CN1581842A - Method for realizing source IP address and source MAC address bound route - Google Patents
Method for realizing source IP address and source MAC address bound route Download PDFInfo
- Publication number
- CN1581842A CN1581842A CNA031355145A CN03135514A CN1581842A CN 1581842 A CN1581842 A CN 1581842A CN A031355145 A CNA031355145 A CN A031355145A CN 03135514 A CN03135514 A CN 03135514A CN 1581842 A CN1581842 A CN 1581842A
- Authority
- CN
- China
- Prior art keywords
- source
- address
- mac
- route
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses method for binding route between source IP address and source MAC address in using ASIC chip. The method parses look-up table for source IP address of header of data packet entered into network communication device. If look-up table tells that the source IP address uses route of binding source IP and source MAC, the method compares MAC address in look-up table from associated IP address with source MAC address in header of data packet. If the two MAC addresses are coincident, thus, relevant information including destination route port obtained from associated look-up table of source IP address is as routed result. If the two MAC addresses are not coincident, then the data packet is discarded or treated in other way. Advantages are: saving CPU resources, simple and feasible routing function, and stable.
Description
Technical field
The present invention relates to a kind of method that realizes source IP address and source MAC binding route, especially a kind of method that adopts dedicated IC chip to realize source IP address and source MAC binding route.
Background technology
In today that network technology is maked rapid progress, along with the continuous emergence and the establishment of Virtual network operator, network communication field is more and more higher to the requirement of network communication equipment.At present, network communication equipment---router and L3_switch mainly contain following dual mode in the realization at " source IP address and source MAC binding route " function:
One, most of router and switch do not support source MAC binding, only support the function of " based on the source IP address route ", just, the source IP address in packet packet header of entering router and switch tables look-up by being resolved, obtain purpose routed port and some other relevant informations of this packet, for example new target MAC (Media Access Control) address and VLAN_ID etc.And " IP route " function of this mode, each network communication equipment mostly can only be realized by software at present.Use software to realize that " source IP route " function exists certain defective in the assurance of the consumption of system resource and network speed.Because when using back-end software to finish " source IP route ", can take cpu resource greatly, make very heavy router and switch CPU (CPU will finish many other functions) handling property of original just burden decline to a great extent, thereby have influence on the performance of whole router and switch.And, use software to realize that " source IP route " processing speed is lower, as router and switch when to be in network congestion be busy, router and swith may just can't satisfy the basic function that the network communication equipment linear speed exchanges.
Two, part router and switch also support " based on source IP address and source MAC binding route " function except supporting " based on the source IP address route " function.What but these router and switch adopted when finishing " source IP address and source MAC binding route " function also is the mode that software is realized.Use software to realize the drawback of " source IP address and source MAC binding route " and the drawback roughly the same (it is big promptly to consume cpu resource, and processing speed, exchange velocity wait slowly) that above-mentioned first kind of mode exists.
Summary of the invention
The present invention is intended to solve the existing network communication equipment---and router and switch are in the defective that realizes existing on source IP and the source MAC binding routing function, overcome the system resource that the software realization mode that adopted brings and consume the drawback big, that processing speed is low, provide a kind of integrated circuit (IC) chip that adopts to realize method based on source IP address and source MAC binding route.
For solving the problems of the technologies described above, the technical solution adopted in the present invention is as follows:
A kind of method that realizes source IP address and source MAC binding route, it is characterized in that: resolve the (see figure 2) of tabling look-up by source IP address to packet packet header of entering network communication equipment, when obtaining this source IP address use source IP and source MAC binding route if table look-up, the MAC Address that obtains of then this source IP address association being tabled look-up and the source MAC in packet packet header compare, if two MAC Address are consistent, the relevant information of then using this source IP address association to table look-up to obtain that comprises the purpose routed port is as the route results of this packet, if two MAC Address do not meet, then do not use the result who tables look-up and obtain, will lose this packet or do other processing.
A kind of integrated circuit structure of realizing source IP address and source MAC binding route is characterized in that: packet is resolved and is searched not by CPU, based on the RAM realization form of hardware configuration, integrated circuit structure (see figure 3).
Realization is based on the method for source IP address and source MAC binding route, and this method comprises the steps:
A,, the source IP address in packet packet header of entering network communication equipment tables look-up by being resolved;
B, according to a item, if table look-up when obtaining this source IP address and using source IP and source MAC binding route, the MAC Address that then will use this source IP address association to table look-up to obtain and the source MAC in packet packet header compare.If two MAC Address are consistent, the relevant information of then using this source IP address association to table look-up to obtain that comprises the purpose routed port is as the route results of this packet; On the contrary, if two MAC Address do not meet, the relevant information that comprises the purpose routed port that then can not use this source IP address association to table look-up to obtain is as the route results of this packet, and this moment, route results will be to lose this packet or do other processing.
Realize the integrated circuit structure (see figure 3) of source IP address and source MAC binding route.
Parsing of the present invention is tabled look-up, and what obtain is the routing table (see figure 2), obtain relevant information according to the source IP address that uses on the described routing table, these relevant informations comprise IP address, MAC Address, purpose output port, source IP and source MAC binding route enable signal.(MAC: the hardware physical address)
Source IP of the present invention and source MAC binding route enable signal are a kind of function control switch signals, are to dispose when switch being write the list item information of routing table entry.
Beneficial effect of the present invention shows:
One, the present invention is not limited by CPU when finishing route owing to adopted integrated circuit (IC) chip, can save cpu resource greatly, CPU is absorbed in finishes other functions, improves the performance of whole system;
Two, the present invention has overcome the slow defective of processing speed that software mode exists, and has improved the high speed processing ability of whole system in network environment.Even be in when congested or busy at the express network of 100/1000/10000M, also can guarantee to carry out the linear speed exchange;
Three, it is simple that the present invention makes the realization of routing function, reliable and stable.
Description of drawings
Fig. 1 is: FB(flow block)
Fig. 2 is: the list item schematic diagram of resolving the gained routing table of tabling look-up according to source IP address
Fig. 3 is: integrated circuit structure figure
Flow process is introduced (with reference to flow chart and list item schematic diagram):
1. the source IP address of packet is resolved table look-up (inquiry L3 routing table), can obtain Related information A---D.
2. if source IP and the source MAC binding route of using the source IP address inquiry to obtain enable Signal C is 1, and this packet will be according to " tying up based on source IP and source MAC so Decide route " process, with the MAC Address that uses this source IP address association to table look-up and obtain The source MAC in B and packet packet header is compared. If two MAC Address are consistent, The final route result that obtains of this packet will be regarded as effectively so;
On the contrary, if two MAC Address do not meet, final route knot of obtaining of this packet so It is invalid that fruit will be regarded as, and this datagram will be dropped or do other processing, and (processing mode is by reality The network manager was pre-configured during the border used).
3. in the route table items, whether a certain IP uses the address " source IP and source MAC binding route " Function will be by the network management personnel who uses this router or switch according to the real network feelings Condition is configured.
Fig. 3 explanation:
1. network packet is imported resolver into from input port. Resolver is by getting according to the network data form Go out needed information. (MAC Address, IP address). Simultaneously to the finite state machine Send request signal.
2. the finite state machine is by the processing data packets state set, and built-in RAM table CPU reads and writes The treatment state set forms. The finite state machine is looked into after receiving the network packet request Look for the ram table sense information, compare with resolver information then. Compare MAC Address Whether equate whether the IP address equates.
3. the finite state machine provides control information according to comparison information. If it is equal then transmit, MAC Address and IP address are not waited and are then abandoned. MAC Address does not wait, and IP etc. then report to the police Send CPU to process.
Embodiment (with reference to Fig. 1,2,3)
The inventive method step is as follows:
The list item information of routing table is write switch.
By being resolved, the source IP address in packet packet header of entering network communication equipment tables look-up then, the routing table of gained obtains one group of related information according to the source IP address that uses, these relevant informations comprise IP address, MAC Address, purpose output port, source IP and source MAC binding route enable signal, wherein source IP and source MAC binding route enable signal is a kind of function control switch signal, is to dispose when switch being write the list item information of routing table entry;
Source IP if table look-up in the routing table that obtains and source MAC binding route enable signal e are 1, represent that then this source IP address uses source IP and source MAC binding route, the MAC Address that then will use this source IP address association to table look-up to obtain and the source MAC in packet packet header are compared.If two MAC Address are consistent, the relevant information of then using this source IP address association to table look-up to obtain that comprises the purpose routed port is as the route results of this packet; On the contrary, if two MAC Address do not meet, the relevant information that comprises the purpose routed port that then can not use this source IP address association to table look-up to obtain is as the route results of this packet, and this moment, route results will be to lose this packet or do other processing.
In the route table items, whether a certain IP uses the address " source IP and source MAC binding route " function to be configured according to the real network situation by the network management personnel who uses this router or switch.
Realize the ASIC structure and the workflow (see figure 3) of source IP address and source MAC binding route.
Claims (2)
1. method that realizes source IP address and source MAC binding route, it is characterized in that: resolve the (see figure 2) of tabling look-up by source IP address to packet packet header of entering network communication equipment, when obtaining this source IP address use source IP and source MAC binding route if table look-up, the MAC Address that obtains of then this source IP address association being tabled look-up and the source MAC in packet packet header compare, if two MAC Address are consistent, the relevant information of then using this source IP address association to table look-up to obtain that comprises the purpose routed port is as the route results of this packet, if two MAC Address do not meet, then do not use the result who tables look-up and obtain, will lose this packet or do other processing.
2. ASIC structure that realizes source IP address and source MAC binding route is characterized in that: packet resolves and searches by CPU, realizes form, ASIC structure (see figure 3) based on the RAM of hardware configuration.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA031355145A CN1581842A (en) | 2003-08-01 | 2003-08-01 | Method for realizing source IP address and source MAC address bound route |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA031355145A CN1581842A (en) | 2003-08-01 | 2003-08-01 | Method for realizing source IP address and source MAC address bound route |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1581842A true CN1581842A (en) | 2005-02-16 |
Family
ID=34579089
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA031355145A Pending CN1581842A (en) | 2003-08-01 | 2003-08-01 | Method for realizing source IP address and source MAC address bound route |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1581842A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100358304C (en) * | 2005-09-22 | 2007-12-26 | 中国科学院计算技术研究所 | Analytic method for interfield routing instability |
| CN100465927C (en) * | 2005-11-02 | 2009-03-04 | 盛科网络有限公司 | Internet exchange system able to smart realize CPU data transmission and method for realizing the same |
| CN1874223B (en) * | 2006-06-27 | 2010-07-14 | 天津移动通信有限责任公司 | Access control method for implementing binding MAC/IP of network device |
| CN101114989B (en) * | 2006-07-28 | 2011-07-13 | 中兴通讯股份有限公司 | Method for processing three-layer ethernet switchboard direct connection host computer routing |
-
2003
- 2003-08-01 CN CNA031355145A patent/CN1581842A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100358304C (en) * | 2005-09-22 | 2007-12-26 | 中国科学院计算技术研究所 | Analytic method for interfield routing instability |
| CN100465927C (en) * | 2005-11-02 | 2009-03-04 | 盛科网络有限公司 | Internet exchange system able to smart realize CPU data transmission and method for realizing the same |
| CN1874223B (en) * | 2006-06-27 | 2010-07-14 | 天津移动通信有限责任公司 | Access control method for implementing binding MAC/IP of network device |
| CN101114989B (en) * | 2006-07-28 | 2011-07-13 | 中兴通讯股份有限公司 | Method for processing three-layer ethernet switchboard direct connection host computer routing |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Partridge et al. | A faster UDP (user datagram protocol) | |
| CA3008896C (en) | Multi-path transport design | |
| JP6254574B2 (en) | Packet processing offload for networking device virtualization | |
| US8898331B2 (en) | Method, network and computer program for processing a content request | |
| CN108200086B (en) | High-speed network data packet filtering device | |
| US10541970B2 (en) | Method and system for providing deep packet inspection as a service | |
| CN101227296B (en) | Method, system for transmitting PCIE data and plate card thereof | |
| CN102377640B (en) | Message processing apparatus, message processing method and preprocessor | |
| CN1593041A (en) | Method, apparatus and computer program for the decapsulation and encapsulation of packets with multiple headers | |
| JP2009522868A (en) | How to provide virtual router functionality | |
| CN101924707A (en) | Method and equipment for processing message of address resolution protocol (ARP) | |
| CN1633110A (en) | Flow analysis method based on Linux core | |
| CN113746749A (en) | Network connection device | |
| CN101035012A (en) | Ethernet multi-layer switcher secure protection method based on DHCP and IP | |
| CN100345132C (en) | Parallel processing method and system | |
| US9906443B1 (en) | Forwarding table updates during live packet stream processing | |
| CN1878147A (en) | Method for balancing load between multi network cards of network file system server | |
| Tianhua et al. | The design and implementation of zero-copy for linux | |
| CN1581842A (en) | Method for realizing source IP address and source MAC address bound route | |
| US20210243248A1 (en) | Cloud service load balancing | |
| US20130077530A1 (en) | Scaling IPv6 on Multiple Devices Virtual Switching System with Port or Device Level Aggregation | |
| CN1625149A (en) | Method for access control list | |
| CN1933450A (en) | Interplate communicating method and interface plate | |
| CN101699821B (en) | Method for realizing address resolution protocol in distribution type multi-kernel network system | |
| CN1272938C (en) | A method for increasing the bandwidth for Ethernet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |