CN118101555B - Message forwarding method and device, electronic equipment and computer readable storage medium - Google Patents
Message forwarding method and device, electronic equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN118101555B CN118101555B CN202410488738.0A CN202410488738A CN118101555B CN 118101555 B CN118101555 B CN 118101555B CN 202410488738 A CN202410488738 A CN 202410488738A CN 118101555 B CN118101555 B CN 118101555B
- Authority
- CN
- China
- Prior art keywords
- service
- message
- list
- node
- sff
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims description 44
- 230000005540 biological transmission Effects 0.000 claims abstract description 19
- 238000012545 processing Methods 0.000 claims description 23
- 230000004044 response Effects 0.000 claims description 21
- 230000003068 static effect Effects 0.000 claims description 20
- 238000005538 encapsulation Methods 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 10
- 238000004806 packaging method and process Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 description 10
- 238000004891 communication Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 101150049032 ACL1 gene Proteins 0.000 description 4
- 101100448894 Arabidopsis thaliana GLR3.1 gene Proteins 0.000 description 4
- 101100054598 Hordeum vulgare ACL1.2 gene Proteins 0.000 description 4
- 101150023061 acpP gene Proteins 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 239000003795 chemical substances by application Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 238000013519 translation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/30—Routing of multiclass traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/34—Source routing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
In this embodiment, since the SFF node is configured with the message feature information of different types of services and the SID List associated with each message feature information, the message feature information of any service is used to identify the service and the message transmission direction, and the SID List associated with the message feature information of any service is used to encapsulate SRv when forwarding the service message corresponding to the service to the destination device, this makes it unnecessary to occupy 2N interfaces between the SFF and SF nodes, which can reduce the number of interfaces occupied by the SFF node and increase the application scale of the proxy mode.
Description
Technical Field
The present application relates to the field of network communications technologies, and in particular, to a method and apparatus for forwarding a packet, an electronic device, and a computer readable storage medium.
Background
In the existing SRv Service chain static proxy mode, service chain forwarding (Service Function Forwarder, SFF) nodes bear messages of different Service types and access messages and response messages of the same Service type through different interfaces with Service Function (SF) nodes, which limits that N types of services need to occupy 2N interfaces between the SFF nodes and the SF nodes. Wherein, different interfaces between SFF node and SF node are distinguished by different SRv service chain static proxy (end. AS SID) labels. Thus, in SRv service chain static proxy mode, there are a large number of interfaces on SFF nodes and a large number of end.
Disclosure of Invention
In view of this, the present application provides a method, apparatus, electronic device, and computer readable storage medium for forwarding a message, so as to reduce the number of interfaces occupied by SFF nodes, thereby improving node performance and application scale of a service chain static proxy mode.
The embodiment of the application provides a message forwarding method, which is applied to SRv service chains for forwarding SFF nodes, wherein when the SFF nodes are positioned on SRv service chains of different types of services, an interface connected with the SF nodes of the same application service on the SFF nodes is used for associating at least one type of service, so that the SFF nodes forward service messages of the associated at least one type of service through the interface; the SFF node is configured with message characteristic information of different types of services and a segment route identification List SID List associated with each message characteristic information, the message characteristic information of any service is used for identifying the service and the message transmission direction, and the SID List associated with the message characteristic information of any service is used for packaging SRv when a service message corresponding to the service is forwarded to the destination device; the method comprises the following steps:
After carrying out SRv de-encapsulation on a received first service message which accesses a second end from a first end by the SFF node to obtain a second service message, forwarding the second service message to the SF node through a first interface indicated by a SRv service chain static proxy end AS SID tag carried by the first service message so AS to carry out service processing on the second service message by the SF node to obtain a third service message;
The SFF node receives the third service message through a first interface, searches for an associated first target SID List according to first message characteristic information carried by the third service message, encapsulates the third service message according to the first target SID List SRv to obtain a fourth service message, and sends the fourth service message to a second end.
The embodiment of the application also provides a message forwarding device, which is applied to SRv service chains for forwarding SFF nodes, and when the SFF nodes are positioned on SRv service chains of different types of services, an interface connected with the SF nodes of the same application service on the SFF nodes is used for associating at least one type of service, so that the SFF nodes forward service messages of the associated at least one type of service through the interface; the SFF node is configured with message characteristic information of different types of services and a segment route identification List SID List associated with each message characteristic information, the message characteristic information of any service is used for identifying the service and the message transmission direction, and the SID List associated with the message characteristic information of any service is used for packaging SRv when a service message corresponding to the service is forwarded to the destination device; the device comprises:
The first forwarding module is configured to forward, by the SFF node, the second service packet to the SF node through a first interface indicated by an end. AS SID tag of a SRv service chain static agent carried by the first service packet after performing SRv de-encapsulation on the received first service packet from the first end to access the second end to obtain the second service packet, so that the SF node performs service processing on the second service packet to obtain a third service packet;
the first sending module is configured to receive the third service packet through the first interface by using the SFF node, find an associated first target SID List according to first packet feature information carried by the third service packet, and package the third service packet according to the first target SID List SRv to obtain a fourth service packet, and send the fourth service packet to the second end.
The embodiment of the application also provides electronic equipment, which comprises: a processor and a memory for storing computer program instructions which, when executed by the processor, cause the processor to perform the steps of the method as above.
Embodiments of the present application also provide a machine-readable storage medium storing computer program instructions which, when executed, enable the steps of the method as above to be carried out.
As can be seen from the above technical solution, in the embodiment of the present application, since the SFF node is configured with the packet feature information of different types of services and the segment routing identifier List SID List associated with each packet feature information, the packet feature information of any service is used to identify the service and the service transmission direction, and the SID List associated with the packet feature information of any service is used to encapsulate SRv when forwarding the service packet corresponding to the service to the destination device, this makes the SFF node not need to set a fixed interface for each type of service in a single transmission direction, and searches the SID List corresponding to the fixed interface to encapsulate and forward the service packet according to the packet feature information, and instead directly searches the SID List to encapsulate and forward the service packet according to the packet feature information, thereby not being limited to N types of services that need to occupy 2N interfaces between the SFF and the SF node. The method can effectively reduce the number of the occupied interfaces of the SFF nodes, thereby improving the node performance and the application scale of the service chain static proxy mode.
Drawings
Fig. 1 is a flow chart of a method according to an exemplary embodiment of the present application.
Fig. 2 is a flow chart of a method according to another exemplary embodiment of the present application.
Fig. 3 is a flow chart of a method according to another exemplary embodiment of the present application.
Fig. 4 is a block diagram of an apparatus according to an embodiment of the present application.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings identify the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.
In order to facilitate understanding of the technical solution of the embodiments of the present application, technical concepts related to the embodiments of the present application are explained before describing the present solution.
A new forwarding framework based on IPv6, similar to source route forwarding, can specify the forwarding path of traffic packets from the originating node based on internet protocol version 6 segment routing (Segment Routing over IPv, SRv).
Traffic engineering under the IPv6 forwarding plane (SRv Policy) is an application of SRv technology, which is used for the engineering of messages under the forwarding plane.
SRv6 service chain (Service Function Chain, SFC), a framework for deploying security services in a network, each type of service message can specify nodes of service devices through which the message passes in the forwarding process, so that clients can flexibly configure and decide which services the message needs to pass and the sequence of the services.
A traffic classification node (SERVICE CLASSIFIER, SC), located at the SRv SFC service chain network edge, is the source node of the service chain path. And the SC can adopt different drainage modes to introduce the service data into the SRv TE Policy tunnel for forwarding.
An application Service node (SF) is a node that provides specific application services for traffic. The application service nodes that cannot identify SRv messages are referred to as SRv6-unaware SF and the application service nodes that can identify SRv messages are referred to as SRv6-aware SF.
And the service chain forwarding node (Service Function Forwarder, SFF) is used as a service chain agent of the SF, forwards the received message to a plurality of SFs associated with the SFF according to SRv encapsulation information, and returns the message to the SFF after the SF processes the message, so that the SFF determines whether to continue forwarding the message.
Tail node (Tail Endpoint), which refers to the Endpoint node in the segment route.
Segment Routing ID (SID) is an identification used in a network based on Segment Routing technology.
Node tag (END SID) for identifying a SRv node tag of a device.
Service chain static proxy tags (end.as SID), tags used by service chain static proxy.
The service chain end identifier end.dt4sid is an identifier of the end point in the service chain.
After the technical concept related to the embodiment of the present application is explained, the technical problems existing in the SRv service chain static proxy mode in the prior art will be described in detail.
The service chain static proxy mode refers to: the SF node cannot identify and process SRv the packet, and after the SFF node needs to decapsulate the SRv packet, forward the original packet of the user network to SF processing. After the SF processes the original message, the message is forwarded back to the SFF node, and the SFF decides whether to continue forwarding the message in SRv SFC network. If forwarding continues in SRv SFC network, the SFF node needs to repackage SRv the header for the processed service message according to the manually configured SID list.
In the prior art, since the SFF node cannot identify the service class, the SFF node carries service messages of different service types through different interfaces. Wherein different interfaces are distinguished by different end.
Further, the SFF node forwards the message by using the SID List, the SID List in the prior art is deployed based on end, AS SID labels and Tail end points, and is limited by the deployment mode of the SID List, and the SID List is combined with the different Tail end points of the access message and the response message of the same service, so that if the access message and the response message of the service are transmitted by using the same interface, the interface must have two SID lists, and the SFF cannot distinguish which of the two SID lists is adopted to forward the message after receiving the message processed by the SF. Therefore, the access message and the response message of the same service type also need different interfaces to carry, which limits that the N-type service needs to occupy 2N interfaces between the SFF node and the SF node. This results in a large number of interfaces on the SFF node and a large number of end.
In view of the above, the embodiment of the application provides a message forwarding method applied in SRv service chain static proxy mode to solve the above problems.
In order to better understand the technical solutions provided by the embodiments of the present application and make the above objects, features and advantages of the embodiments of the present application more comprehensible, the technical solutions in the embodiments of the present application are described in further detail below with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a schematic flow chart of a method according to an exemplary embodiment of the present application. As an embodiment, the method is applied to SRv service chain forwarding SFF nodes, when the SFF nodes are on SRv service chains of different types of services, an interface on the SFF nodes connected with the same application service SF node is used for associating at least one type of service, so that the SFF nodes forward service messages of the associated at least one type of service through the interface; the SFF node is configured with message characteristic information of different types of services and a segment route identification List SID List associated with each message characteristic information, the message characteristic information of any service is used for identifying the service and the message transmission direction, and the SID List associated with the message characteristic information of any service is used for packaging SRv when a service message corresponding to the service is forwarded to the destination device.
As shown in fig. 1, the process may include the steps of:
S101, after carrying out SRv de-encapsulation on a received first service message which accesses a second end from a first end to obtain a second service message, the SFF node forwards the second service message to the SF node through a first interface indicated by a SRv service chain static proxy end.
In this embodiment, the first end may be a terminal in a User network, or may be an SC node on a service chain, and the second end may be a terminal in a User network, or may be a Tail Endpoint node on a service chain.
When the first end accesses the second end, a message is sent, the message is called a first service message, and correspondingly, the second end responds to the access after receiving the access message of the first end, and returns a response message responding to the access message to the first end, and the response message is called a fifth service message.
In this embodiment, only when an SFF node is in SRv service chain of a service, the SFF node can receive a first service packet of the service, otherwise, a previous node of the SFF node will not send the first service packet to the SFF node, that is, the first service packet received by the SFF node must be processed by the SF node connected to the SFF node. Therefore, the SRv service chain static proxy end. AS SID tag carried by the first service packet is necessarily associated with the interface on the present SFF node to connect to the SF node. Therefore, after receiving the first service message, the SFF node forwards the second service message to the SF node through the first interface indicated by the end. AS SID label carried by the first service message.
It should be noted that, before executing the above step S101, SRv service links configured for each different service class in the two directions of transmission between the first end and the second end are preset, and corresponding end.as SID labels are allocated for each service in the different directions of transmission for distinguishing between different services and directions of transmission, that is, end.as SID labels are allocated for each SRv service link. The end.as SID label corresponding to each SRv service chain where an SFF node is located is also associated with an interface on the SFF node that connects to the SF node, that is, various services that need to be served by the SF node of the SFF node are associated with the interface.
It should be noted that if the source end and the destination end of the message of the same service are different, the corresponding SRv service chains are different, and the assigned end.as SID tags are also different. Since in the embodiment shown in fig. 1, the SFF node receives the first service packet that is all accessed from the first end to the second end, the source end and the destination end are identical, so the assigned end.as SID tags are not identical as long as the service types are different.
S102, the SFF node receives a third service message through a first interface, searches an associated first target SID List according to first message characteristic information carried by the third service message, encapsulates the third service message according to the first target SID List SRv to obtain a fourth service message, and sends the fourth service message to a second end.
As an embodiment, the SFF node configures the message feature information of different types of services through ACL entries, wherein one ACL entry is associated with one SID List, and different ACL entries are associated with different SID lists. The specific implementation manner of searching the associated first target SID List according to the first message feature information carried by the third service message in the step S102 may be: and searching matched ACL List items according to the first message characteristic information carried by the third service message, and determining the SID List associated with the ACL List items as a first target SID List.
In this embodiment, the message characteristic information at least includes a service type, a source IP address, a destination IP address, a source port identifier, and a destination port identifier. And searching the matched ACL list item by matching the service type, the source end IP address, the destination end IP address, the source end port identifier and the destination end port identifier of the first service message.
It should be noted that, before executing the above step S101, each ACL entry needs to be configured, and a SID List is associated with each ACL entry. An ACL List is established according to the message characteristic information corresponding to each service chain SRv needing to pass through the SFF, and an SID List corresponding to the message characteristic information is generated according to the assigned end.AS SID label of the SRv service chain, tail Endpoint SID of the service chain and the end.dt4 SID of the service chain, and the association relation between the ACL List of the message characteristic information and the SID List corresponding to the message characteristic information is established.
It should be noted that if the source end and the destination end of the messages of the same service are different, the corresponding message characteristic information is different. Therefore, one type of service corresponds to two types of message characteristic information. Similarly, in the embodiment shown in fig. 1, since the SFF node receives the first service packet that is accessed from the first end to the second end, the source end and the destination end are the same, so the characteristic information of the packet is different as long as the service types are different.
Thus, the flow shown in fig. 1 is completed.
In this implementation, as the SFF node is configured with the message feature information of different types of services and the segment route identifier List SID List associated with each message feature information, the message feature information of any service is used to identify the service and the service transmission direction, and the SID List associated with the message feature information of any service is used to encapsulate SRv when forwarding the service message corresponding to the service to the destination device, this makes the SFF node not need to set a fixed interface in a single transmission direction for each type of service, and forwards the service message according to the SID List corresponding to the fixed interface, but directly searches the SID List according to the message feature information to encapsulate and forward the service message, so that the SFF node is not limited to N types of services that need to occupy 2N interfaces between the SFF and the SF node. The method can effectively reduce the number of the occupied interfaces of the SFF nodes, thereby improving the node performance and the application scale of the service chain static proxy mode.
Referring to fig. 2, fig. 2 is a flow chart of a method according to another exemplary embodiment of the present application.
As shown in fig. 1, the process may further include the steps of:
s201, after carrying out SRv de-encapsulation on a fifth service message accessed by a second end in response to a first end to obtain a sixth service message, the SFF node forwards the sixth service message to the SF node through a first interface indicated by an end.AS SID label carried by the sixth service message, so that the SF node carries out service processing on the sixth service message to obtain a seventh service message.
In this embodiment, after receiving the access message from the first end, the second end responds to the access and returns a response message to the first end, which is called a fifth service message.
S202, the SFF node receives a seventh service message through the first interface, searches an associated second target SID List according to second message characteristic information carried by the seventh service message, encapsulates the seventh service message according to the second target SID List SRv to obtain an eighth service message, and sends the eighth service message to the first end.
The specific implementation manner of the steps S201 and S202 is similar to the specific implementation manner of the steps S101 and S102, and will not be repeated here.
It should be noted that if the source end and the destination end of the message of the same service type are different, the characteristic information of the message is also different. That is, the first service message of the second end is accessed by the first end, and even if the service types of the first service message and the fifth service message returned from the second end to the first end are the same, for example, the service messages are all game service messages, but the service messages are also different in end.AS SID labels due to different transmission directions, and the message characteristic information of the service messages is also different.
As an embodiment, the SFF node is defined to forward the access message and the response message of the same service type to the same SF through the same interface connected to the same SF to perform service processing. Because the source end IP address, the destination end IP address, the source end port identification and the destination end port identification of the access message and the response message of the same service type are different, the ACL List item and the SID List corresponding to the access message and the response message are different, and therefore, even if the access message and the response message pass through the same interface connected with the same SF, SFF can respectively allocate the corresponding SID List for the access message and the response message and forward the SID List to the destination terminal.
To better illustrate the methods illustrated in fig. 1 and 2 above, a more detailed description is provided below in the embodiment illustrated in fig. 3:
as shown in fig. 3, the method comprises the steps of:
In the configuration stage:
1. according to actual service requirements, the SFF node is determined to be positioned on n SRv service chains of n/2 type services, which are marked as 1,2, … … and n, and the n/2 type services are all associated with INTERFACE A interfaces of the SFF node and the SF node.
Specifically, in order to meet the requirements of user service security, stability and the like, messages of different types of services need to pass through various service nodes, such as a Firewall (Firewall), an intrusion prevention system (Intrusion Prevention System), an application accelerator, address translation (Network Address Translation) and the like, in sequence according to the requirements of the types of services on security services during transmission. The requirements of services such as video conferencing, chat software, etc. for security services are different, as are the service nodes that each passes through. This requires that SRv service chains be built up according to the actual security service requirements of the various types of traffic. For example, for m types of services, the respective security service requirements of each type of service are different, and each type of service has two transmission directions of access traffic (i.e., the above-described access packet) and response traffic (i.e., the above-described response packet), which makes the m types of services correspond to 2m service chains.
After the service chain is built, it is determined that there are n service chains SRv that need to implement services via the SFF node, and n/2 types of traffic corresponding to the n service chains are all associated with the INTERFACE A interface between the SFF node and the SF node.
It should be noted that, the service types are the same, for example, are all video conference messages, but the end IP address, the destination end IP address, the source end port identifier, and the destination end port identifier are different, and at this time, correspond to different service chains. Therefore, the service type of the service message transmitted by the n service chains is n/2 types.
2. The n service chains are assigned end.as SID labels, noted end.as sid=a, … …, end.as sid=n.
3. And associating the end.AS SID label with a INTERFACE A interface of the SFF node connected with the SF node.
4. According to the message characteristic information corresponding to each SRv service chain, namely the service type, the source end IP address, the destination end IP address, the source end port identification and the destination end port identification, each ACL is set at the SFF node and is marked as ACL1, ACL2, … … and ACLn.
5. And deploying SID lists according to the assigned end.AS SID label of each service chain and the SID of the corresponding destination device, wherein the SID List of any service chain is marked as SID list= (x, y, n), n is the corresponding end.AS SID label of the service chain, y is Tail Endpoint SID of the service chain, and x is the END.dt4 SID of the service chain. Then, the corresponding relation between ACL and SID List of the same service chain is established.
At this time, INTERFACE A:
If-match ACL1,End.AS SID = a,SID List =(c,b,a);
If-match ACL2,End.AS SID = f,SID List =(e,d,f);
......
If-match ACLn,End.AS SID = n,SID List =(x,y,n)。
for the first service packet of the access traffic shown in fig. 3, the assigned end.as SID is a label, and the end.as sid=a label is associated with the INTERFACE A interface of the SFF node connected to the SF node. For the Tail Endpoint node, end sid=b, end.dt4sid=c
In the message forwarding stage:
1. When the SFF node receives a first service message sent by the SC node, the first service message is unpacked to obtain a second service message.
Specifically, the first service packet carries IPv6 Hdr da=dsrh (c, b, a) sl=2 Payload. And removing the IPv6 message header and the SRH (c, b, a) to obtain the Payload, namely the second service message.
2. And forwarding the message to an SF node through a INTERFACE A interface according to an end.AS SID=a tag carried in the first service message, and performing service processing on the second service message by the SF node to obtain a third service message.
3. And the SFF node receives a third service message through INTERFACE A, deploys ACL1 on the SFF node to match according to the message characteristic information of the message, and obtains SID List= (c, b, a) corresponding to the ACL1 when matching.
4. And performing SRv encapsulation on the third service message according to SID List= (c, b, a) to obtain a fourth service message, and sending the fourth service message to the Tail Endpoint.
The fourth service packet carries IPv6 Hdr da=dsrh (c, b, a) sl=1 Payload.
For the fifth service packet of the backhaul traffic shown in fig. 3, the assigned end.as SID is a label of f, and the end.as sid=f label is associated with the INTERFACE A interface of the SFF node connected to the SF node. For SC node, end sid=d, end.dt4sid=e
In the message forwarding stage:
1. And when the SFF node receives a fifth service message sent by the Tail Endpoint node, decapsulating the fifth service message to obtain a sixth service message.
Specifically, the fifth service packet carries IPv6 Hdr da=dsrh (e, d, f) sl=2 Payload. And removing the IPv6 message header and the SRH (e, d, f) to obtain the Payload, namely the second service message.
2. And forwarding the message to an SF node through a INTERFACE A interface according to an end.AS SID=f label carried in the fifth service message, and carrying out service processing on the sixth service message by the SF node to obtain a seventh service message.
3. And the SFF node receives the seventh service message through INTERFACE A, deploys ACL2 on the SFF node to match according to the message characteristic information of the message, and obtains SID List= (e, d, f) corresponding to the ACL2 when matching.
4. And carrying out SRv encapsulation on the seventh service message according to SID List= (e, d, f) to obtain an eighth service message, and sending the eighth service message to the Tail Endpoint.
The eighth service packet carries IPv6 Hdr da=dsrh (e, d, f) sl=1 Payload.
The above completes the description of the method provided by the embodiment of the present application, and the following describes the device provided by the embodiment of the present application:
Referring to fig. 4, fig. 4 is a schematic structural diagram of an apparatus according to an embodiment of the present application. As an embodiment, the device is applied to SRv service chains for forwarding the SFF node, when the SFF node is on SRv service chains of different types of services, an interface on the SFF node connected with the same application service SF node is used for associating at least one type of service, so that the SFF node forwards service messages of the associated at least one type of service through the interface; the SFF node is configured with message characteristic information of different types of services and a segment route identification List SID List associated with each message characteristic information, the message characteristic information of any service is used for identifying the service and the message transmission direction, and the SID List associated with the message characteristic information of any service is used for packaging SRv when a service message corresponding to the service is forwarded to the destination device. As shown in fig. 4, the apparatus includes:
A first forwarding module 401, configured to, after the SFF node performs SRv a 6 decapsulation on a received first service packet that accesses a second end from a first end to obtain a second service packet, forward the second service packet to the SF node through a first interface indicated by an AS SID tag of a SRv service chain static proxy end carried by the first service packet, so that the SF node performs service processing on the second service packet to obtain a third service packet;
The first sending module 402 is configured to receive a third service packet through the first interface by using the SFF node, find an associated first target SID List according to first packet feature information carried by the third service packet, and perform SRv encapsulation on the third service packet according to the first target SID List, to obtain a fourth service packet, and send the fourth service packet to the second end.
In this implementation, since the SFF node is configured with the message feature information of different types of services and the segment route identifier List SID List associated with each message feature information, the message feature information of any service is used to identify the service and the message transmission direction, and the SID List associated with the message feature information of any service is used to encapsulate SRv when forwarding the service message corresponding to the service to the destination device, this makes the SFF node not need to set a fixed interface in a single transmission direction for each type of service, and encapsulates and forwards the service message according to the SID List corresponding to the fixed interface, but directly searches the SID List according to the message feature information to encapsulate and forward the service message, so that the SFF node is not limited to N types of services that need to occupy 2N interfaces between the SFF and the SF node. The method can effectively reduce the number of the occupied interfaces of the SFF nodes, thereby improving the node performance and the application scale of the service chain static proxy mode.
In other words, the SFF has service identification capability, so that one interface connected with the SF on the SFF can process multiple types of services at the same time, the number of the interfaces occupied by the SFF node can be effectively reduced, and the node performance and the application scale of the service chain static proxy mode are improved.
As one embodiment, the SFF node configures the message feature information of different types of services through access control list ACL entries; wherein one ACL List item is associated with one SID List, and different ACL List items are associated with different SID lists;
Finding out the associated first target SID List according to the first message characteristic information carried by the third service message comprises: and searching matched ACL List items according to the first message characteristic information carried by the third service message, and determining the SID List associated with the ACL List items as a first target SID List.
As an embodiment, the apparatus further comprises:
The second forwarding module is configured to forward the sixth service packet to the SF node through the first interface indicated by the end.as SID tag carried by the sixth service packet after the SFF node performs SRv decapsulation on the received fifth service packet, which is accessed by the second end in response to the first end, to obtain a seventh service packet, so that the SF node performs service processing on the sixth service packet;
And the second sending module is used for receiving the seventh service message through the first interface by the SFF node, searching the associated second target SID List according to the second message characteristic information carried by the seventh service message, and carrying out SRv encapsulation on the seventh service message according to the second target SID List to obtain an eighth service message, and sending the eighth service message to the first end.
As one embodiment, the SFF node configures the message characteristic information of different types of services through ACL list items; wherein one ACL List item is associated with one SID List, and different ACL List items are associated with different SID lists;
The searching of the second target SID List associated with the message characteristic information according to the second message characteristic information carried by the seventh service message comprises the following steps: and searching matched ACL List items according to message characteristic information carried by the seventh service message, and determining the SID List associated with the ACL List items as a second target SID List.
As one embodiment, the message characteristic information at least includes a service type, a source network interconnection protocol IP address, a destination IP address, a source port identifier, and a destination port identifier.
As an embodiment, the SFF node is defined to forward the access message and the response message of the same service type to the same SF through the same interface connected to the same SF to perform service processing.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments.
Referring to fig. 5, fig. 5 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the application. The electronic device may include a processor 501, a communication interface 502, a memory 503, and a communication bus 504. The processor 501, the communication interface 502, and the memory 503 perform communication with each other via a communication bus 504. Wherein the memory 503 has a computer program stored thereon; the processor 501 may perform the steps of the method described in the above embodiments by executing a program stored on the memory 503. The electronic device may further include other hardware according to the actual function of the electronic device, which will not be described in detail.
Embodiments of the subject matter and the functional operations described in this specification can be implemented in: digital electronic circuitry, tangibly embodied computer software or firmware, computer hardware including the structures disclosed in this specification and structural equivalents thereof, or a combination of one or more of them. Embodiments of the subject matter described in this specification can be implemented as one or more computer programs, i.e., one or more modules of computer program instructions encoded on a tangible, non-transitory program carrier for execution by, or to control the operation of, data processing apparatus. Alternatively or additionally, the program instructions may be encoded on a manually-generated propagated signal, e.g., a machine-generated electrical, optical, or electromagnetic signal, that is generated to encode and transmit information to suitable receiver apparatus for execution by data processing apparatus. The computer storage medium may be a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of them.
The processes and logic flows described in this specification can be performed by one or more programmable computers executing one or more computer programs to perform corresponding functions by operating on input data and generating output. The processes and logic flows can also be performed by, and apparatus can also be implemented as, special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application-specific integrated circuit).
Computers suitable for executing computer programs include, for example, general purpose and/or special purpose microprocessors, or any other type of central processing unit. Typically, the central processing unit will receive instructions and data from a read only memory and/or a random access memory. The essential elements of a computer include a central processing unit for carrying out or executing instructions and one or more memory devices for storing instructions and data. Typically, a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices for storing data, e.g., magnetic, magneto-optical disks, or optical disks, etc. However, a computer does not have to have such a device. Furthermore, the computer may be embedded in another device, such as a mobile phone, a Personal Digital Assistant (PDA), a mobile audio or video player, a game console, a Global Positioning System (GPS) receiver, or a portable storage device such as a Universal Serial Bus (USB) flash drive, to name a few.
Computer readable media suitable for storing computer program instructions and data include all forms of non-volatile memory, media and memory devices including, for example, semiconductor memory devices (e.g., EPROM, EEPROM, and flash memory devices), magnetic disks (e.g., internal hard disk or removable disks), magneto-optical disks, and CD-ROM and DVD-ROM disks. The processor and the memory can be supplemented by, or incorporated in, special purpose logic circuitry.
While this specification contains many specific implementation details, these should not be construed as limitations on the scope of any invention or of what may be claimed, but rather as descriptions of features of specific embodiments of particular inventions. Certain features that are described in this specification in the context of separate embodiments can also be implemented in combination in a single embodiment. On the other hand, the various features described in the individual embodiments may also be implemented separately in the various embodiments or in any suitable subcombination. Furthermore, although features may be acting in certain combinations and even initially claimed as such, one or more features from a claimed combination can in some cases be excised from the combination, and the claimed combination may be directed to a subcombination or variation of a subcombination.
Similarly, although operations are depicted in the drawings in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. In some cases, multitasking and parallel processing may be advantageous. Moreover, the separation of various system modules and components in the embodiments described above should not be understood as requiring such separation in all embodiments, and it should be understood that the described program components and systems can generally be integrated together in a single software product or packaged into multiple software products.
Thus, particular embodiments of the subject matter have been described. Other embodiments are within the scope of the following claims. In some cases, the actions recited in the claims can be performed in a different order and still achieve desirable results. Furthermore, the processes depicted in the accompanying drawings are not necessarily required to be in the particular order shown, or sequential order, to achieve desirable results. In some implementations, multitasking and parallel processing may be advantageous.
The foregoing description of the preferred embodiments of the application is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the application.
Claims (10)
1. The message forwarding method is characterized in that the method is applied to SRv service chains for forwarding SFF nodes, when the SFF nodes are positioned on SRv service chains of different types of services, an interface connected with the SF nodes of the same application service on the SFF nodes is used for associating at least one type of service, so that the SFF nodes forward service messages of the associated at least one type of service through the interface; the SFF node configures message characteristic information of different types of services through access control list ACL table items; wherein one ACL List item is associated with a segment route identification List SID List, different ACL List items are associated with different SIDs List, message characteristic information of any service is used for identifying the service and the message transmission direction, and the SID List associated with the message characteristic information of any service is used for packaging SRv when a service message corresponding to the service is forwarded to a destination device; the method comprises the following steps:
After carrying out SRv de-encapsulation on a received first service message which accesses a second end from a first end by the SFF node to obtain a second service message, forwarding the second service message to the SF node through a first interface indicated by a SRv service chain static proxy end AS SID tag carried by the first service message so AS to carry out service processing on the second service message by the SF node to obtain a third service message;
The SFF node receives the third service message through a first interface, searches a matched ACL (access control List) item according to first message characteristic information carried by the third service message, determines an SID List associated with the ACL item as a first target SID List, encapsulates the third service message SRv according to the first target SID List to obtain a fourth service message, and sends the fourth service message to a second end.
2. The method according to claim 1, characterized in that the method further comprises:
After carrying out SRv de-encapsulation on the received fifth service message accessed by the second end in response to the first end by the SFF node to obtain a sixth service message, forwarding the sixth service message to the SF node through a first interface indicated by an end.AS SID label carried by the sixth service message, so that the SF node carries out service processing on the sixth service message to obtain a seventh service message;
the SFF node receives the seventh service message through a first interface, searches for an associated second target SID List according to second message characteristic information carried by the seventh service message, encapsulates the seventh service message SRv according to the second target SID List to obtain an eighth service message, and sends the eighth service message to a first end.
3. The method of claim 2, wherein the finding an associated second target SID List according to the second message characteristic information carried by the seventh service message comprises: and searching a matched ACL List item according to the message characteristic information carried by the seventh service message, and determining the SID List associated with the ACL List item as the second target SID List.
4. A method according to any one of claims 1 to 3, wherein the message characteristic information at least includes a service type, a source network interconnection protocol IP address, a destination IP address, a source port identifier, and a destination port identifier;
And the SFF node is limited to forward the access message and the response message of the same service type to the same SF through the same interface connected with the same SF to perform service processing.
5. The message forwarding device is characterized in that the device is applied to SRv service chains for forwarding SFF nodes, when the SFF nodes are positioned on SRv service chains of different types of services, an interface connected with the SF nodes of the same application service on the SFF nodes is used for associating at least one type of service, so that the SFF nodes forward service messages of the associated at least one type of service through the interface; the SFF node configures message characteristic information of different types of services through access control list ACL table items; wherein one ACL List item is associated with a segment route identification List SID List, different ACL List items are associated with different SIDs List, message characteristic information of any service is used for identifying the service and the message transmission direction, and the SID List associated with the message characteristic information of any service is used for packaging SRv when a service message corresponding to the service is forwarded to a destination device; the device comprises:
The first forwarding module is configured to forward, by the SFF node, the second service packet to the SF node through a first interface indicated by an end. AS SID tag of a SRv service chain static agent carried by the first service packet after performing SRv de-encapsulation on the received first service packet from the first end to access the second end to obtain the second service packet, so that the SF node performs service processing on the second service packet to obtain a third service packet;
The first sending module is configured to receive the third service packet through the first interface by using the SFF node, find a matched ACL entry according to first packet feature information carried by the third service packet, determine an SID List associated with the ACL entry as a first target SID List, and package the third service packet SRv according to the first target SID List to obtain a fourth service packet, and send the fourth service packet to the second end.
6. The apparatus of claim 5, wherein the apparatus further comprises:
The second forwarding module is configured to forward the sixth service packet to the SF node through the first interface indicated by the end.as SID tag carried by the sixth service packet after the SFF node performs SRv decapsulation on the received fifth service packet that is accessed by the second end in response to the first end to obtain the sixth service packet, so that the SF node performs service processing on the sixth service packet to obtain a seventh service packet;
and the second sending module is used for receiving the seventh service message through the first interface by the SFF node, searching an associated second target SID List according to second message characteristic information carried by the seventh service message, packaging the seventh service message SRv according to the second target SID List to obtain an eighth service message, and sending the eighth service message to the first end.
7. The apparatus of claim 6, wherein the device comprises a plurality of sensors,
The searching the associated second target SID List according to the second message feature information carried by the seventh service message includes: and searching a matched ACL List item according to the message characteristic information carried by the seventh service message, and determining the SID List associated with the ACL List item as the second target SID List.
8. The apparatus according to any one of claims 5 to 7, wherein the message characteristic information includes at least a service type, a source network interconnection protocol IP address, a destination IP address, a source port identifier, and a destination port identifier;
And the SFF node is limited to forward the access message and the response message of the same service type to the same SF through the same interface connected with the same SF to perform service processing.
9. An electronic device, comprising:
A processor; and
A memory in which computer program instructions are stored which, when executed by the processor, cause the processor to perform the steps of the method of any one of claims 1 to 4.
10. A computer readable storage medium, characterized in that it has stored thereon computer program instructions which, when executed by a processor, cause the processor to perform the steps of the method according to any of claims 1 to 4.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202410488738.0A CN118101555B (en) | 2024-04-22 | 2024-04-22 | Message forwarding method and device, electronic equipment and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202410488738.0A CN118101555B (en) | 2024-04-22 | 2024-04-22 | Message forwarding method and device, electronic equipment and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN118101555A CN118101555A (en) | 2024-05-28 |
CN118101555B true CN118101555B (en) | 2024-07-23 |
Family
ID=91147954
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202410488738.0A Active CN118101555B (en) | 2024-04-22 | 2024-04-22 | Message forwarding method and device, electronic equipment and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN118101555B (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112751768A (en) * | 2019-10-29 | 2021-05-04 | 华为技术有限公司 | Service message forwarding method, device and computer storage medium |
CN113726657A (en) * | 2020-05-25 | 2021-11-30 | 中兴通讯股份有限公司 | Message forwarding method, device, system, equipment and storage medium |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11044203B2 (en) * | 2016-01-19 | 2021-06-22 | Cisco Technology, Inc. | System and method for hosting mobile packet core and value-added services using a software defined network and service chains |
US20180270113A1 (en) * | 2017-03-16 | 2018-09-20 | Cisco Technology, Inc. | Intelligent sfc (isfc) - cognitive policy instantiation in sfc environments |
CN113691448B (en) * | 2020-05-18 | 2022-09-23 | 华为技术有限公司 | SRv6 method for forwarding message in service chain, SFF and SF device |
CN115426305B (en) * | 2021-05-31 | 2024-06-11 | 华为技术有限公司 | Message processing method, device, system and storage medium |
CN115622930A (en) * | 2021-07-15 | 2023-01-17 | 华为技术有限公司 | Message processing method and related device |
WO2023213216A1 (en) * | 2022-05-06 | 2023-11-09 | 华为技术有限公司 | Packet processing method and related device |
WO2024000140A1 (en) * | 2022-06-28 | 2024-01-04 | 新华三技术有限公司 | Message transmission |
CN115277529A (en) * | 2022-06-28 | 2022-11-01 | 新华三技术有限公司 | Communication method and device |
CN117376233A (en) * | 2022-06-30 | 2024-01-09 | 华为技术有限公司 | Data processing method, device and system |
CN116248570B (en) * | 2022-12-16 | 2024-05-14 | 中国联合网络通信集团有限公司 | Service chain configuration method, device and storage medium |
CN117221272A (en) * | 2023-10-08 | 2023-12-12 | 中国联合网络通信集团有限公司 | SID allocation method and device, electronic equipment and storage medium |
CN117395195A (en) * | 2023-11-10 | 2024-01-12 | 中国联合网络通信集团有限公司 | Communication method, device, equipment and storage medium |
CN117376032B (en) * | 2023-12-06 | 2024-04-16 | 华润数字科技有限公司 | Security service scheduling method and system, electronic equipment and storage medium |
-
2024
- 2024-04-22 CN CN202410488738.0A patent/CN118101555B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112751768A (en) * | 2019-10-29 | 2021-05-04 | 华为技术有限公司 | Service message forwarding method, device and computer storage medium |
CN113726657A (en) * | 2020-05-25 | 2021-11-30 | 中兴通讯股份有限公司 | Message forwarding method, device, system, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN118101555A (en) | 2024-05-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10757231B2 (en) | Providing network efficiencies in forwarding packets among provider networks and applying segment routing policies | |
CN109361606B (en) | Message processing system and network equipment | |
US20190356594A1 (en) | Packet Processing Method, Apparatus, and System | |
CN101573913B (en) | Method and apparatus for improved multicast routing | |
CN109995654B (en) | Method and device for transmitting data based on tunnel | |
RU2661768C2 (en) | Arp processing method, switch device and control module | |
CN112019433B (en) | Message forwarding method and device | |
WO2022001835A1 (en) | Method and apparatus for sending message, and network device, system and storage medium | |
CN102792651B (en) | At the device of MAC layer application service path Route Selection | |
CN112087381B (en) | Method and device for realizing service function processing | |
CN109639552B (en) | Three-layer forwarding method and device | |
CN107547340B (en) | Message forwarding method and device | |
CN107948077B (en) | Method and device for forwarding data message | |
CN108390812B (en) | Message forwarding method and device | |
CN108259297B (en) | Message processing method and device | |
CN109246016B (en) | Cross-VXLAN message processing method and device | |
CN107483369B (en) | Message processing method and virtual switch | |
CN117395195A (en) | Communication method, device, equipment and storage medium | |
CN118101555B (en) | Message forwarding method and device, electronic equipment and computer readable storage medium | |
US10171368B1 (en) | Methods and apparatus for implementing multiple loopback links | |
CN108471374B (en) | Data message forwarding method and device | |
CN108156066B (en) | Message forwarding method and device | |
WO2018121443A1 (en) | Message transmission method and device | |
CN111010344B (en) | Message forwarding method and device, electronic equipment and machine-readable storage medium | |
CN117376233A (en) | Data processing method, device and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |