CN116723150A - Data packet forwarding system - Google Patents
Data packet forwarding system Download PDFInfo
- Publication number
- CN116723150A CN116723150A CN202310985929.3A CN202310985929A CN116723150A CN 116723150 A CN116723150 A CN 116723150A CN 202310985929 A CN202310985929 A CN 202310985929A CN 116723150 A CN116723150 A CN 116723150A
- Authority
- CN
- China
- Prior art keywords
- forwarding
- target
- matching
- hash
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000005540 biological transmission Effects 0.000 claims abstract description 25
- 238000000034 method Methods 0.000 claims abstract description 18
- 238000013507 mapping Methods 0.000 claims abstract description 12
- 238000004590 computer program Methods 0.000 claims abstract description 9
- 230000000977 initiatory effect Effects 0.000 claims abstract description 4
- 101150071927 AANAT gene Proteins 0.000 claims description 24
- 238000005538 encapsulation Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
- H04L45/7453—Address table lookup; Address filtering using hashing
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a data packet forwarding system, which comprises a session record table, a processor and a memory storing a computer program, wherein the session record at least comprises quintuple information for initiating a session and transmission node information, and when the processor executes the computer program, the following steps are realized: acquiring target quintuple information of a target data packet; performing hash mapping based on the target quintuple information to obtain a target hash value; based on the target hash value, acquiring a corresponding hash link of the target hash value on the hash chain table, and acquiring a corresponding session record list on the corresponding hash link; traversing the corresponding session record list using the target quintuple and B j And matching the five-tuple information contained, and if the matching is successful, forwarding the target data packet according to the transmission node information, thereby saving the resources in the data packet forwarding process.
Description
Technical Field
The present invention relates to the field of data forwarding technologies, and in particular, to a forwarding system for a data packet.
Background
In daily life, we often use networks for transmitting data. The method comprises the steps of transmitting data in a network, wherein the first step is to package the data through TCP, and when a host establishes TCP connection reaching a destination server, the data of an application layer is packaged; the second step is to go through IP encapsulation and execute in the network layer; the third step is typically to find a route that the host must possess to reach the destination; the fourth part is Ethernet encapsulation and is executed on the data link layer; then, the whole process is very complicated through the processes of data frame forwarding, data frame decapsulation, data packet decapsulation, data segment decapsulation and the like, especially when a host A sends a plurality of data packets to a host B in a short time, so that the fast and convenient forwarding of the data packets is particularly important.
Disclosure of Invention
Aiming at the technical problems, the invention adopts the following technical scheme: a data packet forwarding system, the system comprising a session record table a, a processor and a memory storing a computer program;
wherein the session record table a= { a 1 ,A 2 ,…,A i ,…,A m },A i The method is an ith session record, the value range of i is 1 to m, m is the number of stored session record tables, and the session record at least comprises quintuple information and transmission node information of an initiating session; the session record is subjected to hash mapping based on quintuple information and is stored in a memory in the form of a hash chain table;
when the processor executes the computer program, the following steps are implemented:
s100, acquiring target quintuple information of a target data packet;
s200, carrying out hash mapping based on target five-tuple information to obtain a target hash value;
s300, based on the target hash value, acquiring a target hash link of a corresponding position of the target hash value on the hash chain table, and acquiring a candidate session record list B= { B on the target hash link 1 ,B 2 ,…,B j ,…,B n },B j The method is characterized in that the method comprises the steps that j candidate session records on a target hash link are obtained, the value range of j is 1 to n, and n is the number of candidate session records on the target hash link;
s400, traversing the candidate session record list B, and using the target quintuple and B j Matching the five-tuple information contained, and if the matching is successful, matching the target data packet according to B j The transmission node information in the network is forwarded; otherwise, matching the target data packet according to a matching strategy, wherein the matching strategyThe bridging forwarding, the routing forwarding and the snat forwarding are matched according to a preset sequence.
The invention has at least the following beneficial effects:
in summary, obtaining target quintuple information of a target data packet, carrying out hash mapping based on the target quintuple information, obtaining a target hash value, obtaining a target hash link of a corresponding position of the target hash value on a hash chain table based on the target hash value, obtaining a candidate session record list on the target hash link, matching the target quintuple with the quintuple of each candidate session in the candidate session list, and forwarding by using transmission node information in the candidate session when matching is successful, otherwise, matching according to a matching strategy when matching is not successful; in the prior art, the method and the device have the advantages that the interface inlet, the interface outlet and the forwarding mode are required to be searched each time when the data packet is forwarded, and a great amount of time is consumed, so that the session record table is directly matched, if the matching is successful, the data packet can be forwarded directly according to the original route, the searching is not required, and the resources in the data packet forwarding process are saved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a data packet forwarding system according to an embodiment of the present invention when executing a computer program.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to fall within the scope of the invention.
The embodiment of the invention provides a forwarding system of a data packet, which comprises a session record table A, a processor and a memory storing a computer program;
wherein the session record table a= { a 1 ,A 2 ,…,A i ,…,A m },A i The method is an ith session record, the value range of i is 1 to m, m is the number of stored session record tables, and the session record at least comprises quintuple information and transmission node information of an initiating session; the session record is subjected to hash mapping based on quintuple information and is stored in a memory in the form of a hash chain table, and the transmission node information comprises an access forwarding interface address and an output forwarding interface address.
Specifically, the incoming forwarding interface address is a network port address of an incoming forwarding interface, and the outgoing forwarding interface address is a network port address of an outgoing forwarding interface; the session record table stores session records of the current node entered over a historical period of time.
In an embodiment of the present invention, the hash chain has a length of 65563. It can be known that the number of ports is 65535, so that the invention takes prime numbers on the basis of 65535 and obtains the length of the hash chain table as 65563.
Further, when the hash value d calculated by any one session based five-tuple is greater than 65563, the following steps are performed: s=d-k× 65563 is obtained, where s is equal to or less than 65563, k is a positive integer, and the session is mapped to the hash link corresponding to s. It will be appreciated that session records are ordered and, when greater than the length of the hash chain, reordered from scratch.
When the processor executes the computer program, as shown in fig. 1, the following steps are implemented:
s100, obtaining target quintuple information of a target data packet.
Specifically, the destination five-tuple information of the destination data packet includes a source IP address, a source port, a destination IP address, a destination port, and a protocol number.
S200, hash mapping is carried out based on the target five-tuple information, and a target hash value is obtained.
Specifically, those skilled in the art know that any method for performing hash mapping on text information to obtain a hash value in the prior art belongs to the protection scope of the present invention, and is not described herein.
S300, based on the target hash value, acquiring a target hash link of a corresponding position of the target hash value on the hash chain table, and acquiring a candidate session record list B= { B on the target hash link 1 ,B 2 ,…,B j ,…,B n },B j Is the j-th candidate session record on the target hash link, the value range of j is 1 to n, and n is the number of candidate session records on the target hash link.
It can be understood that the session record table is stored in the form of hash chain table, and there may be one session record or multiple session records under each hash value, so after the hash value of the target quintuple is obtained, the target hash link in the corresponding position is found and matched with the quintuple of the session information under the target link.
S400, traversing the candidate session record list B, and using the target quintuple and B j Matching the five-tuple information contained, and if the matching is successful, matching the target data packet according to B j The transmission node information in the network is forwarded; otherwise, the target data packet is subjected to matching forwarding according to a matching strategy, wherein the matching strategy is used for matching bridging forwarding, routing forwarding and snat forwarding according to a preset sequence.
Further, in S400, after the target data packet is matched according to the matching policy, the method further includes storing the target five-tuple, the address of the forwarding interface, the output forwarding interface address, and the forwarding mode as a session record after the transmission of the target data packet is completed, and mapping the session record to the corresponding hash link. It can be understood that when the target five-tuple and the session record cannot be successfully matched, matching is performed according to the original matching strategy, and after the session is completed, the information of the session is mapped on the corresponding hash link, so that the next access is facilitated.
In summary, obtaining target quintuple information of a target data packet, carrying out hash mapping based on the target quintuple information, obtaining a target hash value, obtaining a target hash link of a corresponding position of the target hash value on a hash chain table based on the target hash value, obtaining a candidate session record list on the target hash link, matching the target quintuple with the quintuple of each candidate session in the candidate session list, and forwarding by using transmission node information in the candidate session when matching is successful, otherwise, matching according to a matching strategy when matching is not successful; in the prior art, the method and the device have the advantages that the interface inlet, the interface outlet and the forwarding mode are required to be searched each time when the data packet is forwarded, and a great amount of time is consumed, so that the session record table is directly matched, if the matching is successful, the data packet can be forwarded directly according to the original route, the searching is not required, and the resources in the data packet forwarding process are saved.
Further, the session record table is stored in the forwarding system of the data packet, and the forwarding system of the data packet can be installed at the local end of an electronic product such as a computer, and the session record table only stores the information of the session record entering the current node, and does not store the session record information of other nodes, so that the fast forwarding at the current node can be performed only by using the session record table.
Specifically, the transmission node information further includes a forwarding mode, where the forwarding mode is one of bridge forwarding, route forwarding and snat forwarding.
Further, in S400, the target packet is matched according to a matching policy, and when the forwarding mode is snat forwarding, the source mac address is stored in a fixed area before the header before the snat forwarding.
Specifically, a part of the fixed area is in front of the header of the data packet, when the snat is used for forwarding, the source mac address is replaced by the mac address of the outgoing interface, in actual use, the source IP address is hidden and converted into the public IP, when the snat is used for forwarding, the source mac address is also replaced by the mac address of the outgoing interface, at this time, when the binding of the IP address and the mac address is performed again, the source mac address is not detected, therefore, before the snat is used for forwarding, the source mac address is stored in the fixed area in front of the header of the data packet, and after the target data packet is acquired again, the source mac address can be acquired by acquiring the first 6 bits of the header of the target data packet.
Further, in S400, the target packet is matched according to a matching policy, and when the forwarding mode is snat, the first 6 bits of the fixed area before the header are extracted as the source mac address.
Specifically, it is understood that when the target five-tuple and B j When the matching of the five-tuple information contained is successful, the target data packet is processed according to B j The transmission node information in (a) is forwarded, and if B j The forwarding mode of the transmission node information in the network is snat forwarding, and the source mac address is stored in the previous session, so that the source mac address does not need to be stored again before forwarding; if the target data packet does not sum B j Matching the five-tuple information contained successfully, matching according to a matching strategy, and forwarding, if the forwarding mode of the successful matching is snat forwarding, storing the source mac address in a fixed area in front of a header when the snat forwarding is performed; target five-tuple does not sum B j The matching of the five-tuple information contained is successful, that is, the transmission of the target data packet is a new session, which has not been transmitted before, and when the destination data packet is forwarded by using snat forwarding, the source mac address needs to be stored in a fixed area in front of the header.
Specifically, the memory also stores an ARP cache table, where the ARP cache table stores a correspondence between an IP address and a mac address. It can be understood that when there is an IP address, the corresponding mac address can be found according to the ARP cache table; when the mac address exists, the corresponding IP address can be found according to the ARP cache table. When the forwarding method is the snat, that is, there is no source IP address or source mac address, the source mac address is stored in a fixed area before the header.
Still further, the present invention further comprises:
s001, when the forwarding mode is bridge forwarding, the transmission node information comprises an access forwarding interface address and an output forwarding interface address.
And S002, when the forwarding mode is route forwarding, the transmission node information comprises an access forwarding interface address, an output forwarding interface address and an output forwarding interface mac address.
And S003, when the forwarding mode is snat forwarding, the transmission node information comprises an access forwarding interface address, an output forwarding interface mac address and a source mac address.
In summary, when the forwarding modes are different, the contents contained in the transmission node information are different, so that when the target quintuple and the quintuple stored in the session record table are not matched, matching forwarding is performed according to a matching policy.
Specifically, in S400, the matching of the target data packet according to the matching policy includes the following steps:
s010, if the target data packet is successfully matched with the forwarding-in interface and the forwarding-out interface, and the forwarding-in interface and the forwarding-out interface are in bridging relation, directly bridging and forwarding the target data packet; otherwise, executing S020;
s020, carrying out routing strategy matching on the target data packet;
specifically, the routing policy may have a plurality of routes, and the destination five-tuple of the destination packet is used for matching, if the matching is successful, the corresponding outgoing interface mac address is obtained, the outgoing interface mac address is replaced by the source mac address, and if the matching is successful, the vlan address is added to the forwarding node information of the session record, and the outgoing interface mac address is not added.
S030, if the matching is successful, replacing the mac address of the outgoing interface of the successfully matched routing strategy in the target data packet with the source mac address for forwarding; otherwise, executing S040;
s040, matching is carried out by using the snat, and if the matching is successful, forwarding is carried out by using the snat; otherwise, the packet is discarded.
In summary, matching the target data packet according to a matching policy, if the matching between the target data packet and the forwarding inlet interface and the forwarding outlet interface is successful, and the forwarding inlet interface and the forwarding outlet interface are in bridging relation, directly performing bridging forwarding on the target data packet, otherwise, matching the routing policy with the target data packet, if the matching is successful, replacing the mac address of the forwarding outlet interface of the routing policy successfully matched in the target data packet with the source mac address for forwarding, otherwise, using snat for matching, and if the matching is successful, using snat for forwarding; otherwise, discarding the data packet to carry out matching forwarding according to a preset sequence, and recording in a session record table after the matching forwarding is successful.
While certain specific embodiments of the invention have been described in detail by way of example, it will be appreciated by those skilled in the art that the above examples are for illustration only and are not intended to limit the scope of the invention. Those skilled in the art will also appreciate that many modifications may be made to the embodiments without departing from the scope and spirit of the invention. The scope of the invention is defined by the appended claims.
Claims (9)
1. A data packet forwarding system, characterized in that the system comprises a session record table a, a processor and a memory storing a computer program;
wherein the session record table a= { a 1 ,A 2 ,…,A i ,…,A m },A i The method is an ith session record, the value range of i is 1 to m, m is the number of stored session record tables, and the session record at least comprises quintuple information and transmission node information of an initiating session; the session record is subjected to hash mapping based on quintuple information and is stored in a memory in the form of a hash chain table;
when the processor executes the computer program, the following steps are implemented:
s100, acquiring target quintuple information of a target data packet;
s200, carrying out hash mapping based on target five-tuple information to obtain a target hash value;
s300, based on the target hash value, acquiring a target hash link of the corresponding position of the target hash value on the hash chain table, and acquiring a candidate meeting on the target hash linkList of voice recordings b= { B 1 ,B 2 ,…,B j ,…,B n },B j The method is characterized in that the method comprises the steps that j candidate session records on a target hash link are obtained, the value range of j is 1 to n, and n is the number of candidate session records on the target hash link;
s400, traversing the candidate session record list B, and using the target quintuple and B j Matching the five-tuple information contained, and if the matching is successful, matching the target data packet according to B j The transmission node information in the network is forwarded; otherwise, matching the target data packet according to a matching strategy, wherein the matching strategy is to perform matching of bridge forwarding, route forwarding and snat forwarding according to a preset sequence.
2. The system for detecting packet forwarding according to claim 1, wherein the transmission node information further includes a forwarding mode, and the forwarding mode is one of bridge forwarding, route forwarding, and snat forwarding.
3. The system according to claim 2, wherein in S400, after the target packet is matched according to the matching policy, further comprising storing the target five-tuple, the incoming forwarding interface address, the outgoing forwarding interface address, and the forwarding mode as a session record after the transmission of the target packet is completed, and mapping the session record to the corresponding hash link.
4. The system according to claim 1, wherein in S400, the target packet is matched according to a matching policy, and when the forwarding mode is snat forwarding, the source mac is stored in a fixed area before the header.
5. The system according to claim 4, wherein in S400, the target packet is matched according to a matching policy, and when the forwarding mode is snat, the first 6 bits of the fixed area before the header are extracted as the source mac address.
6. The system of claim 1, wherein the memory further stores an ARP cache table, the ARP cache table storing a correspondence between IP addresses and mac addresses.
7. The system of claim 1, wherein the hash chain has a length of 65563.
8. The system for detecting packet forwarding according to claim 7, wherein when the hash value d calculated by any session based five-tuple is greater than 65563, the steps of:
s=d-k× 65563 is obtained, where s is equal to or less than 65563, k is a positive integer, and the session is mapped to the hash link corresponding to s.
9. A system for detecting packet forwarding according to claim 3, further comprising:
s001, when the forwarding mode is bridge forwarding, the transmission node information comprises an access forwarding interface address and an output forwarding interface address;
s002, when the forwarding mode is route forwarding, the transmission node information comprises an access forwarding interface address, an output forwarding interface address and an output forwarding interface mac address;
and S003, when the forwarding mode is snat forwarding, the transmission node information comprises an access forwarding interface address, an output forwarding interface mac address and a source mac address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310985929.3A CN116723150B (en) | 2023-08-07 | 2023-08-07 | Data packet forwarding system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310985929.3A CN116723150B (en) | 2023-08-07 | 2023-08-07 | Data packet forwarding system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116723150A true CN116723150A (en) | 2023-09-08 |
| CN116723150B CN116723150B (en) | 2024-07-19 |
Family
ID=87870042
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310985929.3A Active CN116723150B (en) | 2023-08-07 | 2023-08-07 | Data packet forwarding system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116723150B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302179A (en) * | 2016-07-29 | 2017-01-04 | 杭州迪普科技有限公司 | A kind of method and device managing concordance list |
| CN110708250A (en) * | 2019-08-26 | 2020-01-17 | 广州市高科通信技术股份有限公司 | Method for improving data forwarding performance, electronic equipment and storage medium |
| CN112948313A (en) * | 2021-03-01 | 2021-06-11 | 杭州迪普科技股份有限公司 | Session data management method and device |
| CN112954079A (en) * | 2021-04-08 | 2021-06-11 | 平安科技(深圳)有限公司 | Message forwarding method and device, electronic equipment and readable storage medium |
| WO2022052882A1 (en) * | 2020-09-14 | 2022-03-17 | 华为技术有限公司 | Data transmission method and apparatus |
-
2023
- 2023-08-07 CN CN202310985929.3A patent/CN116723150B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302179A (en) * | 2016-07-29 | 2017-01-04 | 杭州迪普科技有限公司 | A kind of method and device managing concordance list |
| CN110708250A (en) * | 2019-08-26 | 2020-01-17 | 广州市高科通信技术股份有限公司 | Method for improving data forwarding performance, electronic equipment and storage medium |
| WO2022052882A1 (en) * | 2020-09-14 | 2022-03-17 | 华为技术有限公司 | Data transmission method and apparatus |
| CN112948313A (en) * | 2021-03-01 | 2021-06-11 | 杭州迪普科技股份有限公司 | Session data management method and device |
| CN112954079A (en) * | 2021-04-08 | 2021-06-11 | 平安科技(深圳)有限公司 | Message forwarding method and device, electronic equipment and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116723150B (en) | 2024-07-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1371187B1 (en) | Cache entry selection method and apparatus | |
| US7260096B2 (en) | Method and router for forwarding internet data packets | |
| JP4287168B2 (en) | System and method for determining source of IP packet | |
| US7260085B2 (en) | System and method for determining a destination for an internet protocol packet | |
| CN101087296B (en) | Method for utilizing network processor to translate the IPv4/IPv6 network protocol | |
| US20150131666A1 (en) | Apparatus and method for transmitting packet | |
| US20010037396A1 (en) | Stackable lookup engines | |
| US10277481B2 (en) | Stateless forwarding in information centric networks with bloom filters | |
| US20080298244A1 (en) | Apparatus and method for caching lookups based upon tcp traffic flow characteristics | |
| KR20130136522A (en) | Addressing scheme for hybrid communication networks | |
| US20200228449A1 (en) | Exact match and ternary content addressable memory (tcam) hybrid lookup for network device | |
| CN109743414B (en) | Method for improving address translation availability using redundant connections and computer readable storage medium | |
| TW201436508A (en) | Method and apparatus of forwarding Ethernet packet | |
| US20220294712A1 (en) | Using fields in an encapsulation header to track a sampled packet as it traverses a network | |
| CN111131539B (en) | Message forwarding method and device | |
| US6950429B2 (en) | IP data transmission network using a route selection based on level 4/5 protocol information | |
| EP1526699B1 (en) | Method and system for accelerated packet processing | |
| CN112104761A (en) | NAT address translation method | |
| CN116723150B (en) | Data packet forwarding system | |
| EP1355472B1 (en) | Method and system to determine the most appropriate software layer after reception of a packet | |
| US8316432B2 (en) | Method for implementing security-related processing on packet and network security device | |
| US11882039B1 (en) | UDF-based traffic offloading methods and systems | |
| JP2005101690A (en) | Repeating device and repeating method | |
| JP6883470B2 (en) | Packet relay device and packet relay system | |
| KR100572693B1 (en) | How to Look Up Internet Protocol Packets |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |