CN111614566B - Method, device and system for forwarding airborne data stream and readable storage medium - Google Patents

Method, device and system for forwarding airborne data stream and readable storage medium Download PDF

Info

Publication number
CN111614566B
CN111614566B CN202010489377.3A CN202010489377A CN111614566B CN 111614566 B CN111614566 B CN 111614566B CN 202010489377 A CN202010489377 A CN 202010489377A CN 111614566 B CN111614566 B CN 111614566B
Authority
CN
China
Prior art keywords
data stream
port
vlan
airborne
forwarding
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010489377.3A
Other languages
Chinese (zh)
Other versions
CN111614566A (en
Inventor
刘凯
李岩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC Avionics Co Ltd
Original Assignee
CETC Avionics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC Avionics Co Ltd filed Critical CETC Avionics Co Ltd
Priority to CN202010489377.3A priority Critical patent/CN111614566B/en
Publication of CN111614566A publication Critical patent/CN111614566A/en
Application granted granted Critical
Publication of CN111614566B publication Critical patent/CN111614566B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/201Multicast operation; Broadcast operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/30Peripheral units, e.g. input or output ports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL

Abstract

The invention discloses a method, a device and a system for realizing airborne data stream forwarding and a readable storage medium, wherein the method comprises the following steps: through a system core gateway device, VLAN division is carried out on data streams to be forwarded in airborne network equipment, and each data stream is divided into independent VLANs; VLAN configuration is carried out on each port of the system core gateway equipment, the port mode is configured to Hybrid, and an allow VLAN and an untaggvlan corresponding to each port are configured according to data streams to be forwarded by each port; ACL rule configuration in the direction of an input port is carried out on each port, a matching rule is established for each data stream to be forwarded, and a VLAN corresponding to the data stream is added after matching is hit; and forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the outlet port. The system of the invention is easier to pass airworthiness certification.

Description

Method, device and system for forwarding airborne data stream and readable storage medium
Technical Field
The invention relates to the technical field of airborne network systems in the field of avionics, in particular to a method, a device and a system for realizing airborne data stream forwarding and a readable storage medium.
Background
The airborne network system is composed of a plurality of subsystems, each subsystem is composed of a plurality of network devices, so that a series of functions are realized together, the network devices are connected through an Ethernet, various unicast and multicast data streams are arranged among the subsystems in the airborne network according to the requirements of aviation standards, fixed IP addresses and port numbers are assigned to the data streams for realizing the transmission of business services such as audio and video and various control messages, meanwhile, each subsystem in the airborne interior can also communicate with an external broadband network to ensure that airborne personnel can be contacted with the outside, and meanwhile, because the airworthiness grades of the devices in the airborne network are different, strict isolation is needed among the data streams.
Since the airborne equipment needs to be certified by airworthiness, an excessively complex technical scheme may hardly pass the airworthiness certification, and even some technologies cannot be used in high-level airworthiness certification, how to realize data stream forwarding in the airborne network under the condition of meeting the requirement of the airworthiness certification is a key of the airborne network.
Disclosure of Invention
The technical problem to be solved by the invention is that an excessively complex technical scheme is difficult to pass the airworthiness certification based on that airborne equipment needs to pass the airworthiness certification, and even some technologies cannot be used in high-level airworthiness certification, and the problem that a data stream forwarding method in an airborne network in the prior art is difficult to meet the airworthiness certification is solved; the invention provides a method, a device and a system for realizing airborne data stream forwarding and a readable storage medium for solving the problems.
The invention is realized by the following technical scheme:
a method for realizing airborne data stream forwarding comprises a system core gateway device, and comprises the following steps:
through a system core gateway device, VLAN division is carried out on data streams to be forwarded in airborne network equipment, and each data stream is divided into independent VLANs;
VLAN configuration is carried out on each port of system core gateway equipment, the port mode is configured to Hybrid, and an allow VLAN and an untagglan corresponding to each port are configured according to data streams to be forwarded by each port, wherein an input port and an output port of each port are configured with corresponding allow VLANs, and an output port of each port is configured with untagglan;
performing ACL rule configuration in the direction of an input port on each port, establishing a matching rule for each data stream to be forwarded, wherein the matching rule comprises the IP address and the port number of a message, and adding a VLAN (virtual local area network) corresponding to the data stream after matching;
and forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the outlet port of the port.
The working principle is as follows:
based on the fact that airborne equipment needs to be subjected to airworthiness certification, an excessively complex technical scheme is possibly difficult to pass the airworthiness certification, and even some technologies cannot be used in high-level airworthiness certification, and the problem that a data stream forwarding method in an airborne network is difficult to meet the airworthiness certification in the prior art is solved;
the invention realizes the isolation and the forwarding of the equipment data flow in the airborne network through the exchange chip, and the method of the invention only needs to be realized on the core gateway equipment of the system and does not need to be realized by matching with other equipment; firstly, different data streams are strictly isolated by using different VLANs; secondly, data streams defined based on aviation standards are distinguished by IP addresses and port numbers, and equipment in an airborne network does not support VLAN functions, so that untag messages of different data streams are identified based on the characteristics through ACL configuration, and the device is responsible for adding a corresponding VLAN to the messages in the direction of an ingress port; then, using the Hybrid mode of the port VLAN, configuring an untagglan in the direction of the outlet port of the port, so that the message is not provided with the VLAN tag after the outlet port, stripping the VLAN tag at the outlet port of the port, and realizing the forwarding of the data stream to be forwarded in the corresponding VLAN based on MAC addressing.
The method can complete the forwarding control of the data stream in the airborne network through one system core gateway device, other airborne network devices only need to normally receive and transmit Ethernet messages without VLAN, adaptation processing is not needed, the complexity and the cost of other devices are reduced, and meanwhile, the system is easier to pass through airworthiness authentication because the implementation mode is realized through the function of an exchange chip rather than software.
Further, the data stream includes a unicast data stream and a multicast data stream.
Further, when the data stream to be forwarded is a multicast data stream with high importance:
and configuring a static multicast MAC address table at the corresponding output port for the multicast data stream with high importance, so as to realize the forwarding of the data stream according to the requirement.
Further, the multicast data stream with high importance includes a data stream for emergency voice notification in an onboard network device.
Further, the system core gateway device adopts a switching chip.
In a second aspect, the present invention further provides an apparatus for implementing airborne data stream forwarding, including a system core gateway device and a memory storing an airborne data stream forwarding program, where the system core gateway device includes a VLAN dividing unit, a VLAN configuration unit, an ACL rule configuration unit, and a forwarding unit, and the system core gateway device is configured to execute the airborne data stream forwarding program to perform the following operations:
the VLAN dividing unit is used for carrying out VLAN division on data streams to be forwarded in the airborne network equipment, and each data stream is divided into independent VLANs;
the VLAN configuration unit is used for performing VLAN configuration on each port of the system core gateway equipment, the port mode is configured to be Hybrid, and an allow VLAN and an untagglan corresponding to each port are configured according to data streams to be forwarded by each port, wherein an input port and an output port of each port are configured with corresponding allow VLANs, and an output port of each port is configured with untagglan;
the ACL rule configuration unit is used for carrying out ACL rule configuration in the direction of an input port on each port, establishing a matching rule for each data stream to be forwarded, wherein the matching rule comprises the IP address and the port number of the message, and adding a VLAN (virtual local area network) corresponding to the data stream after matching;
and the forwarding unit is used for forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the output port of the port.
The system can complete the forwarding control of the data stream in the airborne network through one system core gateway device, other airborne network devices only need to normally receive and transmit Ethernet messages without VLAN, adaptation processing is not needed, the complexity and the cost of other devices are reduced, and meanwhile, the system is easier to pass through airworthiness authentication because the implementation mode is realized through the function of an exchange chip rather than software.
Further, the data stream includes a unicast data stream and a multicast data stream.
Further, when the data stream is a multicast data stream with high importance:
and configuring a static multicast MAC address table at the corresponding output port for the multicast data stream with high importance, so as to realize the forwarding of the data stream according to the requirement.
In a third aspect, the present invention further provides a system for implementing airborne data stream forwarding, including the apparatus for implementing airborne data stream forwarding, further including a control subsystem, a video service subsystem, an audio service subsystem, an airborne server and a plurality of external broadband communication terminals in an airborne network, where the control subsystem, the video service subsystem, the audio service subsystem, the airborne server and the plurality of external broadband communication terminals in the airborne network are all in communication connection with corresponding ports of the system core gateway device;
performing, by the system core gateway device, at least the following:
unicast control and status messages sent by a control subsystem in the airborne network to an airborne server are carried out;
performing a unicast audio control message that the onboard server sends to a control subsystem in the onboard network;
multicast video data sent by a control subsystem in the airborne network to the video service subsystem is carried out;
and carrying out multicast audio data sent to the audio service subsystem by the onboard server.
In a fourth aspect, the present invention further provides a computer-readable storage medium, on which an onboard data stream forwarding program is stored, and the onboard data stream forwarding program, when executed by a processor, implements the steps of the method for implementing onboard data stream forwarding.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the invention realizes the isolation and the forwarding of the equipment data flow in the airborne network through the exchange chip, and the method of the invention only needs to be realized on the core gateway equipment of the system and does not need to be realized by matching with other equipment; firstly, different data streams are strictly isolated by using different VLANs; secondly, data streams defined based on aviation standards are distinguished by IP addresses and port numbers, and equipment in an airborne network does not support VLAN functions, so that untag messages of different data streams are identified based on the characteristics through ACL configuration, and the device is responsible for adding a corresponding VLAN to the messages in the direction of an ingress port; then, using the Hybrid mode of the port VLAN, configuring an untagglan in the direction of the outlet port of the port, so that the message is not provided with the VLAN tag after the outlet port, stripping the VLAN tag at the outlet port of the port, and realizing the forwarding of the data stream to be forwarded in the corresponding VLAN based on MAC addressing.
2. The method can complete the forwarding control of the data stream in the airborne network through one system core gateway device, other airborne network devices only need to normally receive and transmit Ethernet messages without VLAN, adaptation processing is not needed, the complexity and the cost of other devices are reduced, and meanwhile, the system is easier to pass through airworthiness authentication because the implementation mode is realized through the function of an exchange chip rather than software.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
fig. 1 is a flowchart of a method for implementing airborne data stream forwarding according to the present invention.
Fig. 2 is a schematic diagram of an airborne network networking according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Example 1
As shown in fig. 1 and fig. 2, a method for implementing airborne data stream forwarding according to the present invention includes a system core gateway device, as shown in fig. 1, the method includes the following steps:
through a system core gateway device, VLAN division is carried out on data streams to be forwarded in airborne network equipment, and each data stream is divided into independent VLANs;
VLAN configuration is carried out on each port of system core gateway equipment, the port mode is configured to Hybrid, and an allow VLAN and an untagglan corresponding to each port are configured according to data streams to be forwarded by each port, wherein an input port and an output port of each port are configured with corresponding allow VLANs, and an output port of each port is configured with untagglan;
performing ACL rule configuration in the direction of an input port on each port, establishing a matching rule for each data stream to be forwarded, wherein the matching rule comprises the IP address and the port number of a message, and adding a VLAN (virtual local area network) corresponding to the data stream after matching;
and forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the outlet port of the port.
In this embodiment, the data stream includes a unicast data stream and a multicast data stream.
In this embodiment, when the data stream to be forwarded is a multicast data stream with high importance:
and configuring a static multicast MAC address table at the corresponding output port for the multicast data stream with high importance, so as to realize the forwarding of the data stream according to the requirement.
In this embodiment, the multicast data stream with high importance includes a data stream for emergency voice notification in an airborne network device.
In this embodiment, the system core gateway device employs a switch chip.
In the networking environment shown in fig. 2, the following data flows, each of which needs to be isolated, need to be forwarded, and are defined by aviation standards, wherein the system a is a control subsystem in an airborne network; the system B is a video service subsystem and is used for providing video services; the system C is an audio service subsystem and is used for providing audio service;
the system A sends control and status messages to the airborne server, the data is unicast, the IP of the corresponding equipment in the system A is 172.22.100.1, the IP of the airborne server is 172.22.100.2, and VLAN100 is allocated in the implementation;
the airborne server sends an audio control message to the system A, data is unicast, the IP of the airborne server is 172.22.100.2, the IP of corresponding equipment in the system A is 172.22.100.13, and a VLAN101 is allocated in the implementation;
the system A sends the video data to the system B, the data is multicasting, the IP address of multicasting is 239.192.126.127, distribute VLAN1000 in implementing;
the on-board server transmits audio data to the system C, the data is multicast, the multicast destination IP is 239.192.61.1, and VLAN1001 is allocated in the implementation.
When in implementation: as shown in fig. 2, the implementation steps of the multicast MAC based on the above data flow and the VLAN partition condition, ACL configuration and port in the method of the present invention are as follows:
(1) the VLAN configuration of a port 1 is configured, the VLAN mode of the port is Hybrid, the port 1 is connected to a system A by a system core gateway device, two paths of unicast data and one path of multicast data exist, the unicast data are bidirectional, the multicast data are input ports in a one-way mode, and therefore VLAN all is configured to add VLANs 100, 101 and 1000, and untagvlan adds VLANs 100 and 101.
(2) Configuring an access port ACL configuration of a port 1, configuring an ACL matching rule according to a source IP172.22.100.1 and a destination IP172.22.100.2, and adding VLAN100 as a matched behavior; configuring an ACL matching rule according to a source IP172.22.100.13 and a destination IP172.22.100.2, wherein the behavior after matching hit is adding VLAN 101; and configuring an ACL matching rule according to the multicast destination IP239.192.126.127, wherein the behavior after matching hit is adding the VLAN 1000.
(3) The VLAN configuration of a port 3 is configured, the VLAN mode of the port is Hybrid, the port 3 is connected to an airborne server through a system core gateway device, two paths of unicast data and one path of multicast data exist, the unicast data are bidirectional, the multicast data are input ports in a one-way mode, and therefore VLAN all is configured to add VLANs 100, 101 and 1001, and untagvlan adds VLANs 100 and 101.
(4) Configuring an access port ACL configuration of the port 3, configuring an ACL matching rule according to a source IP172.22.100.2 and a destination IP172.22.100.1, and adding VLAN100 as a matched behavior; configuring an ACL matching rule according to a source IP172.22.100.2 and a destination IP172.22.100.13, wherein the behavior after matching hit is adding VLAN 101; an ACL matching rule is configured according to the multicast destination IP239.192.61.1, and the behavior after matching hit is adding VLAN 1001.
(5) The VLAN configuration of the port 4 is configured, the VLAN mode of the port is Hybrid, the port 4 is connected with a C system through a system core gateway device, one path of multicast data exists, the multicast data is output in a one-way mode, and therefore VLAN1000 is added by the VLAN all, and VLAN1000 is added by the untagglan.
(6) And configuring a multicast MAC address of the port 4, and adding the multicast MAC address corresponding to the multicast destination IP239.192.126.127 into a static multicast MAC address table of the port to ensure that the multicast data stream can be forwarded to the port.
(7) The VLAN configuration of the port 5 is configured, the VLAN mode of the port is Hybrid, the port 5 is connected with a system B through a system core gateway device, one path of multicast data exists, the multicast data is a one-way output port, and therefore VLAN1001 is added by VLAN allow configuration, and VLAN1001 is added by untagvlan.
(8) And configuring the multicast MAC address of the port 5, and adding the multicast MAC address corresponding to the multicast destination IP239.192.61.1 into a static multicast MAC address table of the port to ensure that the multicast data stream can be forwarded to the port.
Through the above configuration, when a unicast data message enters a port of a system core gateway device, a corresponding VLAN can be added through an ACL rule, the unicast data message is forwarded to the port corresponding to the VLAN according to the VLAN configuration of the system core gateway device, and the VLAN tag is stripped through an untagvan corresponding to a Hybrid mode at an egress port, so that the message can be forwarded to a desired port without being changed, and since unicast data is bidirectionally interactive, corresponding configuration needs to be performed on two ports for forwarding data streams.
The multicast data message can also realize that the data stream is forwarded as expected through the corresponding VLAN and ACL configuration, but because the multicast message is unidirectional, the ACL and the VLAN only need to be configured in one direction, but a static multicast MAC address table needs to be configured, so that the forwarding accuracy of the multicast data stream is ensured.
The working principle is as follows:
based on the fact that airborne equipment needs to be subjected to airworthiness certification, an excessively complex technical scheme is possibly difficult to pass the airworthiness certification, and even some technologies cannot be used in high-level airworthiness certification, and the problem that a data stream forwarding method in an airborne network is difficult to meet the airworthiness certification in the prior art is solved;
the invention realizes the isolation and the forwarding of the equipment data flow in the airborne network through the exchange chip, and the method of the invention only needs to be realized on the core gateway equipment of the system and does not need to be realized by matching with other equipment; firstly, different data streams are strictly isolated by using different VLANs; secondly, data streams defined based on aviation standards are distinguished by IP addresses and port numbers, and equipment in an airborne network does not support VLAN functions, so that untag messages of different data streams are identified based on the characteristics through ACL configuration, and the device is responsible for adding a corresponding VLAN to the messages in the direction of an ingress port; then, using the Hybrid mode of the port VLAN, configuring an untagglan in the direction of the outlet port of the port, so that the message is not provided with the VLAN tag after the outlet port, stripping the VLAN tag at the outlet port of the port, and realizing the forwarding of the data stream to be forwarded in the corresponding VLAN based on MAC addressing.
The method can complete the forwarding control of the data stream in the airborne network through one system core gateway device, other airborne network devices only need to normally receive and transmit Ethernet messages without VLAN, adaptation processing is not needed, the complexity and the cost of other devices are reduced, and meanwhile, the system is easier to pass through airworthiness authentication because the implementation mode is realized through the function of an exchange chip rather than software.
Example 2
As shown in fig. 1 and fig. 2, the present embodiment is different from embodiment 1 in that the present embodiment provides an apparatus for implementing airborne data stream forwarding, including a system core gateway device and a memory storing an airborne data stream forwarding program, where the system core gateway device includes a VLAN dividing unit, a VLAN configuration unit, an ACL rule configuration unit, and a forwarding unit, and the system core gateway device is configured to execute the airborne data stream forwarding program to perform the following operations:
the VLAN dividing unit is used for carrying out VLAN division on data streams to be forwarded in the airborne network equipment, and each data stream is divided into independent VLANs;
the VLAN configuration unit is used for performing VLAN configuration on each port of the system core gateway equipment, the port mode is configured to be Hybrid, and an allow VLAN and an untagglan corresponding to each port are configured according to data streams to be forwarded by each port, wherein an input port and an output port of each port are configured with corresponding allow VLANs, and an output port of each port is configured with untagglan;
the ACL rule configuration unit is used for carrying out ACL rule configuration in the direction of an input port on each port, establishing a matching rule for each data stream to be forwarded, wherein the matching rule comprises the IP address and the port number of the message, and adding a VLAN (virtual local area network) corresponding to the data stream after matching;
and the forwarding unit is used for forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the output port of the port.
The system can complete the forwarding control of the data stream in the airborne network through one system core gateway device, other airborne network devices only need to normally receive and transmit Ethernet messages without VLAN, adaptation processing is not needed, the complexity and the cost of other devices are reduced, and meanwhile, the system is easier to pass through airworthiness authentication because the implementation mode is realized through the function of an exchange chip rather than software.
Further, the data stream includes a unicast data stream and a multicast data stream.
Further, when the data stream is a multicast data stream with high importance:
and configuring a static multicast MAC address table at the corresponding output port for the multicast data stream with high importance, so as to realize the forwarding of the data stream according to the requirement.
Further, the multicast data stream with high importance includes a data stream for emergency voice notification in an onboard network device.
Further, the system core gateway device adopts a switching chip.
Example 3
As shown in fig. 1 and fig. 2, a difference between the present embodiment and embodiment 2 is that the present embodiment provides a system for implementing forwarding of an airborne data stream, which includes a device for implementing forwarding of an airborne data stream in embodiment 2, and further includes a control subsystem, a video service subsystem, an audio service subsystem, an airborne server, and if external broadband communication terminals in an airborne network, where the control subsystem, the video service subsystem, the audio service subsystem, the airborne server, and the if external broadband communication terminals in the airborne network are all in communication connection with corresponding ports of the system core gateway device;
performing, by the system core gateway device, at least the following:
unicast control and status messages sent by a control subsystem in the airborne network to an airborne server are carried out;
performing a unicast audio control message that the onboard server sends to a control subsystem in the onboard network;
multicast video data sent by a control subsystem in the airborne network to the video service subsystem is carried out;
and carrying out multicast audio data sent to the audio service subsystem by the onboard server.
Example 4
As shown in fig. 1 and fig. 2, the present embodiment is different from embodiment 1 in that the present embodiment provides a computer-readable storage medium, on which an onboard data flow forwarding program is stored, and the onboard data flow forwarding program, when executed by a processor, implements the steps of the method for implementing onboard data flow forwarding in embodiment 1.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A method for realizing airborne data stream forwarding is characterized by comprising a system core gateway device, and comprises the following steps:
through a system core gateway device, VLAN division is carried out on data streams to be forwarded in airborne network equipment, and each data stream is divided into independent VLANs;
VLAN configuration is carried out on each port of system core gateway equipment, the port mode is configured to Hybrid, and an allow VLAN and an untagglan corresponding to each port are configured according to data streams to be forwarded by each port, wherein an input port and an output port of each port are configured with corresponding allow VLANs, and an output port of each port is configured with untagglan;
performing ACL rule configuration in the direction of an input port on each port, establishing a matching rule for each data stream to be forwarded, wherein the matching rule comprises the IP address and the port number of a message, and adding a VLAN (virtual local area network) corresponding to the data stream after matching;
and forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the outlet port of the port.
2. The method of claim 1, wherein the data stream comprises a unicast data stream and a multicast data stream.
3. The method according to claim 2, wherein when the data stream to be forwarded is a multicast data stream with high importance:
and configuring a static multicast MAC address table at the corresponding output port for the multicast data stream with high importance, so as to realize the forwarding of the data stream according to the requirement.
4. The method of claim 3, wherein the multicast data stream with high importance includes a data stream for emergency voice notification in an onboard network device.
5. The method of claim 1, wherein the system core gateway device employs a switch chip.
6. The device for realizing airborne data stream forwarding is characterized by comprising a system core gateway device and a memory, wherein the memory stores an airborne data stream forwarding program, the system core gateway device comprises a VLAN dividing unit, a VLAN configuration unit, an ACL rule configuration unit and a forwarding unit, and the system core gateway device is configured to execute the airborne data stream forwarding program to execute the following operations:
the VLAN dividing unit is used for carrying out VLAN division on data streams to be forwarded in the airborne network equipment, and each data stream is divided into independent VLANs;
the VLAN configuration unit is used for performing VLAN configuration on each port of the system core gateway equipment, the port mode is configured to be Hybrid, and an allow VLAN and an untagglan corresponding to each port are configured according to data streams to be forwarded by each port, wherein an input port and an output port of each port are configured with corresponding allow VLANs, and an output port of each port is configured with untagglan;
the ACL rule configuration unit is used for carrying out ACL rule configuration in the direction of an input port on each port, establishing a matching rule for each data stream to be forwarded, wherein the matching rule comprises the IP address and the port number of the message, and adding a VLAN (virtual local area network) corresponding to the data stream after matching;
and the forwarding unit is used for forwarding the data stream to be forwarded in the corresponding VLAN based on MAC addressing, and stripping the VLAN tag at the output port of the port.
7. The apparatus of claim 6, wherein the data stream comprises a unicast data stream and a multicast data stream.
8. The apparatus according to claim 7, wherein when the data stream is a multicast data stream with high importance:
and configuring a static multicast MAC address table at the corresponding output port for the multicast data stream with high importance, so as to realize the forwarding of the data stream according to the requirement.
9. A system for implementing airborne data stream forwarding, comprising the apparatus for implementing airborne data stream forwarding according to any one of claims 6 to 8, further comprising a control subsystem, a video service subsystem, an audio service subsystem, an airborne server and an off-board broadband communication terminal in an airborne network, wherein the control subsystem, the video service subsystem, the audio service subsystem, the airborne server and the off-board broadband communication terminal in the airborne network are all in communication connection with corresponding ports of the system core gateway device;
performing, by the system core gateway device, at least the following:
unicast control and status messages sent by a control subsystem in the airborne network to an airborne server are carried out;
performing a unicast audio control message that the onboard server sends to a control subsystem in the onboard network;
multicast video data sent by a control subsystem in the airborne network to the video service subsystem is carried out;
and carrying out multicast audio data sent to the audio service subsystem by the onboard server.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon an onboard data flow forwarding program, which when executed by a processor implements the steps of a method of implementing onboard data flow forwarding according to any one of claims 1 to 5.
CN202010489377.3A 2020-06-02 2020-06-02 Method, device and system for forwarding airborne data stream and readable storage medium Active CN111614566B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010489377.3A CN111614566B (en) 2020-06-02 2020-06-02 Method, device and system for forwarding airborne data stream and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010489377.3A CN111614566B (en) 2020-06-02 2020-06-02 Method, device and system for forwarding airborne data stream and readable storage medium

Publications (2)

Publication Number Publication Date
CN111614566A CN111614566A (en) 2020-09-01
CN111614566B true CN111614566B (en) 2021-11-09

Family

ID=72202205

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010489377.3A Active CN111614566B (en) 2020-06-02 2020-06-02 Method, device and system for forwarding airborne data stream and readable storage medium

Country Status (1)

Country Link
CN (1) CN111614566B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114205236A (en) * 2020-09-18 2022-03-18 中兴通讯股份有限公司 Network configuration method, terminal, system and storage medium
CN115134296A (en) * 2022-05-31 2022-09-30 青岛海信宽带多媒体技术有限公司 Intelligent gateway

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1433190A (en) * 2001-03-19 2003-07-30 阿尔卡塔尔公司 Exchange node classifying and marking rules
CN1832444A (en) * 2005-03-08 2006-09-13 华为技术有限公司 End-to-end processing method and device for Ethernet service in city local network
CN1838627A (en) * 2005-03-22 2006-09-27 杭州华为三康技术有限公司 Method for realizing QinQ access
CN101741664A (en) * 2009-12-21 2010-06-16 中兴通讯股份有限公司 Method and device for realizing Ethernet interface system
CN101895427A (en) * 2010-07-23 2010-11-24 中兴通讯股份有限公司 Stream-based virtual local area network processing method and system
CN102130890A (en) * 2010-01-18 2011-07-20 杭州华三通信技术有限公司 Method for increasing rate of performing network cloning by utilizing GHOST and equipment
CN108259297A (en) * 2017-04-28 2018-07-06 新华三技术有限公司 A kind of message processing method and device
CN108880892A (en) * 2018-06-26 2018-11-23 新华三技术有限公司 A kind of message processing method and device
CN110753010A (en) * 2019-10-22 2020-02-04 新华三信息安全技术有限公司 Message forwarding method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8665869B2 (en) * 2009-12-02 2014-03-04 Vss Monitoring, Inc. System, apparatus, and methods for inserting information into captured data packets
CN110650076B (en) * 2018-06-26 2021-12-24 华为技术有限公司 VXLAN implementation method, network equipment and communication system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1433190A (en) * 2001-03-19 2003-07-30 阿尔卡塔尔公司 Exchange node classifying and marking rules
CN1832444A (en) * 2005-03-08 2006-09-13 华为技术有限公司 End-to-end processing method and device for Ethernet service in city local network
CN1838627A (en) * 2005-03-22 2006-09-27 杭州华为三康技术有限公司 Method for realizing QinQ access
CN101741664A (en) * 2009-12-21 2010-06-16 中兴通讯股份有限公司 Method and device for realizing Ethernet interface system
CN102130890A (en) * 2010-01-18 2011-07-20 杭州华三通信技术有限公司 Method for increasing rate of performing network cloning by utilizing GHOST and equipment
CN101895427A (en) * 2010-07-23 2010-11-24 中兴通讯股份有限公司 Stream-based virtual local area network processing method and system
CN108259297A (en) * 2017-04-28 2018-07-06 新华三技术有限公司 A kind of message processing method and device
CN108880892A (en) * 2018-06-26 2018-11-23 新华三技术有限公司 A kind of message processing method and device
CN110753010A (en) * 2019-10-22 2020-02-04 新华三信息安全技术有限公司 Message forwarding method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于非对称VLAN的端口隔离技术研究与应用;林初建等;《华东师范大学学报(自然科学版)》;20150320;全文 *

Also Published As

Publication number Publication date
CN111614566A (en) 2020-09-01

Similar Documents

Publication Publication Date Title
US10389542B2 (en) Multicast helper to link virtual extensible LANs
US7751394B2 (en) Multicast packet relay device adapted for virtual router
US7095741B1 (en) Port isolation for restricting traffic flow on layer 2 switches
EP2378720B1 (en) Extranet networking method, system and device for multicast virtual private network
US7570635B2 (en) Multicast network unit, multicast network system, and multicast method
CN102263646B (en) Multicasting within a distributed control plane of a switch
US8958431B2 (en) Access method and apparatus for multi-protocol label switching layer 2 virtual private network
US8064458B2 (en) Method and apparatus for simulating IP multinetting
CN109040658B (en) Conference control method and device
CN111614566B (en) Method, device and system for forwarding airborne data stream and readable storage medium
CN103477588A (en) Method and system for classification and management of inter-blade network traffic in a blade server
CN102420762B (en) Message forwarding method, message forwarding system, network equipment and firewall wire card
CN105939267B (en) Outband management method and device
CN112804112B (en) Multi-cloud access method in SD-WAN (secure digital-Wide area network) network environment
WO2018068588A1 (en) Method and software-defined networking (sdn) controller for providing multicast service
CN103368775A (en) Traffic backup method and core switching equipment
US20150002616A1 (en) Apparatus and method for processing multicast traffic in openflow environment
Alimi et al. Enhancement of network performance of an enterprises network with VLAN
CN101743722B (en) Method of connecting VLAN systems to other networks via a router
US20060029001A1 (en) Multicast source discovery
CN110401726B (en) Method, device and equipment for processing address resolution protocol message and storage medium
CN103281205B (en) A kind of method of configured port isolation information and the network equipment
Aziz The importance of VLANs and trunk links in network communication areas
CN107241249B (en) Ethernet bus switch, Ethernet bus system and data communication method
CN101309154B (en) Datagram sending method, sending apparatus and transmission system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant