CN106411924A - Method of building session forwarding entry, and method and device for forwarding message - Google Patents
Method of building session forwarding entry, and method and device for forwarding message Download PDFInfo
- Publication number
- CN106411924A CN106411924A CN201610942104.3A CN201610942104A CN106411924A CN 106411924 A CN106411924 A CN 106411924A CN 201610942104 A CN201610942104 A CN 201610942104A CN 106411924 A CN106411924 A CN 106411924A
- Authority
- CN
- China
- Prior art keywords
- characteristic information
- table item
- message
- forwarding
- session forwarding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1096—Supplementary features, e.g. call forwarding or call holding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/10—Architectures or entities
- H04L65/102—Gateways
- H04L65/1033—Signalling gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
- H04L65/1104—Session initiation protocol [SIP]
Abstract
The invention provides a method of building a session forwarding entry, and a method and a device for forwarding a message. The method of building the session forwarding entry comprises steps: at least one preset type of source feature information and objective feature information from feature information in a received message are extracted; if exchange operation is determined to be executed on the source feature information and the objective feature information, a hash value is calculated according to the feature information after the exchange operation is executed; or otherwise, a hash value is calculated according to the original feature information; a corresponding node is determined according to the hash value; when no session forwarding entry corresponding to the message does not exist under the node, the session forwarding entry is built under the node, and related message forwarding information is recorded. In the technical scheme of the invention, through determining whether to execute exchange operation on the source feature information and the objective feature information firstly, the performance of the forwarding device is enhanced. Through directly building the session forwarding entry under the node, the session forwarding entry matching efficiency can be improved.
Description
Technical field
The application is related to communication technique field, the more particularly, to a kind of method creating session forwarding-table item, E-Packets
Method and device.
Background technology
In the prior art, when forwarding unit creates session forwarding-table item, can be calculated positive and negative according to the message receiving
The cryptographic Hash of both direction, obtains corresponding node, thus respectively under corresponding node, record is corresponding to the session of this message
The address information of forwarding-table item.
However, because forwarding unit calculates the cryptographic Hash of positive and negative both direction, obtain two nodes and it needs at two
Under node, record the address information of the session forwarding-table item corresponding to this message respectively, thus it is substantial amounts of to occupy forwarding unit
Process resource, reduces the performance of forwarding unit.Meanwhile, actually two nodes records is all same session forwarding-table item
Address information, leads to waste the substantial amounts of memory headroom of forwarding unit.
Content of the invention
In view of this, the application provides a kind of method creating session forwarding-table item, the method and device E-Packeting, can
When forwarding unit creates session forwarding-table item, to lift the performance of forwarding unit, and to reduce to this forwarding unit memory headroom
Waste.
For achieving the above object, the application provides technical scheme as follows:
First aspect according to the application, it is proposed that a kind of method of establishment session forwarding-table item, is applied to forwarding unit;
Methods described includes:
When receiving message, extract described message in characteristic information the source characteristic information of at least one preset kind and
Purpose characteristic information;
When determining, described source characteristic information and the execution of described purpose characteristic information are exchanged when operating, described mutually according to execution
Change the characteristic information after operation and calculate cryptographic Hash;Described source characteristic information and described purpose characteristic information are not executed mutually when determining
When changing operation, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
When there is not session forwarding-table item corresponding with described message under described node, create described under described node
Session forwarding-table item, and record the relevant information forwarding described message.
Second aspect according to the application, it is proposed that a kind of method E-Packeting, is applied to forwarding unit;Methods described
Including:
When receiving message, extract described message in characteristic information the source characteristic information of at least one preset kind and
Purpose characteristic information;
When determining, described source characteristic information and the execution of described purpose characteristic information are exchanged when operating, described mutually according to execution
Change the characteristic information after operation and calculate cryptographic Hash;Described source characteristic information and described purpose characteristic information are not executed mutually when determining
When changing operation, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
Mate session forwarding-table item corresponding with described message under described node, described session forwarding-table item is by above-mentioned wound
The method building session forwarding-table item generates;
According to the session forwarding-table item matching, forward described message.
The third aspect according to the application, it is proposed that a kind of device of establishment session forwarding-table item, is applied to forwarding unit;
Described device includes:
Extraction unit, when receiving message, extracts the source of at least one preset kind of characteristic information in described message
Characteristic information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to
The described characteristic information exchanging after operating of execution calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose feature
When operation is exchanged in information execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
First creating unit, when there is not session forwarding-table item corresponding with described message under described node, described
Create described session forwarding-table item under node, and record the relevant information forwarding described message.
Fourth aspect according to the application, it is proposed that a kind of device E-Packeting, is applied to forwarding unit;Described device
Including:
Extraction unit, when receiving message, extracts the source of at least one preset kind of characteristic information in described message
Characteristic information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to
The described characteristic information exchanging after operating of execution calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose feature
When operation is exchanged in information execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
Matching unit, mates session forwarding-table item corresponding with described message, described session forward table under described node
Item is generated by the method for above-mentioned establishment session forwarding-table item;
Retransmission unit, according to the session forwarding-table item matching, forwards described message.
From above technical scheme, in the technical scheme of the application, on the one hand, by first determining whether to source feature
Information and operation is exchanged in the execution of purpose characteristic information it is ensured that the cryptographic Hash being calculated according to positive and negative both direction is equal, that is,
Determine establishment session forwarding-table item under same node, and same session forwarding-table item need not be created under two different nodes,
Thus improving the performance of forwarding unit.Meanwhile, save the memory headroom of forwarding unit.On the other hand, by directly in section
Point is lower to create session forwarding-table item, and records the relevant information E-Packeting, and forwarding unit, when mating session forwarding-table item, saves
Omit and gone to search the link of session forwarding-table item according to address information, thus improve the matching efficiency to session forwarding-table item.
Brief description
Fig. 1 is the structural representation of session forwarding-table item in correlation technique.
Fig. 2 is the flow chart of the method that forwarding unit creates session forwarding-table item in correlation technique.
Fig. 3 is the flow chart of a kind of method of establishment session forwarding-table item that the application one exemplary embodiment provides.
Fig. 4 is a kind of flow chart of method E-Packeting that the application one exemplary embodiment provides.
Fig. 5 is a kind of method of establishment session forwarding-table item that the application one exemplary embodiment provides, and forwards report
The flow chart of the method for literary composition.
Fig. 6 is a kind of structural representation of session forwarding-table item that the application one exemplary embodiment provides.
Fig. 7 is the structural representation of a kind of electronic equipment that the application one exemplary embodiment provides.
Fig. 8 is a kind of block diagram of the device of establishment session forwarding-table item that the application one exemplary embodiment provides.
Fig. 9 is the structural representation of another kind of electronic equipment that the application one exemplary embodiment provides.
Figure 10 is a kind of block diagram of device E-Packeting that the application one exemplary embodiment provides.
Specific embodiment
Here will in detail exemplary embodiment be illustrated, its example is illustrated in the accompanying drawings.Explained below is related to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous key element.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with such as appended
The example of the consistent apparatus and method of some aspects being described in detail in claims, the application.
It is the purpose only merely for description specific embodiment in term used in this application, and be not intended to be limiting the application.
" a kind of ", " described " and " being somebody's turn to do " of singulative used in the application and appended claims is also intended to including most
Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein refers to and wraps
Containing one or more associated any or all possible combination listing project.
It will be appreciated that though various information may be described using term first, second, third, etc. in the application, but this
A little information should not necessarily be limited by these terms.These terms are only used for same type of information is distinguished from each other out.For example, without departing from
In the case of the application scope, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determining ".
In actual network environment, because the variation of the flow through forwarding unit is it is easy to hash-collision
Situation, that is, according to being not belonging to same stream, (the five-tuple information of message is identical, or source IP address and purpose IP address phase
Instead, and source port number and destination slogan contrary) message, be calculated same cryptographic Hash, thus under same node exist
Different session forwarding-table items, so, session forwarding-table item is created using structure as shown in Figure 1.As shown in Figure 1:
When the situation of above-mentioned hash-collision occurs, create chained list under corresponding node, in chained list, have recorded establishment
The address information of session forwarding-table item, and it is matched with the five-tuple information of this session forwarding-table item.Each chain under same node
With Unidirectional chain-type structure connection between table.
For example it is assumed that successively receiving message a and message b, wherein message a and message b is not belonging to same stream, report
Civilian a is matched with session forwarding-table item 1, and message b is matched with session forwarding-table item 2.According to message a calculated forward direction cryptographic Hash
For 0, also it is 0 according to message b calculated forward direction cryptographic Hash.So, due to first receiving message a, so in node 0
(Node0) create the address letter of chained list 1, the five-tuple information of recorded message a in chained list 1, and session forwarding-table item 1 under
Breath, then after chained list 1, creates chained list 2, the five-tuple information of recorded message b in chained list 2, and session forwarding-table item 2
Address information.
Fig. 2 is the flow chart of the method that forwarding unit creates session forwarding-table item in correlation technique.Refer to Fig. 2, the party
Method may comprise steps of:
Step 201, receives message.
Step 202, calculates positive cryptographic Hash.
Step 203, calculates reverse cryptographic Hash.
Wherein, forwarding unit, according to the five-tuple information of message, is calculated positive cryptographic Hash, then, by this five-tuple
Middle source IP address and purpose IP address are exchanged, and source port number and destination slogan are exchanged, then are calculated reverse cryptographic Hash.
Step 204, creates chained list, the address information of recording conversation forwarding-table item under corresponding node.
Wherein, when positive cryptographic Hash and reverse cryptographic Hash are equal, if not existing under corresponding node and this message pair
The session forwarding-table item answered, that is, illustrate that forwarding unit forwards the message that this receives first, then create session forwarding-table item, and will
Relevant information (comprising five-tuple, done business etc.) for forwarding this message recorded in session forwarding-table item.Meanwhile, at this
Establishment chained list under node, and record the five-tuple information of this message in this chained list, and the ground of the session forwarding-table item creating
Location information.When positive cryptographic Hash and reverse cryptographic Hash are unequal, if not existing and this message pair under each self-corresponding node
The session forwarding-table item answered, then in the manner described above, create chained list under each self-corresponding node respectively, and record this message
Five-tuple information, and the address information of the session forwarding-table item creating.
Wherein, comprise two parts content in session forwarding-table item, a part is for the relevant information forwarding this message (i.e.
The relevant information of above-mentioned record);Another part is to be reverse message (source IP address, purpose for forwarding with respect to this message
IP address is contrary with this message, and source port number, and destination slogan is contrary with this message) relevant information, and now, this part
Content is sky.
In the same manner, when forwarding unit receive be reverse message (hereinafter referred to as reversely message) with respect to this message when, press
Method according to step 201-203 calculates positive cryptographic Hash and reverse cryptographic Hash.Then under the corresponding node of positive cryptographic Hash, root
According to the five-tuple of this reverse message, mate corresponding chained list.Its matching process is divided into two steps:
The first step, according to the five-tuple information of this reverse message, is mated with the five-tuple of current chain table record;
Second step, if not matching that with the five-tuple of current chain table record, exchanges source IP address and purpose IP address, with
And exchange source port number and destination slogan, further according to the five-tuple information after exchanging, the five-tuple letter with current chain table record
Breath coupling.
If under the corresponding node of positive cryptographic Hash, match chained list corresponding with this reverse message, then according to this chain
In table, the address information of record, will be used for forwarding the relevant information of this reverse message to recorded in corresponding session forwarding-table item.
It can be seen that, in the related, when forwarding unit receives the reverse message of this message, according to this reverse message
During the corresponding chained list of five-tuple information matches, need coupling twice could successful match to corresponding chained list, and then lead to reduction
Matching efficiency to session forwarding-table item.Simultaneously as forwarding unit needs to calculate the cryptographic Hash of positive and negative both direction, obtain
Two nodes, thus occupying the substantial amounts of process resource of forwarding unit, reduce the performance of forwarding unit, and actually two sections
What point recorded is all the address information of same session forwarding-table item, leads to waste the substantial amounts of memory headroom of forwarding unit.
Fig. 3 is the flow chart of a kind of method of establishment session forwarding-table item shown in the application one exemplary embodiment, should
Method is applied to forwarding unit, may comprise steps of:
Step 301, when receiving message, the source extracting at least one preset kind of characteristic information in described message is special
Reference breath and purpose characteristic information.
Step 302, when determine operation is exchanged to described source characteristic information and the execution of described purpose characteristic information when, according to holding
The described characteristic information exchanging after operating of row calculates cryptographic Hash;Described source characteristic information and described purpose feature are not believed when determining
When operation is exchanged in breath execution, cryptographic Hash is calculated according to the original characteristic information of described message.
Step 303, according to calculated cryptographic Hash, determines corresponding node.
Step 304, when there is not session forwarding-table item corresponding with described message under described node, under described node
Create described session forwarding-table item, and record the relevant information forwarding described message.
In the present embodiment, when there is described session forwarding-table item under described node, and in described session forwarding-table item not
When comprising the relevant information forwarding described message, in described session forwarding-table item, record described relevant information.
In the present embodiment, determine in the following manner and described source characteristic information and described purpose characteristic information are executed mutually
Change operation:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;When
When described numerical values recited relation meets preset relation, determine and exchange is executed to described source characteristic information and described purpose characteristic information
Operation.
In the present embodiment, when hash-collision occurs, the end of chain structure under described node, create and described report
The corresponding session forwarding-table item of literary composition, comprises the session forwarding-table item creating according to other messages receiving in described chained list.
Fig. 4 is a kind of flow chart of the method E-Packeting shown in the application one exemplary embodiment, and the method is applied
In forwarding unit, may comprise steps of:
Step 401, when receiving message, the source extracting at least one preset kind of characteristic information in described message is special
Reference breath and purpose characteristic information.
Step 402, when determine operation is exchanged to described source characteristic information and the execution of described purpose characteristic information when, according to holding
The described characteristic information exchanging after operating of row calculates cryptographic Hash;Described source characteristic information and described purpose feature are not believed when determining
When operation is exchanged in breath execution, cryptographic Hash is calculated according to the original characteristic information of described message.
Step 403, according to calculated cryptographic Hash, determines corresponding node.
Step 404, mates session forwarding-table item corresponding with described message, described session forwarding-table item under described node
Generated by the method for above-mentioned establishment session forwarding-table item as shown in Figure 3.
In the present embodiment, mate session forward table corresponding with described message in the following manner under described node
?:
When determining execution described exchange operation, mate and described report according to executing the described characteristic information exchanging after operation
The corresponding session forwarding-table item of literary composition;
When determining that not executing described exchange operates, according to described message original characteristic information coupling and described message pair
The session forwarding-table item answered.
Step 405, according to the session forwarding-table item matching, forwards described message.
From above technical scheme, in the technical scheme of the application, on the one hand, by first determining whether to source feature
Information and operation is exchanged in the execution of purpose characteristic information it is ensured that the cryptographic Hash being calculated according to positive and negative both direction is equal, that is,
Determine establishment session forwarding-table item under same node, and same session forwarding-table item need not be created under two different nodes,
Thus simplifying the process creating session forwarding-table item, improve the performance of forwarding unit.Meanwhile, save the interior of forwarding unit
Deposit space.On the other hand, by directly creating session forwarding-table item under node, and recording the relevant information E-Packeting, turn
The equipment of sending out, when mating session forwarding-table item, eliminates and goes to search the link of session forwarding-table item according to address information, thus carrying
The high matching efficiency to session forwarding-table item.
In order to make it easy to understand, with reference to Fig. 5, for forwarding unit to the processing procedure receiving message, to the application
Technical scheme be described in detail.Refer to Fig. 5, Fig. 5 is that the establishment session shown in the application one exemplary embodiment forwards
The method of list item, and the flow chart of the method E-Packeting.As shown in figure 5, the method may comprise steps of:
Step 501, forwarding unit receives message.
In the present embodiment, after forwarding unit receives message, at least one extracting characteristic information in message presets class
The source characteristic information of type and purpose characteristic information.For example, source characteristic information can be source port number and source IP address, purpose feature
Information can be destination slogan and purpose IP address.
Step 502, it is determined whether exchange source characteristic information and purpose characteristic information.
Step 503, calculates cryptographic Hash according to characteristic information.
In the present embodiment, the numerical values recited relation by determining source characteristic information and purpose characteristic information whether meet pre-
If relation, to determine whether to exchange operation to source characteristic information and the execution of purpose characteristic information.
In the present embodiment, when determining to source characteristic information and the execution exchange operation of purpose characteristic information, according to execution
Exchange the characteristic information after operation and calculate cryptographic Hash;Operation is not exchanged to source characteristic information and the execution of purpose characteristic information when determining
When, cryptographic Hash is calculated according to the original characteristic information of message.
For example, in the case that forwarding unit does not use NAT business, there is not IP address conversion, false
The fixed source characteristic information extracting is source port number and source IP address, and purpose characteristic information is purpose port numbers and purpose IP address.
Due to port numbers length less it is easy to compare, so regulation first compare port numbers, when source port number numerical value be more than destination interface
Number numerical value when, to source port number and destination slogan execution exchange operation, and to source IP address and purpose IP address execution
Exchange operation.When the numerical value of source port number is less than the numerical value of destination slogan, do not execute exchange operation.Number when source port number
When value is equal to the numerical value of destination slogan, compare the numerical values recited of source IP address and purpose IP address further.Wherein, as source IP
When the numerical value of address is more than the numerical value of purpose IP address, operation is exchanged to source port number and destination slogan execution, and to source
Operation is exchanged in IP address and purpose IP address execution;When the numerical value of source IP address is less than the numerical value of purpose IP address, do not execute
Exchange operation.And under normal circumstances, source IP address will not be identical with purpose IP address, thus ensureing to determine whether
Operation is exchanged in execution.Herein adopt " more than " numerical relation by way of example only, it would however also be possible to employ " less than " etc. other
Numerical relation, the application is not limited to this.
For example, in one case, the characteristic information that forwarding unit receives message is five-tuple information, wherein, source IP
Address is 2001::1, purpose IP address are 2002::2, source port number is 2028, and destination slogan is 1024, and agreement is 6.Aobvious
So, the numerical value of source port number is more than the numerical value of destination slogan, therefore, exchanges behaviour to source port number and destination slogan execution
Make, and operation is exchanged to source IP address and purpose IP address execution.Executing the five-tuple information exchanged after operating is:Source IP ground
Location is 2002::2, purpose IP address are 2001::1, source port number is 1024, and destination slogan is 2048, and agreement is 6.Connect down
Then to exchange the five-tuple information after operation according to this execution and calculate cryptographic Hash.And work as forwarding unit and receive with respect to this message
Reverse message when, that is, the five-tuple information of this reverse message is:Source IP address is 2002::2, purpose IP address are 2001::
1, source port number is 1024, and destination slogan is 2048, and agreement is 6.Obviously, exchange operation, next then basis need not be executed
Original five-tuple information calculates cryptographic Hash.
For example, in another case, the five-tuple information that forwarding unit receives message is:Source IP address (sip) is
3003::1, purpose IP address (dip) are 2002::1, source port number (sport) is 1024, and destination slogan (dport) is
1024, agreement is 17.The address size of IPv6 is 128bit, is divided into low 32bit, secondary low 32bit, second highest 32bit, high 32bit
Compare successively, its comparison procedure is as follows:
Sip=30030000_00000000_00000000_00000001
Dip=20020000_00000000_00000000_00000001
The first step:Relatively sport and dport, obtains 1024=1024 it is impossible to determine whether to exchange, carries out second step;
Second step:Relatively sip [31:0] with dip [31:0], obtain 00000001=00000001 it is impossible to determine whether mutually
Change, carry out the 3rd step;
3rd step:Relatively sip [63:32] with dip [63:32], obtain 00000000=00000000 it is impossible to determine whether mutually
Change, carry out the 4th step;
4th step:Relatively sip [95:64] with dip [95:64], obtain 00000000=00000000 it is impossible to determine whether mutually
Change, carry out the 5th step;
5th step:Relatively sip [127:96] with dip [127:96], 30030000 are obtained>20020000, determine sip>dip.
Numerical value due to source IP address is more than the numerical value of purpose IP address, so to source port number and destination slogan execution
Exchange operation, and operation is exchanged to source IP address and purpose IP address execution.Executing the five-tuple information exchanged after operating is:
Sip is 2002::1, dip is 3003::1, sport is 1024 for 1024, dport, and agreement is 17.Following then according to this execution
The five-tuple information after operation of exchanging calculates cryptographic Hash.And when forwarding unit receives the reverse message with respect to this message,
I.e. the five-tuple information of this reverse message is:Sip is 2002::1, dip is 3003::1, sport is 1024 for 1024, dport,
Agreement is 17.Obviously, exchange operation need not be executed, next then cryptographic Hash is calculated according to original five-tuple information.Due to big
A part IP address high position is identical, so, in most cases, after 32bit lower than relatively low 32bit or secondary, just can compare
Numerical values recited, thus improve the efficiency comparing numerical values recited.
By above-mentioned regulation so that when forwarding unit receives message however, it is determined that the source port number to message and purpose
Operation is exchanged in port numbers execution, and exchanges operation to source IP address and purpose IP address execution, then when receiving with respect to this
During the reverse message of message, exchange operation need not be executed, further such that when forwarding unit receives message and with respect to this report
During the reverse message of literary composition, identical cryptographic Hash can be calculated according to identical characteristic information, determine same node.
Step 504, judges whether session forwarding-table item corresponding with receiving message, if existing, proceeds to step
505a, otherwise, proceeds to step 505b.
In the present embodiment, according to calculated cryptographic Hash, determine corresponding node, coupling and reception under this node
To message corresponding session forwarding-table item.When determining that operation is exchanged in execution in step 503, exchanged after operation according to execution
The five-tuple information match of the session forwarding-table item under characteristic information (for example, five-tuple information), with this node, if both
Five-tuple information identical, then be corresponding session forwarding-table item, otherwise, be not corresponding session forwarding-table item;When in step
When determining in 503 that not executing exchange operates, according to receiving the original characteristic information of message, with the session forward table under this node
The five-tuple information match of item.By above-mentioned matching way it is only necessary to coupling once just can determine that the session of current matching turns
Whether forwarding list item is corresponding session forwarding-table item, thus improve the matching efficiency to session forwarding-table item.
Step 505a, judges whether comprise to forward the relevant information receiving message in corresponding session forwarding-table item, if
Comprise, then proceed to step 506, otherwise, proceed to step 507.
Step 505b, creates session forwarding-table item under node, and records the relevant information forwarding this to receive message.
In the present embodiment, comprise two parts content in session forwarding-table item, a part is that this receives report for forwarding
The relevant information of literary composition;Another part be for forward with respect to this receive message reverse message relevant information.By elder generation
Determine whether to exchange operation it is ensured that calculating according to positive and negative both direction to source characteristic information and the execution of purpose characteristic information
Cryptographic Hash equal, that is, determine under same node establishment session forwarding-table item, and need not create under two different nodes with
One session forwarding-table item, thus simplifying the process creating session forwarding-table item, improves the performance of forwarding unit.Meanwhile, save
Save the memory headroom of forwarding unit.
Step 506, according to relevant information, forwards the message that this receives.
Step 507, in corresponding session forwarding-table item, record forwards this to receive the relevant information of message.
In the technical scheme of the application, (need to create different sessions under same node when hash-collision occurs
Forwarding-table item) when, create session forwarding-table item by the structure shown in Fig. 6, as shown in Figure 6:
Directly create session forwarding-table item under node, with Unidirectional chain-type between each session forwarding-table item under same node
Structure connection, when hash-collision occurs, the chain structure end of session forwarding-table item under node, create corresponding session
Forwarding-table item.
For example, in one case, when forwarding unit receives message, and the characteristic information (example according to this message
As for five-tuple information) calculated cryptographic Hash when being 1, determines coupling meeting corresponding with this message under node 1 (Node1)
Words forwarding-table item it is assumed that now having created session forwarding-table item 1 and session forwarding-table item 2 under Node1, then according to from left-hand
The right side, coupling session forwarding-table item 1 and session forwarding-table item 2 successively.When session forwarding-table item 1 and session forwarding-table item 2 are not
During session forwarding-table item corresponding with this message, in the end (i.e. after session forwarding-table item 2) of chain structure, create session and turn
Forwarding list item 3, and record the relevant information forwarding this message.
In another case, when forwarding unit receives message and calculated according to the characteristic information of this message
When cryptographic Hash is 3, determines and mate session forwarding-table item corresponding with this message under Node3 it is assumed that now not wound under Node3
Built session forwarding-table item (the not session forwarding-table item corresponding with this message of explanation simultaneously), then directly created under Node3
Session forwarding-table item 4, and record the relevant information forwarding this message.
The situation of NAT business from above technical scheme, in the technical scheme of the application, is not used in forwarding unit
Under, the probability very little of a large amount of hash-collisions, due to there is not IP address conversion, occurs under same node, so passing through
Directly create session forwarding-table item under node, closed with the structure of Unidirectional chain-type between each session forwarding-table item under same node
Connection, eliminates in correlation technique and goes to search the link of session forwarding-table item according to address information, can improve to session forward table
The matching efficiency of item.
Fig. 7 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Refer to Fig. 7,
In hardware view, this electronic equipment includes processor 702, internal bus 704, network interface 706, internal memory 708 and non-volatile
Property memorizer 710, is also possible that the hardware required for other business certainly.Processor 702 is from nonvolatile memory 710
Read corresponding computer program and then to run in internal memory 702, the dress creating session forwarding-table item is formed on logic level
Put.Certainly, in addition to software realization mode, the application is not precluded from other implementations, such as logical device or soft or hard
Mode etc. that part combines that is to say, that the executive agent of following handling process be not limited to each logical block it is also possible to
It is hardware or logical device.
Refer to Fig. 8, in Software Implementation, the device of this establishment session forwarding-table item can include extraction unit
801st, computing unit 802, determining unit 803 and the first creating unit 804.Wherein:
Extraction unit 801, when receiving message, extracts at least one preset kind of characteristic information in described message
Source characteristic information and purpose characteristic information;
Computing unit 802, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, root
Calculate cryptographic Hash according to executing the described characteristic information exchanging after operation;Not special to described source characteristic information and described purpose when determining
When operation is exchanged in reference breath execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit 803, according to calculated cryptographic Hash, determines corresponding node;
First creating unit 804, when there is not session forwarding-table item corresponding with described message under described node, in institute
State and under node, create described session forwarding-table item, and record the relevant information forwarding described message.
Optionally, also include:
Recording unit 805, when there is described session forwarding-table item under described node, and does not wrap in described session forwarding-table item
Containing forward described message relevant information when, record described relevant information in described session forwarding-table item.
Optionally, described computing unit 802 specifically for:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;
When described numerical values recited relation meets preset relation, determine to described source characteristic information and described purpose feature letter
Operation is exchanged in breath execution.
Optionally, also include:
Second creating unit 806, when hash-collision occurs, the end of chain structure under described node, create and institute
State message corresponding session forwarding-table item, in described chained list, comprise the session forward table creating according to other messages receiving
?.
Fig. 9 shows the schematic configuration diagram of another electronic equipment of the exemplary embodiment according to the application.
Refer to Fig. 9, in hardware view, this electronic equipment include processor 902, internal bus 904, network interface 906,
Internal memory 908 and nonvolatile memory 910, are also possible that the hardware required for other business certainly.Processor 902 is from non-
Read corresponding computer program in volatile memory 910 and then to run in internal memory 902, logic level is formed and forwards
The device of message.Certainly, in addition to software realization mode, the application is not precluded from other implementations, such as logical device
Or mode of software and hardware combining etc. is that is to say, that the executive agent of following handling process is not limited to each logic list
Unit or hardware or logical device.
Refer to Figure 10, in Software Implementation, the device that this E-Packets can include extraction unit 1001, calculate
Unit 1002, determining unit 1003, matching unit 1004 and retransmission unit 1005.Wherein:
Extraction unit 1001, when receiving message, extracts at least one preset kind of characteristic information in described message
Source characteristic information and purpose characteristic information;
Computing unit 1002, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining,
Calculate cryptographic Hash according to executing the described characteristic information exchanging after operation;When determination is not to described source characteristic information and described purpose
When operation is exchanged in characteristic information execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit 1003, according to calculated cryptographic Hash, determines corresponding node;
Matching unit 1004, mates session forwarding-table item corresponding with described message under described node, and described session turns
Forwarding list item is generated by the method for the establishment session forwarding-table item as any one of claim 1-4;
Retransmission unit 1005, according to the session forwarding-table item matching, forwards described message.
Optionally, described matching unit 1004 specifically for:
When determining execution described exchange operation, mate and described report according to executing the described characteristic information exchanging after operation
The corresponding session forwarding-table item of literary composition;
When determining that not executing described exchange operates, according to described message original characteristic information coupling and described message pair
The session forwarding-table item answered.
In said apparatus, the process of realizing of the function of unit and effect specifically refers to corresponding step in said method
Realize process, will not be described here.
For device embodiment, because it corresponds essentially to embodiment of the method, thus real referring to method in place of correlation
The part applying example illustrates.Device embodiment described above is only schematically, wherein said as separating component
The unit illustrating can be or may not be physically separate, as the part that unit shows can be or can also
It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to actual
Need to select the purpose to realize application scheme for some or all of module therein.Those of ordinary skill in the art are not paying
In the case of going out creative work, you can to understand and to implement.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all essences in the application
Within god and principle, any modification, equivalent substitution and improvement done etc., should be included within the scope of the application protection.
Claims (12)
1. a kind of method creating session forwarding-table item is it is characterised in that be applied to forwarding unit;Methods described includes:
When receiving message, extract the source characteristic information of at least one preset kind of characteristic information and purpose in described message
Characteristic information;
When determining that executing exchange to described source characteristic information and described purpose characteristic information operates, grasp according to executing described exchange
Characteristic information after work calculates cryptographic Hash;Behaviour is not exchanged to described source characteristic information and the execution of described purpose characteristic information when determining
When making, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
When there is not session forwarding-table item corresponding with described message under described node, create described session under described node
Forwarding-table item, and record the relevant information forwarding described message.
2. method according to claim 1 is it is characterised in that also include:
When there is described session forwarding-table item under described node, and do not comprise to forward described message in described session forwarding-table item
During relevant information, in described session forwarding-table item, record described relevant information.
3. method according to claim 1 is it is characterised in that determine in the following manner to described source characteristic information and institute
State the execution of purpose characteristic information and exchange operation:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;
When described numerical values recited relation meets preset relation, determine and described source characteristic information and described purpose characteristic information are held
Row exchanges operation.
4. method according to claim 1 is it is characterised in that also include:
When hash-collision occurs, the end of chain structure under described node, create session corresponding with described message and forward
List item, comprises the session forwarding-table item creating according to other messages receiving in described chained list.
5. a kind of method E-Packeting is it is characterised in that be applied to forwarding unit;Methods described includes:
When receiving message, extract the source characteristic information of at least one preset kind of characteristic information and purpose in described message
Characteristic information;
When determining that executing exchange to described source characteristic information and described purpose characteristic information operates, grasp according to executing described exchange
Characteristic information after work calculates cryptographic Hash;Behaviour is not exchanged to described source characteristic information and the execution of described purpose characteristic information when determining
When making, cryptographic Hash is calculated according to the original characteristic information of described message;
According to calculated cryptographic Hash, determine corresponding node;
Mate session forwarding-table item corresponding with described message under described node, described session forwarding-table item is by such as claim
The method of the establishment session forwarding-table item any one of 1-4 generates;
According to the session forwarding-table item matching, forward described message.
6. method according to claim 5 it is characterised in that described under described node coupling corresponding with described message
Session forwarding-table item, including:
When determining execution described exchange operation, mate and described message pair according to executing the described characteristic information exchanging after operation
The session forwarding-table item answered;
When determining that not executing described exchange operates, mated corresponding with described message according to the original characteristic information of described message
Session forwarding-table item.
7. a kind of device creating session forwarding-table item is it is characterised in that be applied to forwarding unit;Described device includes:
Extraction unit, when receiving message, extracts the source feature of at least one preset kind of characteristic information in described message
Information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to execution
The described characteristic information exchanging after operating calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose characteristic information
When operation is exchanged in execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
First creating unit, when there is not session forwarding-table item corresponding with described message under described node, in described node
The described session forwarding-table item of lower establishment, and record the relevant information forwarding described message.
8. device according to claim 7 is it is characterised in that also include:
Recording unit, when there is described session forwarding-table item under described node, and does not comprise in described session forwarding-table item to forward
During the relevant information of described message, in described session forwarding-table item, record described relevant information.
9. device according to claim 7 it is characterised in that described computing unit specifically for:
Determine whether described source characteristic information and the numerical values recited relation of described purpose characteristic information meet preset relation;
When described numerical values recited relation meets preset relation, determine and described source characteristic information and described purpose characteristic information are held
Row exchanges operation.
10. device according to claim 7 is it is characterised in that also include:
Second creating unit, when hash-collision occurs, the end of chain structure under described node, create and described message pair
The session forwarding-table item answered, comprises the session forwarding-table item creating according to other messages receiving in described chained list.
A kind of 11. devices E-Packeting are it is characterised in that be applied to forwarding unit;Described device includes:
Extraction unit, when receiving message, extracts the source feature of at least one preset kind of characteristic information in described message
Information and purpose characteristic information;
Computing unit, exchanges when operating to described source characteristic information and the execution of described purpose characteristic information when determining, according to execution
The described characteristic information exchanging after operating calculates cryptographic Hash;When determination is not to described source characteristic information and described purpose characteristic information
When operation is exchanged in execution, cryptographic Hash is calculated according to the original characteristic information of described message;
Determining unit, according to calculated cryptographic Hash, determines corresponding node;
Matching unit, under described node mate session forwarding-table item corresponding with described message, described session forwarding-table item by
The method of the establishment session forwarding-table item as any one of claim 1-4 generates;
Retransmission unit, according to the session forwarding-table item matching, forwards described message.
12. devices according to claim 11 it is characterised in that described matching unit specifically for:
When determining execution described exchange operation, mate and described message pair according to executing the described characteristic information exchanging after operation
The session forwarding-table item answered;
When determining that not executing described exchange operates, mated corresponding with described message according to the original characteristic information of described message
Session forwarding-table item.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610942104.3A CN106411924B (en) | 2016-10-24 | 2016-10-24 | A kind of method creating session forwarding-table item, the method and device that E-Packets |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610942104.3A CN106411924B (en) | 2016-10-24 | 2016-10-24 | A kind of method creating session forwarding-table item, the method and device that E-Packets |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106411924A true CN106411924A (en) | 2017-02-15 |
CN106411924B CN106411924B (en) | 2019-07-09 |
Family
ID=58013621
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610942104.3A Active CN106411924B (en) | 2016-10-24 | 2016-10-24 | A kind of method creating session forwarding-table item, the method and device that E-Packets |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106411924B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109981463A (en) * | 2019-02-25 | 2019-07-05 | 网易(杭州)网络有限公司 | Information processing method, device, gateway and storage medium |
CN112491723A (en) * | 2020-12-07 | 2021-03-12 | 上海励驰半导体有限公司 | Gateway message forwarding method, device, storage medium and gateway |
CN113098954A (en) * | 2021-03-30 | 2021-07-09 | 平安科技(深圳)有限公司 | Message forwarding method and device, computer equipment and storage medium |
CN113765804A (en) * | 2021-08-05 | 2021-12-07 | 中移(杭州)信息技术有限公司 | Message forwarding method, device, equipment and computer readable storage medium |
CN114221847A (en) * | 2021-12-10 | 2022-03-22 | 北京天融信网络安全技术有限公司 | Network session management method, device and equipment and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102404193A (en) * | 2010-09-17 | 2012-04-04 | 华为技术有限公司 | Method and edge device capable of generating forward list item, forwarding message and obtaining address |
CN103051542A (en) * | 2012-12-11 | 2013-04-17 | 武汉烽火网络有限责任公司 | Method for realizing connectivity detection based on data link layer Ethernet MAC (media access control) address |
CN104683267A (en) * | 2013-11-26 | 2015-06-03 | 浙江大华系统工程有限公司 | Data forwarding method, data forwarding device, and switching equipment |
-
2016
- 2016-10-24 CN CN201610942104.3A patent/CN106411924B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102404193A (en) * | 2010-09-17 | 2012-04-04 | 华为技术有限公司 | Method and edge device capable of generating forward list item, forwarding message and obtaining address |
CN103051542A (en) * | 2012-12-11 | 2013-04-17 | 武汉烽火网络有限责任公司 | Method for realizing connectivity detection based on data link layer Ethernet MAC (media access control) address |
CN104683267A (en) * | 2013-11-26 | 2015-06-03 | 浙江大华系统工程有限公司 | Data forwarding method, data forwarding device, and switching equipment |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109981463A (en) * | 2019-02-25 | 2019-07-05 | 网易(杭州)网络有限公司 | Information processing method, device, gateway and storage medium |
CN109981463B (en) * | 2019-02-25 | 2021-07-27 | 网易(杭州)网络有限公司 | Information processing method, device, gateway and storage medium |
CN112491723A (en) * | 2020-12-07 | 2021-03-12 | 上海励驰半导体有限公司 | Gateway message forwarding method, device, storage medium and gateway |
CN113098954A (en) * | 2021-03-30 | 2021-07-09 | 平安科技(深圳)有限公司 | Message forwarding method and device, computer equipment and storage medium |
CN113098954B (en) * | 2021-03-30 | 2022-10-25 | 平安科技(深圳)有限公司 | Message forwarding method and device, computer equipment and storage medium |
CN113765804A (en) * | 2021-08-05 | 2021-12-07 | 中移(杭州)信息技术有限公司 | Message forwarding method, device, equipment and computer readable storage medium |
CN114221847A (en) * | 2021-12-10 | 2022-03-22 | 北京天融信网络安全技术有限公司 | Network session management method, device and equipment and storage medium |
CN114221847B (en) * | 2021-12-10 | 2024-01-23 | 北京天融信网络安全技术有限公司 | Network session management method, device and equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN106411924B (en) | 2019-07-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106411924A (en) | Method of building session forwarding entry, and method and device for forwarding message | |
US7969976B2 (en) | Gateway apparatus, packet forwarding method, and program | |
US8059562B2 (en) | Listener mechanism in a distributed network system | |
JP4759389B2 (en) | Packet communication device | |
US8290934B2 (en) | Method and system for processing access control lists using a hashing scheme | |
US7636305B1 (en) | Method and apparatus for monitoring network traffic | |
CN108173982B (en) | NAT (network Address translation) processing method and device for cross-board message | |
CN106878194B (en) | Message processing method and device | |
JP2008536369A (en) | Connection forwarding | |
CN102075404A (en) | Message detection method and device | |
CN103379029B (en) | A kind of method of the routing forwarding of content network, apparatus and system | |
CN102255909B (en) | Session stream monitoring method and device | |
CN102904975A (en) | Method and associated device for message processing | |
CN106341338B (en) | A kind of retransmission method and device of message | |
CN102325124A (en) | Flow-guiding function-supported application identification equipment and method | |
CN107864101A (en) | Load-balancing method and device | |
CN102201996B (en) | Method and equipment for forwarding message in network address translation (NAT) environment | |
US20220393908A1 (en) | Message Encapsulation Method and Apparatus, and Message Decapsulation Method and Apparatus | |
CN101969404B (en) | Method and equipment for processing messages | |
CN111131539B (en) | Message forwarding method and device | |
CN111049947B (en) | Message forwarding method and device, electronic equipment and storage medium | |
CN105516302A (en) | Data processing method and network device | |
CN116545921A (en) | Message forwarding method, device, equipment and storage medium based on ECMP | |
JP2018110392A (en) | Method and device for sensing nat device | |
CN113709186A (en) | Efficient honeypot proxy forwarding method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant after: Hangzhou Dipu Polytron Technologies Inc Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant before: Hangzhou Dipu Technology Co., Ltd. |
|
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |