JP2006340119A - Network device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a high quality network by decentralizing the division and reconstruction of packets on a tunnel node. <P>SOLUTION: An MTU updating message packet to which an IP router alarm option is added and an MTU updating message packet to which it is not added are reported to a transmission origin. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a network device that performs packet header encapsulation and network address translation, and more particularly to a network device that can reduce the possibility of packet division or packet discard.

  A network device constituting a communication network may divide and transmit a received packet when the received packet does not prohibit division. As described above, when a packet does not perform a path maximum transmission unit (MTU) search, a transmission delay due to packet division occurs before the packet reaches the destination.

  The communication protocol of the network connected to the network device is not always single. In today's network devices, there is a model (hereinafter referred to as a tunnel node) capable of communicating a received packet with a communication protocol different from that at the time of reception in order to make the received packet reach the destination. Tunnel node functions include packet header encapsulation and network address translation (NAT). Here, when a communication to a destination is required for a received packet using a communication protocol different from that at the time of reception, the packet size at the time of transmission may be larger than that at the time of reception. Further, when the size of the transmission packet exceeds the MTU of the output destination line, the tunnel node transmits the packet that has been subjected to encapsulation after being divided (see, for example, Non-Patent Document 1).

RFC2003

  When receiving a divided packet, the tunnel node may perform packet header encapsulation after reconfiguring the packet, and may divide the packet again. In a network device such as a tunnel node, packet division and reconfiguration are executed by software. In particular, when a load such as packet division or reconfiguration is concentrated in a tunnel node, there is a possibility that packet loss may occur due to a decrease in throughput or overflow of the packet buffer.

  Therefore, an object of the present invention is to provide a high-quality network by not concentrating packet division and reconfiguration on a tunnel node.

When a packet flow that requires packet header encapsulation or address translation is set, the tunnel node performs an MTU search for an output destination line for the packet flow. At this time, the tunnel node stores a value (tunnel MTU) obtained by subtracting the amount of data necessary for encapsulation and address translation of the packet header from the MTU of the output destination line as the MTU of the output destination line. Thereafter, a message packet that prompts the sender to update the MTU at the sender to the value of the tunnel MTU is notified.
In the network device of the present invention, a message packet to which the IP router warning option (RFC2113, 2711) is added and a message packet not to be added are notified to the transmission source.

  If there is a router between the tunnel node and the transmission source and the router can reflect the contents of the message packet with the IP router warning option, the packet can be divided by the router. There is no division. Here, when the transmission source address of the packet flow requiring packet header encapsulation is a network address, the contents of the message packet can be applied to packets transmitted from all terminals belonging to the network address. Further, when there is no router between the tunnel node and the transmission source, the transmission source updates the MTU according to the message packet to which the IP router warning option is not added, so that no division occurs at the tunnel node.

  By adopting the configuration of the present invention, packet division and packet reconfiguration can be suppressed for a packet flow in which a transmission source terminal does not perform MTU search in a tunnel node. That is, the router or transmission source terminal located in the preceding stage of the tunnel node adjusts the packet to a size that does not place a load on the tunnel node. Therefore, the present invention can provide a network that not only makes it possible to avoid a decrease in throughput in the tunnel node but also reduces the possibility of packet loss.

  Embodiments of the present invention will be described below with reference to the drawings. Here, a case where the present invention is applied to the network device 10 of FIG. 1 will be described in order to facilitate comparison with the prior art. In this embodiment, IP packet transfer that requires encapsulation of a packet header will be described. However, as long as the effects of the present invention are obtained, the device to be applied and the type of packet are not limited to this.

FIG. 1 is a block diagram of a network device 10 according to the present invention.
The network device 10 includes a plurality of interface modules 11-i connected to an input line IN-i (i = 1 to N) and an output line OUT-i, and a selector 12 and a data relay connected to these interface modules. Unit 16, packet buffer 13 connected to selector 12, header extraction unit 14 and buffer control unit 15, route control unit connected to data relay unit 16, tunnel control unit and resource connected to packet buffer 13 And a manager 40. Reference numeral 60 denotes a management terminal that is located outside the network device 10, has the signal line L 16 connected to the resource manager 40, and is operated by an administrator of the network device 10.

  FIG. 2 shows an example of a format of a variable length IP packet received from each input line IN-i. The variable-length IP packet 100 includes a third layer (network layer) IP header 110 and an IP payload 120 in the OSI reference model. The IP header 110 includes control information 111, a source IP address 112, and a destination IP address 113. In FIG. 2, the control information 111 stores the packet length and protocol value of the IP packet.

  In FIG. 1, each interface module 11-i outputs the IP packet received from the input line IN-i to the signal line L1-i. The selector 12 selectively signals IP packets input from the signal lines L1-1 to L1-N, the signal line L4, and the signal line L8 in accordance with a control signal supplied from the buffer control unit 15 via the signal line L15. Output to line L2. The header extraction unit 14 analyzes the IP header 110 of the IP packet 100 output to the signal line L2, and signals the packet length indicated in the control information 111 to the signal line L12, the destination IP address 113 and the transmission source address 112. Output to line L3.

  The buffer control unit 15 writes the IP packet 100 output to the signal line L2 to the packet buffer 13 and reads IP packets from the packet buffer 13 to the signal lines L5, L6, and L14. Further, the buffer control unit 15 controls the writing of the IP packet to the packet buffer 13 based on the packet length output from the header extraction unit 14 to the signal line L12, and interlocks with the reading of the IP packet from the packet buffer 13. The selector 12 switching control signal is output to the signal line L15, and the next IP packet is written to the packet buffer 13.

  As shown in FIG. 3, the route search unit 20 searches the routing table 202 for route control information 700 based on the destination IP address 113 output from the header extraction unit 14 to the signal line L3. The route control information 700 includes, for example, output destination information of an IP packet, as shown in FIG. The route control unit 20 outputs the route control information 700 to the signal lines L7, L17, and L20.

Further, when searching for the route control information of the multicast IP packet, the route control unit 20 determines the routing table based on the destination IP address 113 and the source IP address 112 output by the header extraction unit 14 to the signal line L3. The route control information 700 is searched from 202.
If the routing control information 700 cannot be searched as a result of the search, the routing table control unit 201 notifies the routing table management unit 203 that the search cannot be performed via the signal line L22. Thereafter, the routing table management unit 203 outputs a signal indicating that route search is added to the signal line L13. At this time, when a signal indicating that the route search is impossible is input from the signal line L13, the buffer control unit 15 interprets the routing as invalid and discards the IP packet stored in the packet buffer 13.

  When performing dynamic routing, the routing table management unit 203 outputs data necessary for routing to the signal line L21 connected to the routing table control unit 201 in accordance with a routing protocol. In addition, when performing static routing, data necessary for routing is output according to the setting input from the management terminal 60 via the signal line L10.

  When the packet relay unit 16 receives an IP packet from the signal line L6 and the packet output destination information included in the route control information 700 input from the signal line L7 is the packet relay unit 16, the communication path control information 700 is An IP packet is transmitted from the output line OUT-k via the interface module 11-k corresponding to the output port number k (k = 1 to N) indicated.

  As shown in FIG. 4, the tunnel control unit 30 receives the route control information 700 from the signal line L17, and when the packet output destination information included in the route control information 700 is the tunnel control unit 30, the tunnel control activation unit 305 prompts the buffer control unit 15 to read the IP packet via the signal line L18.

  The IP packet input from the signal line L5 is accumulated in the tunnel control packet buffer 304. At this time, the IP header 110 is input to the tunnel information table control unit 301 via the signal line L5. The tunnel information table control unit 301 searches tunnel information from the tunnel information table 302 based on the IP header 110, and outputs the search result to the signal line L34. After the search result is input from the signal line L34, the tunnel processing unit 306 urges the tunnel control packet buffer 304 to read the IP packet via the signal line L32. Also, when an IP packet is input from the signal line L33, the tunnel processing unit 306 executes packet header encapsulation (or decapsulation) using the search result. The tunnel processing unit outputs the packet subjected to the encapsulation process to the signal line L8. If the packet length subjected to the encapsulation process is larger than the maximum transmission unit (MTU) of the output line OUT-i, the process packet is divided.

  As shown in FIG. 5, when the resource manager 40 receives the route control information 700 from the signal line L20 and the packet output destination information included in the route control information 700 is the resource manager 40, the packet reception activation unit 406 The buffer control unit 15 is urged to read the IP packet via the signal line L19.

  The packet reception unit 402 accumulates IP packets input from the signal line L14. At this time, the IP packet is input to the resource management unit 401 via the signal line L42. Although details will be described later, the resource management unit 401 analyzes the input IP packet and issues a command to the packet generation unit as necessary. Further, the resource management unit 401 is connected to the terminal 60 located outside the network device 10 via the signal line L16. The information in the routing table 202 and the tunnel information table 302 is set after the resource management unit 401 sets the resource table 404 in the resource table control unit 403.

As shown in FIG. 6, the resource management unit 401 includes a command control unit 411, a packet analysis unit 412, and a routing protocol control unit 413.
The packet analysis unit 412 analyzes the packet after the packet is input from the signal line L42, and outputs the packet input to the signal line L43 when an ICMP message used for IP control is to be generated. If the routing information is to be updated, L47 is prompted to update.

The routing protocol control unit 413 activates the routing protocol immediately after the network device 10 is turned on, and prompts the generation of a packet necessary for communicating with the adjacent network device via the signal line L44. In addition, a routing table configured as a result of communication with the adjacent network device is output to the signal line L48.
The command control unit 411 sets the resource table 404 via the signal line L45. Further, when urging to set the routing table 202 and the tunnel information table 302 via the signal lines L10 and L11, necessary information is read from the resource table 404 via the signal line L41.

  When the command control unit 411 connected to the terminal 60 through the signal line L16 recognizes the input of the tunnel information by the administrator of the network device 10, the route between the node 501 and the node 502 is shown in FIG. Perform an MTU search. At this time, generation of a route MTU search packet is prompted via the signal line L46. Further, the command control unit 411 compares a value (tunnel MTU) obtained by subtracting the size of the packet header used for encapsulation from the result of the route MTU search with the MTU between the network device 10 and the transmission source terminal side router. If the tunnel MTU is small as a result of the comparison, the transmission source terminal and the transmission source terminal side router of the packet flow passing through the input tunnel are prompted to update the MTU. An example using FIG. 7 is shown below.

  In the communication between the terminal 512 (transmission source) and the terminal 522 (destination), it is assumed that the terminal 512 permits the division of the IP packet. In this case, when the MTU between the terminal 512 and the node 511 is larger than the MTU between the node 511 and the node 501, the node 511 transmits the packet to the node 501 after dividing the packet. Further, when the MTU between the node 511 and the node 501 is larger than the MTU between the node 501 and the node 502 (tunnel MTU), the node 501 which is a tunnel node reconfigures the divided packet and then encapsulates it. Apply processing. Then, the IP packet is divided. In such a state, since the IP packet transmission delay tends to increase, it is desirable that the node 501 prompts the node 511 and the terminal 512 to update the MTU. At this time, as shown in FIG. 9, the node 501 inserts the router warning option as the next header / option 130 in the packet for the node 511 and transmits the packet for the terminal 512 without inserting the next header / option 130.

By inserting the router warning option as the next header / option 130, it is possible to prompt the router existing between the tunnel node and the transmission source terminal to update the MTU.
Although not particularly mentioned in the present embodiment, the present invention may be applied to network address translation regardless of the encapsulation of the IP packet header.

  As is clear from the above description, according to the present invention, the tunnel node is connected to at least one of the source terminal and the router on the source terminal side for a packet flow that requires packet header encapsulation. By notifying a message that prompts the user to update the MTU, it is possible not only to avoid a decrease in throughput in the tunnel node but also to provide a network that can reduce the possibility of packet loss.

  The present invention is applicable to a network device that can control a specific packet flow and accommodate a plurality of communication protocols.

1 is a block diagram showing an embodiment of a network device 10 according to the present invention. FIG. 3 is a diagram illustrating an example of a format of a variable length IP packet input to the network device 10. The block diagram which shows one Example of the route control part 20. FIG. FIG. 3 is a block diagram showing an embodiment of a tunnel control unit 30. The block diagram which shows one Example of the resource manager 40. FIG. The block diagram which shows one Example of the resource management part 401. FIG. The figure which shows the structural example of the IP network to which the network node apparatus of this invention is applied. The format of the routing information 700 stored in the routing table 202 at the time of IP packet transfer. The figure which shows an example of the format of the message packet which prompts the update of MTU which the network apparatus 10 outputs.

Explanation of symbols

10: network device, 11: interface module, 12: selector, 13: packet buffer, 14: header extraction unit, 15: buffer control unit, 16: data relay unit, 20: route control unit, 30: tunnel control unit, 40 : Resource manager, 60: Management terminal.

Claims (13)

Multiple input lines into which packets are input;
Multiple output lines that output packets;
A packet buffer for temporarily holding the input packet;
A controller that performs packet header encapsulation or network address translation of the input packet,
The control unit
Measure the maximum transfer unit between the destination of the packet after the encapsulation or the network address conversion and the network device, and the packet of the packet input by the encapsulation or the network address conversion from the measured maximum transmission unit A network device, wherein a value obtained by subtracting the amount of data added to a header is notified to at least one of the transmission source terminal of the input packet or the router on the transmission source terminal side. The network device according to claim 1, wherein
Multiple input lines into which packets are input;
Multiple output lines that output packets;
A packet buffer that temporarily holds input packets;
A path control unit that determines output destination information of the input packet from information included in a header of the input packet;
A tunnel control unit that performs packet header encapsulation or network address translation when the output destination of the input packet cannot be transferred in the state of the input packet;
A resource manager for managing the route control unit and the tunnel control unit;
A data relay unit for transferring the packet to an output line corresponding to the output destination information;
The resource manager
A resource table holding resource information of the route control unit and the tunnel control unit;
A resource table control unit for controlling the resource table;
A packet receiver that receives packets from adjacent network devices;
A packet generator for generating a packet for transmission to an adjacent network device;
Analyzing the packet input to the packet receiver,
A resource management unit that instructs the packet generation unit to generate a packet;
The resource management unit
A packet analyzer for analyzing the nature of the packet input to the packet receiver;
A routing protocol controller for controlling network route information;
The resource table control unit, the routing protocol control unit, the route control unit, and a command control unit that issues necessary instructions to the tunnel information control unit,
The resource manager
After information necessary for packet header encapsulation or network address translation for a specific packet flow is set in the resource table,
Generate a packet that searches for the maximum transmission unit to the destination of the packet header after the encapsulation or after the network address conversion,
Measure the maximum transfer unit between the network device and the destination,
A value obtained by subtracting the amount of data added to the packet header of the input packet by encapsulation and network address conversion from the maximum transmission unit between the network device and the destination is the source terminal or the source terminal side. A network device that notifies at least one of routers. The command control unit according to claim 2,
Prompt the routing protocol control unit to start the routing protocol immediately after powering on the network device,
Prompts the route control unit to set route information in the routing table among the information set in the resource table,
A network device characterized by urging the tunnel control unit to set information necessary for packet header encapsulation or network address translation for an input packet among information set in the resource table in the tunnel information table. The network device according to claim 2, wherein
The packet analysis unit
After analyzing the nature of the above input packet,
A transfer of a message prompting the routing protocol control unit to update the input packet or route information;
Alternatively, a network device for transferring a message prompting the packet generation unit to generate a packet and the input packet. The network device according to claim 4, wherein
The routing protocol control unit
Notifying the packet generation unit of a message for prompting generation of a packet for confirming the network state toward an adjacent network device in order to acquire route information,
A network device, wherein route information is updated according to the input packet input from the packet analysis unit and a message prompting to update the route information. The packet generator according to claim 5,
A message prompting generation of a packet input from the packet analysis unit and the input packet;
Or according to the message prompting the generation of the packet input from the routing protocol control unit,
A network device that outputs a necessary packet after it is generated. The network device according to claim 2, wherein
The above resource table is
It can be set from the routing protocol control unit and a terminal connected to the outside of the network device,
A network device characterized in that the state of the resource table can be referred from the terminal. The network device according to claim 2, wherein
The packet buffer for temporarily storing packets input from the input line or the resource manager or the tunnel control unit;
A selector for selectively inputting the packet into the packet buffer;
A network device comprising: a buffer control unit that controls writing and reading of the packet to and from the packet buffer. The network device according to claim 2, wherein
The route controller is
A routing table control unit that extracts part or all of the information included in the packet header and searches for output destination information of the input packet using this as a search key;
A search condition that is a search target of the search key, and a routing table that contains output destination information corresponding to the search condition,
In cooperation with the buffer control unit, the packet is transferred to the data relay unit or the tunnel control unit,
The network device, wherein the data relay unit transfers the packet toward an output destination corresponding to the path information. The network device according to claim 2, wherein
The tunnel control unit
A tunnel control packet buffer for temporarily storing packets input from the packet buffer;
A tunnel information table control unit that extracts part or all of the packet header information from the packet stored in the tunnel control packet buffer and executes a search using this as a search key;
A search condition that is a search target of the search key and a tunnel information table that contains output destination information corresponding to the search condition;
A network apparatus comprising: a tunnel processing unit that performs packet header encapsulation or network address conversion on an input packet using information read from a tunnel information table. The network device according to claim 2, wherein
The above packet
A network device comprising an Internet Protocol (IP) header. The network device according to claim 2, wherein
The above packet
A network device including an Ethernet (registered trademark) frame header. The network device according to claim 2, wherein
The above packet
A network device comprising a SIM header used for MPLS forwarding.

Images