CN108683617B - Message distribution method and device and distribution switch - Google Patents
Message distribution method and device and distribution switch Download PDFInfo
- Publication number
- CN108683617B CN108683617B CN201810400232.4A CN201810400232A CN108683617B CN 108683617 B CN108683617 B CN 108683617B CN 201810400232 A CN201810400232 A CN 201810400232A CN 108683617 B CN108683617 B CN 108683617B
- Authority
- CN
- China
- Prior art keywords
- message
- port
- sending
- loopback
- distributed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/20—Support for services
- H04L49/201—Multicast operation; Broadcast operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/25—Routing or path finding in a switch fabric
Abstract
The present disclosure provides a message shunting method, device and shunting switch, where the shunting switch is configured with a plurality of loopback ports, and each loopback port corresponds to a service group including a plurality of egress ports; the method comprises the following steps: receiving a message to be distributed, redirecting the message to be distributed to a distribution multicast group comprising each loopback port, and multicasting the message to each loopback port; and aiming at each loopback port, according to the communication characteristic information carried by the message to be shunted, searching an output port corresponding to the message to be shunted in a first ACL (access control list) pre-configured in the loopback port, and sending the message to be shunted to the searched output port for sending when the corresponding output port is searched. The message to be shunted is firstly copied by a loopback port multicast mode, then an output port is selected by matching ACL rules, the number of ACLs to be configured is reduced under the condition that the number of the output ports is the same, and the problem that ACL resources are possibly insufficient when the number of the output ports is too much can be solved.
Description
Technical Field
The present disclosure relates to the field of network communication technologies, and in particular, to a message distribution method and apparatus, and a distribution switch.
Background
In some communication scenarios, the offload switch may need to copy a received packet into multiple copies, and send the copied packets to different service devices for processing according to communication characteristics of the packets (e.g., MAC information or port information carried by the packets). For example, referring to fig. 1, in the network security system, a plurality of service groups may be included, where different service groups are used to perform different security processing operations, each service group includes a plurality of service devices, and each service device corresponds to one output port of the secondary offloading device. After receiving the message from the primary shunting device, the secondary shunting device selects the message to be copied and sent to one or more service groups according to the communication characteristic information of the message, and determines which output port of the service groups to send to. Generally, the secondary offloading device is preconfigured with an Access Control List (ACL), and after receiving a message, searches for a corresponding egress port in the ACL according to communication feature information of the message, and then copies and redirects the message to the egress ports for transmission.
In a message flow distribution scheme adopted in the prior art, a corresponding egress port is usually searched in a preset ACL according to communication characteristic information of a message, and then the message is copied and redirected to the egress ports for transmission. For example, if there are 4 service groups accessing the shunting switch for message shunting, a message with communication feature X1 needs to be copied to output port 1.3 of service group 1 and output port 3.2 of service group 3 for transmission, and a message with communication feature X2 needs to be copied to output port 1.3 of service group 1 and output port 2.1 of service group 2 for transmission, an ACL for recording the correspondence between communication feature X1 and output ports 1.3 and 3.2 and an ACL for recording the correspondence between communication feature X2 and output ports 1.3 and 2.1 need to be configured, as shown in table 1.
TABLE 1
| Communication features | Service group 1 | |
|
|
| X1 | Outlet port 1.3 | Outlet port 3.2 | ||
| X2 | Outlet port 1.3 | Outlet port 2.1 |
The more the service devices accessing the secondary shunt device, the more the ACL number to be configured, but the limited ACL resources of the secondary shunt device, that is, one secondary shunt device can only support configuring a certain number of ACLs, and when the number of service devices accessing the secondary shunt device is too large, the ACL resources of the secondary shunt device may be insufficient, which results in that the secondary shunt device cannot smoothly perform message shunt operation. For example, in the above scheme, if each service group in 4 service groups of the device accessing the communication corresponds to 255 egress ports, there are 256^4 possible port combinations, that is, 256^4 ACLs are needed to fully cover all possibilities, but a general switch does not support configuring such a large number of ACLs.
Disclosure of Invention
In a first aspect, the present disclosure provides a packet offloading method, which is applied to an offloading switch, where the offloading switch is configured with a plurality of loopback ports, and each loopback port corresponds to a service group including a plurality of egress ports; the method comprises the following steps:
receiving a message to be distributed, redirecting the message to be distributed to a distribution multicast group comprising each loopback port, and multicasting the message to each loopback port;
and for each loopback port, according to the communication characteristic information carried by the message to be shunted, searching an output port corresponding to the message to be shunted in a first ACL pre-configured in the loopback port, and when the corresponding output port is searched, sending the message to be shunted to the searched output port for sending.
In a second aspect, the present disclosure provides a packet offloading device, which is applied to an offloading switch, where the offloading switch is configured with a plurality of loopback ports, and each loopback port corresponds to a service group including a plurality of egress ports; the device comprises:
the multicast module is used for receiving a message to be distributed, redirecting the message to be distributed to a distribution multicast group comprising each loopback port and multicasting the message to each loopback port;
a sending module, configured to search, for each loopback port, an egress port corresponding to the to-be-shunted packet in a first ACL pre-configured for the loopback port according to the communication feature information carried by the to-be-shunted packet, and send, when the corresponding egress port is found, the to-be-shunted packet to the found egress port for sending
In a third aspect, the present disclosure provides a distribution switch, including a processor and a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions executable by the processor, and the processor executes the machine-executable instructions to implement the packet distribution method provided by the present disclosure.
Compared with the prior art, the method has the following beneficial effects:
according to the message distribution method, the message distribution device and the distribution switch provided by the embodiment of the disclosure, the loopback ports corresponding to the service groups are pre-configured on the distribution switch, the received messages to be distributed are multicast to the loopback ports, and the messages are redirected to the output ports of the corresponding service groups according to the ACLs configured on the loopback ports. The message to be shunted is firstly copied by a loopback port multicast mode, then an output port is selected by matching ACL rules, the number of ACLs to be configured is reduced under the condition that the number of the output ports is the same, and the problem that ACL resources are possibly insufficient when the number of the output ports is too much can be solved.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present disclosure and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings may be obtained from the drawings without inventive effort.
Fig. 1 is a schematic view of an application scenario of packet offloading;
fig. 2 is a schematic flow chart of a message distribution method according to an embodiment of the present disclosure;
fig. 3 is a schematic diagram of a packet splitting principle provided in the embodiment of the present disclosure;
FIG. 4 is a schematic diagram of a loopback port ALC provided by an embodiment of the present disclosure;
fig. 5 is a schematic hardware structure diagram of a offload switch provided in the embodiment of the present disclosure;
fig. 6 is a schematic diagram of a functional module of a packet offloading device according to an embodiment of the present disclosure.
Icon: 100-a tap changer; 110-a message diversion apparatus; 111-multicast module; 112-a sending module; 120-a memory; 130-a processor.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be described clearly and completely with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are some, but not all embodiments of the present disclosure. The components of the embodiments of the present disclosure, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present disclosure, presented in the figures, is not intended to limit the scope of the claimed disclosure, but is merely representative of selected embodiments of the disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
In the description of the present disclosure, it should be noted that the terms "first", "second", "third", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
In the description of the present disclosure, it should also be noted that, unless otherwise explicitly specified or limited, the terms "disposed," "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meaning of the above terms in the present disclosure can be understood in specific instances by those of ordinary skill in the art.
The present embodiment provides a flow distribution switch, where the flow distribution switch at least includes an ingress port connected to an upper layer flow distribution device and used for receiving a message to be distributed, and a plurality of egress ports connected to a service device and used for sending the distributed message. Each service group corresponds to a plurality of output ports of the shunt switch, and for each service group, a message with a certain communication characteristic is sent to the service equipment from one output port in the service group at most for processing. The communication characteristics of the message may include MAC information, port identification or IP address of the message, etc.
The shunt switch is provided with a plurality of loopback ports, each loopback port corresponds to a service group comprising a plurality of output ports, each loopback port is provided with a first ACL of the service group corresponding to the loopback port, and the first ACL is used for redirecting the message received by the loopback port to the output port corresponding to the service group according to the communication characteristic information of the message. And configuring a second ACL at the input port of the message to be shunted, wherein the second ACL is used for redirecting the message received by the input port to a shunting multicast group so as to multicast the message to each loopback port.
Referring to fig. 2, the present embodiment provides a packet offloading method applied to the offloading switch, where the packet offloading method at least includes step S210 and step S220.
Step S210, receiving a message to be distributed, redirecting the message to be distributed to a distribution multicast group including each loopback port, and multicasting the message to each loopback port.
In this embodiment, the distribution switch receives the to-be-distributed packet from the ingress port of the to-be-distributed packet, and redirects the to-be-distributed packet to the distribution multicast group for multicast according to a second ACL pre-configured on the ingress port of the to-be-distributed packet.
Step S220, for each loopback port, according to the communication characteristic information carried by the message to be shunted, finding an egress port corresponding to the message to be shunted in a first ACL pre-configured for the loopback port, and when finding the corresponding egress port, sending the message to be shunted to the found egress port for sending.
Specifically, the first ACL includes a sending rule item and a rejection rule item having a processing priority lower than that of the sending rule item, and the sending rule item is used to record a correspondence between communication feature information of a packet and an egress port.
And the shunt switch matches a corresponding sending rule item in a first ACL pre-configured by the loopback port according to the communication characteristic information of the message to be shunted.
And if the message to be distributed is matched with the corresponding sending rule item, sending the message to be distributed to an output port recorded by the sending rule item for sending. Specifically, the multicast message sent to the loopback port is converted into a unicast message and redirected to the output port recorded by the sending rule item for sending.
And if the message to be distributed is not matched with the corresponding sending rule item, discarding the message to be distributed according to the rejection rule item.
To facilitate the understanding of the method of the present embodiment by those skilled in the art, the scheme of the present embodiment is described below by an example.
The shunting switch provided in this embodiment is often connected as a secondary shunting device between the primary shunting device and the service device. The primary shunting device is used for hashing a message to be shunted and modifying the MAC information of the message according to a preset rule, so that a source MAC and a target MAC of the message to be shunted are correspondingly modified according to a service group, a port and a CPU before the message to be shunted is sent to the secondary shunting device. After receiving the message to be shunted, the secondary shunting device (i.e., the shunting switch provided in this embodiment) selects to copy the message according to communication characteristics such as the MAC information and the port identifier carried in the message to be shunted, and then selects an output port to send to the service device.
Referring to fig. 3, a virtual loopback port is configured for each service group on the splitter switch, and loopback ports 1 to 4 correspond to service groups 1 to 4, respectively. And then adding the loopback ports into a split multicast group so that the multicast message sent to the split multicast group can be multicast to each loopback port. For a loopback port with large data traffic, the loopback port can be configured to be formed by aggregation of a plurality of sub loopback ports.
And aiming at each loopback port, configuring a first ACL of the service group corresponding to the loopback port in the incoming direction of the loopback port, so that the message sent to the loopback port is redirected to the output port corresponding to the service group according to the first ACL for sending. And configuring a second ACL in the input direction on the input port of the message to be shunted, so that when the message to be shunted is received through the input port, the message to be shunted is redirected to the shunting multicast group according to the second ACL.
For example, referring to fig. 3 again, the shunting switch includes a plurality of egress ports, where egress ports 1.1 to 1.N are egress ports of the service group 1, egress ports 2.2 to 2.N are egress ports of the service group 2, egress ports 3.1 to 3.N are egress ports of the service group 3, and egress ports 4.1 to 4.N are egress ports of the service group 4.
If the message with the communication feature X3 needs to be sent from the egress port 1.3 and the egress port 3.2, a first ACL recording the correspondence between the communication feature X3 and the egress port 1.3 is configured on the loopback port 1, and a first ACL recording the correspondence between the communication feature X3 and the egress port 3.2 is configured on the loopback port 3, as shown in fig. 4. Each loopback port is also provided with a rejection rule item of a sending rule item with lower priority.
Based on the configuration, when the ingress port of the offload switch receives the message with the characteristic communication of X3, the message to be offloaded is redirected to the offload multicast group according to the configured second ACL, and is multicast to each loopback port in the offload multicast group. That is to say, the message to be distributed is copied into multiple copies in the multicast process, and each copy is multicast to a corresponding loopback port.
When the loopback port 1 receives a multicast message with the characteristic communication of X3, a corresponding sending rule item is matched in the first ACL configured for the loopback port 1, and because the communication characteristic of the message is X3, the sending rule item with the egress port being the egress port 1.3 can be matched, and the message is redirected to the egress port 1.3 for sending.
Similarly, when the loopback port 3 receives a multicast message with the characteristic communication of X3, a corresponding sending rule item is matched in the first ACL configured for the loopback port 3, and since the communication characteristic of the message is X3, the sending rule item with the egress port as the egress port 3.2 can be matched, and the message is redirected to the egress port 3.2 for sending.
When the loopback port 2 receives the multicast message with the characteristic communication of X3, the corresponding sending rule item is matched in the first ACL configured by the loopback port 2, and the message is discarded according to the rejection rule item because the communication characteristic of the message is X3 and the corresponding sending rule item cannot be matched.
Similarly, when the loopback port 4 receives the multicast message with the characteristic communication of X3, the corresponding sending rule item is matched in the first ACL configured on the loopback port 4, and since the communication characteristic of the message is X3, the corresponding sending rule item cannot be matched, the message is discarded according to the rejection rule item.
Finally, the message with the communication characteristic of X3 is sent out from the egress port 1.3 and the egress port 3.2 of the shunting switch.
Based on the scheme, the message to be distributed is copied indiscriminately to each service group by the message to be distributed in the distribution multicast group of the loopback port, and then each service group corresponds to the first ACL on the loopback port to select the egress port. Thus, if each service group corresponds to 255 egress ports in 4 service groups accessed to the communication device, 256 ACLs only need to be configured on corresponding loopback ports of each service group, that is, the possibility of all port combinations can be covered by only 256 × 4 ACLs in total, compared with the scheme of 256^4 ACLs in the prior art, the scheme provided by the embodiment reduces the configuration amount of the ACL rules to a great extent, and avoids the problem of insufficient ACLs due to excessive egress ports in the message shunting scene.
Referring to fig. 5, fig. 5 is a schematic diagram of a hardware structure of a shunting switch 100 according to an embodiment of the present disclosure. The server 100 includes a message distribution device 110, a memory 120, and a processor 130.
The memory 120 and the processor 130 are electrically connected to each other directly or indirectly to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The message distribution device 110 includes at least one software function module, which may be stored in the memory 120 in the form of software or firmware (firmware) or fixed in an Operating System (OS) of the server 100. The processor 130 is configured to execute executable modules stored in the memory 120, such as software functional modules and computer programs included in the message diversion apparatus 110.
The Memory 120 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like. The memory 120 is used for storing a program, and the processor 130 executes the program after receiving the execution instruction.
Referring to fig. 5, the present embodiment further provides a packet offloading device 110 applied to the offloading switch 100, which is functionally divided, and the packet offloading device 110 may include a multicast module 111 and a sending module 112.
The multicast module 111 is configured to receive a message to be distributed, redirect the message to be distributed to a distribution multicast group including each loopback port, and multicast the message to each loopback port.
In this embodiment, the multicast module 111 may be configured to execute step S210 shown in fig. 2, and reference may be made to the description of step S210 for a detailed description of the multicast module 111.
Optionally, in this embodiment, the multicast module 111 is specifically configured to receive the packet to be shunted from an ingress port of the packet to be shunted, and redirect the packet to be shunted to the shunting multicast group for multicast according to a second ACL configured in advance on the ingress port of the packet to be shunted.
The sending module 112 is configured to, for each loopback port, search, according to the communication characteristic information carried by the message to be shunted, an egress port corresponding to the message to be shunted in a first ACL pre-configured for the loopback port, and send the message to be shunted to the searched egress port for sending when the corresponding egress port is found.
In this embodiment, the sending module 112 may be configured to execute step S220 shown in fig. 2, and reference may be made to the description of step S220 for a detailed description of the sending module 112.
Optionally, in this embodiment, the first ACL includes a sending rule item and a reject rule item having a processing priority lower than that of the sending rule item, where the sending rule item is used to record a correspondence between communication feature information of a packet and an egress port; the sending module 112 is specifically configured to match a corresponding sending rule item in a first ACL pre-configured in the loopback port according to the communication characteristic information of the packet to be shunted; when the corresponding sending rule item is matched, the message to be distributed is sent to an output port recorded by the sending rule item for sending; and when the message to be distributed is not matched with the corresponding sending rule item, discarding the message to be distributed according to the rejection rule item.
Optionally, in this embodiment, when sending the message to be distributed to the egress port recorded in the sending rule item for sending, the sending module 112 converts the multicast message sent to the loopback port into a unicast message and redirects the unicast message to the egress port recorded in the sending rule item for sending.
Optionally, in this embodiment, the loopback port is formed by aggregating a plurality of sub loopback ports.
To sum up, according to the message distribution method, the message distribution device, and the distribution switch provided by the embodiments of the present disclosure, the loopback ports corresponding to each service group are pre-configured on the distribution switch, the received message to be distributed is multicast to the loopback ports, and the message is redirected to the output port of the corresponding service group according to the ACL configured on each loopback port. The message to be shunted is firstly copied by a loopback port multicast mode, and then an output port is selected according to the matched ACL rule, so that the number of ACLs to be configured can be reduced under the condition that the number of the output ports is the same, and the problem that ACL resources are possibly insufficient when the number of the output ports is too much is solved.
In the embodiments provided in the present disclosure, it should be understood that the disclosed apparatus and method may be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present disclosure may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present disclosure. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only for the specific embodiments of the present disclosure, but the scope of the present disclosure is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present disclosure, and all the changes or substitutions should be covered within the scope of the present disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.
Claims (10)
1. A message shunting method is characterized in that the method is applied to a shunting switch, the shunting switch is provided with a plurality of loopback ports, and each loopback port corresponds to a service group comprising a plurality of output ports; the method comprises the following steps:
receiving a message to be distributed, redirecting the message to be distributed to a distribution multicast group comprising each loopback port, and multicasting the message to each loopback port;
and for each loopback port, searching an output port corresponding to the message to be shunted in a first access control list configured in advance in the loopback port according to the communication characteristic information carried by the message to be shunted, and sending the message to be shunted to the searched output port for sending when the corresponding output port is searched.
2. The method according to claim 1, wherein the step of redirecting the message to be shunted to a shunting multicast group including each loopback port for multicast comprises:
and receiving the message to be distributed from an input port of the message to be distributed, and redirecting the message to be distributed to the distribution multicast group for multicast according to a second access control list configured in advance on the input port of the message to be distributed.
3. The method according to claim 1, wherein the first access control list includes a sending rule item and a reject rule item having a processing priority lower than that of the sending rule item, and the sending rule item is used for recording a correspondence between communication feature information of a packet and an egress port; the step of searching an output port corresponding to the message to be shunted in a first access control list pre-configured in the loopback port according to the communication characteristic information carried by the message to be shunted, and sending the message to be shunted to the searched output port for sending when the corresponding output port is found includes:
matching a corresponding sending rule item in a first access control list configured in advance by the loopback port according to the communication characteristic information of the message to be shunted;
if the corresponding sending rule item is matched, the message to be distributed is sent to an output port recorded by the sending rule item for sending;
and if the message to be distributed is not matched with the corresponding sending rule item, discarding the message to be distributed according to the rejection rule item.
4. The method according to claim 3, wherein the step of sending the message to be shunted to the egress port recorded by the sending rule item for sending if the corresponding sending rule item is matched includes:
if the corresponding sending rule item is matched, converting the multicast message sent to the loopback port into a unicast message according to the sending rule item, and redirecting to an output port recorded by the sending rule item for sending.
5. The method of claim 1, wherein the loopback port is formed by aggregation of a plurality of sub loopback ports.
6. A message shunting device is characterized in that the device is applied to a shunting switch, the shunting switch is provided with a plurality of loopback ports, and each loopback port corresponds to a service group comprising a plurality of output ports; the device comprises:
the multicast module is used for receiving a message to be distributed, redirecting the message to be distributed to a distribution multicast group comprising each loopback port and multicasting the message to each loopback port;
and the sending module is used for searching an output port corresponding to the message to be distributed in a first access control list configured in advance in the loopback port according to the communication characteristic information carried by the message to be distributed aiming at each loopback port, and sending the message to be distributed to the searched output port for sending when the corresponding output port is searched.
7. The apparatus according to claim 6, wherein the multicast module is configured to receive the packet to be distributed from an ingress port of the packet to be distributed, and redirect the packet to be distributed to the multicast group for multicast according to a second access control list preconfigured on the ingress port of the packet to be distributed.
8. The apparatus according to claim 6, wherein the first access control list includes a sending rule item and a reject rule item having a processing priority lower than that of the sending rule item, and the sending rule item is used to record a correspondence between communication feature information of a packet and an egress port; the sending module is used for matching a corresponding sending rule item in a first access control list pre-configured by the loopback port according to the communication characteristic information of the message to be shunted; when the corresponding sending rule item is matched, the message to be distributed is sent to an output port recorded by the sending rule item for sending; and when the message to be distributed is not matched with the corresponding sending rule item, discarding the message to be distributed according to the rejection rule item.
9. The apparatus method according to claim 8, wherein the sending module converts the multicast packet sent to the loopback port into a unicast packet and redirects the unicast packet to the egress port recorded by the sending rule item for sending when sending the packet to be shunted to the egress port recorded by the sending rule item.
10. A offload switch comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor executing the machine-executable instructions to implement the method of any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810400232.4A CN108683617B (en) | 2018-04-28 | 2018-04-28 | Message distribution method and device and distribution switch |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810400232.4A CN108683617B (en) | 2018-04-28 | 2018-04-28 | Message distribution method and device and distribution switch |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108683617A CN108683617A (en) | 2018-10-19 |
| CN108683617B true CN108683617B (en) | 2021-01-01 |
Family
ID=63802546
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810400232.4A Active CN108683617B (en) | 2018-04-28 | 2018-04-28 | Message distribution method and device and distribution switch |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108683617B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112087400B (en) * | 2020-09-16 | 2023-03-14 | 浙江中烟工业有限责任公司 | Network flow mirroring system and method based on EtherCAT slave station chip |
| CN114363272B (en) * | 2020-09-27 | 2023-03-31 | 华为技术有限公司 | Configuration method of switch and related equipment |
| CN114760108B (en) * | 2022-03-22 | 2023-04-25 | 杭州迪普科技股份有限公司 | Message matching method and device |
| CN115086253B (en) * | 2022-06-16 | 2024-03-29 | 苏州盛科通信股份有限公司 | Ethernet exchange chip and high-bandwidth message forwarding method |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101267331A (en) * | 2008-04-23 | 2008-09-17 | 华为技术有限公司 | A search method and device for multicast forward table |
| CN101425979A (en) * | 2008-12-10 | 2009-05-06 | 中兴通讯股份有限公司 | Data packet forwarding method for Ether ring network |
| CN101478496A (en) * | 2009-01-21 | 2009-07-08 | 杭州华三通信技术有限公司 | Data packet forwarding method and switching device |
| CN102185785A (en) * | 2011-06-07 | 2011-09-14 | 杭州华三通信技术有限公司 | Layer 2 forwarding chip and realization method thereof |
| US20130242992A1 (en) * | 2012-03-14 | 2013-09-19 | International Business Machines Corporation | Multicast traffic generation using hierarchical replication mechanisms for distributed switches |
| EP2689562A1 (en) * | 2011-03-24 | 2014-01-29 | NEC Europe Ltd. | Method for operating a flow-based switching system and switching system |
| CN105791109A (en) * | 2014-12-25 | 2016-07-20 | 中兴通讯股份有限公司 | Method and apparatus for carrying out multicast forwarding on MPLS (Multi-Protocol Label Switching) intermediate node |
| CN107566267A (en) * | 2016-06-30 | 2018-01-09 | 中兴通讯股份有限公司 | A kind of message forwarding method and device based on aggregated links |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5772568B2 (en) * | 2011-12-19 | 2015-09-02 | 富士通株式会社 | Communication apparatus and communication method |
| CN104618247B (en) * | 2014-12-30 | 2018-10-26 | 新华三技术有限公司 | A kind of transmission method and device of multicast message |
| CN106685786B (en) * | 2016-12-30 | 2019-10-11 | 盛科网络(苏州)有限公司 | The chip implementing method of multistage ACL in a kind of wlan system |
-
2018
- 2018-04-28 CN CN201810400232.4A patent/CN108683617B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101267331A (en) * | 2008-04-23 | 2008-09-17 | 华为技术有限公司 | A search method and device for multicast forward table |
| CN101425979A (en) * | 2008-12-10 | 2009-05-06 | 中兴通讯股份有限公司 | Data packet forwarding method for Ether ring network |
| CN101478496A (en) * | 2009-01-21 | 2009-07-08 | 杭州华三通信技术有限公司 | Data packet forwarding method and switching device |
| EP2689562A1 (en) * | 2011-03-24 | 2014-01-29 | NEC Europe Ltd. | Method for operating a flow-based switching system and switching system |
| CN102185785A (en) * | 2011-06-07 | 2011-09-14 | 杭州华三通信技术有限公司 | Layer 2 forwarding chip and realization method thereof |
| US20130242992A1 (en) * | 2012-03-14 | 2013-09-19 | International Business Machines Corporation | Multicast traffic generation using hierarchical replication mechanisms for distributed switches |
| CN105791109A (en) * | 2014-12-25 | 2016-07-20 | 中兴通讯股份有限公司 | Method and apparatus for carrying out multicast forwarding on MPLS (Multi-Protocol Label Switching) intermediate node |
| CN107566267A (en) * | 2016-06-30 | 2018-01-09 | 中兴通讯股份有限公司 | A kind of message forwarding method and device based on aggregated links |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108683617A (en) | 2018-10-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108683617B (en) | Message distribution method and device and distribution switch | |
| CN108809836B (en) | Multicast data message forwarding method and device | |
| CN108848034B (en) | Network equipment and table entry learning method | |
| US9923819B2 (en) | Systems and methods for routing information in an information handling system using extended L3 lookup tables | |
| US9774731B1 (en) | Adding additional information to caller ID information | |
| US9385948B2 (en) | Packet processing method, device and system | |
| US8472311B2 (en) | Systems, methods, and computer readable media for providing instantaneous failover of packet processing elements in a network | |
| US20180091428A1 (en) | Statistical Multiplexing of Inline Network Tools | |
| CN108259347B (en) | Message transmission method and device | |
| CN107547391B (en) | Message transmission method and device | |
| CN113079097B (en) | Message processing method and device | |
| CN106685827B (en) | Downlink message forwarding method and AP (access point) equipment | |
| CN105429879B (en) | Flow entry querying method, equipment and system | |
| CN102624611A (en) | Method, device, processor and network equipment for message dispersion | |
| CN109067585B (en) | Method and device for issuing query ACL (access control list) table items | |
| WO2018001020A1 (en) | Aggregated link based message forwarding method and device | |
| CN108683615B (en) | Message distribution method and device and distribution switch | |
| US20050190752A1 (en) | Method and system for locating the incoming port of a MAC address in an Ethernet switch network | |
| US11171796B2 (en) | Managing multicast scaling | |
| CN108093051B (en) | Message copying method and device | |
| EP3964966A1 (en) | Message matching table lookup method, system, storage medium, and terminal | |
| US10142177B2 (en) | Mechanisms to identify mismatches in layer 3 configuration in a network | |
| CN109088894B (en) | ACL (access control list) issuing method and network equipment | |
| CN107547382B (en) | Neighbor relation discovery method and device | |
| US9164820B1 (en) | System and method for correcting scrambled messages |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |