CN105335307B - A kind of loading method and device of acl rule - Google Patents

A kind of loading method and device of acl rule Download PDF

Info

Publication number
CN105335307B
CN105335307B CN201410397626.0A CN201410397626A CN105335307B CN 105335307 B CN105335307 B CN 105335307B CN 201410397626 A CN201410397626 A CN 201410397626A CN 105335307 B CN105335307 B CN 105335307B
Authority
CN
China
Prior art keywords
storage
basic unit
acl rule
loaded
priority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201410397626.0A
Other languages
Chinese (zh)
Other versions
CN105335307A (en
Inventor
于兴兴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Rongzhi Industry Guidance Fund Co ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201410397626.0A priority Critical patent/CN105335307B/en
Publication of CN105335307A publication Critical patent/CN105335307A/en
Application granted granted Critical
Publication of CN105335307B publication Critical patent/CN105335307B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of loading method of acl rule and device, to solve acl rule loading procedure existing in the prior art since the resettlement of bulk redundancy operates, the relatively low problem of loading efficiency, this method is caused to be:Reception includes the data load requests of the number of acl rule to be loaded, and determination can loading range in the storage medium for storing acl rule;When the number of the basic unit of storage that can include in loading range is less than the number of the acl rule to be loaded, move acl rule stored in the storage medium, using the idle basic unit of storage obtained after resettlement as the basic unit of storage of extension be added to it is described can loading range, until the number for being added to the basic unit of storage that can include in loading range of the basic unit of storage of extension is greater than or equal to the number of the acl rule to be loaded, by acl rule to be loaded be loaded onto successively in the storage medium can be in loading range.

Description

A kind of loading method and device of acl rule
Technical field
The present invention relates to the communications field more particularly to the loading methods and device of a kind of acl rule.
Background technology
Accesses control list (English:Access Control List, abbreviation:ACL) it is router and exchange interface Instruction list is used for the data packet of control port disengaging, wherein ACL is made of several acl rules.Due to acl feature It is powerful with it is flexible, and pass through three-state content addressing memory (English:Ternary Content Addressable Memory, abbreviation:TCAM) storing the acl rule in ACL can ensure to search the high efficiency of acl rule, therefore, more and more Business begin to use ACL.In more typical " policybased routing class " application, such as by specific Internet protocol (English: Internet Protocol, abbreviation:IP message redirecting) to a certain next-hop, by multi-link transparent interconnection (English: Transparent Interconnection of Lots of Links, abbreviation:TRILL) multicast message is redirected to a certain The characteristics of multicast group etc., this kind of ACL application is:When the number larger (generally having 5K~10K items) of the acl rule in ACL, load It is identical with the priority of the acl rule of batch.
The TCAM of storage acl rule is integrated in application-specific integrated circuit (English:Application Specific Integrated Circuit, abbreviation:ASIC on).And TCAM can logically be divided into several pieces, each piece is known as TCAM Bank, wherein each TCAM Bank can store the acl rule that 1K width is 160bit.Since every acl rule all has The high acl rule of priority is stored in TCAM by corresponding priority generally when storing acl rule to TCAM Bank At Bank low address.
As shown in fig.1, including that several basic units of storage are used to store different ACL in each TCAM Bank Rule, and a basic unit of storage can store an acl rule.ASIC by Location (Bank_ID, Entry) only A basic unit of storage in one mark TCAM Bank, wherein Location is the position of storage unit, and Bank_ID is The mark of TCAM Bank, Entry are the mark of the basic unit of storage in the TCAM Bank.
Since when storing acl rule to TCAM Bank, it is low that the high acl rule of priority is stored in TCAM Bank At address, and ASIC is by a basic unit of storage in Location unique mark TCAM Bank, therefore, using TCAM The equipment of Bank storage acl rules is both provided with internal priority chained list, the priority for safeguarding acl rule and Location Mapping relations.
Refering to fig. 1, by acl rule load (English to be loaded:Install) to before TCAM Bank, basis is first had to The priority of acl rule to be loaded and the priority of acl rule of internal priority linked list maintenance and reflecting for Location Relationship is penetrated, determination can loading range:According to the priority (P) of acl rule to be loaded, traversed from low priority to high priority First priority in TCAM Bank is not less than the priority (P- of acl rule to be loaded by preset internal priority chained list High basic unit of storage) is advised as position 1, by the last one priority in the TCAM Bank no more than ACL to be loaded The basic unit of storage of priority (P-Low) then is as position 2;Basic unit of storage between position 1 and position 2 is used as can Loading range.Wherein, can in loading range there are three types of situation, first, can not there is no basic unit of storage in loading range;Second, It can only there are one the basic units of storage being in idle condition in loading range;Third can have at least two in loading range Set the basic unit of storage being continuously in idle condition.
Currently, as shown in fig.2, acl rule be loaded onto in TCAM Bank can the process of loading range be:Assuming that working as Preceding acl rule to be loaded is 6, first, first acl rule P1 in acl rule to be loaded is loaded onto and can be loaded The centre position of range, then centre position between first acl rule and position 1 load Article 2 acl rule P2, then Centre position between Article 2 acl rule P2 and position 1 loads Article 3 acl rule P3, determines the acl rule after load After there is no basic unit of storage between position 1, then inquire distance and position 1 it is nearest and what is be in idle condition deposit substantially Storage unit, and the acl rule between position 1 and the basic unit of storage being in idle condition is moved one by one in sequence, So that after vacating the basic unit of storage adjacent with position 1 after resettlement, Article 4 acl rule P4 is loaded onto this and is stored substantially In unit, according to this rule, continue to load subsequent acl rule to be loaded, until all acl rules to be loaded are complete Portion loads.
When that can not there is no basic unit of storage in loading range, similarly, the place for also needing one distance and position 1 of inquiry nearest In the basic unit of storage of idle state, by the acl rule between the basic unit of storage being in idle condition and position 1 by It is a to be moved, so that acl rule to be loaded is all loaded.
Therefore, since not idle is deposited substantially when non-the last item acl rule in acl rule to be loaded loads Storage unit and need in the case of carrying out resettlement operation, subsequent each it is to be loaded acl rule load when, be required to carry out Resettlement operation, it is clear that there are the resettlements of a large amount of redundancy to operate for existing acl rule loading procedure, reduces the load of acl rule Efficiency.
Invention content
The present invention provides a kind of loading method and device of acl rule, to solve acl rule existing in the prior art The problem of loading procedure operates there are bulk redundancy resettlement, reduces the loading efficiency of acl rule.
Specific technical solution provided by the invention is as follows:
In a first aspect, a kind of loading method of access control list ACL rule, including:Data load requests are received, it is described Data load requests include the number of acl rule to be loaded;According to the data load requests for storing acl rule Determination can loading range in storage medium;When the number for the basic unit of storage that can include in loading range described in determination is less than institute When stating the number of acl rule to be loaded, acl rule stored in the storage medium is moved, by what is obtained after resettlement Idle basic unit of storage as the basic unit of storage of extension be added to it is described can loading range, until being added to the base of extension The number of the basic unit of storage that can include in loading range of this storage unit is greater than or equal to the acl rule to be loaded Number;The acl rule to be loaded that the data load requests indicate is loaded onto to the basic storage list for being added to extension successively The basic unit of storage that can be in loading range of member.
With reference to first aspect, in the first possible implementation, the storage medium stores for three-state content addressing Device block TCAM Bank.
The possible realization method of with reference to first aspect the first, in second of possible realization method, according to described Data load requests in the storage medium for storing acl rule determination can loading range, including by the data load ask Ask basic unit of storage in specified TCAM Bank as can loading range;Or according to the data load requests, Determine the priority of the rule of ACL to be loaded;According to the priority of the acl rule to be loaded, according to from low priority To high priority the mapping relations for being familiar with priority and basic unit of storage location information that traversal includes acl rule it is preferential Grade chained list, the basic storage by first priority in the TCAM Bank not less than the priority of the acl rule to be loaded Unit is excellent no more than the acl rule to be loaded by the last one priority in the TCAM Bank as upper bound position The basic unit of storage of first grade is as lower bound position;By the basic unit of storage between the upper bound position and the lower bound position As can loading range.
With reference to first aspect the first or second of possible realization method, in the third likely realization method In, move acl rule stored in the storage medium, include by with it is described can adjacent specified of loading range deposit substantially Storage unit is as the first basic unit of storage;Filtered out in the TCAM Bank except it is described can distance institute in addition to loading range State the second basic unit of storage that the first basic unit of storage is nearest and is in idle condition;Move described second filtered out Stored acl rule in basic unit of storage between basic unit of storage and first basic unit of storage.
With reference to first aspect or a kind of possible realization method of any of the above will in the 4th kind of possible realization method The acl rule to be loaded of the data load requests instruction is loaded onto the basic unit of storage for being added to extension successively Basic unit of storage that can be in loading range includes being loaded onto first acl rule to be loaded described to be added to extension The first basic unit of storage of the designated position that can be in loading range of basic unit of storage;It is successively that remaining each is to be loaded Acl rule be loaded onto the basic unit of storage for being added to extension can first basic storage described in distance in loading range In the nearest basic unit of storage of unit.
Second aspect, a kind of loading device of access control list ACL rule, including receiving unit, for receiving data Load request, the data load requests include the number of acl rule to be loaded;Determination unit, for according to the data Determination can loading range in the storage medium for storing acl rule for load request;Processing unit, can described in determination for working as When the number for the basic unit of storage for including in loading range is less than the number of the acl rule to be loaded, deposited described in resettlement Stored acl rule in storage media, it is single using the idle basic unit of storage obtained after resettlement as the basic storage of extension Member be added to it is described can loading range, until be added to the basic unit of storage of extension can include in loading range deposit substantially The number of storage unit is greater than or equal to the number of the acl rule to be loaded;The data load requests are indicated to be added The acl rule of load is loaded onto the basic unit of storage that can be in loading range for the basic unit of storage for being added to extension successively.
In conjunction with second aspect, in the first possible implementation, the storage medium stores for three-state content addressing Device block TCAM Bank.
In conjunction with the first possible realization method of second aspect, in second of possible realization method, the determination Unit, specifically for the basic unit of storage in the TCAM Bank that specify the data load requests as can load Range;Or according to the data load requests, determine the priority of the rule of ACL to be loaded;According to described to be loaded The priority of acl rule includes the priority of acl rule according to the order traversal from low priority to high priority and is deposited substantially The priority chained list of the mapping relations of storage unit location information waits for first priority in the TCAM Bank not less than described The basic unit of storage of the priority of the acl rule of load is preferential by the last one in the TCAM Bank as upper bound position Grade is not more than the basic unit of storage of the priority of the acl rule to be loaded as lower bound position;By the upper bound position Basic unit of storage between the lower bound position is used as can loading range.
In conjunction with the first or second of possible realization method of second aspect, in the third likely realization method In, when the processing unit moves acl rule stored in the storage medium, specifically for model will be loaded with described Adjacent specified basic unit of storage is enclosed as the first basic unit of storage;Being filtered out in the TCAM Bank can except described in The first basic unit of storage described in distance is nearest except loading range and the second basic unit of storage that be in idle condition;It removes It moves and has been deposited in the basic unit of storage between second basic unit of storage filtered out and first basic unit of storage The acl rule of storage.
In conjunction with a kind of possible realization method of second aspect or any of the above, in the 4th kind of possible realization method, institute It states processing unit and is loaded onto successively in the acl rule to be loaded for indicating the data load requests and described be added to extension When the basic unit of storage that can be in loading range of basic unit of storage, including:First acl rule to be loaded is loaded onto The first basic unit of storage of the designated position that can be in loading range of the basic unit of storage for being added to extension;Successively will What remaining each acl rule to be loaded was loaded onto the basic unit of storage for being added to extension can distance in loading range In the nearest basic unit of storage of the first basic unit of storage.
Using technical solution of the present invention, by receiving the data load requests for the number for including acl rule to be loaded, really Surely can loading range, the number of basic unit of storage that can be in loading range in determination is less than the number of acl rule to be loaded When, acl rule stored in storage medium is moved, using the idle basic unit of storage obtained after resettlement as the base of extension This storage unit be added to can loading range, until being added to the base that can include in loading range of the basic unit of storage of extension The number of this storage unit be greater than or equal to acl rule to be loaded number, then by data load requests instruction it is to be loaded Acl rule be loaded onto the basic unit of storage that can be in loading range of the basic unit of storage for being added to extension, this hair successively Bright judgement unified before being loaded with a batch of acl rule, and batch is carried out to acl rule stored in storage medium and is removed Shifting is handled, and ensure that during acl rule to be loaded is stored to basic unit of storage has enough spaces to be stored, It will not be required to judge whether to need to move stored acl rule when loading every acl rule, improve Acl rule load efficiency, so that the time interval that business comes into force is shortened, improve the performance of ACL loading modes, and avoid because It loads acl rule and occupies CPU for a long time, and then improve the utilization rate of CPU.
Description of the drawings
Fig. 1 is the schematic diagram that the TCAM Bank that the prior art provides store acl rule;
Fig. 2 be the acl rule that provides of the prior art be loaded onto in TCAM Bank can loading range process schematic;
Fig. 3 is a kind of particular flow sheet of the loading method of acl rule provided in an embodiment of the present invention;
Fig. 4 be the determination provided in an embodiment of the present invention in TCAM Bank can loading range schematic diagram;
Fig. 5 is a kind of load embodiment schematic diagram of acl rule provided in an embodiment of the present invention;
Fig. 6 is a kind of structural schematic diagram of the loading device of acl rule provided in an embodiment of the present invention;
Fig. 7 is the entity structure diagram of the loading device of another acl rule provided in an embodiment of the present invention.
Specific implementation mode
Using technical solution of the embodiment of the present invention, acl rule existing in the prior art can be effectively prevented from and loaded The problem of journey operates there are bulk redundancy resettlement, causes to reduce the loading efficiency of acl rule.
An embodiment of the present invention provides a kind of loading methods of acl rule, are suitable for the various applications such as router, interchanger The equipment of acl feature, is below in conjunction with the accompanying drawings described in detail the preferred embodiment of the present invention.
As shown in fig.3, a kind of specific process flow packet of the loading method of acl rule provided in an embodiment of the present invention It includes:
Step 301:Data load requests are received, which includes the number of acl rule to be loaded.
It is sent specifically, data load requests can be the miscellaneous equipment being connected with the equipment of application acl feature, or Setting instruction etc. from user to the equipment of application acl feature, wherein preferred, which includes not only waiting for The number of the acl rule of load, further includes the priority of acl rule to be loaded or specified basic unit of storage address etc., And load mode flag F lag.
Data load requests can also further indicate acl rule to be loaded, and specifically, data load requests can lead to It crosses following manner and indicates acl rule to be loaded:Acl rule to be loaded is carried in data load requests, alternatively, carrying The mark of acl rule to be loaded waits for alternatively, carrying and being stored in specified storage region or specified file for determination The information of acl rule is loaded, or specifies the acl rule to be loaded, etc. of a certain priority.
Preferably, in embodiments of the present invention, when indicating load mode label with shaping variable the highest-order bit, the bit Position 1 indicates that the acl rule to be loaded of present lot is unordered load, i.e., to be loaded indicated by data load requests Acl rule is equal priority.
Step 302:According to the data load requests, determination can load model in the storage medium for storing acl rule It encloses.
Wherein, it is described can loading range refer to that can be used for loading acl rule for storing in the storage medium of acl rule Space, it is described for store acl rule storage medium can with but be not limited to include TCAM Bank.In the present embodiment, According to data load requests in TCAM Bank determination can loading range when, can be, but not limited to include following two modes:
The first:Using the basic unit of storage in the TCAM Bank specified in data load requests as can loading range;
Second:According to data load requests, the priority of the rule of ACL to be loaded is determined;It is to be loaded according to this The priority of acl rule includes the priority of acl rule according to the order traversal from low priority to high priority and is deposited substantially The priority chained list of the mapping relations of storage unit location information, first priority in TCAM Bank is to be loaded not less than this For the basic unit of storage of the priority of acl rule as upper bound position, the last one priority in TCAM Bank is not more than should The basic unit of storage of the priority of acl rule to be loaded is as lower bound position;It will be between upper bound position and lower bound position Basic unit of storage as can loading range, shown in Fig. 4.
Priority chained list includes the mapping relations of the basic unit of storage position in acl rule priority and TCAM Bank, I.e. according to the priority of acl rule and the priority chained list, you can determine all acl rules for belonging to the priority Location (Bank_ID, Entry).When storing acl rule due to TCAM Bank, stored according to the sequence of priority , and due to it is determining can loading range be basic unit of storage between upper bound position and lower bound position, accordingly, it is determined that Can in loading range there are three types of situation, first, can not there is no basic unit of storage in loading range;Second, it can be in loading range Only there are one the basic units of storage being in idle condition;Third can have at least two positions to be continuously in loading range The basic unit of storage of idle state.
Priority chained list includes the mapping relations of the basic unit of storage position in acl rule priority and TCAM Bank, And it is to be stored according to the sequence of priority, for example, the TCAM of Bank_ID=00 when TCAM Bank storage acl rules Have 10 basic units of storage in Bank, the 1st be address minimum (address 0) basic unit of storage, the 10th is address Three basic units of storage storage priority that the basic unit of storage of highest (address 9), wherein address are 9,8,7 is 1 Three acl rules, and four acl rules that four basic units of storage storage priority that address is 3,2,1,0 is 3, it is remaining It is the basic unit of storage of free time, then corresponding priority chained list is:... the basic storage that acl rule priority is 1 is single First position=[Location (00,9), Location (00,8), Location (00,7)], acl rule priority be 3 it is basic Storage unit position=[Location (00,3), Location (00,2), Location (00,1), Location (00, 0)]……}。
For example, as shown in fig.4, the priority of current acl rule to be loaded is P, due to the high acl rule of priority Be stored at TCAM Bank low address (i.e. the tops TCAM Bank), therefore, search can loading range when, according to priority from The preset priority chained list of order traversal of low to high (or the addresses TCAM Bank are from high to low), can look in TCAM Bank To two positions --- upper bound position and lower bound position, wherein upper bound position is the acl rule that first priority is not less than P Occupied basic unit of storage, lower bound position are the occupied basic storage of acl rule that the last one priority is not more than P Unit, the basic unit of storage composition between upper bound position and lower bound position can loading range.
Step 303:When the number of the basic unit of storage that can include in loading range is less than acl rule to be loaded Number when, stored acl rule in storage medium is moved, using the idle basic unit of storage obtained after resettlement as expansion The basic unit of storage of exhibition be added to it is described can loading range, until be added to the basic unit of storage of extension can loading range In include basic unit of storage number be greater than or equal to acl rule to be loaded number;Data load requests are indicated Acl rule to be loaded be loaded onto successively the basic unit of storage for being added to extension basic storage that can be in loading range it is single Member.
In the another embodiment of the present embodiment, when the number for the basic unit of storage that can include in loading range is big In or equal to acl rule to be loaded number when, directly by data load requests instruction acl rule to be loaded successively under It is sent to the basic unit of storage that this can be in loading range.
Specifically, acl rule stored in resettlement storage medium, may include:By with can loading range it is adjacent Specified basic unit of storage is as the first basic unit of storage;Filtered out in TCAM Bank except this can loading range external distance The second basic unit of storage that is nearest and being in idle condition from first basic unit of storage;Move the second basic storage Stored acl rule in basic unit of storage between unit and first basic unit of storage.Wherein, described first is basic Storage unit can be with it is determining can the adjacent upper bound position or lower bound position of loading range, in the present embodiment, by the upper bound Position is as first basic unit of storage.
Preferably, in moving process, the front and back storage order of stored acl rule can not be changed.
Refering to the diagram for moving processing in Fig. 5, determine that the number of the acl rule to be loaded of this batch is 6, and to be loaded The priority of acl rule be P, and after step 302, what is determined the number of basic unit of storage can be less than in loading range The number of acl rule to be loaded, i.e., without can loading range or can insufficient space in loading range, in this way, it is first determined preferential Grade is that the highest basic unit of storage of P-High and address (upper bound position i.e. indicated by arrow) is single as the first basic storage Member, filtered out in TCAM Bank except this can in addition to loading range distance first basic unit of storage it is nearest and in sky Second basic unit of storage of not busy state;Then it moves second basic unit of storage filtered out and the first basic storage is single Stored acl rule in basic unit of storage between member, the idle basic unit of storage obtained after resettlement is handled as The basic unit of storage of extension be added to can loading range, until be added to the basic unit of storage of extension can be in loading range Including basic unit of storage number be greater than or equal to acl rule to be loaded number when stop moving again, in Figure 5, After the acl rule that priority is P-Low is moved 4 times, the acl rule which is P-Low is migrated into TCAM Bank After penultimate basic unit of storage, after current extensions can basic unit of storage number be 6 in loading range, will have enough Space carry out this batch acl rule load.
Preferably, the acl rule to be loaded that data load requests indicate directly is loaded onto successively and is added to extension Basic unit of storage can loading range, may include:First acl rule to be loaded is loaded onto to the base for being added to extension The first basic unit of storage of the designated position that can be in loading range of this storage unit;Then successively that remaining each is to be added What the acl rule of load was loaded onto the basic unit of storage for being added to extension can the first basic unit of storage of distance be most in loading range In close basic unit of storage.
Wherein, in actual scene, can using can in loading range the minimum basic unit of storage in address as first base This storage unit, or using the highest basic unit of storage in address as first basic unit of storage, still by taking Fig. 5 as an example, at this In embodiment, using the minimum basic unit of storage in address as first basic unit of storage, then according to address from low to high according to The secondary acl rule that each is to be loaded is loaded onto basic unit of storage, this way it is ensured that being stored in acl rule to be loaded To there are enough spaces to be stored during basic unit of storage, ACL rule need not be moved in acl rule loading procedure Then.
Based on above-described embodiment, as shown in fig.6, the embodiment of the present invention additionally provides a kind of loading device of acl rule, The device includes:Receiving unit 601, determination unit 602, processing unit 603, wherein
Receiving unit 601, for receiving data load requests, which includes acl rule to be loaded Number;
Determination unit 602, for determination can in the storage medium for storing acl rule according to the data load requests Loading range;
Processing unit 603, for when the number of the basic unit of storage that can include in loading range be less than it is to be loaded When the number of acl rule, acl rule stored in storage medium is moved, the free time obtained after resettlement is handled deposits substantially Storage unit as extension basic unit of storage be added to can loading range, until be added to extension basic unit of storage can The number for the basic unit of storage for including in loading range is greater than or equal to the number of acl rule to be loaded;
The acl rule to be loaded that data load requests indicate is loaded onto to the basic unit of storage for being added to extension successively Basic unit of storage that can be in loading range.
Preferably, storage medium is TCAM Bank.
Determination unit 602, is specifically used for:
Basic unit of storage in the TCAM Bank that data load requests are specified is as can loading range;Or
According to data load requests, the priority of the rule of ACL to be loaded is determined;According to acl rule to be loaded Priority includes priority and the basic unit of storage position of acl rule according to the order traversal from low priority to high priority The priority chained list of the mapping relations of confidence breath, first priority in TCAM Bank is excellent not less than acl rule to be loaded The basic unit of storage of first grade is advised as upper bound position, by the last one priority in TCAM Bank no more than ACL to be loaded The basic unit of storage of priority then is as lower bound position;Basic unit of storage between upper bound position and lower bound position is made For can loading range.
When processing unit 603 moves acl rule stored in storage medium, it is specifically used for:
Using with can the adjacent specified basic unit of storage of loading range as the first basic unit of storage;
Filtered out in TCAM Bank except can in addition to loading range the first basic unit of storage of distance it is nearest and in sky Second basic unit of storage of not busy state;
It moves in the basic unit of storage between the second basic unit of storage and the first basic unit of storage filtered out The acl rule of storage.
Processing unit 603 is loaded onto in the acl rule to be loaded for indicating data load requests and is added to extension successively Basic unit of storage basic unit of storage that can be in loading range when, including:
What first acl rule to be loaded be loaded onto to the basic unit of storage for being added to extension can be in loading range The first basic unit of storage of designated position;
Remaining each acl rule to be loaded is loaded onto to loading for the basic unit of storage for being added to extension successively In range in the nearest basic unit of storage of the first basic unit of storage of distance.
Based on above-described embodiment, as shown in fig.7, the embodiment of the present invention additionally provides a kind of loading device of acl rule, The device includes:Transceiver 701 and processor 702, wherein
Transceiver 701, for receiving data load requests, the data load requests include acl rule to be loaded Number;
Processor 702, for determination can in the storage medium for storing acl rule according to the data load requests Loading range;When the number of the basic unit of storage that can include in loading range is less than the acl rule to be loaded When number, move acl rule stored in the storage medium, using the idle basic unit of storage obtained after resettlement as The basic unit of storage of extension be added to it is described can loading range, until be added to the basic unit of storage of extension loads model The number for the basic unit of storage for including in enclosing is greater than or equal to the number of the acl rule to be loaded;The data are added What the acl rule to be loaded for carrying request instruction was loaded onto the basic unit of storage for being added to extension successively can be in loading range Basic unit of storage.
Preferably, the storage medium is three-state content addressing memory block TCAM Bank.
Processor 702 is according to the data load requests, determination can add in the storage medium for storing acl rule When carrying range, it is specifically used for:
Basic unit of storage in the TCAM Bank that the data load requests are specified is as can loading range; Or
According to the data load requests, the priority of the rule of ACL to be loaded is determined;According to described to be loaded The priority of acl rule includes the priority of acl rule according to the order traversal from low priority to high priority and is deposited substantially The priority chained list of the mapping relations of storage unit location information waits for first priority in the TCAM Bank not less than described The basic unit of storage of the priority of the acl rule of load is preferential by the last one in the TCAM Bank as upper bound position Grade is not more than the basic unit of storage of the priority of the acl rule to be loaded as lower bound position;By the upper bound position Basic unit of storage between the lower bound position is used as can loading range.
Processor 702 is specifically used for when moving acl rule stored in the storage medium:
Using with it is described can the adjacent specified basic unit of storage of loading range as the first basic unit of storage;
Filtered out in the TCAM Bank except it is described can the first basic unit of storage described in distance be most in addition to loading range The second basic unit of storage that is close and being in idle condition;
Move the basic storage between second basic unit of storage filtered out and first basic unit of storage Stored acl rule in unit.
Processor 702 is loaded onto the addition successively in the acl rule to be loaded for indicating the data load requests When the basic unit of storage that can be in loading range of the basic unit of storage of extension, it is specifically used for:
By first acl rule to be loaded be loaded onto the basic unit of storage for being added to extension can loading range In designated position first basic unit of storage;
Successively by remaining each acl rule to be loaded be loaded onto the basic unit of storage for being added to extension can In loading range in the nearest basic unit of storage of first basic unit of storage described in distance.
In conclusion the loading method and device of a kind of acl rule provided in through the embodiment of the present invention, this method is logical Cross the data load requests for receiving the number for including acl rule to be loaded, determination can loading range, can be in loading range When the number of basic unit of storage is less than the number of acl rule to be loaded, ACL rule stored in storage medium are moved Then, using the idle basic unit of storage obtained after resettlement as extension basic unit of storage be added to can loading range, until Be added to the basic unit of storage that can include in loading range of the basic unit of storage of extension number be greater than or equal to it is to be added The acl rule to be loaded that data load requests indicate is loaded onto the base for being added to extension by the number of the acl rule of load successively This storage unit can loading range, this way it is ensured that during acl rule to be loaded is stored to basic unit of storage There are enough spaces to be stored, moving for stored acl rule will not be carried out during loading each acl rule It moves, improves the loading efficiency of same batch acl rule, the time interval that the business of reducing comes into force improves ACL loading modes Performance, and avoid because load acl rule occupies CPU for a long time, and then improve the utilization rate of CPU.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications can be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out the embodiment of the present invention various modification and variations without departing from this hair The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.

Claims (8)

1. a kind of loading method of access control list ACL rule, which is characterized in that including:
Data load requests are received, the data load requests include the number of acl rule to be loaded;
According to the data load requests, determination can loading range in the storage medium for storing acl rule;
When the number of the basic unit of storage that can include in loading range is less than the number of the acl rule to be loaded When, acl rule stored in the storage medium is moved, using the idle basic unit of storage obtained after resettlement as extension Basic unit of storage be added to it is described can loading range, until be added to the basic unit of storage of extension can be in loading range Including basic unit of storage number be greater than or equal to the acl rule to be loaded number;
By first acl rule to be loaded be loaded onto the basic unit of storage for being added to extension can be in loading range The first basic unit of storage of designated position;
Remaining each acl rule to be loaded is loaded onto loading for the basic unit of storage for being added to extension successively In range in the nearest basic unit of storage of first basic unit of storage described in distance.
2. the method as described in claim 1, which is characterized in that the storage medium is three-state content addressing memory block TCAM Bank。
3. method as claimed in claim 2, which is characterized in that according to the data load requests for storing acl rule Storage medium in determination can loading range, including:
Basic unit of storage in the TCAM Bank that the data load requests are specified is as can loading range;Or
According to the data load requests, the priority of the rule of ACL to be loaded is determined;According to the ACL rule to be loaded Priority then includes the priority of acl rule and basic storage list according to the order traversal from low priority to high priority The priority chained list of the mapping relations of first location information, by first priority in the TCAM Bank not less than described to be loaded Acl rule priority basic unit of storage as upper bound position, not by the last one priority in the TCAM Bank More than the acl rule to be loaded priority basic unit of storage as lower bound position;By the upper bound position and institute The basic unit of storage conduct stated between lower bound position can loading range.
4. method as claimed in claim 2 or claim 3, which is characterized in that move ACL rule stored in the storage medium Then, including:
Using with it is described can the adjacent specified basic unit of storage of loading range as the first basic unit of storage;
Filtered out in the TCAM Bank except it is described can in addition to loading range the first basic unit of storage described in distance it is nearest And the second basic unit of storage being in idle condition;
Move the basic unit of storage between second basic unit of storage filtered out and first basic unit of storage In stored acl rule.
5. a kind of loading device of access control list ACL rule, which is characterized in that including:
Receiving unit, for receiving data load requests, the data load requests include the number of acl rule to be loaded;
Determination unit, for determination can to load in the storage medium for storing acl rule according to the data load requests Range;
Processing unit, for when the number of the basic unit of storage that can include in loading range be less than it is described to be loaded When the number of acl rule, acl rule stored in the storage medium is moved, the free time obtained after resettlement is deposited substantially Storage unit as the basic unit of storage of extension be added to it is described can loading range, until being added to the basic unit of storage of extension The number of the basic unit of storage that can include in loading range be greater than or equal to the number of the acl rule to be loaded;With And
By first acl rule to be loaded be loaded onto the basic unit of storage for being added to extension can be in loading range The first basic unit of storage of designated position;
Remaining each acl rule to be loaded is loaded onto loading for the basic unit of storage for being added to extension successively In range in the nearest basic unit of storage of first basic unit of storage described in distance.
6. device as claimed in claim 5, which is characterized in that the storage medium is three-state content addressing memory block TCAM Bank。
7. device as claimed in claim 6, which is characterized in that the determination unit is specifically used for:
Basic unit of storage in the TCAM Bank that the data load requests are specified is as can loading range;Or
According to the data load requests, the priority of the rule of ACL to be loaded is determined;According to the ACL rule to be loaded Priority then includes the priority of acl rule and basic storage list according to the order traversal from low priority to high priority The priority chained list of the mapping relations of first location information, by first priority in the TCAM Bank not less than described to be loaded Acl rule priority basic unit of storage as upper bound position, not by the last one priority in the TCAM Bank More than the acl rule to be loaded priority basic unit of storage as lower bound position;By the upper bound position and institute The basic unit of storage conduct stated between lower bound position can loading range.
8. device as claimed in claims 6 or 7, which is characterized in that the processing unit is moved in the storage medium When the acl rule of storage, it is specifically used for:
Using with it is described can the adjacent specified basic unit of storage of loading range as the first basic unit of storage;
Filtered out in the TCAM Bank except it is described can in addition to loading range the first basic unit of storage described in distance it is nearest And the second basic unit of storage being in idle condition;
Move the basic unit of storage between second basic unit of storage filtered out and first basic unit of storage In stored acl rule.
CN201410397626.0A 2014-08-13 2014-08-13 A kind of loading method and device of acl rule Expired - Fee Related CN105335307B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410397626.0A CN105335307B (en) 2014-08-13 2014-08-13 A kind of loading method and device of acl rule

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410397626.0A CN105335307B (en) 2014-08-13 2014-08-13 A kind of loading method and device of acl rule

Publications (2)

Publication Number Publication Date
CN105335307A CN105335307A (en) 2016-02-17
CN105335307B true CN105335307B (en) 2018-10-02

Family

ID=55285856

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410397626.0A Expired - Fee Related CN105335307B (en) 2014-08-13 2014-08-13 A kind of loading method and device of acl rule

Country Status (1)

Country Link
CN (1) CN105335307B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108093051B (en) * 2017-12-20 2021-02-05 迈普通信技术股份有限公司 Message copying method and device
CN109688126B (en) * 2018-12-19 2021-08-17 迈普通信技术股份有限公司 Data processing method, network equipment and computer readable storage medium
CN110191135B (en) * 2019-06-11 2021-09-21 杭州迪普信息技术有限公司 ACL configuration method, device and electronic equipment
CN113328973B (en) 2020-02-28 2022-09-23 华为技术有限公司 Method and device for detecting invalid Access Control List (ACL) rule

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101035062A (en) * 2006-03-09 2007-09-12 中兴通讯股份有限公司 Rule update method for three-folded content addressable memory message classification
CN101039271A (en) * 2007-03-20 2007-09-19 华为技术有限公司 Method and apparatus for taking effect rules of access control list
US7904642B1 (en) * 2007-02-08 2011-03-08 Netlogic Microsystems, Inc. Method for combining and storing access control lists
CN103618711A (en) * 2013-11-25 2014-03-05 华为技术有限公司 Configuration method and network device of ACL rule
US8750144B1 (en) * 2010-10-20 2014-06-10 Google Inc. System and method for reducing required memory updates

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101035062A (en) * 2006-03-09 2007-09-12 中兴通讯股份有限公司 Rule update method for three-folded content addressable memory message classification
US7904642B1 (en) * 2007-02-08 2011-03-08 Netlogic Microsystems, Inc. Method for combining and storing access control lists
CN101039271A (en) * 2007-03-20 2007-09-19 华为技术有限公司 Method and apparatus for taking effect rules of access control list
US8750144B1 (en) * 2010-10-20 2014-06-10 Google Inc. System and method for reducing required memory updates
CN103618711A (en) * 2013-11-25 2014-03-05 华为技术有限公司 Configuration method and network device of ACL rule

Also Published As

Publication number Publication date
CN105335307A (en) 2016-02-17

Similar Documents

Publication Publication Date Title
CN105335307B (en) A kind of loading method and device of acl rule
CN102882810B (en) A kind of packet fast forwarding method and device
US7606236B2 (en) Forwarding information base lookup method
CN111190553B (en) Interconnect system and method using hybrid memory cube links
US9450780B2 (en) Packet processing approach to improve performance and energy efficiency for software routers
US11210216B2 (en) Techniques to facilitate a hardware based table lookup
Bando et al. FlashTrie: beyond 100-Gb/s IP route lookup using hash-based prefix-compressed trie
CN102938000B (en) Method for searching route is shown in flowing without lock of a kind of high-speed parallel
CN100418331C (en) Route searching result cache method based on network processor
JP2006313949A (en) Packet transfer apparatus
CN101986271B (en) Method and device for dispatching TCAM (telecommunication access method) query and refresh messages
CN103312720A (en) Data transmission method, equipment and system
US9906443B1 (en) Forwarding table updates during live packet stream processing
CN109600313A (en) Message forwarding method and device
CN101834788A (en) Storage operation method, device and equipment of media access control address table items
CN109981464A (en) TCAM circuit structure realized in FPGA and matching method thereof
CN104239337B (en) Processing method and processing device of tabling look-up based on TCAM
CN110191135A (en) ACL configuration method, device, electronic equipment
CN107294865B (en) load balancing method of software switch and software switch
EP2512073A1 (en) Method and device for maintaining routing table
CN103457855B (en) Classless inter-domain routing table is established and the method and apparatus of message forwarding
WO2010076628A1 (en) Content assembly memory and method
CN104811495A (en) Method and module for content storage of network component of smart and cooperative network
CN102289453B (en) TCAM (ternary content addressable memory) rule storing method, device and network equipment
CN103501268A (en) Method and device for scheduling TCAM (Ternary Content Addressable Memory) resource

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20211124

Address after: 215010 room 704, building 5, No. 556, Changjiang Road, high tech Zone, Suzhou, Jiangsu

Patentee after: SUZHOU YUDESHUI ELECTRICAL TECHNOLOGY Co.,Ltd.

Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20221230

Address after: No. 8, Xingbo 7th Road, Boxing Economic Development Zone, Boxing County, Binzhou City, Shandong Province, 256599

Patentee after: Shandong Rongzhi Industry Guidance Fund Co.,Ltd.

Address before: 215010 room 704, building 5, No. 556, Changjiang Road, high tech Zone, Suzhou, Jiangsu

Patentee before: SUZHOU YUDESHUI ELECTRICAL TECHNOLOGY Co.,Ltd.

TR01 Transfer of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20181002

CF01 Termination of patent right due to non-payment of annual fee