CN104604194B - Flow table control method, device, interchanger and controller - Google Patents

Flow table control method, device, interchanger and controller Download PDF

Info

Publication number
CN104604194B
CN104604194B CN201380001421.XA CN201380001421A CN104604194B CN 104604194 B CN104604194 B CN 104604194B CN 201380001421 A CN201380001421 A CN 201380001421A CN 104604194 B CN104604194 B CN 104604194B
Authority
CN
China
Prior art keywords
control
stream rule
pending stream
failure
flow table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201380001421.XA
Other languages
Chinese (zh)
Other versions
CN104604194A (en
Inventor
倪慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN104604194A publication Critical patent/CN104604194A/en
Application granted granted Critical
Publication of CN104604194B publication Critical patent/CN104604194B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/64Hybrid switching systems
    • H04L12/6418Hybrid transport

Abstract

The embodiment of the present application provides a kind of flow table control method, device, interchanger and controller, and methods described includes:The control connection status of interchanger detection and control device, when detecting the control Joint failure, the pending stream rule in flow table is handled so that the pending stream rule is not matched with the data received.Control when controlling Joint failure to flow table is realized by the embodiment of the present application, avoids to the out of control of the processing such as data forwarding operation, ensure that the security of data.

Description

Flow table control method, device, interchanger and controller
Technical field
The application is related to network communication technology field, more particularly to a kind of flow table control method, device, exchange Machine and controller.
Background technology
Software defined network(Software Defined Network,SDN), it is a kind of new network framework, it passes through The key-course of the network equipment is separated with forwarding, the flexible control of network traffics is realized, improves the management of network Efficiency, the innovation for core network and application provide good platform.
OpenFlow is to realize one of typical technology of software defined network.Software defined network based on OpenFlow technologies Network element device in network mainly includes OpenFlow controllers(OpenFlow Controller)And OpenFlow interchangers (OpenFlow Switch).Interchanger includes one or more flow tables, and flow table is made up of many flow table items, each flow table item As first-class rule.Stream rule is generated and is issued in interchanger by controller, when interchanger receives data, by that will receive Data are inquired about in flow table, carry out flow table matching, and operation is performed according to specified in the stream rule of matching, carry out data forwarding etc. Processing operation.
Exist between controller and interchanger and be based on TCP(Transmission Control Protocol, transmission control Agreement)、UDP(User Datagram Protocol, UDP)Or TLS(Transport Layer Security, safe transmission layer protocol)Control Deng foundation is connected, and controller can be controlled in interchanger by control connection Flow table, include inquiry, deletion, modification etc. of stream rule, so as to realize the control operated to processing such as data forwardings.
In practical work process, the control connection between controller and interchanger may be interrupted, and data face Transmit unsafe risk.
The content of the invention
This application provides a kind of flow table control method, device, interchanger and controller, to reduce due to controller with The unsafe risk of data transfer caused by control disconnecting between interchanger.
To achieve the above object, the application provides following technical scheme:
First aspect, there is provided a kind of flow table control method, including:
The control connection status of interchanger detection and control device;
When detecting the control Joint failure, the pending stream rule in flow table is handled so that described to treat Processing stream rule is not matched with the data received.
In the first possible implementation of the first aspect, at the pending stream rule by flow table Reason so that the pending stream rule does not carry out matching with the data received to be included:
Since the control Joint failure moment, by the default first Failure Control time, if not receiving flow table In pending stream rule match data, or pass through the default second Failure Control time, will the pending stream it is regular Handled so that the pending stream rule is not matched with the data received.
With reference to the possible implementation of the first of the first aspect or the first aspect, the first party is additionally provided The possible implementation of second of face, the pending stream rule by flow table are handled so that the pending stream rule Then not carrying out matching with the data received includes:
Delete the pending stream rule so that the pending stream rule is not matched with the data received.
With reference to the possible implementation of the first of the first aspect or the first aspect, the first party is additionally provided The third possible implementation in face, the pending stream rule by flow table are handled so that the pending stream rule After not matched with the data received then, methods described also includes:
When detecting that the control connection recovers, the pending stream rule is handled so that the pending stream Rule is recovered to be matched with the data received.
With reference to the first aspect or any one above-mentioned possible implementation of the first aspect, additionally provide described 5th kind of possible implementation of first aspect, the pending stream rule by flow table are handled so that described to wait to locate Reason stream rule does not carry out matching with the data received to be included:
The Failure Control information sent according to the controller, the pending stream rule in the flow table is handled, So that the pending stream rule is not matched with the data received.
With reference to the 5th kind of possible implementation of the first aspect, the 6th kind of possibility of the first aspect is additionally provided Implementation, the Failure Control information include the time of the first Failure Control time and the second Failure Control time Parameter value.
With reference to the 5th kind of possible implementation of the first aspect, the 7th kind of possibility of the first aspect is additionally provided Implementation, the Failure Control information are to be carried in the installation message for the pending stream rule that the controller is sent 's.
With reference to the 5th kind of possible implementation of the first aspect, the 8th kind of possibility of the first aspect is additionally provided Implementation, the pending stream rule are that the whole in the flow table flows rule or at least partly flows regular, the failure Control information is that the flow table that the controller is sent configures what is carried in message.
Second aspect, there is provided a kind of flow table control method, including:
Controller is connected to the interchanger by the control with interchanger and sends Failure Control information, the Failure Control Information is used to trigger the interchanger when detecting the control Joint failure, at the pending stream rule in flow table Reason so that the pending stream rule is not matched with the data received.
In the first possible implementation of the second aspect, the Failure Control information is specifically used for described in triggering When interchanger detects the control Joint failure, since the control Joint failure moment, by the default first failure Control time, if not receiving the data of the target stream rule match, or pass through the default second Failure Control time, will The pending stream rule is handled so that the pending stream rule is not matched with the data received.
With reference to the possible implementation of the first of the second aspect or the second aspect, the second party is additionally provided The possible implementation of second of face, the Failure Control information are specifically used for the triggering interchanger and detect that the control connects When connecing failure, by the pending stream redundant rule elimination in flow table.
The third aspect, there is provided a kind of flow table control device, including:
Detection unit, for detecting the control connection status of interchanger and controller;
Processing unit, for when the detection unit detect it is described control Joint failure when, will be pending in flow table Stream rule is handled so that the pending stream rule is not matched with the data received.
In the first possible implementation of the third aspect, the processing unit is specifically used for connecting from the control The failure moment is connect, by the default first Failure Control time, if not receiving pending stream rule match in flow table Data, or pass through the default second Failure Control time, the pending stream rule is handled so that described pending Stream rule is not matched with the data received.
With reference to the possible implementation of the first of the third aspect or the third aspect, the first party is additionally provided The possible implementation of second of face, the processing unit, which is handled the pending stream rule in flow table, specifically deletes institute State pending stream rule.
With reference to the possible implementation of the first of the third aspect or the third aspect, the first party is additionally provided The third possible implementation in face, in addition to:
Recovery unit, for detect it is described control connection recover when, by it is described it is pending stream rule handled so that The pending stream rule is recovered to be matched with the data received.
With reference to the third aspect or any one above-mentioned possible implementation of the third aspect, additionally provide described 4th kind of possible implementation of the third aspect, the processing unit are specifically used for the Failure Control sent according to the controller Information, the pending stream rule in flow table is handled so that the pending stream rule is not carried out with the data received Matching.
Fourth aspect, there is provided a kind of flow table control device, including:
Transmitting element, Failure Control information is sent for being connected by the control with interchanger to the interchanger, it is described When Failure Control information detects the control Joint failure for triggering the interchanger, by the pending stream rule in flow table Handled so that the pending stream rule is not matched with the data received.
5th aspect, there is provided a kind of interchanger, be connected including at least memory and by bus with the memory Processor;
The memory is used to store one group of first programmed instruction;
The processor calls the first programmed instruction of the memory storage to perform following operation:
The control connection status of detection and control device;When detecting the control Joint failure, by the pending stream Rule is handled so that the pending stream rule is not matched with the data received.
6th aspect, there is provided a kind of controller, including at least memory, transmitter and pass through bus and the memory The processor connected with the transmitter;
The memory is used to store one group of second programmed instruction;
The processor calls the second programmed instruction of the memory storage to perform following operation:
The transmitter is triggered to be connected to interchanger transmission Failure Control information by the control with interchanger, its In, when the Failure Control information detects the control Joint failure for triggering the interchanger, it will wait to locate in flow table Reason stream rule is handled so that the pending stream rule is not matched with the data received.
To sum up, a kind of flow table control method, device, interchanger and the controller that the application provides, machine testing and control are exchanged The control connection status of device processed, when detecting the control Joint failure, the pending stream rule in flow table is handled, So that the pending stream rule is not matched with receiving data, so that when controlling Joint failure, still can convection current Rule is handled, and realizes the control to flow table, is avoided to the out of control of the processing such as data forwarding operation, is ensured data transfer Security.
Brief description of the drawings
, below will be to embodiment or existing in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this The embodiment of application, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis The accompanying drawing of offer obtains other accompanying drawings.
Fig. 1 is a kind of flow chart of flow table control method one embodiment that the embodiment of the present application provides;
Fig. 2 is a kind of flow chart of another embodiment of flow table control method of the embodiment of the present application offer;
Fig. 3 is a kind of flow chart of another embodiment of flow table control method of the embodiment of the present application offer;
Fig. 4 is a kind of flow chart of another embodiment of flow table control method of the embodiment of the present application offer;
Fig. 5 is a kind of structural representation of flow table control device one embodiment that the embodiment of the present application provides;
Fig. 6 is a kind of structural representation for interchanger that the embodiment of the present application provides;
Fig. 7 is a kind of structural representation of another embodiment of flow table control device of the embodiment of the present application offer;
Fig. 8 is a kind of structural representation for controller that the embodiment of the present application provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is carried out clear, complete Site preparation describes, it is clear that described embodiment is only some embodiments of the present application, rather than whole embodiments.It is based on Embodiment in the application, those of ordinary skill in the art are obtained every other under the premise of creative work is not made Embodiment, belong to the scope of the application protection.
One of main thought of the embodiment of the present application can include:
The control connection status of interchanger detection and control device, when the control Joint failure, this in flow table is waited to locate Reason stream rule is handled so that the pending stream rule is not matched with receiving data, so that connecting in control When connecing failure, still can convection current rule handled, realize the control to flow table, avoid to the processing such as data forwarding operation mistake Control, ensure the security of data transfer.
Fig. 1 is a kind of flow chart of flow table control method one embodiment of the embodiment of the present application, technology described in the present embodiment Scheme can be in software defined network of the concrete application based on OpenFlow technologies.
This method can include:
Step 101:The control connection status of interchanger detection and control device.
In the embodiment of the present application, interchanger and controller are the network element in the software defined network based on OpenFlow technologies Equipment, in the software defined network, the separation of data forwarding and control is realized by interchanger and controller.
One or more flow tables are stored with interchanger, each flow table item is first-class rule in flow table, is wrapped in stream rule Include stream match information and perform the contents such as operation.Controller can determine the operation that performs of data, example according to the feature of data Such as forward, abandon, changing header, corresponding stream rule can be set to be issued in interchanger accordingly.Interchanger is by controller The stream rule issued, is stored in flow table as flow table item, when data is received, will be each in the data and flow table that receive Stream rule is matched.So as to perform operation according to the stream rule definition of the data match with receiving, data are entered The processing operation such as row forwarding.
Control of the controller to flow table in interchanger is realized based on control connection, and it can looking into controlling stream rule Ask, the operation such as modification, deletion, the control that can be achieved to operate the processing such as data forwarding by the control to flow table.
Therefore in the present embodiment, in order to ensure the control of the operations such as data forwarding, the control of interchanger detection and control device Connection status, can detect in real time to be periodically detected, to determine whether control connection fails.
Step 102:When detecting the control Joint failure, the pending stream rule in flow table is handled, made The pending stream rule is obtained not matched with the data received.
Pending stream rule in the flow table can be whole stream rules in flow table either at least partly flow rule or Any one stream rule.
Control Joint failure between interchanger detection and control device can have a variety of implementations, for example, can be to When controller repeatedly sends information failure, or when not receiving in preset time the transmission information of controller, it may be determined that Control Joint failure.
Certainly can also be detected by the heartbeat signaling mutually sent out between controller, the application is limited not to this System.
After control Joint failure, controller can not realize the control to flow table in interchanger so that can not Convection current rule is handled, so as to cause to the out of control of the processing such as data forwarding operation, therefore in the embodiment of the present application, by flow table In it is pending stream rule handled, be allowed to not matched with the data received, i.e., when control Joint failure, exchange If machine receives data, the pending stream rule is no longer inquired about, this is received into data is not matched with pending stream rule, It is out of hand to data processing during so as to avoid continuing performing data processing according to the pending stream rule.
Wherein, by this it is pending stream rule handled so that its do not carried out with the data received matching can have it is more Kind implementation:
A kind of possible implementation is:
Delete the pending stream rule.
Alternatively possible implementation is:
Retain the pending stream rule, when the data received match in the flow table, it is pending that pause inquires about this Stream rule.Can flow the corresponding label symbol of rule setting by pending, when data is received, for label symbol Stream rule, do not matched with the data that this is received.It is, of course, also possible to be realized using other modes, the present invention is not right This is limited, and need to only realize that receive data is not matched with pending stream rule.
Because pending stream rule is not matched with receiving data, realize interchanger pause and the pending stream is advised Then perform operation.
In the present embodiment, if the control connection status of interchanger detection and control device, when the control Joint failure, then will Pending stream rule in flow table is handled, and is allowed to not matched with the data received then, so as to the data received Corresponding operation is not performed according still further to the stream rule after control Joint failure so that in the case where controlling Joint failure state, to flow table Control can be still realized, network is avoided and the processing such as data forwarding is operated out of control, ensure that the security of data transfer.
Fig. 2 is a kind of flow chart of another embodiment of flow table control method of the embodiment of the present application, and this method can include Following steps:
Step 201:The control connection status of interchanger detection and control device..
Step 201 is identical with the operation of step 101 in above-described embodiment, will not be repeated here.
Step 202:When detecting the control Joint failure, since the control Joint failure moment, by pre- If the first Failure Control time, if not receiving the data of the pending stream rule match in flow table, or by default The second Failure Control time, the pending stream rule is handled so that the pending stream rule is not with receiving Data are matched.
In the present embodiment, interchanger starts timing when detecting control Joint failure, in default first Failure Control In, if do not receive this it is pending stream rule match data, can by it is pending stream rule be handled, be allowed to not with The data received are matched, namely after the first Failure Control time, if receiving data again, no longer wait to locate with this Reason stream rule is matched.
Or the control Joint failure moment starts timing, if by the default second Failure Control time, will equally treat Processing stream rule is handled, and is allowed to not matched with the data received.
At failure when the first Failure Control time and the second Failure Control time are applied to control Joint failure Parameter is managed, can be switch configuration or be connected under normal circumstances in control, be set by controller and pass through control Connection is issued to interchanger, and so as to realize when controlling Joint failure, controller is still the control for realizing convection current rule.
Stream rule is issued by controller and stored in a switch, generally has necessarily ageing, i.e., by certain After time, controller can be with the operation such as the modification of controlling stream rule, deletion, and within the certain time, flowing rule can be normally with connecing Data are received to be matched.Therefore, the first Failure Control time and the second Failure Control time of setting are passed through in the present embodiment Setting, can cause control Joint failure, controller can not by control connection realize convection current rule control process when, The control for treating processing stream rule can be still realized according to default first Failure Control time and the second Failure Control time so that Out of control is unlikely to the processing such as data forwarding operation.
Pending stream rule is handled, is allowed to not matched with receiving data, there can be a variety of implementations, A kind of possible implementation is can be by the pending stream redundant rule elimination.Alternatively possible implementation is pending to retain this Stream rule, simply when data is received, the pause inquiry pending stream rule, no longer matched with the data received, Such as pending stream rule can be marked, when the data received are matched in flow table, do not treated with mark Processing stream rule match.
Wherein, interchanger passes through the default first Failure Control time, if not receiving and pending stream rule match During data, or pass through the default second Failure Control time, can also judge whether control connection recovers, if control connection Do not recover, then perform and handled pending stream rule, be allowed to not matched with receiving data.
Step 203:When detecting that the control connection recovers, the pending stream rule is handled, is allowed to recover Matched with the data received.
When the control of interchanger and controller, which connects, to recover, controller can connect normal hand over interchanger by controlling Mutual control signaling, now in the regular not deleted implementation of pending stream, the pending stream rule can be handled, Enable to be matched with receiving data, that is, recover the matching feature of the pending stream rule, when data is received, should Pending stream rule continues to be matched with receiving data.
Pending regular disposition can also be fed back to controller by interchanger.
As another embodiment, when pending stream rule is handled the pending redundant rule elimination specially, then When control connection recovers, the pending stream rule has been not present, and can not recover, now, interchanger can feed back to controller The pending regular information of parameter such as including erasing time.
Wherein, whether the control connection of detection and control device recovers the execution step being not limited in the present embodiment, if In control Joint failure process, pending stream rule is not carried out handling, then after control connection recovers, need not equally treat processing stream It is regular to perform processing.
In the present embodiment, the control connection status of interchanger detection and control device, when the control Joint failure, from control The Joint failure moment processed, by the default first Failure Control time, if not receiving and the pending stream in flow table The data of rule match, or pass through the default second Failure Control time, then the pending stream rule can be handled, It is allowed to not matched with the data received, so that in the case where controlling Joint failure, still can be to the stream in flow table Rule is handled, and the processing operation of data forwarding is unlikely to out of control, ensure that the security of data, while extensive in control connection In the case of multiple, pending stream rule can also be handled, be allowed to recover to be matched with the data received, recover stream The function of rule.
Fig. 3 is a kind of flow chart of another embodiment of flow table control method of the embodiment of the present application, and this method can include Following steps:
Step 301:The control connection status of interchanger detection and control device..
The operation of step 301 is identical with the operation of step 101 in above-described embodiment, will not be repeated here.
Step 302:When the control Joint failure, according to the Failure Control information of controller transmission, by flow table In pending stream rule handled, be allowed to not carry out with the data that receive.
The Failure Control information is set by controller and based on the control linkup transmit between interchanger to interchanger, used When triggering interchanger is controlling Joint failure, according to the Failure Control information, at the pending stream rule in flow table Reason, so as to realize when controlling Joint failure, control of the controller to flow table in interchanger.
The Failure Control information can include the time parameter values of the first Failure Control time and the second Failure Control time, The Failure Control information that then interchanger is specifically sent according to the controller, since the control Joint failure moment, pass through The default first Failure Control time, if the data of pending stream rule match in flow table are not received, or by default Second Failure Control time, the pending stream rule is handled, is allowed to not matched with the data received.
The Failure Control information can be carried in the regular installation message of stream that controller is sent, namely controller issues The Failure Control information of stream rule is carried in the regular installation message of stream when flowing regular, the stream rule installation message includes stream Match information, operation etc. is performed, Failure Control information can also be carried.Therefore the pending stream rule can refer in flow table Any stream rule, for every first-class rule, its corresponding Failure Control is carried in the stream rule installation message that controller is sent Information.Wherein, the parameter value of the first Failure Control time and the second Failure Control time corresponding to cocurrent flow rule can not differ Sample.
In addition, the Failure Control information can also be what is carried in the flow table configuration information that controller is sent.Flow table configures Information includes flow table mark etc., also carries the Failure Control information.Failure Control information corresponds to flow table, now the pending stream rule Stream rule whole in flow table can then be included, can also be according to the instruction of Failure Control information, including at least partly flow rule.
Failure Control information can be that controller flows rule setting to be pending, so as to which interchanger can be detected in flow table Stream rule with Failure Control information is pending stream rule.
The Failure Control information that interchanger is sent according to controller, the pending stream rule is handled, for example, can With according to the Failure Control information, by pending stream redundant rule elimination, or when receiving data, the pause inquiry pending stream rule Then.
In the present embodiment, the control connection status of interchanger detection and control device, when the control Joint failure according to The Failure Control information that controller is sent, the pending stream rule in flow table is handled, is allowed to the data not with receiving Matched, so that in the case of Joint failure is controlled, control of the controller to flow table can also be realized, being capable of convection current rule Then handled so that out of hand is unlikely to the processing such as data forwarding operation, ensure that the security of data transfer.
Fig. 4 is a kind of flow chart of another embodiment of flow table control method of the embodiment of the present application, and this method can include:
Step 401:Controller is connected to the interchanger by the control with interchanger and sends Failure Control information.
Wherein, the Failure Control information is used to trigger the interchanger when the control Joint failure, by flow table Pending stream rule is handled, and is allowed to not matched with the data received.
Namely interchanger is when detecting the Joint failure with controller, and according to the Failure Control information, will be treated in flow table Processing stream rule is handled, and is allowed to not matched with the data received.
The Failure Control information can be carried in the regular installation message of stream that controller is sent to interchanger, interchanger The pending stream rule of processing is any stream rule in flow table.
Certainly it can also be and carried in the flow table configuration information that controller is sent to interchanger, or be used as independent message list Solely send to interchanger.According to the Failure Control information, the pending stream rule of switch processes can be included in flow table all Stream rule at least partly flows rule.
The Failure Control information can include the time parameter values of the first Failure Control time and the second Failure Control time, Then the Failure Control information is specifically to trigger interchanger when the control Joint failure, is opened from the control Joint failure moment Begin, by the default first Failure Control time, if the data of the target stream rule match are not received, or by default The second Failure Control time, by it is described it is pending stream rule handled, be allowed to not matched with the data received.
The Failure Control information triggers interchanger when the control Joint failure, and the pending stream rule in flow table is entered Row processing can be specifically to trigger the interchanger when the control Joint failure, delete the pending stream rule in flow table;When It so can also be triggering interchanger when data is received, the pending stream rule in pause inquiry flow table.
In the present embodiment, controller is connected to interchanger by the control between interchanger and sends Failure Control letter Breath, the Failure Control information are used to trigger interchanger in the control Joint failure, and the pending stream rule in flow table is carried out Processing, is allowed to not matched with the data received, so that when controlling Joint failure, can still realize the control to flow table System, enabling convection current rule is handled, and still enough can be controlled to the processing such as data forwarding operation etc., be ensure that data pass Defeated security.
Fig. 5 is a kind of structural representation of flow table control device one embodiment of the embodiment of the present application, and the device can wrap Include:
Detection unit 501, the control for detecting interchanger and controller connect.
Processing unit 502, for when the detection unit 501 detect it is described control Joint failure when, by flow table Pending stream rule is handled so that the pending stream rule is not matched with the data received.
Wherein, as a kind of possible implementation, the processing unit can be specifically from it is described control Joint failure when Quarter, by the default first Failure Control time, if not receiving the data of the pending stream rule match, Huo Zhejing The default second Failure Control time is spent, the pending stream rule is handled, is allowed to not carry out with the data received Matching.
Wherein, processing unit is regular for the stream not matched with the data received by the pending stream rule process A kind of possible implementation is:Delete the pending stream rule.
Alternatively possible implementation is:When data is received, pause inquiry pending stream rule.
Wherein, the processing unit is handled the pending stream rule in flow table, can be specifically to be sent out according to controller The Failure Control information sent, the pending stream rule is handled, is allowed to not matched with the data received.
Can also include in the Failure Control information the first Failure Control time and the second Failure Control time when Between parameter value.
The pending stream rule can refer to any stream rule in flow table, and the Failure Control information is that controller is sent The pending stream rule installation message in carry.
Certainly, the pending stream rule can include whole stream rules in flow table or at least partly flow rule, the mistake Carry in the flow table configuration message that control information can be the controller transmission or controller is imitated individually to send.
In addition, as another embodiment, when by the pending stream redundant rule elimination, do not retain the pending stream it is regular when, The device can also include:
Recovery unit 503:, will the pending stream rule progress when control for detecting with controller is connected recovery Processing, recovers to be matched with the data received.
In the present embodiment, the control connection of interchanger detection and control device, when the control Joint failure, according to control The Failure Control information that device is sent, pending stream rule is handled, is allowed to not matched with the data received.So that In the case of Joint failure is controlled, control of the controller to flow table can also be realized, can convection current rule handled so that it is right The processing such as data forwarding operation is unlikely to out of hand, ensure that the security of data transfer.
The flow table control device provided as shown in Figure 5, in actual applications, is desirably integrated into interchanger, disposes this Shen Please the embodiment flow table control device interchanger, can be between controller and interchanger control Joint failure when, still may be used To realize the control to flow table, avoid to the out of control of the processing such as data forwarding operation.
By above description, those skilled in the art can be understood that the application can add by software must The mode of the general hardware platform needed is realized.Therefore, referring to Fig. 6, the embodiment of the present application additionally provides a kind of interchanger, the friendship Change planes including at least memory 601 and the processor 603 being connected by bus 602 with memory 601.
The memory 601 is used to store one group of first programmed instruction;
The processor 603 is used for the first programmed instruction for calling the memory 601 to store, and performs following operation:
The control connection of detection and control device, when detecting the control Joint failure, by the pending stream in flow table Rule is handled so that the pending stream rule is not matched with the data received.
Fig. 7 is a kind of structural representation of flow table control device of the embodiment of the present application another embodiment, and the device can be with Including:
Transmitting element 701, Failure Control information is sent for being connected by the control with interchanger to the interchanger.
Wherein, the Failure Control information is used to trigger the interchanger when detecting the control Joint failure, will flow Pending stream rule in table is handled, and is allowed to not matched with the data received.
The Failure Control information can be carried in the regular installation message of stream that controller is sent to interchanger, interchanger The pending stream rule of processing can be any stream rule in flow table.
Certainly it can also be that controller carries into the flow table configuration information for exchanging transmission, or it is independent as independent message Send to interchanger.According to the Failure Control information, the pending stream rule of switch processes can include all flowing in flow table Rule at least partly flows rule.
The time parameter of the first Failure Control time and the second Failure Control time can be included in the Failure Control information Value, now, the Failure Control information are specifically used for triggering the interchanger when detecting the control Joint failure, from described The Joint failure moment is controlled, by the default first Failure Control time, if not receiving and the pending stream in flow table The data of rule match, or pass through the default second Failure Control time, the pending stream rule is handled, is allowed to Do not matched with the data received.
The Failure Control information triggers interchanger when detecting the control Joint failure, by the pending stream in flow table It can trigger the interchanger when detecting the control Joint failure that rule, which carries out processing, delete pending in flow table Stream rule;Certainly it can also be triggering interchanger when data is received, the pending stream rule in pause inquiry flow table.
In the present embodiment, flow table control device can be connected to send to interchanger by the control between interchanger and be lost Control information is imitated, the Failure Control information is used to trigger interchanger in the control Joint failure, by the pending stream in flow table Rule is handled, and is allowed to not matched with the data received, so that when controlling Joint failure, can still be realized pair The control of flow table, enabling convection current rule is handled, and still enough can be controlled to the processing such as data forwarding operation etc..
The flow table control device provided as shown in Figure 7, in actual applications, is desirably integrated into controller, disposes this Shen Please the embodiment flow table control device controller, can be between controller and interchanger control Joint failure when, still may be used To realize the control to flow table, at the time of avoiding operating the processing such as data forwarding.
By above description, those skilled in the art can be understood that the application can add by software must The mode of the general hardware platform needed is realized.Therefore, referring to Fig. 8, the embodiment of the present application additionally provides a kind of controller, the control Device processed comprises at least memory 801, transmitter 802 and passes through bus 803 and memory 801.The processor that transmitter 802 connects 804。
The memory 801 is used to store one group of second programmed instruction;
The user of processor 804 calls the second programmed instruction of the memory storage, performs following operation:
The transmitter 802 is triggered to be connected to interchanger transmission Failure Control information by the control with interchanger, Wherein, the Failure Control information is used to trigger the interchanger when detecting the control Joint failure, by treating in flow table Processing stream rule is handled, and is allowed to not matched with the data received.
Each embodiment is described by the way of progressive in this specification, what each embodiment stressed be and other The difference of embodiment, between each embodiment identical similar portion mutually referring to.For device disclosed in embodiment For, because it is corresponded to the method disclosed in Example, so description is fairly simple, related part is said referring to method part It is bright.
Finally, it is to be noted that, herein, such as first and second or the like relational terms be used merely to by One entity or operation make a distinction with another entity or operation, and not necessarily require or imply these entities or operation Between any this actual relation or order be present.Moreover, term " comprising ", "comprising" or its any other variant meaning Covering including for nonexcludability, so that process, method, article or equipment including a series of elements not only include that A little key elements, but also the other element including being not expressly set out, or also include for this process, method, article or The intrinsic key element of equipment.In the absence of more restrictions, the key element limited by sentence " including one ... ", not Other identical element in the process including the key element, method, article or equipment also be present in exclusion.
For convenience of description, it is divided into various units during description apparatus above with function to describe respectively.Certainly, this is being implemented The function of each unit can be realized in same or multiple softwares and/or hardware during application.
As seen through the above description of the embodiments, those skilled in the art can be understood that the application can Realized by the mode of software plus required general hardware platform.Based on such understanding, the technical scheme essence of the application On the part that is contributed in other words to prior art can be embodied in the form of software product, the computer software product It can be stored in storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions are causing a computer equipment (Can be personal computer, server, or network equipment etc.)Perform some of each embodiment of the application or embodiment Method described in part.
The foregoing description of the disclosed embodiments, professional and technical personnel in the field are enable to realize or using the application. A variety of modifications to these embodiments will be apparent for those skilled in the art, as defined herein General Principle can be realized in other embodiments in the case where not departing from spirit herein or scope.Therefore, the application The embodiments shown herein is not intended to be limited to, and is to fit to and principles disclosed herein and features of novelty phase one The most wide scope caused.

Claims (16)

  1. A kind of 1. flow table control method, it is characterised in that including:
    The control connection status of interchanger detection and control device;
    When detecting the control Joint failure, the interchanger is handled the pending stream rule in flow table so that The pending stream rule is not matched with the data received;
    The pending stream rule by flow table is handled so that the pending stream rule is not entered with the data received Row matching includes:
    Since the control Joint failure moment, by the default first Failure Control time, if not receiving in flow table The data of pending stream rule match, or pass through the default second Failure Control time, the pending stream rule is carried out Processing so that the pending stream rule is not matched with the data received.
  2. 2. according to the method for claim 1, it is characterised in that the pending stream rule by flow table is handled, So that the pending stream rule does not carry out matching with the data received and included:
    Delete the pending stream rule so that the pending stream rule is not matched with the data received.
  3. 3. according to the method for claim 1, it is characterised in that the pending stream rule by flow table is handled, So that after the pending stream rule is not matched with the data received, methods described also includes:
    When detecting that the control connection recovers, the pending stream rule is handled so that the pending stream rule Recover to be matched with the data received.
  4. 4. according to the method described in any one of claims 1 to 3, it is characterised in that the pending stream rule by flow table Handled so that the pending stream rule does not carry out matching with the data received to be included:
    The Failure Control information sent according to the controller, the pending stream rule in the flow table is handled so that The pending stream rule is not matched with the data received.
  5. 5. according to the method for claim 4, it is characterised in that the Failure Control information includes first Failure Control Time and the time parameter values of the second Failure Control time.
  6. 6. according to the method for claim 4, it is characterised in that the institute that the Failure Control information sends for the controller State what is carried in the installation message of pending stream rule.
  7. 7. according to the method for claim 4, it is characterised in that the pending stream rule is whole streams in the flow table Rule at least partly flows rule, and the Failure Control information is configured in message for the flow table that the controller is sent and carried 's.
  8. A kind of 8. flow table control method, it is characterised in that including:
    Controller is connected to the interchanger by the control with interchanger and sends Failure Control information, the Failure Control information For triggering the interchanger when detecting the control Joint failure, the pending stream rule in flow table is handled, So that the pending stream rule is not matched with the data received;
    When the Failure Control information detects the control Joint failure specifically for triggering the interchanger, from the control The Joint failure moment, by the default first Failure Control time, if not receiving the pending stream rule match Data, or pass through the default second Failure Control time, the pending stream rule is handled so that described pending Stream rule is not matched with the data received.
  9. 9. according to the method for claim 8, it is characterised in that the Failure Control information is specifically used for triggering the exchange When machine examination measures the control Joint failure, by the pending stream redundant rule elimination in flow table.
  10. A kind of 10. flow table control device, it is characterised in that including:
    Detection unit, for detecting the control connection status of interchanger and controller;
    Processing unit, for when the detection unit detects the control Joint failure, the pending stream in flow table to be advised Then handled so that the pending stream rule is not matched with the data received;
    The processing unit is specifically used for since the control Joint failure moment, during by default first Failure Control Between, if not receiving the data of pending stream rule match in flow table, or pass through the default second Failure Control time, by institute State pending stream rule to be handled so that the pending stream rule is not matched with the data received.
  11. 11. device according to claim 10, it is characterised in that the processing unit is regular by the pending stream in flow table Handled and specifically delete the pending stream rule.
  12. 12. device according to claim 10, it is characterised in that also include:
    Recovery unit, for detect it is described control connection recover when, by it is described it is pending stream rule handled so that it is described Pending stream rule is recovered to be matched with the data received.
  13. 13. according to the device described in any one of claim 10~12, it is characterised in that the processing unit be specifically used for according to The Failure Control information that the controller is sent, the pending stream rule in flow table is handled so that the pending stream Rule is not matched with the data received.
  14. A kind of 14. flow table control device, it is characterised in that including:
    Transmitting element, Failure Control information, the failure are sent for being connected by the control with interchanger to the interchanger When control information detects the control Joint failure for triggering the interchanger, the pending stream rule in flow table is carried out Processing so that the pending stream rule is not matched with the data received;
    When the Failure Control information detects the control Joint failure specifically for triggering the interchanger, from the control The Joint failure moment, by the default first Failure Control time, if not receiving the pending stream rule match Data, or pass through the default second Failure Control time, the pending stream rule is handled so that described pending Stream rule is not matched with the data received.
  15. A kind of 15. interchanger, it is characterised in that the processing being connected including at least memory and by bus with the memory Device;
    The memory is used to store one group of first programmed instruction;
    The processor calls the first programmed instruction of the memory storage to perform following operation:
    The control connection status of detection and control device;When detecting the control Joint failure, by the pending stream in flow table Rule is handled so that the pending stream rule is not matched with the data received;
    The pending stream rule by flow table is handled so that the pending stream rule is not entered with the data received Row matching includes:
    Since the control Joint failure moment, by the default first Failure Control time, if not receiving in flow table The data of pending stream rule match, or pass through the default second Failure Control time, the pending stream rule is carried out Processing so that the pending stream rule is not matched with the data received.
  16. 16. a kind of controller, it is characterised in that including at least memory, transmitter and pass through bus and the memory and institute State the processor of transmitter connection;
    The memory is used to store one group of second programmed instruction;
    The processor calls the second programmed instruction of the memory storage to perform following operation:
    The transmitter is triggered to be connected to interchanger transmission Failure Control information by the control with interchanger, wherein, institute State Failure Control information be used for trigger the interchanger detect it is described control Joint failure when, by flow table pending stream advise Then handled so that the pending stream rule is not matched with the data received;
    The pending stream rule by flow table is handled so that the pending stream rule is not entered with the data received Row matching includes:
    Since the control Joint failure moment, by the default first Failure Control time, if not receiving in flow table The data of pending stream rule match, or pass through the default second Failure Control time, the pending stream rule is carried out Processing so that the pending stream rule is not matched with the data received.
CN201380001421.XA 2013-08-30 2013-08-30 Flow table control method, device, interchanger and controller Active CN104604194B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2013/082704 WO2015027477A1 (en) 2013-08-30 2013-08-30 Flow table control method, apparatus, switch and controller

Publications (2)

Publication Number Publication Date
CN104604194A CN104604194A (en) 2015-05-06
CN104604194B true CN104604194B (en) 2018-02-23

Family

ID=52585431

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201380001421.XA Active CN104604194B (en) 2013-08-30 2013-08-30 Flow table control method, device, interchanger and controller

Country Status (2)

Country Link
CN (1) CN104604194B (en)
WO (1) WO2015027477A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106302265B (en) * 2016-07-21 2019-08-06 新华三技术有限公司 Message forwarding method and device
CN108011815B (en) * 2016-10-28 2020-12-01 中国电信股份有限公司 Network control method and software defined network device and system
CN115348153B (en) * 2022-08-15 2023-07-18 中国联合网络通信集团有限公司 Control method, device, equipment and storage medium of forwarding equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7412557B2 (en) * 2000-12-22 2008-08-12 Cisco Technology, Inc. Apparatus and method for preventing loops in a computer network
CN102685006A (en) * 2012-05-03 2012-09-19 中兴通讯股份有限公司 Method and device for forwarding data messages
CN102859952A (en) * 2010-04-19 2013-01-02 日本电气株式会社 Switch, and flow table control method
CN102946365A (en) * 2012-11-09 2013-02-27 清华大学 Flow table updating consistency maintaining method based on software defined network
CN102946325A (en) * 2012-11-14 2013-02-27 中兴通讯股份有限公司 Network diagnosis method, system and equipment based on software defined network

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004173136A (en) * 2002-11-22 2004-06-17 Fujitsu Ltd Network management device
EP1503548A1 (en) * 2003-08-01 2005-02-02 fg microtec GmbH Distributed Quality of Service Management System
US20080120286A1 (en) * 2006-11-22 2008-05-22 Dettinger Richard D Method and system for performing a clean operation on a query result

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7412557B2 (en) * 2000-12-22 2008-08-12 Cisco Technology, Inc. Apparatus and method for preventing loops in a computer network
CN102859952A (en) * 2010-04-19 2013-01-02 日本电气株式会社 Switch, and flow table control method
CN102685006A (en) * 2012-05-03 2012-09-19 中兴通讯股份有限公司 Method and device for forwarding data messages
CN102946365A (en) * 2012-11-09 2013-02-27 清华大学 Flow table updating consistency maintaining method based on software defined network
CN102946325A (en) * 2012-11-14 2013-02-27 中兴通讯股份有限公司 Network diagnosis method, system and equipment based on software defined network

Also Published As

Publication number Publication date
CN104604194A (en) 2015-05-06
WO2015027477A1 (en) 2015-03-05

Similar Documents

Publication Publication Date Title
CN103609070B (en) Network flow detection method, system, equipment and controller
CN104604194B (en) Flow table control method, device, interchanger and controller
CN103051557A (en) Data stream processing method and system, controller and switching equipment
CN108092934A (en) Safety service system and method
CN108881158A (en) Data interaction system and method
CN104065731A (en) FTP file transfer system and transfer method
US10050859B2 (en) Apparatus for processing network packet using service function chaining and method for controlling the same
CN104506548B (en) A kind of data packet redirection device, secure virtual machine guard method and system
CN104202322B (en) A kind of OpenFlow interchanger message method for safety monitoring based on OpenFlow agreements
CN103780663B (en) A kind of method for remote management of terminal peripheral hardware, device and system
CN103051605A (en) Data packet processing method, device and system
CN108933744A (en) A kind of message forwarding method and device
CN104283716B (en) Data transmission method, equipment and system
CN104580346B (en) Data transmission method and device
CN206878844U (en) Communication processing apparatus and communication system
CN105429946A (en) System and method of preventing forging IP address based on SDN virtual switch
CN103023741B (en) VPN equipment obstacle management method
CN108173810A (en) A kind of method and device of transmitting network data
CN104243319B (en) The method and device that a kind of neighbours have found
CN106972953A (en) Communication processing method and device
JP2016500969A5 (en)
CN109962821A (en) Connection relationship detection method and device
CN105407095B (en) Secure communication device and its communication means between heterogeneous networks
CN105227462B (en) A kind of method and apparatus for being used to update OpenFlow flow table
CN104486031B (en) The long data transmission method of intelligent electric meter

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant