factor of one of them restriction software router performance is exactly its data packet matched process.Router for security reasons or configuration needs need to carry out detecting and filter packet.This detection and filtration are to be based upon on the basis that each field and matched rule to packet mate.How improving data packet matched efficient is to improve the significant challenge that software router bag treatment effeciency faces.
Data packet matched technology refers to (deposit some matched rules in the matched rule table by the matched rule table is set on router, every rule is by the protocol fields of coupling, as compositions such as protocol type, IP address, port numbers), when router is received network packet, each protocol fields of this packet is resolved and mated in the matched rule table, if the match is successful executing rule operates (as packet loss, statistics etc.) accordingly.If it fails to match do not carry out any processing.
Data packet matchedly be divided into exact matching and fuzzy matching.All fields that exact matching refers to every matched rule are all accurate designated value.It is all exact value that fuzzy matching refers to every not all field of matched rule, and it is asterisk wildcard that part field or all fields are namely arranged.In software router, for general employing of exact matching, all matching field cumulative calculation cryptographic Hash and the method for carrying out Hash lookup in matching list to be completed, this method can obtain very high matching efficiency; And software router fuzzy matching commonly used need to travel through whole matched rule table and mates with matched rule one by one.This method matching efficiency when the matched rule number is more is very low, has therefore caused the decline of software router performance.Although some improved efficient that improved to a certain extent fuzzy matching based on the Method of Fuzzy Matching of decision tree, but realize very complicated, and need to consume a large amount of resources and be used for calculating decision tree, simultaneously, also be not suitable for the matched rule table of frequent change.
Summary of the invention
The objective of the invention is to solve the inefficient deficiency of existing software router packet Method of Fuzzy Matching, a kind of packet Method of Fuzzy Matching of software router is provided.The method utilizes each protocol fields of packet that router was received within a period of time to have the characteristics of repeatability (being that router can be received the packet with same protocol field within a period of time), utilize efficient exact matching to cushion for fuzzy matching, greatly improved the fuzzy matching efficient of packet.
The objective of the invention is to be achieved through the following technical solutions: a kind of packet Method of Fuzzy Matching of software router, the method comprises the steps:
(1) software router receive data bag from the network, resolve packet, extracts the value of each protocol fields;
(2) to the value cumulative calculation cryptographic Hash of each protocol fields of network packet of extracting in step 1;
(3) carry out the Hash coupling according to the cryptographic Hash of calculating in step 2 in the exact matching table; If the match is successful execution in step 6; Otherwise execution in step 4;
(4) carry out the Linear Fuzzy coupling according to the value of each protocol fields of extracting in step 2 in the fuzzy matching table; If the match is successful execution in step 5; Otherwise it fails to match, execution in step 7;
(5) matching result in step 4 is updated in the exact matching table;
(6) return to matching result;
(7) fuzzy matching of end data packet.
Further, in described step (1), comprise the exact value of each protocol fields in described network packet, comprised the information such as physical address, IP address, protocol type, port numbers.
The invention has the beneficial effects as follows: the present invention utilizes efficient exact matching to cushion for fuzzy matching by exact matching is combined with fuzzy matching.In conjunction with the fuzzy matching rule, the exact value of each protocol fields of extraction is replaced the asterisk wildcard in the fuzzy matching rule from packet, generates corresponding exact matching rule, is updated to after the cryptographic Hash of calculated field in the exact matching table.When router is received the packet with same protocol field, can find matching result rapidly in the exact matching table, and need to not mate one by one in the fuzzy matching table, greatly improved the packet fuzzy matching efficient of router.
Description of drawings
Fig. 1 is the packet Method of Fuzzy Matching flow chart of software router of the present invention.
Embodiment
The below describes the present invention with reference to the accompanying drawings in detail, and it is more obvious that purpose of the present invention and effect will become.
As shown in Figure 1, the packet Method of Fuzzy Matching of software router of the present invention comprises the steps:
Step 1: software router receive data bag from the network, packet is resolved, extract the value of each protocol fields.
The exact value that has comprised each protocol fields in network packet is as information such as physical address, IP address, protocol type, port numbers.
Step 2: to the value cumulative calculation cryptographic Hash of each protocol fields of network packet of extraction in step 1.
The computational methods of cryptographic Hash can adopt simple hash algorithm, as the value XOR with each protocol fields.Can reduce the computation complexity of cryptographic Hash like this, to be applicable in the such high-speed equipment of router.
Step 3: carry out the Hash coupling according to the cryptographic Hash of calculating in step 2 in the exact matching table.If the match is successful execution in step 6; Otherwise execution in step 4.
The exact matching table is as the buffering of fuzzy matching table, and the occurrence of each in table comprises cryptographic Hash and matching result two parts.Due to the method existence conflict of Hash, thereby the matching result of each occurrence all needs to comprise corresponding original fuzzy matching rule set (packet of different fuzzy matching rule match may calculate identical cryptographic Hash).Each fuzzy matching rule in packet and corresponding matching result need to be carried out the Linear Fuzzy coupling when by the Hash values match success, if having successful coupling execution in step 6, otherwise execution in step 4.
Step 4: carry out the Linear Fuzzy coupling according to the value of each protocol fields of extracting in step 2 in the fuzzy matching table.If the match is successful execution in step 5; Otherwise it fails to match, execution in step 7.
Matched rule in the fuzzy matching table is mated with current data packet one by one, if the match is successful execution in step 5; All do not find successful coupling if travel through complete fuzzy matching table, fuzzy matching failure, execution in step 7.
Step 5: the matching result in step 4 is updated in the exact matching table.
Fuzzy matching result and corresponding cryptographic Hash being added to the matching result of institute's Corresponding matching item in the exact matching table concentrates.So that next packet with same protocol field can be in the exact matching table Rapid matching.
Step 6: return to matching result.
Step 7: the fuzzy matching of end data packet.
The present invention utilizes efficient exact matching to cushion for fuzzy matching by exact matching is combined with fuzzy matching, rather than directly carries out the Linear Fuzzy coupling by traditional method of coupling one by one.To carry out fuzzy matching when packet enters router for the first time, and matching result will be updated in the exact matching table, when after router when receiving the packet of same field, can obtain matching result very efficiently from the exact matching table.This matching process has improved the packet fuzzy matching efficient of software router greatly.
Claims (2)
1. the packet Method of Fuzzy Matching of a software router, is characterized in that, the method comprises the steps:
(1) software router receive data bag from the network, resolve packet, extracts the value of each protocol fields;
(2) to the value cumulative calculation cryptographic Hash of each protocol fields of network packet of extracting in step 1;
(3) carry out the Hash coupling according to the cryptographic Hash of calculating in step 2 in the exact matching table; If the match is successful execution in step 6; Otherwise execution in step 4;
(4) carry out the Linear Fuzzy coupling according to the value of each protocol fields of extracting in step 2 in the fuzzy matching table; If the match is successful execution in step 5; Otherwise it fails to match, execution in step 7;
(5) matching result in step 4 is updated in the exact matching table;
(6) return to matching result;
(7) fuzzy matching of end data packet.
2. the packet Method of Fuzzy Matching of software router according to claim 1, it is characterized in that, in described step 1, comprise the exact value of each protocol fields in described network packet, comprised the information such as physical address, IP address, protocol type, port numbers.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310077962.2A CN103179040B (en) | 2013-03-12 | 2013-03-12 | A kind of packet Method of Fuzzy Matching of software router |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310077962.2A CN103179040B (en) | 2013-03-12 | 2013-03-12 | A kind of packet Method of Fuzzy Matching of software router |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103179040A true CN103179040A (en) | 2013-06-26 |
| CN103179040B CN103179040B (en) | 2015-11-04 |
Family
ID=48638671
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310077962.2A Active CN103179040B (en) | 2013-03-12 | 2013-03-12 | A kind of packet Method of Fuzzy Matching of software router |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103179040B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1937575A (en) * | 2005-09-22 | 2007-03-28 | 中兴通讯股份有限公司 | Signalling flow distributing method and signalling distributing processing unit |
| CN102082699A (en) * | 2009-11-27 | 2011-06-01 | 上海博达数据通信有限公司 | P2P (peer-to-peer) protocol identification method on basis of active detection mode |
| CN102148854A (en) * | 2010-10-19 | 2011-08-10 | 华为数字技术有限公司 | Method and device for identifying peer-to-peer (P2P) shared flows |
-
2013
- 2013-03-12 CN CN201310077962.2A patent/CN103179040B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1937575A (en) * | 2005-09-22 | 2007-03-28 | 中兴通讯股份有限公司 | Signalling flow distributing method and signalling distributing processing unit |
| CN102082699A (en) * | 2009-11-27 | 2011-06-01 | 上海博达数据通信有限公司 | P2P (peer-to-peer) protocol identification method on basis of active detection mode |
| CN102148854A (en) * | 2010-10-19 | 2011-08-10 | 华为数字技术有限公司 | Method and device for identifying peer-to-peer (P2P) shared flows |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103179040B (en) | 2015-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106936667B (en) | Host real-time identification method based on application program flow distributed analysis | |
| CN106790170B (en) | Data packet filtering method and device | |
| CN104579823A (en) | Large-data-flow-based network traffic abnormality detection system and method | |
| CN101753445A (en) | Fast flow classification method based on keyword decomposition hash algorithm | |
| CN104348716A (en) | Message processing method and equipment | |
| TW201501556A (en) | Apparatus and method for uniquely enumerating paths in a parse tree | |
| Kang et al. | A New Logging-based IP Traceback Approach using Data Mining Techniques. | |
| CN103763198A (en) | Data packet classification method | |
| CN105183780B (en) | Based on the protocol classification method for improving AGNES algorithms | |
| Park et al. | Software architecture for a lightweight payload signature-based traffic classification system | |
| CN105591909A (en) | Method and device for improvement of message forwarding performance | |
| CN102111331A (en) | Matching method based on hash table and adopting mask five-element rule | |
| CN103685058B (en) | Method for controlling QoS (Quality of Service) of stream data, and OpenFlow controller | |
| Shim et al. | Application traffic classification using payload size sequence signature | |
| CN106850547A (en) | A kind of data restoration method and system based on http protocol | |
| CN103281291A (en) | Application layer protocol identification method based on Hadoop | |
| CN103095718B (en) | Application layer protocol characteristic extracting method based on Hadoop | |
| Zhao et al. | A DDoS attack detection and defense mechanism based on the self‐organizing mapping in SDN | |
| CN103384221A (en) | Method for optimizing service precedence message fast forwarding | |
| CN106888115B (en) | A kind of constructing network topology method and system | |
| US10091074B2 (en) | Hardware acceleration architecture for signature matching applications for deep packet inspection | |
| CN107124410A (en) | Network safety situation feature clustering method based on machine deep learning | |
| CN103179040A (en) | Data packet fuzzy matching method of software router | |
| EP3264716B1 (en) | State transition compression mechanism to efficiently compress dfa based regular expression signatures | |
| CN105376099B (en) | Acquire the method and system of virtual network flow in data switching exchane |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |