CN106572085A - Chip from perspective of UDF application and matching method - Google Patents
Chip from perspective of UDF application and matching method Download PDFInfo
- Publication number
- CN106572085A CN106572085A CN201610910966.8A CN201610910966A CN106572085A CN 106572085 A CN106572085 A CN 106572085A CN 201610910966 A CN201610910966 A CN 201610910966A CN 106572085 A CN106572085 A CN 106572085A
- Authority
- CN
- China
- Prior art keywords
- module
- chip
- udf
- layers
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/325—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the network layer [OSI layer 3], e.g. X.25
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Communication Control (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention provides a chip from the perspective of a UDF application, which comprises an interface information module, a virtual local area network module, a three-layer variable header module, a multi-protocol label module and a four-layer header module, wherein the interface information module, the virtual local area network module, the three-layer variable header module, the multi-protocol label module and the four-layer header module serve as key information for matching, several groups of offset positions and an initial byte number of each offset point are compiled, data defined by a user are taken out based on the configuration, a control list is accessed finally for matching. Network protocol message demands changing continuously on the current protocol surface can be flexibly supported, and the service life of the chip is longer.
Description
Technical field
The present invention relates to Network Processor technology field, more particularly to a kind of chip from UDF application angles and
Method of completing the square.
Background technology
Now with network Development, the development of cloud Intel Virtualization Technology, many new protocol types, mesh can be engendered
Front popular agreement such as vxlan, nvgre etc., generally adopt during these protocol encapsulations and are carried again after message layer three information
The method of two layers of information, is also a kind of new tunneling technique.With the enhancing of switch ability, increasing demand is just had
It is to need to pay close attention to more than four layers of header.And conventional switch IC is because be that hard coded and construction cycle are longer, core first
Piece None- identified cannot directly meet these needs to concrete variable protocol type, it is common practice that by message
On be sent to the method for cpu and go to process these messages, the Software Protocol Stack on cpu realizes the identifying processing of vxlan/nvgre etc..On
In stating scheme, message all on send cpu, by Software Protocol Stack recognize message and process can all take very many cpu resources,
And may result in the Consumer's Experience of some applications also can be poor, and chip cannot do associated safety and statistics.
The content of the invention
It is an object of the invention to overcome the defect of prior art, there is provided from the chip of UDF application angles, in reality
The application that the chip encountered using in cannot be supported, while considering the design cost of chip, reduces cost of manufacture.
For achieving the above object, the present invention proposes following technical scheme:A kind of chip from UDF application angles, bag
Interface message module, VLAN module, three layers of variable head module, multiprotocol label module and four layers of head module are included, it is described
Interface message module, VLAN module, three layers of variable head module, multiprotocol label module and four layers of head module are used as key
Information is matched, and compiles out several groups of deviation posts and byte number that each offset point starts to take is configured, based on these
User-defined data are taken out in configuration, finally with accesses control list go matching again.
Preferably, three layers of Changeable head includes IpOption, Ipv6ExtHeader.
Preferably, four layers of head module includes transmission control protocol and UDP.
Preferably, the number of three layers of variable head module is determined by IpOption or Ipv6ExtHeader.
Preferably, the exchange length of the multiprotocol label module includes 4 layer protocol sources and 4 layer protocol purposes.
Preferably, the number of the VLAN module is defined by the user to determine.
In addition, the present invention also provides a kind of chip matching process from UDF application angles, by user in message
The process of the field of concern, is compensated and character boundary, and for subsequent access the critical data that list recognizes message is controlled, from
And pass through chip logic such message is abandoned, redirected, strategy, statistical disposition.
The invention has the beneficial effects as follows:The present invention provides a kind of design chips scheme, can flexibly support very much at present
The procotol message demand being continually changing on agreement face, it is more powerful to specific message disposal ability, and cause chip
Life cycle is also longer.
Description of the drawings
Fig. 1 is the module diagram of the chip design of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing of the present invention, clear, complete description is carried out to the technical scheme of the embodiment of the present invention.
Fig. 1, the disclosed chip from UDF application angles, including interface message module are referred to, virtually
LAN module, three layers of variable head module, multiprotocol label module and four layers of head module, the interface message module, virtual office
Domain net module, three layers of variable head module, multiprotocol label module and four layers of head module are matched as key message, are compiled out
The byte number that several groups of deviation posts and each offset point start to take is configured, and based on these configurations user-defined number is taken out
According to, finally again with accesses control list go matching.
Furtherly, three layers of Changeable head includes IpOption, Ipv6ExtHeader;Four layers of head module includes
Transmission control protocol and UDP;The number of three layers of variable head module is come by IpOption or Ipv6ExtHeader
Determine;The exchange length of the multiprotocol label module includes 4 layer protocol sources and 4 layer protocol purposes, the VLAN mould
The number of block is defined by the user to determine.
Chip design principle of the present invention is as follows:
Consider that the mechanism of UDF goes to provide motility, the typical case of the UDF for mentioning from the prior art in the design phase of chip
Two kinds are set out using angle, and the former is the head that new definition is set up on known protocol basis, such as vxlan heads udp heads it
Afterwards, set timing match in UDF and consider some key element:Interface message, vlanNum, three layers of Changeable head such as IpOption,
Ipv6ExtHeader length, MPLS label length, four layers of head are tcp, udp etc., are matched these information as key (),
Action goes out the byte numbers configuration that several groups of deviation posts and each offset point start to take, and based on these configurations udf data are taken out,
Below again with acl go matching because acl action are more flexible, can be done with the coprocessor outside redirect to CPU/ and be located
Reason, or some speed limits, statistics and discard processing, such as certain message CPU process and speed limit etc. are sent.UDF is matched
Memory is tcam, in order to flexible, can configure mask (mask) according to particular demands.
The present invention also provides a kind of chip matching process from UDF application angles, by paying close attention to user in message
Field process, be compensated and character boundary, the critical data that list recognizes message is controlled for subsequent access, so as to logical
Cross chip logic such message is abandoned, redirected, strategy, statistical disposition.The key point of the present invention is by message
The acquisition of various information goes to obtain offset and len, and is incorporated in the process logic of feature stream by acl.
For example, the message of vxlan altogether is received, ordinary circumstance is upper cpu, in an embodiment of the present invention, it is assumed that this
The ipsa of message is 1.1.1.1, and udp ports are 4789, then can be resolved to by udf parser according to the two information
Offset is 332bit, and len is 64bit, then this 64bit is in fact vxlanheader, such as the content of this 64bit message
0x01010101, then just can this partial content as accesses control list critical data, if configuration one acl
Entry also contains 0x01010101 and can just match this message, so as to by chip logic do discarding, redirection,
The behaviors such as strategy, statistics.
The technology contents and technical characteristic of the present invention have revealed that as above, but those of ordinary skill in the art still may base
Make a variety of replacements and modification without departing substantially from spirit of the present invention in teachings of the present invention and announcement, therefore, the scope of the present invention
The content that should be not limited to disclosed in embodiment, and various replacements and modification without departing substantially from the present invention should be included, and for this patent Shen
Please claim covered.
Claims (7)
1. a kind of chip from UDF application angles, it is characterised in that:Including interface message module, VLAN module,
Three layers of variable head module, multiprotocol label module and four layers of head module, the interface message module, VLAN module, three
The variable head module of layer, multiprotocol label module and four layers of head module are matched as key message, compile out several groups of bits of offset
Put the byte number for starting to take with each offset point to be configured, take out user-defined data based on these configurations, again finally
Matching is gone with accesses control list.
2. the chip from UDF application angles according to claim 1, it is characterised in that three layers of Changeable head bag
Include IpOption, Ipv6ExtHeader.
3. the chip from UDF application angles according to claim 1, it is characterised in that four layers of head module bag
Include transmission control protocol and UDP.
4. the chip from UDF application angles according to claim 1, it is characterised in that three layers of variable head mould
The number of block is determined by IpOption or Ipv6ExtHeader.
5. the chip from UDF application angles according to claim 1, it is characterised in that the multiprotocol label mould
The exchange length of block includes 4 layer protocol sources and 4 layer protocol purposes.
6. the chip from UDF application angles according to claim 1, it is characterised in that the VLAN mould
The number of block is defined by the user to determine.
7. a kind of chip matching process from UDF application angles, it is characterised in that:By the word to user's concern in message
The process of section, is compensated and character boundary, the critical data that list recognizes message is controlled for subsequent access, so as to pass through core
Piece logic is abandoned, redirected to such message, tactful, statistical disposition.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610910966.8A CN106572085B (en) | 2016-10-19 | 2016-10-19 | A kind of chip and matching process from UDF application angle |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610910966.8A CN106572085B (en) | 2016-10-19 | 2016-10-19 | A kind of chip and matching process from UDF application angle |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106572085A true CN106572085A (en) | 2017-04-19 |
| CN106572085B CN106572085B (en) | 2019-10-11 |
Family
ID=58533278
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610910966.8A Active CN106572085B (en) | 2016-10-19 | 2016-10-19 | A kind of chip and matching process from UDF application angle |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106572085B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108270699A (en) * | 2017-12-14 | 2018-07-10 | 中国银联股份有限公司 | Message processing method, shunting interchanger and converging network |
| CN110035074A (en) * | 2019-04-01 | 2019-07-19 | 盛科网络(苏州)有限公司 | A kind of chip implementing method and device of ACL matching UDF message |
| CN113438252A (en) * | 2021-07-08 | 2021-09-24 | 恒安嘉新(北京)科技股份公司 | Message access control method, device, equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003056763A1 (en) * | 2001-12-21 | 2003-07-10 | Chip Engines | Reconfigurable data packet header processor |
| CN102970227A (en) * | 2012-11-12 | 2013-03-13 | 盛科网络(苏州)有限公司 | Method and device for achieving virtual extensible local area network (VXLAN) message transmitting in application specific integrated circuit (ASIC) |
| CN105337884A (en) * | 2015-09-25 | 2016-02-17 | 盛科网络(苏州)有限公司 | Method and device for achieving multistage message editing service control on the basis of logic port |
| CN105429841A (en) * | 2014-09-15 | 2016-03-23 | 中兴通讯股份有限公司 | NNI PING realization method and device |
-
2016
- 2016-10-19 CN CN201610910966.8A patent/CN106572085B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003056763A1 (en) * | 2001-12-21 | 2003-07-10 | Chip Engines | Reconfigurable data packet header processor |
| CN102970227A (en) * | 2012-11-12 | 2013-03-13 | 盛科网络(苏州)有限公司 | Method and device for achieving virtual extensible local area network (VXLAN) message transmitting in application specific integrated circuit (ASIC) |
| CN105429841A (en) * | 2014-09-15 | 2016-03-23 | 中兴通讯股份有限公司 | NNI PING realization method and device |
| CN105337884A (en) * | 2015-09-25 | 2016-02-17 | 盛科网络(苏州)有限公司 | Method and device for achieving multistage message editing service control on the basis of logic port |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108270699A (en) * | 2017-12-14 | 2018-07-10 | 中国银联股份有限公司 | Message processing method, shunting interchanger and converging network |
| CN110035074A (en) * | 2019-04-01 | 2019-07-19 | 盛科网络(苏州)有限公司 | A kind of chip implementing method and device of ACL matching UDF message |
| CN113438252A (en) * | 2021-07-08 | 2021-09-24 | 恒安嘉新(北京)科技股份公司 | Message access control method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106572085B (en) | 2019-10-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105024985B (en) | A kind of message processing method and device | |
| CN102334112B (en) | Method and system for virtual machine networking | |
| CN103347013B (en) | A kind of OpenFlow network system and method strengthening programmability | |
| Gibb et al. | Design principles for packet parsers | |
| CN105191215B (en) | The method and apparatus that data plane for bi-directional service chain learns | |
| CN105765946B (en) | Support the method and system of the service chaining in data network | |
| CN104618244B (en) | A kind of SDN and the method and system of traditional IP intercommunication | |
| CN102255903B (en) | Safety isolation method for virtual network and physical network of cloud computing | |
| CN110177046B (en) | Security exchange chip based on mimicry thought, implementation method and network exchange equipment | |
| CN110168499A (en) | The context service abundant based on attribute is executed on host | |
| CN106685826B (en) | Switchboard stacked system, from equipment, exchange chip and processing protocol message method | |
| CN109076028A (en) | Heterogeneous software defines the differential section in network environment | |
| CN105706043A (en) | Boosting linked list throughput | |
| Li et al. | Improving SDN scalability with protocol-oblivious source routing: A system-level study | |
| CN106572085A (en) | Chip from perspective of UDF application and matching method | |
| TW526453B (en) | Method and system for frame and protocol classification | |
| Hari et al. | Path switching: Reduced-state flow handling in SDN using path information | |
| CN103973568B (en) | For the method and apparatus for forwarding SDN stream on the net in MPLS core | |
| CN105359472B (en) | A kind of data processing method and device for OpenFlow networks | |
| CN109962847A (en) | The packaging method and device and computer readable storage medium of business function chain message | |
| CN106293957A (en) | Order flexibly in content center network and control | |
| CN107453992A (en) | Data forwarding method and system in a kind of virtual network | |
| CN102571946B (en) | Realization method of protocol identification and control system based on P2P (peer-to-peer network) | |
| CN105812340A (en) | Access method and device for virtual network to extranet | |
| CN105429882A (en) | Message editing realization method and apparatus based on conventional switching chip search mode |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 215000 unit 13 / 16, 4th floor, building B, No.5 Xinghan street, Suzhou Industrial Park, Jiangsu Province Patentee after: Suzhou Shengke Communication Co.,Ltd. Address before: 215000 unit 13 / 16, 4th floor, building B, No.5 Xinghan street, Suzhou Industrial Park, Jiangsu Province Patentee before: CENTEC NETWORKS (SU ZHOU) Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |