CN112929281B - Message processing method, device and equipment of network equipment based on FPGA - Google Patents
Message processing method, device and equipment of network equipment based on FPGA Download PDFInfo
- Publication number
- CN112929281B CN112929281B CN202110158186.3A CN202110158186A CN112929281B CN 112929281 B CN112929281 B CN 112929281B CN 202110158186 A CN202110158186 A CN 202110158186A CN 112929281 B CN112929281 B CN 112929281B
- Authority
- CN
- China
- Prior art keywords
- message
- table lookup
- information
- space
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 17
- 238000000034 method Methods 0.000 claims abstract description 29
- 238000004364 calculation method Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 8
- 230000003068 static effect Effects 0.000 claims description 2
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 16
- 230000009191 jumping Effects 0.000 description 11
- 230000006870 function Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 108700026140 MAC combination Proteins 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011217 control strategy Methods 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
- H04L45/74591—Address table lookup; Address filtering using content-addressable memories [CAM]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses a message processing method, a message processing device and message processing equipment of network equipment based on an FPGA (field programmable gate array). The method comprises the following steps: receiving a message; decoding the message according to a pre-configured decoding logic, and extracting target metadata corresponding to the message; performing table lookup operation according to the target metadata and pre-configured table lookup logic, and processing the message according to a table lookup hit result; wherein the decoding logic and the table lookup logic are configured through a driver of the FPGA. The technical scheme improves the flexibility of the FPGA-based network equipment for decoding and table look-up operation of the message, and can quickly respond to various complex requirements for decoding and table look-up operation of the message.
Description
Technical Field
The embodiment of the invention relates to the technical field of communication, in particular to a message processing method, a message processing device and message processing equipment of network equipment based on an FPGA (field programmable gate array).
Background
With the development of internet technology, FPGAs (Field Programmable Gate arrays) are increasingly applied in the fields of data communication and network security by virtue of their strong programming capability and high working performance. FPGAs have higher performance advantages than multi-core MIPS (microprocessors Without internal Interlocked Pipelined Stages), and have more flexible programmable characteristics than ASICs (Application Specific Integrated circuits). When the FPGA processes the network packet, it can implement complex functions such as session management, ACL (Access Control Lists), keyword retrieval, etc. which are usually required to be completed on a Central Processing Unit (CPU).
Currently, when a network device processes a packet, a Pipeline (Pipeline) mode is usually adopted, and may include operation steps of packet decoding, ACL table lookup, stream management, packet sending, and the like. After the network equipment based on the FPGA is deployed and on-line, if a new protocol appearing in the network needs to be analyzed or a new ACL needs to be queried, the FPGA needs to rewrite a source code and write a program, and the time consumption is long. Therefore, how to improve the flexibility of the network device based on the FPGA for performing decoding and table lookup operations on the packet and quickly respond to various complex requirements when performing decoding and table lookup operations on the packet is a problem to be solved urgently.
Disclosure of Invention
The embodiment of the invention provides a message processing method, a message processing device and message processing equipment of network equipment based on an FPGA (field programmable gate array), which are used for improving the flexibility of the network equipment based on the FPGA for decoding and table look-up operation of a message and quickly responding to various complex requirements for decoding and table look-up operation of the message.
In a first aspect, an embodiment of the present invention provides a method for processing a packet of a network device based on an FPGA, including:
receiving a message;
decoding the message according to a pre-configured decoding logic, and extracting target metadata corresponding to the message;
performing table look-up operation according to the target metadata and pre-configured table look-up logic, and processing the message according to a table look-up hit result;
wherein the decoding logic and the table lookup logic are configured through a driver of the FPGA.
In a second aspect, an embodiment of the present invention further provides a packet processing apparatus for a network device based on an FPGA, including:
the message receiving module is used for receiving a message;
the message decoding module is used for decoding the message according to a preconfigured decoding logic and extracting target metadata corresponding to the message;
the table look-up module is used for performing table look-up operation according to the target metadata and pre-configured table look-up logic and processing the message according to a table look-up hit result;
wherein the decoding logic and the look-up table logic are configured via a driver of the FPGA.
In a third aspect, an embodiment of the present invention further provides a network device, including a memory, a processor, and a computer program that is stored in the memory and is executable on the processor, where the processor implements the message processing method of the FPGA-based network device according to any embodiment of the present invention when executing the program.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a message processing method of an FPGA-based network device according to any embodiment of the present invention.
In the technical scheme provided by the embodiment of the invention, after the message of the network equipment based on the FPGA is received, the message is decoded according to the decoding logic preconfigured through the driving program of the FPGA, the target metadata corresponding to the message is extracted, then the table lookup operation is carried out according to the table lookup logic preconfigured through the driving program of the FPGA according to the target metadata, and the message is processed according to the table lookup hit result, so that the flexibility of the network equipment based on the FPGA for decoding and table lookup operation of the message is improved, and various complex requirements of the message during decoding and table lookup operation can be quickly responded.
Drawings
Fig. 1 is a schematic flowchart of a message processing method of a network device based on an FPGA according to a first embodiment of the present invention;
fig. 2a is a schematic flowchart of a message processing method of a network device based on an FPGA according to a second embodiment of the present invention;
fig. 2b is a schematic diagram of a hierarchical relationship between protocols related to a message in the second embodiment of the present invention;
fig. 3 is a schematic flowchart of a message processing method of a network device based on an FPGA according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of a message processing apparatus of a network device based on an FPGA according to a fourth embodiment of the present invention;
fig. 5 is a schematic hardware structure diagram of a network device in the fifth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the operations (or steps) as a sequential process, many of the operations can be performed in parallel, concurrently or simultaneously. In addition, the order of the operations may be re-arranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
Example one
Fig. 1 is a flowchart of a method for processing a message of a network device based on an FPGA according to an embodiment of the present invention, where the method is applicable to a situation where a message of the network device based on the FPGA is decoded and subjected to table lookup, and the method may be executed by a message processing apparatus of the network device based on the FPGA according to an embodiment of the present invention, and the apparatus may be implemented in a software and/or hardware manner, and may be generally integrated in a network device, such as an intelligent network card or a convergence splitter.
As shown in fig. 1, the method for processing a packet of a network device based on an FPGA provided in this embodiment specifically includes:
and S110, receiving the message.
The message is used for the network equipment based on the FPGA to exchange and transmit data information in the network.
S120, decoding the message according to the pre-configured decoding logic, and extracting the target metadata corresponding to the message.
And the decoding logic is used for analyzing the protocol of the message and the fields related to the protocol. The decoding logic is configured through a driver of the FPGA.
Illustratively, the decoding logic is as follows: when the protocol number of the message is 0x8100, the message can be decoded into a Virtual Local Area Network (VLAN) ID, and the field related to the protocol can be the VLAN ID; when the Protocol number of the message is 0x0800, the message can be decoded into IPV4 (Internet Protocol Version 4 ), and the fields related to the Protocol may be a source IP address, a destination IP address, and a transport layer Protocol number; when the transport layer Protocol number of the packet is 0x06, the packet may be decoded to TCP (Transmission Control Protocol), and fields related to the Protocol may be a source port and a destination port.
And decoding the message, namely analyzing the protocol of the message and fields related to the protocol according to the preconfigured decoding logic.
The target metadata, i.e., metadata, refers to data for describing a packet, and may exemplarily take quintuple information (i.e., a source IP address, a destination IP address, a source port, a destination port, and a transport layer protocol number) of the extracted packet as the target metadata corresponding to the packet.
In the embodiment of the present invention, when extracting the target metadata corresponding to the packet, in addition to the conventional quintuple information, a VLAN ID and the like may be added. For example, when the extracted target metadata is VLAN ID and five-tuple information, the field information may be stored in the form shown in table 1, that is, in the form of an address offset (unit: byte) of the field from the start address and a field length (unit: byte).
TABLE 1
When the message passes through network devices such as a router or a convergence splitter, the message can be decoded according to decoding logic pre-configured in the network devices, and the value of the extracted message field is used as target metadata corresponding to the message. When a certain protocol is added or deleted, a driver can be manually configured to adjust decoding logic, namely the decoding logic of a message is adjusted through the driver of the FPGA, so that the FPGA-based network equipment can adapt to the application requirement of adding or deleting the certain protocol, the decoding operation of the message is completed by adopting the matched decoding logic, the problem that the FPGA-based network equipment needs to burn codes again is solved, the FPGA-based network equipment does not need to be restarted, the multiplexing of a software module in the software development process is facilitated, the flexibility of decoding the message based on the FPGA is improved, the use scene of the FPGA-based network equipment is expanded, and therefore various complex requirements for decoding the message can be responded quickly.
S130, performing table lookup operation according to the target metadata and pre-configured table lookup logic, and processing the message according to the table lookup hit result.
And the table look-up logic refers to a strategy adopted when ACL table look-up is carried out according to target metadata corresponding to the message. Wherein, the table look-up logic is configured through a drive program of the FPGA.
The result of table lookup and hit refers to a result obtained by performing ACL table lookup according to the target metadata, and is used for determining a processing or forwarding manner of the packet.
Processing the message according to the table lookup hit result refers to forwarding or outputting the message from the designated port according to the table lookup hit result, or directly discarding the filtered message.
And after the message enters the network equipment of the FPGA and is decoded, querying a corresponding ACL (access control list) according to the extracted target metadata according to the pre-configured table look-up logic, for example, querying the ACL corresponding to the quintuple, and processing the message or forwarding the message according to the table look-up hit result of the ACL. When the network device is started, the ACL is already configured in the system in advance, that is, a five-tuple table or a two-tuple (namely, a source IP address and a destination IP address) table is already solidified in a logic code of the network device based on the FPGA, and in some application scenarios, because the logic code of the FPGA cannot determine that several ACLs exist in the current system and how to perform ACL table lookup, a table lookup logic mode can be configured through a driver of the FPGA to solve the problem that different application scenarios require different ACLs. Furthermore, when the ACL is updated or increased, the message table look-up logic can be adjusted through the FPGA driving program, so that the FPGA-based network equipment can adapt to the application requirement of updating or increasing the ACL, the table look-up operation on the message is completed by adopting the matched table look-up logic, the problem that the FPGA-based network equipment needs to burn codes again is solved, the multiplexing of a software module in the software development process is facilitated, the flexibility of the FPGA-based table look-up is improved, the use scene of the FPGA-based network equipment is expanded, and various complex requirements of the message during the table look-up operation can be responded quickly.
According to the technical scheme provided by the embodiment of the invention, after the message of the network equipment based on the FPGA is received, the message is decoded according to the decoding logic preconfigured through the driving program of the FPGA, the target metadata corresponding to the message is extracted, then the table lookup operation is carried out according to the table lookup logic preconfigured through the driving program of the FPGA according to the target metadata, and the message is processed according to the table lookup hit result, so that the flexibility of the network equipment based on the FPGA for carrying out the decoding and table lookup operation on the message is improved, and various complex requirements of the message during the decoding and table lookup operation can be quickly responded. The technical scheme can be applied to various network devices of the FPGA, such as a convergence shunt, an intelligent network card and the like, and the application scene of the network device based on the FPGA is greatly expanded.
Example two
Fig. 2a is a flowchart of a message processing method of a network device based on an FPGA according to a second embodiment of the present invention. The embodiment is embodied on the basis of the above embodiment, wherein the decoding may be performed on the packet according to a preconfigured decoding logic, and the extracting target metadata corresponding to the packet specifically includes:
decoding the message according to the protocol information preconfigured in the TCAM, the offset address information of the next protocol head preconfigured in the SRAM and the field information to be extracted, and extracting target metadata corresponding to the message;
the information rows in the TCAM and the SRAM are in one-to-one correspondence.
As shown in fig. 2a, the method for processing a packet of a network device based on an FPGA according to this embodiment specifically includes:
s210, receiving a message.
S220, decoding the message according to the protocol information preconfigured in the TCAM, the offset address information of the next protocol head preconfigured in the SRAM and the field information to be extracted, and extracting the target metadata corresponding to the message.
When decoding a message, it is usually necessary to decode the message layer by layer from a bottom layer Protocol to an upper layer Protocol, for example, after the MAC (Media Access Control) layer Protocol is decoded, the MAC (Media Access Control) layer Protocol continues to decode the upper layer Protocol (i.e., the next Protocol to be skipped to) VLAN Protocol, IPV4 or IPV6 (Internet Protocol Version 6) corresponding to the MAC layer Protocol until the top layer Protocol is decoded.
In the embodiment of the present invention, a manner of querying a TCAM (Ternary Content Addressable Memory) is adopted to implement jump between protocols, and considering that although the TCAM supports mask parallel query and has high query efficiency, due to a problem of small storage capacity, offset address information and to-be-extracted field information of a next protocol header are placed in an SRAM (Static Random-Access Memory) for storage in the embodiment of the present invention.
The TCAM is mainly used for searching protocol features of certain messages, and further, data contents to be searched can be extracted from the messages. Wherein, the information rows in the TCAM and the SRAM are in one-to-one correspondence.
The protocol information may be a protocol number corresponding to each protocol layer.
The offset address information of the next protocol header refers to an address offset of the next protocol header address relative to the current protocol header address when jumping from the current layer protocol to the upper layer protocol corresponding to the current layer.
The field information to be extracted refers to the address offset and the field length of each field corresponding to the target metadata.
And after receiving the network message, skipping among protocols according to the protocol information preconfigured in the TCAM and the offset address information of the next protocol head preconfigured in the SRAM, and extracting target metadata corresponding to the message according to the field information to be extracted preconfigured in the SRAM.
Optionally, each information line in the TCAM may include: a protocol number and a current state value; each information row in the SRAM can comprise: offset address information of the next protocol header, next table look-up field information, next state value, number of fields to be extracted, and information of each field to be extracted.
The state value refers to addressing information corresponding to each layer of protocol, and can be used for indicating a message to jump among protocols, the range of the state value is 1 to 255, the state value 1 represents a state value for starting addressing, the state value 255 represents a state value for ending addressing, the current state value refers to a state value corresponding to a protocol number of a current layer, and the next state value refers to a state value corresponding to a protocol number of a next layer which is jumped; the next table lookup field information is used to find the protocol information configured in the TCAM by the next layer protocol of the jump, and may include the address offset (the number of offset bits relative to the current protocol header address) of the next table lookup field and the length of the next table lookup field (i.e. the number of bits occupied by the next layer protocol number of the jump); the number of the fields to be extracted refers to the number of the fields in the message to be extracted; each field information to be extracted may include an address offset (offset bit number with respect to the current protocol header address) of each field to be extracted and a length of each field to be extracted.
For example, assuming that there are n fields to be extracted, the information row contents in the TCAM and the SRAM and the number of bits (bit, abbreviated as b) occupied by each information are respectively shown in table 2 and table 3, where a key word of a TCAM may include an address offset of a next table lookup field and a next state value, and a protocol information configured in the TCAM by a next layer protocol when a packet jumps from a current layer protocol to the next layer protocol may be determined by using a TCAM key word occupying 24 bits (i.e., 3 bytes), so as to solve a problem of how to determine protocol information corresponding to the next layer protocol to which the packet jumps in a layer-by-layer decoding process of the packet by a bottom layer protocol to a top layer protocol.
TABLE 2
TABLE 3
It should be noted that the content included in each information line of the TCAM and the SRAM may be issued or deleted by a driver of the FPGA, that is, when the message is decoded, if the decoding of a certain protocol needs to be added or deleted, the content included in each information line of the TCAM and the SRAM may be dynamically modified by the driver of the FPGA without restarting the device or burning the code again.
As a specific implementation, S220 may specifically include the following operations S221-S224:
s221, querying the TCAM according to the Ethernet protocol number of the message, and taking an information line matched with the Ethernet protocol number in the TCAM as a current information line of the TCAM.
Wherein, the Ethernet protocol number refers to a protocol number corresponding to a bottom MAC protocol of the message; the current query TCAM information line refers to an information line in the TCAM corresponding to a protocol currently decoded by a message, for example, when the message is decoding a bottom layer protocol MAC, the current query TCAM information line corresponds to the MAC; when the message jumps from the MAC to the upper layer protocol VLAN, the message decodes the VLAN, and the information row corresponding to the VLAN is inquired at present according to the TCAM information behavior.
It should be noted that, when querying the TCAM according to the ethernet protocol number of the message, the next layer protocol of the jump may be determined according to the ethertype protocol number.
For example, in the hierarchical relationship between protocols related to the packet provided in fig. 2b, when decoding a protocol number of a bottom layer protocol (i.e., MAC), if the Ether _ Type protocol number is 0x8100, the next layer protocol to be skipped is VLAN; if the Ether _ Type protocol number is 0x0800, the next layer of protocol to be jumped is IPV4; if the Ether _ Type protocol number is 0x86dd, then the next layer protocol for the jump is IPV6.
S222, extracting a field value corresponding to the message according to the number of fields to be extracted in the target information row in the SRAM matched with the current query TCAM information row and the information of each field to be extracted.
The target information line refers to an information line in the SRAM corresponding to the current query TCAM information line. When extracting the field value corresponding to the packet, the field value may be extracted into the target metadata, and each extracted field may be arranged according to the arrangement manner in table 1.
S223, jumping to the next information row in the TCAM according to the next table look-up field information and the next state value in the target information row in the SRAM, and taking the next table look-up field information and the next state value as the current information row for inquiring the TCAM.
According to the next table look-up field information and the next state value in the target information row in the SRAM, the corresponding upper layer protocol number when the message jumps from the current protocol layer to the next protocol layer can be determined, and then the information row matched with the upper layer protocol number is used as the current TCAM information row.
And S224, returning to execute the step S222 until the information line jump operation can not be carried out according to the next table lookup field information and the next state value in the target information line in the SRAM.
And judging whether the information row skipping operation can be carried out or not according to the next table look-up field information and the next state value in the target information row in the SRAM. If the information row skipping operation can be carried out, returning to execute S222, namely extracting field values corresponding to the message according to the number of fields to be extracted in the target information row in the SRAM matched with the current query TCAM information row and the information of each field to be extracted; if the information line skip operation can not be carried out, the message is indicated to be skipped to the uppermost protocol layer, at the moment, the message decoding operation is finished, and the information line skip operation is not carried out any more.
Optionally, whether the message decoding operation is completed may be determined according to a next state value in the target information row in the SRAM. For example, when the next state value in the target information line in the SRAM is 255 (indicating end of addressing), it is determined that the message decoding is completed, and the information line skip operation is not performed any more.
In a specific embodiment, for the hierarchical relationship between protocols involved in the message provided in fig. 2b, it is assumed that the preconfigured decoding logic is as follows:
(1) Judging the Ether _ Type protocol number, if the Ether _ Type protocol number is 0x8100, the next layer protocol for decoding and jumping is VLAN, the field to be extracted is a relevant field of VLAN ID, and the key words (namely the offset of the next table look-up field and the next state value) of the next TCAM are VLAN protocol numbers; if the Ether _ Type protocol number is 0x0800, the next layer protocol for decoding and jumping is IPV4, the fields to be extracted are the source IP address, the destination IP address and the relevant fields of the transport layer protocol number, and the keyword of the next TCAM is the transport layer protocol number; if the Ether _ Type protocol number is 0x86dd, the next layer protocol for decoding and jumping is IPV6, the field to be extracted is the source IP address, the destination IP address and the relevant field of the transport layer protocol number, and the keyword of the next TCAM is the transport layer protocol number;
(2) When the keyword of the next TCAM is the VLAN protocol number, if the VLAN protocol number is 0x0800, the next layer protocol for decoding and jumping is IPV4, the field to be extracted is the source IP address, the target IP address and the relevant field of the transport layer protocol number, and the keyword of the next TCAM is the transport layer protocol number; if the VLAN protocol number is 0x86dd, the next layer protocol for decoding and jumping is IPV6, the field to be extracted is the source IP address, the destination IP address and the relevant field of the transport layer protocol number, and the keyword of the next TCAM is the transport layer protocol number;
(3) When the next key word of the TCAM is a transport layer protocol number, if the transport layer protocol number is 0x06, the next layer protocol for decoding and jumping is TCP, the field to be extracted is a relevant field of a source port and a destination port, and the protocol jumping of the message is ended; if the transport layer Protocol number is 0x11, the next layer Protocol for decoding and skipping is UDP (User Datagram Protocol), the fields to be extracted are related fields of the source port and the destination port, and the Protocol skipping of the message is ended.
Based on the preconfigured decoding logic, assuming that the hierarchy between protocols related to a certain message is MAC-VLAN-IPV4-UDP, in the decoding logic configured by the FPGA driver, the contents in the TCAM and the SRAM are automatically issued by the FPGA driver, and the issued results are shown in tables 4 and 5, respectively.
TABLE 4
TABLE 5
It should be noted that the decoding has been started from the protocol header of the MAC by default in table 4, i.e. the first 14 bytes of the message: the destination MAC address (i.e., DA, takes 6 bytes), the source MAC address (i.e., SA, takes 6 bytes), and the upper layer protocol Type (i.e., ether _ Type, takes 2 bytes) indicating the MAC layer are initial state values, and do not need to be written into the TCAM, so the decoding logic starts to decode the packet from the VLAN protocol layer. The specific decoding process is as follows:
querying a TCAM according to a VLAN protocol number of a message, and taking an information line matched with the VLAN protocol number in the TCAM as a current queried TCAM information line (namely a first line of the TCAM in a table 4), wherein the meanings of fields in the TCAM are respectively a protocol number and a current state value, the meanings of the fields in the SRAM are respectively that the offset address information of a next protocol head relative to the current protocol head is 32 bits, the address offset of a next table lookup field relative to the current protocol head is 16 bits, the length of the next table lookup field is 2, the number of the fields to be extracted is 1, the address offset of the fields to be extracted relative to the current protocol head is 4 bits, and the length of the fields to be extracted is 12 bits; extracting field values corresponding to the messages according to the number of fields to be extracted in a target information row (namely a first row of the SRAM in the table 5) in the SRAM matched with the current query TCAM information row and the information of each field to be extracted, namely extracting the related field values of the VLAN ID, wherein the address offset of the VLAN ID relative to the current protocol header is 4 bits, and the field length is 12 bits; jumping to the next information row in the TCAM according to the next table look-up field information (namely, the address offset relative to the current protocol header is 16 bits and the table look-up field length is 16 bits) and the next state value 2 in the first row of the SRAM, and taking the next information row as the current query TCAM information row (namely, the second row of the TCAM in the table 4); returning to execute the operation of extracting the field value corresponding to the message according to the number of the fields to be extracted in the target information line (namely the second line of the SRAM in the table 5) in the SRAM matched with the current query TCAM information line and the information of each field to be extracted, namely extracting the relevant field values of a source IP address, a destination IP address and a transport layer protocol number, wherein the address offset of the source IP address relative to the current protocol header is 96 bits, the field length is 32 bits, the address offset of the destination IP address relative to the current protocol header is 128 bits, the field length is 32 bits, the address offset of the transport layer protocol number relative to the current protocol header is 72 bits, and the field length is 8 bits; jumping to the next information row in the TCAM according to the next table look-up field information (namely the address offset relative to the current protocol header is 72 bits and the table look-up field length is 8 bits) and the next state value 3 in the second row of the SRAM, and taking the next information row as the current queried TCAM information row (namely the fifth row of the TCAM in the table 4); returning to execute the operation of extracting the field values corresponding to the messages according to the number of the fields to be extracted in the target information row (namely the fifth row of the SRAM in the table 5) in the SRAM matched with the current query TCAM information row and the information of each field to be extracted, namely extracting the relevant field values of the source port and the destination port, wherein the address offset of the source port relative to the current protocol header is 0bit, the field length is 16bit, the address offset of the destination port relative to the current protocol header is 16bit, and the field length is 16bit; according to the next table look-up field information (namely the address offset relative to the current protocol header is 0bit and the table look-up field length is 0 bit) and the next state value 255 (representing the state value of ending addressing) in the fifth line of the SRAM, it can be determined that the message can not continue the information line skip operation, so the message decoding is ended.
According to the pre-configured decoding logic, the message is subjected to three times of TCAM information line skip operation, the message is decoded, and target metadata corresponding to the message, namely VLAN ID, source IP address, destination IP address, source port, destination port and transport layer protocol number, is extracted.
It should be noted that, in the contents of the SRAM provided in table 5, the third row and the fourth row respectively correspond to IPV6 (IPV 4 corresponding to the second row is located in the same protocol layer) and TCP (UDP corresponding to the fifth row is located in the same protocol layer), and since it is assumed that the hierarchical relationship between protocols related to a certain message is MAC-VLAN-IPV4-UDP, the contents of the SRAM corresponding to IPV6 and TCP are not listed in detail in this embodiment.
And S230, performing table lookup operation according to the target metadata and pre-configured table lookup logic, and processing the message according to a table lookup hit result.
For those parts of this embodiment that are not explained in detail, reference is made to the aforementioned embodiments, which are not repeated herein.
According to the technical scheme, after a message of the FPGA-based network equipment is received, according to decoding logic pre-configured through a drive program of the FPGA, a TCAM is inquired according to an Ethernet protocol number of the message, information row skip operation is carried out according to offset address information of a next protocol head in a target information row in an SRAM, target metadata corresponding to the message is extracted, then table lookup operation is carried out according to the target metadata according to the table lookup logic, the message is processed according to a table lookup hit result, the flexibility of the FPGA-based network equipment for decoding and table lookup operation on the message is improved, and various complex requirements for decoding and table lookup operation on the message can be responded quickly.
EXAMPLE III
Fig. 3 is a flowchart of a method for processing a message of a network device based on an FPGA according to a third embodiment of the present invention. The embodiment is embodied on the basis of the above embodiment, wherein the table lookup operation may be performed according to pre-configured table lookup logic according to the target metadata, and the processing of the packet according to the table lookup hit result specifically includes:
sequentially selecting a table lookup space as a current table lookup space according to the priority order;
selecting matching fields from the target metadata to perform table lookup operation according to the description information of the current table lookup space;
if the table lookup result in the current table lookup space is not hit, returning to the operation of sequentially selecting one table lookup space as the current table lookup space according to the priority order until the table lookup result in the current table lookup space is hit or all the table lookup spaces are selected;
if the table lookup result in the current table lookup space is hit, the message is processed according to the table lookup result.
As shown in fig. 3, the method for processing a packet of a network device based on an FPGA according to this embodiment specifically includes:
s310, receiving the message.
S320, decoding the message according to the pre-configured decoding logic, and extracting the target metadata corresponding to the message.
S330, selecting a table lookup space as the current table lookup space in sequence according to the priority order.
The priority order refers to an arrangement order of each table lookup space, and generally, the priority of the table lookup space including more default elements is higher, and the priority order may also be customized according to a user requirement.
The table lookup space corresponds to a section of space in a Block Random Access Memory (BRAM) in the Field Programmable Gate Array (FPGA), and the table lookup space includes each ACL table corresponding to the configured table lookup logic. The current table lookup space is the one in which the table lookup operation is currently being performed.
And when the message enters the FPGA-based network equipment and is decoded, sequentially selecting a table lookup space as the current table lookup space according to the priority order.
S340, according to the description information of the current table look-up space, selecting a matching field from the target metadata to perform table look-up operation.
The description information is used for describing field information required when table lookup operation is carried out according to the table lookup space.
As an alternative embodiment, the table lookup space may at least include: IPV4 five-tuple table lookup space, IPV4 two-tuple table lookup space and IPV4 source IP address table lookup space. The table lookup space may also include other types of table lookup spaces, which is not specifically limited in this embodiment. For example, an example of the composition of a table lookup space provided in this embodiment can be shown in table 6.
TABLE 6
| PV4 five-tuple table lookup space | IPV4 two-tuple table look-up space | IPV4 source IP address table look-up space | … |
The metadata corresponding to the IPV4 five-tuple table lookup space comprises a source IP address (SrcIP), a destination IP address (DstIP), a source port (SrcPort), a destination port (DstIPort) and a transport layer protocol number (Proto); the metadata corresponding to the IPV4 two-tuple table look-up space comprises a source IP address and a destination IP address; the metadata corresponding to the IPV4 source IP address lookup space includes the source IP address.
For example, when the current table lookup space is an IPV4 five-tuple table lookup space, the matching fields selected in the target metadata are the source IP address, the destination IP address, the source port, the destination port, and the transport layer protocol number; when the current table look-up space is an IPV4 two-tuple table look-up space, the matching fields selected in the target metadata are the source IP address and the target IP address.
And S350, judging whether the table lookup hit result in the current table lookup space is not hit, if so, executing S360, and otherwise, executing S380.
When selecting a matching field from the target metadata for table lookup operation according to the description information of the current table lookup space, if a matched ACL can be found in the current table lookup space according to the field value of the matching field, judging that the table lookup hit result in the current table lookup space is hit, and then executing S370; if the matched ACL cannot be found in the current table lookup space according to the field value of the matching field, it is determined that the table lookup hit result in the current table lookup space is a miss, and then S360 is performed.
And S360, judging whether all the table searching spaces are selected, if so, executing S370, otherwise, executing S330.
If all the table look-up spaces are selected, the table look-up operation is finished; if not, returning to execute S330, re-selecting one table lookup space as the current table lookup space according to the priority order, selecting matching fields in the target metadata for table lookup operation according to the description information of the re-selected current table lookup space, and judging whether the table lookup hit result in the re-selected current table lookup space is hit.
And S370, ending the table look-up operation.
It should be noted that, after all the table lookup spaces are selected, if the table lookup hit result is still a miss, the message may be processed according to a default processing policy, which is not specifically limited in the embodiment of the present invention.
And S380, processing the message according to the table lookup hit result.
When the table lookup result in the current table lookup space is hit, the message can be subjected to subsequent processing according to the table lookup result, that is, the message is subjected to subsequent processing according to the corresponding access control strategy in the hit ACL.
As an optional embodiment, selecting a matching field in the target metadata to perform a table lookup operation may include: selecting a matching field from the target metadata, and performing hash calculation on the field value of the matching field to obtain a target hash value corresponding to the matching field; if the target hash bucket is found according to the target hash value and the target hash value hits a target node on a hash chain on the target hash bucket, determining that a table lookup hit result in the current table lookup space is hit;
processing the message according to the table lookup hit result may include: and processing the message according to the access control rule corresponding to the target node.
The field value of the matching field refers to the content corresponding to the matching field in the target metadata extracted according to the description information of the current table lookup space.
The target hash value refers to a result obtained by splicing matching field values in the target metadata and then calculating through a hash function.
And the hash bucket is used for searching the access control rule corresponding to the message according to the target hash value. The target hash bucket refers to a hash bucket that matches the target hash value.
At least one node may be included in one hash chain, where each node corresponds to a matching field value in a set of target metadata to be subjected to hash calculation, and the field values of the matching fields corresponding to each node in one hash chain are the same as target hash values obtained after the hash calculation is performed.
And the target node refers to a node which can be matched with a matching field value in the target metadata selected according to the description information of the current table lookup space on the hash chain on the target hash bucket.
The access control rule refers to the specific requirements of operations such as processing or forwarding messages in the ACL. For example, when the result of the hit of the ACL query in the current table lookup space is a hit, if the access control rule corresponding to the ACL indicates that the attack object in the packet is to be analyzed, the packet may be forwarded to the designated port for analysis of the attack object.
Optionally, the description information of the table lookup space may include: table look-up space address (namely initial address of ACL in storage structure), hash bucket number (namely node number of hash bucket), field information to be hash-calculated; the field information to be subjected to hash calculation may further include: the number of fields to be hashed, the field offset address information (metadata _ offset) in the destination metadata, the field offset address information (hash _ offset) in the hash value, and the field length (len) in the destination metadata and the hash value.
According to the field address offset and the field length corresponding to the quintuple information extracted in table 1, when the table lookup space is shown in table 6, the description information of the IPV4 quintuple table lookup space, the IPV4 two-tuple table lookup space, and the IPV4 source IP address table lookup space may be shown in table 7, table 8, and table 9, respectively, where the table lookup space address and the number of hash buckets are not listed in detail in this embodiment.
TABLE 7
TABLE 8
TABLE 9
| Looking up spatial addresses | * |
| Number of hash buckets | * |
| Number of fields to be subjected to hash calculation | hash _ data field number =1 |
| Field information to be subjected to Hash calculation | SrcIP:metadata_offset=2,hash_offset=0,len=4 |
When the matched ACL is searched in the table lookup space, a matching field is selected from the target metadata according to the description information of the current table lookup space, the field value of the matching field is used as a target keyword, the field values of the matching field are spliced and then a target hash value corresponding to the field value of the matching field is obtained through hash function calculation, because the field values of different matching fields (such as the field values corresponding to two groups of different quintuple information) are calculated by using the same hash function, the obtained target hash values are possibly the same, when the target hash bucket is searched according to the target hash value, hash collision processing is required to be carried out, namely, the matching field is compared with the target node on the hash chain on the target hash bucket, if the matching can be carried out, the target hash value hits the target node on the hash chain on the target hash bucket, the hit result in the current table lookup space is determined to be hit, and further the message can be subsequently processed according to the access control rule corresponding to the target node.
Optionally, if the target hash bucket is not found according to the target hash value, or the target hash bucket is found according to the target hash value and the target hash value does not hit the target node on the hash chain on the target hash bucket, returning to the operation of sequentially selecting one table lookup space as the current table lookup space according to the priority order until the table lookup hit result in the current table lookup space is hit, or selecting all table lookup spaces.
If the target hash bucket is not found after all the table look-up spaces are selected, or the target hash bucket is found and the target hash value does not hit the target node on the hash chain on the target hash bucket, the table look-up hit result in the current table look-up space is not hit.
For those parts of this embodiment that are not explained in detail, reference is made to the aforementioned embodiments, which are not repeated herein.
According to the technical scheme, after the message enters the FPGA-based network equipment and is decoded, the current table lookup space is selected, the matching field is selected from the target metadata according to the description information of the current table lookup space to perform table lookup operation, when the table lookup hit result in the current table lookup space is hit, the message is processed according to the table lookup hit result, and the table lookup logic is determined according to the configuration information issued by the FPGA driving program, so that the flexibility of table lookup operation of the FPGA-based network equipment on the message is improved, and various complex requirements of the message during the table lookup operation can be responded quickly.
Example four
Fig. 4 is a schematic structural diagram of a message processing apparatus of a network device based on an FPGA according to a fourth embodiment of the present invention, where the embodiment of the present invention is applicable to a situation where a message of the network device based on the FPGA is decoded and subjected to table look-up operation, and the apparatus may be implemented in a software and/or hardware manner, and may be generally integrated in a network device, for example, an intelligent network card or a convergence splitter, etc.
As shown in fig. 4, the apparatus for processing a message of a network device based on an FPGA specifically includes: a message receiving module 410, a message decoding module 420 and a table lookup module 430. Wherein,
a message receiving module 410, configured to receive a message;
a message decoding module 420, configured to decode the message according to a preconfigured decoding logic, and extract target metadata corresponding to the message;
a table look-up module 430, configured to perform table look-up operation according to the target metadata and according to a pre-configured table look-up logic, and process the packet according to a table look-up hit result;
wherein the decoding logic and the table lookup logic are configured through a driver of the FPGA.
According to the technical scheme provided by the embodiment of the invention, after the message of the network equipment based on the FPGA is received, the message is decoded according to the decoding logic preconfigured through the driving program of the FPGA, the target metadata corresponding to the message is extracted, then the table look-up operation is carried out according to the table look-up logic preconfigured through the driving program of the FPGA according to the target metadata, and the message is processed according to the table look-up hit result, so that the flexibility of the message decoding and table look-up operation of the network equipment based on the FPGA is improved, and various complex requirements of the message in the decoding and table look-up operation can be quickly responded.
As an optional implementation manner, the message decoding module 420 is specifically configured to: decoding the message according to the protocol information preconfigured in the TCAM, the offset address information of the next protocol head preconfigured in the SRAM and the field information to be extracted, and extracting the target metadata corresponding to the message;
and the TCAM and the information rows in the SRAM are in one-to-one correspondence.
Optionally, each information line in the TCAM includes: a protocol number and a current state value; each information row in the SRAM comprises: offset address information of the next protocol header, next table look-up field information, next state value, number of fields to be extracted, and information of each field to be extracted.
Optionally, the message decoding module 420 is specifically configured to: inquiring the TCAM according to the Ethernet protocol number of the message, and taking an information line matched with the Ethernet protocol number in the TCAM as a current information line of the inquired TCAM; extracting a field value corresponding to the message according to the number of fields to be extracted in the target information row in the SRAM matched with the current query TCAM information row and the information of each field to be extracted; skipping to the next information row in the TCAM according to the next table look-up field information and the next state value in the target information row in the SRAM as the current information row for inquiring the TCAM; and returning to execute the operation of extracting the field value corresponding to the message according to the number of the fields to be extracted in the target information row in the SRAM matched with the current query TCAM information row and the information of each field to be extracted until the information row skip operation can not be performed according to the next table look-up field information and the next state value in the target information row in the SRAM.
As another alternative embodiment, the table lookup module 430 includes: a table lookup space selecting unit, a table lookup operation unit, a table lookup space updating unit and a message processing unit, wherein,
the table lookup space selecting unit is used for sequentially selecting one table lookup space as the current table lookup space according to the priority order;
the table look-up operation unit is used for selecting matching fields from the target metadata to perform table look-up operation according to the description information of the current table look-up space;
a table lookup space updating unit, configured to, if the table lookup result in the current table lookup space is not hit, return to an operation of sequentially selecting one table lookup space as the current table lookup space according to the priority order until the table lookup result in the current table lookup space is hit or all table lookup spaces are selected;
and the message processing unit is used for processing the message according to the table lookup hit result if the table lookup hit result in the current table lookup space is hit.
Optionally, the table lookup operation unit is specifically configured to: selecting a matching field from the target metadata, and performing hash calculation on a field value of the matching field to obtain a target hash value corresponding to the matching field; if a target hash bucket is found according to the target hash value and the target hash value hits a target node on a hash chain on the target hash bucket, determining that a table lookup hit result in the current table lookup space is hit;
a message processing unit, specifically configured to: and processing the message according to the access control rule corresponding to the target node.
Optionally, the table lookup space at least includes: IPV4 five-tuple table lookup space, IPV4 two-tuple table lookup space and IPV4 source IP address table lookup space.
The message processing device of the network equipment based on the FPGA can execute the message processing method of the network equipment based on the FPGA provided by any embodiment of the invention, and has the corresponding functional modules and the beneficial effects of executing the message processing method of the network equipment based on the FPGA.
EXAMPLE five
Fig. 5 is a schematic diagram of a hardware structure of a network device according to a fifth embodiment of the present invention, and as shown in fig. 5, the network device includes:
one or more processors 510, one processor 510 being illustrated in FIG. 5;
a memory 520;
the processor 510 and the memory 520 in the network device may be connected by a bus or other means, and fig. 5 illustrates the connection by a bus as an example.
The memory 520, which is a non-transitory computer-readable storage medium, may be used to store a software program and a computer-executable program, and as a program instruction corresponding to the message processing method of the FPGA-based network device applied to the network device in the embodiment of the present invention, the program instruction includes:
receiving a message;
decoding the message according to a pre-configured decoding logic, and extracting target metadata corresponding to the message;
performing table lookup operation according to the target metadata and pre-configured table lookup logic, and processing the message according to a table lookup hit result;
wherein the decoding logic and the table lookup logic are configured through a driver of the FPGA.
The processor 510 executes various functional applications of the host and data processing by running software program instructions stored in the memory 520, that is, implements any one of the message processing methods applied to the FPGA-based network device in the foregoing embodiments.
The memory 520 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the network device, and the like. Further, the memory 520 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device.
EXAMPLE six
The sixth embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a message processing method for a network device based on an FPGA, according to all the embodiments of the present invention: that is, the program when executed by the processor implements:
receiving a message;
decoding the message according to a pre-configured decoding logic, and extracting target metadata corresponding to the message;
performing table look-up operation according to the target metadata and pre-configured table look-up logic, and processing the message according to a table look-up hit result;
wherein the decoding logic and the table lookup logic are configured through a driver of the FPGA.
Any combination of one or more computer-readable media may be employed. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C + +, or the like, as well as conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing description is only exemplary of the invention and that the principles of the technology may be employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (8)
1. A message processing method of network equipment based on a Field Programmable Gate Array (FPGA) is characterized by comprising the following steps:
receiving a message;
decoding the message according to a preconfigured decoding logic, and extracting target metadata corresponding to the message, including:
decoding the message according to the protocol information preconfigured in a Ternary Content Addressable Memory (TCAM), the offset address information of a next protocol head preconfigured in a Static Random Access Memory (SRAM) and the field information to be extracted, and extracting target metadata corresponding to the message;
wherein, the information rows in the TCAM and the SRAM are in one-to-one correspondence;
performing table lookup operation according to the target metadata and pre-configured table lookup logic, and processing the message according to a table lookup hit result, including:
sequentially selecting a table lookup space as a current table lookup space according to the priority order;
selecting matching fields from the target metadata to perform table lookup operation according to the description information of the current table lookup space;
if the table lookup result in the current table lookup space is not hit, returning to the operation of sequentially selecting one table lookup space as the current table lookup space according to the priority order until the table lookup result in the current table lookup space is hit or all the table lookup spaces are selected;
if the table lookup result in the current table lookup space is hit, processing the message according to the table lookup result;
wherein the decoding logic and the table lookup logic are configured through a driver of the FPGA.
2. The method of claim 1, wherein each information line in the TCAM comprises: a protocol number and a current state value;
each information row in the SRAM comprises: offset address information of the next protocol header, next table look-up field information, next state value, number of fields to be extracted, and information of each field to be extracted.
3. The method of claim 2, wherein decoding the packet according to the protocol information preconfigured in the TCAM and the offset address information and the field information to be extracted of the next protocol header preconfigured in the SRAM, and extracting the target metadata corresponding to the packet comprises:
inquiring the TCAM according to the Ethernet protocol number of the message, and taking an information line matched with the Ethernet protocol number in the TCAM as a current information line of the inquired TCAM;
extracting a field value corresponding to the message according to the number of fields to be extracted in the target information row in the SRAM matched with the current query TCAM information row and the information of each field to be extracted;
skipping to the next information row in the TCAM according to the next table look-up field information and the next state value in the target information row in the SRAM as the current information row for inquiring the TCAM;
and returning to execute the operation of extracting the field value corresponding to the message according to the number of the fields to be extracted in the target information row in the SRAM matched with the current query TCAM information row and the information of each field to be extracted until the information row skip operation can not be performed according to the next table look-up field information and the next state value in the target information row in the SRAM.
4. The method of claim 3, wherein selecting matching fields in the target metadata for a table lookup operation comprises:
selecting a matching field from the target metadata, and performing hash calculation on a field value of the matching field to obtain a target hash value corresponding to the matching field;
if a target hash bucket is found according to the target hash value and the target hash value hits a target node on a hash chain on the target hash bucket, determining that a table lookup hit result in the current table lookup space is hit;
processing the message according to the table lookup hit result, comprising:
and processing the message according to an access control rule corresponding to the target node.
5. The method of claim 1, wherein the table lookup space comprises at least:
internet protocol version 4IPV4 five tuple table look-up space, IPV4 two tuple table look-up space, IPV4 source IP address table look-up space.
6. A message processing device of network equipment based on FPGA is characterized by comprising:
the message receiving module is used for receiving a message;
the message decoding module is used for decoding the message according to a preconfigured decoding logic and extracting target metadata corresponding to the message;
the message decoding module is specifically configured to: decoding the message according to the protocol information preconfigured in the TCAM, the offset address information of the next protocol head preconfigured in the SRAM and the field information to be extracted, and extracting the target metadata corresponding to the message;
wherein, the information rows in the TCAM and the SRAM are in one-to-one correspondence;
the table look-up module is used for performing table look-up operation according to the target metadata and pre-configured table look-up logic and processing the message according to a table look-up hit result;
the table look-up module comprises: a table lookup space selecting unit, a table lookup operation unit, a table lookup space updating unit and a message processing unit, wherein,
the table lookup space selecting unit is used for sequentially selecting one table lookup space as the current table lookup space according to the priority order;
the table look-up operation unit is used for selecting matching fields from the target metadata to perform table look-up operation according to the description information of the current table look-up space;
the table lookup space updating unit is used for returning to the operation of sequentially selecting one table lookup space as the current table lookup space according to the priority order if the table lookup hit result in the current table lookup space is not hit, until the table lookup hit result in the current table lookup space is hit, or all the table lookup spaces are selected;
the message processing unit is used for processing the message according to the table look-up hit result if the table look-up hit result in the current table look-up space is hit;
wherein the decoding logic and the look-up table logic are configured via a driver of the FPGA.
7. A network device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1-5 when executing the program.
8. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110158186.3A CN112929281B (en) | 2021-02-04 | 2021-02-04 | Message processing method, device and equipment of network equipment based on FPGA |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110158186.3A CN112929281B (en) | 2021-02-04 | 2021-02-04 | Message processing method, device and equipment of network equipment based on FPGA |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112929281A CN112929281A (en) | 2021-06-08 |
| CN112929281B true CN112929281B (en) | 2023-01-10 |
Family
ID=76170563
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110158186.3A Active CN112929281B (en) | 2021-02-04 | 2021-02-04 | Message processing method, device and equipment of network equipment based on FPGA |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112929281B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114006956A (en) * | 2021-10-29 | 2022-02-01 | 杭州迪普信息技术有限公司 | Message data analysis method, device and equipment |
| CN114124822B (en) * | 2021-11-29 | 2024-04-26 | 杭州迪普信息技术有限公司 | Message matching processing device and method |
| CN115883681B (en) * | 2023-02-08 | 2023-06-23 | 天翼云科技有限公司 | Message parsing method and device, electronic equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103297296A (en) * | 2013-05-30 | 2013-09-11 | 大连梯耐德网络技术有限公司 | FPGA-based logical operation search method and system |
| CN110381054A (en) * | 2019-07-16 | 2019-10-25 | 广东省新一代通信与网络创新研究院 | Message parsing method, device, equipment and computer readable storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050114473A1 (en) * | 2003-10-30 | 2005-05-26 | Ravid Guy | FPGA boot-up over a network |
| US7954114B2 (en) * | 2006-01-26 | 2011-05-31 | Exegy Incorporated | Firmware socket module for FPGA-based pipeline processing |
| US8874838B2 (en) * | 2009-12-28 | 2014-10-28 | Juniper Networks, Inc. | Providing dynamic databases for a TCAM |
| US8611352B2 (en) * | 2010-04-20 | 2013-12-17 | Marvell World Trade Ltd. | System and method for adapting a packet processing pipeline |
-
2021
- 2021-02-04 CN CN202110158186.3A patent/CN112929281B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103297296A (en) * | 2013-05-30 | 2013-09-11 | 大连梯耐德网络技术有限公司 | FPGA-based logical operation search method and system |
| CN110381054A (en) * | 2019-07-16 | 2019-10-25 | 广东省新一代通信与网络创新研究院 | Message parsing method, device, equipment and computer readable storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 嵌入式协议栈可重构性分析与设计实现;宋丽华等;《计算机科学》;20070925(第09期);69-72,76 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112929281A (en) | 2021-06-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112929281B (en) | Message processing method, device and equipment of network equipment based on FPGA | |
| US11463561B2 (en) | Enhanced segment routing processing of packets | |
| US10237130B2 (en) | Method for processing VxLAN data units | |
| US11652735B2 (en) | Multicast data packet processing method, and apparatus | |
| EP3282649B1 (en) | Data packet forwarding | |
| US9154418B1 (en) | Efficient packet classification in a network device | |
| US11729300B2 (en) | Generating programmatically defined fields of metadata for network packets | |
| CN113132202B (en) | Message transmission method and related equipment | |
| US10791051B2 (en) | System and method to bypass the forwarding information base (FIB) for interest packet forwarding in an information-centric networking (ICN) environment | |
| WO2019185051A1 (en) | Integrated flow table-based packet forwarding method and device | |
| US10397116B1 (en) | Access control based on range-matching | |
| US8923298B2 (en) | Optimized trie-based address lookup | |
| US9979648B1 (en) | Increasing entropy across routing table segments | |
| CN107770072B (en) | Method and equipment for sending and receiving message | |
| US20090135833A1 (en) | Ingress node and egress node with improved packet transfer rate on multi-protocol label switching (MPLS) network, and method of improving packet transfer rate in MPLS network system | |
| CN106982163B (en) | Method and gateway for acquiring route on demand | |
| WO2021135491A1 (en) | Flow table matching method and apparatus | |
| WO2020114239A1 (en) | Multicast message processing method and apparatus, storage medium and processor | |
| US20190123994A1 (en) | Multicast data packet forwarding | |
| US9985885B1 (en) | Aggregating common portions of forwarding routes | |
| WO2016131422A1 (en) | Flow entry generating and packet processing based on flow entry | |
| WO2012075818A1 (en) | Method for parsing packet header, header parsing pre-processing device and network processor | |
| WO2015131720A1 (en) | Packet processing method and device | |
| CN117997833A (en) | Data forwarding system and control method thereof | |
| CN112653622B (en) | SRv6uSID forwarding method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |