CN109510777A - Flow table method of combination, device and SDN controller - Google Patents

Flow table method of combination, device and SDN controller Download PDF

Info

Publication number
CN109510777A
CN109510777A CN201811338191.7A CN201811338191A CN109510777A CN 109510777 A CN109510777 A CN 109510777A CN 201811338191 A CN201811338191 A CN 201811338191A CN 109510777 A CN109510777 A CN 109510777A
Authority
CN
China
Prior art keywords
flow table
tap
configuration
transmission path
movement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811338191.7A
Other languages
Chinese (zh)
Other versions
CN109510777B (en
Inventor
韩子康
吴小文
董先存
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maipu Communication Technology Co Ltd
Original Assignee
Maipu Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maipu Communication Technology Co Ltd filed Critical Maipu Communication Technology Co Ltd
Priority to CN201811338191.7A priority Critical patent/CN109510777B/en
Publication of CN109510777A publication Critical patent/CN109510777A/en
Application granted granted Critical
Publication of CN109510777B publication Critical patent/CN109510777B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/20Traffic policing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/28Routing or path finding of packets in data switching networks using route fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/302Route determination based on requested QoS
    • H04L45/306Route determination based on the nature of the carried application
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/38Flow based routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2425Traffic characterised by specific attributes, e.g. priority or QoS for supporting services specification, e.g. SLA

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the present application provides a kind of flow table method of combination, device and SDN controller, belongs to network shunt technical field.It include the configuration parameter of multiple network shunt device TAP in the corresponding transmission path of target data stream in the configuring request this method comprises: obtaining the configuring request of network shunt;It is that each TAP generates corresponding configuration flow table based on the configuration parameter, and corresponding configuration flow table is issued respectively to each TAP, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration, so, in this programme, configuration flow table can be automatically generated based on the configuration parameter in configuring request by SDN controller, and realize issuing automatically for configuration flow table, it is configured from without personnel for each TAP, so that flow table configuration process is simple, it is not easy to make mistakes, improve the convenience for managing and maintaining TAP network.

Description

Flow table method of combination, device and SDN controller
Technical field
This application involves network shunt technical fields, control in particular to a kind of flow table method of combination, device and SDN Device processed.
Background technique
Network shunt device (Testing Access Port, abbreviation TAP) is a kind of network shunt, data grabber equipment, is made With being to be acquired, converge, shunt and dredge to export to various network monitoring tools to the flow in network, for example, network intrusions Detection system IDS, analog signal digital VOIP recording service, network detection, far-end network RMON detection, protocal analysis, letter The network monitorings tool such as protocal analysis, Packet Sniffer is enabled, for realizing the demand of network flow monitoring and analysis.
In large scale network, needs more TAP equipment to carry out the crawl of data flow to many places data point in network, be Business network is not had an impact, general more independent networkings of TAP equipment, formed one it is being separated with business network, parallel TAP network.In traditional TAP networking plan, every one flow of configuration grabs task, needs the artificial layout data of administrator Then the transmission path of stream logs on to relevant device in a manner of remote login service TELNET or containment agreement SSH one by one, It configures the crawl of corresponding flow or shunts rule, this mode not only configures cumbersome, but also easily malfunctions, causes to manage and maintain The very difficult problem of TAP network.
Summary of the invention
The embodiment of the present application is designed to provide a kind of flow table method of combination, device and SDN controller.
In a first aspect, the embodiment of the present application provides a kind of flow table method of combination, it is applied to SDN controller, the method Include: the configuring request for obtaining network shunt, includes more in the corresponding transmission path of target data stream in the configuring request The configuration parameter of a network shunt device TAP;Based on the configuration parameter it is that each TAP generates corresponding configuration flow table, and to every A TAP issues corresponding configuration flow table respectively, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration.
During above-mentioned realization, configuration can be automatically generated based on the configuration parameter in configuring request by SDN controller Flow table, and realize issuing automatically for configuration flow table, from being that each TAP is configured without personnel, so that flow table configuration process Simply, not easy to make mistakes, improve the convenience for managing and maintaining TAP network.
Optionally, the multiple TAP includes source TAP, centre TAP and purpose TAP, is each based on the configuration parameter TAP generates corresponding configuration flow table, and issues corresponding configuration flow table respectively to each TAP, so that each TAP is based on pair The configuration flow table answered carries out transmission path configuration, comprising: generates the first configuration stream based on the configuration parameter for the source TAP Table, so that the source TAP is based on the first configuration flow table and carries out transmission path configuration;It is in described based on the configuration parameter Between TAP generate second configuration flow table so that the intermediate TAP be based on it is described second configuration flow table carry out transmission path configuration;Base In the configuration parameter be purpose TAP generate third configure flow table so that the purpose TAP be based on the third configure flow table into The configuration of row transmission path.
During above-mentioned realization, SDN controller based on configuration parameter be transmission path in each TAP equipment generate and under Its corresponding configuration flow table is sent out, so that each TAP in transmission path can complete transmission road according to respective configuration flow table The configuration of diameter, and then realize issuing automatically for configuration flow table, from being that each TAP is configured without personnel, so that flow table is matched It is simple to set process, it is not easy to make mistakes, improve the convenience for managing and maintaining TAP network.
Optionally, the first configuration flow table includes that the first copy group generates flow table, truncation group generates flow table and first Execution acts flow table, and the source TAP, which is used to generate flow table based on first copy group, executes duplication operation to received message, The source TAP is used to generate flow table to received message execution information intercept operation based on the truncation group, and the source TAP is used for The message received based on first execution movement flow table docking executes corresponding movement in the first execution movement flow table.
During above-mentioned realization, source TAP can realize the operations such as duplication, truncation to message based on the first configuration flow table, thus The achievable complicated business demand to message.
Optionally, the second configuration flow table includes that the second movement executes flow table, and the intermediate TAP is used for based on described the Two movements execute flow table and execute corresponding movement in how many second movement execution flow tables to received message.
Optionally, third configuration flow table includes that timestamp group generates flow table, the second copy group generates flow table and the Three execution act flow table, when the purpose TAP is used to add the execution of received message based on timestamp group generation flow table Between stamp act, the purpose TAP be used for based on second copy group generate flow table to received message execute replication actions, institute It is right in the message execution third execution movement flow table of the purpose TAP for being received based on third execution movement flow table docking to state The movement answered.
During above-mentioned realization, the behaviour such as purpose TAP can be realized duplication, beat timestamp based on third configuration flow table to message Make, thus the achievable complicated business demand to message.
Optionally, based on the configuration parameter be that each TAP generates corresponding configuration flow table, and to each TAP respectively under Send out configuration flow table corresponding, so that each TAP is based on after the progress transmission path configuration of corresponding configuration flow table, further includes: sentence Whether the transmission path of breaking breaks down;If there is failure, new transmission path is reselected, to join based on the configuration Several each TAP in the new transmission path issue the corresponding new configuration flow table of each TAP respectively, so that each TAP New transmission path configuration is carried out based on the corresponding new configuration flow table of each TAP.
During above-mentioned realization, when the corresponding transmission path of target data stream breaks down, one is reselected newly Transmission path configured so that target data stream can carry out continuing to transmit from new transmission path, and then guarantee The transmission of target data stream is uninterrupted.
Second aspect, the embodiment of the present application provide a kind of flow table layout device, run on SDN controller, described device Include: that configuring request obtains module, includes target data stream in the configuring request for obtaining the configuring request of network shunt The configuration parameter of multiple network shunt device TAP in corresponding transmission path;Flow table generation module is configured, for matching based on described Setting parameter is that each TAP generates corresponding configuration flow table, and issues corresponding configuration flow table respectively to each TAP, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration.
Optionally, the multiple TAP includes source TAP, centre TAP and purpose TAP, the configuration flow table generation module, packet It includes: the first configuration flow table generation unit, for being source TAP generation the first configuration flow table based on the configuration parameter, so that The source TAP is based on the first configuration flow table and carries out transmission path configuration;Second configuration flow table generation unit, for being based on institute State configuration parameter and be that the intermediate TAP generates the second configuration flow table so that the intermediate TAP be based on the second configuration flow table into The configuration of row transmission path;Third configures flow table generation unit, for being that purpose TAP generates third configuration based on the configuration parameter Flow table, so that the purpose TAP is based on third configuration flow table and carries out transmission path configuration.
Optionally, the first configuration flow table includes that the first copy group generates flow table, truncation group generates flow table and first Execution acts flow table, and the source TAP, which is used to generate flow table based on first copy group, executes duplication operation to received message, The source TAP is used to generate flow table to received message execution information intercept operation based on the truncation group, and the source TAP is used for The message received based on first execution movement flow table docking executes corresponding movement in the first execution movement flow table.
Optionally, the second configuration flow table includes that the second movement executes flow table, and the intermediate TAP is used for based on described the Two movements execute flow table and execute corresponding movement in how many second movement execution flow tables to received message.
Optionally, third configuration flow table includes that timestamp group generates flow table, the second copy group generates flow table and the Three execution act flow table, when the purpose TAP is used to add the execution of received message based on timestamp group generation flow table Between stamp act, the purpose TAP be used for based on second copy group generate flow table to received message execute replication actions, institute It is right in the message execution third execution movement flow table of the purpose TAP for being received based on third execution movement flow table docking to state The movement answered.
Optionally, described device further include: path gravity treatment module, for judging whether the transmission path breaks down; If there is failure, reselect new transmission path, with based on the configuration parameter to every in the new transmission path A TAP issues the corresponding new configuration flow table of each TAP respectively, so that each TAP is based on the corresponding new configuration stream of each TAP Table carries out new transmission path configuration.
The third aspect, the embodiment of the present application provide a kind of SDN controller, including processor and memory, the storage Device is stored with computer-readable instruction fetch, when the computer-readable instruction fetch is executed by the processor, operation such as first The step in the method that aspect provides.
The embodiment of the present application provides a kind of flow table method of combination, device and SDN controller, and this method passes through SDN controller The configuring request of network shunt is obtained, includes multiple networks in the corresponding transmission path of target data stream in the configuring request The configuration parameter of current divider TAP is then based on the configuration parameter and is that each TAP generates corresponding configuration flow table, and to each TAP issues corresponding configuration flow table respectively, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration, so, In the present solution, configuration flow table can be automatically generated based on the configuration parameter in configuring request by SDN controller, and realize configuration stream Table issues automatically, configures from without personnel for each TAP, so that flow table configuration process is simple, it is not easy to make mistakes, it improves Manage and maintain the convenience of TAP network.
Other feature and advantage of the application will be illustrated in subsequent specification, also, partly be become from specification It is clear that by implementing the embodiment of the present application understanding.The purpose of the application and other advantages can be by written theorys Specifically noted structure is achieved and obtained in bright book, claims and attached drawing.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 is a kind of TAP networking structure schematic diagram of SDN control provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of flow table method of combination provided by the embodiments of the present application;
Fig. 3 is a kind of structural block diagram of flow table layout device provided by the embodiments of the present application;
Fig. 4 is a kind of structural schematic diagram of SDN controller provided by the embodiments of the present application.
Specific embodiment
Below in conjunction with attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Ground description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.Usually exist The component of the embodiment of the present application described and illustrated in attached drawing can be arranged and be designed with a variety of different configurations herein.Cause This, is not intended to limit claimed the application's to the detailed description of the embodiments herein provided in the accompanying drawings below Range, but it is merely representative of the selected embodiment of the application.Based on embodiments herein, those skilled in the art are not being done Every other embodiment obtained under the premise of creative work out, shall fall in the protection scope of this application.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.Meanwhile the application's In description, term " first ", " second " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
In the prior art, when completing " network shunt " or " flow crawl " task by TAP equipment network, in complex task Under scene, need to meet following demand simultaneously:
1) data flow flows into TAP network from multiple entrances at random, and these entrances may be in a TAP equipment, can also It can be in different TAP equipment.
2) destination of data flow is multiple outlets in TAP network, and equally, these outlets may be in a TAP equipment On, it is also possible in different TAP equipment.
3) outlet of data flow and entrance may be in same TAP equipment, it is also possible in different TAP equipment.
4) there are two types of requirement possibility of the outlet to data: multiple outlets receive identical data volume, that is, need TAP net Network replicates data stream;Data flow is collected to multiple outlet load balancings, that is, TAP network load is needed to distribute number with sharing According to stream.
5) it is directed to certain feature stream (meeting 7 tuple features), before needing TAP network to send out data flow from outlet, logarithm Timestamp is beaten according to message, with the time of the submitting TAP network of excited data message.
6) it is directed to certain feature stream (meeting 7 tuple features), needs TAP network before data flow is sent out from outlet, logarithm It is truncated according to message, only retains the preceding n byte of message, to reduce the pressure of target device analysis data message.
7) in TAP network internal link failure, TAP network can re-establish transmission path automatically for data flow, meet The demand of fault self-recovery.
In order to solve the TAP netconfig problem of above-mentioned complex task scene, the artificial layout data stream of administrator is needed Transmission path configures corresponding flow crawl or shunts rule, this mode is not then one by one to be remotely logged into relevant device It only configures cumbersome, and easily malfunctions, cause to manage and maintain the very difficult problem of TAP network.
So in order to improve the above problem, the embodiment of the present application provides a kind of flow table method of combination.
As shown in FIG. 1, FIG. 1 is a kind of TAP networking structure schematic diagram of SDN control provided by the embodiments of the present application, this realities It applies in example, by using software defined network (Software Defined Network, abbreviation SDN) controller to TAP network It is managed concentratedly and is safeguarded, typical realize of SDN technology is that SDN controller is set by OpenFlow protocol configuration and management It is standby.
SDN is a kind of new network framework, and core is by data plane and control planar separation.In SDN, more number of units evidences For forwarding device by controller centralized control, controller grasps the whole network view, carries out global decisions.Have benefited from the whole network view, the overall situation Decision, SDN are more flexible to the configuration of network, intelligent.
SDN controller provides the interactive interface of human-computer interaction, all management, configuration can by this interactive portion into Row.Meanwhile on interactive interface, providing Topology Management, topology visualization, device port traffic visualization, service traffics can Depending on functions such as changes, the cumbersome problem for configuring equipment in traditional TAP network configuration one by one by the interface shell is not only solved, More friendly provides management, visualization function, provides more humanized side for investigation mistake, monitoring traffic in network trend Formula.
Referring to figure 2., Fig. 2 is a kind of flow chart of flow table method of combination provided by the embodiments of the present application, this method application In SDN controller, described method includes following steps:
Step S110: the configuring request of network shunt is obtained.
User can input the configuring request of network shunt on the human-computer interaction interface that SDN controller provides, which asks The configuration parameter including multiple network shunt device TAP in the corresponding transmission path of target data stream is sought, the configuring request is also Can include but is not limited to: 7 tuple features of data flow, to message carry out be truncated and beat timestamp demand, data flow enters TAP (port of TAP equipment has the whole network unique identification to the port id and quantity of network, may know that it is which platform TAP equipment by it Which port);Data flow leaves the port id and quantity of TAP network, the i.e. configuration parameters such as destination of data flow.
It is to be appreciated that the human-computer interaction interface in SDN controller can carry out configuration item configuration, i.e. input configuration is joined Number, including source TAP, purpose TAP, interface, monitoring service, TAP business etc., whether wherein monitoring service can configure again when opening dozen Between functions and its needs such as stamp, truncation, duplication parameter, configurable seven tuples again in TAP business, and may be selected inbound port group and Monitoring service.
Wherein, target data stream refers to a variety of messages by some particular server, or refers to towards some purpose TAP Data flow.
Step S120: being that each TAP generates corresponding configuration flow table, and distinguishes to each TAP based on the configuration parameter Corresponding configuration flow table is issued, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration.
SDN controller is raw according to each TAP of the configuration parameter carried in configuring request into the transmission path of data flow Corresponding configuration flow table is issued at corresponding configuration flow table, and to each TAP, so that each TAP is based on respective configuration Flow table carries out transmission path configuration, for example, each TAP is based on, respective configuration flow table completes flow crawl, message is truncated, multiple It makes, adding paths label or the configuration such as strips path label, beats timestamp.
In the present embodiment, the configuring request of network shunt is obtained by SDN controller, includes target in the configuring request The configuration parameter of multiple network shunt device TAP in the corresponding transmission path of data flow, it is every for being then based on the configuration parameter A TAP generates corresponding configuration flow table, and issues corresponding configuration flow table respectively to each TAP, so that each TAP is based on corresponding to Configuration flow table carry out transmission path configuration, it is not easy to make mistakes so that flow table configuration is simple in this programme, and can be according to user's Any demand carries out flexible flow table configuration.
Wherein, the transmission path of target data stream includes source TAP, centre TAP and purpose due to having multiple TAP, multiple TAP TAP, and the source TAP of target data stream, centre TAP and purpose TAP all can be multiple, SDN controller is according to user configuration Target data stream enters the port id and quantity of TAP network, parse active TAP ID and quantity, and from the ID of source TAP close All source ID (port that target data stream enters TAP network) being linked under the equipment;Also, the target according to user configuration Data flow leaves the port id and quantity of TAP network, parses the ID and quantity of all purposes TAP, and close from the ID of purpose TAP The all purposes port id (port that target data stream leaves TAP network) being linked under the equipment.
Configuration flow table task is generated in SDN controller, is such as configured the task of source TAP, is included following data in task: this The ID of the source TAP of configuration;The ID of all source ports under the TAP of source;7 tuple features of data flow;Demand information is truncated;All mesh TAP ID.And the task of configuration purpose TAP, it include following data in task: the ID of the TAP of the purpose of this configuration;It should The ID of all purposes port under purpose TAP;7 tuple features of data flow;Timestamp demand information;Active TAP ID.
Wherein, SDN controller generates corresponding configuration flow table according to configuration flow table task, i.e. SDN controller is based on described Configuration parameter is that the source TAP generates the first configuration flow table, so that the source TAP is based on the first configuration flow table and is transmitted Path configuration;It is that the intermediate TAP generates the second configuration flow table based on the configuration parameter, so that the intermediate TAP is based on institute It states the second configuration flow table and carries out transmission path configuration;It is purpose TAP generation third configuration flow table based on the configuration parameter, so that The purpose TAP is based on third configuration flow table and carries out transmission path configuration.
During above-mentioned realization, SDN controller based on configuration parameter be transmission path in each TAP equipment generate and under Its corresponding configuration flow table is sent out, so that each TAP in transmission path can complete transmission road according to respective configuration flow table The configuration of diameter, and then realize issuing automatically for configuration flow table, from being that each TAP is configured without personnel, so that flow table is matched It is simple to set process, it is not easy to make mistakes, improve the convenience for managing and maintaining TAP network.
Specifically, the first configuration flow table includes that the first copy group generates flow table, truncation group generates flow table and first Execution acts flow table.
Wherein, when generating the first copy group generation flow table, the path label of source TAP to each purpose TAP is obtained, and The output port of next-hop is reached into the path of each purpose TAP, output port is illustrated by taking the i of port as an example, port i's OpenFlow ID is porti, and the source TAP is used to generate flow table based on first copy group multiple to the execution of received message System operation, it is as follows that the first copy group generates stream tableau format:
Group Id field: all_group (every generation one group table, either copy group or truncation group or timestamp, The value is different)
The type field: all;
Bucket field: each purpose TAP a corresponding bucket, action=are added to the path mark of purpose TAP Label+output:porti.
Since target data stream can be inputted from multiple source TAP, and multiple corresponding purpose TAP are output to, so in source It needs to carry out duplication operation to received message on TAP.
The source TAP is used to generate flow table based on the truncation group to received message execution information intercept operation, truncation It is as follows that group generates stream tableau format:
Group Id field: slice_group (every generation one group table, either copy group or truncation group or time Stamp, the value are different)
The type field: indirect;
Bucket field: length after only one bucket, action=truncation+into copy group all_group.
The source TAP, which is used to execute described first based on the message that first execution movement flow table docking is received, executes movement Corresponding movement in flow table, according to all source port ID under the TAP of source, it is as follows that the first of generation executes stream of action tableau format:
Priority: p1 (flow table priority when configuration purpose TAP equipment is p2, p2 < p1)
Match field: source port ID+ " 7 tuple " feature;
Action field: into truncation group slice_group.
Wherein, the execution movement in the first execution movement flow table is that the message received is input to truncation group, then root Flow table being generated according to truncation group, message truncation being carried out to message, message is then input to copy group and is replicated, so that source TAP can The operations such as duplication, truncation are realized to message based on the first configuration flow table, thus the achievable complicated business demand to message.
In addition, the second configuration flow table includes that the second movement executes flow table, the intermediate TAP is used for based on second movement It executes flow table and corresponding movement in how many second movement execution flow tables is executed to received message, the second movement executes the lattice of flow table Formula is as follows:
Precedence field: (wherein p3 meets p3: p2 < p1 < p3)
Match field: path label;
Action field: (porti is the output end that next TAP equipment is reached in transmission path to output:porti Mouthful).
The third configuration flow table includes that timestamp group generates flow table, the second copy group generates flow table and third is executed and moved Make flow table.
Wherein, the purpose TAP, which is used to generate flow table based on the timestamp group, executes the addition time to received message Stamp movement, according to all purposes port under purpose TAP, by taking destination port j as an example, the OpenFlow ID of port j is portj, Each destination port generates a timestamp group, and it is as follows that timestamp group generates stream tableau format:
Group Id field: time_groupIdj (one group table of every generation, either copy group or truncation group or when Between stab, the value is different)
The type field: indirect;
Bucket field: only one bucket, action=beat timestamp+output:portj.
The purpose TAP, which is used to generate flow table based on second copy group, executes replication actions to received message, the It is as follows that two copy groups generate stream tableau format:
Group Id field: all_groupId (every generation one group table, either copy group or truncation group or time Stamp, the value are different)
The type field: all;
Bucket field: according to all purposes port under purpose TAP equipment, one bucket of each generation, for Port j, action=strip path label+into timestamp group time_groupIdj.
The purpose TAP is used to execute based on the message execution third that third execution movement flow table docking is received dynamic Make corresponding movement in flow table, it is as follows that third executes stream of action tableau format:
Precedence field: p2 (flow table priority when configuration source TAP equipment is p1, p2 < p1)
Match field: path label+" 7 tuple " feature;
Action field: into copy group all_groupId.
During above-mentioned realization, the behaviour such as purpose TAP can be realized duplication, beat timestamp based on third configuration flow table to message Make, thus the achievable complicated business demand to message.
SDN controller is after generating above-mentioned configuration flow table, by configuration flow table issuance to corresponding TAP, so that transmission path In each TAP configured accordingly based on the configuration flow table of oneself, to complete matching for the transmission path of target data stream It sets, to reach the configuration of data distribution.
After having configured transmission path, SDN controller will record " task name " of this shunting task in the transmission path, Such as be diverted to XX server, and can active TAP ID, the ID of all purposes TAP, wherein the TAP and purpose TAP in source Between, there can be a plurality of transmission path, and SDN controller can select a wherein transmission paths from this plurality of transmission path, Then above-mentioned second configuration flow table is issued to the intermediate TAP in the transmission paths, and SDN controller is from a plurality of transmission path The mode of selection wherein transmission paths can be with are as follows: SDN controller can select path shortest one from a plurality of transmission path Transmission path of the transmission paths as target data stream, or the smallest transmission of selection load from a plurality of transmission path The modes such as transmission path of the path as target data stream.
Wherein, every transmission paths have a task name, that is, correspond to respective data flow, and certainly, a data stream can Can corresponding a plurality of transmission path, and a transmission paths can also transmit a plurality of data flow, thus SDN control recorded data stream with The corresponding relationship of a plurality of transmission path, and being numbered for every transmission paths, for example, the corresponding transmission path of data flow 1 have 1, 2,3, SDN controller is served only for recording which the corresponding transmission path of the data flow has, and when actually carrying out flow table configuration, SDN Controller can only select the TAP of a wherein transmission paths to carry out configuration flow table issuance.
In order to realize the corresponding transmission path of target data stream in failure, target data stream can be switched in time not Transmission path, then can it is above-mentioned configured transmission path after, the SDN controller real-time detection transmission path whether occur therefore Barrier, if the transmission path break down, reselect new transmission path, with based on the configuration parameter to the new transmission Each TAP in path issues the corresponding new configuration flow table of each TAP respectively, so that each TAP is corresponding based on each TAP New configuration flow table carries out new transmission path configuration.
Wherein, new transmission path is selected as other corresponding transmission paths of target data stream for recording in SDN controller In a transmission paths, each TAP in new transmission path is then re-issued into above-mentioned corresponding configuration flow table, with weight New transmission path is newly configured, so that target data stream can carry out continuing to transmit from new transmission path, and then is guaranteed The transmission of target data stream is uninterrupted.
It, can will be on the intermediate TAP of original transmission path in addition, after the original transmission path of target data stream breaks down Configuration flow table deleted, and delete SDN controller record the target data stream and the transmission path corresponding relationship.
It, can be by SDN controller come according to the configuring request of network shunt, to target data so in the present embodiment It flows each TAP in corresponding transmission path and issues corresponding configuration flow table, so that the configuration of transmission path is completed, so that Flow table configuration is simple, not easy to make mistakes, and can carry out flexible flow table configuration according to any demand of user.
Referring to figure 3., Fig. 3 is a kind of structural block diagram of flow table layout device 200 provided by the embodiments of the present application, is run on SDN controller, described device include:
Configuring request obtains module 210, includes target in the configuring request for obtaining the configuring request of network shunt The configuration parameter of multiple network shunt device TAP in the corresponding transmission path of data flow;
Flow table generation module 220 is configured, for being that each TAP generates corresponding configuration flow table based on the configuration parameter, And corresponding configuration flow table is issued respectively to each TAP, so that each TAP is based on corresponding configuration flow table progress transmission path and matches It sets.
Optionally, the multiple TAP includes source TAP, centre TAP and purpose TAP, the configuration flow table generation module 220, It include: the first configuration flow table generation unit, for being that the source TAP generates the first configuration flow table based on the configuration parameter, with So that the source TAP is based on the first configuration flow table and carries out transmission path configuration;Second configuration flow table generation unit, for being based on The configuration parameter is that the intermediate TAP generates the second configuration flow table, so that the intermediate TAP is based on the second configuration flow table Carry out transmission path configuration;Third configures flow table generation unit, for being that purpose TAP generation third is matched based on the configuration parameter Flow table is set, so that the purpose TAP is based on third configuration flow table and carries out transmission path configuration.
Optionally, the first configuration flow table includes that the first copy group generates flow table, truncation group generates flow table and first Execution acts flow table, and the source TAP, which is used to generate flow table based on first copy group, executes duplication operation to received message, The source TAP is used to generate flow table to received message execution information intercept operation based on the truncation group, and the source TAP is used for The message received based on first execution movement flow table docking executes corresponding movement in the first execution movement flow table.
Optionally, the second configuration flow table includes that the second movement executes flow table, and the intermediate TAP is used for based on described the Two movements execute flow table and execute corresponding movement in how many second movement execution flow tables to received message.
Optionally, third configuration flow table includes that timestamp group generates flow table, the second copy group generates flow table and the Three execution act flow table, when the purpose TAP is used to add the execution of received message based on timestamp group generation flow table Between stamp act, the purpose TAP be used for based on second copy group generate flow table to received message execute replication actions, institute It is right in the message execution third execution movement flow table of the purpose TAP for being received based on third execution movement flow table docking to state The movement answered.
Optionally, described device further include: path gravity treatment module, for judging whether the transmission path breaks down; If there is failure, reselect new transmission path, with based on the configuration parameter to every in the new transmission path A TAP issues the corresponding new configuration flow table of each TAP respectively, so that each TAP is based on the corresponding new configuration stream of each TAP Table carries out new transmission path configuration.
Referring to figure 4., Fig. 4 is a kind of structural schematic diagram of SDN controller provided by the embodiments of the present application, the SDN control Device processed may include: at least one processor 410, such as CPU, at least one communication interface 420, at least one processor 430 With at least one communication bus 440.Wherein, communication bus 440 is for realizing the direct connection communication of these components.Wherein, originally Apply for that the communication interface 420 of equipment in embodiment is used to carry out the communication of signaling or data with other node devices.Memory 430 It can be high speed RAM memory, be also possible to non-labile memory (non-volatile memory), for example, at least one A magnetic disk storage.Memory 430 optionally can also be that at least one is located remotely from the storage device of aforementioned processor.Storage Computer-readable instruction fetch is stored in device 430, when the computer-readable instruction fetch is executed by the processor 410, SDN Controller executes method process shown in above-mentioned Fig. 2.
It is apparent to those skilled in the art that for convenience and simplicity of description, the device of foregoing description Specific work process, no longer can excessively be repeated herein with reference to the corresponding process in preceding method.
Pass through in conclusion the embodiment of the present application provides a kind of flow table method of combination, device and SDN controller, this method SDN controller obtains the configuring request of network shunt, includes in the corresponding transmission path of target data stream in the configuring request Multiple network shunt device TAP configuration parameter, being then based on the configuration parameter is that each TAP generates corresponding configuration and flows Table, and corresponding configuration flow table is issued respectively to each TAP, so that each TAP is based on corresponding configuration flow table and carries out transmission road Diameter configuration, so, in the present solution, configuration flow table can be automatically generated based on the configuration parameter in configuring request by SDN controller, And realize issuing automatically for configuration flow table, it is configured from without personnel for each TAP, so that flow table configuration process is simple, It is not easy to make mistakes, improve the convenience for managing and maintaining TAP network.
In several embodiments provided herein, it should be understood that disclosed device and method can also pass through Other modes are realized.The apparatus embodiments described above are merely exemplary, for example, flow chart and block diagram in attached drawing Show the device of multiple embodiments according to the application, the architectural framework in the cards of method and computer program product, Function and operation.In this regard, each box in flowchart or block diagram can represent the one of a module, section or code Part, a part of the module, section or code, which includes that one or more is for implementing the specified logical function, to be held Row instruction.It should also be noted that function marked in the box can also be to be different from some implementations as replacement The sequence marked in attached drawing occurs.For example, two continuous boxes can actually be basically executed in parallel, they are sometimes It can execute in the opposite order, this depends on the function involved.It is also noted that every in block diagram and or flow chart The combination of box in a box and block diagram and or flow chart can use the dedicated base for executing defined function or movement It realizes, or can realize using a combination of dedicated hardware and computer instructions in the system of hardware.
In addition, each functional module in each embodiment of the application can integrate one independent portion of formation together Point, it is also possible to modules individualism, an independent part can also be integrated to form with two or more modules.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) execute each embodiment the method for the application all or part of the steps. And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.It should also be noted that similar label and letter exist Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing It is further defined and explained.
The above, the only specific embodiment of the application, but the protection scope of the application is not limited thereto, it is any Those familiar with the art within the technical scope of the present application, can easily think of the change or the replacement, and should all contain Lid is within the scope of protection of this application.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.

Claims (13)

1. a kind of flow table method of combination, which is characterized in that be applied to SDN controller, which comprises
The configuring request of network shunt is obtained, includes multiple in the corresponding transmission path of target data stream in the configuring request The configuration parameter of network shunt device TAP;
It is that each TAP generates corresponding configuration flow table, and issues corresponding configuration respectively to each TAP based on the configuration parameter Flow table, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration.
2. the method according to claim 1, wherein the multiple TAP includes source TAP, centre TAP and purpose TAP, is that each TAP generates corresponding configuration flow table based on the configuration parameter, and issues respectively to each TAP corresponding Flow table is configured, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration, comprising:
It is that the source TAP generates the first configuration flow table based on the configuration parameter, so that the source TAP is based on first configuration Flow table carries out transmission path configuration;
It is that the intermediate TAP generates the second configuration flow table based on the configuration parameter, so that the intermediate TAP is based on described second It configures flow table and carries out transmission path configuration;
It is that purpose TAP generates third configuration flow table based on the configuration parameter, so that the purpose TAP is configured based on the third Flow table carries out transmission path configuration.
3. according to the method described in claim 2, it is characterized in that, the first configuration flow table includes that the first copy group generates stream Table, truncation group generate flow table and the first execution acts flow table, and the source TAP is used to generate flow table based on first copy group Duplication operation is executed to received message, the source TAP is used to generate flow table based on the truncation group and execute to received message Information interception operation, the source TAP are used to execute described first based on the message that first execution movement flow table docking is received and hold Corresponding movement in flow table is made in action.
4. according to the method described in claim 2, it is characterized in that, the second configuration flow table includes that the second movement executes stream Table, the intermediate TAP are used to be executed flow table the second movements how many to the execution of received message based on second movement and execute stream Corresponding movement in table.
5. according to the method described in claim 2, it is characterized in that, third configuration flow table includes that timestamp group generates stream Table, the second copy group generate flow table and third execution acts flow table, and the purpose TAP is used to generate based on the timestamp group Flow table executes addition timestamp movement to received message, and the purpose TAP is used to generate flow table based on second copy group Replication actions are executed to received message, the purpose TAP is used for the message received based on third execution movement flow table docking Execute corresponding movement in the third execution movement flow table.
6. the method according to claim 1, wherein being that each TAP generation is corresponding based on the configuration parameter Flow table is configured, and issues corresponding configuration flow table respectively to each TAP, so that each TAP is carried out based on corresponding configuration flow table After transmission path configuration, further includes:
Judge whether the transmission path breaks down;
If there is failure, reselect new transmission path, with based on the configuration parameter in the new transmission path Each TAP issue corresponding new configuration flow table respectively so that each TAP is carried out newly based on corresponding new configuration flow table Transmission path configuration.
7. a kind of flow table layout device, which is characterized in that run on SDN controller, described device includes:
Configuring request obtains module, includes target data stream in the configuring request for obtaining the configuring request of network shunt The configuration parameter of multiple network shunt device TAP in corresponding transmission path;
Flow table generation module is configured, each TAP generates corresponding configuration flow table for being based on the configuration parameter, and to each TAP issues corresponding configuration flow table respectively, so that each TAP is based on corresponding configuration flow table and carries out transmission path configuration.
8. device according to claim 7, which is characterized in that the multiple TAP includes source TAP, centre TAP and purpose TAP, the configuration flow table generation module, comprising:
First configuration flow table generation unit, for being source TAP generation the first configuration flow table based on the configuration parameter, so that The source TAP is based on the first configuration flow table and carries out transmission path configuration;
Second configuration flow table generation unit, for being that the intermediate TAP generates the second configuration flow table based on the configuration parameter, with So that the intermediate TAP is based on the second configuration flow table and carries out transmission path configuration;
Third configures flow table generation unit, for being that purpose TAP generation third configures flow table based on the configuration parameter, so that institute It states purpose TAP and is based on third configuration flow table progress transmission path configuration.
9. device according to claim 8, which is characterized in that the first configuration flow table includes that the first copy group generates stream Table, truncation group generate flow table and the first execution acts flow table, and the source TAP is used to generate flow table based on first copy group Duplication operation is executed to received message, the source TAP is used to generate flow table based on the truncation group and execute to received message Information interception operation, the source TAP are used to execute described first based on the message that first execution movement flow table docking is received and hold Corresponding movement in flow table is made in action.
10. device according to claim 8, which is characterized in that the second configuration flow table includes that the second movement executes stream Table, the intermediate TAP are used to be executed flow table the second movements how many to the execution of received message based on second movement and execute stream Corresponding movement in table.
11. device according to claim 8, which is characterized in that the third configuration flow table includes that timestamp group generates stream Table, the second copy group generate flow table and third execution acts flow table, and the purpose TAP is used to generate based on the timestamp group Flow table executes addition timestamp movement to received message, and the purpose TAP is used to generate flow table based on second copy group Replication actions are executed to received message, the purpose TAP is used for the message received based on third execution movement flow table docking Execute corresponding movement in the third execution movement flow table.
12. device according to claim 7, which is characterized in that described device further include:
Path gravity treatment module, for judging whether the transmission path breaks down;If there is failure, new biography is reselected Defeated path, to issue corresponding new configuration respectively to each TAP in the new transmission path based on the configuration parameter Flow table, so that each TAP carries out new transmission path configuration based on corresponding new configuration flow table.
13. a kind of SDN controller, which is characterized in that including processor and memory, the memory is stored with computer can Instruction is read, when the computer-readable instruction fetch is executed by the processor, operation side as described in claim 1-6 is any Step in method.
CN201811338191.7A 2018-11-09 2018-11-09 Flow table arranging method and device and SDN controller Active CN109510777B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811338191.7A CN109510777B (en) 2018-11-09 2018-11-09 Flow table arranging method and device and SDN controller

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811338191.7A CN109510777B (en) 2018-11-09 2018-11-09 Flow table arranging method and device and SDN controller

Publications (2)

Publication Number Publication Date
CN109510777A true CN109510777A (en) 2019-03-22
CN109510777B CN109510777B (en) 2022-02-22

Family

ID=65748018

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811338191.7A Active CN109510777B (en) 2018-11-09 2018-11-09 Flow table arranging method and device and SDN controller

Country Status (1)

Country Link
CN (1) CN109510777B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110896380A (en) * 2019-11-28 2020-03-20 迈普通信技术股份有限公司 Flow table screening method and device, electronic equipment and readable storage medium
CN112039773A (en) * 2020-09-23 2020-12-04 迈普通信技术股份有限公司 Shunting method, device, system, network equipment and computer readable storage medium
CN112511349A (en) * 2020-11-27 2021-03-16 湖南新海讯光电有限公司 Configuration method and system of network splitter
CN113037542A (en) * 2021-02-24 2021-06-25 广州市品高软件股份有限公司 Cloud network topology construction method based on software defined network

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257496A (en) * 2006-11-13 2008-09-03 华为技术有限公司 Method and system for acquiring allocating information
CN101515881A (en) * 2008-02-21 2009-08-26 华为技术有限公司 Method, device and system for transmitting initial configuration information of access point equipment
CN103534992A (en) * 2012-03-14 2014-01-22 华为技术有限公司 Method, switch, server, and system for transmitting an establish connection request
US20140350737A1 (en) * 2013-05-24 2014-11-27 Judd Goodman Optimized hydromodification management with active stormwater controls
CN105468664A (en) * 2015-05-12 2016-04-06 北京众标网络科技有限公司 Information acquisition method and apparatus
CN105897465A (en) * 2016-03-30 2016-08-24 杭州华三通信技术有限公司 Equipment configuration method and apparatus
CN107547242A (en) * 2017-05-24 2018-01-05 新华三技术有限公司 The acquisition methods and device of VM configuration informations
CN107689977A (en) * 2016-08-05 2018-02-13 厦门雅迅网络股份有限公司 Distributed caching and the method for routing and its system of push
CN107820262A (en) * 2016-09-13 2018-03-20 华为技术有限公司 Method for parameter configuration, apparatus and system
CN108023773A (en) * 2017-12-07 2018-05-11 锐捷网络股份有限公司 A kind of method and configuration server realized network equipment zero configuration and reached the standard grade

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101257496A (en) * 2006-11-13 2008-09-03 华为技术有限公司 Method and system for acquiring allocating information
CN101515881A (en) * 2008-02-21 2009-08-26 华为技术有限公司 Method, device and system for transmitting initial configuration information of access point equipment
CN103534992A (en) * 2012-03-14 2014-01-22 华为技术有限公司 Method, switch, server, and system for transmitting an establish connection request
US20140350737A1 (en) * 2013-05-24 2014-11-27 Judd Goodman Optimized hydromodification management with active stormwater controls
CN105468664A (en) * 2015-05-12 2016-04-06 北京众标网络科技有限公司 Information acquisition method and apparatus
CN105897465A (en) * 2016-03-30 2016-08-24 杭州华三通信技术有限公司 Equipment configuration method and apparatus
CN107689977A (en) * 2016-08-05 2018-02-13 厦门雅迅网络股份有限公司 Distributed caching and the method for routing and its system of push
CN107820262A (en) * 2016-09-13 2018-03-20 华为技术有限公司 Method for parameter configuration, apparatus and system
CN107547242A (en) * 2017-05-24 2018-01-05 新华三技术有限公司 The acquisition methods and device of VM configuration informations
CN108023773A (en) * 2017-12-07 2018-05-11 锐捷网络股份有限公司 A kind of method and configuration server realized network equipment zero configuration and reached the standard grade

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周文俊,李春建,王 良,叶灵君,张君泉: "分层分区的馈线自动化配置方案研究", 《电力系统保护与控制》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110896380A (en) * 2019-11-28 2020-03-20 迈普通信技术股份有限公司 Flow table screening method and device, electronic equipment and readable storage medium
CN112039773A (en) * 2020-09-23 2020-12-04 迈普通信技术股份有限公司 Shunting method, device, system, network equipment and computer readable storage medium
CN112511349A (en) * 2020-11-27 2021-03-16 湖南新海讯光电有限公司 Configuration method and system of network splitter
CN112511349B (en) * 2020-11-27 2022-06-14 湖南新海讯光电有限公司 Configuration method and system of network splitter
CN113037542A (en) * 2021-02-24 2021-06-25 广州市品高软件股份有限公司 Cloud network topology construction method based on software defined network

Also Published As

Publication number Publication date
CN109510777B (en) 2022-02-22

Similar Documents

Publication Publication Date Title
CN109510777A (en) Flow table method of combination, device and SDN controller
US10686671B1 (en) Methods, systems, and computer readable media for testing network elements of an in-band network telemetry capable network
US10700958B2 (en) Network management system with traffic engineering for a software defined network
US10187321B2 (en) Dynamic VPN policy model with encryption and traffic engineering resolution
CN106100999B (en) Image network flow control methods in a kind of virtualized network environment
CN105765926B (en) Configurable service broker&#39;s mapping method, device and storage medium
CN106130796B (en) SDN network topology traffic visualization monitoring method and control terminal
CN104253767B (en) A kind of implementation method of virtual burst network and a kind of interchanger
CN108055207A (en) A kind of network topology cognitive method and device
CN107222353A (en) The unrelated software defined network virtual management platform of supported protocol
US9674045B2 (en) Methods, systems, and computer readable media for modeling packet technology services using a packet virtual network (PVN)
CN106487558B (en) A kind of method and apparatus for realizing the scalable appearance of access device
CN103840976B (en) Communication means, light device and the network equipment
CN111130980B (en) Method and apparatus for implementing a combined virtual private network VPN
CN106375105B (en) A kind of method, controller, interchanger and the system of determining path failure
CN104092684B (en) A kind of OpenFlow agreements support VPN method and apparatus
CN107409069A (en) Network, which is alleviated in DDOS, manages Service control
CN106452915B (en) Method and device for discovering MPLS VPN network topology
CN106713050A (en) Network topology display method and device
CN106569950A (en) Network management software testing system and network management software testing method
CN105391601B (en) A kind of performance test methods and system of Network Management Equipment
JP2015528650A (en) Information processing apparatus, construction method, communication system, and program
CN101330411B (en) Method and system for simulating large-scale network topological
CN110035012A (en) VPN traffic scheduling method based on SDN and the VPN flow scheduling system based on SDN
JP6299753B2 (en) Control device, control method, communication system, and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant