CN107743097A - A kind of method of multicasting and device based on SDN - Google Patents
A kind of method of multicasting and device based on SDN Download PDFInfo
- Publication number
- CN107743097A CN107743097A CN201711046989.XA CN201711046989A CN107743097A CN 107743097 A CN107743097 A CN 107743097A CN 201711046989 A CN201711046989 A CN 201711046989A CN 107743097 A CN107743097 A CN 107743097A
- Authority
- CN
- China
- Prior art keywords
- multicast
- sdn
- link
- receivers
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/20—Support for services
- H04L49/201—Multicast operation; Broadcast operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Abstract
The invention discloses a kind of method of multicasting and device based on SDN, applied to SDN controllers, methods described includes:Receive the log-on message of multicast source and multicast receivers and generate multicast source service catalogue and multicast receivers list;Multicast services request is obtained, the multicast services request includes the information of multicast source and/or the information of multicast receivers of multicast services;Judge whether the multicast services request matches the multicast source service catalogue and the multicast receivers list;If the multicast services request matches the multicast source service catalogue and the multicast receivers list, multicast authority certification is carried out to the multicast source and the multicast receivers;When the multicast source and the multicast receivers obtain multicast authority certification, the then link established between the multicast source and the multicast receivers;Obtain demand for services, the link-state information of user's input;The link is controlled according to the demand for services, the link-state information.
Description
Technical field
The present invention relates to the communications field, more particularly to a kind of method of multicasting and device based on SDN.
Background technology
SDN (Software Defined Network, software defined network) is a kind of new network of Emulex network innovation framework, wherein
A kind of core technology is OpenFlow technologies, and the technology is by the way that network equipment chain of command is separated with forwarding surface, so as to real
The flexible control of network traffics is showed, good technical conditions is provided for the innovation of network application.
OpenFlow is a kind of New Network Technique, and the technology realizes user or program to network processes behavior by flow table
Control.OpenFlow networks realize the separation of data forwarding layer and key-course.Wherein OpenFlow interchangers realize data Layer
Forwarding, SDN controllers realize the function of key-course.Controller by OpenFlow agreements to SDN forwarding units (including
SDN forwarding units including OpenFlow interchangers) it is controlled, centralized Control is carried out to whole network so as to realize.
A kind of special transmission means, i.e. multicast (Multicast) in current network activity be present:In sender and
Single point-to-point configuration connection is realized between each recipient.If a sender is simultaneously identical to multiple recipient's transmission
Data, centre transmission node need to only replicate a identical data packet.By multicast, data transmission effect can be improved
Rate, reduce the probability of backbone network congestion, also reduce the pressure that sender sends message.But current multicasting technology and should
With many defects being present:Such as recipient and the multicast source of multicast, it is required for other agreements to be authenticated, authenticate and charging;
The security of multicast packet is difficult to ensure, it is also difficult to realizes layering, the safety of classification;Multicast path can not be according to multicast packet
The current state of attribute, link carries out dynamic comprehensive control;Abnormal multicast packet can not timely be isolated in multicast procedures
With report the situation of multicast source (include personation).
The content of the invention
In view of this, it is an object of the invention to provide a kind of method of multicasting and device based on SDN, and then can spirit
The inter-connection links of living, efficient management data center.
A kind of method of multicasting based on SDN provided in embodiment of the present invention, it is described applied to SDN controllers
Method includes:Receive the log-on message of multicast source and multicast receivers and generate multicast source service catalogue and multicast receivers row
Table;Obtain multicast services request, multicast services request includes the information and multicast receivers of the multicast source of multicast services
Information;Judge whether the multicast services request matches the multicast source service catalogue and/or the multicast receivers list;If
The multicast services request matches the multicast source service catalogue and the multicast receivers list, then to the multicast source and institute
State multicast receivers and carry out multicast authority certification;When the multicast source and the multicast receivers obtain multicast authority certification, then
The link established between the multicast source and the multicast receivers;Obtain demand for services, the link-state information of user's input;
The link is controlled according to the demand for services, the link-state information.
Optionally, the SDN controllers connect multiple SDN forwarding units, described to establish the multicast source and the multicast
After the step of link between recipient, methods described also includes:Will be a plurality of between two SDN forwarding units ports
Link merges, and forms a multicast link.
Optionally, it is described after the step of link established between the multicast source and the multicast receivers described
Method also includes:Default multicast content classification keyword;Associated tag information by the content classification keyword with multicast data flow
It is corresponding;Identify the default multicast content classification keyword corresponding to the respective labels in multicast data flow and according to the classification key
Word is classified to the multicast content data;Different encryption calculations are carried out to the multicast content data of different stage after classification
The encryption of method or not;The multicast content data after encryption are subjected to multicast by the link.
Optionally, the SDN controllers are also connected with the edge forwarding equipment of SDN, and the edge forwarding equipment is used for
The SDN and non-SDN are connected, the edge forwarding equipment of the SDN is in the multicast source service catalogue and group
Broadcast and communicated as defined in recipient's list in scope with the multicast source in outside non-SDN and multicast receivers.
Optionally, the link-state information includes link flow monitoring information, and the link flow monitoring information includes
Abnormal flow information, demand for services, the link-state information according to the user configuration are controlled to the link
The step of processed, specifically includes the source that abnormal data is judged according to the abnormal flow information;If the abnormal data derives from institute
Multicast source is stated, then stops multicast services or current limliting is carried out to it;If the abnormal data derives from the multicast receivers, lose
Abandon the link that the abnormal flow is even switched off between the multicast source and the multicast receivers for sending the abnormal data;Sentence
Whether the abnormal flow information of breaking is more than the preset value of flux of multicast nominal value one in service catalogue;If so, then to described group
Broadcast stream and carry out current limliting or interrupt flow operation;Judge multicast data flow whether in non-default copy-point progress according to the abnormal flow information
Replicate;If so, then correct the copy-point;Judge whether the multicast data flow is sent to not obtaining according to the abnormal flow information
The receiving port of the multicasting authorization;If so, the multicast data flow for then cancelling the receiving port is sent.
A kind of multicast apparatus based on SDN provided in embodiment of the present invention, it is described applied to SDN controllers
Multicast apparatus based on SDN includes memory, processor and is stored on the memory and can be on the processor
The multicast program based on SDN of operation, it is described to be realized such as during the computing device based on the multicast program of SDN
Lower step:Receive the log-on message of multicast source and multicast receivers and generate multicast source service catalogue and/or multicast receivers row
Table;Obtain multicast services request, multicast services request includes the information and multicast receivers of the multicast source of multicast services
Information;Judge whether the multicast services request matches the multicast source service catalogue and the multicast receivers list;If institute
State multicast services request and match the multicast source service catalogue and the multicast receivers list, then to the multicast source and described
Multicast receivers carry out multicast authority certification;When the multicast source and multicast receivers acquisition multicast authority certification, then build
Vertical link between the multicast source and the multicast receivers;Obtain demand for services, the link-state information of user's input;Root
The link is controlled according to the demand for services, the link-state information.
Optionally, the SDN controllers connect multiple SDN forwarding units, described to establish the multicast source and the multicast
After the step of link between recipient, the processor is additionally operable to perform the multicast program, to realize following steps:Will
Multilink between two SDN forwarding units ports merges, and forms a multicast link.
Optionally, it is described after the step of link established between the multicast source and the multicast receivers described
Processor is additionally operable to perform the multicast program, to realize following steps:Default multicast content classification keyword;By the content
The associated tag information that keyword is classified with multicast data flow is corresponding;Identify described default corresponding to the respective labels in the multicast data flow
Multicast content is classified keyword and the multicast content data is classified according to the classification keyword;To different after classification
The multicast content data of rank carry out the encryption of different AESs or not encrypted;By the multicast content number after encryption
Multicast is carried out according to by the link.
Optionally, the SDN controllers are also connected with the edge forwarding equipment of SDN, and the edge forwarding equipment is used for
The SDN and non-SDN are connected, the edge forwarding equipment of the SDN is in the multicast source service catalogue and group
Broadcast and communicated as defined in recipient's list in scope with the multicast source in outside non-SDN and multicast receivers.
Optionally, the link-state information includes link flow monitoring information, and the link flow monitoring information includes
Abnormal flow information, the computing device it is described according to the demand for services, the link-state information to the link
The step of being controlled specifically includes:The source of abnormal data is judged according to the abnormal flow information;If the abnormal data
From the multicast source, then stop multicast services or current limliting is carried out to it;If the abnormal data connects from the multicast
Receipts person, then abandon the abnormal flow and be even switched off between the multicast source and the multicast receivers for sending the abnormal data
Link;Judge whether the abnormal flow information is more than the preset value of flux of multicast nominal value one in service catalogue;If so, then
Current limliting or interrupt flow operation are carried out to the multicast data flow;Judge whether multicast data flow answers in non-default according to the abnormal flow information
System point is replicated;If so, then correct the copy-point;Judge whether the multicast data flow sends according to the abnormal flow information
To the receiving port for not obtaining the multicasting authorization;If so, the multicast data flow for then cancelling the receiving port is sent.
By implementing above-mentioned method of multicasting and device based on SDN, it can cause in the environment of SDN, make
More efficient, the safety of multicast are obtained, while the management to multicast is more convenient.
Below in conjunction with the drawings and specific embodiments, the present invention will be described in detail, but not as a limitation of the invention.
Brief description of the drawings
Fig. 1 is a kind of applied environment figure of the embodiment of multicast apparatus 10 1 based on SDN of the present invention.
Fig. 2 is a kind of flow chart of the embodiment of method of multicasting one based on SDN of the present invention.
Fig. 3 is a kind of module map of the embodiment of multicast apparatus 10 1 based on SDN of the present invention.
Main element symbol description
Multicast apparatus 10 based on SDN
SDN controllers 1
Main frame 2
SDN forwarding units 3
Edge SDN forwarding units 4
Memory 100
Processor 102
Following embodiment will combine above-mentioned accompanying drawing and further illustrate the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is part of the embodiment of the present invention, rather than whole embodiments.Based on this hair
Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to the scope of protection of the invention.
Fig. 1 is a kind of applied environment figure of the embodiment of multicast apparatus one based on SDN of the present invention.Wherein SDN is controlled
Device 1 processed connects multiple Local Area Networks, and the Local Area Network includes SDN or non-SDN, such as the Local Area Network in figure
A, Local Area Network b, Local Area Network c, Local Area Network d, wherein Local Area Network a, Local Area Network b, Local Area Network c are SDN, and
Local Area Network d is non-SDN.And for above-mentioned SDN, wherein including at least one main frame 2 and the connection master
The SDN forwarding units 3 of machine 2, and also include at least one main frame 2 for non-SDN, and pass through the side in a SDN
Edge SDN forwarding units 4 are connected with SDN.And for it is above-mentioned no matter SDN forwarding units 3 or edge SDN forwarding units 4 it is equal
SDN controllers 1 are connected, that is, realize interconnecting between above-mentioned SDN or non-SDN.Wherein, once SDN is controlled
A main frame 2 in the all-network that device 1 controls has multicast requirement (including multicast sends request or multicast reception request), then
The flexible control of multicast can be realized according to scheme disclosed in the present application.
Fig. 2 is a kind of flow chart of the embodiment of method of multicasting one based on SDN of the present invention, is controlled applied to SDN
Device 1, SDN controllers 1 connect multiple SDN forwarding units 3 or edge SDN forwarding units 4.By implementing the group based on SDN
Broadcasting method so that the control of network multicast is more flexible, safe and efficient.
In step S200, SDN controllers 1 receive the log-on message of multicast source and multicast receivers and generate multicast source service
Catalogue and multicast receivers list.
In the present embodiment, above-mentioned multicast source and multicast receivers are main frame 2 or the device of host nature, wherein appointing
What main frame 2 is likely to turn into multicast source or multicast receivers, but in scheme disclosed in this invention, either turns into
Multicast source or multicast receivers are required for carrying out information registering.Therefore in above-mentioned steps, once receive multicast source or multicast
After the log-on message of recipient, also need to automatically generate multicast source service catalogue and group again after optional certification, review process
Recipient's list is broadcast, wherein, multicast source service catalogue have recorded the multicast services that multicast source can provide, and multicast source service mesh
Record and multicast receivers list are two forms in logic, can physically be unified.
In the present embodiment, the log-on message includes:1. the unicast ip address of multicast source;2. multicast source connection
ID, slot number and the port numbers of equipment;3. all multicast service names that the multicast source includes, attribute, (multicast connects service object
Receipts person) white list or/and blacklist;4. the unicast ip address of multicast receivers;5. the physics of multicast receivers connection is set
Standby ID, slot number and port numbers;6. the attribute of the multicast receivers, the white list for the multicast services that can be received or/and black name
It is single, table one specific as follows:
Table one
In step S202, SDN controllers 1 obtain multicast services request, and the multicast services request includes multicast services
The information of multicast source and/or the information of multicast receivers.
In the present embodiment, the multicast services request that SDN controllers 1 obtain, can be divided into two according to the difference in source
Kind, a kind of is the multicast services request that multicast source is initiated, and a kind of is the multicast services request that multicast receivers are initiated.Different groups
Broadcast service request and include different information, such as the multicast services request that multicast source is initiated just includes the knowledge of multicast source own identification
Other information, which main frame is multicast to, the multicast services request that multicast receivers are initiated includes the identification of multicast receivers
Information and receive which multicast services.
In step S204, judge whether the multicast services request matches the multicast source service catalogue and the multicast connects
Receipts person's list.
In the present embodiment, once SDN controllers 1 have received multicast services request or the group of either multicast source
The multicast services request of recipient is broadcast, is required for judging multicast services request goes whether to be included in multicast source service catalogue or multicast
In recipient's list.Also there was only the information about multicast source carried in multicast services request or multicast receivers information matches in above-mentioned
During information in the multicast source service catalogue and multicast receivers list of multicast source, above-mentioned multicast services request just belongs to normal
Multicast services are asked, that is, are accepted, and otherwise then provide the daily record or alarm of correlation.It is exemplified below:1. such as multicast services B1-1
Only allow multicast receivers R1-1, R1-2 and R1-5 receiver service, then should except R1-1, R1-2 and R2-5 application sent
The request of multicast services can all be rejected and provide correlation log and alarm;2. for example multicast receivers R1-1 does not allow reception group
Service B2-2 is broadcast, then no matter R1-1 have issued the multicast that have issued for B2-2 multicast services request or B2-2 for R1-1
Service request can all be rejected and provide correlation log and alarm;3. receptions of such as multicast services B2-1 except R1-1 can not be given
Person is provided beyond service, and the registered multicast receivers of others can provide service.
In step S206, if multicast services request matches the multicast source service catalogue and multicast receivers row
Table, then multicast authority certification is carried out simultaneously to the multicast source and the multicast receivers.
In the present embodiment, if carried in the multicast services request that multicast source is sent or multicast receivers are sent
Information matches multicast source service catalogue and multicast receivers list, then illustrate to initiate the multicast source of multicast services request or
Person's multicast receivers belong to be registered on SDN controllers 1.In this case, then need to carrying respective sets
The multicast source and multicast receivers for broadcasting service carry out multicast authentication, authentication and charging.In the present embodiment, to multicast source and group
Broadcasting the certification of recipient's progress multicast authority can realize that certainly, it can also by the authentication such as independent AAA system
Authentication and charging are directly authenticated according to the configuration information of user's input, being exemplified below table two, (wherein permissions list is exactly
Include collecting for the authority information such as the blacklist in upper table and white list):
Table two
In step S208, if the multicast source and the multicast receivers obtain multicast authority, the multicast source is established
Link between the multicast receivers.
In the present embodiment, in the case where above-mentioned multicast source and multicast receivers are respectively provided with multicast authority, SDN controls
Device 1 can rapidly establish multicast by the network topology of all-network node on the connection SDN controllers 1 of its grasp
Multicast link between source and multicast receivers.It is as follows that SDN establishes the step of multicast link:1. obtain all SDN forwardings
The physical couplings of equipment 3 and it is every 2 points between the qualitative attribute information of physical link (Linktype, total bandwidth, used band
Width, average retardation, shake, packet loss etc.);2. obtain it is all be allowed to and need to establish the multicast source of link and multicast receivers it
Between all physical links (might have a plurality of);3. every a pair of multicast sources and multicast reception are directed to according to the demand of multicast services
Person selects a suitable link;4. it will be overlapped for each multicast services of each multicast source in all links in step 3
Link merge, after merging, link bifurcation is the copy-point of the multicast source, and the bifurcated how many root is unnecessary 1 has more
It is few to replicate.
, can be with after the link between the multicast source and multicast receivers is established in addition, in the present embodiment
The encryption of different stage is carried out according to the multicast content of multicast, the encryption of the data in multicast procedures is realized, is not increasing multicast
Ensure the security of multicast procedures in the case of encryption, decryption function inside source and multicast receivers, it is specific as follows:Preset group
Broadcast content classification keyword;The content classification keyword is corresponding with the associated tag information of multicast data flow;By described in identification
Respective labels identify the default multicast content classification keyword and according to the classification keyword to the multicast content data
It is classified;The encryption of different AESs is carried out to the multicast content data of different stage after classification or not encrypted;Will
Multicast content data after encryption carry out multicast by the link, closest to recipient and are possessing setting for decryption function
It is standby to be above decrypted and multicast data flow is sent to multicast receivers or is directly decrypted on multicast receivers main frame.
In step S210, demand for services, link-state information that user inputs are obtained.
In the present embodiment, the demand for services of the input refers to that user needs for the security of above-mentioned multicast services
QoS (service quality) demand of summation;And above-mentioned link-state information is then the flow prison of the quality information and link that include link
Measurement information, the quality information of the link can include link total bandwidth, with bandwidth, delay, packet loss, shake, encryption and decryption and
The information such as the load of network service, and the flow monitoring information of link then includes normal discharge data and link flow statistic of classification
Data;Abnormal flow statistical information (includes but is not limited to data, the abnormal number of normal multicast source transmission that abnormal multicast source is sent
Abnormal data sent according to, multicast receivers etc.).And for abnormal flow information, it is primarily referred to as following situation:Occur in network
Do not list in service catalogue or service catalogue in expired multicast data flow;The non-multicast data flow and data flow should not appear in chain
In road (such as unicast data stream, data flow of certain multicast receivers ping multicast sources etc.);Normal multicast in service catalogue
Data traffic is much larger than the flux of multicast nominal value;Multicast data flow is replicated in incorrect copy-point;Multicast data flow is sent to
Do not obtain receiving port of the multicast data flow mandate etc..
In step S212, the link is controlled according to the demand for services of the user configuration, link-state information.
In the present embodiment, once obtaining the demand for services of user configuration and the status information of multicast link, then
Current multicast link can be controlled.Wherein link-state information just includes the flow monitoring information of link, citing and
Speech, is controlled, i.e., according to the flow monitoring information of link to link:Abnormal data is judged according to the abnormal flow information
Source;If the abnormal data derives from the multicast source, stop multicast services or current limliting is carried out to it;If the abnormal number
According to from the multicast receivers recipient, then abandon the abnormal flow and be even switched off the multicast source with sending the exception
Link between the multicast reception side of data;Judge whether the abnormal flow information is more than the multicast data flow in service catalogue
Measure the preset value of nominal value one;If so, current limliting or interrupt flow operation then are carried out to the multicast data flow;Sentenced according to the abnormal flow information
Whether disconnected multicast data flow is replicated in non-default copy-point;If so, then correct the copy-point;Believed according to the abnormal flow
Breath judges whether the multicast data flow is sent to the receiving port for not obtaining the multicast data flow mandate;If so, then cancel the receiving port
The multicast data flow send.Above-mentioned all situations and operation daily record and alarm that will to carry out submission related.In above-mentioned embodiment party
In formula, the adjustment of multicast link is carried out according to the information of above-mentioned link, is utilized with reaching multicast services demand, improving link circuit resource
Rate.
In such scheme, SDN controllers 1 are connected to multiple SDN forwarding units 3, wherein also including the edge of SDN
Forwarding unit 4, the edge forwarding equipment 4 are used to connect the SDN and non-SDN, and the edge of the SDN turns
Hair equipment 4 is being communicated as defined in service catalogue in scope with the multicast source in outside non-SDN and multicast receivers,
Realize the multicast services in the addition of the multicast receivers in the non-SDN SDN, realize the non-SDN nets
Multicast source provides multicast services for the multicast receivers in the SDN in network.Wherein, for above-mentioned service catalogue, refer to non-
Multicast receivers in SDN can obtain the multicast services in the service catalogue in SDN multicast networks;Also non-SDN nets are referred to
Multicast source in network could provide multicast services only in service catalogue for the multicast receivers of SDN multicast networks.
Fig. 3 is a kind of module map of the embodiment of multicast apparatus 10 1 based on SDN of the present invention.Wherein it is based on SDN
The multicast apparatus 10 of network is applied to SDN controllers 1, and including memory 100, processor 102 and is stored in the memory
The multicast program based on SDN that is upper and can running on the processor, it is described based on the multicast program of SDN by institute
State when processor 102 performs and realize following steps:
Receive the log-on message of multicast source and multicast receivers and generate multicast source service catalogue and multicast receivers list;
Multicast services request is obtained, the multicast services request includes the information and multicast reception of the multicast source of multicast services
The information of person;
Judge whether the multicast services request matches the multicast source service catalogue and/or multicast receivers row
Table;
If the multicast services request matches the multicast source service catalogue and the multicast receivers list, to described
Multicast source and the multicast receivers carry out multicast authority certification;
When the multicast source and multicast receivers acquisition multicast authority certification, then the multicast source and described group are established
Broadcast the link between recipient;
Obtain demand for services, the link-state information of user's input;
The link is controlled according to the demand for services, the link-state information.
Specifically, in the present embodiment, above-mentioned multicast source and multicast receivers are main frame 2 or the dress of host nature
To put, the main frame 2 of any of which one is likely to turn into multicast source or multicast receivers, but in scheme disclosed in this invention,
Either turn into multicast source or multicast receivers are required for carrying out information registering.Therefore in above-mentioned steps, once receive group
After the log-on message for broadcasting source or multicast receivers, also need to automatically generate multicast source clothes again after optional certification, review process
Catalogue of being engaged in and multicast receivers list, wherein, multicast source service catalogue have recorded the multicast services that multicast source can provide, and group
Source service catalogue and multicast receivers list are broadcast as two forms in logic, can physically be unified.In the present embodiment,
The log-on message includes:1. the unicast ip address of multicast source;2. ID, slot number and the port of the equipment of multicast source connection
Number;3. all multicast service names that the multicast source includes, attribute, the white list of service object's (multicast receivers) or/and black
List;4. the unicast ip address of multicast receivers;5. ID, slot number and the port of the physical equipment of multicast receivers connection
Number;6. the white list or/and blacklist of the attribute of the multicast receivers, the multicast services that can be received, referring specifically to above-mentioned table one.
Specifically, in the present embodiment, the multicast services request that SDN controllers 1 obtain can be according to the difference in source
It is divided into two kinds, a kind of is the multicast services request that multicast source is initiated, and a kind of is the multicast services request that multicast receivers are initiated.No
Same multicast services request includes different information, such as the multicast services request that multicast source is initiated just includes multicast source itself
Identity identification information, which main frame is multicast to, the multicast services request that multicast receivers are initiated includes the body of multicast receivers
Part identification information and receive which multicast services.
Specifically, in the present embodiment, once the multicast services that SDN controllers 1 have received either multicast source please
Ask or the multicast services of multicast receivers are asked, be required for judging that multicast services request goes whether to be included in multicast source service mesh
In record or multicast receivers list.Also there was only in multicast services request the information about multicast source that carries or multicast receivers information all
During information in multicast source service catalogue and multicast receivers list assigned in above-mentioned multicast source, above-mentioned multicast services request just category
Ask, that is, be accepted in normal multicast services, otherwise then provide the daily record or alarm of correlation.It is exemplified below:1. such as multicast
Service B1-1 only allows multicast receivers R1-1, R1-2 and R1-5 receiver service, then except R1-1, R1-2 and R2-5 are sent
The requests of the application multicast services can all be rejected and provide correlation log and alarm;2. such as multicast receivers R1-1 does not permit
Perhaps multicast services B2-2 is received, then no matter R1-1, which have issued, have issued and be directed to for B2-2 multicast services request or B2-2
R1-1 multicast services request can all be rejected and provide correlation log and alarm;3. for example multicast services B2-1 is except that can not give
R1-1 recipient is provided beyond service, and the registered multicast receivers of others can provide service.
Specifically, the information carried in the multicast services request that if multicast source is sent or multicast receivers are sent
Multicast source service catalogue and multicast receivers list are matched somebody with somebody, have then illustrated that initiating the multicast source of multicast services request or multicast connects
Receipts person belongs to be registered on SDN controllers 1.In this case, then need to carrying corresponding multicast services
Multicast source and multicast receivers carry out multicast authentication, authentication and charging.In the present embodiment, to multicast source and multicast receivers
Carrying out the certification of multicast authority can realize that certainly, it can also direct basis by the authentication such as independent AAA system
User input configuration information come be authenticated authentication and charging, referring specifically to above-mentioned table two.
Specifically, in the present embodiment, in the case where above-mentioned multicast source and multicast receivers are respectively provided with multicast authority,
SDN controllers 1 can rapidly be built by the network topology of all-network node on the connection SDN controllers 1 of its grasp
Vertical multicast link between multicast source and multicast receivers.It is as follows that SDN establishes the step of multicast link:1. obtain all
The physical couplings of SDN forwarding units 3 and it is every 2 points between physical link qualitative attribute information (Linktype, total bandwidth,
With bandwidth, average retardation, shake, packet loss etc.);2. obtain and all are allowed to and need to establish the multicast source of link and multicast connects
All physical links (might have a plurality of) between receipts person;3. every a pair of multicast sources and group are directed to according to the demand of multicast services
Broadcast recipient and select a suitable link;4. for each multicast source each multicast services by all links in step 3
The link of middle coincidence merges, and after merging, link bifurcation is the copy-point of the multicast source, the bifurcated how many root is unnecessary 1
I.e. how many is replicated.
Specifically, after the link between the multicast source and multicast receivers is established, can also be according to the group of multicast
The encryption that content carries out different stage is broadcast, the encryption of the data in multicast procedures is realized, is not increasing multicast source and multicast reception
Ensure the security of multicast procedures in the case of encryption, decryption function inside person, it is specific as follows:Default multicast content classification is closed
Key word;The content classification keyword is corresponding with the associated tag information of multicast data flow;By identifying that the respective labels identify
The default multicast content classification keyword is simultaneously classified according to the classification keyword to the multicast content data;To dividing
The multicast content data of different stage carry out the encryption of different AESs or not encrypted after level;By described group after encryption
Broadcast content-data and multicast is carried out by the link, closest to recipient and possessing and be decrypted simultaneously in the equipment of decryption function
Multicast data flow is sent to multicast receivers or is directly decrypted on multicast receivers main frame.
Specifically, the demand for services of the input refers to security requirement and QoS of the user for above-mentioned multicast services
(service quality) demand;And above-mentioned link-state information is then the flow monitoring information of the quality information and link that include link,
The quality information of the link can include link total bandwidth, use bandwidth, delay, packet loss, shake, encryption and decryption and network service
The information such as load, and the flow monitoring information of link then includes normal discharge data and link flow classifiction statistics;It is different
Normal flow statistical information (includes but is not limited to data, abnormal data, the multicast of the transmission of normal multicast source that abnormal multicast source is sent
Abnormal data that recipient sends etc.).And for abnormal flow information, it is primarily referred to as following situation:Occur not taking in network
Listed in business catalogue or service catalogue in expired multicast data flow;The non-multicast data flow and data flow should not occur in a link
(such as unicast data stream, data flow of certain multicast receivers ping multicast sources etc.);Normal multicast packet in service catalogue
Flow is much larger than the flux of multicast nominal value;Multicast data flow is replicated in incorrect copy-point;Multicast data flow has been sent to not
Obtain receiving port of the multicast data flow mandate etc..
Specifically, once obtain the demand for services of user configuration and the status information of multicast link, then can be to working as
Preceding multicast link is controlled.Wherein link-state information just includes the flow monitoring information of link, for example, according to chain
The flow monitoring information on road is controlled to link, i.e.,:The source of abnormal data is judged according to the abnormal flow information;If institute
State abnormal data and derive from the multicast source, then stop multicast services or current limliting is carried out to it;If the abnormal data derives from
The multicast receivers recipient, then abandon the abnormal flow and be even switched off the multicast source with sending the institute of the abnormal data
State the link between multicast reception side;Judge whether the abnormal flow information is more than the flux of multicast nominal value in service catalogue
One preset value;If so, current limliting or interrupt flow operation then are carried out to the multicast data flow;Multicast data flow is judged according to the abnormal flow information
Whether replicated in non-default copy-point;If so, then correct the copy-point;Institute is judged according to the abnormal flow information
State whether multicast data flow is sent to the receiving port for not obtaining the multicast data flow mandate;If so, then cancel described group of the receiving port
Stream is broadcast to send.Above-mentioned all situations and operation daily record and alarm that will to carry out submission related.In the above-described embodiment, according to
The information of above-mentioned link carries out the adjustment of multicast link, to reach multicast services demand, improve link circuit resource utilization rate.
In such scheme, SDN controllers 1 are connected to multiple SDN forwarding units 3, wherein also including the edge of SDN
Forwarding unit, the edge forwarding equipment are used to connect the SDN and non-SDN, the edge forwarding of the SDN
Equipment 10 is being communicated as defined in service catalogue in scope with the multicast source in outside non-SDN and multicast receivers,
Realize the multicast services in the addition of the multicast receivers in the non-SDN SDN, realize the non-SDN nets
Multicast source provides multicast services for the multicast receivers in the SDN in network.
By above-mentioned method of multicasting and device based on SDN, it can make it that multicast becomes more to increase in SDN
Effect, safety, the management to multicast are more convenient.
Another aspect based on above-described embodiment, present invention also offers a kind of computer-readable recording medium, the meter
Calculation machine readable storage medium storing program for executing is stored with one or more programs, and one or more of programs can be by one or more processors
Perform, the step of to realize above-mentioned method of multicasting based on SDN.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row
His property includes, so that process, method, article or device including a series of elements not only include those key elements, and
And also include the other element being not expressly set out, or also include for this process, method, article or device institute inherently
Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including this
Other identical element also be present in the process of key element, method, article or device.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by the mode of software and required general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on such understanding, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone, computer, clothes
Be engaged in device, air conditioner, or network equipment etc.) perform method described in each embodiment of the present invention.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair
The equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
- A kind of 1. method of multicasting based on SDN, applied to SDN controllers, it is characterised in that methods described includes:Receive the log-on message of multicast source and multicast receivers and generate multicast source service catalogue and multicast receivers list;Multicast services request is obtained, the multicast services request includes the information or/and multicast reception of the multicast source of multicast services The information of person;Judge whether the multicast services request matches the multicast source service catalogue and the multicast receivers list;If the multicast services request matches the multicast source service catalogue and the multicast receivers list, to the multicast Source and the multicast receivers carry out multicast authority certification;When the multicast source and multicast receivers acquisition multicast authority certification, then establish the multicast source and the multicast connects Link between receipts person;Obtain link-state information, the demand for services of user's input;The link is controlled according to the demand for services, the link-state information.
- 2. the method for multicasting based on SDN as claimed in claim 1, it is characterised in that the SDN controllers connection is multiple SDN forwarding units, it is described establish between the multicast source and the multicast receivers link the step of after, methods described is also Including:Multilink between two SDN forwarding units ports is merged, forms a multicast link.
- 3. the method for multicasting based on SDN as claimed in claim 1, it is characterised in that establish the multicast source described After the step of link between the multicast receivers, methods described also includes:Default multicast content classification keyword;The content classification keyword is corresponding with the associated tag information of multicast data flow;Identify the default multicast content classification keyword corresponding to the respective labels in the multicast data flow and according to the classification Keyword is classified to the multicast content data;The encryption of different AESs is carried out to the multicast content data of different stage after classification or not encrypted;The multicast content data after encryption are subjected to multicast by the link.
- 4. the method for multicasting based on SDN as claimed in claim 1, it is characterised in that the SDN controllers are also connected with The edge forwarding equipment of SDN, the edge forwarding equipment are used to connect the SDN and non-SDN, the SDN The edge forwarding equipment of network as defined in the multicast source service catalogue and multicast receivers list in scope with outside non- Multicast source and multicast receivers in SDN are communicated.
- 5. the method for multicasting based on SDN as claimed in claim 1, it is characterised in that the link-state information includes Link flow monitoring information, the link flow monitoring information include abnormal flow information, described according to the user configuration The step of demand for services, the link-state information are controlled to the link specifically includes:The source of abnormal data is judged according to the abnormal flow information;If the abnormal data derives from the multicast source, stop multicast services or current limliting is carried out to it;If the abnormal data derives from the multicast receivers, abandon the abnormal flow and be even switched off the multicast source and hair Send the link between the multicast receivers of the abnormal data;Judge whether the abnormal flow information is more than the preset value of flux of multicast nominal value one in service catalogue;If so, current limliting or interrupt flow operation then are carried out to the multicast data flow;Judge whether multicast data flow is replicated in non-default copy-point according to the abnormal flow information;If so, then correct the copy-point;Judge whether the multicast data flow is sent to the receiving port for not obtaining the multicasting authorization according to the abnormal flow information;If so, the multicast data flow for then cancelling the receiving port is sent.
- 6. a kind of multicast apparatus based on SDN, applied to SDN controllers, it is characterised in that described based on SDN Multicast apparatus include memory, processor and be stored on the memory and can run on the processor based on SDN The multicast program of network, it is described based on the multicast program of SDN by the computing device when realize following steps:Receive the log-on message of multicast source and multicast receivers and generate multicast source service catalogue and multicast receivers list;Multicast services request is obtained, the multicast services request includes the information and/or multicast reception of the multicast source of multicast services The information of person;Judge whether the multicast services request matches the multicast source service catalogue and the multicast receivers list;If the multicast services request matches the multicast source service catalogue and the multicast receivers list, to the multicast Source and the multicast receivers carry out multicast authority certification;When the multicast source and multicast receivers acquisition multicast authority certification, then establish the multicast source and the multicast connects Link between receipts person;Obtain link-state information, the demand for services of user's input;The link is controlled according to the demand for services, the link-state information.
- 7. the multicast apparatus based on SDN as claimed in claim 6, it is characterised in that the SDN controllers connection is multiple SDN forwarding units, it is described establish between the multicast source and the multicast receivers link the step of after, the processor It is additionally operable to perform the multicast program, to realize following steps:Multilink between two SDN forwarding units ports is merged, forms a multicast link.
- 8. the multicast apparatus based on SDN as claimed in claim 6, it is characterised in that establish the multicast source described After the step of link between the multicast receivers, the processor is additionally operable to perform the multicast program, to realize Following steps:Default multicast content classification keyword;The content classification keyword is corresponding with the associated tag information of multicast data flow;Identify the default multicast content classification keyword corresponding to the respective labels in the multicast data flow and according to the classification Keyword is classified to the multicast content data;The encryption of different AESs is carried out to the multicast content data of different stage after classification or not encrypted;The multicast content data after encryption are subjected to multicast by the link.
- 9. the multicast apparatus based on SDN as claimed in claim 6, it is characterised in that the SDN controllers are also connected with The edge forwarding equipment of SDN, the edge forwarding equipment are used to connect the SDN and non-SDN, the SDN The edge forwarding equipment of network as defined in the multicast source service catalogue and multicast receivers list in scope with outside non- Multicast source and multicast receivers in SDN are communicated.
- 10. the multicast apparatus based on SDN as claimed in claim 6, it is characterised in that the link-state information includes Link flow monitoring information, the link flow monitoring information include abnormal flow information, described of the computing device The step of being controlled according to the demand for services, the link-state information to the link specifically includes:The source of abnormal data is judged according to the abnormal flow information;If the abnormal data derives from the multicast source, stop multicast services or current limliting is carried out to the link;If the abnormal data derives from the multicast receivers, abandon the abnormal flow and be even switched off the multicast source and hair Send the link between the multicast receivers of the abnormal data;Judge whether the abnormal flow information is more than the preset value of flux of multicast nominal value one in service catalogue;If so, current limliting or interrupt flow operation then are carried out to the multicast data flow;Judge whether multicast data flow is replicated in non-default copy-point according to the abnormal flow information;If so, then correct the copy-point;Judge whether the multicast data flow is sent to the receiving port for not obtaining the multicasting authorization according to the abnormal flow information;If so, the multicast data flow for then cancelling the receiving port is sent.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711046989.XA CN107743097B (en) | 2017-10-31 | 2017-10-31 | Multicast method and device based on SDN network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711046989.XA CN107743097B (en) | 2017-10-31 | 2017-10-31 | Multicast method and device based on SDN network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107743097A true CN107743097A (en) | 2018-02-27 |
CN107743097B CN107743097B (en) | 2023-01-31 |
Family
ID=61233735
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711046989.XA Active CN107743097B (en) | 2017-10-31 | 2017-10-31 | Multicast method and device based on SDN network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107743097B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110730109A (en) * | 2019-10-12 | 2020-01-24 | 北京百度网讯科技有限公司 | Method and apparatus for generating information |
WO2021253852A1 (en) * | 2020-06-14 | 2021-12-23 | 苏州浪潮智能科技有限公司 | Data center 5g network encryption multicast-based authority authentication method and system |
CN115473843A (en) * | 2021-06-10 | 2022-12-13 | 中国电信股份有限公司 | Information interaction method, router and communication system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101155053A (en) * | 2006-09-25 | 2008-04-02 | 华为技术有限公司 | Method and system for implementing multicast broadcasting service |
CN103312514A (en) * | 2013-06-21 | 2013-09-18 | 中国人民解放军信息工程大学 | Multicast receiver verification method based on unicast forwarding mode |
CN106209622A (en) * | 2016-06-23 | 2016-12-07 | 广州海格通信集团股份有限公司 | A kind of method of multicasting based on SDN |
-
2017
- 2017-10-31 CN CN201711046989.XA patent/CN107743097B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101155053A (en) * | 2006-09-25 | 2008-04-02 | 华为技术有限公司 | Method and system for implementing multicast broadcasting service |
CN103312514A (en) * | 2013-06-21 | 2013-09-18 | 中国人民解放军信息工程大学 | Multicast receiver verification method based on unicast forwarding mode |
CN106209622A (en) * | 2016-06-23 | 2016-12-07 | 广州海格通信集团股份有限公司 | A kind of method of multicasting based on SDN |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110730109A (en) * | 2019-10-12 | 2020-01-24 | 北京百度网讯科技有限公司 | Method and apparatus for generating information |
WO2021253852A1 (en) * | 2020-06-14 | 2021-12-23 | 苏州浪潮智能科技有限公司 | Data center 5g network encryption multicast-based authority authentication method and system |
US11659384B2 (en) | 2020-06-14 | 2023-05-23 | Inspur Suzhou Intelligent Technology Co., Ltd. | Data center 5G network encrypted multicast-based authority authentication method and system |
CN115473843A (en) * | 2021-06-10 | 2022-12-13 | 中国电信股份有限公司 | Information interaction method, router and communication system |
CN115473843B (en) * | 2021-06-10 | 2023-06-20 | 中国电信股份有限公司 | Information interaction method, router and communication system |
Also Published As
Publication number | Publication date |
---|---|
CN107743097B (en) | 2023-01-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108512760A (en) | The method for routing of QoS of survice is ensured based on SDN | |
CN107005462B (en) | Method, equipment and system for forwarding data in software defined network | |
EP2911355B1 (en) | Method and device for flow path negotiation in link aggregation group | |
CN104780069B (en) | A kind of key-course towards SDN and data Layer communication port self-configuration method and its system | |
CN109391614B (en) | Method and device for calling monitoring data based on video network | |
US20110016243A1 (en) | Method and device of load-sharing in irf stack | |
CN107743097A (en) | A kind of method of multicasting and device based on SDN | |
CN106685903B (en) | SDN-based data transmission method, SDN controller and SDN system | |
CN105897611A (en) | SDN based system and method for achieving service recognition and traffic scheduling through DPI technology | |
CN104967996A (en) | Network access authentication method and system of satellite communication network | |
CN112954069A (en) | Method, device and system for accessing mobile equipment to SD-WAN (secure digital-Wide area network) | |
CN107547334A (en) | A kind of message forwarding method and device | |
WO2021254366A1 (en) | Slice data transmission method and apparatus, electronic device, and computer readable storage medium | |
CN107786456A (en) | Flow control methods and system, packet switching equipment and user equipment | |
US9866456B2 (en) | System and method for network health and management | |
CN107846341A (en) | Method, relevant apparatus and the system of schedules message | |
CN106102065A (en) | The networking collocation method of a kind of WiFi equipment and system | |
CN109286563B (en) | Data transmission control method and device | |
CN105657671B (en) | A kind of method and apparatus for realizing multicast | |
CN103746932A (en) | Method and apparatus for determining appointed VLAN-x forwarder | |
US10511494B2 (en) | Network control method and apparatus | |
CN109150829A (en) | Software definition cloud network trust data distribution method, readable storage medium storing program for executing and terminal | |
CN103780511A (en) | Flow path negotiation method and device in link aggregation group | |
CN106411731A (en) | Method and device of self-negotiation link aggregation control protocol (LACP) reference system and reference port | |
CN111756642A (en) | Network traffic scheduling system and method based on DPI and machine learning |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |