CN113055268A - Method, device, equipment and medium for tunnel traffic load balancing - Google Patents
Method, device, equipment and medium for tunnel traffic load balancing Download PDFInfo
- Publication number
- CN113055268A CN113055268A CN201911368260.3A CN201911368260A CN113055268A CN 113055268 A CN113055268 A CN 113055268A CN 201911368260 A CN201911368260 A CN 201911368260A CN 113055268 A CN113055268 A CN 113055268A
- Authority
- CN
- China
- Prior art keywords
- information
- address
- tunnel
- load balancing
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 55
- 238000005538 encapsulation Methods 0.000 claims abstract description 50
- 230000005540 biological transmission Effects 0.000 claims abstract description 36
- 230000015654 memory Effects 0.000 claims description 11
- 230000005641 tunneling Effects 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 abstract description 13
- 238000010586 diagram Methods 0.000 description 15
- 230000008569 process Effects 0.000 description 8
- 238000004364 calculation method Methods 0.000 description 6
- 230000009471 action Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 239000012634 fragment Substances 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000007792 addition Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/12—Avoiding congestion; Recovering from congestion
- H04L47/125—Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention provides a method, a device, equipment and a medium for balancing tunnel traffic load. The method comprises the following steps: tunnel encapsulation is carried out on the data packet to generate a tunnel encapsulation packet, the tunnel encapsulation packet comprises an IPv4 packet header, the IPv4 packet header carries a source IP address, a destination IP address and stream information, and the stream information is generated according to the packet header information of the data packet; flow load balancing is carried out according to a source IP address, a destination IP address and flow information in the IPv4 packet header to determine a transmission link; and forwarding the tunnel encapsulation packet through the transmission link. Through the technical scheme in the embodiment of the invention, the load balance of the tunnel flow can be realized only according to the information in the IPv4 packet header of the tunnel flow, and the processing efficiency of the forwarding equipment is improved.
Description
Technical Field
The present invention relates to the field of data communications, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for load balancing of tunnel traffic.
Background
Tunneling is an encapsulation technique for encapsulating one type of packet into another type of packet, and is widely used in networks. Common Tunneling technologies include Layer Two Tunneling Protocol (L2TP), Generic Routing Encapsulation (GRE), Virtual extended Local Area Network (VxLAN), and the like.
In order to realize load balancing of tunnel traffic in the tunnel technology, two schemes are proposed in the prior art: the method comprises a first scheme of realizing tunnel traffic load balancing by using an Internet Protocol Version 6 (IPv 6) as a packet header of the outermost layer of the tunnel and a second scheme of realizing tunnel traffic load balancing aiming at the VxLAN tunnel.
However, the existing scheme has the following disadvantages: the first scheme is only applicable to a scene that IPv6 is used as the packet header of the outermost layer of the tunnel, and cannot be used for the packet header of the fourth Version of the Internet Protocol (Internet Protocol Version 4, IPv4) which is currently and more commonly used; the second scheme is only suitable for VxLAN tunnels and cannot be suitable for other types of tunnels widely used in the network, such as L2TP and GRE, on the other hand, the processing efficiency of the forwarding device is reduced, and higher requirements are placed on the performance and the cost of the forwarding device.
Disclosure of Invention
The embodiment of the invention provides a method, a device, equipment and a computer readable storage medium for load balancing of tunnel traffic, which are suitable for a scene that IPv4 is used as a packet header of the outermost layer of a tunnel, flow information options are introduced into the IPv4 packet header, the load balancing of the tunnel traffic is realized according to a source IP address, a destination IP address and flow information in the IPv4 packet header of the tunnel traffic, and the processing efficiency of forwarding equipment is improved.
In a first aspect, the present invention provides a method for load balancing of tunnel traffic, where the method includes: tunnel encapsulation is carried out on the data packet to generate a tunnel encapsulation packet, the tunnel encapsulation packet comprises an IPv4 packet header, the IPv4 packet header carries a source IP address, a destination IP address and stream information, and the stream information is generated according to the packet header information of the data packet; flow load balancing is carried out according to a source IP address, a destination IP address and flow information in the IPv4 packet header to determine a transmission link; and forwarding the tunnel encapsulation packet through the transmission link.
In some implementations of the first aspect, the IPv4 packet header includes a flow information option, and the flow information option includes: type information, length information, and a value; the type information includes: copy information, category information and sequence number information; the value includes flow information; the length information includes a length value of the stream information option.
In some implementations of the first aspect, generating the flow information according to header information of the data packet includes: and carrying out hash operation on the header information of the data packet to generate flow information.
In some implementations of the first aspect, before determining the transmission link according to traffic load balancing performed on the source IP address, the destination IP address, and the flow information in the IPv4 packet header, the method further includes: and judging whether to carry out flow load balancing according to the flow information.
In some implementations of the first aspect, determining a transmission link according to traffic load balancing of a source IP address, a destination IP address, and flow information in an IPv4 packet header includes: performing hash operation on a source IP address, a destination IP address and flow information in the IPv4 packet header to obtain an operation result; and determining a transmission link according to the operation result.
In a second aspect, the present invention provides a device for load balancing tunnel traffic, including: the encapsulating module is used for performing tunnel encapsulation on the data packet to generate a tunnel encapsulating packet, wherein the tunnel encapsulating packet comprises an IPv4 packet header, the IPv4 packet header carries a source IP address, a destination IP address and stream information, and the stream information is generated according to the packet header information of the data packet; the determining module is used for carrying out flow load balancing according to the source IP address, the destination IP address and the flow information in the IPv4 packet header to determine a transmission link; and the forwarding module is used for forwarding the tunnel encapsulation packet through the transmission link.
In some implementations of the second aspect, the IPv4 packet header includes a flow information option, which includes: type information, length information, and a value; the type information includes: copy information, category information and sequence number information; the value includes flow information; the length information includes a length value of the stream information option.
In some implementations of the second aspect, the apparatus further includes a generating module, configured to perform a hash operation on the packet header information of the data packet to generate the flow information.
In some implementation manners of the second aspect, the method further includes determining whether to perform traffic load balancing according to the flow information.
In some implementation manners of the second aspect, the determining module is specifically configured to perform a hash operation on the source IP address, the destination IP address, and the flow information in the IPv4 packet header to obtain an operation result; and determining a transmission link according to the operation result.
In a third aspect, the present invention provides a device for load balancing of tunnel traffic, where the device includes: a processor and a memory storing computer program instructions; the processor, when executing the computer program instructions, implements the method of tunnel traffic load balancing as described above.
In a fourth aspect, the present invention provides a computer-readable storage medium, on which computer program instructions are stored, which when executed by a processor implement the method for load balancing of tunnel traffic as described above.
The invention relates to the field of data communication, in particular to a method, a device, equipment and a computer readable storage medium for tunnel traffic load balancing, which are suitable for a scene that IPv4 is used as a packet header of the outermost layer of a tunnel, flow information options are introduced into an IPv4 packet header, the load balancing of tunnel traffic is realized according to a source IP address, a destination IP address and flow information in an IPv4 packet header of the tunnel traffic, and the processing efficiency of forwarding equipment is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of an L2TP packaging format according to an embodiment of the present invention;
fig. 2 is a schematic diagram of the format of an L2TP header provided by the embodiment of the present invention;
fig. 3 is a schematic diagram of a VxLAN encapsulation format provided by an embodiment of the invention;
fig. 4 is a schematic diagram of a VxLAN header format provided by an embodiment of the invention;
fig. 5 is a schematic diagram of an IPv4 header format provided by an embodiment of the present invention;
fig. 6 is a schematic flowchart of a tunnel traffic load balancing method according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a tunnel traffic load balancing apparatus according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a tunnel traffic load balancing device according to an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone.
The tunneling technique is a data packet encapsulation technique for encapsulating an original data packet in a data payload of another data packet for transmission, during the process of creating a tunnel, both a client and a server of the tunnel must use the same tunneling protocol, and common tunneling protocols include L2TP, GRE, VxLAN and the like.
L2TP is an industry standard Internet tunneling protocol, a virtual tunneling protocol, commonly used in virtual private networks. Fig. 1 is a schematic diagram of an L2TP encapsulation format according to an embodiment of the present invention, and as shown in fig. 1, a tunnel encapsulation packet after L2TP tunnel encapsulation includes an outermost IP header (20 bytes), a UDP header (8 bytes), an L2TP header (16 bytes), and an original data packet; fig. 2 is a schematic diagram of a format of an L2TP header provided in an embodiment of the present invention, and as shown in fig. 2, an L2TP header of a tunnel encapsulation packet in an L2TP tunnel specifically includes a T field (information type), an L field (total length of received data packet), an X field (reserved for future extension), an S field (indicating that both Nr field and Ns field are present), an O field (indicating that an off Size field is present in payload information), a p (priority) field, a version (L2TP), a length (total length of information), a tunnel ID (tunnel for identifying control information application), a session ID (identifying user session in tunnel for controlling information application), Nr (sequence number expected to be received in next control information), Ns (sequence number of data or control information), an offset Size, and padding.
The VxLAN is a tunnel technology which introduces an outer tunnel in a UDP format as a data link layer and transmits original data message contents as tunnel payload. Fig. 3 is a schematic diagram of a VxLAN encapsulation format according to an embodiment of the present invention, and as shown in fig. 3, a tunnel encapsulation packet encapsulated in a VxLAN tunnel includes a VxLAN encapsulation portion and an original packet portion, the VxLAN encapsulation portion includes an outermost IP header, an outer UDP header, and a VxLAN header, and the original packet portion includes an inner ethernet header, an inner IP header, and an original data payload; fig. 4 is a schematic diagram of a VxLAN header format provided in an embodiment of the present invention, and as shown in fig. 4, the VxLAN header of a tunnel encapsulation packet in a VxLAN tunnel specifically includes an identification bit (8 bits, whose value is 00001000), two reserved fields (24 bits and 8 bits, respectively), and a virtual network identifier (24 bits) used to define different tenants in the VxLAN network.
According to different application scenarios, the outermost IP packet header of the data packet after tunnel encapsulation may be an IPv4 packet header or an IPv6 packet header, where a source IP address and a destination IP address in the outermost IP packet header are addresses of tunnel endpoints, and when multiple equivalent paths exist between the tunnel endpoints or a certain link in a path is a bonding link (including multiple member links), if a path or a member link is selected only according to the source IP address and the destination IP address of the outermost IP packet header of the data packet, all tunnel traffic will be selected to the same path or the same member link of the bonding link, and the tunnel traffic cannot achieve load balancing among the multiple equivalent paths or the member links.
In order to achieve load balancing of tunnel traffic, a forwarding device (e.g., a router) may be required to perform load balancing not only according to a source IP address and a destination IP address in an outermost IP packet header of a tunnel, but also according to a protocol type in the IP packet header and a source port number and a destination port number of an upper layer protocol (UDP or TCP), and even according to inner layer information (e.g., a source IP address and a destination IP address of an inner IP packet header in an original data packet) before tunnel traffic is encapsulated. However, this will reduce the processing efficiency of the forwarding device on the data packet, and improve the processing performance requirement of the forwarding device on the data packet, and especially when the forwarding device uses hardware to perform load balancing on the traffic, the hardware needs to search for a deeper position of the tunnel data packet, which puts higher requirements on the hardware.
Therefore, two solutions are proposed in the prior art:
in the first scheme, the IPv6 is used as the outermost layer packet header of the tunnel to realize load balancing of tunnel traffic, the result of hash operation on information (a source port number and a destination port number, a source IP address and a destination IP address of an internal IP packet header in an original data packet and the like) which is helpful for load balancing of tunnel traffic in an inner layer is stored in a flow label field in the IPv6 packet header, and the flow label field is taken into account when forwarding equipment performs traffic load balancing calculation, so that load balancing of tunnel traffic is realized only according to the information in the outermost layer IPv6 packet header. However, the above scheme is only applicable to a scenario in which IPv6 is used as an outermost packet header of a tunnel, and cannot be used for the IPv4 packet header which is currently more commonly used. Fig. 5 is a schematic diagram of an IPv4 header format provided by an embodiment of the present invention, and as shown in fig. 5, the IPv4 header specifically includes a protocol version number (IPv4), a header length defining a datagram protocol header length, a service (for assigning priority, delay, throughput, and reliability), a total length defining a byte length of an entire IP datagram, an identifier for identifying a current datagram, a flag, a fragment offset indicating a relative position of fragment data in a source datagram, a time-to-live (counter), a protocol type, a header checksum for helping to ensure integrity of the IP protocol header, a source IP address, a destination IP address, an option, and padding, and the IPv4 header does not have a flow label field, so that a hash operation result in the IPv6 header cannot be stored.
And the second scheme is only suitable for the VxLAN tunnel, hash operation is carried out on the information which is in the tunnel flow inner layer IP packet and contributes to load balancing to obtain an operation result, the operation result is stored in a reserved field of the VxLAN head, and the operation result in the VxLAN head is taken into account when the forwarding equipment carries out flow load balancing calculation. The second scheme does not require the forwarding device to see the content in the IP packet in the inner layer of the tunnel, but the second scheme is not applicable to other types of tunnels widely applied in the network, such as L2TP and GRE; on the other hand, compared with the outermost IP header of tunnel traffic, the VxLAN header essentially belongs to the inner layer information of tunnel traffic, and performing load balancing according to the information in the VxLAN header also has the problems of reducing the processing efficiency of the forwarding device and having high requirements on the performance and cost of the forwarding device.
In order to solve the problems of a small application range and low processing efficiency of forwarding equipment of the existing tunnel traffic load balancing scheme, embodiments of the present invention provide a method, an apparatus, a device, and a medium for tunnel traffic load balancing. The technical solutions of the embodiments of the present invention are described below with reference to the accompanying drawings.
Fig. 6 is a flowchart illustrating a method for load balancing of tunnel traffic according to an embodiment of the present invention.
As shown in fig. 6, the method for load balancing tunnel traffic may include S110 to S130.
S110: and performing tunnel encapsulation on the data packet to generate a tunnel encapsulation packet, wherein the tunnel encapsulation packet comprises an IPv4 packet header, the IPv4 packet header carries a source IP address, a destination IP address and stream information, and the stream information is generated according to the packet header information of the data packet.
In one embodiment, generating the flow information according to the header information of the data packet includes: and carrying out hash operation on the header information of the data packet to generate flow information.
It should be noted that, in the embodiment of the present invention, the calculation method for generating the flow information according to the header information of the data packet includes, but is not limited to, a hash operation.
It is understood that the header information of the data packets used for generating the flow information is different for different tunnels.
Optionally, in an example, for the L2TP tunnel, the header information of the data packet used for generating the flow information includes, but is not limited to: tunnel ID and session ID in header L2TP, source IP address, destination IP address and Protocol type in IP header of inner layer of packet, source port number and destination port number in User Datagram Protocol (UDP) or Transmission Control Protocol (TCP) header of inner layer of packet. When generating the flow information from the header information of the packet, the calculation may be performed using all of the above information, or may be performed by selecting any combination of the above information.
Optionally, in an example, for a VxLAN tunnel, the header information of the data packet used for generating the flow information includes, but is not limited to: a VxLAN Identifier (VNI) in the VxLAN header, a source MAC address, a destination MAC address, a type/length in the packet inner layer ethernet header, a source IP address, a destination IP address and a protocol type in the packet inner layer IP header, and a source port number and a destination port number in the packet inner layer UDP or TCP header. When generating the flow information from the header information of the packet, the calculation may be performed using all of the above information, or may be performed by selecting any combination of the above information.
Optionally, in an example, for the GRE tunnel, the header information of the data packet used for generating the flow information includes, but is not limited to: the protocol type in the GRE header, the source IP address, the destination IP address and the protocol type in the inner IP header of the data packet, and the source port number and the destination port number in the inner UDP or TCP header of the data packet. When generating the flow information from the header information of the packet, the calculation may be performed using all of the above information, or may be performed by selecting any combination of the above information.
Optionally, other tunnel types may also use a similar method to select packet header information of the data packet to generate flow information, which is not described herein again.
Specifically, the IPv4 packet header includes a flow information option, which includes: type information, length information, and a value; the type information includes: copy information, category information and sequence number information; the value includes flow information; the length information includes a length value of the stream information option.
Table 1 shows a specific definition of a flow information option in an IPv4 header.
Table 1 flow information option definition table
In the example of table 1, the stream information option consists of three parts of information of type (type), length (length), and Value (Value), and the type field consists of three parts of information of copy (copy), class (class), and number (number). Secondly, copying one bit of a part in the type field, taking the value as 1, and indicating that the stream information option needs to be copied to a packet header of each segment when the data packet is segmented; 2 bits of the category part take the value of 0 to indicate that the stream information option is a control option; the sequence number portion is 5 bits and any value that is not currently occupied can be used, in the example 26. The length field indicates the length of the entire stream information option in bytes, taking a value of 4 in the example. The value field, in this example 2 bytes, is used to store the result calculated from the packet header information to help the forwarding device load balance the tunnel traffic. It should be clear that table 1 only gives one possible definition and that the flow information option of the present invention is not limited to the above described definition.
S120: and carrying out traffic load balancing according to the source IP address, the destination IP address and the flow information in the IPv4 packet header to determine a transmission link.
Specifically, before determining a transmission link by performing traffic load balancing according to a source IP address, a destination IP address and flow information in an IPv4 packet header, the method further includes: and judging whether to carry out flow load balancing according to the flow information.
Specifically, determining a transmission link by performing traffic load balancing according to a source IP address, a destination IP address and flow information in an IPv4 packet header includes: performing hash operation on a source IP address, a destination IP address and flow information in the IPv4 packet header to obtain an operation result; and determining a transmission link according to the operation result.
It can be understood that, the IPv4 header is the outermost IP header of the tunnel encapsulation packet, the source IP address and the destination IP address in the IPv4 header are the addresses of the tunnel endpoints, when multiple equivalent paths exist between the tunnel endpoints or a certain link in a path is a bundled link (including multiple member links), if a path or a member link is selected only according to the source IP address and the destination IP address in the IPv4 header, all tunnel traffic will be routed to the same path or the same member link of the bundled link, and the tunnel traffic cannot achieve load balancing among the multiple equivalent paths or the member links.
Optionally, in one example, in order to achieve load balancing of tunnel traffic, a forwarding device (such as a router) may be required to perform load balancing not only according to the source IP address and the destination IP address in the IPv4 packet header, but also to take flow information into account.
The following description is made with reference to a specific example:
a tunnel is established between the tunnel ingress R1 and the tunnel egress R2, with a forwarding device M on the tunnel path, which provides three member links M1, M2 and M3 to transport the tunnel traffic. Firstly, tunnel entrance equipment R1 encapsulates tunnel traffic according to a received instruction to obtain a tunnel encapsulation packet A and a tunnel encapsulation packet B, which contain flow information; then, the forwarding device M receives the instruction, and when a transmission link is selected for the tunnel encapsulation packet, performs hash operation on the source IP address and the destination IP address in the IPv4 packet header in the tunnel encapsulation packet and the flow information in the flow information option field according to the received instruction; when the forwarding device M selects a transmission link for the tunnel encapsulation packet A, performing hash operation on a source IP address and a destination IP address in an IPv4 packet header in the tunnel encapsulation packet A and flow information in a flow information option field to obtain an operation result a, and forwarding the A through a member link M1 according to the operation result a; when the forwarding device M selects a transmission link for the tunnel encapsulation packet B, hash operation is performed on the source IP address and the destination IP address in the IPv4 packet header in the tunnel encapsulation packet B and the flow information in the flow information option field to obtain an operation result B, and the forwarding device B forwards the operation result B through the member link M2 according to the operation result B. If the subsequent tunnel flow enters the tunnel, the same method is adopted for processing, so that the flow can be uniformly distributed on the three member links, and the purpose of load balancing is achieved. It should be noted that only the forwarding device M is applied in this embodiment, in practical applications, more than one forwarding device may be included between R1 and R2, in the transmission process, tunnel traffic reselects a transmission link every time it passes through one forwarding device, and the tunnel traffic reaches the tunnel exit after it passes through more than one transmission link.
Optionally, in an example, the forwarding device may determine in advance whether to perform traffic load balancing according to the flow information, and determine the transmission link.
S130: and forwarding the tunnel encapsulation packet through the transmission link.
When the embodiment of the invention performs load balancing on the tunnel flow, the flow information in the flow information option field also participates in the operation, and the corresponding transmission link is selected for the tunnel flow according to the operation result, thereby realizing the load balancing of the tunnel flow among a plurality of equivalent paths or member links.
The tunnel traffic load balancing method disclosed by the embodiment of the invention is suitable for all tunnels taking IPv4 as the packet header of the outermost layer of the tunnel, and can realize the load balancing of the traffic only according to the source IP address, the destination IP address and the flow information in the IPv4 packet header of the tunnel traffic by introducing the flow information option in the IPv4 packet header, thereby improving the processing efficiency of forwarding equipment and reducing the requirements on the performance and the cost of the forwarding equipment.
Fig. 7 is a schematic structural diagram of a tunnel traffic load balancing apparatus according to an embodiment of the present invention, and as shown in fig. 7, the tunnel traffic load balancing apparatus 200 may include: an encapsulation module 210, a determination module 220, and a forwarding module 230.
The encapsulating module 210 is configured to perform tunnel encapsulation on the data packet to generate a tunnel encapsulation packet, where the tunnel encapsulation packet includes an IPv4 packet header, the IPv4 packet header carries a source IP address, a destination IP address, and flow information, and the flow information is generated according to packet header information of the data packet; the determining module 220 is configured to perform traffic load balancing according to the source IP address, the destination IP address, and the flow information in the IPv4 packet header to determine a transmission link; and a forwarding module 230, configured to forward the tunnel encapsulation packet through the transmission link.
In some embodiments, the IPv4 packet header includes flow information options including: type information, length information, and a value; the type information includes: copy information, category information and sequence number information; the value includes flow information; the length information includes a length value of the stream information option.
In some embodiments, the apparatus further includes a generating module, configured to perform a hash operation on the packet header information of the data packet to generate the flow information.
In some embodiments, the method further includes determining whether to perform traffic load balancing according to the flow information.
In some embodiments, the determining module 220 is specifically configured to perform a hash operation on the source IP address, the destination IP address, and the flow information in the IPv4 packet header to obtain an operation result; and determining a transmission link according to the operation result.
The tunnel traffic load balancing device of the embodiment of the invention is suitable for all tunnels taking IPv4 as the packet header of the outermost layer of the tunnel, and can realize the load balancing of the traffic only according to the source IP address, the destination IP address and the flow information in the IPv4 packet header of the tunnel traffic by introducing the flow information option in the IPv4 packet header, thereby improving the processing efficiency of forwarding equipment and reducing the requirements on the performance and the cost of the forwarding equipment. It can be understood that the tunnel traffic load balancing apparatus 200 according to the embodiment of the present invention may correspond to the main execution body of the tunnel traffic load balancing method in fig. 6 according to the embodiment of the present invention, and specific details of the operation and/or function of each module/unit of the tunnel traffic load balancing apparatus 200 may refer to the description of the corresponding part in the tunnel traffic load balancing method in fig. 6 according to the embodiment of the present invention, which is not described herein again for brevity.
Fig. 8 is a schematic hardware structure diagram of a tunnel traffic load balancing device according to an embodiment of the present invention.
As shown in fig. 8, the tunnel traffic load balancing device 300 in this embodiment includes an input device 301, an input interface 302, a central processing unit 303, a memory 304, an output interface 305, and an output device 306. The input interface 302, the central processing unit 303, the memory 304, and the output interface 305 are connected to each other through a bus 310, and the input device 301 and the output device 306 are connected to the bus 310 through the input interface 302 and the output interface 305, respectively, and further connected to other components of the tunnel traffic load balancing 300.
Specifically, the input device 301 receives input information from the outside and transmits the input information to the central processor 303 through the input interface 302; central processor 303 processes the input information based on computer-executable instructions stored in memory 304 to generate output information, stores the output information temporarily or permanently in memory 304, and then transmits the output information to output device 306 through output interface 305; the output device 306 outputs the output information to the outside of the tunnel traffic load balancing device 300 for use by the user.
That is, the tunnel traffic load balancing apparatus shown in fig. 8 may also be implemented to include: a memory storing computer-executable instructions; and a processor which, when executing the computer executable instructions, may implement the tunnel traffic load balancing method described in connection with fig. 6.
In one embodiment, the tunnel traffic load balancing apparatus 300 shown in fig. 8 includes: a memory 304 for storing programs; the processor 303 is configured to execute a program stored in the memory to execute the method for balancing tunnel traffic load according to the embodiment of the present invention.
An embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium has computer program instructions stored thereon; the computer program instructions, when executed by a processor, implement the method for balancing tunnel traffic load provided by the embodiments of the present invention.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic Circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuits, semiconductor Memory devices, Read-Only memories (ROMs), flash memories, erasable ROMs (eroms), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.
Claims (12)
1. A method for load balancing tunnel traffic, the method comprising:
tunneling data packets to generate tunneling encapsulation packets, wherein the tunneling encapsulation packets include IPv4 packet headers, the IPv4 packet headers carry source IP addresses, destination IP addresses, and flow information, and the flow information is generated according to the packet header information of the data packets;
flow load balancing is carried out according to the source IP address, the destination IP address and the flow information in the IPv4 packet header to determine a transmission link;
and forwarding the tunnel encapsulation packet through the transmission link.
2. The method of claim 1, wherein the IPv4 packet header includes a flow information option, and wherein the flow information option includes: type information, length information, and a value;
the type information includes: copy information, category information and sequence number information;
the value comprises the flow information;
the length information includes a length value of the stream information option.
3. The method of claim 1, wherein generating flow information according to header information of the data packet comprises:
and carrying out hash operation on the header information of the data packet to generate the flow information.
4. The method of claim 1, wherein before said determining a transport link based on traffic load balancing of the source IP address, the destination IP address, and the flow information in the IPv4 packet header, the method further comprises:
and judging whether to carry out flow load balancing according to the flow information.
5. The method according to claim 1 or 4, wherein the determining a transmission link according to the traffic load balancing of the source IP address, the destination IP address and the flow information in the IPv4 packet header comprises:
performing hash operation on the source IP address, the destination IP address and the flow information in the IPv4 packet header to obtain an operation result;
and determining a transmission link according to the operation result.
6. An apparatus for load balancing tunnel traffic, the apparatus comprising:
the tunnel encapsulation module is used for performing tunnel encapsulation on a data packet to generate a tunnel encapsulation packet, wherein the tunnel encapsulation packet comprises an IPv4 packet header, the IPv4 packet header carries a source IP address, a destination IP address and stream information, and the stream information is generated according to the packet header information of the data packet;
the determining module is used for carrying out flow load balancing according to the source IP address, the destination IP address and the flow information in the IPv4 packet header to determine a transmission link;
and the forwarding module is used for forwarding the tunnel encapsulation packet through the transmission link.
7. The apparatus of claim 6, wherein the IPv4 packet header includes flow information options including: type information, length information, and a value;
the type information includes: copy information, category information and sequence number information;
the value comprises the flow information;
the length information includes a length value of the stream information option.
8. The apparatus of claim 6, further comprising:
and the generating module is used for carrying out hash operation on the packet header information of the data packet to generate the flow information.
9. The apparatus of claim 6, further comprising:
and the judging module is used for judging whether to carry out flow load balancing according to the flow information.
10. The apparatus of claim 6, wherein the determining module is specifically configured to:
performing hash operation on a source IP address, a destination IP address and flow information in the IPv4 packet header to obtain an operation result;
and determining a transmission link according to the operation result.
11. An apparatus for load balancing tunnel traffic, the apparatus comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer instructions, implements the method of tunnel traffic load balancing according to any one of claims 1-5.
12. A computer-readable storage medium having computer program instructions stored thereon, which when executed by a processor implement the method of tunnel traffic load balancing according to any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911368260.3A CN113055268A (en) | 2019-12-26 | 2019-12-26 | Method, device, equipment and medium for tunnel traffic load balancing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911368260.3A CN113055268A (en) | 2019-12-26 | 2019-12-26 | Method, device, equipment and medium for tunnel traffic load balancing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113055268A true CN113055268A (en) | 2021-06-29 |
Family
ID=76505409
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911368260.3A Pending CN113055268A (en) | 2019-12-26 | 2019-12-26 | Method, device, equipment and medium for tunnel traffic load balancing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113055268A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023125993A1 (en) * | 2021-12-31 | 2023-07-06 | 苏州盛科通信股份有限公司 | Tunnel encryption, forwarding and decryption methods and apparatuses |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325557A (en) * | 2008-07-25 | 2008-12-17 | 华为技术有限公司 | Method, system and apparatus for sharing tunnel load |
| CN109039919A (en) * | 2018-10-11 | 2018-12-18 | 平安科技(深圳)有限公司 | Forward-path determines method, apparatus, system, computer equipment and storage medium |
-
2019
- 2019-12-26 CN CN201911368260.3A patent/CN113055268A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325557A (en) * | 2008-07-25 | 2008-12-17 | 华为技术有限公司 | Method, system and apparatus for sharing tunnel load |
| CN109039919A (en) * | 2018-10-11 | 2018-12-18 | 平安科技(深圳)有限公司 | Forward-path determines method, apparatus, system, computer equipment and storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023125993A1 (en) * | 2021-12-31 | 2023-07-06 | 苏州盛科通信股份有限公司 | Tunnel encryption, forwarding and decryption methods and apparatuses |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10158568B2 (en) | Method and apparatus for service function forwarding in a service domain | |
| US11374848B2 (en) | Explicit routing with network function encoding | |
| US10749794B2 (en) | Enhanced error signaling and error handling in a network environment with segment routing | |
| US10164838B2 (en) | Seamless segment routing | |
| US10178022B2 (en) | Segment routing using a remote forwarding adjacency identifier | |
| US11979322B2 (en) | Method and apparatus for providing service for traffic flow | |
| CN108702331B (en) | Integration of SR application segments with Service Function Chaining (SFC) header metadata | |
| US6643287B1 (en) | Apparatus and method for forwarding encapsulated data packets on a network having multiple links between nodes | |
| US10110641B2 (en) | Establishing a data transfer connection | |
| US9912566B1 (en) | Method and apparatus for tracing paths in service function chains | |
| JP7080983B2 (en) | Method and device for message processing using unified SR label stack | |
| US10601610B2 (en) | Tunnel-level fragmentation and reassembly based on tunnel context | |
| CN107046506A (en) | A kind of message processing method, flow classifier and business function example | |
| CN113852550A (en) | Method, device, network equipment, system and storage medium for sending message | |
| CN108390812B (en) | Message forwarding method and device | |
| CN112491706A (en) | Data message processing method and device, storage medium and electronic device | |
| CN113055294A (en) | Message encapsulation and decapsulation method and device, storage medium and electronic device | |
| CN115442286A (en) | Method and network node for SR path entry protection | |
| US9762486B2 (en) | Method and system for using extension headers to support protocol stack migration | |
| CN108737239B (en) | Message forwarding method and device | |
| CN112653622B (en) | SRv6uSID forwarding method and device | |
| EP4020903B1 (en) | Method and apparatus for preventing traffic bypassing | |
| CN113055268A (en) | Method, device, equipment and medium for tunnel traffic load balancing | |
| CN104702505B (en) | A kind of message transmitting method and node | |
| CN117376233A (en) | Data processing method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210629 |