CN1625151A - Method for realizing IPv6 message flow sorting - Google Patents
Method for realizing IPv6 message flow sorting Download PDFInfo
- Publication number
- CN1625151A CN1625151A CNA2003101169127A CN200310116912A CN1625151A CN 1625151 A CN1625151 A CN 1625151A CN A2003101169127 A CNA2003101169127 A CN A2003101169127A CN 200310116912 A CN200310116912 A CN 200310116912A CN 1625151 A CN1625151 A CN 1625151A
- Authority
- CN
- China
- Prior art keywords
- address
- message
- source
- bits
- ipv6
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
This invention discloses a method realizing the classification of IPv6 message flow. When the interface of the device receives IPv6 message, it gets the classifying key words based on the received message head, and use the key words to classify the message head; there into, the process of getting the key words is: read the mark place of the present receiving interface using IPv6 message flow classification, and according to the mark place and the present contents of the received message head to decide that the target and the resource IP addresses are high 64 or low 64. this invention solves the problem of overlong key words of IPv6 classification, and makes IPv6 directly use the IPv4 message classification method.
Description
Technical field
The present invention relates to IP message flow sorting technique, be meant the method for a kind of IPv6 of realization message flow classification in the IP network especially.
Background technology
At present, (Internet) goes up when transmitting data message in the internet, because Internet Protocol is layering, be divided into physical layer, link layer, network layer, transport layer and application layer usually from bottom to top, so this hierarchy is embodied on the message format of Internet just as shown in Table 1.
The physical layer frame head | The link layer frame head | The network layer heading | The transport layer heading | Application layer and valid data load | The link layer verification and | The physical layer verification and |
Table one
Table one is exactly the form at the online message that transmits of Interne, and physical layer is as bearing medium, carrying be the content of link layer, corresponding, the link layer carrying be the network layer content, the rest may be inferred.Generally, all use IPv4 as network layer.
In above-mentioned hierarchy, the protocol format relevant with the message flow classification has: User Datagram Protoco (UDP) (UDP) and Transmission Control Protocol in the ethernet format in the link layer, the IP agreement in the network layer, the transport layer.Wherein, the IP agreement is divided into IPv4 and two versions of IPv6 again.The overwhelming majority who uses on the internet at present is the network of IPv4, adopts the IPv4 agreement, and IPv6 is follow-on procotol standard, is the upgraded version of IPv4.
For the Ethernet message format of link layer, generally as shown in Table 2:
Target MAC (Media Access Control) address | Source MAC | Protocol type | Payload | Verification and |
Table two
Table two is the encapsulation format of Ethernet message, and target MAC (Media Access Control) address wherein, source MAC and protocol type are the heads of link layer.Any Ethernet message format all comprises at least: the target MAC (Media Access Control) address of the source MAC of 48 bits, 48 bits and the bearing protocol type of 8 bits.
For the TCP and the UDP message of transport layer, TCP and UDP message are carried on the IP message, belong to the 4th layer protocol, and what show current carrying by the bearing protocol type field in the IP heading is the message of what type.In TCP and UDP, what relate to the message flow classification is: the source and destination port numbers, respectively account for 16 bits, and whether TCP is also had is flag bit 1 bit of sync message, these all are the specific fields in TCP and the UDP heading.
For the IP message of network layer, the form of IP message as shown in Table 3:
The IP head | Payload |
Table three
Be the network of IPv4 in the overwhelming majority who uses on the internet at present, data message transmits by the message format of IPv4, the IPv4 message comprises heading and payload (Payload) two parts equally, wherein, the concrete form of IPv4 heading as shown in Table 4:
0 | ?1 | ?2 | ?3 | ?4 | ?5 | ?6 | ?7 | ?0 | ?1 | ?2 | ?3 | ?4 | ?5 | ?6 | ?7 | ?0 | ?1 | ?2 | ?3 | ?4 | ?5 | ?6 | ?7 | ?0 | ?1 | ?2 | ?3 | ?4 | ?5 | ?6 | ?7 |
??Version | ??IHL | ??Type?of?Service | ????????????????????????Total?Lengh | ||||||||||||||||||||||||||||
????????????????????????Identification | ?Flags | ??????????????Fragment?Offset | |||||||||||||||||||||||||||||
??Timeto?Live | ??Protocol | ????Header?Checksum | |||||||||||||||||||||||||||||
???????????????????????????????????????????????????????Source?Address | |||||||||||||||||||||||||||||||
????????????????????????????????????????????????????Destination?Address | |||||||||||||||||||||||||||||||
???????????????????????????????????????????????????Options | ??Padding |
Table four
As can be seen from Table IV, the IPv4 heading has 20 bytes not comprising under option (Option) situation, mainly comprise: the COS (TOS of purpose IP address (Destination Address) of each 32 bit and source IP address (SourceAddress), 8 bits, Type of Service), the segmentation reorganization of bearing protocol type (Protocol) territory of 8 bits and 32 bits uses part, this segmentation reorganization uses part to comprise identify label (Identification), sign (Flags), segmented compensation (Fragment Offset) three parts again.
As for the concrete form of IPv6 heading, as shown in Table 5:
??0 | ??1 | ??2 | ??3 | ??4 | ??5 | ??6 | ??7 | ??0 | ??1 | ??2 | ??3 | ??4 | ??5 | ??6 | ??7 | ??0 | ??1 | ??2 | ??3 | ??4 | ??5 | ??6 | ??7 | ??0 | ??1 | ??2 | ??3 | ??4 | ??5 | ??6 | ??7 |
????Version | ????Traffic?Class | ?????????????????????????????????Flow?Label | |||||||||||||||||||||||||||||
?????????????????????Payload?Length | ????Next?Header | ????Hop?Limit | |||||||||||||||||||||||||||||
?????????????????????????????????????????????????????????????Source?Address | |||||||||||||||||||||||||||||||
?????????????????????????????????????????????????????????????Source?Address | |||||||||||||||||||||||||||||||
?????????????????????????????????????????????????????????????Source?Address | |||||||||||||||||||||||||||||||
?????????????????????????????????????????????????????????????Source?Address | |||||||||||||||||||||||||||||||
????????????????????????????????????????????????????????????Destination?Address | |||||||||||||||||||||||||||||||
????????????????????????????????????????????????????????????Destination?Address | |||||||||||||||||||||||||||||||
????????????????????????????????????????????????????????????Destination?Address | |||||||||||||||||||||||||||||||
????????????????????????????????????????????????????????????Destination?Address |
Table five
Wherein, flow grade (Traffic Class) field is similar to the TOS of IPv4, the effect of next header (NextHeader) field is the same with the bearing protocol type field in the IPv4 heading, and source IP address, purpose IP address have become 128 bits by 32 bits in the IPv4 heading.
So-called traffic classification, the rule (Rule) of utilizing some special domains of message to form exactly is divided into not homogeneous turbulence with message field.Such as: will be divided into a stream from some networks and the message of going to a certain network,, will be divided into a stream from same source IP address, the message of going to same purpose IP address if, also we can say with source address and destination address mark.Be divided into after the stream, can handle at stream, such as: improve priority, guarantee bandwidth, limiting bandwidth, abandon etc., this processing is called action.Usually, a rule adds that corresponding action can be described as an Access Control List (ACL) (ACL, Access Control List).
Generally, territory by the industrywide standard composition rule has five, usually be also referred to as five-tuple, these five territories are: the destination slogan of source port number, TCP or the UDP of the destination address of the source address of IP message, IP message, bearing protocol type, TCP or the UDP of IP message.In specific implementation, the territory of using also has: COS (TOS), VLAN index (VLAN ID), segmentation markers, TCP sync mark, source MAC etc., more than each territory can combination in any, but and setting range, such as, certain rule can be: tcp port 1000~2000+IP address 1.1.1.*, wherein * represents the position of desirable arbitrary value.
In IPv4, present traffic classification algorithm is a lot, and software management tree (SMT:SoftwareManaged Tree) algorithm is exactly wherein a kind of.The SMT algorithm is the traffic classification algorithm of an IPv4 of IBM proposition, and this algorithm application is in the network processing unit PowerNP of IBM.The specific implementation thought of this algorithm is: will utilize the keyword Key value of strictly all rules earlier, and by complicated matrix computations, generate the SMT of a similar binary tree; Carry out the branch time-like, coming this tree is searched as the Key value with all domains of dependence, thereby match correct rule, obtaining corresponding action.Here, the described domain of dependence can be: the combination in any in IP protocol domain, TCP or UDP source port number, TCP or UDP destination slogan, incoming interface, link group index (Link Group), TOS, TCP synchronous mark position, segmentation marker position or above-mentioned territory.
In the above-mentioned algorithm, generate the SMT tree and be the flow process of control plane, as shown in Figure 1, control plane elder generation is the purpose IP address and the source IP address of the Key value of configuration using rule as required, configuration all except that purpose and source address are formed the element of Key again, generate the SMT tree by matrix computations then, afterwards the SMT tree that is generated is forwarded to service plane, so that equipment interface mates shunting to the message of being received according to the Key value.The SMT tree is searched coupling be the service plane flow process, as shown in Figure 2, after certain equipment interface is received the IP message, get the destination address and the source address of current IP message earlier, and then the element of extraction all composition Key values except that purpose and source address, in existing SMT tree, search coupling according to the Key value that is combined at last, whether just search has qualifications to current IP message, whether the operation that needs execution is arranged, judge whether that the match is successful, if the match is successful, then obtain corresponding action and execution, after the action of execution response, continue if desired to transmit, still normally transmit; If it fails to match, illustrating does not have any qualification to the current IP message, the then normal IP message of being received of transmitting.
This SMT algorithm can be supported searching of 192 bits, and not only performance is good, and uses cheap SDRAM, and cost is very low.But for IPv6, only just there are 256 bits source IP address and purpose IP address, greater than 192 bits, so can't use the SMT algorithm among the IPv6.
In IPv6, the also relatively effective traffic classification algorithm of neither one now, main cause is: because the value of the searching Key of traffic classification is by source address in the message and destination address decision, and source address in the IPv6 message and destination address are from 32 bits of IPv4, increase sharply to 128 bits, so, the value of the searching Key that is used for traffic classification has just increased by 192 bits than IPv4, this just means searches and will more search for and compare, extend search time greatly, and the traffic classification algorithm of a lot of IPv4 successes also can't use on IPv6.For network communication equipment, after starting the searching of traffic classification, if the good algorithm of neither one will cause performance sharply to descend.
Now a kind of traffic classification algorithm of usefulness among the IPv6 is to utilize central address memory (CAM) to realize searching, and it is sequential search that CAM searches.Promptly compare one by one, till finding that list item that meets with the list item of preserving among Key value and the CAM.But there is following shortcoming in the CAM algorithm:
1) price is very expensive, and normally the n of corresponding SDRAM doubly.
2) for the Key that limits the scope of application, such as: setting tcp port number is 9~65, in this case, just list item need be divided into severally, is the rule of n for Key value length, and under the worst case, a scope will the individual content-addressable memory item of correspondence 2 (n-1).For general situation, suppose and use the IPv6 standard quintuple: Key value length=128+128+16+16+8=296 bit, under the worst case, corresponding content-addressable memory item is near 600, and so, spendable effective rule just significantly reduces.Such as, a capacity is the CAM that adorns 600 rules, worst condition may can only be adorned one or several rule down.
3) use CAM to search to mean and will upgrade and change existing hardware, for from IPv4 to the network of IPv6 transition or IPv6 and IPv4 and the network deposited, need the user to expend a large amount of funds.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method of the IPv6 of realization message flow classification, and the long problem of keyword when having solved the IPv6 traffic classification makes IPv6 can directly use message flow sorting technique ripe among the IPv4.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of method that realizes the classification of IPv6 message flow, after equipment interface is received the IPv6 message, obtain being used to carry out the keyword of traffic classification according to the information of receiving heading, use the keyword that is obtained that the current message of receiving is carried out traffic classification again, key is that the described process that obtains keyword further may further comprise the steps:
A. read the flag bit that current reception message interface is used for the classification of IPv6 message flow;
B. judge that according to the IP address information of current received message whether the purpose IP address of this message or source IP address be the address from IPv4, if then get current low 64 bits of receiving purpose IP address in the message or source IP address, execution in step d, otherwise, execution in step c;
C. the flag bit that is read according to step a judges whether to get current high 64 bits of receiving message purpose IP address or source IP address, if, then get current high 64 bits of receiving purpose IP address in the message or source IP address, otherwise, get current low 64 bits of receiving purpose IP address in the message or source IP address;
D. judge whether the current purpose IP address of message and the source IP address received has all obtained, if, execution in step e then, otherwise, step b returned;
E. from current received heading information, obtain the element of except that the IP address, forming keyword, obtain keyword.
Wherein, further comprise after the step a reading flow group indication position: judge whether only application target IP address or source IP address according to the flag bit that is read, if then directly get current 128 bits of receiving purpose IP address in the message or source IP address, execution in step e; Otherwise, execution in step b.
Further comprised before judging whether to get high 64 of message IP address among the step c: the flag bit that is read according to step a judges whether only application target IP address or source IP address, if, then directly get current 128 bits of receiving purpose IP address in the message or source IP address, execution in step e; Otherwise, judge whether to get current high 64 bits of receiving message purpose IP address or source IP address again.
The element of forming keyword described in the step e also comprises: TCP or UDP source port, TCP or UDP destination interface, protocol domain, interface index and DSCP.
Therefore, the method of realization IPv6 message flow provided by the present invention classification, make full use of the exclusive characteristics in IPv6 address, to each interface configuration flag bit, determine to use still low 64 bits of high 64 bits of IPv6 message source address and destination address to carry out traffic classification according to flag bit, so, when realizing the IPv6 traffic classification, reduced the length of Key value; And the present invention utilizes treated Key value to carry out traffic classification, can directly make IPv6 utilize the SMT algorithm of IPv4 maturation, has improved the performance of IPv6 traffic classification algorithm, the perfect function of IPv6 traffic classification algorithm.
In addition, because the IPv6 traffic classification algorithm among the present invention does not need to use CAM, can save great amount of cost.The present invention improves by simple, can realize the use of ripe traffic classification algorithm in IPv6 among the IPv4, need not change hardware, need not increase investment, as long as by software upgrading, just can provide high-performance, complete IPv6 traffic classification service to the user, little to the change of existing device, system, influence little, implement simple, convenient, easy row, and cost is low.
Description of drawings
Fig. 1 is the process chart on traffic classification algorithm controls plane in the prior art;
Fig. 2 is the process chart of traffic classification algorithm service plane in the prior art;
Fig. 3 is an embodiment flow chart of traffic classification algorithm controls plane treatment among the present invention;
Fig. 4 is another embodiment flow chart of traffic classification algorithm controls plane treatment among the present invention;
The embodiment flow chart that Fig. 5 handles for traffic classification algorithm service plane among the present invention;
Another embodiment flow chart that Fig. 6 handles for traffic classification algorithm service plane among the present invention.
Embodiment
The present invention is further described in more detail below in conjunction with drawings and the specific embodiments.
Core concept of the present invention is exactly: utilize the exclusive characteristics in IP address in the IPv6 message, the IPv6 address is divided into high 64 bits and low 64 bit two parts, and select arbitrarily by flag bit is set, determine which part IP address participates in traffic classification on fixed interface.That is to say, after equipment interface is received the IPv6 message, the value that is used to carry out the keyword Key of traffic classification according to the information acquisition of receiving heading, use the Key that is obtained that the current message of receiving is carried out traffic classification again, key is, the acquisition of IP address is among the described Key: according to current reception message interface set flag bit and the current address information of receiving in the message, determine to get the high 64 still low 64 of purpose IP address in this message or source IP address.
Because traffic classification relates generally to the IP address, therefore analyze the address format of IPv6 message earlier.At present in IPv6, traffic classification is only classified at clean culture, the form that unicast ip address adopted among the IPv6 as shown in Table 6:
The n bit | The 128-n bit |
Subnet prefix (subnet prefix) | Interface index (interface ID) |
Table six
As can be seen from Table VI, the IPv6 address comprises: subnet prefix (subnet prefix) and interface index (interface ID) two parts, two parts are 128 bits altogether, that is to say that if subnet prefix accounts for the n bit, interface index just accounts for the 128-n bit.
For the IPv6 router, the IPv6 address that E-Packet has two kinds: global I Pv6 address, from the IPv6 address of IPv4, second kind of IPv6 address is used for IPv4 message passing through IPv 6 network.IPv6 address framework draft according to IETF, for the global unicast address of IPv6, except the address with 000 beginning, the interface index of remaining address all is 64, so the message with overall clean culture IPv6 address of Chuan Songing on the net, the draft specifies interface index is 64 bits.The global public network IP v6 address format of stipulating in the draft is as shown in Table 7:
The n bit | The m bit | The 128-n-m bit |
Overall situation route prefix (global routing prefix) | Subnet index (subnet ID) | Interface index (interface ID) |
Table seven
In the table seven, the n+m=64 bit, interface index (interface ID) is 64 bits.As can be seen, the address can be divided into local message such as interface index and global information such as two parts of network prefix, and each part accounts for 64 bits.Wherein, network prefix comprises overall route prefix (global routing prefix) and subnet index (subnet ID) two parts again.
The top IPv6 address of mentioning with 000 beginning is divided into two classes, and a class refers to: address 0:0:0:0:0:0:0:0 and 0:0:0:0:0:0:0:1 are respectively not assigned address (unspecified address) and loopback (loopback) address.Because these two addresses can not used in the traffic classification message, therefore need not consider.
Another kind of IPv6 address with 000 beginning is: the IPv4 address is embedded in the address that forms in the IPv6 address, and such IPv6 address format is divided into two kinds, respectively shown in table eight, table nine:
?80bits | ????16bits | ????32bits |
?0000…………………………0000 | ????0000 | ????IPv4?address |
Table eight
?80bits | ????16bits | ????32bits |
?0000…………………………0000 | ????FFFF | ????IPv4?address |
Table nine
Can see in these two kinds of IPv6 address formats, having only low 64 bits to carry information from table eight, table nine, high 64 bits are without any meaning, and, because 49~64 bits in low 64 bits all are 0, so can not cause overlapping with other the network information.
In addition, the address that also has some other purposes in the IP network, such as: be used for carrying open system interconnection (OSI) (OSI) network Network Service Access point (NSAP, Network Service Access Point) address, but because the seldom appearance in traffic classification is used of these addresses, so the present invention does not consider this address yet.
So, the above analysis for the online overall clean culture IPv6 address of IPv6, can be divided into two parts with it as can be seen: a part is high 64 bits, represents the information of network; Another part is low 64 bits, represents the identification information of main frame in the present networks.For embedding and the mapping mode of the online IPv4 of IPv6 to IPv6, high 64 bits are without any meaning, and low 48 bits in low 64 bits are that a global ip v4 address adds compatibility or mapped identification, represent the full detail of such address.
Based on above-mentioned analysis result, consider the characteristics of IPv6 address, the present invention just thinks only to utilize 64 bits in the IPv6 address to participate in traffic classification, as for concrete still low 64 bits of high 64 bits that adopt, can determine according to address style.In the present invention, to each interface of equipment, special configuration flag bit, this flag bit is used for showing on the front port, is to use still low 64 bits of high 64 bits of IPv6 message source address or destination address; Still only use source IP address or purpose IP address to carry out traffic classification.Because operate respectively source IP address and purpose IP address, so corresponding each source IP address and purpose IP address are provided with the flag bit of 1 bit respectively, this bit is that high 64 bits are adopted in 0 expression, is that low 64 bits are adopted in 1 expression; Perhaps, this bit is that high 64 bits are adopted in 1 expression, is that low 64 bits are adopted in 0 expression.In addition, corresponding again each source IP address and purpose IP address are provided with the flag bit of 1 bit respectively, and be used for expression and whether only adopt source IP address or purpose IP address, such as: be the IP address that this bit correspondence is only adopted in 1 expression.So, described flag bit takies 4bits, these four bits put in order and can set arbitrarily in advance as required, the various combination of four bits of flag bit, can represent the different bit in IP address to select respectively, such as: can set 0000 expression and use the high 64bits of source IP address and purpose IP address; The low 64bits of source IP address and purpose IP address is used in 0011 expression; The low 64bits of the high 64bits+ purpose IP address of source IP address is used in 0001 expression; The low 64bits of the low 64bits+ purpose IP address of source IP address is used in 0010 expression; Source IP address 128bits is only used in 1000 expressions; 0100 represents the only 128bits of application target IP address, similarly, also can set other corresponding respectively high 64 bits or low 64 bits or the 128 whole bits of getting IP source or destination address of bit combination.This flag bit can be stored separately, also can be stored in the tabulation of the existing storage various information of current device.
Because search the Key value about what the SMT algorithm of traffic classification was supported 192 bits among the IPV4, therefore, the present invention can utilize the IP address of selecting through significance bit and other relevant information composition Key value, and the Key value that re-uses composition is carried out traffic classification according to the SMT algorithm.
In IPv6, owing to can not produce segmentation, so do not need the segmentation marker position when forming Key value, again because interface index generally adds out of Memory from MAC Address, so link group does not need yet, so the distribution of the Key value among the IPv6 is such:
Key value (192 bit)=source IP address (64 bit)+purpose IP address (64 bit)+TCP or UDP source port (16 bit)+TCP or UDP destination interface (16 bit)+protocol domain (8 bit)+interface index (18 bit)+DSCP (6 bit), wherein, 6 of DSCP is exactly 6 bits among the TrafficClass than what refer in particular to.
Under the default situations, the value of interface flag position is for all to use high 64 bits to classify for source IP address and purpose IP address.For address, can unify to get low 64 bits and participate in traffic classification with 000 beginning.
The present invention for each interface, at first will dispose the flag bit of this interface in the handling process of control plane as shown in Figure 3, and described flag bit indication participates in the address bit of traffic classification; Dispose source IP address and purpose IP address then, if low 64 bits are adopted in the flag bit indication, then dispose low 64 bits of source IP address, if high 64 bits are adopted in the flag bit indication, then dispose high 64 bits of source IP address, in like manner, press high 64 bits or low 64 bits of flag bit indication configuration purpose IP address; After the configuration of IP address, configuration all except that source IP address and purpose IP address are formed the element of Key value again; Afterwards, the Key value that obtains according to configuration is calculated and is generated the SMT tree; At last the SMT tree that is generated is forwarded on the service plane.For control plane, what need modification is the configuration rule of ACL, in whole layoutprocedure, according to the IP address is that 128 bits are configured, when this configuration rule is applied on the interface, automatically according to the flag bit information of interface, high 64 bits or low 64 bits of getting IP address in the rule generate the SMT tree.
For flow process shown in Figure 4, if flag bit is indicated only application target IP address or source IP address participation traffic classification, then only need 128 bits of configuration purpose IP address or source IP address, all that directly dispose except that source IP address and purpose IP address are formed the element of Key values then.Equally, when configuration rule is applied on the interface, also be automatically according to flag bit when front port, 128 bits of getting source in the rule or purpose IP address generate the SMT tree.At this moment, the distribution of the Key value among the IPv6 is such:
Key value (192 bit)=source IP address or purpose IP address (128 bit)+TCP or UDP source port (16 bit)+TCP or UDP destination interface (16 bit)+protocol domain (8 bit)+interface index (18 bit)+DSCP (6 bit), wherein, 6 of DSCP is exactly 6 bits among the Traffic Class than what refer in particular to.
The present invention realizes the method for IPv6 message flow classification, as shown in Figure 5, comprises the steps:
Step 501: after certain equipment interface is received the IPv6 message, read the flag bit that is used for the IP address of definite IPv6 message participation traffic classification when front port earlier.
Step 502~506: judge that whether current purpose IP address of receiving message is the IPv6 address from IPv4, if then directly extract current 64 bits that hang down of receiving purpose IP address in the message; Otherwise, judge that according to the flag bit that step 501 read low 64 bits that extract purpose IP address still are high 64 bits again, correspondingly extract current low 64 bits or high 64 bits of receiving purpose IP address in the message then.
Step 507~511: judge that according to the current source IP address of receiving message whether the message received is the IPv6 address from IPv4, if then directly extract current 64 bits that hang down of receiving source IP address in the message; Otherwise, judge that according to the flag bit that step 501 read low 64 bits that extract source IP address still are high 64 bits again, correspondingly extract current low 64 bits or high 64 bits of receiving source IP address in the message then.
Step 512~516: obtain all elements except that source IP address and purpose IP address, that constitute Key the message from current receiving, obtain the Key value; Then, utilize the Key value obtain to search SMT and set, judge whether that the match is successful,, then obtain and carry out corresponding action if having; Otherwise, the current IPv6 message of receiving of directly normal forwarding.
In the above-mentioned steps, step 502~506 and the two-part relation in step 507~511 are equality, and two-part execution sequence also is arbitrarily, in other words are exactly, also can first execution in step 507~511 execution in step 502~506 again.
In said process, also can be according to user or environment needs only application target IP address or source IP address, in this case, can before step 502, judge whether only application target IP address or source IP address according to the flag bit that step 501 read earlier, shown in step 601,602 among Fig. 6, if judge again to be to use purpose IP address or source IP address, if current 128 bits of receiving purpose IP address in the message are then directly got in application target IP address; If the use source IP address is then directly got current 128 bits of receiving source IP address in the message, execution in step 512 then; Otherwise execution in step 502 again.
The judgement of described only application target IP address or source IP address also can be placed on before the step 504, if only application target IP address or source IP address, after then getting current 128 bits of receiving purpose IP address in the message or source IP address, directly jump to step 512.If carry out earlier step 507~511, equally also described judgement can be put into before 509, so, if only application target IP address or source IP address, after then getting current 128 bits of receiving purpose IP address in the message or source IP address, also directly jump to step 512.
When generally on network, using, for the higher equipment in network site, substantially all the network prefix of the network prefix+source IP address of application target IP address is as the part of rule, and for the lower equipment in network site, then more be concerned about the host information of purpose IP address prefix and source IP address usually, so the method applied in the present invention can satisfy the needs of most equipment.
In a word, the above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.
Claims (4)
1, a kind of method that realizes the classification of IPv6 message flow, after equipment interface is received the IPv6 message, obtain being used to carry out the keyword of traffic classification according to the information of receiving heading, use the keyword that is obtained that the current message of receiving is carried out traffic classification again, it is characterized in that the described process that obtains keyword further may further comprise the steps:
A. read the flag bit that current reception message interface is used for the classification of IPv6 message flow;
B. judge that according to the IP address information of current received message whether the purpose IP address of this message or source IP address be the address from IPv4, if then get current low 64 bits of receiving purpose IP address in the message or source IP address, execution in step d, otherwise, execution in step c;
C. the flag bit that is read according to step a judges whether to get current high 64 bits of receiving message purpose IP address or source IP address, if, then get current high 64 bits of receiving purpose IP address in the message or source IP address, otherwise, get current low 64 bits of receiving purpose IP address in the message or source IP address;
D. judge whether the current purpose IP address of message and the source IP address received has all obtained, if, execution in step e then, otherwise, step b returned;
E. from current received heading information, obtain the element of except that the IP address, forming keyword, obtain keyword.
2, method according to claim 1, it is characterized in that, further comprise after the step a reading flow group indication position: judge whether only application target IP address or source IP address according to the flag bit that is read, if, then directly get current 128 bits of receiving purpose IP address in the message or source IP address, execution in step e; Otherwise, execution in step b.
3, method according to claim 1, it is characterized in that, further comprised before judging whether to get high 64 of message IP address among the step c: the flag bit that is read according to step a judges whether only application target IP address or source IP address, if, then directly get current 128 bits of receiving purpose IP address in the message or source IP address, execution in step e; Otherwise, judge whether to get current high 64 bits of receiving message purpose IP address or source IP address again.
4, method according to claim 1 is characterized in that, the element of forming keyword described in the step e also comprises: TCP or UDP source port, TCP or UDP destination interface, protocol domain, interface index and DSCP.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2003101169127A CN100403726C (en) | 2003-12-01 | 2003-12-01 | Method for realizing IPv6 message flow sorting |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2003101169127A CN100403726C (en) | 2003-12-01 | 2003-12-01 | Method for realizing IPv6 message flow sorting |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1625151A true CN1625151A (en) | 2005-06-08 |
CN100403726C CN100403726C (en) | 2008-07-16 |
Family
ID=34760822
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2003101169127A Expired - Fee Related CN100403726C (en) | 2003-12-01 | 2003-12-01 | Method for realizing IPv6 message flow sorting |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100403726C (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009043239A1 (en) * | 2007-09-29 | 2009-04-09 | Huawei Technologies Co., Ltd. | A stream forwarding method and device |
WO2011017964A1 (en) * | 2009-08-11 | 2011-02-17 | 中兴通讯股份有限公司 | Forwarding equipment and method thereof |
CN101030947B (en) * | 2007-04-29 | 2011-05-04 | 华为技术有限公司 | Method and apparatus for transmitting message |
CN101106490B (en) * | 2006-07-11 | 2012-01-04 | 华为技术有限公司 | Establishment method of preset stream classifier and its system and user terminal |
CN102497320A (en) * | 2011-12-13 | 2012-06-13 | 曙光信息产业(北京)有限公司 | Message distributing method based on IPv6 (internet protocol vision 6) |
CN107454039A (en) * | 2016-05-31 | 2017-12-08 | 北京京东尚科信息技术有限公司 | The method of network attack detection system and detection network attack |
CN110035072A (en) * | 2013-07-05 | 2019-07-19 | 索尼公司 | Receiving device and method of reseptance |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3381687B2 (en) * | 1999-11-25 | 2003-03-04 | 日本電気株式会社 | Flow identification device, flow processing device, flow identification method, and flow processing method |
US20020103925A1 (en) * | 2000-12-06 | 2002-08-01 | Sheth Siddharth C. | Generic programmable internet protocol classification technique for a broadband engine |
-
2003
- 2003-12-01 CN CNB2003101169127A patent/CN100403726C/en not_active Expired - Fee Related
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101106490B (en) * | 2006-07-11 | 2012-01-04 | 华为技术有限公司 | Establishment method of preset stream classifier and its system and user terminal |
CN101030947B (en) * | 2007-04-29 | 2011-05-04 | 华为技术有限公司 | Method and apparatus for transmitting message |
WO2009043239A1 (en) * | 2007-09-29 | 2009-04-09 | Huawei Technologies Co., Ltd. | A stream forwarding method and device |
WO2011017964A1 (en) * | 2009-08-11 | 2011-02-17 | 中兴通讯股份有限公司 | Forwarding equipment and method thereof |
CN102497320A (en) * | 2011-12-13 | 2012-06-13 | 曙光信息产业(北京)有限公司 | Message distributing method based on IPv6 (internet protocol vision 6) |
CN102497320B (en) * | 2011-12-13 | 2014-12-03 | 曙光信息产业(北京)有限公司 | Message distributing method based on IPv6 (internet protocol vision 6) |
CN110035072A (en) * | 2013-07-05 | 2019-07-19 | 索尼公司 | Receiving device and method of reseptance |
US10992789B2 (en) | 2013-07-05 | 2021-04-27 | Saturn Licensing Llc | Transmission apparatus, transmission method, reception apparatus, and reception method |
CN110035072B (en) * | 2013-07-05 | 2021-06-11 | 索尼公司 | Receiving apparatus and receiving method |
US11683402B2 (en) | 2013-07-05 | 2023-06-20 | Saturn Licensing Llc | Transmission apparatus, transmission method, reception apparatus, and reception method |
CN107454039A (en) * | 2016-05-31 | 2017-12-08 | 北京京东尚科信息技术有限公司 | The method of network attack detection system and detection network attack |
Also Published As
Publication number | Publication date |
---|---|
CN100403726C (en) | 2008-07-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Nilsson et al. | IP-address lookup using LC-tries | |
CN1150725C (en) | Network packet forwarding lookup with reduced number of memory accesses | |
CN109672669B (en) | Method and device for filtering flow message | |
CN104348716B (en) | A kind of message processing method and equipment | |
US7483430B1 (en) | Hierarchical hash method for performing forward route lookup | |
CN104579940B (en) | Search the method and device of accesses control list | |
US20140198795A1 (en) | Metro Ethernet Network With Scaled Broadcast and Service Instance Domains | |
CN1289494A (en) | System and method for using domain names to route data sent to a destination on a network | |
US20090185568A1 (en) | Method and system for packet classification with reduced memory space and enhanced access speed | |
US8923298B2 (en) | Optimized trie-based address lookup | |
CN1863142A (en) | Method for providing different service quality tactics to data stream | |
CN1943190A (en) | Flooding suppression method | |
CN1564989A (en) | High speed MAC address search engine | |
CN103858390A (en) | Distributed ipv6 neighbor discovery for large datacenter switching systems | |
US20090135833A1 (en) | Ingress node and egress node with improved packet transfer rate on multi-protocol label switching (MPLS) network, and method of improving packet transfer rate in MPLS network system | |
CN1893393A (en) | Method for realizing retransmission business of data communication equipment | |
CN1428979A (en) | Method for interconnecting multiple RPR ring in wide area RPR network | |
CN1913454A (en) | Method and device for implementing sharing IP message load | |
CN1691629A (en) | Method for implementing layer-2 equipment interconnection in resilient packet ring (RPR) based network | |
CN1625151A (en) | Method for realizing IPv6 message flow sorting | |
CN1777148A (en) | Routing table next-hop IP address to MAC address analytic method | |
US8050185B2 (en) | Sampling of network traffic based on CAM lookup | |
CN1909467A (en) | Method for identifying multicast by using unicast address in IP network | |
CN1152516C (en) | Method for finding out IP network node | |
Hsieh et al. | A classified multisuffix trie for IP lookup and update |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080716 Termination date: 20211201 |