CN106411924A - Method of building session forwarding entry, and method and device for forwarding message - Google Patents

Method of building session forwarding entry, and method and device for forwarding message Download PDF

Info

Publication number
CN106411924A
CN106411924A CN201610942104.3A CN201610942104A CN106411924A CN 106411924 A CN106411924 A CN 106411924A CN 201610942104 A CN201610942104 A CN 201610942104A CN 106411924 A CN106411924 A CN 106411924A
Authority
CN
China
Prior art keywords
characteristic information
table item
message
forwarding
session forwarding
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610942104.3A
Other languages
Chinese (zh)
Other versions
CN106411924B (en
Inventor
张明祯
刘志来
费宝川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201610942104.3A priority Critical patent/CN106411924B/en
Publication of CN106411924A publication Critical patent/CN106411924A/en
Application granted granted Critical
Publication of CN106411924B publication Critical patent/CN106411924B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1096Supplementary features, e.g. call forwarding or call holding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • H04L65/1033Signalling gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1104Session initiation protocol [SIP]

Abstract

The invention provides a method of building a session forwarding entry, and a method and a device for forwarding a message. The method of building the session forwarding entry comprises steps: at least one preset type of source feature information and objective feature information from feature information in a received message are extracted; if exchange operation is determined to be executed on the source feature information and the objective feature information, a hash value is calculated according to the feature information after the exchange operation is executed; or otherwise, a hash value is calculated according to the original feature information; a corresponding node is determined according to the hash value; when no session forwarding entry corresponding to the message does not exist under the node, the session forwarding entry is built under the node, and related message forwarding information is recorded. In the technical scheme of the invention, through determining whether to execute exchange operation on the source feature information and the objective feature information firstly, the performance of the forwarding device is enhanced. Through directly building the session forwarding entry under the node, the session forwarding entry matching efficiency can be improved.

Description

A kind of method creating session forwarding-table item, the method and device E-Packeting
Technical field
The application is related to communication technique field, the more particularly, to a kind of method creating session forwarding-table item, E-Packets Method and device.
Background technology
In the prior art, when forwarding unit creates session forwarding-table item, can be calculated positive and negative according to the message receiving The cryptographic Hash of both direction, obtains corresponding node, thus respectively under corresponding node, record is corresponding to the session of this message The address information of forwarding-table item.
However, because forwarding unit calculates the cryptographic Hash of positive and negative both direction, obtain two nodes and it needs at two Under node, record the address information of the session forwarding-table item corresponding to this message respectively, thus it is substantial amounts of to occupy forwarding unit Process resource, reduces the performance of forwarding unit.Meanwhile, actually two nodes records is all same session forwarding-table item Address information, leads to waste the substantial amounts of memory headroom of forwarding unit.
Content of the invention
In view of this, the application provides a kind of method creating session forwarding-table item, the method and device E-Packeting, can When forwarding unit creates session forwarding-table item, to lift the performance of forwarding unit, and to reduce to this forwarding unit memory headroom Waste.
For achieving the above object, the application provides technical scheme as follows:
First aspect according to the application, it is proposed that a kind of method of establishment session forwarding-table item, is applied to forwarding unit; Methods described includes:
When receiving message, extract described message in characteristic information the source characteristic information of at least one preset kind and Purpose characteristic information;
When determining, described source characteristic information and the execution of described purpose characteristic information are exchanged when operating, described mutually according to execution Change the characteristic information after operation and calculate cryptographic Hash;Described source characteristic information and described purpose characteristic information are not executed mutually when determining When changing operation, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
When there is not session forwarding-table item corresponding with described message under described node, create described under described node Session forwarding-table item, and record the relevant information forwarding described message.
Second aspect according to the application, it is proposed that a kind of method E-Packeting, is applied to forwarding unit;Methods described Including:
When receiving message, extract described message in characteristic information the source characteristic information of at least one preset kind and Purpose characteristic information;
When determining, described source characteristic information and the execution of described purpose characteristic information are exchanged when operating, described mutually according to execution Change the characteristic information after operation and calculate cryptographic Hash;Described source characteristic information and described purpose characteristic information are not executed mutually when determining When changing operation, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
Mate session forwarding-table item corresponding with described message under described node, described session forwarding-table item is by above-mentioned wound The method building session forwarding-table item generates;
According to the session forwarding-table item matching, forward described message.
The third aspect according to the application, it is proposed that a kind of device of establishment session forwarding-table item, is applied to forwarding unit; Described device includes:
Extraction unit, when receiving message, extracts the source of at least one preset kind of characteristic information in described message Characteristic information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to The described characteristic information exchanging after operating of execution calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose feature When operation is exchanged in information execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
First creating unit, when there is not session forwarding-table item corresponding with described message under described node, described Create described session forwarding-table item under node, and record the relevant information forwarding described message.
Fourth aspect according to the application, it is proposed that a kind of device E-Packeting, is applied to forwarding unit;Described device Including:
Extraction unit, when receiving message, extracts the source of at least one preset kind of characteristic information in described message Characteristic information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to The described characteristic information exchanging after operating of execution calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose feature When operation is exchanged in information execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
Matching unit, mates session forwarding-table item corresponding with described message, described session forward table under described node Item is generated by the method for above-mentioned establishment session forwarding-table item;
Retransmission unit, according to the session forwarding-table item matching, forwards described message.
From above technical scheme, in the technical scheme of the application, on the one hand, by first determining whether to source feature Information and operation is exchanged in the execution of purpose characteristic information it is ensured that the cryptographic Hash being calculated according to positive and negative both direction is equal, that is, Determine establishment session forwarding-table item under same node, and same session forwarding-table item need not be created under two different nodes, Thus improving the performance of forwarding unit.Meanwhile, save the memory headroom of forwarding unit.On the other hand, by directly in section Point is lower to create session forwarding-table item, and records the relevant information E-Packeting, and forwarding unit, when mating session forwarding-table item, saves Omit and gone to search the link of session forwarding-table item according to address information, thus improve the matching efficiency to session forwarding-table item.
Brief description
Fig. 1 is the structural representation of session forwarding-table item in correlation technique.
Fig. 2 is the flow chart of the method that forwarding unit creates session forwarding-table item in correlation technique.
Fig. 3 is the flow chart of a kind of method of establishment session forwarding-table item that the application one exemplary embodiment provides.
Fig. 4 is a kind of flow chart of method E-Packeting that the application one exemplary embodiment provides.
Fig. 5 is a kind of method of establishment session forwarding-table item that the application one exemplary embodiment provides, and forwards report The flow chart of the method for literary composition.
Fig. 6 is a kind of structural representation of session forwarding-table item that the application one exemplary embodiment provides.
Fig. 7 is the structural representation of a kind of electronic equipment that the application one exemplary embodiment provides.
Fig. 8 is a kind of block diagram of the device of establishment session forwarding-table item that the application one exemplary embodiment provides.
Fig. 9 is the structural representation of another kind of electronic equipment that the application one exemplary embodiment provides.
Figure 10 is a kind of block diagram of device E-Packeting that the application one exemplary embodiment provides.
Specific embodiment
Here will in detail exemplary embodiment be illustrated, its example is illustrated in the accompanying drawings.Explained below is related to During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with such as appended The example of the consistent apparatus and method of some aspects being described in detail in claims, the application.
It is the purpose only merely for description specific embodiment in term used in this application, and be not intended to be limiting the application. " a kind of ", " described " and " being somebody's turn to do " of singulative used in the application and appended claims is also intended to including most Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein refers to and wraps Containing one or more associated any or all possible combination listing project.
It will be appreciated that though various information may be described using term first, second, third, etc. in the application, but this A little information should not necessarily be limited by these terms.These terms are only used for same type of information is distinguished from each other out.For example, without departing from In the case of the application scope, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determining ".
In actual network environment, because the variation of the flow through forwarding unit is it is easy to hash-collision Situation, that is, according to being not belonging to same stream, (the five-tuple information of message is identical, or source IP address and purpose IP address phase Instead, and source port number and destination slogan contrary) message, be calculated same cryptographic Hash, thus under same node exist Different session forwarding-table items, so, session forwarding-table item is created using structure as shown in Figure 1.As shown in Figure 1:
When the situation of above-mentioned hash-collision occurs, create chained list under corresponding node, in chained list, have recorded establishment The address information of session forwarding-table item, and it is matched with the five-tuple information of this session forwarding-table item.Each chain under same node With Unidirectional chain-type structure connection between table.
For example it is assumed that successively receiving message a and message b, wherein message a and message b is not belonging to same stream, report Civilian a is matched with session forwarding-table item 1, and message b is matched with session forwarding-table item 2.According to message a calculated forward direction cryptographic Hash For 0, also it is 0 according to message b calculated forward direction cryptographic Hash.So, due to first receiving message a, so in node 0 (Node0) create the address letter of chained list 1, the five-tuple information of recorded message a in chained list 1, and session forwarding-table item 1 under Breath, then after chained list 1, creates chained list 2, the five-tuple information of recorded message b in chained list 2, and session forwarding-table item 2 Address information.
Fig. 2 is the flow chart of the method that forwarding unit creates session forwarding-table item in correlation technique.Refer to Fig. 2, the party Method may comprise steps of:
Step 201, receives message.
Step 202, calculates positive cryptographic Hash.
Step 203, calculates reverse cryptographic Hash.
Wherein, forwarding unit, according to the five-tuple information of message, is calculated positive cryptographic Hash, then, by this five-tuple Middle source IP address and purpose IP address are exchanged, and source port number and destination slogan are exchanged, then are calculated reverse cryptographic Hash.
Step 204, creates chained list, the address information of recording conversation forwarding-table item under corresponding node.
Wherein, when positive cryptographic Hash and reverse cryptographic Hash are equal, if not existing under corresponding node and this message pair The session forwarding-table item answered, that is, illustrate that forwarding unit forwards the message that this receives first, then create session forwarding-table item, and will Relevant information (comprising five-tuple, done business etc.) for forwarding this message recorded in session forwarding-table item.Meanwhile, at this Establishment chained list under node, and record the five-tuple information of this message in this chained list, and the ground of the session forwarding-table item creating Location information.When positive cryptographic Hash and reverse cryptographic Hash are unequal, if not existing and this message pair under each self-corresponding node The session forwarding-table item answered, then in the manner described above, create chained list under each self-corresponding node respectively, and record this message Five-tuple information, and the address information of the session forwarding-table item creating.
Wherein, comprise two parts content in session forwarding-table item, a part is for the relevant information forwarding this message (i.e. The relevant information of above-mentioned record);Another part is to be reverse message (source IP address, purpose for forwarding with respect to this message IP address is contrary with this message, and source port number, and destination slogan is contrary with this message) relevant information, and now, this part Content is sky.
In the same manner, when forwarding unit receive be reverse message (hereinafter referred to as reversely message) with respect to this message when, press Method according to step 201-203 calculates positive cryptographic Hash and reverse cryptographic Hash.Then under the corresponding node of positive cryptographic Hash, root According to the five-tuple of this reverse message, mate corresponding chained list.Its matching process is divided into two steps:
The first step, according to the five-tuple information of this reverse message, is mated with the five-tuple of current chain table record;
Second step, if not matching that with the five-tuple of current chain table record, exchanges source IP address and purpose IP address, with And exchange source port number and destination slogan, further according to the five-tuple information after exchanging, the five-tuple letter with current chain table record Breath coupling.
If under the corresponding node of positive cryptographic Hash, match chained list corresponding with this reverse message, then according to this chain In table, the address information of record, will be used for forwarding the relevant information of this reverse message to recorded in corresponding session forwarding-table item.
It can be seen that, in the related, when forwarding unit receives the reverse message of this message, according to this reverse message During the corresponding chained list of five-tuple information matches, need coupling twice could successful match to corresponding chained list, and then lead to reduction Matching efficiency to session forwarding-table item.Simultaneously as forwarding unit needs to calculate the cryptographic Hash of positive and negative both direction, obtain Two nodes, thus occupying the substantial amounts of process resource of forwarding unit, reduce the performance of forwarding unit, and actually two sections What point recorded is all the address information of same session forwarding-table item, leads to waste the substantial amounts of memory headroom of forwarding unit.
Fig. 3 is the flow chart of a kind of method of establishment session forwarding-table item shown in the application one exemplary embodiment, should Method is applied to forwarding unit, may comprise steps of:
Step 301, when receiving message, the source extracting at least one preset kind of characteristic information in described message is special Reference breath and purpose characteristic information.
Step 302, when determine operation is exchanged to described source characteristic information and the execution of described purpose characteristic information when, according to holding The described characteristic information exchanging after operating of row calculates cryptographic Hash;Described source characteristic information and described purpose feature are not believed when determining When operation is exchanged in breath execution, cryptographic Hash is calculated according to the original characteristic information of described message.
Step 303, according to calculated cryptographic Hash, determines corresponding node.
Step 304, when there is not session forwarding-table item corresponding with described message under described node, under described node Create described session forwarding-table item, and record the relevant information forwarding described message.
In the present embodiment, when there is described session forwarding-table item under described node, and in described session forwarding-table item not When comprising the relevant information forwarding described message, in described session forwarding-table item, record described relevant information.
In the present embodiment, determine in the following manner and described source characteristic information and described purpose characteristic information are executed mutually Change operation:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;When When described numerical values recited relation meets preset relation, determine and exchange is executed to described source characteristic information and described purpose characteristic information Operation.
In the present embodiment, when hash-collision occurs, the end of chain structure under described node, create and described report The corresponding session forwarding-table item of literary composition, comprises the session forwarding-table item creating according to other messages receiving in described chained list.
Fig. 4 is a kind of flow chart of the method E-Packeting shown in the application one exemplary embodiment, and the method is applied In forwarding unit, may comprise steps of:
Step 401, when receiving message, the source extracting at least one preset kind of characteristic information in described message is special Reference breath and purpose characteristic information.
Step 402, when determine operation is exchanged to described source characteristic information and the execution of described purpose characteristic information when, according to holding The described characteristic information exchanging after operating of row calculates cryptographic Hash;Described source characteristic information and described purpose feature are not believed when determining When operation is exchanged in breath execution, cryptographic Hash is calculated according to the original characteristic information of described message.
Step 403, according to calculated cryptographic Hash, determines corresponding node.
Step 404, mates session forwarding-table item corresponding with described message, described session forwarding-table item under described node Generated by the method for above-mentioned establishment session forwarding-table item as shown in Figure 3.
In the present embodiment, mate session forward table corresponding with described message in the following manner under described node ?:
When determining execution described exchange operation, mate and described report according to executing the described characteristic information exchanging after operation The corresponding session forwarding-table item of literary composition;
When determining that not executing described exchange operates, according to described message original characteristic information coupling and described message pair The session forwarding-table item answered.
Step 405, according to the session forwarding-table item matching, forwards described message.
From above technical scheme, in the technical scheme of the application, on the one hand, by first determining whether to source feature Information and operation is exchanged in the execution of purpose characteristic information it is ensured that the cryptographic Hash being calculated according to positive and negative both direction is equal, that is, Determine establishment session forwarding-table item under same node, and same session forwarding-table item need not be created under two different nodes, Thus simplifying the process creating session forwarding-table item, improve the performance of forwarding unit.Meanwhile, save the interior of forwarding unit Deposit space.On the other hand, by directly creating session forwarding-table item under node, and recording the relevant information E-Packeting, turn The equipment of sending out, when mating session forwarding-table item, eliminates and goes to search the link of session forwarding-table item according to address information, thus carrying The high matching efficiency to session forwarding-table item.
In order to make it easy to understand, with reference to Fig. 5, for forwarding unit to the processing procedure receiving message, to the application Technical scheme be described in detail.Refer to Fig. 5, Fig. 5 is that the establishment session shown in the application one exemplary embodiment forwards The method of list item, and the flow chart of the method E-Packeting.As shown in figure 5, the method may comprise steps of:
Step 501, forwarding unit receives message.
In the present embodiment, after forwarding unit receives message, at least one extracting characteristic information in message presets class The source characteristic information of type and purpose characteristic information.For example, source characteristic information can be source port number and source IP address, purpose feature Information can be destination slogan and purpose IP address.
Step 502, it is determined whether exchange source characteristic information and purpose characteristic information.
Step 503, calculates cryptographic Hash according to characteristic information.
In the present embodiment, the numerical values recited relation by determining source characteristic information and purpose characteristic information whether meet pre- If relation, to determine whether to exchange operation to source characteristic information and the execution of purpose characteristic information.
In the present embodiment, when determining to source characteristic information and the execution exchange operation of purpose characteristic information, according to execution Exchange the characteristic information after operation and calculate cryptographic Hash;Operation is not exchanged to source characteristic information and the execution of purpose characteristic information when determining When, cryptographic Hash is calculated according to the original characteristic information of message.
For example, in the case that forwarding unit does not use NAT business, there is not IP address conversion, false The fixed source characteristic information extracting is source port number and source IP address, and purpose characteristic information is purpose port numbers and purpose IP address. Due to port numbers length less it is easy to compare, so regulation first compare port numbers, when source port number numerical value be more than destination interface Number numerical value when, to source port number and destination slogan execution exchange operation, and to source IP address and purpose IP address execution Exchange operation.When the numerical value of source port number is less than the numerical value of destination slogan, do not execute exchange operation.Number when source port number When value is equal to the numerical value of destination slogan, compare the numerical values recited of source IP address and purpose IP address further.Wherein, as source IP When the numerical value of address is more than the numerical value of purpose IP address, operation is exchanged to source port number and destination slogan execution, and to source Operation is exchanged in IP address and purpose IP address execution;When the numerical value of source IP address is less than the numerical value of purpose IP address, do not execute Exchange operation.And under normal circumstances, source IP address will not be identical with purpose IP address, thus ensureing to determine whether Operation is exchanged in execution.Herein adopt " more than " numerical relation by way of example only, it would however also be possible to employ " less than " etc. other Numerical relation, the application is not limited to this.
For example, in one case, the characteristic information that forwarding unit receives message is five-tuple information, wherein, source IP Address is 2001::1, purpose IP address are 2002::2, source port number is 2028, and destination slogan is 1024, and agreement is 6.Aobvious So, the numerical value of source port number is more than the numerical value of destination slogan, therefore, exchanges behaviour to source port number and destination slogan execution Make, and operation is exchanged to source IP address and purpose IP address execution.Executing the five-tuple information exchanged after operating is:Source IP ground Location is 2002::2, purpose IP address are 2001::1, source port number is 1024, and destination slogan is 2048, and agreement is 6.Connect down Then to exchange the five-tuple information after operation according to this execution and calculate cryptographic Hash.And work as forwarding unit and receive with respect to this message Reverse message when, that is, the five-tuple information of this reverse message is:Source IP address is 2002::2, purpose IP address are 2001:: 1, source port number is 1024, and destination slogan is 2048, and agreement is 6.Obviously, exchange operation, next then basis need not be executed Original five-tuple information calculates cryptographic Hash.
For example, in another case, the five-tuple information that forwarding unit receives message is:Source IP address (sip) is 3003::1, purpose IP address (dip) are 2002::1, source port number (sport) is 1024, and destination slogan (dport) is 1024, agreement is 17.The address size of IPv6 is 128bit, is divided into low 32bit, secondary low 32bit, second highest 32bit, high 32bit Compare successively, its comparison procedure is as follows:
Sip=30030000_00000000_00000000_00000001
Dip=20020000_00000000_00000000_00000001
The first step:Relatively sport and dport, obtains 1024=1024 it is impossible to determine whether to exchange, carries out second step;
Second step:Relatively sip [31:0] with dip [31:0], obtain 00000001=00000001 it is impossible to determine whether mutually Change, carry out the 3rd step;
3rd step:Relatively sip [63:32] with dip [63:32], obtain 00000000=00000000 it is impossible to determine whether mutually Change, carry out the 4th step;
4th step:Relatively sip [95:64] with dip [95:64], obtain 00000000=00000000 it is impossible to determine whether mutually Change, carry out the 5th step;
5th step:Relatively sip [127:96] with dip [127:96], 30030000 are obtained>20020000, determine sip>dip.
Numerical value due to source IP address is more than the numerical value of purpose IP address, so to source port number and destination slogan execution Exchange operation, and operation is exchanged to source IP address and purpose IP address execution.Executing the five-tuple information exchanged after operating is: Sip is 2002::1, dip is 3003::1, sport is 1024 for 1024, dport, and agreement is 17.Following then according to this execution The five-tuple information after operation of exchanging calculates cryptographic Hash.And when forwarding unit receives the reverse message with respect to this message, I.e. the five-tuple information of this reverse message is:Sip is 2002::1, dip is 3003::1, sport is 1024 for 1024, dport, Agreement is 17.Obviously, exchange operation need not be executed, next then cryptographic Hash is calculated according to original five-tuple information.Due to big A part IP address high position is identical, so, in most cases, after 32bit lower than relatively low 32bit or secondary, just can compare Numerical values recited, thus improve the efficiency comparing numerical values recited.
By above-mentioned regulation so that when forwarding unit receives message however, it is determined that the source port number to message and purpose Operation is exchanged in port numbers execution, and exchanges operation to source IP address and purpose IP address execution, then when receiving with respect to this During the reverse message of message, exchange operation need not be executed, further such that when forwarding unit receives message and with respect to this report During the reverse message of literary composition, identical cryptographic Hash can be calculated according to identical characteristic information, determine same node.
Step 504, judges whether session forwarding-table item corresponding with receiving message, if existing, proceeds to step 505a, otherwise, proceeds to step 505b.
In the present embodiment, according to calculated cryptographic Hash, determine corresponding node, coupling and reception under this node To message corresponding session forwarding-table item.When determining that operation is exchanged in execution in step 503, exchanged after operation according to execution The five-tuple information match of the session forwarding-table item under characteristic information (for example, five-tuple information), with this node, if both Five-tuple information identical, then be corresponding session forwarding-table item, otherwise, be not corresponding session forwarding-table item;When in step When determining in 503 that not executing exchange operates, according to receiving the original characteristic information of message, with the session forward table under this node The five-tuple information match of item.By above-mentioned matching way it is only necessary to coupling once just can determine that the session of current matching turns Whether forwarding list item is corresponding session forwarding-table item, thus improve the matching efficiency to session forwarding-table item.
Step 505a, judges whether comprise to forward the relevant information receiving message in corresponding session forwarding-table item, if Comprise, then proceed to step 506, otherwise, proceed to step 507.
Step 505b, creates session forwarding-table item under node, and records the relevant information forwarding this to receive message.
In the present embodiment, comprise two parts content in session forwarding-table item, a part is that this receives report for forwarding The relevant information of literary composition;Another part be for forward with respect to this receive message reverse message relevant information.By elder generation Determine whether to exchange operation it is ensured that calculating according to positive and negative both direction to source characteristic information and the execution of purpose characteristic information Cryptographic Hash equal, that is, determine under same node establishment session forwarding-table item, and need not create under two different nodes with One session forwarding-table item, thus simplifying the process creating session forwarding-table item, improves the performance of forwarding unit.Meanwhile, save Save the memory headroom of forwarding unit.
Step 506, according to relevant information, forwards the message that this receives.
Step 507, in corresponding session forwarding-table item, record forwards this to receive the relevant information of message.
In the technical scheme of the application, (need to create different sessions under same node when hash-collision occurs Forwarding-table item) when, create session forwarding-table item by the structure shown in Fig. 6, as shown in Figure 6:
Directly create session forwarding-table item under node, with Unidirectional chain-type between each session forwarding-table item under same node Structure connection, when hash-collision occurs, the chain structure end of session forwarding-table item under node, create corresponding session Forwarding-table item.
For example, in one case, when forwarding unit receives message, and the characteristic information (example according to this message As for five-tuple information) calculated cryptographic Hash when being 1, determines coupling meeting corresponding with this message under node 1 (Node1) Words forwarding-table item it is assumed that now having created session forwarding-table item 1 and session forwarding-table item 2 under Node1, then according to from left-hand The right side, coupling session forwarding-table item 1 and session forwarding-table item 2 successively.When session forwarding-table item 1 and session forwarding-table item 2 are not During session forwarding-table item corresponding with this message, in the end (i.e. after session forwarding-table item 2) of chain structure, create session and turn Forwarding list item 3, and record the relevant information forwarding this message.
In another case, when forwarding unit receives message and calculated according to the characteristic information of this message When cryptographic Hash is 3, determines and mate session forwarding-table item corresponding with this message under Node3 it is assumed that now not wound under Node3 Built session forwarding-table item (the not session forwarding-table item corresponding with this message of explanation simultaneously), then directly created under Node3 Session forwarding-table item 4, and record the relevant information forwarding this message.
The situation of NAT business from above technical scheme, in the technical scheme of the application, is not used in forwarding unit Under, the probability very little of a large amount of hash-collisions, due to there is not IP address conversion, occurs under same node, so passing through Directly create session forwarding-table item under node, closed with the structure of Unidirectional chain-type between each session forwarding-table item under same node Connection, eliminates in correlation technique and goes to search the link of session forwarding-table item according to address information, can improve to session forward table The matching efficiency of item.
Fig. 7 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Refer to Fig. 7, In hardware view, this electronic equipment includes processor 702, internal bus 704, network interface 706, internal memory 708 and non-volatile Property memorizer 710, is also possible that the hardware required for other business certainly.Processor 702 is from nonvolatile memory 710 Read corresponding computer program and then to run in internal memory 702, the dress creating session forwarding-table item is formed on logic level Put.Certainly, in addition to software realization mode, the application is not precluded from other implementations, such as logical device or soft or hard Mode etc. that part combines that is to say, that the executive agent of following handling process be not limited to each logical block it is also possible to It is hardware or logical device.
Refer to Fig. 8, in Software Implementation, the device of this establishment session forwarding-table item can include extraction unit 801st, computing unit 802, determining unit 803 and the first creating unit 804.Wherein:
Extraction unit 801, when receiving message, extracts at least one preset kind of characteristic information in described message Source characteristic information and purpose characteristic information;
Computing unit 802, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, root Calculate cryptographic Hash according to executing the described characteristic information exchanging after operation;Not special to described source characteristic information and described purpose when determining When operation is exchanged in reference breath execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit 803, according to calculated cryptographic Hash, determines corresponding node;
First creating unit 804, when there is not session forwarding-table item corresponding with described message under described node, in institute State and under node, create described session forwarding-table item, and record the relevant information forwarding described message.
Optionally, also include:
Recording unit 805, when there is described session forwarding-table item under described node, and does not wrap in described session forwarding-table item Containing forward described message relevant information when, record described relevant information in described session forwarding-table item.
Optionally, described computing unit 802 specifically for:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;
When described numerical values recited relation meets preset relation, determine to described source characteristic information and described purpose feature letter Operation is exchanged in breath execution.
Optionally, also include:
Second creating unit 806, when hash-collision occurs, the end of chain structure under described node, create and institute State message corresponding session forwarding-table item, in described chained list, comprise the session forward table creating according to other messages receiving ?.
Fig. 9 shows the schematic configuration diagram of another electronic equipment of the exemplary embodiment according to the application.
Refer to Fig. 9, in hardware view, this electronic equipment include processor 902, internal bus 904, network interface 906, Internal memory 908 and nonvolatile memory 910, are also possible that the hardware required for other business certainly.Processor 902 is from non- Read corresponding computer program in volatile memory 910 and then to run in internal memory 902, logic level is formed and forwards The device of message.Certainly, in addition to software realization mode, the application is not precluded from other implementations, such as logical device Or mode of software and hardware combining etc. is that is to say, that the executive agent of following handling process is not limited to each logic list Unit or hardware or logical device.
Refer to Figure 10, in Software Implementation, the device that this E-Packets can include extraction unit 1001, calculate Unit 1002, determining unit 1003, matching unit 1004 and retransmission unit 1005.Wherein:
Extraction unit 1001, when receiving message, extracts at least one preset kind of characteristic information in described message Source characteristic information and purpose characteristic information;
Computing unit 1002, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, Calculate cryptographic Hash according to executing the described characteristic information exchanging after operation;When determination is not to described source characteristic information and described purpose When operation is exchanged in characteristic information execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit 1003, according to calculated cryptographic Hash, determines corresponding node;
Matching unit 1004, mates session forwarding-table item corresponding with described message under described node, and described session turns Forwarding list item is generated by the method for the establishment session forwarding-table item as any one of claim 1-4;
Retransmission unit 1005, according to the session forwarding-table item matching, forwards described message.
Optionally, described matching unit 1004 specifically for:
When determining execution described exchange operation, mate and described report according to executing the described characteristic information exchanging after operation The corresponding session forwarding-table item of literary composition;
When determining that not executing described exchange operates, according to described message original characteristic information coupling and described message pair The session forwarding-table item answered.
In said apparatus, the process of realizing of the function of unit and effect specifically refers to corresponding step in said method Realize process, will not be described here.
For device embodiment, because it corresponds essentially to embodiment of the method, thus real referring to method in place of correlation The part applying example illustrates.Device embodiment described above is only schematically, wherein said as separating component The unit illustrating can be or may not be physically separate, as the part that unit shows can be or can also It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to actual Need to select the purpose to realize application scheme for some or all of module therein.Those of ordinary skill in the art are not paying In the case of going out creative work, you can to understand and to implement.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all essences in the application Within god and principle, any modification, equivalent substitution and improvement done etc., should be included within the scope of the application protection.

Claims (12)

1. a kind of method creating session forwarding-table item is it is characterised in that be applied to forwarding unit;Methods described includes:
When receiving message, extract the source characteristic information of at least one preset kind of characteristic information and purpose in described message Characteristic information;
When determining that executing exchange to described source characteristic information and described purpose characteristic information operates, grasp according to executing described exchange Characteristic information after work calculates cryptographic Hash;Behaviour is not exchanged to described source characteristic information and the execution of described purpose characteristic information when determining When making, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
When there is not session forwarding-table item corresponding with described message under described node, create described session under described node Forwarding-table item, and record the relevant information forwarding described message.
2. method according to claim 1 is it is characterised in that also include:
When there is described session forwarding-table item under described node, and do not comprise to forward described message in described session forwarding-table item During relevant information, in described session forwarding-table item, record described relevant information.
3. method according to claim 1 is it is characterised in that determine in the following manner to described source characteristic information and institute State the execution of purpose characteristic information and exchange operation:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;
When described numerical values recited relation meets preset relation, determine and described source characteristic information and described purpose characteristic information are held Row exchanges operation.
4. method according to claim 1 is it is characterised in that also include:
When hash-collision occurs, the end of chain structure under described node, create session corresponding with described message and forward List item, comprises the session forwarding-table item creating according to other messages receiving in described chained list.
5. a kind of method E-Packeting is it is characterised in that be applied to forwarding unit;Methods described includes:
When receiving message, extract the source characteristic information of at least one preset kind of characteristic information and purpose in described message Characteristic information;
When determining that executing exchange to described source characteristic information and described purpose characteristic information operates, grasp according to executing described exchange Characteristic information after work calculates cryptographic Hash;Behaviour is not exchanged to described source characteristic information and the execution of described purpose characteristic information when determining When making, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
Mate session forwarding-table item corresponding with described message under described node, described session forwarding-table item is by such as claim The method of the establishment session forwarding-table item any one of 1-4 generates;
According to the session forwarding-table item matching, forward described message.
6. method according to claim 5 it is characterised in that described under described node coupling corresponding with described message Session forwarding-table item, including:
When determining execution described exchange operation, mate and described message pair according to executing the described characteristic information exchanging after operation The session forwarding-table item answered;
When determining that not executing described exchange operates, mated corresponding with described message according to the original characteristic information of described message Session forwarding-table item.
7. a kind of device creating session forwarding-table item is it is characterised in that be applied to forwarding unit;Described device includes:
Extraction unit, when receiving message, extracts the source feature of at least one preset kind of characteristic information in described message Information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to execution The described characteristic information exchanging after operating calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose characteristic information When operation is exchanged in execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
First creating unit, when there is not session forwarding-table item corresponding with described message under described node, in described node The described session forwarding-table item of lower establishment, and record the relevant information forwarding described message.
8. device according to claim 7 is it is characterised in that also include:
Recording unit, when there is described session forwarding-table item under described node, and does not comprise in described session forwarding-table item to forward During the relevant information of described message, in described session forwarding-table item, record described relevant information.
9. device according to claim 7 it is characterised in that described computing unit specifically for:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;
When described numerical values recited relation meets preset relation, determine and described source characteristic information and described purpose characteristic information are held Row exchanges operation.
10. device according to claim 7 is it is characterised in that also include:
Second creating unit, when hash-collision occurs, the end of chain structure under described node, create and described message pair The session forwarding-table item answered, comprises the session forwarding-table item creating according to other messages receiving in described chained list.
A kind of 11. devices E-Packeting are it is characterised in that be applied to forwarding unit;Described device includes:
Extraction unit, when receiving message, extracts the source feature of at least one preset kind of characteristic information in described message Information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to execution The described characteristic information exchanging after operating calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose characteristic information When operation is exchanged in execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
Matching unit, under described node mate session forwarding-table item corresponding with described message, described session forwarding-table item by The method of the establishment session forwarding-table item as any one of claim 1-4 generates;
Retransmission unit, according to the session forwarding-table item matching, forwards described message.
12. devices according to claim 11 it is characterised in that described matching unit specifically for:
When determining execution described exchange operation, mate and described message pair according to executing the described characteristic information exchanging after operation The session forwarding-table item answered;
When determining that not executing described exchange operates, mated corresponding with described message according to the original characteristic information of described message Session forwarding-table item.
CN201610942104.3A 2016-10-24 2016-10-24 A kind of method creating session forwarding-table item, the method and device that E-Packets Active CN106411924B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610942104.3A CN106411924B (en) 2016-10-24 2016-10-24 A kind of method creating session forwarding-table item, the method and device that E-Packets

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610942104.3A CN106411924B (en) 2016-10-24 2016-10-24 A kind of method creating session forwarding-table item, the method and device that E-Packets

Publications (2)

Publication Number Publication Date
CN106411924A true CN106411924A (en) 2017-02-15
CN106411924B CN106411924B (en) 2019-07-09

Family

ID=58013621

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610942104.3A Active CN106411924B (en) 2016-10-24 2016-10-24 A kind of method creating session forwarding-table item, the method and device that E-Packets

Country Status (1)

Country Link
CN (1) CN106411924B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981463A (en) * 2019-02-25 2019-07-05 网易(杭州)网络有限公司 Information processing method, device, gateway and storage medium
CN112491723A (en) * 2020-12-07 2021-03-12 上海励驰半导体有限公司 Gateway message forwarding method, device, storage medium and gateway
CN113098954A (en) * 2021-03-30 2021-07-09 平安科技(深圳)有限公司 Message forwarding method and device, computer equipment and storage medium
CN113765804A (en) * 2021-08-05 2021-12-07 中移(杭州)信息技术有限公司 Message forwarding method, device, equipment and computer readable storage medium
CN114221847A (en) * 2021-12-10 2022-03-22 北京天融信网络安全技术有限公司 Network session management method, device and equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404193A (en) * 2010-09-17 2012-04-04 华为技术有限公司 Method and edge device capable of generating forward list item, forwarding message and obtaining address
CN103051542A (en) * 2012-12-11 2013-04-17 武汉烽火网络有限责任公司 Method for realizing connectivity detection based on data link layer Ethernet MAC (media access control) address
CN104683267A (en) * 2013-11-26 2015-06-03 浙江大华系统工程有限公司 Data forwarding method, data forwarding device, and switching equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404193A (en) * 2010-09-17 2012-04-04 华为技术有限公司 Method and edge device capable of generating forward list item, forwarding message and obtaining address
CN103051542A (en) * 2012-12-11 2013-04-17 武汉烽火网络有限责任公司 Method for realizing connectivity detection based on data link layer Ethernet MAC (media access control) address
CN104683267A (en) * 2013-11-26 2015-06-03 浙江大华系统工程有限公司 Data forwarding method, data forwarding device, and switching equipment

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981463A (en) * 2019-02-25 2019-07-05 网易(杭州)网络有限公司 Information processing method, device, gateway and storage medium
CN109981463B (en) * 2019-02-25 2021-07-27 网易(杭州)网络有限公司 Information processing method, device, gateway and storage medium
CN112491723A (en) * 2020-12-07 2021-03-12 上海励驰半导体有限公司 Gateway message forwarding method, device, storage medium and gateway
CN113098954A (en) * 2021-03-30 2021-07-09 平安科技(深圳)有限公司 Message forwarding method and device, computer equipment and storage medium
CN113098954B (en) * 2021-03-30 2022-10-25 平安科技(深圳)有限公司 Message forwarding method and device, computer equipment and storage medium
CN113765804A (en) * 2021-08-05 2021-12-07 中移(杭州)信息技术有限公司 Message forwarding method, device, equipment and computer readable storage medium
CN114221847A (en) * 2021-12-10 2022-03-22 北京天融信网络安全技术有限公司 Network session management method, device and equipment and storage medium
CN114221847B (en) * 2021-12-10 2024-01-23 北京天融信网络安全技术有限公司 Network session management method, device and equipment and storage medium

Also Published As

Publication number Publication date
CN106411924B (en) 2019-07-09

Similar Documents

Publication Publication Date Title
CN106411924A (en) Method of building session forwarding entry, and method and device for forwarding message
US7969976B2 (en) Gateway apparatus, packet forwarding method, and program
US8059562B2 (en) Listener mechanism in a distributed network system
JP4759389B2 (en) Packet communication device
US8290934B2 (en) Method and system for processing access control lists using a hashing scheme
US7636305B1 (en) Method and apparatus for monitoring network traffic
CN108173982B (en) NAT (network Address translation) processing method and device for cross-board message
CN106878194B (en) Message processing method and device
JP2008536369A (en) Connection forwarding
CN102075404A (en) Message detection method and device
CN103379029B (en) A kind of method of the routing forwarding of content network, apparatus and system
CN102255909B (en) Session stream monitoring method and device
CN102904975A (en) Method and associated device for message processing
CN106341338B (en) A kind of retransmission method and device of message
CN102325124A (en) Flow-guiding function-supported application identification equipment and method
CN107864101A (en) Load-balancing method and device
CN102201996B (en) Method and equipment for forwarding message in network address translation (NAT) environment
US20220393908A1 (en) Message Encapsulation Method and Apparatus, and Message Decapsulation Method and Apparatus
CN101969404B (en) Method and equipment for processing messages
CN111131539B (en) Message forwarding method and device
CN111049947B (en) Message forwarding method and device, electronic equipment and storage medium
CN105516302A (en) Data processing method and network device
CN116545921A (en) Message forwarding method, device, equipment and storage medium based on ECMP
JP2018110392A (en) Method and device for sensing nat device
CN113709186A (en) Efficient honeypot proxy forwarding method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant after: Hangzhou Dipu Polytron Technologies Inc

Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant before: Hangzhou Dipu Technology Co., Ltd.

C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant