CN2672972Y - POS data filter distributing device - Google Patents
POS data filter distributing device Download PDFInfo
- Publication number
- CN2672972Y CN2672972Y CN200320130382.7U CN200320130382U CN2672972Y CN 2672972 Y CN2672972 Y CN 2672972Y CN 200320130382 U CN200320130382 U CN 200320130382U CN 2672972 Y CN2672972 Y CN 2672972Y
- Authority
- CN
- China
- Prior art keywords
- module
- packet
- information
- address
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The utility model discloses a POS data filter distributing device, comprising a POS interface module, a data packet buffer storage module, an output interface module, a central control logic module, a shunt algorithm module, a filtration module and an order registration module. The POS interface module gets the first address, length information and five forms of meta-information of the entered data packet to be stored in the filtration module together with the data packet. The central control logic module fetches the five forms of meta-information of the data packet and transmits them to the filtration module which matches five forms of meta-information of the data packet with the stored filter condition information. If the five forms of meta-information of the data packet is not coincide with the stored filter condition information, the filtration module gives the data packet up; otherwise, the filtration module inputs the data packet to the order registration module corresponding to the output port which fetches the packet and packages the packet as the Ethernet one to be sent out. The utility model can filter a data packet, can directly filter out some indifferent data packets, and can set up the information of a passing data packet by a control console which is directly connected with the filtration module.
Description
Technical field:
The utility model relates to a kind of device of POS data filter distribution.
Background technology:
The internet is convenient, timely and interactively accepted by increasing people by force with it, and its development speed is very fast, and the Internet user also day increases to continue.And the main flow in the POS technical network technology.POS (Package OverSDH is based on the packet of SDH) transmits the IP packet by current SDH digital synchronous loop technology, and SONET/SDH is considered to old technology usually, because this technology mainly adopts Time Division Multiplexing and is used to transmit voice.But its strong functions and huge bandwidth can be transmitted the data in INTERNET or the enterprise network equally efficiently.As a high efficiency data transferring technique, the POS technology has become mainstream technology gradually in today of information expansion.SDH is in the physical layer of network.
POS uses ppp protocol and is containing the data parcel agreement of its class HDLC (High Level Data Link Control) frame (RFC 1662) as OSI (the Open System Interconnection) second layer.This method can provide efficiently, and bag transmits and the data error control ability.RFC 2615 has stipulated the method that the PPP bag connects by SONET/SDH, and the SONET/SDH connection is a kind of connection of point-to-point, just in time is fit to this connected mode.
POS also provides data transmission safety mechanism.Transfer of data relies on the timing topology of system reliably.The clock information of SONET/SDH is to obtain by the analysis to the state transition of phase-locked loop.Efficient synchronization information relies on the density of " 1 " in the bit stream, if long " 0 " (greater than 80) can destroy " 1 " in the data thus density cause synchronous losing.Can not get rid of some people though the probability that this incident takes place is very little utilize this problem destruction system to connect.POS has adopted the technology similar to ATM to avoid the generation of safety problem for this reason, Here it is motor synchronizing x^43+1 scrambling algorithm.RFC 2615 has detailed description this paper this not to be tired out to it to state.
Network application more and more needs a kind of technology, can not influence original SDH (Synchronous Digital Hierarchy on the road down, SDH (Synchronous Digital Hierarchy)) data of obtaining on the basis of network environment on the network are used for applied analysis targetedly, attack detecting, virus is surveyed, and himself can under attackly also can not be found, have fail safe highly and disguise.A kind of method is by SDH network route or switching equipment are set data to be monitored and analyzed, but this method is not necessarily feasible.This mode can influence the disposal ability and the forwarding performance of the network equipment itself on the one hand, each network equipment developer not necessarily can provide this function on the other hand, and network is sent out and is generally all had the IP address to be found easily and under attack fully, especially adjust in the network environment of having built well and set or exchange device trouble very more, influence surface is very big.Existing method can not well satisfy demands of applications.
The utility model content:
By the existing problem and shortage of the deal with data of communication apparatus own, the purpose of this utility model provides a kind of device that can carry out the POS data filter distribution of specific aim applied analysis to the POS network data at above-mentioned.
The utility model is achieved in that a kind of device of POS network data filtration distribution, includes pos interface module, data pack buffer module, output interface module, middle control logic module, shunting algoritic module, filtering module and command register module, wherein,
The pos interface module is used for and being connected of SDH Physical Interface and obtaining of the first address of packet and length information, 5 class metamessages;
The data pack buffer module is used for the buffer memory of packet and with the first address of described packet and length information, the storage of 5 class metamessages;
In the control logic module, be used for reading the first address of packet of each data pack buffer module and length information, 5 class metamessages, 5 class metamessages of described packet are sent to described filtering module; Check whether the packet of coupling has specified output port, if the command register module that has then first address and length information with described packet be transmitted to described output port module correspondence; As appointed output terminal mouth not, then according to the up-downgoing packet of a connection from the principle of same output port output with the principle of the flow basis equalization output of each output port, the command register module that the first address and the length information of described packet is transmitted to described output port module correspondence;
Filtering module is used for the stored filter conditional information, and mates 5 class metamessages of described packet with this filtering conditional information, and with the feedback information of matching result give described in the control logic module;
The command register module is used to store the first address and the length information of described packet;
Output interface module is used for reading the information of described corresponding command register module, and reads described data cached bag according to this order in the data pack buffer module, and is encapsulated as the Ethernet data bag and sends;
The pos interface module is obtained the first address of the packet that enters and length information, 5 class metamessages and is stored in the described data pack buffer module with described packet, described middle control logic module reads 5 class metamessages of described packet and sends in the described filtering module, described filtering module mates 5 class metamessages of described packet with the filtering conditional information of storage, if do not match, then abandon described packet, if coupling, check whether this packet has specified output port, then export in the pairing command register module of this output port if having; As appointed output terminal mouth not, then export in the pairing command register module of a certain port a plurality of output ports with the principle of the flow basis equalization output of each output port again from the principle of same output port output according to the up-downgoing packet of a connection; Described output port module reads the information in the described command register module, and reads described packet according to this information from described data pack buffer module, is encapsulated as Ethernet data bag and transmission.
Further, this device also comprises the control desk that includes input unit that is connected with output interface module with described pos interface module, middle control logic module, filtering module.
Further, described control desk is single-chip microcomputer, computer.
Further, described pos interface module, data pack buffer module, command register are two, are symmetrical structure; At least two of described output interface modules.
Further, 5 class metamessages of described packet are source address, source port, destination address, destination interface and protocol type information.
Further, described filtering conditional information is one or more the combination in any in source address, source port, destination address, destination interface and the protocol type.
Further, described output interface module is specially GE interface module or FE interface module.
The utility model is by control logic module and filtering module in being provided with, middle control logic module can read the source address in the SDH transmission packet from the data pack buffer module, source port, destination address, destination interface and protocol type information and first address and length information, with source address, source port, destination address, destination interface and protocol type information send in the filtering module, if canned data coupling in above-mentioned information and the filtering module, the information that sends then that the match is successful is to middle control logic module, middle control logic module sends to the first address and the length information of packet in the command register, and finishes transmission by output interface module; Through Packet Filtering, some unconcerned packet Direct Filtration can be fallen, and just allow certain interested packet pass through, the system that guaranteed is complete, and has improved bandwidth; The present invention can be provided with the information of desire by packet by the control desk that directly is connected with filtering module, and is very convenient; The present invention adopts the transmission mode of a plurality of output interface modules of two pos interfaces, can realize the merging transmission of bi-directional data bag flow, a plurality of output interface modules can be simultaneously in any one pos interface data pack buffer module read data packet.
Description of drawings:
Below in conjunction with accompanying drawing, the present invention is made detailed description.
Fig. 1 is a structural representation of the present invention;
Fig. 2 is a structural representation detail drawing of the present invention.
Embodiment:
As shown in Figure 1, the present invention includes 2 pos interface modules, 2 packet cache modules, 2 GE interface modules, controlled logic module, 1 filtering module and 2 command register modules in 1, wherein,
The pos interface module is used for and being connected of SDH Physical Interface and obtaining of the first address of packet and length information, 5 class metamessages;
The data pack buffer module is used for the buffer memory of packet and with the first address of packet and length information, the storage of 5 class metamessages;
In the control logic module, be used for reading the first address of packet of each data pack buffer module and length information, 5 class metamessages, 5 class metamessages of packet are sent to filtering module; Check whether the packet of coupling has specified output port, if the command register module that has then first address and length information with packet be transmitted to output port module correspondence; As appointed output terminal mouth not, then according to the up-downgoing packet of a connection from the principle of same output port output with the principle of the flow basis equalization output of each output port, the command register module that the first address and the length information of packet is transmitted to output port module correspondence;
Filtering module is used for the stored filter conditional information, and with 5 class metamessages of this filtering conditional information matched data bag, and gives middle control logic module with the feedback information of matching result;
The command register module is used to store the first address and the length information of packet;
Output interface module is used for reading the information of corresponding command register module, and reads data cached bag according to this order in the data pack buffer module, and is encapsulated as the Ethernet data bag and sends;
The pos interface module is obtained the first address of the packet that enters and length information, 5 class metamessages and is stored in the data pack buffer module with packet, 5 class metamessages of middle control logic module read data packet also send in the filtering module, filtering module 5 class metamessages of the filtering conditional information matched data bag of storage, if do not match, packet discard then, if coupling, check whether this packet has specified output port, then export in the pairing command register module of this output port if having; As appointed output terminal mouth not, then export in the pairing command register module of a certain port a plurality of output ports with the principle of the flow basis equalization output of each output port again from the principle of same output port output according to the up-downgoing packet of a connection; Output port module reading order is deposited the information in the module, and according to this information read data packet from the data pack buffer module, is encapsulated as Ethernet data bag and transmission.
Here, filtering conditional information is for being one or more the combination in any in source address, source port, destination address, destination interface and the protocol type; The GE interface can certainly be the FE interface for a plurality of, also can be the combination in any of GE interface, FE interface.
As shown in Figure 2, two pos interface flows of the present invention are 2.5G, and the packet that is entered by the POS mouth is stored in the packet buffering storage, and this buffering is RAM or DPRAM; Message information queue for storing packet is at the first address and the length information of packet buffering storage; If information is all arranged in the two message information formations, middle control logic is then extracted information in the two message information formations with the repeating query mode, and is sent in the corresponding command register; If only information is arranged in one, Yi Bian then only reading this information.The GE interface is deposited middle read data packet by interface multiplexer at packet buffering according to the order in the command register that is attached thereto, and encapsulates and sends it.The present invention also comprises the control desk that includes input unit that is connected with filtering module with middle control logic module, this control desk can be single-chip microcomputer, computer etc., by its input unit, can filtering conditional information be set arbitrarily and store in the filtering module, and control information can be set in middle control logic module.The present invention is according to the beginning and the end position information of PPP bag, obtain being stored in the memory location and the length of the PPP bag in the data pack buffer module, length of data package is unit with the byte generally speaking, but will reach operating frequency that the transmission rate of 2.5G needs hardware more than 320MHz because data packet length is 8 a packet, this difficulty that realizes for existing systems is bigger.And 32 packet bandwidth ratio is adapted at realizing in the system, and this is because hardware can be operated on the frequency of 80MHz.The present invention just is being based on above-mentioned principle realization.
Among the present invention, the 5 class metamessages in packet packet header are the main contents of filtering, and filtercondition is the combination in any in the 5 class metamessages, and as specified protocol type and raw address, other packets are any.Can realize by the mask that sets in the filtercondition for unconcerned packet, thus since system need to handle the efficient that the data volume of 5Gb/s filters very important, adopt hardware comparison circuit CAM to realize here, CAM is a Content Addressable Memory.Utilize this hardware cell to search filtration to the lot of data bag in very short several cycles, the MATCH signal that obtains is just as the basis of judging whether this packet is dropped.Data-handling efficiency of the present invention is than higher.When being write the CAM address, a filtercondition will wish that the port of this packet output writes the identical address of another block RAM.Can produce an address when CAM finds that current bag is eligible, the content of utilizing this address to read RAM just can obtain the port information that this packet should be exported, and can export by this port.
As shown in Figure 3, the present invention realizes Packet Filtering and forwarding like this:
The pos interface module is finished functions such as the signal connection, negotiation, control, processing, data packet buffer control, FIFO control of pos interface.The data pack buffer module is finished the packet information from pos interface, use the ram buffer buffer memory, be responsible for finishing the pointer management of buffering area message and the control of external signal pin, finish to peel off out in information such as the initial address message (IAM) of buffering area, packet lengths from source address, source port, destination address, destination interface and the protocol type packet of the IP message of pos interface being stored in the message protocol buffer memory, carry out packet parsing for central control logic.In the control logic module according to the protocol information of IP message, finish a message filtered, shunts after, send to the GE interface.Middle control logic module is finished coordination, scheduling, the control of all modules of chip, can allow chip under unified processing policy all messages be carried out particular procedure.Filtering module storage, managing chip filtercondition, can according in the request of control logic module judge whether a message satisfies filtercondition.Whether that satisfies filtercondition reexamines the appointed output terminal mouth, as appointed output terminal mouth not, then according to the up-downgoing packet of a connection from the principle of same GE port output according to flow from the balanced output of two GE interface modules.The GE interface module: the command request of control logic module in the GE interface basis, a message is finished the mac frame assembling send to the standard gmii interface afterwards.
Pos interface module of the present invention directly is connected with POS PHY chip, it also is connected with DPRAM (Packet buffer) with FIFO (Packet infoFIFO and Packet head FIFO), pos interface is according to the control signal of POSPHY chip, bridge as FIFO and DPRAM and PHY chip, be responsible for PHY chip read data packet, simultaneously, the HDLC/PPP message that reads is separated the IP bag, control DPRAM will ' bag stores and adjusts relevant pointer, control FIFO stores 5 tuple information of IP, the present invention finishes message to transmit between 2.5GPOS interface and GE interface, handling process is as follows:
At first pos interface PHY chip will be resolved from the SDH Frame of pos interface, use internal data bus to be delivered among the FIFO of PHY chip; The pos interface module reads the PPP/HDLC message that parses from the PHY chip, dump among the chip internal RAM, the PPP/HDLC message that the IP head of HDLC message is separated out simultaneously, dump among the chip internal RAM, simultaneously the IP header parsing of HDLC message is come out, with agreement 5 tuples, packet in information stores such as the initial address message (IAM) of buffering area, packet lengths in chip internal FIFO; The control logic takes table tennis (being left and right sides repeating query) mode constantly to read the information among the agreement FIFO by FSM in the chip, and whether protocol information is filtered through filtering content-addressable memory decision message; After middle control logical decision filters successfully, the message copy is sent to the GE interface module for two parts, and to pass through the Ethernet transmits data packets, must be by the MAC (MAC controller) of Ethernet, the IP packet front after filtering is added calculating the CRC check value after former MAC Address, target MAC (Media Access Control) address and the data type of Ethernet forms the ether packet and just can the MAC chip of packet by gigabit ether have been sent by the bus of special use.
The utility model also comprises and filters the CONSOLE that CAM is connected with middle control logic, in order to set control information, the general establishing method of communication equipment generally is to finish by hyper terminal CONSOLE interface with the RS232 interface, also can be undertaken by TELNET with 10/100 Ethernet interface.These two kinds of methods all need microprocessor to realize, can utilize various general processors or single-chip microcomputer to realize this function, which kind of method all need be on controller communication protocol and man-machine interface program.
Use method described in the utility model can realize and 2.5G POS communication data can be filtered the equipment that is forwarded to gigabit ethernet environment, it is more economical and practical and very strong autgmentability arranged that this equipment contrasts existing solution, as with these technology conversely with setting up the simple and easy gateway device of a two-way 2.5G POS to gigabit ether.
Claims (7)
1. a POS network data is filtered the device of distribution, it is characterized in that this device includes pos interface module, data pack buffer module, output interface module, middle control logic module, filtering module and command register module, wherein,
The pos interface module is used for and being connected of SDH Physical Interface and obtaining of the first address of packet and length information, 5 class metamessages;
The data pack buffer module is used for the buffer memory of packet and with the first address of described packet and length information, the storage of 5 class metamessages;
In the control logic module, be used for reading the first address of packet of each data pack buffer module and length information, 5 class metamessages, 5 class metamessages of described packet are sent to described filtering module; Check whether the packet of coupling has specified output port, if the command register module that has then first address and length information with described packet be transmitted to described output port module correspondence; As appointed output terminal mouth not, then according to the up-downgoing packet of a connection from the principle of same output port output with the principle of the flow basis equalization output of each output port, the command register module that the first address and the length information of described packet is transmitted to described output port module correspondence;
Filtering module is used for the stored filter conditional information, and mates 5 class metamessages of described packet with this filtering conditional information, and with the feedback information of matching result give described in the control logic module;
The command register module is used to store the first address and the length information of described packet;
Output interface module is used for reading the information of described corresponding command register module, and reads described data cached bag according to this order in the data pack buffer module, and is encapsulated as the Ethernet data bag and sends;
The pos interface module is obtained the first address of the packet that enters and length information, 5 class metamessages and is stored in the described data pack buffer module with described packet, described middle control logic module reads 5 class metamessages of described packet and sends in the described filtering module, described filtering module mates 5 class metamessages of described packet with the filtering conditional information of storage, if do not match, then abandon described packet, if coupling, check whether this packet has specified output port, then export in the pairing command register module of this output port if having; As appointed output terminal mouth not, then export in the pairing command register module of a certain port a plurality of output ports with the principle of the flow basis equalization output of each output port again from the principle of same output port output according to the up-downgoing packet of a connection; Described output port module reads the information in the described command register module, and reads described packet according to this information from described data pack buffer module, is encapsulated as Ethernet data bag and transmission.
2. POS network data as claimed in claim 1 is filtered the device of distribution, it is characterized in that this device also comprises the control desk that includes input unit that is connected with output interface module with described pos interface module, middle control logic module, filtering module.
3. POS network data as claimed in claim 2 is filtered the device of distribution, it is characterized in that described control desk is single-chip microcomputer, computer.
4. POS network data as claimed in claim 1 is filtered the device of distribution, it is characterized in that described pos interface module, data pack buffer module, command register are two, are symmetrical structure; At least two of described output interface modules.
5. POS network data as claimed in claim 1 is filtered the device of distribution, it is characterized in that 5 class metamessages of described packet are source address, source port, destination address, destination interface and protocol type information.
6. POS network data as claimed in claim 1 is filtered the device of distribution, it is characterized in that, described filtering conditional information is one or more the combination in any in source address, source port, destination address, destination interface and the protocol type.
7. filter the device of distribution as any described POS network data of claim 1 to 6, it is characterized in that described output interface module is specially GE interface module or FE interface module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200320130382.7U CN2672972Y (en) | 2003-12-26 | 2003-12-26 | POS data filter distributing device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200320130382.7U CN2672972Y (en) | 2003-12-26 | 2003-12-26 | POS data filter distributing device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2672972Y true CN2672972Y (en) | 2005-01-19 |
Family
ID=34477371
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200320130382.7U Expired - Fee Related CN2672972Y (en) | 2003-12-26 | 2003-12-26 | POS data filter distributing device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2672972Y (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100539543C (en) * | 2003-12-26 | 2009-09-09 | 北京锐安科技有限公司 | The method and apparatus of POS data filter distribution |
| WO2016180185A1 (en) * | 2015-08-26 | 2016-11-17 | 中兴通讯股份有限公司 | Method and apparatus for determining position of point of sale (pos) |
-
2003
- 2003-12-26 CN CN200320130382.7U patent/CN2672972Y/en not_active Expired - Fee Related
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100539543C (en) * | 2003-12-26 | 2009-09-09 | 北京锐安科技有限公司 | The method and apparatus of POS data filter distribution |
| WO2016180185A1 (en) * | 2015-08-26 | 2016-11-17 | 中兴通讯股份有限公司 | Method and apparatus for determining position of point of sale (pos) |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7907630B1 (en) | Method and apparatus for switching, merging, and demerging data between data communication locations | |
| EP1313291B1 (en) | Apparatus and method for header processing | |
| US7460473B1 (en) | Network receive interface for high bandwidth hardware-accelerated packet processing | |
| McAuley | Protocol design for high speed networks | |
| US7962825B2 (en) | System and methods for high rate hardware-accelerated network protocol processing | |
| US7990971B2 (en) | Packet processing apparatus and method codex | |
| US20060039374A1 (en) | Pipelined packet switching and queuing architecture | |
| CN1638361A (en) | Parallel data link layer controllers in a network switching device | |
| JP2004510252A (en) | Intelligent network storage interface system and device | |
| WO2001037484A2 (en) | Serializing data using hazard-free multilevel glitchless multiplexing | |
| CN103731409B (en) | The distributed measurement device of embedded type automobile acquisition equipment for accelerating with TCP | |
| CN1178435C (en) | Selective address table aging in a network switch | |
| WO2001067694A9 (en) | Broadband mid-network server | |
| CN101578590A (en) | Omni-protocol engine for reconfigurable bit-stream processing in high-speed networks | |
| US6859454B1 (en) | Network switch with high-speed serializing/deserializing hazard-free double data rate switching | |
| CN206962832U (en) | Network data auditing system based on FPGA high-performance capture cards | |
| CN102468899A (en) | Channelizing STM-1 access distribution method of and system thereof | |
| JPH07321842A (en) | Apparatus for interfacing packet switching network to plurality of data terminals,module for interfacing plurality of end points to system that switches frame relay packet,and method for interfacing terminal to system that switches data packet | |
| CN100539543C (en) | The method and apparatus of POS data filter distribution | |
| EP1259035B1 (en) | Pointer based binary search engine and method for use in network devices | |
| US8891406B1 (en) | Methods and apparatus for tunnel management within a data center | |
| Lau et al. | Gigabit Ethernet switches using a shared buffer architecture | |
| CN1731730A (en) | Kern memory exchange platform system for mass memory system | |
| CN2672972Y (en) | POS data filter distributing device | |
| CN1638385A (en) | Parallel data link layer controllers in a network switching device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |