CN109525518B - IP message network address conversion method and device based on FPGA - Google Patents

IP message network address conversion method and device based on FPGA Download PDF

Info

Publication number
CN109525518B
CN109525518B CN201811592943.2A CN201811592943A CN109525518B CN 109525518 B CN109525518 B CN 109525518B CN 201811592943 A CN201811592943 A CN 201811592943A CN 109525518 B CN109525518 B CN 109525518B
Authority
CN
China
Prior art keywords
message
cell
port
cell unit
current
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811592943.2A
Other languages
Chinese (zh)
Other versions
CN109525518A (en
Inventor
李文军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Wuxin Technology Co ltd
Original Assignee
Beijing Wuxin Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Wuxin Technology Co ltd filed Critical Beijing Wuxin Technology Co ltd
Priority to CN201811592943.2A priority Critical patent/CN109525518B/en
Publication of CN109525518A publication Critical patent/CN109525518A/en
Application granted granted Critical
Publication of CN109525518B publication Critical patent/CN109525518B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/90Buffering arrangements
    • H04L49/9057Arrangements for supporting packet reassembly or resequencing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/50Queue scheduling
    • H04L47/62Queue scheduling characterised by scheduling criteria
    • H04L47/622Queue service order
    • H04L47/6225Fixed service order, e.g. Round Robin
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention discloses an IP message network address conversion method and device based on an FPGA. The method is applied to a programmable logic device and comprises the following steps: receiving IP messages in parallel through an Ethernet port and respectively cutting the IP messages into cell units; analyzing the message of the first cell to obtain IP message attribute information, and storing the cells belonging to the same IP message in a message cache region according to ports; adopting a port polling scheduling mechanism, sequentially acquiring a cell unit corresponding to one port in a message buffer area as a current cell unit, and assembling the current cell unit according to the type of the current cell unit; and when all the cell units corresponding to one IP message are determined to be assembled, forwarding the IP message through a port corresponding to the IP message. According to the technical scheme of the embodiment of the invention, the network address conversion is carried out on the IP message through the FPGA, so that the processing speed and the universality are improved.

Description

IP message network address conversion method and device based on FPGA
Technical Field
The embodiment of the invention relates to the technical field of network communication, in particular to an IP message network address conversion method and device based on an FPGA.
Background
With the continuous development of communication technology, the number of computers used is rapidly increasing, and a problem of space exhaustion of an IP address (Internet protocol address) arises. Network address translation techniques may enable private networks to access public networks, which helps to slow down the exhaustion of the available IP address space by using a small number of public IP addresses to represent a larger number of private IP addresses.
When there is a need for confidentiality or an internal IP address of a Network cannot be used in an external Network, a Network switching device needs to perform Network address translation of an IP packet, and in the prior art, Network address translation of an IP packet is mainly implemented by a Network Processor (NP) and a host, but many common devices in the market do not include a Network Processor at present, and a device including a Network Processor is used at a high cost, so that a client group using a device including a Network Processor to perform Network address translation is relatively few, and thus the method has no universality. For a device that does not include a dedicated network processor, a common method is to implement network address translation of an IP packet by using a multi-core CPU (Central Processing Unit), but this traditional CPU hardware scheme that performs network address translation by using a multi-core CPU needs to process a large number of instructions, which is slow in Processing speed and makes the Processing of the whole system complex.
Disclosure of Invention
The embodiment of the invention provides an IP message network address conversion method and device based on an FPGA (Field-Programmable Gate Array), which can realize the rapid and effective network address conversion of an IP message through the FPGA.
In a first aspect, an embodiment of the present invention provides an IP packet network address translation method based on an FPGA, which is applied to a programmable logic device, and includes:
receiving a plurality of IP messages in parallel through a plurality of Ethernet ports, and respectively segmenting each received IP message into a plurality of cell units, wherein a first cell unit in the IP messages comprises IP message attribute information;
performing message analysis on each first cell to obtain IP message attribute information corresponding to the first cell, and correspondingly storing the first cell and other cells belonging to the same IP message with the first cell in a message cache region according to ports;
adopting a port polling scheduling mechanism, sequentially acquiring a cell corresponding to a port in a message buffer area as a current cell, and adopting a corresponding processing mode to carry out cell assembly processing on the current cell according to the type of the current cell;
and when all the cell units corresponding to one IP message are determined to be assembled, forwarding the IP message through a port corresponding to the IP message.
Optionally, according to the type of the current cell, performing cell assembly processing on the current cell by adopting a corresponding processing manner, including:
if the current cell is the first cell, performing message analysis on the current cell, performing network address conversion on the IP message attribute information obtained by analysis to obtain new IP message attribute information, rewriting the new IP message attribute information into the current cell, and constructing an assembled message structure according to the current cell; and if the current cell is not the first cell, adding the current cell to the tail part of the assembled message structure matched with the current cell.
Optionally, a port polling scheduling mechanism is adopted, and a cell unit corresponding to one port is sequentially obtained in the message buffer area as a current cell unit, which specifically includes:
when a port polling scheduling mechanism is adopted to determine to poll a target port, detecting whether a scheduling control instruction matched with the target port is received;
if so, acquiring a cell unit corresponding to the target port in the message cache area as a current cell unit;
and the scheduling control instruction is generated when the message buffer corresponding to the currently scheduled target port is not empty.
Optionally, after the first cell and other cells belonging to the same IP packet as the first cell are stored in the packet buffer according to the port correspondence, the method further includes:
after determining that all the cell units corresponding to the same IP message are cached in the message cache region, determining that the cell units corresponding to the IP message participate in port polling scheduling.
Optionally, the performing network address conversion on the IP packet attribute information obtained through analysis to obtain new IP packet attribute information, and rewriting the new IP packet attribute information into the current cell includes:
matching the analyzed IP message attribute information with a network address translation table, and if the matching is successful, acquiring the converted IP message attribute information corresponding to the IP message attribute information according to the matching result and writing the converted IP message attribute information into the current cell;
wherein, the attribute information of the IP message comprises: new IP information, new TCP (Transmission Control Protocol)/UDP (User Datagram Protocol) port information, a new IP checksum, and a new TCP/UDP checksum;
if the matching fails, setting the value of the Ethernet type parameter in the current cell unit as a target value, and returning the message data in the current cell unit to a network switching chip;
the target value in the ethernet type parameter is used to notify a network switching chip connected to the FPGA through the ethernet interface to add a network address translation table entry corresponding to the IP packet attribute information of the current cell unit in a network address translation table of the FPGA.
Optionally, the obtaining, by using a port polling scheduling mechanism, a cell unit corresponding to one port in the packet buffer area in sequence as a current cell unit includes:
polling ports according to the number of the port cell units, if the number of the port cell units of the current port is not 0, scheduling a cell unit from the current port, otherwise, not scheduling the cell unit by the current port, and continuously polling the next port;
when one cell is stored in the message buffer area according to the port correspondence, the number of the port cell of the port is added with 1, and when one cell of the port is dispatched out of the message buffer area, the number of the port cell of the port is subtracted with 1.
Optionally, before receiving a plurality of IP packets in parallel through a plurality of ethernet ports, the method further includes:
confirming an expected bandwidth of network address conversion, and calculating a bit width parameter of a cell unit, a working clock frequency parameter of an FPGA and a message buffer area according to the expected bandwidth;
the message buffer area includes an internal RAM (Random Access Memory) of the FPGA and an external DDR (Double Data Rate SDRAM).
Optionally, the storing, in the message buffer, the first cell and other cells that belong to the same IP packet as the first cell according to port correspondence includes:
storing the first cell unit into a message cache region of a corresponding port;
acquiring an idle pointer from an idle pointer linked list by other cell units belonging to the same IP message with the first cell unit, and connecting the idle pointer to a cell unit pointer linked list of a corresponding port in series;
and the first pointer in the cell unit pointer linked list points to the storage position of the first cell unit in the message buffer area of the corresponding port.
Optionally, the segmenting the received IP packets into a plurality of cell units respectively includes:
acquiring a port as a target port according to the port sequence;
and when detecting that the plurality of cell units are all stored in the message cache region corresponding to the target port, returning to execute the operation of acquiring a port as the target port according to the port sequence until the processing ending condition is met.
In a second aspect, an embodiment of the present invention further provides an IP packet network address translation apparatus based on an FPGA, which is applied to a programmable logic device, and includes:
the receiving and dividing module is used for receiving a plurality of IP messages in parallel through a plurality of Ethernet ports and dividing each received IP message into a plurality of cell units respectively, wherein the first cell unit in the IP messages comprises IP message attribute information;
the analysis storage module is used for carrying out message analysis on each first cell unit to obtain IP message attribute information corresponding to the first cell unit, and correspondingly storing the first cell unit and other cell units which belong to the same IP message with the first cell unit into a message cache region according to ports;
the scheduling processing module is used for sequentially acquiring a cell unit corresponding to one port in a message buffer area as a current cell unit by adopting a port polling scheduling mechanism, and performing cell unit assembly processing on the current cell unit by adopting a corresponding processing mode according to the type of the current cell unit;
and the forwarding module is used for forwarding the IP message through a port corresponding to the IP message when all the cell units corresponding to the IP message are determined to be assembled.
According to the embodiment of the invention, the received IP message is divided into the plurality of cell units in the FPGA, only the first cell unit containing the IP attribute information is subjected to message analysis, network address translation table matching and message information modification, and then the first cell unit and other cell units belonging to the same IP message are combined again and forwarded, so that the problems of low processing speed and poor universality when the IP message is subjected to network address translation by the existing multi-CPU processing technology are solved by fully developing the hardware function of the FPGA, and the effects of improving the processing speed and the universality are realized on the basis of reducing the implementation cost.
Drawings
Fig. 1 is a flowchart of an IP packet network address translation method based on FPGA according to an embodiment of the present invention;
fig. 2a is a flowchart of an IP packet network address translation method based on FPGA according to a second embodiment of the present invention;
FIG. 2b is a schematic diagram of an interface to which the method of the embodiment of the present invention is applied;
FIG. 2c is a diagram of a specific functional structure of an FPGA to which the method of the embodiment of the present invention is applied;
fig. 3 is a schematic structural diagram of an IP packet network address translation device based on an FPGA according to a third embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of an IP packet network address translation method based on FPGA according to an embodiment of the present invention, where the embodiment of the present invention is applicable to a case where a programmable logic device performs network address translation on an IP packet, and the method may be executed by a network address translation device, and the device may be implemented by hardware, and may be generally applied to FPGA. Specifically, referring to fig. 1, the method may include the steps of:
step 110, receiving a plurality of IP packets in parallel through a plurality of ethernet ports, and dividing each received IP packet into a plurality of cell units.
The ethernet port may specifically include: the gigabit interface supporting the functions of SGMII, 1000-BaseX and ethernet MAC (Media Access Control), generally, is an FPGA embedded IP. The ethernet port may be specifically configured to: and analyzing the Ethernet protocol, and receiving the IP message sent by the network switching chip.
Optionally, the field Programmable gate array FPGA is a choice of the Programmable logic device in the embodiment of the present invention, and may further include other Programmable logic devices such as an EPLD (erasable Programmable logic device).
Specifically, the FPGA is connected to the network switch chip through the ethernet port to receive the IP packet sent by the network switch chip, and in order to meet the system requirements, a plurality of groups of ethernet ports are arranged between the FPGA and the network switch chip according to the maximum interface performance of the network chip and the FPGA interface rate and processing performance, and receive a plurality of IP packets in parallel. The IP message is an IP message to be forwarded by the network switch chip, and is matched and redirected to the FPGA connected to the ethernet port of the network switch chip through an Access Control List (ACL) of the network switch chip, and the FPGA performs high-bandwidth network address conversion on the IP message through the logic circuit, and then forwards the IP message to the network switch chip through the ethernet port corresponding to the IP message in the FPGA for subsequent processing.
In this embodiment, the FPGA receives a plurality of IP packets in parallel through a plurality of ethernet ports, sequentially segments each received IP packet into a plurality of cell units according to the port order, and operates the IP packets in the form of the cell units. Specifically, the IP packet is operated in the form of a cell unit, so that the IP packet can be stored in the cache area more flexibly, the utilization rate of the cache area is improved, and the waste of the cache area is reduced.
Optionally, according to the maximum interface performance of the network switch chip, the FPGA interface rate, and the processing performance, multiple groups of ethernet ports are arranged between the FPGA and the network switch chip, and the multiple IP packets are received in parallel, which may specifically include: the bandwidth required by the network address conversion is 4G, the processing interface performance of the network switching chip is 64G, and 4 groups of Ethernet ports are required to be provided by the FPGA for realizing the 4G bandwidth of the network address conversion, so that the network switching chip is required to provide 4 groups of Ethernet ports to be connected with the 4 groups of Ethernet ports of the FPGA, and the FPGA can receive IP messages forwarded by the 4 network switching chips in parallel through the 4 groups of Ethernet ports.
Specifically, the segmenting each received IP packet into a plurality of cell units may specifically include: determining the size of each cell unit according to the actual bandwidth required by network address conversion and the working clock frequency of the FPGA, and cutting the IP message into a plurality of cell units with fixed sizes from the head of the IP message, wherein the size of each cell unit at least can comprise three-layer header information and four-layer header information of the IP message. Optionally, each received IP packet is segmented into cell units with a size of 96B, and then the IP packet is processed in the form of the cell units, where the size of each cell unit may be adjusted according to the actual bandwidth required by network address conversion and the operating clock frequency of the FPGA.
And 120, analyzing the messages of each cell unit to obtain IP message attribute information corresponding to the cell unit, and correspondingly storing all the cell units belonging to the same IP message in a message cache region according to ports.
The first cell corresponding to each IP packet includes packet attribute information of the IP packet, that is, three-layer header information and four-layer header information of the IP packet. The three-layer header information of the IP message mainly comprises the length of the IP message, a fragment mark, source IP information, destination IP information, ID information and OFFSET information; the four-layer header information of the IP packet mainly contains port information of TCP and UDP. In this embodiment, after dividing each received IP packet into a plurality of cell units, the FPGA analyzes each cell unit according to the packet format to obtain packet attribute information of the IP packet corresponding to each cell unit, so as to perform subsequent network address conversion processing.
In order to store the IP message in the buffer area in the form of a cell unit, the FPGA maintains an idle pointer linked list and a cell pointer linked list according to ports in the buffer area. Optionally, each port corresponds to one cell pointer linked list, a storage address of a cell corresponding to the current port is stored in the linked list, the storage address points to a storage location of a cell message in the message buffer, and storage addresses of different cells in the same cell pointer linked list are randomly applied in the message buffer, so that an effect that messages of all ports share the message buffer is achieved, and memory consumption is reduced. Specifically, the storing the first cell and other cells belonging to the same IP packet as the first cell in the packet buffer according to the port correspondence may include: storing the first cell into a message buffer area corresponding to a cell pointer linked list of a corresponding port; after the first cell is stored in the message buffer area, other cell units belonging to the same IP message with the first cell apply for the idle pointer from the idle pointer chain table, and store the cell message in the idle pointer to be connected in series behind the cell unit pointer chain table of the corresponding port. The FPGA maintains the cell pointer linked list of the corresponding port, and links all the cells belonging to the same IP message to the cell pointer linked list of the corresponding port.
Optionally, in order to avoid packet loss, each ethernet port in the FPGA sets a RAM with a fixed size in the packet buffer as a temporary buffer, for example, each ethernet port sets a RAM with a size of 4 cells as a temporary buffer, when a cell originally stored in the packet buffer is not processed, a new cell needs to be stored in the packet buffer corresponding to the port, and at this time, the new cell can be stored in the temporary buffer corresponding to the port, so as to avoid packet loss.
And step 130, adopting a port polling scheduling mechanism, sequentially obtaining a cell corresponding to one port in the message buffer area as a current cell, and performing cell assembly processing on the current cell by adopting a corresponding processing mode according to the type of the current cell.
Optionally, the FPGA employs a port polling scheduling mechanism, sequentially obtains a cell to be scheduled corresponding to one port in the message buffer area according to the port order as a current cell, and performs cell assembly processing on the current cell by using a corresponding processing mode according to the type of the current cell. The port polling scheduling mechanism indicates that after the scheduling of the current cell of one port is completed, the next port is polled, and a cell to be scheduled is selected from the next port to be used as the current cell, and the cell assembly processing is carried out on the current cell.
Optionally, when the cell unit is scheduled by using the port polling scheduling mechanism, because it takes 16 cycles to complete scheduling of one cell unit, the network switch chip provides 4 groups of ethernet ports to connect with 4 groups of ethernet ports of the FPGA, and each ethernet port polls once every 48 cycles, for example, if the currently scheduled cell unit is the cell unit in the port 1, after 16 cycles, the cell unit is scheduled, and one cell unit is selected from the port 2 for scheduling, so 4 ports are polled in sequence, one cell unit is scheduled from each port, and after the 4 scheduling cycles, the cell unit is polled to the port 1 again, that is, each port polls once every 48 cycles.
When the cell is scheduled, the cell assembly processing needs to be performed on the cell, and since the message attribute information of the IP message is only contained in the first cell of the IP message, the cell assembly processing performed on the IP message is also mainly performed on the first cell, the cell assembly processing performed on the first cell and the cell assembly processing performed on the non-first cell belonging to the same IP message are different. Optionally, according to the type of the current cell, performing cell assembly processing on the current cell by using a corresponding processing manner may specifically include: and judging whether the current cell is the first cell, if so, performing message analysis, network address conversion, message information modification and message reassembly operation on the current cell, and if not, directly performing message reassembly operation on the current cell.
Optionally, only after determining that all cell units corresponding to the same IP packet are buffered in the packet buffer area of the corresponding port, the cell unit corresponding to the IP packet may participate in port polling scheduling.
And 140, when all the cell units corresponding to one IP message are determined to be assembled, forwarding the IP message through a port corresponding to the IP message.
When all cell units corresponding to one IP message are reassembled into a complete IP message, the FPGA sends the reassembled IP message to the network switching chip through the Ethernet port corresponding to the IP message, so that the network switching chip performs subsequent processing on the reassembled IP message.
According to the embodiment of the invention, the received IP message is divided into the plurality of cell units in the FPGA, only the first cell unit containing the IP attribute information is subjected to message analysis, network address conversion table matching and message information modification, and then the first cell unit and other cell units belonging to the same IP message are combined again and forwarded, so that the problems of low processing speed and poor universality when the IP message is subjected to network address conversion by the existing multi-CPU processing technology are solved by fully developing the hardware function of the FPGA, and the effects of improving the processing speed and the universality are realized on the basis of reducing the implementation cost.
Example two
Fig. 2a is a flowchart of an IP packet network address translation method based on FPGA according to a second embodiment of the present invention, which may be combined with various alternatives in one or more of the above embodiments. Specifically, referring to fig. 2a, the method may include the steps of:
step 210, confirming parameters required by network address translation.
In this embodiment, in order to implement network address translation with high bandwidth and improve the processing speed of an IP packet, firstly, the bandwidth required for network address translation is determined according to the overall system requirement, and the bit width parameter of a cell unit, the operating clock frequency parameter of an FPGA, and the size of a packet buffer are calculated according to the required bandwidth; the cell width parameter of the cell determines the size of the cell forming the IP packet, the working clock frequency parameter of the FPGA refers to the frequency of a system master clock of the digital circuit based on the FPGA, which may affect the size of the cell, and the packet buffer may include an internal RAM of the FPGA and an external DDR, which are used to store the IP packet in the form of the cell.
Optionally, the performance of the processing interface of the network switch chip is 64G, and the bandwidth required by the network address translation is 4G, the network switch chip is required to provide 4 groups of ethernet interfaces to connect with 4 groups of ethernet interfaces of the FPGA, so as to implement the 4G bandwidth required by the network address translation. As shown in fig. 2b, if the network switch chip is embedded in the CPU, a set of SPI (Serial Peripheral Interface) slave interfaces needs to be provided to connect with the FPGA as a network address translation table and an internal register management Interface. The SPI is a high-speed, full-duplex, synchronous communication bus, which is divided into a master (master) mode and a slave (slave) mode when applied, and is generally used for short-distance communication.
Step 220, dividing each received IP packet into a plurality of cell units.
In this embodiment, after a plurality of IP packets are received in parallel through a plurality of ethernet ports, the received IP packets are sequentially divided into a plurality of fixed-length cell units according to the port order. And only after all the cell units corresponding to the IP message received by the current port are stored in the message cache region corresponding to the current port, the IP message received by the next port is cut into a plurality of fixed-length cell units.
And step 230, analyzing the messages of each cell unit, and correspondingly storing all the cell units belonging to the same IP message in a message cache region according to ports.
And step 240, adopting a port polling scheduling mechanism to schedule the cell units according to the number of the port cell units and the scheduling control instruction.
The scheduling of the cell units according to the number of the cell units and the scheduling control instruction by using the port polling scheduling mechanism may include: polling ports according to the port sequence, and according to the number of the port cell units corresponding to the currently polled port and the scheduling control instruction, sequentially acquiring a cell unit corresponding to the currently polled port in the message buffer area as a current cell unit, and performing scheduling processing on the current cell unit.
Optionally, obtaining a cell unit corresponding to the port in the message buffer area as the current cell unit according to the number of the port cell units corresponding to the currently polled port may specifically include: if the number of the port cell units corresponding to the currently polled port is not 0, acquiring a cell unit from a message buffer area corresponding to the current port as the current cell unit, and performing scheduling processing on the cell unit, otherwise, not performing cell unit scheduling on the current port, and continuously polling the next port. When one cell is stored in the message buffer area corresponding to a port, the number of the port cell corresponding to the port is increased by 1, and when one cell corresponding to one port is dispatched out of the message buffer area corresponding to the port, the number of the port cell corresponding to the port is decreased by 1.
Optionally, when the port polling scheduling mechanism is adopted to poll the target port again, it is detected whether a scheduling control instruction matched with the target port is received, if the scheduling control instruction matched with the target port is received, a cell unit corresponding to the target port is obtained in the message buffer area as a current cell unit, and the current cell unit is scheduled when the current port is scheduled next time. If the scheduling control instruction matched with the target port is not received, the cell unit to be scheduled at present of the target port can be directly scheduled and is scheduled without waiting. The scheduling control instruction is generated when a message buffer corresponding to a currently scheduled target port is not empty, which indicates that a previous cell unit has not completed cell unit assembly processing, the current cell unit of the target port cannot be scheduled immediately, and the cell unit assembly processing is performed on the current cell unit when the next round of scheduling to the target port is required.
And step 250, performing cell assembly processing on the current cell by adopting a corresponding processing mode according to the type of the current cell.
In this embodiment, since the non-first cell unit of the IP packet does not include the three-layer header information and the four-layer header information of the IP packet, the first cell unit and the non-first cell unit of the same IP packet are processed in different manners. Optionally, when scheduling the current cell, first determining whether the current cell is a first cell corresponding to the IP packet, if the current cell is the first cell, performing packet parsing on the current cell according to a packet format, performing network address conversion processing on packet attribute information of the IP packet obtained through parsing to obtain new IP packet attribute information, rewriting the new IP packet attribute information into the current cell, and constructing an assembled packet structure according to the current cell; and if the current cell is not the first cell, directly adding the current cell at the tail part of the assembled message structure matched with the current cell.
Optionally, the network address conversion processing is performed on the message attribute information of the IP message obtained through analysis, so as to obtain new IP message attribute information, and the new IP message attribute information is rewritten into the current cell, which may specifically include: matching the analyzed IP message attribute information with a network address translation table, if the matching is successful, obtaining the IP message attribute information corresponding to the IP message attribute information, and rewriting the IP message attribute information into the current cell; if the matching fails, setting the value of the Ethernet type parameter in the current cell as a target value, returning the message data in the current cell to the network switching chip, reporting the message in the current cell to the CPU after the network switching chip confirms that the network address conversion of the currently received message fails, and reestablishing and updating a network address conversion table by the CPU, so that the message in the current cell can be successfully subjected to the network address conversion. Wherein, converting the IP packet attribute information may include: new IP information, new TCP/UDP port information, new IP checksum and new TCP/UDP checksum.
Optionally, the target value in the ethernet type parameter may be set to 0, and is used to notify that no entry corresponding to the current cell exists in the network address translation table of the network switch chip connected to the FPGA through the ethernet interface, and the network switch chip is required to add a network address translation entry corresponding to the IP packet attribute information of the current cell in the network address translation table of the FPGA.
Fig. 2c is a specific functional structure diagram of an FPGA to which the method according to the embodiment of the present invention is applied, specifically, as shown in fig. 2 c:
the message segmentation cell module receives IP message data0, data1, data2 and data3 from 4 Ethernet interfaces respectively, segments the received 4-path IP message data into a plurality of fixed-length cell units according to the sequence of Ethernet ports respectively, and sends the segmented cell units to the message header analysis module 1. After receiving a cell unit of an IP packet segmentation corresponding to a current port sent by a packet segmentation cell module, a packet header analysis module 1 performs packet analysis on the received first cell unit to obtain three-layer header information and four-layer header information of the IP packet corresponding to the current port, and sends the obtained header information of the IP packet and the corresponding cell unit to a packet cache management module for caching.
After receiving the header information of the IP packet corresponding to the current port and the corresponding cell unit sent by the packet header parsing module 1, the packet buffer management module finds a storage location of the first cell unit in the cell pointer linked list of the current port, stores the first cell unit in the storage location of the packet buffer area, and initializes the number of the cell units of the port corresponding to the current port to 1. After the first cell is stored in the message buffer area of the corresponding port, other cells belonging to the same IP message as the first cell are sequentially connected with the idle pointer list through acquiring the idle pointer from the idle pointer list and are connected in series to the back of the cell pointer list where the first cell is located, and meanwhile, the number of the cell units of the port corresponding to the current port is increased by 1 when a non-first cell is stored. And after the IP message data corresponding to the current port is stored, storing the number of the port cell units corresponding to the current port into a control information storage area.
After all the cell units of the IP packet corresponding to the current port are stored in the packet buffer area, on one hand, the packet segmentation cell module continues to perform cell unit segmentation on the IP packet data corresponding to the next port according to the port sequence, and on the other hand, the cell unit of the IP packet corresponding to the current port starts to participate in cell unit scheduling.
The message cache management module acquires a port as a target port according to the port sequence, judges whether the number of port cell units corresponding to the target port is 0, if the number of the port cell units corresponding to the target port is 0, indicates that no cell unit which can be scheduled exists in a message cache region corresponding to the target port, does not schedule the cell unit at the target port, and continues to select the next port as the target port; if the number of the port cell units corresponding to the target port is greater than 0, it is indicated that a cell unit capable of being scheduled exists in a message cache region corresponding to the target port, at this time, whether a scheduling control instruction matched with the target port is received is detected, if the scheduling control instruction matched with the target port is received, the cell unit corresponding to the target port is obtained in the message cache region and serves as a current cell unit, and the current cell unit is scheduled when the target port is scheduled next time. If the scheduling control instruction matched with the target port is not received, directly scheduling the cell unit to be scheduled at present of the target port, and meanwhile, when the message cache management module schedules a cell unit from the message cache region, reducing the number of the port cell units corresponding to the target port in the control information storage region by 1.
The message cache management module judges whether the current cell is the first cell corresponding to the IP message, if the current cell is the first cell, the current cell is sent to the message header analysis module 2, the message header analysis module 2 analyzes the current cell to obtain the message header information of the IP message, and sends the current cell and the message header information of the IP message obtained by analysis to the network address translation table lookup module, the network address translation table lookup module matches the analyzed IP message header information with the network address translation table, if the matching is successful, the converted IP message header information corresponding to the IP message header information is obtained, and the converted IP message header information and the current cell are sent to the first cell editing module, the first cell editing module re-writes the converted IP message header information into the current cell, and sends the modified current cell to the cell recombination message module, the cell restructuring message module constructs an assembled message structure according to the current cell; if the matching of the analyzed IP message header information and the network address translation table fails, the first cell editing module sets the value of the Ethernet type parameter in the current cell as a target value and returns the message data in the current cell to the network switching chip, the network switching chip reports the message in the current cell to the CPU after confirming that the network address translation of the currently received message fails, and the CPU reestablishes and updates the network address translation table, so that the message in the current cell can successfully perform the network address translation; if the current cell is not the first cell, the message cache management module directly sends the current cell to a cell reassembly message module, and the cell reassembly message module adds the current cell to the tail of the assembled message structure matched with the current cell.
When all the cell units corresponding to one IP message are assembled, the cell recombination message module forwards the IP message through the port corresponding to the IP message.
According to the embodiment of the invention, the received IP message is divided into the plurality of cell units in the FPGA, only the first cell unit containing the IP attribute information is subjected to message analysis, network address conversion table matching and message information modification, and then the first cell unit and other cell units belonging to the same IP message are combined again and forwarded, so that the problems of low processing speed and poor universality when the IP message is subjected to network address conversion by the existing multi-CPU processing technology are solved by fully developing the hardware function of the FPGA, and the effects of improving the processing speed and the universality are realized on the basis of reducing the implementation cost.
EXAMPLE III
Fig. 3 is a schematic structural diagram of an IP packet network address translation device based on an FPGA according to a third embodiment of the present invention, which is applicable to a situation where a received IP packet is segmented into a plurality of cells in the FPGA, and a first cell is subjected to packet parsing, network address translation table matching, and packet information modification, so as to perform network address translation on the IP packet. As shown in fig. 3, the network address translation apparatus, applied to an FPGA, includes:
a receiving and dividing module 310, configured to receive multiple IP packets in parallel through multiple ethernet ports, and divide each received IP packet into multiple cell units, where a first cell unit in the IP packets includes IP packet attribute information;
the analysis storage module 320 is configured to perform message analysis on each cell to obtain IP message attribute information corresponding to the cell, and store the cell and other cells belonging to the same IP message as the cell in the message cache region according to port correspondence;
the scheduling processing module 330 is configured to sequentially obtain a cell unit corresponding to one port in the message buffer as a current cell unit by using a port polling scheduling mechanism, and perform cell unit assembly processing on the current cell unit by using a corresponding processing mode according to the type of the current cell unit;
the forwarding module 340 is configured to forward the IP packet through the port corresponding to the IP packet when it is determined that all cell units corresponding to one IP packet are assembled.
According to the embodiment of the invention, the received IP message is divided into the plurality of cell units in the FPGA, only the first cell unit containing the IP attribute information is subjected to message analysis, network address conversion table matching and message information modification, and then the first cell unit and other cell units belonging to the same IP message are combined again and forwarded, so that the problems of low processing speed and poor universality when the IP message is subjected to network address conversion by the existing multi-CPU processing technology are solved by fully developing the hardware function of the FPGA, and the effects of improving the processing speed and the universality are realized on the basis of reducing the implementation cost.
On the basis of the above embodiments, the method further includes:
and the parameter determination module is used for determining the bandwidth required by network address conversion, and calculating the bit width parameter of the cell unit, the working clock frequency parameter of the FPGA and the message buffer area according to the bandwidth.
On the basis of the foregoing embodiments, the scheduling processing module 330 may include a scheduling unit, an analyzing unit, a converting and modifying unit, and a reassembling unit;
the scheduling unit is used for polling the ports according to the number of the port cell units, if the number of the port cell units of the current port is not 0, one cell unit is scheduled from the current port, otherwise, the current port does not schedule the cell unit, and the next port is continuously polled;
when one cell is stored in a message buffer area correspondingly according to a port, the number of the port cells of the port is increased by 1, and when one cell of the port is dispatched out of the message buffer area, the number of the port cells of the port is decreased by 1;
the analysis unit is used for carrying out message analysis on the current cell unit to obtain IP message attribute information corresponding to the current cell unit if the current cell unit is the first cell unit;
the conversion modification unit is used for matching the IP message attribute information obtained by analysis with a network address conversion table, and if the matching is successful, obtaining the conversion IP message attribute information corresponding to the IP message attribute information according to the matching result and writing the conversion IP message attribute information into the current cell; if the matching fails, setting the value of the Ethernet type parameter in the current cell as a target value, and returning the message data in the current cell to the network switching chip;
wherein, the IP message attribute information includes: new IP information, new TCP/UDP port information, new IP checksum and new TCP/UDP checksum;
the target value in the Ethernet type parameter is used for informing a network switching chip connected with the FPGA through an Ethernet interface to add a network address conversion table item corresponding to the IP message attribute information of the current cell unit in a network address conversion table of the FPGA;
and the recombination unit is used for recombining all the cell units corresponding to the same IP message into a complete IP message.
The device provided by the embodiment can be applied to the method provided by any embodiment, and has corresponding functions and beneficial effects.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (9)

1. An IP message network address conversion method based on FPGA is applied to a programmable logic device and is characterized by comprising the following steps:
receiving a plurality of IP messages in parallel through a plurality of Ethernet ports, and respectively segmenting each received IP message into a plurality of cell units, wherein a first cell unit in the IP messages comprises IP message attribute information;
performing message analysis on each first cell to obtain IP message attribute information corresponding to the first cell, and correspondingly storing the first cell and other cells belonging to the same IP message with the first cell in a message cache region according to ports;
adopting a port polling scheduling mechanism, sequentially acquiring a cell corresponding to a port in a message buffer area as a current cell, and adopting a corresponding processing mode to carry out cell assembly processing on the current cell according to the type of the current cell;
when all cell units corresponding to an IP message are determined to be assembled, forwarding the IP message through a port corresponding to the IP message;
performing cell assembly processing on the current cell by adopting a corresponding processing mode according to the type of the current cell, wherein the cell assembly processing comprises the following steps:
if the current cell is the first cell, performing message analysis on the current cell, performing network address conversion on the IP message attribute information obtained by analysis to obtain new IP message attribute information, rewriting the new IP message attribute information into the current cell, and constructing an assembled message structure according to the current cell;
and if the current cell is not the first cell, adding the current cell to the tail part of the assembled message structure matched with the current cell.
2. The method according to claim 1, wherein a port polling scheduling mechanism is adopted, and a cell unit corresponding to one port is sequentially obtained in the packet buffer as a current cell unit, and specifically the method comprises:
when a port polling scheduling mechanism is adopted to determine to poll a target port, detecting whether a scheduling control instruction matched with the target port is received;
if so, acquiring a cell unit corresponding to the target port in the message cache area as a current cell unit;
and the scheduling control instruction is generated when the message buffer corresponding to the currently scheduled target port is not empty.
3. The method according to any one of claims 1-2, wherein after the first cell and the other cells belonging to the same IP packet as the first cell are stored in the packet buffer according to port correspondence, the method further comprises:
after determining that all the cell units corresponding to the same IP message are cached in the message cache region, determining that the cell units corresponding to the IP message participate in port polling scheduling.
4. The method according to claim 1, wherein the performing network address translation on the analyzed IP packet attribute information to obtain new IP packet attribute information and rewriting the new IP packet attribute information into the current cell includes:
matching the analyzed IP message attribute information with a network address translation table, and if the matching is successful, acquiring the converted IP message attribute information corresponding to the IP message attribute information according to the matching result and writing the converted IP message attribute information into the current cell;
wherein, the attribute information of the IP message comprises: new IP information, new TCP/UDP port information, new IP checksum and new TCP/UDP checksum;
if the matching fails, setting the value of the Ethernet type parameter in the current cell unit as a target value, and returning the message data in the current cell unit to a network switching chip;
the target value in the ethernet type parameter is used to notify a network switching chip connected to the FPGA through the ethernet interface to add a network address translation table entry corresponding to the IP packet attribute information of the current cell unit in a network address translation table of the FPGA.
5. The method according to claim 1, wherein said employing a port polling scheduling mechanism to sequentially obtain a cell unit corresponding to a port in a packet buffer as a current cell unit comprises:
polling ports according to the number of the port cell units, if the number of the port cell units of the current port is not 0, scheduling a cell unit from the current port, otherwise, not scheduling the cell unit by the current port, and continuously polling the next port;
when one cell is stored in the message buffer area according to the port correspondence, the number of the port cell of the port is added with 1, and when one cell of the port is dispatched out of the message buffer area, the number of the port cell of the port is subtracted with 1.
6. The method of claim 1, further comprising, prior to receiving the plurality of IP packets in parallel via the plurality of ethernet ports:
confirming an expected bandwidth of network address conversion, and calculating a bit width parameter of a cell unit, a working clock frequency parameter of an FPGA and a message buffer area according to the expected bandwidth;
the message cache region comprises an FPGA internal RAM and an external DDR.
7. The method according to claim 1, wherein the storing the first cell and other cells belonging to the same IP packet as the first cell in a packet buffer according to port correspondence comprises:
storing the first cell unit into a message cache region of a corresponding port;
acquiring an idle pointer from an idle pointer linked list by other cell units belonging to the same IP message with the first cell unit, and connecting the idle pointer to a cell unit pointer linked list of a corresponding port in series;
and the first pointer in the cell unit pointer linked list points to the storage position of the first cell unit in the message buffer area of the corresponding port.
8. The method according to claim 1, wherein the splitting the received IP packets into a plurality of cell units respectively comprises:
acquiring a port as a target port according to the port sequence;
and when detecting that the plurality of cell units are all stored in the message cache region corresponding to the target port, returning to execute the operation of acquiring a port as the target port according to the port sequence until the processing ending condition is met.
9. An IP message network address conversion device based on FPGA is applied to a programmable logic device and is characterized by comprising the following components:
the receiving and dividing module is used for receiving a plurality of IP messages in parallel through a plurality of Ethernet ports and dividing each received IP message into a plurality of cell units respectively, wherein the first cell unit in the IP messages comprises IP message attribute information;
the analysis storage module is used for carrying out message analysis on each first cell unit to obtain IP message attribute information corresponding to the first cell unit, and correspondingly storing the first cell unit and other cell units which belong to the same IP message with the first cell unit into a message cache region according to ports;
the scheduling processing module is used for sequentially acquiring a cell unit corresponding to one port in a message buffer area as a current cell unit by adopting a port polling scheduling mechanism, and performing cell unit assembly processing on the current cell unit by adopting a corresponding processing mode according to the type of the current cell unit;
the forwarding module is used for forwarding the IP message through a port corresponding to the IP message when all cell units corresponding to the IP message are determined to be assembled;
wherein the scheduling processing module is configured to:
if the current cell is the first cell, performing message analysis on the current cell, performing network address conversion on the IP message attribute information obtained by analysis to obtain new IP message attribute information, rewriting the new IP message attribute information into the current cell, and constructing an assembled message structure according to the current cell;
and if the current cell is not the first cell, adding the current cell to the tail part of the assembled message structure matched with the current cell.
CN201811592943.2A 2018-12-25 2018-12-25 IP message network address conversion method and device based on FPGA Active CN109525518B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811592943.2A CN109525518B (en) 2018-12-25 2018-12-25 IP message network address conversion method and device based on FPGA

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811592943.2A CN109525518B (en) 2018-12-25 2018-12-25 IP message network address conversion method and device based on FPGA

Publications (2)

Publication Number Publication Date
CN109525518A CN109525518A (en) 2019-03-26
CN109525518B true CN109525518B (en) 2021-01-12

Family

ID=65797369

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811592943.2A Active CN109525518B (en) 2018-12-25 2018-12-25 IP message network address conversion method and device based on FPGA

Country Status (1)

Country Link
CN (1) CN109525518B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112242962B (en) * 2019-07-16 2023-06-23 北京物芯科技有限责任公司 Message buffer cutting processing method, device, equipment and storage medium
CN111031044A (en) * 2019-12-13 2020-04-17 浪潮(北京)电子信息产业有限公司 Message analysis hardware device and message analysis method
CN111930677A (en) * 2020-08-14 2020-11-13 山东云海国创云计算装备产业创新中心有限公司 Data transmission method and device, electronic equipment and storage medium
CN113542445A (en) * 2021-05-28 2021-10-22 新华三信息安全技术有限公司 Address translation method, device, equipment and machine readable storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1585401A (en) * 2003-08-21 2005-02-23 华为技术有限公司 Network address converting method for zoned message
CN1691639A (en) * 2004-04-21 2005-11-02 华为技术有限公司 A method of fragmented packet transmission
CN1960316A (en) * 2005-11-04 2007-05-09 华为技术有限公司 Network address conversion method for segmented messages
CN1972239A (en) * 2005-11-24 2007-05-30 武汉烽火网络有限责任公司 Ethernet cache exchanging and scheduling method and apparatus
CN101605105A (en) * 2009-07-14 2009-12-16 中兴通讯股份有限公司 A kind of method and apparatus that fragment message is carried out network address translation
CN103297350A (en) * 2013-05-24 2013-09-11 华为技术有限公司 Implementing method and switching equipment of cell switching system
WO2015120539A1 (en) * 2014-02-13 2015-08-20 NEUSTADTER, Udo Method to route packets in a distributed direct interconnect network
CN105556906A (en) * 2014-05-30 2016-05-04 华为技术有限公司 Network address translation method and apparatus

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9185073B2 (en) * 2011-10-06 2015-11-10 Qualcomm Incorporated Systems and methods for data packet processing

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1585401A (en) * 2003-08-21 2005-02-23 华为技术有限公司 Network address converting method for zoned message
CN1691639A (en) * 2004-04-21 2005-11-02 华为技术有限公司 A method of fragmented packet transmission
CN1960316A (en) * 2005-11-04 2007-05-09 华为技术有限公司 Network address conversion method for segmented messages
CN1972239A (en) * 2005-11-24 2007-05-30 武汉烽火网络有限责任公司 Ethernet cache exchanging and scheduling method and apparatus
CN101605105A (en) * 2009-07-14 2009-12-16 中兴通讯股份有限公司 A kind of method and apparatus that fragment message is carried out network address translation
CN103297350A (en) * 2013-05-24 2013-09-11 华为技术有限公司 Implementing method and switching equipment of cell switching system
WO2015120539A1 (en) * 2014-02-13 2015-08-20 NEUSTADTER, Udo Method to route packets in a distributed direct interconnect network
CN105556906A (en) * 2014-05-30 2016-05-04 华为技术有限公司 Network address translation method and apparatus

Also Published As

Publication number Publication date
CN109525518A (en) 2019-03-26

Similar Documents

Publication Publication Date Title
CN109525518B (en) IP message network address conversion method and device based on FPGA
US11223708B2 (en) Scalable sockets for QUIC
US9608841B2 (en) Method for real-time synchronization of ARP record in RSMLT cluster
US11588703B2 (en) Systems and methods for determining a topology of a network comprising a plurality of intermediary devices and paths
JP2020508004A (en) Packet processing method and apparatus
US20190044879A1 (en) Technologies for reordering network packets on egress
CN111740847B (en) High-speed network data transmission system and method based on FPGA
CN106878184B (en) Data message transmission method and device
US20190044889A1 (en) Coalescing small payloads
US10797986B2 (en) Link discovery method and apparatus
CN107623632B (en) DPDK-based network protocol connection method and system
US9961147B2 (en) Communication apparatus, information processor, communication method, and computer-readable storage medium
US20240106751A1 (en) Method and apparatus for processing detnet data packet
Keller et al. Self‐Awareness in Computer Networks
CN116074253B (en) Message chained forwarding method and device
CN114338529B (en) Five-tuple rule matching method and device
CN115866103A (en) Message processing method and device, intelligent network card and server
WO2015131617A1 (en) Flow table processing method, device, openflow controller and openflow switch
US20050044261A1 (en) Method of operating a network switch
CN115665042B (en) Data processing method, device, user plane functional entity and storage medium
CN117714398B (en) Data transmission system, method, electronic equipment and storage medium
Ran et al. Agile: A high-scalable and low-jitter flow tables lifecycle management framework for multi-core programmable data plane
JP4879728B2 (en) Search device and data processing device
CN117714233B (en) Method, computer equipment and medium for tunnel message encapsulation
JP5047099B2 (en) Data communication system, data communication method, and information processing apparatus constituting data communication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant