CN112714114A - Distribution method and device for NetFlow chip table entries - Google Patents

Distribution method and device for NetFlow chip table entries Download PDF

Info

Publication number
CN112714114A
CN112714114A CN202011538838.8A CN202011538838A CN112714114A CN 112714114 A CN112714114 A CN 112714114A CN 202011538838 A CN202011538838 A CN 202011538838A CN 112714114 A CN112714114 A CN 112714114A
Authority
CN
China
Prior art keywords
netflow
module
data flow
entry
chip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011538838.8A
Other languages
Chinese (zh)
Inventor
成伟
王俊杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Centec Networks Suzhou Co Ltd
Original Assignee
Centec Networks Suzhou Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Centec Networks Suzhou Co Ltd filed Critical Centec Networks Suzhou Co Ltd
Priority to CN202011538838.8A priority Critical patent/CN112714114A/en
Publication of CN112714114A publication Critical patent/CN112714114A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/54Organization of routing tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a distribution method and a device of NetFlow chip table items, wherein the method comprises the steps that a NetFlow module in the inlet direction searches a NetFlow table according to characteristic information of data flow and stores the data flow into a NetFlow table item corresponding to the NetFlow module in the inlet direction or stores the data flow into a NetFlow table item shared by the NetFlow module in the outlet direction; and the output direction NetFlow module searches a NetFlow table according to the characteristic information of the data flow and stores the data flow into a NetFlow table corresponding to the output direction NetFlow module or stores the data flow into a NetFlow table shared by the input direction NetFlow modules and provided with the output direction NetFlow module when the data flow is not found. By sharing the NetFlow table entry, the invention can reduce the NetFlow chip table entry resource and reduce the chip design cost.

Description

Distribution method and device for NetFlow chip table entries
Technical Field
The invention relates to the technical field of networks, in particular to a method and a device for distributing NetFlow chip table entries.
Background
NetFlow is a technology for monitoring an IP data Flow (Flow) forwarded by a network device, and can collect statistical information and forwarding information of data messages received and sent by the network device, send the statistical information and the forwarding information to a NetFlow analysis server, and analyze the statistical information of NetFlow to investigate causes such as network failure and network congestion.
When the NetFlow function is started and the data message is counted, the network equipment can automatically learn the relevant characteristic information of the data message and also support a user to configure a specific data flow to execute the NetFlow counting. And the switching chip inside the network equipment supports twice NetFlow processing in the direction of entering and the direction of exiting the data message. Aiming at different scenes, the system software respectively allocates independent memories for the NetFlow processing in the direction and the NetFlow processing in the direction, the memories are used for storing NetFlow table items for recording message statistical information and forwarding information, the address indexes of the memories are used as initial storage spaces, and the NetFlow statistical information in the direction and the direction are stored in different storage spaces so as to independently realize the NetFlow processing for two times.
However, under different scenarios, for example, the campus network is more concerned about packet loss and statistical information, and needs to allocate more entries in the entry direction NetFlow, whereas the data center network is more concerned about forwarding delay and needs to allocate more entries in the exit direction NetFlow. If specifications of an entry direction and an exit direction of the NetFlow in different scenes are required to be met, the chip needs to be designed according to the maximum entry direction NetFlow specification requirement and the maximum exit direction NetFlow specification requirement in different scenes at the same time, if the quantity of the entries required for the entry direction of the campus network is M, the number of the entries required for the exit direction of the data center network is N, and when the chip is designed, the number of the entry direction and the number of the exit direction are respectively Max (M, N) aiming at the entry design of a NetFlow module, namely 2 multiplied by Max (M, N) NetFlow entries are required, so that on one hand, the chip design cost is high, the occupied area of the chip is large, on the other hand, the fact that a part of entries in the entry direction or the exit direction cannot be utilized when the chip is actually deployed is easily caused, and the chip entry cost is finally influenced.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a method and a device for distributing NetFlow chip table entries, which can reduce NetFlow chip table entry resources and reduce chip design cost.
In order to achieve the purpose, the invention provides the following technical scheme: a distribution method of NetFlow chip list items, wherein the NetFlow chip comprises an entry direction NetFlow module, an exit direction NetFlow module and a queue NetFlow module arranged between the entry direction NetFlow module and the exit direction NetFlow module, the distribution method comprises the steps of
Enabling a NetFlow function by the entry direction NetFlow module, searching a NetFlow table according to the characteristic information of the data flow, and storing the data flow into a NetFlow table entry corresponding to the entry direction NetFlow module when the data flow is not searched, or storing the data flow into a NetFlow table entry shared by the exit direction NetFlow module and the entry direction NetFlow module;
the output direction NetFlow module enables a NetFlow function, searches a NetFlow table according to the characteristic information of the data flow, and stores the data flow into a NetFlow table entry corresponding to the output direction NetFlow module when the data flow is not searched, or stores the data flow into a NetFlow table entry shared by the input direction NetFlow modules and provided for the output direction NetFlow module.
Preferably, the entry direction NetFlow module matches the characteristics of the data flow through an entry direction ACL issued by the entry direction forwarding processing module to enable the NetFlow function;
and the output direction NetFlow module matches the characteristics of the data flow through an output direction ACL issued by the output direction forwarding processing module to enable the NetFlow function.
Preferably, the data flow characteristic information is obtained by analyzing a packet, and the data flow characteristic information includes a source MAC address, a destination MAC address, a source IP address, a destination IP address, and an IP protocol number.
Preferably, the method further includes the step of counting packet loss information occurring in the data message processing process of the queue scheduling and caching module by the queue NetFlow module, and storing the packet loss information in the corresponding NetFlow entry.
Preferably, the method further includes the queue NetFlow module counting packet loss information occurring in the data message processing process of the queue scheduling and caching module and storing the packet loss information in a NetFlow entry shared by the ingress direction NetFlow module to the queue NetFlow module, or storing the packet loss information in a NetFlow entry shared by the egress direction NetFlow module to the queue NetFlow module.
The invention also discloses a distribution device of the NetFlow chip list items, the NetFlow chip comprises an entry direction NetFlow chip, an exit direction NetFlow chip and a queue NetFlow chip arranged between the entry direction NetFlow chip and the exit direction NetFlow chip, the distribution device comprises
The entry direction data flow processing module is used for searching a NetFlow table according to the characteristic information of the data flow and storing the data flow into a NetFlow table item shared by an entry direction NetFlow chip and an exit direction NetFlow chip when the data flow is not searched;
and the outgoing direction data flow processing module is used for searching the NetFlow table according to the characteristic information of the data flow and storing the data flow into the NetFlow table shared by the incoming direction NetFlow chip and the outgoing direction NetFlow chip when the data flow is not searched.
Preferably, also comprises
The entry direction NetFlow chip enabling module is used for enabling the entry direction NetFlow module according to the entry direction ACL matched data flow characteristics;
and the output direction NetFlow chip enabling module is used for matching data flow characteristics according to the output direction ACL to enable the output direction NetFlow module.
Preferably, the system further comprises an analysis module, the data flow characteristic information is obtained by analyzing the message through the message analysis module, and the data flow characteristic information comprises a source MAC address, a destination MAC address, a source IP address, a destination IP address and an IP protocol number.
Preferably, also comprises
And the first queue data flow processing module is arranged between the incoming direction data flow processing module and the outgoing direction data flow processing module and is used for counting the packet loss information of the queue scheduling and caching module in the data message processing process and storing the packet loss information in the corresponding NetFlow table entry.
Preferably, also comprises
And the second queue data flow processing module is arranged between the incoming direction data flow processing module and the outgoing direction data flow processing module and is used for counting packet loss information generated by the queue scheduling and caching module in the data message processing process and storing the packet loss information in a NetFlow table item shared by the incoming direction NetFlow module and the queue NetFlow table item shared by the outgoing direction NetFlow module.
The invention has the beneficial effects that:
according to the method, the NetFlow table entries are shared, namely the NetFlow table entries corresponding to the entry direction NetFlow modules can be used by the exit direction NetFlow modules, the NetFlow table entries corresponding to the exit direction NetFlow modules can be used by the entry direction NetFlow modules, the NetFlow table entries are flexibly distributed to the entry direction NetFlow modules or the exit direction NetFlow modules, the flexibility of the NetFlow chip table entries is improved, the chip table entry resources are reduced, and meanwhile, the network differentiation requirements of NetFlow in different scenes are met.
Drawings
FIG. 1 is a flow chart illustration of the allocation method of the present invention;
FIG. 2 is a main schematic diagram of the structure block diagram of the NetFlow chip of the invention;
fig. 3 is a block diagram of the structure of the distribution device of the present invention.
Detailed Description
The technical solution of the embodiment of the present invention will be clearly and completely described below with reference to the accompanying drawings of the present invention.
According to the distribution method of the NetFlow chip table entries, the NetFlow table entries are shared, namely the NetFlow table entries corresponding to the NetFlow modules in the in direction can be used by the NetFlow modules in the out direction, and the NetFlow table entries corresponding to the NetFlow modules in the out direction can be used by the NetFlow modules in the in direction, so that the flexibility of the NetFlow chip table entries is improved, the NetFlow chip table entry resources are reduced, and meanwhile, the network differentiation requirements of NetFlow in different scenes are met.
Referring to fig. 1 and fig. 2, a method for allocating NetFlow chip entries disclosed in the present invention includes:
the entry direction NetFlow module searches a NetFlow table according to the characteristic information of the data flow and stores the data flow into a NetFlow table item corresponding to the entry direction NetFlow module when the data flow is not searched, or stores the data flow into a NetFlow table item shared by the exit direction NetFlow module and fed to the entry direction NetFlow module;
the output direction NetFlow module searches a NetFlow table according to the characteristic information of the data flow and stores the data flow into a NetFlow table item corresponding to the output direction NetFlow module when the data flow is not searched, or stores the data flow into a NetFlow table item shared by the input direction NetFlow modules and provided with the output direction NetFlow module.
Specifically, as shown in fig. 2, the NetFlow chip includes an ingress direction forwarding processing module, a queue scheduling and caching module, an egress direction forwarding processing module, an ingress direction NetFlow module, a queue NetFlow module, and an egress direction NetFlow module, where the ingress direction forwarding processing module, the queue scheduling and caching module, and the egress direction forwarding processing module are sequentially in communication connection, the ingress direction NetFlow module is in communication connection with the ingress direction forwarding processing module, the egress direction NetFlow module is in communication connection with the egress direction forwarding processing module, the ingress direction NetFlow module and the egress direction NetFlow module both correspond to a memory storing NetFlow entries, and the NetFlow entries corresponding to the ingress direction NetFlow module can be used by the egress direction NetFlow module, and the NetFlow entries corresponding to the egress direction NetFlow module can be supplied to the egress direction NetFlow module, that is, and the ingress direction NetFlow module and the egress direction NetFlow module share NetFlow entries.
When the NetFlow list item is distributed, the entry direction NetFlow module takes the characteristic information of the data flow as a NetFlow keyword, and performs table look-up processing by using the NetFlow keyword, if the characteristic information can be found, updating of NetFlow statistics is further executed, and if the characteristic information cannot be found, the data flow is further stored into a NetFlow list item corresponding to the entry direction NetFlow module, or the data flow is stored into the NetFlow list item shared by the exit direction NetFlow module to the entry direction NetFlow module, and updating of the NetFlow statistics is executed. By adopting a mode of sharing the NetFlow table entry, the NetFlow table entry corresponding to the NetFlow module in the outgoing direction is shared with the NetFlow module in the incoming direction, so that the cache positions stored by the NetFlow module in the incoming direction are flexibly distributed to increase the specification of the NetFlow in the incoming direction.
Further, the characteristic information of the data stream may be obtained through an analysis module, and in implementation, the received message is analyzed to obtain information carried by the message, and the information is transmitted to each subsequent module, such as the incoming direction forwarding processing module, the queue scheduling and caching module, and the outgoing direction forwarding processing module, that is, the message information obtained through analysis is also used in the subsequent processing flow. The information carried by the message includes, but is not limited to, a source MAC address, a destination IP address, and an IP protocol number.
When the entering direction NetFlow module monitors the message, the entering direction NetFlow module needs to perform enabling processing first. In implementation, in the ingress forwarding processing module, the ingress NetFlow module is enabled by matching data flow characteristics with the lower ingress ACL.
As shown in fig. 2, the queue NetFlow module is configured to count packet losses occurring in the data packet processing process of the queue scheduling and caching module, and record packet loss information such as a packet loss reason and a packet loss number of the data packet in a corresponding NetFlow entry. In this embodiment, the queue NetFlow module preferably stores the packet loss information only in a unique NetFlow entry. Through making direction NetFlow module and the design of sharing NetFlow table entry of play direction NetFlow module adoption, and the design of unique NetFlow table entry is adopted to the queue NetFlow module, can simplify NetFlow chip architecture design, reduces the chip design degree of difficulty. Of course, in other embodiments, the corresponding packet loss information may also be stored in the NetFlow entry shared by the ingress direction NetFlow module to the queue NetFlow module, or the corresponding packet loss information may also be stored in the NetFlow entry shared by the egress direction NetFlow module to the queue NetFlow module.
As shown in fig. 2, the outgoing direction NetFlow module uses the characteristic information of the data flow as a NetFlow key, performs table lookup processing by using the NetFlow key, further performs updating of the NetFlow statistics if the characteristic information can be found, and further stores the data flow into a NetFlow entry corresponding to the outgoing direction NetFlow module or stores the data flow into a NetFlow entry of the outgoing direction NetFlow module shared by the incoming direction NetFlow modules and performs updating of the NetFlow statistics if the characteristic information cannot be found. By adopting a mode of sharing the NetFlow table entry, namely, the NetFlow table entry corresponding to the entry direction NetFlow module is shared with the given direction NetFlow module, so that the cache position stored by the exit direction NetFlow module is flexibly distributed to increase the specification of the exit direction NetFlow.
When the outgoing direction NetFlow module monitors the message, the enabling processing is required to be performed first. In the implementation process, in the outgoing direction forwarding processing module, the outgoing direction NetFlow module is enabled by issuing the characteristic that the outgoing direction ACL matches the data flow.
The exit direction forwarding processing module executes message editing according to the search result of route forwarding or bridge forwarding in the entry direction forwarding processing module, and forwards the message from the corresponding exit port after the message is edited.
As shown in fig. 3, the present invention further discloses a distribution device for NetFlow chip entries, where the NetFlow chip includes an ingress direction forwarding processing module, a queue scheduling and caching module, an egress direction forwarding processing module, an ingress direction NetFlow module, a queue NetFlow module, and an egress direction NetFlow module, the ingress direction forwarding processing module, the queue scheduling and caching module, and the egress direction forwarding processing module are sequentially in communication connection, and the distribution device includes an ingress direction data flow processing module and an egress direction data flow processing module, where the ingress direction data flow processing module is configured to search a NetFlow table for characteristic information of a data flow and store the data flow into a NetFlow entry corresponding to the ingress direction NetFlow module when the characteristic information is not searched, or store the characteristic information in a NetFlow entry shared by the egress direction NetFlow module for the ingress direction NetFlow module; the output direction data flow processing module is used for searching a NetFlow table according to the characteristic information of the data flow and storing the data flow into a NetFlow table entry corresponding to the output direction NetFlow module when the data flow is not searched, or storing the data flow into a NetFlow table entry of the input direction NetFlow module sharing the output direction NetFlow module.
In implementation, the NetFlow chip receives the message and the parsing module parses the message to obtain the characteristic information carried by the message, where the characteristic information includes, but is not limited to, a source MAC address, a destination MAC address, a source IP address, a destination IP address, and an IP protocol number, and further transmits the characteristic information carried by the message to each subsequent module, such as an ingress forwarding processing module, a queue scheduling and caching module, and an egress forwarding processing module, that is, the message information obtained by parsing is also used in subsequent processing flows.
Furthermore, the distribution device further comprises an entering direction NetFlow chip enabling module, wherein in the entering direction forwarding processing module, the entering direction ACL matches with the data flow characteristics, the entering direction NetFlow chip enabling module enables the entering direction NetFlow module connected with the entering direction NetFlow chip enabling module according to the entering direction ACL matching with the data flow characteristics, and meanwhile, the entering direction forwarding processing module also judges whether to execute routing forwarding or bridging forwarding according to the MAC address information carried by the message so as to forward and process the message by the subsequent exiting direction forwarding processing module.
And after the entry direction NetFlow module is enabled, the entry direction NetFlow module uses the characteristic information of the data flow as a NetFlow key word through the entry direction data flow processing module, and performs table look-up processing by using the NetFlow key word, if the NetFlow key word can be found, the NetFlow statistics is further updated, and if the NetFlow key word cannot be found, the data flow is further stored into a NetFlow table item corresponding to the entry direction NetFlow module, or the data flow is stored into the NetFlow table item shared by the exit direction NetFlow module and the NetFlow statistics is updated. By adopting a mode of sharing the NetFlow table entry, namely, the NetFlow table entry corresponding to the NetFlow module in the outgoing direction is shared to the NetFlow module in the incoming direction, so that the cache positions stored by the NetFlow module in the incoming direction are flexibly distributed to increase the specification of the NetFlow in the incoming direction.
Furthermore, the distribution device further comprises a first queue data flow processing module or a second queue data flow processing module, wherein the first queue data flow processing module is arranged between the incoming direction data flow processing module and the outgoing direction data flow processing module and is used for counting packet loss information generated by the queue scheduling and caching module in the data message processing process and storing the packet loss information in a corresponding NetFlow table entry; the second queue data flow processing module is arranged between the incoming direction data flow processing module and the outgoing direction data flow processing module and used for counting packet loss information generated by the queue scheduling and caching module in the data message processing process and storing the packet loss information in a NetFlow table shared by the incoming direction NetFlow module and the queue NetFlow table or in a NetFlow table shared by the outgoing direction NetFlow module and the queue NetFlow module.
Furthermore, the distribution device further comprises an outgoing direction NetFlow chip enabling module, wherein the outgoing direction processing module issues outgoing direction ACL-matched data flow characteristics, the outgoing direction NetFlow chip enabling module enables the outgoing direction NetFlow module connected with the outgoing direction ACL-matched data flow characteristics according to the incoming direction ACL-matched data flow characteristics, meanwhile, the message is edited according to a search result of route forwarding or bridge forwarding in the incoming direction forwarding processing module, and the message is forwarded from a corresponding outgoing port after the message is edited. When the method is implemented, the corresponding message editing processing can be carried out by setting a message editing module.
And after the output direction NetFlow module is enabled, the characteristic information of the data flow is used as a NetFlow key word by the output direction data flow processing module, table look-up processing is carried out by using the NetFlow key word, if the characteristic information can be found, updating of NetFlow statistics is further executed, if the characteristic information cannot be found, the data flow is further stored into a NetFlow table entry corresponding to the output direction NetFlow module, or the data flow is stored into a NetFlow table entry shared by the input direction NetFlow modules and given to the output direction NetFlow module, and updating of the NetFlow statistics is executed. By adopting a mode of sharing the NetFlow table entry, namely, the NetFlow table entry corresponding to the NetFlow module is shared by the NetFlow module in the given direction, so that the cache position stored by the NetFlow module in the output direction is flexibly distributed, and the specification of the NetFlow in the output direction is increased.
According to the invention, through a mode of sharing NetFlow table entries, NetFlow table entries are flexibly distributed to an entry direction NetFlow module or an exit direction NetFlow module, so that chip table entry resources are reduced, if the quantity of the NetFlow table entries required by the entry direction NetFlow module is M and the quantity of the NetFlow table entries required by the exit direction NetFlow module is N, if a chip table entry distribution scheme in the prior art is adopted, in the chip design, the table entry design of the NetFlow module is considered that the quantity of the NetFlow table entries corresponding to the entry direction NetFlow module and the exit direction NetFlow module is Max (M, N), 2 xMax (M, N) NetFlow table entries are required, and when the table entry distribution scheme is adopted, only Max (M, N) NetFlow table entries are required, so that the quantity of the NetFlow table entries required by the NetFlow chip is reduced by 50%, the design cost of the chip is reduced, and the network differentiation.
Therefore, the scope of the present invention should not be limited to the disclosure of the embodiments, but includes various alternatives and modifications without departing from the scope of the present invention, which is defined by the claims of the present patent application.

Claims (10)

1. A distribution method of NetFlow chip list item, the NetFlow chip includes the entering direction NetFlow module, the exiting direction NetFlow module and the queue NetFlow module between the entering direction NetFlow module and the exiting direction NetFlow module, characterized in that, the distribution method includes
Enabling a NetFlow function by the entry direction NetFlow module, searching a NetFlow table according to the characteristic information of the data flow, and storing the data flow into a NetFlow table entry corresponding to the entry direction NetFlow module when the data flow is not searched, or storing the data flow into a NetFlow table entry shared by the exit direction NetFlow module and the entry direction NetFlow module;
the output direction NetFlow module enables a NetFlow function, searches a NetFlow table according to the characteristic information of the data flow, and stores the data flow into a NetFlow table entry corresponding to the output direction NetFlow module when the data flow is not searched, or stores the data flow into a NetFlow table entry shared by the input direction NetFlow modules and provided for the output direction NetFlow module.
2. The allocation method according to claim 1,
the entry direction NetFlow module matches the characteristics of the data flow through an entry direction ACL issued by the entry direction forwarding processing module to enable a NetFlow function;
and the output direction NetFlow module matches the characteristics of the data flow through an output direction ACL issued by the output direction forwarding processing module to enable the NetFlow function.
3. The distribution method according to claim 1, wherein the data flow characteristic information is obtained by parsing a packet, and the data flow characteristic information includes a source MAC address, a destination MAC address, a source IP address, a destination IP address, and an IP protocol number.
4. The distribution method according to claim 1, further comprising the step of counting packet loss information occurring in the data message processing process of the queue scheduling and buffering module by the queue NetFlow module and storing the packet loss information in the corresponding NetFlow entry.
5. The distribution method according to claim 1, further comprising the queue NetFlow module counting packet loss information occurring in the data message processing process by the queue scheduling and caching module and storing the packet loss information in a NetFlow entry shared by the ingress NetFlow module to the queue NetFlow module or in a NetFlow entry shared by the egress NetFlow module to the queue NetFlow module.
6. The utility model provides a distribution device of NetFlow chip table entry, NetFlow chip is including entering direction NetFlow chip, going out direction NetFlow chip and locating go into direction NetFlow chip and go out the queue NetFlow chip between the direction NetFlow chip, its characterized in that, the device includes
The entry direction data flow processing module is used for searching a NetFlow table according to the characteristic information of the data flow and storing the data flow into a NetFlow table item shared by an entry direction NetFlow chip and an exit direction NetFlow chip when the data flow is not searched;
and the outgoing direction data flow processing module is used for searching the NetFlow table according to the characteristic information of the data flow and storing the data flow into the NetFlow table shared by the incoming direction NetFlow chip and the outgoing direction NetFlow chip when the data flow is not searched.
7. The dispensing device of claim 6, further comprising
The entry direction NetFlow chip enabling module is used for enabling the entry direction NetFlow module according to the entry direction ACL matched data flow characteristics;
and the output direction NetFlow chip enabling module is used for matching data flow characteristics according to the output direction ACL to enable the output direction NetFlow module.
8. The distribution device according to claim 6, further comprising a parsing module, wherein the data flow characteristic information is obtained by parsing the packet through the packet parsing module, and the data flow characteristic information includes a source MAC address, a destination MAC address, a source IP address, a destination IP address, and an IP protocol number.
9. The dispensing device of claim 6, further comprising
And the first queue data flow processing module is arranged between the incoming direction data flow processing module and the outgoing direction data flow processing module and is used for counting the packet loss information of the queue scheduling and caching module in the data message processing process and storing the packet loss information in the corresponding NetFlow table entry.
10. The dispensing device of claim 6, further comprising
And the second queue data flow processing module is arranged between the incoming direction data flow processing module and the outgoing direction data flow processing module and is used for counting packet loss information generated by the queue scheduling and caching module in the data message processing process and storing the packet loss information in a NetFlow table item shared by the incoming direction NetFlow module and the queue NetFlow table item shared by the outgoing direction NetFlow module.
CN202011538838.8A 2020-12-23 2020-12-23 Distribution method and device for NetFlow chip table entries Pending CN112714114A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011538838.8A CN112714114A (en) 2020-12-23 2020-12-23 Distribution method and device for NetFlow chip table entries

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011538838.8A CN112714114A (en) 2020-12-23 2020-12-23 Distribution method and device for NetFlow chip table entries

Publications (1)

Publication Number Publication Date
CN112714114A true CN112714114A (en) 2021-04-27

Family

ID=75543731

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011538838.8A Pending CN112714114A (en) 2020-12-23 2020-12-23 Distribution method and device for NetFlow chip table entries

Country Status (1)

Country Link
CN (1) CN112714114A (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108259378A (en) * 2017-03-30 2018-07-06 新华三技术有限公司 A kind of message processing method and device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108259378A (en) * 2017-03-30 2018-07-06 新华三技术有限公司 A kind of message processing method and device

Similar Documents

Publication Publication Date Title
JP3645734B2 (en) Network relay device and network relay method
US8130754B2 (en) On-chip and chip-to-chip routing using a processor element/router combination
JP3640299B2 (en) A proposal and response architecture for route lookup and packet classification requests
US8443103B2 (en) Method and system for intelligently forwarding multicast packets
US6683885B1 (en) Network relaying apparatus and network relaying method
JP3734704B2 (en) Packet classification engine
US7830892B2 (en) VLAN translation in a network device
US8040889B2 (en) Packet forwarding device
CN100553199C (en) Method of realizing group broadcasting, system and equipment based on the PCIE switching network
JP4182180B2 (en) Network relay device and network relay method
CN101616094A (en) The acquisition methods of message forwarding path and equipment
CN101341692B (en) Admission control using backup link based on access network in Ethernet
CN102014065A (en) Method for analyzing packet headers, header analysis preprocessing device and network processor
CN112968843B (en) Multi-path transmission control system and method based on SDN
US8488489B2 (en) Scalable packet-switch
CN107528794B (en) Data processing method and device
JP3645735B2 (en) Network relay device and network relay method
US20050063379A1 (en) Apparatus and method for traffic profiling in a massively parallel router
CN112714114A (en) Distribution method and device for NetFlow chip table entries
CN110601924A (en) Message sending method and device
WO2022152230A1 (en) Information flow identification method, network chip, and network device
CN113518046B (en) Message forwarding method and frame type switching equipment
JP2000312225A (en) Packet repeater
US20060002394A1 (en) Route computing system
EP4376375A1 (en) Packet mirroring method, apparatus, and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 215101 unit 13 / 16, 4th floor, building B, No. 5, Xinghan street, Suzhou Industrial Park, Jiangsu Province

Applicant after: Suzhou Shengke Communication Co.,Ltd.

Address before: Unit 13 / 16, 4th floor, building B, No.5 Xinghan street, Suzhou Industrial Park, 215000 Jiangsu Province

Applicant before: CENTEC NETWORKS (SUZHOU) Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210427