CN106789703A - A kind of traffic policing algorithm based on SDN frameworks - Google Patents

A kind of traffic policing algorithm based on SDN frameworks Download PDF

Info

Publication number
CN106789703A
CN106789703A CN201710021501.1A CN201710021501A CN106789703A CN 106789703 A CN106789703 A CN 106789703A CN 201710021501 A CN201710021501 A CN 201710021501A CN 106789703 A CN106789703 A CN 106789703A
Authority
CN
China
Prior art keywords
sdn
flow
traffic policing
controllers
traffic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710021501.1A
Other languages
Chinese (zh)
Other versions
CN106789703B (en
Inventor
翟跃
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Yundong Technology Co.,Ltd.
Original Assignee
Shanghai Feixun Data Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Feixun Data Communication Technology Co Ltd filed Critical Shanghai Feixun Data Communication Technology Co Ltd
Priority to CN201710021501.1A priority Critical patent/CN106789703B/en
Publication of CN106789703A publication Critical patent/CN106789703A/en
Application granted granted Critical
Publication of CN106789703B publication Critical patent/CN106789703B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/23Bit dropping
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2483Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to a kind of traffic policing algorithm based on SDN frameworks, the method includes, S101:User configures traffic policing strategy on SDN controllers;S102:SDN controllers receive message from SDN switch, parse purpose IP and source IP;S103:SDN controllers receive privately owned extension Experimenter messages from SDN switch, parse Experimenter messages;S104:SDN switch detects the speed of flow, and SDN controllers are reported according to detecting result.Compared with prior art, traffic policing process of the present invention based on SDN frameworks is unifiedly calculated by controller, centralized management, and all of traffic policing configuration all concentrates on controller, is easy to management and later stage to run.

Description

A kind of traffic policing algorithm based on SDN frameworks
Technical field
The invention belongs to network communication technology field, more particularly to network traffic regulation technique field, tool Body is a kind of traffic policing algorithm based on SDN frameworks.
Background technology
Network security is always a hot issue of network field, always carves in a network and is not flooded with network and attacks Hit.Traffic policing can be prevented effectively due to the impact that the mass data of moment in network is come to Netowrk tape, it is ensured that user network The network efficiently operation of stabilization.
Often network traffics are supervised in legacy network, but often using the monitoring device of high price, Unitary function and do not possess high scalability, it is difficult to adapt to flexible and changeable network attack, safety analysis is worked after equipment Personnel bring more requirements, and they also need to grasp making for various kinds of equipment in addition to corresponding security knowledge deposit is needed to have With method, changing distinct device will increase learning cost again.Other this kind of monitoring device each follows different technical standards, difficult To carry out more easily self-defined setting, flexibility and the autgmentability of equipment are greatly reduced.
Traditional traffic policing message can be marked as three kinds of colors:Green, yellow and red.Carried out for green packet Traffic statistics and the action that can be taken yellow packet are message priority heavy label;It is dynamic for what red packet can be taken As discarding.Traffic statistics are supported, based on byte count or based on message number statistics, conveniently to check supervision situation.Priority weight Mark is to search heavy label priority mapping table according to the original priority of message, obtains new message priority.But, tradition The configuration of traffic policing be distributed, based on every forwarding unit, the requirement to keeper is higher.
SDN(Software Defined Networking software defined networks)It is a kind of New Network Technique framework. Traditional network architecture is different from, it separates network-based control aspect and data plane.In data plane, function more tends to Simply, can be forwarded according to the strategy of control plane.SDN(Software Defined Networking software defined networks Network)Control plane is typically served as by controller, and data plane function is realized by interchanger.SDN(Software Defined Networking software defined networks)Flexibly, reliability, safety, these characteristics meet internet to scalability, safety, compatibility The demand of property.Extension and upgrading of the strategy that software defined network control plane and data plane are separate to communication network extremely have Profit.
Patent of the present invention is supervised based on SDN frameworks to flow, and typical case's application is that SDN supervisors enter network The specification of a certain flow, it be limited in one it is rational within the scope of, or partial discharge to exceeding carries out " punishment ", with guarantor Shield Internet resources and the interests of operator.HTTP message can for example be limited can not occupy over 50% network bandwidth.If hair The flow of existing certain connection is exceeded, and traffic policing can select dropping packets, or the priority for resetting message.It is of the invention special Niche is unifiedly calculated in the traffic policing process of SDN frameworks by SDN controllers, centralized management;All of traffic policing configuration is all SDN controllers are concentrated on, is easy to management and later stage to run.
The content of the invention
For the shortcoming or deficiency of above-mentioned prior art, the technical problem to be solved in the present invention is to provide a kind of traffic policing The traffic policing algorithm based on SDN frameworks that process is uniformly controlled by SDN controllers.
In order to solve the above technical problems, the present invention has following composition:
A kind of traffic policing algorithm based on SDN frameworks, the method includes:S101:User configures flow on SDN controllers Monitor strategy;S102:SDN controllers receive message from SDN switch, parse purpose IP and source IP;S103:SDN controllers from SDN switch receives privately owned extension Experimenter messages, parses Experimenter messages;S104:SDN switch is detected The speed of flow, SDN controllers are reported according to detecting result.
The SDN controllers support the traffic policing configuration task based on SDN, the configuration task include traffic policing table with And the traffic policing function based on SDN;Traffic characteristic, threshold value and the SDN that the traffic policing table is specified including user The supervision state that interchanger is reported;The traffic policing function based on SDN, for opening or closing the stream based on SDN Amount monitoring function.
Also include privately owned traffic policing table, the privately owned traffic policing table by user's static configuration or dynamic creation, And the priority of static entries is higher than dynamic environment;The privately owned traffic policing table include purpose IP, source IP, green threshold, Yellow threshold value and supervision state;The purpose IP and source IP are used for target flow;By flow rate respectively at green threshold with And yellow threshold value is compared, the SDN switch reports SDN controllers after carrying out traffic statistics;The supervision state representation The SDN switch reports the labeled color of message.
The form that the SDN controllers receive privately owned extension Experimenter messages from SDN switch is, described Experimenter values are shown to be from SDN switch direction to SDN controllers for 1, and the Experimenter values are 255;Institute State privately owned extension Experimenter messages and SDN controllers are reported by the SDN switch on forward-path;The purpose IP and Source IP uniquely determines a stream;Which kind of color is the supervision state table free flow amount be labeled.
The step S101 is specially:SDN switch reports the message for not matching flow table;SDN controllers are supervised based on flow Pipe strategy and forward-path issue flow table;SDN switch reports traffic policing result.
According to purpose IP and source IP query flows supervision table, if hit, threshold value and priority are obtained from matching entry Not;Then message forwarding path is obtained, flow table is issued to all SDN switches on forward-path according to matching entry;According to mesh IP and source IP query flows supervision table, if do not hit, the dynamic new supervision entry of generation;Finally obtain message forwarding road Footpath, flow table is issued according to matching entry to all SDN switches on forward-path;If do not hit, the SDN controllers are moved State generates new supervision entry, and threshold value takes default value, and priority level takes from message, without modification.
In the step S103, according to the Experimenter messages that the SDN controllers are parsed, traffic policing table is updated Supervision state.
If the detecting speed≤green threshold of SDN switch, the flow is marked as green, the SDN switch Controller is reported after carrying out traffic statistics;The traffic statistics include that byte number and message number are counted;If SDN switch is detectd The rate that tests the speed > green thresholds, and the detecting speed≤yellow threshold value, then the flow be marked as yellow, the SDN switch is entered Row major level heavy label, and report SDN controllers;The processing mode that the priority is re-flagged is drop priority processing;Such as The detecting speed of fruit SDN switch>Yellow threshold value, then the flow is marked as red, and reports SDN controllers.
When the flow is marked as red, the SDN switch will carry out packet loss treatment.
The SDN controllers and SDN switch are supported to expand flow table;The Match fields for expanding flow table include source IP and purpose IP;The action field for expanding flow table is to detect the speed of flow.
The expansion flow table is specially:When speed≤green threshold is detected, then the flow is marked as green, described SDN switch reports controller after carrying out traffic statistics;When speed≤yellow threshold value is detected, then the flow is marked as Huang Color, the SDN switch carries out priority heavy label, and reports SDN controllers;When detecting speed>Yellow threshold value, the then flow Red is marked as, the SDN switch carries out packet loss, and reports SDN controllers.
Compared with prior art, traffic policing process of the present invention based on SDN frameworks is unifiedly calculated by SDN controllers, is collected Middle management, all of traffic policing configuration all concentrates on SDN controllers, is easy to management and later stage to run;SDN controllers supervise into Enter the specification of a certain flow of network, it be limited in one it is rational within the scope of, or partial discharge to exceeding " punish Penalize ", to protect the interests of Internet resources and operator.
Brief description of the drawings
Fig. 1:Traffic policing algorithm schematic diagram of the present invention based on SDN frameworks;
Fig. 2:Traffic policing flow chart of the present invention based on SDN frameworks;
Fig. 3:The flow chart that SDN controllers are processed user's message in the present invention;
Fig. 4:Flow chart of the SDN controllers to Experimenter Message processings in the present invention;
Fig. 5:The process chart of SDN switch in the present invention;
Fig. 6:The test environment schematic diagram of embodiment in the present invention.
Specific embodiment
The technique effect of design of the invention, concrete structure and generation is described further below with reference to accompanying drawing, with It is fully understood from the purpose of the present invention, feature and effect.
As shown in figure 1, traffic policing algorithm of the present invention based on SDN frameworks, the method following steps:S101:User exists On SDN controllers, traffic policing strategy is configured;S102:SDN controllers receive message from SDN switch, parse purpose IP and source IP;S103:SDN controllers receive privately owned extension Experimenter messages, parsing Experimenter reports from SDN switch Text;S104:SDN switch detects the speed of flow, and SDN controllers are reported according to detecting result.The present invention is based on SDN frameworks Traffic policing process is unifiedly calculated by SDN controllers, centralized management, and all of traffic policing configuration all concentrates on SDN controllers, It is easy to management and O&M.
The specific supervision algorithm of different step will be specifically described below:
Step S101, is shown in Fig. 2:User configures traffic policing strategy on SDN controllers.
Specifically, the SDN switch reports the message for not matching flow table;SDN controllers be based on traffic policing strategy and Forward-path issues flow table;SDN switch reports traffic policing result.
The SDN controllers support the traffic policing configuration task based on SDN, the configuration task include traffic policing table with And the traffic policing function based on SDN.Traffic characteristic, threshold value and the SDN that the traffic policing table is specified including user The supervision state that interchanger is reported.The traffic policing function based on SDN, for opening or closing the stream based on SDN Amount monitoring function.
Step S102, is shown in Fig. 3:The SDN controllers receive message from SDN switch, parse purpose IP and source IP.
Privately owned traffic policing table is inquired about according to purpose IP and source IP, if hit, obtained from matching entry threshold value and Priority level;Then message forwarding path is obtained, flow table is issued to all SDN switches on forward-path according to matching entry.
Privately owned traffic policing table is inquired about according to purpose IP and source IP, if do not hit, the SDN controllers are dynamically raw The supervision entry of Cheng Xin, threshold value takes default value, and priority level takes from message, without modification.Finally obtain message forwarding path, root According to matching entry flow table is issued to all SDN switches on forward-path.
The privately owned traffic policing table is by user's static configuration or dynamic creation, and the priority of static entries is higher than dynamic State entry.
The privately owned traffic policing table includes purpose IP, source IP, green threshold, yellow threshold value and supervision state;Institute Stating purpose IP and source IP is used for target flow;Flow rate is compared respectively at green threshold and yellow threshold value, it is described SDN switch reports SDN controllers after carrying out traffic statistics;SDN switch described in the supervision state representation reports message quilt The color of mark.
Step S103, is shown in Fig. 4:SDN controllers receive privately owned extension Experimenter messages, parsing from SDN switch Experimenter messages, then update the supervision state of traffic policing table.
The form that the SDN controllers receive privately owned extension Experimenter messages from SDN switch is, described Experimenter values are shown to be from SDN switch direction to SDN controllers for 1, and the Experimenter values are 255;Institute State privately owned extension Experimenter messages and SDN controllers are reported by the SDN switch on forward-path;The purpose IP and Source IP uniquely determines a stream;Which kind of color is the supervision state table free flow amount be labeled(See below description).
The supervision state generally indicates that flow is marked as three kinds of colors:Green, yellow and red, when flow is marked During into green, the SDN switch reports controller after carrying out traffic statistics;When flow is marked as yellow, the SDN is exchanged Machine carries out priority heavy label, and reports SDN controllers;When flow is marked as red, the SDN switch will carry out packet loss Treatment, and report SDN controllers.
Step S104, is shown in Fig. 5:SDN switch detects the speed of flow, and SDN controllers are reported according to detecting result.
If specifically, the detecting speed≤green threshold of SDN switch, the flow is marked as green, the SDN Interchanger reports controller after carrying out traffic statistics.The traffic statistics include that byte number and message number are counted.
If the detecting speed > green thresholds of SDN switch, and the detecting speed≤yellow threshold value, then the flow is marked Note yellowly, the SDN switch carries out priority heavy label, and reports SDN controllers.The place that the priority is re-flagged Reason mode is drop priority processing.
If the detecting speed of SDN switch>Yellow threshold value, then the flow be marked as red, the SDN switch will Packet loss treatment is carried out, and reports SDN controllers.
By the setting of above-mentioned different threshold values, the SDN controllers supervision enters the specification of a certain flow of network, it Be limited in one it is rational within the scope of, or partial discharge to exceeding carries out " punishment ", to protect Internet resources and operator Interests.
As a further improvement, the SDN controllers and SDN switch are supported to expand flow table.The expansion flow table Match fields include source IP and purpose IP.The action field for expanding flow table is to detect the speed of flow.
The expansion flow table is specifically described as:When speed≤green threshold is detected, then the flow is marked as green, institute Stating SDN switch carries out traffic statistics(Should support that byte number and message number are counted)After report controller;When detecting speed≤Huang During chromatic threshold value, then the flow is marked as yellow, and the SDN switch carries out priority heavy label(Drop priority), and report SDN controllers;When detecting speed>Yellow threshold value, then the flow be marked as red, the SDN switch carries out packet loss, and on Report SDN controllers.
Traffic policing algorithm of the present invention based on SDN is specifically addressed below with reference to specific test environment.
First, according to test environment shown in Fig. 6, is built, user configures traffic policing strategy on SDN controllers.
The SDN controllers support the traffic policing configuration task based on SDN, the configuration task include traffic policing table with And the traffic policing function based on SDN.Traffic characteristic, threshold value and the SDN that the traffic policing table is specified including user The supervision state that interchanger is reported.The traffic policing function based on SDN, for opening or closing the stream based on SDN Amount monitoring function.
In addition, the SDN controllers and SDN switch are supported to expand flow table.The expansion flow table includes Match fields And action field, the Match fields include source IP and purpose IP, and the action field of the expansion flow table is to detect the speed of flow Rate.
The expansion flow table is specifically described as:When speed≤green threshold is detected, then the flow is marked as green, institute Stating SDN switch carries out traffic statistics(Should support that byte number and message number are counted)After report controller;When detecting speed≤Huang During chromatic threshold value, then the flow is marked as yellow, and the SDN switch carries out priority heavy label(Drop priority), and report SDN controllers;When detecting speed>Yellow threshold value, then the flow be marked as red, the SDN switch carries out packet loss, and on Report SDN controllers.
In the test environment, the green threshold is 100 PPS, and the yellow threshold value is 200 PPS, and new priority level is 1.The client C is 50 PPS to the flow of server, and the flow of customer end A to server is 120 PPS, and customer end B is arrived The flow of server is 220 PPS.
Then, the SDN controllers receive message from SDN switch, parse purpose IP and source IP, and the process will be followed Privately owned traffic policing table.The privately owned traffic policing table includes purpose IP, source IP, green threshold, yellow threshold value and prison Tubulose state.
The purpose IP and source IP are used for target flow;Flow rate is carried out respectively at green threshold and yellow threshold value Compare, the SDN switch reports SDN controllers after carrying out traffic statistics;In SDN switch described in the supervision state representation The labeled color of report message.
The specific comparison result of flow rate is in the test environment, and the flow of the client C to server is 50 PPS, the numerical value is less than the PPS of green threshold 100.
The customer end A is 120 PPS to the flow of server, and the numerical value is more than green threshold and less than yellow threshold value 200 PPS。
Customer end B is 220 PPS to the flow of server, and the numerical value is more than the PPS of yellow threshold value 200.
Subsequently, the SDN controllers receive privately owned extension Experimenter messages, parsing from SDN switch Experimenter messages.
The form that the SDN controllers receive privately owned extension Experimenter messages from SDN switch is, described Experimenter values are shown to be from SDN switch direction to SDN controllers for 1, and the Experimenter values are 255 needs Organized to ONF and applied;The privately owned extension Experimenter messages report SDN and control by the SDN switch on forward-path Device processed;The purpose IP and source IP uniquely determine a stream;The supervision state table free flow is labeled which kind of color, the supervision State generally indicates that flow is marked as green, yellow and red three kinds of colors.
From above-mentioned steps:
The client C is marked as green to the flow of server.
The customer end A is marked as yellow to the flow of server.
Customer end B is marked as red to the flow of server.
Finally, SDN switch detects the speed of flow, and SDN controllers are reported according to detecting result.
Concrete analysis process is if that, the detecting speed≤green threshold of SDN switch, the flow is marked as green Color, the SDN switch reports SDN controllers after carrying out traffic statistics.The traffic statistics include that byte number and message number are united Meter.
If the detecting speed > green thresholds of SDN switch, and the detecting speed≤yellow threshold value, then the flow is marked Note yellowly, the SDN switch carries out priority heavy label, and reports SDN controllers.The place that the priority is re-flagged Reason mode is drop priority processing.
If the detecting speed of SDN switch>Yellow threshold value, then the flow be marked as red, the SDN switch will Packet loss treatment is carried out, and reports SDN controllers.
Analyzed according to more than, the PPS of 50 PPS < green thresholds of flow 100 of the client C to server, the flow Green is marked as, the SDN switch carries out traffic statistics(Should support that byte number and message number are counted)Afterwards, SDN is reported to control Device processed.
The customer end A to server the PPS of 120 PPS > green thresholds of flow 100, and < yellow threshold values 200 PPS, then the flow be marked as yellow, the SDN switch carries out priority heavy label, i.e. the customer end A to server The priority of flow be modified to 1(1 priority level is minimum), and report SDN controllers.
Customer end B is more than the PPS of yellow threshold value 200 to the PPS of flow 220 of server, then the flow is marked as red, Directly abandoned by S0, and report SDN controllers.
By the setting of above-mentioned different threshold values, the SDN controllers supervision enters the specification of a certain flow of network, it Within the scope of being limited in one reasonably, i.e., the flow to customer end A, customer end B and client C is supervised, and to super The partial discharge for going out is carried out " punishment ", i.e., directly the data on flows of discarding customer end B and the data on flows to customer end A are carried out Degradation treatment, finally protecting the interests of Internet resources and operator.
Traffic policing process of the present invention based on SDN frameworks is unifiedly calculated by SDN controllers, is managed concentratedly, all of stream Amount supervision configuration all concentrates on SDN controllers, is easy to management and later stage to run, and its supervision effect is substantially better than traditional Working mould Formula, control more convenient and efficient, its market application foreground is boundless.
It will be appreciated by those skilled in the art that accompanying drawing is a schematic diagram for preferred embodiment, unit or stream in accompanying drawing Journey is not necessarily implemented necessary to the present invention.The embodiments of the present invention are for illustration only, do not represent embodiment Quality.
The above embodiments are merely illustrative of the technical solutions of the present invention and it is non-limiting, reference only to preferred embodiment to this hair It is bright to be described in detail.It will be understood by those within the art that, technical scheme can be modified Or equivalent, without deviating from the spirit and scope of technical solution of the present invention, all should cover in scope of the presently claimed invention.

Claims (11)

1. a kind of traffic policing algorithm based on SDN frameworks, it is characterised in that the method includes:
S101:User configures traffic policing strategy on SDN controllers;
S102:SDN controllers receive message from SDN switch, parse purpose IP and source IP;
S103:SDN controllers receive privately owned extension Experimenter messages, parsing Experimenter reports from SDN switch Text;
S104:SDN switch detects the speed of flow, and SDN controllers are reported according to detecting result.
2. the traffic policing algorithm based on SDN frameworks according to claim 1, it is characterised in that the SDN controllers branch The traffic policing configuration task based on SDN is held, the configuration task includes traffic policing table and the traffic policing work(based on SDN Energy;The supervision state that traffic characteristic, threshold value and the SDN switch that the traffic policing table is specified including user are reported; The traffic policing function based on SDN, for opening or closing the traffic policing function based on SDN.
3. the traffic policing algorithm based on SDN frameworks according to claim 1, it is characterised in that also including privately owned stream Amount supervises table, and the privately owned traffic policing table is higher than by user's static configuration or dynamic creation, and the priority of static entries Dynamic environment;The privately owned traffic policing table includes purpose IP, source IP, green threshold, yellow threshold value and supervision state;Institute Stating purpose IP and source IP is used for target flow;Flow rate is compared respectively at green threshold and yellow threshold value, it is described SDN switch reports SDN controllers after carrying out traffic statistics;SDN switch described in the supervision state representation reports message quilt The color of mark.
4. the traffic policing algorithm based on SDN frameworks according to claim 1, it is characterised in that the SDN controllers from The form that SDN switch receives privately owned extension Experimenter messages is, the Experimenter values for 1 be shown to be from To SDN controllers, the Experimenter values are 255 in SDN switch direction;The privately owned extension Experimenter messages SDN controllers are reported by the SDN switch on forward-path;The purpose IP and source IP uniquely determine a stream;The prison Tubulose state shows which kind of color flow is labeled.
5. the traffic policing algorithm based on SDN frameworks according to claim 1, it is characterised in that the step S101 tools Body is:
SDN switch reports the message for not matching flow table;
SDN controllers are based on traffic policing strategy and forward-path issues flow table;
SDN switch reports traffic policing result.
6. the traffic policing algorithm based on SDN frameworks according to claim 3, it is characterised in that according to purpose IP and source IP query flows supervise table, if hit, threshold value and priority level are obtained from matching entry;Then message forwarding road is obtained Footpath, flow table is issued according to matching entry to all SDN switches on forward-path;Supervised according to purpose IP and source IP query flows Table, if do not hit, the new supervision entry of dynamic generation;Message forwarding path is finally obtained, according to matching entry to forwarding All SDN switches issue flow table on path;If do not hit, the SDN controllers dynamically generate new supervision entry, threshold Value takes default value, and priority level takes from message, without modification.
7. the traffic policing algorithm based on SDN frameworks according to claim 1 or 6, it is characterised in that the step S103 In, according to the Experimenter messages that the SDN controllers are parsed, update the supervision state of traffic policing table.
8. the traffic policing algorithm based on SDN frameworks according to claim 7, it is characterised in that
If the detecting speed≤green threshold of SDN switch, the flow is marked as green, the SDN switch is carried out Controller is reported after traffic statistics;
The traffic statistics include that byte number and message number are counted;
If the detecting speed > green thresholds of SDN switch, and the detecting speed≤yellow threshold value, then the flow is marked as Yellow, the SDN switch carries out priority heavy label, and reports SDN controllers;
The processing mode that the priority is re-flagged is drop priority processing;
If the detecting speed of SDN switch>Yellow threshold value, then the flow is marked as red, and reports SDN controllers.
9. the traffic policing algorithm based on SDN frameworks according to claim 8, it is characterised in that when the flow is marked When remembering into red, the SDN switch will carry out packet loss treatment.
10. the traffic policing algorithm based on SDN frameworks according to claim 1, it is characterised in that the SDN controllers Support to expand flow table with SDN switch;The Match fields for expanding flow table include source IP and purpose IP;It is described to expand stream The action field of table is to detect the speed of flow.
11. flux monitoring methods based on SDN frameworks according to claim 10, it is characterised in that the expansion flow table Specially:When speed≤green threshold is detected, then the flow is marked as green, and the SDN switch carries out traffic statistics After report controller;When speed≤yellow threshold value is detected, then the flow is marked as yellow, and the SDN switch carries out excellent First level heavy label, and report SDN controllers;When detecting speed>Yellow threshold value, then the flow be marked as red, the SDN is handed over Changing planes carries out packet loss, and reports SDN controllers.
CN201710021501.1A 2017-01-12 2017-01-12 SDN architecture-based traffic supervision method Active CN106789703B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710021501.1A CN106789703B (en) 2017-01-12 2017-01-12 SDN architecture-based traffic supervision method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710021501.1A CN106789703B (en) 2017-01-12 2017-01-12 SDN architecture-based traffic supervision method

Publications (2)

Publication Number Publication Date
CN106789703A true CN106789703A (en) 2017-05-31
CN106789703B CN106789703B (en) 2020-10-13

Family

ID=58947751

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710021501.1A Active CN106789703B (en) 2017-01-12 2017-01-12 SDN architecture-based traffic supervision method

Country Status (1)

Country Link
CN (1) CN106789703B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108235804A (en) * 2017-12-27 2018-06-29 深圳前海达闼云端智能科技有限公司 A kind of network speed limit method, device and server
WO2019192318A1 (en) * 2018-04-04 2019-10-10 中兴通讯股份有限公司 Traffic smoothing method, server, and forwarding device
CN112671713A (en) * 2020-11-30 2021-04-16 山东电力工程咨询院有限公司 SDN network data forwarding method, SDN switch, controller and system
CN114500418A (en) * 2022-02-11 2022-05-13 珠海星云智联科技有限公司 Data statistical method and related device

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741603A (en) * 2008-11-11 2010-06-16 中兴通讯股份有限公司 Method and device for supervising traffic based on token bucket
CN101741739A (en) * 2009-12-01 2010-06-16 中兴通讯股份有限公司 Method and device for counting messages of output/input port of exchange equipment
US20130329601A1 (en) * 2012-06-11 2013-12-12 Futurewei Technologies, Inc. Defining Data Flow Paths in Software-Defined Networks with Application-Layer Traffic Optimization
CN104301251A (en) * 2014-09-22 2015-01-21 杭州华三通信技术有限公司 QoS processing method, system and device
CN104601482A (en) * 2013-10-30 2015-05-06 中兴通讯股份有限公司 Traffic cleaning method and device
CN104734994A (en) * 2015-04-13 2015-06-24 上海斐讯数据通信技术有限公司 Traffic label control method based on SDN (software-defined network) frame
CN104796344A (en) * 2014-01-16 2015-07-22 中兴通讯股份有限公司 Method, system, Openflow switch and server for realizing message forwarding based on SDN
CN105376158A (en) * 2015-10-12 2016-03-02 上海斐讯数据通信技术有限公司 SDN circulation method and device based on EXP value in MPLS message
CN105429886A (en) * 2015-10-30 2016-03-23 南京优速网络科技有限公司 Comprehensive unified flow scheduling system and scheduling method based on SDN
CN105791152A (en) * 2014-12-19 2016-07-20 杭州华三通信技术有限公司 Traffic control method, SDN (Soft Define Network) controller and SDN device
CN105827487A (en) * 2016-05-30 2016-08-03 上海斐讯数据通信技术有限公司 SDN network message flow statistics method, SDN network message flow processing method and SDN network system
CN106330625A (en) * 2016-11-25 2017-01-11 国网安徽省电力公司信息通信分公司 SDN-based flow detection method
CN104967578B (en) * 2015-07-08 2017-11-21 上海斐讯数据通信技术有限公司 SDN controllers and interchanger, flow table management method and message processing method

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741603A (en) * 2008-11-11 2010-06-16 中兴通讯股份有限公司 Method and device for supervising traffic based on token bucket
CN101741739A (en) * 2009-12-01 2010-06-16 中兴通讯股份有限公司 Method and device for counting messages of output/input port of exchange equipment
US20130329601A1 (en) * 2012-06-11 2013-12-12 Futurewei Technologies, Inc. Defining Data Flow Paths in Software-Defined Networks with Application-Layer Traffic Optimization
CN104601482A (en) * 2013-10-30 2015-05-06 中兴通讯股份有限公司 Traffic cleaning method and device
CN104796344A (en) * 2014-01-16 2015-07-22 中兴通讯股份有限公司 Method, system, Openflow switch and server for realizing message forwarding based on SDN
CN104301251A (en) * 2014-09-22 2015-01-21 杭州华三通信技术有限公司 QoS processing method, system and device
CN105791152A (en) * 2014-12-19 2016-07-20 杭州华三通信技术有限公司 Traffic control method, SDN (Soft Define Network) controller and SDN device
CN104734994A (en) * 2015-04-13 2015-06-24 上海斐讯数据通信技术有限公司 Traffic label control method based on SDN (software-defined network) frame
CN104967578B (en) * 2015-07-08 2017-11-21 上海斐讯数据通信技术有限公司 SDN controllers and interchanger, flow table management method and message processing method
CN105376158A (en) * 2015-10-12 2016-03-02 上海斐讯数据通信技术有限公司 SDN circulation method and device based on EXP value in MPLS message
CN105429886A (en) * 2015-10-30 2016-03-23 南京优速网络科技有限公司 Comprehensive unified flow scheduling system and scheduling method based on SDN
CN105827487A (en) * 2016-05-30 2016-08-03 上海斐讯数据通信技术有限公司 SDN network message flow statistics method, SDN network message flow processing method and SDN network system
CN106330625A (en) * 2016-11-25 2017-01-11 国网安徽省电力公司信息通信分公司 SDN-based flow detection method

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108235804A (en) * 2017-12-27 2018-06-29 深圳前海达闼云端智能科技有限公司 A kind of network speed limit method, device and server
CN108235804B (en) * 2017-12-27 2021-12-31 达闼机器人有限公司 Network speed limiting method and device and server
WO2019192318A1 (en) * 2018-04-04 2019-10-10 中兴通讯股份有限公司 Traffic smoothing method, server, and forwarding device
CN112671713A (en) * 2020-11-30 2021-04-16 山东电力工程咨询院有限公司 SDN network data forwarding method, SDN switch, controller and system
CN114500418A (en) * 2022-02-11 2022-05-13 珠海星云智联科技有限公司 Data statistical method and related device
CN114500418B (en) * 2022-02-11 2023-10-20 珠海星云智联科技有限公司 Data statistics method and related device

Also Published As

Publication number Publication date
CN106789703B (en) 2020-10-13

Similar Documents

Publication Publication Date Title
CN106100999B (en) Image network flow control methods in a kind of virtualized network environment
CN108289104B (en) Industrial SDN network DDoS attack detection and mitigation method
CN106789703A (en) A kind of traffic policing algorithm based on SDN frameworks
JP4774357B2 (en) Statistical information collection system and statistical information collection device
Hyun et al. Towards knowledge-defined networking using in-band network telemetry
CN104506507B (en) A kind of sweet net safety protective system and method for SDN
CN105812340B (en) A kind of method and apparatus of virtual network access outer net
CN101488925B (en) Method for collecting and designing VPN flow by using Netflow
CN101321088A (en) Method and device for IP data flow information statistics
CN110266556A (en) The method and system of service exception in dynamic detection network
CN110401624A (en) The detection method and system of source net G system mutual message exception
Bhamare et al. Intopt: In-band network telemetry optimization for nfv service chain monitoring
CN108234315A (en) Image network flow control protocol in a kind of virtualized network environment
CN106559407A (en) A kind of Network traffic anomaly monitor system based on SDN
CN105100142A (en) Transmission control method and device of software defined network (SDN) protocol message
CN107819633A (en) It is a kind of quickly to find and handle the system and its processing method of network failure
CN112262554B (en) Packet programmable stream telemetry parsing and analysis
Kumar et al. Open flow switch with intrusion detection system
WO2020130158A1 (en) Open fronthaul network system
Laassiri et al. Evaluation of the QoS parameters in different SDN architecture using Omnet 4.6++
CN113114509A (en) Method and equipment for message forwarding simulation in SDN network environment
US8826296B2 (en) Method of supervising a plurality of units in a communications network
CN107612937A (en) Detection to DHCP extensive aggressions and defence method under a kind of SDN
CN107920024A (en) A kind of SDN controllers dynamic stream table management method
CN104917703B (en) Defence line head of line blocking method and system based on SDN

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20201023

Address after: 318015 no.2-3167, zone a, Nonggang City, no.2388, Donghuan Avenue, Hongjia street, Jiaojiang District, Taizhou City, Zhejiang Province

Patentee after: Taizhou Jiji Intellectual Property Operation Co.,Ltd.

Address before: 201616 Shanghai city Songjiang District Sixian Road No. 3666

Patentee before: Phicomm (Shanghai) Co.,Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20221025

Address after: Room 2005, Dongjian Building East, No. 501-507, Dongfeng Middle Road, Yuexiu District, Guangzhou, Guangdong 510000

Patentee after: Guangdong Yundong Technology Co.,Ltd.

Address before: 318015 no.2-3167, area a, nonggangcheng, 2388 Donghuan Avenue, Hongjia street, Jiaojiang District, Taizhou City, Zhejiang Province

Patentee before: Taizhou Jiji Intellectual Property Operation Co.,Ltd.