CN117544566A - Application flow sensing method and system - Google Patents
Application flow sensing method and system Download PDFInfo
- Publication number
- CN117544566A CN117544566A CN202210920075.6A CN202210920075A CN117544566A CN 117544566 A CN117544566 A CN 117544566A CN 202210920075 A CN202210920075 A CN 202210920075A CN 117544566 A CN117544566 A CN 117544566A
- Authority
- CN
- China
- Prior art keywords
- application flow
- application
- message
- information
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 230000005540 biological transmission Effects 0.000 claims abstract description 74
- 238000005538 encapsulation Methods 0.000 claims description 43
- 238000004458 analytical method Methods 0.000 claims description 25
- 238000004806 packaging method and process Methods 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 16
- 230000008676 import Effects 0.000 claims description 7
- 238000012545 processing Methods 0.000 abstract description 14
- 230000000694 effects Effects 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 abstract description 4
- 230000006978 adaptation Effects 0.000 abstract description 3
- 238000007726 management method Methods 0.000 description 16
- 238000010586 diagram Methods 0.000 description 14
- 238000013507 mapping Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000003032 molecular docking Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/082—Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/11—Identifying congestion
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2592—Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/302—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information gathering intelligence information for situation awareness or reconnaissance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Evolutionary Computation (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention provides an application flow sensing method and an application flow sensing system, which are characterized in that the application flow received from a first CE is identified by the flow, and the application flow is identified according to an identification result; adding Ethernet two-layer header information in the message of the application flow according to the identification of the application flow so as to encapsulate the message of the application flow; the encapsulated message is sent to the first PE, so that the first PE guides the message into a transmission pipeline meeting the SLA of the application flow for transmission, the problem that the sensing depth message cannot be resolved in the related technology and only simple two-layer message header identification and processing are supported is solved, and the effect that rapid upgrading adaptation can be carried out between the traditional transmission network and the application sensing network is achieved.
Description
Technical Field
The embodiment of the invention relates to the field of data communication and transmission, in particular to an application flow sensing method and system.
Background
As networks evolve, various emerging industries and applications continue to emerge. These different types of emerging applications often have different requirements on bandwidth, latency, jitter, etc. performance. This also places more stringent and differentiated demands on the transport services and equipment of the bearer network. Based on the background, the industry proposes the concept of application-aware networks, and aims to provide a whole set of traffic-aware and differentiated delivery end-to-end schemes based on applications.
In the existing scheme, application awareness is performed at an edge node of a network, and because flow awareness often needs to perform deep analysis on a message, the method has high requirements on packet processing capacity of equipment hardware. The existing transport network device generally does not have the capability of deep message parsing, and only supports simple two-layer message header identification and processing.
Disclosure of Invention
The embodiment of the invention provides an application flow sensing method and system, which at least solve the problem that a sensing depth message cannot be resolved in the related technology and only support the identification and processing of a simple two-layer message header.
According to an embodiment of the present invention, there is provided an application flow sensing method including: carrying out flow identification on application flow received from first user edge equipment CE, and identifying the application flow according to the identification result; adding Ethernet two-layer header information into the message of the application flow according to the identification of the application flow so as to package the message of the application flow; and sending the encapsulated message to a first Provider Edge (PE) so that the first PE can import the message into a transmission pipeline meeting the Service Level Agreement (SLA) of the application flow for transmission.
In an exemplary embodiment, before said traffic identifying the application traffic received from the first customer edge device CE, the method further comprises: and establishing an analysis control table corresponding to the matching of the application flow and the application flow number, and a packaging control table corresponding to the matching of the application flow and the escape packaging information.
In an exemplary embodiment, the identifying the traffic of the application traffic received from the first customer edge CE and identifying the application traffic according to the identification result includes: and identifying and acquiring quintuple information and ingress port information of the application flow, and searching and matching the application flow number in the analysis control table according to the quintuple information and ingress port information so as to finish identification of the application flow.
In an exemplary embodiment, the adding ethernet two-layer header information in the packet of the application traffic according to the identification of the application traffic includes: searching and matching the escape encapsulation information in the encapsulation control table according to the application stream number; and adding Ethernet two-layer header information into the message of the application flow according to the escape encapsulation information.
In an exemplary embodiment, after the sending the encapsulated packet to the first provider edge PE, the method further includes: the first PE searches a matched transmission pipeline according to the Ethernet two-layer header information; and the first PE sends the packaged message to a second PE through the transmission channel.
In an exemplary embodiment, after the first PE imports the packet into a transport pipe that satisfies the service level agreement SLA of the application traffic for transmission, the method further includes: reversely searching and matching the application stream number according to the Ethernet two-layer header information; stripping the Ethernet two-layer header information of the encapsulated message according to the application stream number; reversely searching a port number of a second CE which is matched and receives the application flow according to the application flow number; and sending the application flow to the second CE through the port corresponding to the port number.
In an exemplary embodiment, after the application traffic is sent to the second CE through the port corresponding to the port number, the method further includes: and the second CE transmits the received application flow to user equipment.
In an exemplary embodiment, the two-layer header message includes at least one of: virtual local area network information VLAN or multiprotocol label switching information MPLS.
According to another embodiment of the present invention, there is provided an application flow sensing system including: and the escape device is used for sequentially identifying, identifying and packaging the application flow received from the first user edge equipment CE, and sending the packaged message of the application flow to the first provider edge equipment PE so that the first PE can introduce the message into a transmission pipeline meeting the service level agreement SLA of the application flow for transmission.
In one exemplary embodiment, the escape apparatus includes: the analysis module is used for carrying out flow identification on the application flow and identifying the application flow according to the identification result; the encapsulation module is used for adding Ethernet two-layer header information into the message of the application flow according to the identification of the application flow so as to encapsulate the message of the application flow; and the sending module is used for sending the packaged message to the first PE.
In one exemplary embodiment, the parsing module includes: the identification unit is used for identifying and acquiring quintuple information and ingress port information of the application flow; and the identification unit is used for searching and matching the application flow number in the analysis control table according to the five-tuple information and the ingress port information so as to finish identification of the application flow.
In one exemplary embodiment, further comprising: and the management and control center is used for establishing an analysis control table corresponding to the application flow matched with the application flow number and a packaging control table corresponding to the application flow matched with the escape packaging information, and issuing the analysis control table and the packaging control table to the escape device.
In an exemplary embodiment, the escape device is further configured to reversely identify, and strip ethernet two-layer header information of the encapsulated packet, and send the packet with the ethernet two-layer header information stripped to a second CE.
According to a further embodiment of the invention, there is also provided a computer readable storage medium having stored therein a computer program, wherein the computer program is arranged to perform the steps of any of the method embodiments described above when run.
According to a further embodiment of the invention, there is also provided an electronic device comprising a memory having stored therein a computer program and a processor arranged to run the computer program to perform the steps of any of the method embodiments described above.
According to the invention, the application flow received from the first CE is identified, and the application flow is identified according to the identification result; adding Ethernet two-layer header information in the message of the application flow according to the identification of the application flow so as to encapsulate the message of the application flow; the encapsulated message is sent to the first PE, so that the first PE guides the message into a transmission pipeline meeting the SLA of the application flow for transmission, the problem that the sensing depth message cannot be resolved in the related technology and only simple two-layer message header identification and processing are supported is solved, and the effect that rapid upgrading adaptation can be carried out between the traditional transmission network and the application sensing network is achieved.
Drawings
Fig. 1 is a block diagram of a hardware structure of a mobile terminal to which a traffic awareness method is applied according to an embodiment of the present invention;
FIG. 2 is a flow chart of an application flow awareness method according to an embodiment of the present invention;
FIG. 3 is a flow chart of an application flow awareness method according to an embodiment of the present invention;
FIG. 4 is a flow chart of an application traffic encapsulation according to an embodiment of the present invention;
FIG. 5 is a flow chart of an application flow awareness method according to an embodiment of the present invention;
FIG. 6 is a flow chart of an application flow awareness method according to an embodiment of the present invention;
FIG. 7 is a flow chart of an application flow awareness method according to an embodiment of the present invention;
FIG. 8 is a block diagram of an application flow aware system according to an embodiment of the present invention;
figure 9 is a block diagram of an escape apparatus according to an embodiment of the present invention;
FIG. 10 is a block diagram of a parsing module according to an embodiment of the invention;
FIG. 11 is a block diagram of an application flow aware system according to an embodiment of the present invention;
FIG. 12 is a schematic diagram of an architecture of an application traffic aware network framework according to an embodiment of the present invention;
FIG. 13 is a block diagram of an escape apparatus according to an embodiment of the present invention;
FIG. 14 is a flow chart of an application flow awareness method according to an embodiment of the present invention;
fig. 15 is a flow chart of an application flow aware method according to an embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings in conjunction with the embodiments.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order.
The method embodiments provided in the embodiments of the present application may be performed in a mobile terminal, a computer terminal or similar computing device. Taking the operation on a mobile terminal as an example, fig. 1 is a block diagram of a hardware structure of a mobile terminal to which a traffic awareness method is applied according to an embodiment of the present invention. As shown in fig. 1, a mobile terminal may include one or more (only one is shown in fig. 1) processors 102 (the processor 102 may include, but is not limited to, a microprocessor MCU or a processing device such as a programmable logic device FPGA) and a memory 104 for storing data, wherein the mobile terminal may also include a transmission device 106 for communication functions and an input-output device 108. It will be appreciated by those skilled in the art that the structure shown in fig. 1 is merely illustrative and not limiting of the structure of the mobile terminal described above. For example, the mobile terminal may also include more or fewer components than shown in fig. 1, or have a different configuration than shown in fig. 1.
The memory 104 may be used to store computer programs, such as software programs and modules of application software, such as computer programs corresponding to the application flow sensing method in the embodiment of the present invention, and the processor 102 executes the computer programs stored in the memory 104 to perform various functional applications and data processing, that is, implement the method described above. Memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory remotely located relative to the processor 102, which may be connected to the mobile terminal via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission means 106 is arranged to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the mobile terminal. In one example, the transmission device 106 includes a network adapter (Network Interface Controller, NIC) that can connect to other network devices through a base station to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module for communicating with the internet wirelessly.
The key of the existing application-aware network is application awareness and traffic importation. Wherein: application awareness refers to traffic identification and identification of an access application; the flow guiding refers to guiding the identified application flow to a transmission path and a pipeline meeting the SLA requirement. To achieve the above object, existing application-aware network modeling includes the following components:
application aware edge nodes: identifying the application flow accessed by the Client, wherein the identification information source can be two-layer to four-layer header information packaged by a data message or an application identifier directly packaged by an application APP at an application layer; and packaging the application flow according to the identification result, and providing the application flow for the service perception head node for the next processing.
Application aware header node: application traffic is received from the application aware edge node and application identification information is obtained therefrom. And carrying out path searching and matching on the application identifier maintained by the service platform and the application parameter information, and importing the flow into a path meeting the SLA requirement.
Application aware intermediate nodes: and the intermediate node locally applies a series of flow or resource strategies according to the application identification information carried by the message to ensure the transmission requirement of the application.
Application aware tail node: the transmission path is terminated at the tail node, and if the application-related identifier is carried in a tunnel encapsulation form in the transmission forwarding path, the application identifier information is stripped at the tail node.
Wherein the application aware edge node and the head node may be physically merged and deployed within the same entity. However, in the above modeling framework, application awareness is performed at an edge node of the network, and since flow awareness often needs to perform deep parsing on a message, a high requirement is placed on packet processing capability of device hardware. The existing transport network device generally does not have the capability of deep message parsing, and only supports simple two-layer message header identification and processing.
In order to enable the existing transmission network to have the capability of switching to the application-aware network under the condition of not carrying out hardware upgrading, the invention provides an application flow sensing method and an application flow sensing system, which can convert complex application flow information into simple message two-layer information.
In this embodiment, an application flow sensing method running on the mobile terminal shown in fig. 1 is provided, fig. 2 is a flowchart of the application flow sensing method according to an embodiment of the present invention, and as shown in fig. 2, the flowchart includes the following steps:
step S202, carrying out flow identification on application flow received from first user Edge equipment (CE), and carrying out identification on the application flow according to an identification result;
step S204, adding Ethernet two-layer header information in the message of the application flow according to the identification of the application flow, and packaging the message of the application flow;
in step S206, the encapsulated packet is sent to a first Provider Edge (PE), so that the first PE imports the packet into a transport pipe that satisfies a service level agreement (Service Level Agreement, SLA) of the application traffic for transmission.
Through the steps, the application flow received from the first CE is identified by the flow identification, and the application flow is identified according to the identification result; adding Ethernet two-layer header information in the message of the application flow according to the identification of the application flow so as to encapsulate the message of the application flow; the encapsulated message is sent to the first PE, so that the first PE guides the message into a transmission pipeline meeting the SLA of the application flow for transmission, the problem that the sensing depth message cannot be resolved in the related technology and only simple two-layer message header identification and processing are supported is solved, and the effect that rapid upgrading adaptation can be carried out between the traditional transmission network and the application sensing network is achieved.
The main execution body of the above steps may be, but not limited to, a base station, a terminal, and the like.
In an exemplary embodiment, before the traffic identification is performed on the application traffic received from the first CE, the method further includes: and establishing an analysis control table corresponding to the matching of the application flow and the application flow number and an encapsulation control table corresponding to the matching of the application flow and the escape encapsulation information. Fig. 3 is a flowchart of an application flow sensing method according to an embodiment of the present invention, as shown in fig. 3, the flowchart including the steps of:
step S302, an analysis control table corresponding to the matching of the application flow and the application flow number and a packaging control table corresponding to the matching of the application flow and the escape packaging information are established;
step S304, carrying out flow identification on the application flow received from the first CE, and identifying the application flow according to the identification result:
step S306, adding Ethernet two-layer header information in the message of the application flow according to the identification of the application flow, and packaging the message of the application flow;
step S308, the encapsulated message is sent to the first PE, so that the first PE guides the message into a transmission pipeline meeting the SLA of the application flow for transmission.
In an exemplary embodiment, performing traffic identification on application traffic received from the first customer edge CE, and identifying the application traffic according to the identification result, includes: and identifying and acquiring quintuple information and ingress port information of the application flow, and searching for a matched application flow number in the analysis control table according to the quintuple information and ingress port information so as to finish identification of the application flow.
In an exemplary embodiment, adding ethernet two-layer header information in a message of an application traffic according to an identification of the application traffic includes: searching matching escape encapsulation information in an encapsulation control table according to the application stream number; and adding Ethernet two-layer header information into the message for the application flow according to the escape encapsulation information. Fig. 4 is a flowchart of an application traffic encapsulation according to an embodiment of the present invention, as shown in fig. 4, the flowchart including the steps of:
step S402, searching matching escape encapsulation information in an encapsulation control table according to the application stream number;
step S404, adding Ethernet two-layer header information into the message of the application flow according to the escape packaging information.
In an exemplary embodiment, after sending the encapsulated packet to the first PE, the method further includes: the first PE searches a matched transmission pipeline according to the Ethernet two-layer header information; and the first PE sends the packaged message to the second PE through the transmission channel. Fig. 5 is a flowchart of an application flow sensing method according to an embodiment of the present invention, as shown in fig. 5, the flowchart including the steps of:
step S502, establishing an analysis control table corresponding to the matching of the application flow and the application flow number and a packaging control table corresponding to the matching of the application flow and the escape packaging information;
step S504, carrying out flow identification on the application flow received from the first CE, and identifying the application flow according to the identification result;
step S506, adding Ethernet two-layer header information in the message of the application flow according to the identification of the application flow, and packaging the message of the application flow;
step S508, the encapsulated message is sent to the first PE, so that the first PE guides the message into a transmission pipeline meeting the SLA of the application flow for transmission;
step S510, the first PE searches a matched transmission pipeline according to the Ethernet two-layer header information;
in step S512, the first PE sends the encapsulated packet to the second PE through the transmission channel.
In an exemplary embodiment, after the first PE imports the packet into the transmission pipe that satisfies the SLA of the application traffic for transmission, the method further includes: reversely searching and matching the application stream number according to the Ethernet two-layer header information; stripping the Ethernet two-layer header information of the encapsulated message according to the application stream number; reversely searching a port number of a second CE matched with the received application flow according to the application flow number; and sending the application traffic to the second CE through the port corresponding to the port number. Fig. 6 is a flowchart of an application flow sensing method according to an embodiment of the present invention, as shown in fig. 6, the flowchart including the steps of:
step S602, reversely searching and matching the application stream number according to the Ethernet two-layer header information;
step S604, stripping the Ethernet two-layer header information of the packaged message according to the application stream number;
step S606, reversely searching the port number of the second CE matched with the received application flow according to the application flow number;
in step S608, the application traffic is sent to the second CE through the port corresponding to the port number.
In an exemplary embodiment, after sending the application traffic to the second CE through the port corresponding to the port number, the method further includes: and the second CE transmits the received application traffic to the user equipment. Fig. 7 is a flowchart of an application flow sensing method according to an embodiment of the present invention, as shown in fig. 7, the flowchart including the steps of:
step S702, reversely searching and matching the application stream number according to the Ethernet two-layer header information;
step S704, stripping the Ethernet two-layer header information of the packaged message according to the application stream number;
step S706, reversely searching the port number of the second CE matched with the received application flow according to the application flow number;
step S708, the application flow is sent to the second CE through the port corresponding to the port number;
in step S710, the second CE issues the received application traffic to the user equipment.
In one exemplary embodiment, the two-layer header message includes at least one of: virtual local area network information VLAN or multiprotocol label switching information MPLS.
From the description of the above embodiments, it will be clear to a person skilled in the art that the method according to the above embodiments may be implemented by means of software plus the necessary general hardware platform, but of course also by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.
In this embodiment, an application flow sensing system is further provided, and the system is used to implement the foregoing embodiments and preferred implementations, and will not be described in detail. As used below, the terms "means," "module," "unit" may be a combination of software and/or hardware that implements the intended function. While the system described in the following embodiments is preferably implemented in software, implementation in hardware, or a combination of software and hardware, is also possible and contemplated.
Fig. 8 is a block diagram of an application flow sensing system according to an embodiment of the present invention, and as shown in fig. 8, the application flow sensing system 80 includes: the escape device 810 is configured to sequentially identify, and encapsulate the application traffic received from the first CE, and send a packet of the encapsulated application traffic to the first PE, so that the first PE imports the packet into a transmission pipeline that satisfies the SLA of the application traffic for transmission.
In one exemplary embodiment, fig. 9 is a block diagram of the structure of an escape apparatus according to an embodiment of the present invention, and as shown in fig. 9, the escape apparatus 810 includes: the parsing module 910 is configured to perform flow identification on the application flow, and identify the application flow according to the identification result; the encapsulation module 920 is configured to add ethernet two-layer header information to the application traffic packet according to the application traffic identifier, so as to encapsulate the application traffic packet; a sending module 930, configured to send the encapsulated packet to the first PE.
In an exemplary embodiment, fig. 10 is a block diagram of a parsing module according to an embodiment of the present invention, and as shown in fig. 10, the parsing module 910 includes: an identifying unit 1010, configured to identify five-tuple information and ingress port information for acquiring application traffic; and the identification unit 1020 is configured to search for the application flow number in the parsing control table according to the five-tuple information and the ingress port information, so as to complete identification of the application flow.
In an exemplary embodiment, fig. 11 is a block diagram of an application flow sensing system according to an embodiment of the present invention, and as shown in fig. 11, the application flow sensing system 110 includes, in addition to the apparatus shown in fig. 8: and the management and control center 1110 is configured to establish an analysis control table corresponding to the application flow number matching and an encapsulation control table corresponding to the application flow matching with the escape encapsulation information, and issue the analysis control table and the encapsulation control table to the escape device.
In an exemplary embodiment, the escape device 810 is further configured to reversely identify, and strip ethernet two-layer header information of the encapsulated packet, and send the packet with the ethernet two-layer header information stripped to the second CE.
One skilled in the art should know that the escape device can identify, identify and encapsulate the application traffic, and reversely identify, identify and strip the encapsulated message, which can be correspondingly matched according to bidirectional transmission of the application traffic. That is, the current escape device may be used to identify, and encapsulate the application traffic in the current transmission, and the current escape device may be used to reversely identify, and strip the encapsulated message in the next transmission.
The respective devices, modules, and units described above may be implemented by software or hardware, and the latter may be implemented by, but not limited to: the device, the module and the unit are all positioned in the same processor; alternatively, each of the above devices, modules, and units may be located in any combination in different processors.
Embodiments of the present invention also provide a computer readable storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the method embodiments described above when run.
In one exemplary embodiment, the computer readable storage medium may include, but is not limited to: a usb disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a removable hard disk, a magnetic disk, or an optical disk, or other various media in which a computer program can be stored.
An embodiment of the invention also provides an electronic device comprising a memory having stored therein a computer program and a processor arranged to run the computer program to perform the steps of any of the method embodiments described above.
In an exemplary embodiment, the electronic apparatus may further include a transmission device connected to the processor, and an input/output device connected to the processor.
Specific examples in this embodiment may refer to the examples described in the foregoing embodiments and the exemplary implementation, and this embodiment is not described herein.
It will be apparent to one skilled in the art that the devices, modules, units, or steps of the invention described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, they may be implemented in program code executable by computing devices, so that they may be stored in a storage device for execution by computing devices, and in some cases, the steps shown or described may be performed in a different order than what is shown or described, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps in them may be fabricated into a single integrated circuit module for implementation. Thus, the present invention is not limited to any specific combination of hardware and software.
In order to enable those skilled in the art to better understand the technical solutions of the present invention, the following description is provided with reference to specific exemplary embodiments.
Scene embodiment one
Fig. 12 is a schematic structural diagram of an application flow aware network framework according to an embodiment of this invention, as shown in fig. 12, comprising:
CE device: customer service access equipment, user application flow is converged by CE equipment and then accessed to the transmission network. Specifically including CE1 and CE2.
Escape device: for importing user application traffic to the CE device. And identifies the application traffic based on the five-tuple information (source IP, destination IP, protocol type, source TCP/UDP port number, destination TCP/UDP port number) of the access message and the input interface. Takes on the role of application aware edge nodes. And is also used to identify traffic based on the results of applying traffic aware subdivision. And the method is also used for adding additional two-layer header information for corresponding application traffic according to the traffic identification result and the traffic identification escape result issued by management and control, including but not limited to VLAN, MPLS label and other labels (the following part is described by taking VLAN as an example). And (5) completing the analytic sensing and escape of the application flow. And the interface is also used for interfacing with the PE equipment of the transmission network and sending the escape message to the PE equipment from the corresponding outlet port. Specifically, an escape device 1 and an escape device 2 are included.
PE equipment: the method is used for interfacing with the escape device, and the flow is identified and marked by analyzing fields such as VLAN of the matched message. And the service path calculation result sent by the management and control platform is received, and the identified application flow is imported to a path meeting the SLA requirement. Specifically, PE1 and PE2 are included.
And (3) a management and control center: the method is used for collecting and maintaining the data information of the topology and the links of the transmission network and supporting the dynamic establishment and the disassembly of the transmission links when necessary. And the system is also used for collecting and maintaining the application flow characteristic information and the corresponding SLA requirement of the application flow (which can be obtained through static configuration or control protocol expansion interaction). And the network TE database is subjected to policy matching according to the application flow SLA requirements, a service path meeting the application SLA requirements is obtained, and a matching result is issued to the transmission network equipment.
In order to achieve the above-mentioned function of the escape apparatus, the present embodiment provides an escape apparatus, and fig. 13 is a block diagram of the escape apparatus according to the embodiment of the present invention, as shown in fig. 13, the escape apparatus includes:
assembly 1: a parser.
The parser accesses the user application flow from the interfaces P1-Pn and parses the application flow, obtains flow five-tuple information (source IP, destination IP, protocol type, TCP/UDP source port number, TCP/UDP destination port number) according to the parsing result, combines the input port number of the flow input to form a Key value query parsing control table, and marks the corresponding message according to the returned application flow number information of the parsing control table.
Assembly 2: the control table is parsed.
The table is used for storing the mapping relation between the message quintuple and the application stream number, wherein the content is configured by the management and control center to be issued and used for the inquiry of the parser.
The specific structure of the parsing control table is shown in table 1, and includes an input port number, a Source IP (SIP), a Destination IP (Destination IP), a protocol type, a TCP/UDP Source port number, a TCP/UDP Destination port number, and an application flow number.
Table 1: analytical control table
And (3) an assembly 3: and packaging the control table.
1) The table entry stores the mapping information of the application flow and the outgoing encapsulation, wherein the flow identification information is a table entry key value, and the converted flow identification information is stored in the modes of the outgoing interface, the target encapsulation VLAN, the MPLS label and the like.
2) The escape encapsulation result of the traffic identification includes, but is not limited to, VLAN, MPLS label, etc. Meanwhile, considering granularity of flow subdivision and the number of application flows existing on the same interface, the flow can be expanded in a multi-layer VLAN or MPLS label stacking mode, and the purpose of dynamically expanding flow to escape capacity specification is achieved.
3) The entry is issued by the management and control center configuration.
The specific structure of the encapsulation control table is shown in table 2, and includes an application flow number, an outer layer VLAN identifier, an inner layer VLAN identifier, and an outgoing port number.
Table 2: encapsulation control table
Assembly 4: and (5) packaging.
1) Encapsulator is used for performing escape encapsulation processing on identified application traffic
2) The encapsulator receives the message input by the parser and the application flow identifier carried by the path of the message. And using the application flow identification as a key value to carry out matching query on the encapsulation control table.
3) And the encapsulation control table returns the matched encapsulation information to the encapsulator, carries out corresponding encapsulation processing on the corresponding application message, and sends out an encapsulated escape message from the appointed output interface.
Scene embodiment two
According to the network framework provided in the first scenario embodiment, a specific flow of the application flow sensing method is provided in the second scenario embodiment, and fig. 14 is a flowchart of the application flow sensing method according to the scenario embodiment of the present invention, as shown in fig. 14, the flow includes the following steps:
step 1402, network/application information collection;
1) And (3) collecting by a management and control center: and applying the related information such as flow characteristic information, transmission network topology information, transmission network pipeline bandwidth, time delay, jitter and the like.
2) Uniformly calculating the escape rule of the application flow and the path association of the network channel, and issuing an analysis control table and a packaging control table to an escape device; and issuing the mapping relation between the VLAN and the transmission soft/hard pipeline after the escape to the PE equipment.
Step 1404, the ce1 sends the aggregated application traffic to the escape apparatus 1;
the workflow of each component in the escape apparatus 1 is as follows:
1) Component 1 parser: and analyzing the client service, and acquiring flow quintuple information (source IP, destination IP, protocol type, source TCP/UDP port number and destination TCP/UDP port number). And inquiring the analysis control table according to the matching rule issued by the management and control by combining the port information.
2) Component 2 parser control table: and inquiring the analysis control table according to the five-tuple information, and returning an application stream number to the component 1.
3) Component 3 encapsulates the control table: querying the encapsulation control table according to the application stream number, and returning the queried escape encapsulation information to the component 4
4) Component 4 encapsulator: and carrying out corresponding escape encapsulation processing on the application message according to the return result of the component 3, adding one or two layers of VLAN information, and sending out from the device through a designated interface.
Step 1406, the escape device 1 sends the encapsulated application flow message to the PE1;
step 1408, the PE1 receives and parses the message input by the escape device 1, and sends the message to the PE2;
and the PE1 performs transmission channel mapping search based on VLAN information according to the escape VLAN information carried by the message and the path calculation result issued by the management and control center, and guides corresponding application flow to a corresponding transmission pipeline according to the matching result and sends the corresponding application flow to PE2 equipment at the far end.
Step 1410, the pe2 receives the message through the transmission pipeline and sends the message to the escape apparatus 2;
PE2 sends out the data from the relevant interface to the escape device 2 according to the mapping relation between the pipeline and the user interface under control
Step 1412, escape apparatus 2 receives application traffic from PE2 and sends to CE2;
the escape device 2 executes a reverse table look-up flow according to the access port number and VLAN encapsulation information, performs VLAN stripping operation on the message after the application flow number is obtained, reversely queries the CE docking port number according to the application flow number, and sends the CE docking port number to the CE2 from the relevant port.
Step 1414, CE2 receives traffic and forwards it to the down-hanging ue;
and the CE2 receives the traffic and forwards the traffic to the down-hanging user equipment, and end-to-end traffic sensing and transmission are completed.
Scene embodiment III
Third, the present scenario embodiment provides an implementation manner of providing application awareness for an OTN transport network based on VLAN escape mode, and fig. 15 is a flowchart of an application traffic awareness method according to the present scenario embodiment, as shown in fig. 15, where the flowchart includes the following steps:
step 1502, application/network information collection and control entry is issued;
1) The management and control center collects the application flow characteristic information, calculates the resource condition of the escape VLAN, and distributes VLAN mapping resources of the corresponding flow and then issues the escape device and PE equipment. 2) The management and control center collects the associated SLA information of the application flow. 3) The management and control center collects topology and transmission pipeline information (such as ODUk and OSU pipeline information) of the OTN network. 4) Calculating an application flow transmission path according to the three; and issuing the mapping relation between the VLAN and the transmission pipeline to the PE equipment.
Step 1504, applying flow awareness and escape encapsulation;
1) The escape device installs control list items issued by the control center. The parser combines the input port information of the flow input from the five-tuple information (source IP, destination IP, protocol type, source TCP/UDP port number, destination TCP/UDP port number) of the flow, selects the corresponding field according to the matching rule issued by the management and control to generate an application flow number value, and the application flow number value is carried along with the message and is output to the escape packaging processor.
2) If a certain enterprise user simultaneously has video application flow and data transmission application flow and accesses the escape device through the access port 1, the source IP of the two application flows is consistent, the destination IP is consistent, but the protocol type is different from the four-layer port number information. The escape device parser looks up the parse control table hit rules 1 and 2 shown in table 3, resulting in application stream numbers 123 and 234, respectively.
Table 3: scene embodiment parsing control table
3) The video traffic and the data transmission traffic are respectively provided with outer layer VLAN identifications (100 ) (100, 200) according to the return result of the encapsulation table by using the application stream numbers through the encapsulation control table shown in the lookup table 4 and are sent out from the outlet port number 1.
Table 4: scene embodiment encapsulation control table
Step 1506, introducing the application traffic into the transmission channel for transmission;
the PE device receives both video application and data application traffic from the port and identifies it based on the corresponding VLAN identification (100 ) (100, 200). And according to the identification result, matching the mapping information issued by the management control, respectively importing the two different types of application flows into different ODU/OSU pipelines meeting the SLA requirements for transmission.
Step 1508, applying a traffic reverse peel VLAN;
the remote PE device terminates the corresponding application flow from the ODU/OSU pipeline and sends the application flow to the remote escape device. The remote escape device performs reverse application stream number inquiry and VLAN removal according to VLAN encapsulation information of the message, and sends the reverse application stream number inquiry and VLAN removal to a remote CE from a corresponding port after the original flow encapsulation is restored. And then, the CE device performs necessary demultiplexing and sends the demultiplexed signals to the hung application terminal. And finishing end-to-end application sensing and transmission flow.
In summary, the invention provides a method and a system for sensing application traffic, which can perform deep analysis on the application traffic and convert the analysis result into a conversion device of simple two-layer encapsulation information, and simultaneously provides an end-to-end implementation scheme of an application sensing network based on the system. By deploying the system at the edge of a traditional transmission network (including but not limited to an OTN network), the existing network equipment can achieve the effect of having application awareness capability by only identifying simple Ethernet message two-layer header information (including but not limited to VLAN). The method solves the problem that the traditional transmission network equipment hardware does not have the deep message analysis capability and cannot carry out fine flow management. The conventional transmission network can be conveniently upgraded to the application sensing network through the on-demand deployment and docking of the application sensing and information escaping device, namely the escaping device, in the system, so that the equipment capital investment and the network transformation expenditure of operators are greatly reduced.
The above description is only of the preferred embodiments of the present invention and is not intended to limit the present invention, but various modifications and variations can be made to the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the principle of the present invention should be included in the protection scope of the present invention.
Claims (15)
1. An application flow sensing method, comprising:
carrying out flow identification on application flow received from first user edge equipment CE, and identifying the application flow according to the identification result;
adding Ethernet two-layer header information into the message of the application flow according to the identification of the application flow so as to package the message of the application flow;
and sending the encapsulated message to a first Provider Edge (PE) so that the first PE can import the message into a transmission pipeline meeting the Service Level Agreement (SLA) of the application flow for transmission.
2. The method according to claim 1, further comprising, prior to said traffic identifying the application traffic received from the first customer edge device CE:
and establishing an analysis control table corresponding to the matching of the application flow and the application flow number, and a packaging control table corresponding to the matching of the application flow and the escape packaging information.
3. The method according to claim 2, wherein the identifying the application traffic received from the first customer edge CE and identifying the application traffic according to the identification result comprises:
and identifying and acquiring quintuple information and ingress port information of the application flow, and searching and matching the application flow number in the analysis control table according to the quintuple information and ingress port information so as to finish identification of the application flow.
4. The method according to claim 2, wherein the adding ethernet two-layer header information in the application traffic message according to the application traffic identification includes:
searching and matching the escape encapsulation information in the encapsulation control table according to the application stream number;
and adding Ethernet two-layer header information into the message of the application flow according to the escape encapsulation information.
5. The method according to claim 1, wherein after the sending the encapsulated packet to the first provider edge PE, further comprises:
the first PE searches a matched transmission pipeline according to the Ethernet two-layer header information;
and the first PE sends the packaged message to a second PE through the transmission channel.
6. The method according to claim 1, wherein after the first PE imports the packet into a transport pipe that satisfies a service level agreement SLA of the application traffic for transmission, further comprising:
reversely searching and matching the application stream number according to the Ethernet two-layer header information;
stripping the Ethernet two-layer header information of the encapsulated message according to the application stream number;
reversely searching a port number of a second CE which is matched and receives the application flow according to the application flow number;
and sending the application flow to the second CE through the port corresponding to the port number.
7. The method of claim 6, wherein after the application traffic is sent to the second CE through the port corresponding to the port number, further comprising:
and the second CE transmits the received application flow to user equipment.
8. The method according to any one of claims 1-7, wherein the two-layer header message comprises at least one of: virtual local area network information VLAN or multiprotocol label switching information MPLS.
9. An application flow sensing system, comprising:
and the escape device is used for sequentially identifying, identifying and packaging the application flow received from the first user edge equipment CE, and sending the packaged message of the application flow to the first provider edge equipment PE so that the first PE can introduce the message into a transmission pipeline meeting the service level agreement SLA of the application flow for transmission.
10. The application flow sensing system of claim 9, wherein the escape device comprises:
the analysis module is used for carrying out flow identification on the application flow and identifying the application flow according to the identification result;
the encapsulation module is used for adding Ethernet two-layer header information into the message of the application flow according to the identification of the application flow so as to encapsulate the message of the application flow;
and the sending module is used for sending the packaged message to the first PE.
11. The application flow sensing system of claim 10, wherein the parsing module comprises:
the identification unit is used for identifying and acquiring quintuple information and ingress port information of the application flow;
and the identification unit is used for searching and matching the application flow number in the analysis control table according to the five-tuple information and the ingress port information so as to finish identification of the application flow.
12. The apparatus as recited in claim 9, further comprising:
and the management and control center is used for establishing an analysis control table corresponding to the application flow matched with the application flow number and a packaging control table corresponding to the application flow matched with the escape packaging information, and issuing the analysis control table and the packaging control table to the escape device.
13. The apparatus of claim 9, wherein the escape means is further configured to reverse identify, and strip ethernet two-layer header information of the encapsulated packet, and send the packet stripped of the ethernet two-layer header information to a second CE.
14. A computer readable storage medium, characterized in that a computer program is stored in the computer readable storage medium, wherein the computer program, when executed by a processor, implements the method of any of claims 1 to 8.
15. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 8 when executing the computer program.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210920075.6A CN117544566A (en) | 2022-08-01 | 2022-08-01 | Application flow sensing method and system |
| PCT/CN2023/093987 WO2024027271A1 (en) | 2022-08-01 | 2023-05-12 | Application traffic sensing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210920075.6A CN117544566A (en) | 2022-08-01 | 2022-08-01 | Application flow sensing method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117544566A true CN117544566A (en) | 2024-02-09 |
Family
ID=89794460
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210920075.6A Pending CN117544566A (en) | 2022-08-01 | 2022-08-01 | Application flow sensing method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN117544566A (en) |
| WO (1) | WO2024027271A1 (en) |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111327528A (en) * | 2018-12-17 | 2020-06-23 | 中兴通讯股份有限公司 | Label attribute identification method, device, equipment and storage medium |
| CN110166361B (en) * | 2019-05-30 | 2021-07-23 | 新华三技术有限公司 | Message forwarding method and device |
| CN114827057B (en) * | 2021-01-11 | 2024-04-16 | 中国电信股份有限公司 | Communication method and communication system |
| CN114765567B (en) * | 2021-01-11 | 2024-04-16 | 中国电信股份有限公司 | Communication method and communication system |
-
2022
- 2022-08-01 CN CN202210920075.6A patent/CN117544566A/en active Pending
-
2023
- 2023-05-12 WO PCT/CN2023/093987 patent/WO2024027271A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| WO2024027271A1 (en) | 2024-02-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11637774B2 (en) | Service routing packet processing method and apparatus, and network system | |
| CN109361600B (en) | Method and equipment for acquiring path identifier | |
| CN105024985A (en) | Message processing method and apparatus | |
| US20210367896A1 (en) | Service Packet Processing Method, Apparatus, and System | |
| EP2901630A2 (en) | Method operating in a fixed access network and ues | |
| US20230370899A1 (en) | Packet forwarding method, packet processing method, and device | |
| US10182132B2 (en) | Method, apparatus and system for communication between OpenFlow device and IP network device | |
| CN110198229A (en) | Network collocating method and device, storage medium and electronic device | |
| CN105075191A (en) | Wireless network data processing device and wireless network system | |
| CN115065637B (en) | Method and device for transmitting computing power resource information and electronic equipment | |
| CN117118886A (en) | Message forwarding method, head-end equipment, controller, equipment and storage medium | |
| CN105515995A (en) | Message processing method and apparatus, and flow table generation method and apparatus | |
| CN101577660B (en) | Method and device for acquiring label forwarding list item and forwarding message | |
| CN117544566A (en) | Application flow sensing method and system | |
| CN108574637B (en) | Address self-learning method and device and switch | |
| CN111865805B (en) | Multicast GRE message processing method and system | |
| CN115733786A (en) | Routing and cloud resource registration method and device, storage medium and electronic device | |
| CN105871733A (en) | Method, device and system for processing user data packet | |
| CN104871497A (en) | Flow table processing method and apparatus | |
| CN114980359B (en) | Data forwarding method, device, equipment, system and storage medium | |
| CN114900756B (en) | Data transmission method and device and computer readable storage medium | |
| WO2024104007A1 (en) | Packet transmission method and apparatus, storage medium and electronic device | |
| CN117896309A (en) | Service processing method, communication device, storage medium, and program product | |
| CN117527667A (en) | Service function chain processing method and device | |
| CN117527690A (en) | Network addressing method, device, communication equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |