JP2013211706A - Open flow network system, and data communication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an open flow network system and data communication method capable of connecting a redundant network apparatus with an open flow network, in a state of keeping a redundant configuration.SOLUTION: A switch SW transfers a VRRP packet transmitted from a router connected to the switch SW and a GARP packet transmitted from an active system router, to a controller C. The controller C controls a switch SW to which another router in a VRRP group including the router transmitting the VRRP packet is connected, to transmit the VRRP packet to the other router. The controller C also calculates a path from a switch SWn to which a layer 3 node N1 is connected to the active system router, and controls respective switches on the path so as to transmit packet data transmitted from the layer 3 node N1 to a virtual IP address shared by routers R1 and R2 to the active system router.

Description

  The present invention relates to an OpenFlow network system and a data communication method, and more particularly to an OpenFlow network system capable of connecting a redundant network device to an OpenFlow network while maintaining a redundant configuration, and The present invention relates to a data communication method.

  VRRP (Virtual Router Redundancy Protocol) is a technique for improving the reliability of devices used in a network (see, for example, Patent Document 1). VRRP is made redundant by a plurality of devices physically, and even if a failure occurs in the active device, it prevents the processing from being stopped by other devices forming the redundant configuration taking over the processing. It becomes possible to do.

  In addition, an OpenFlow Consortium has been proposed by the OpenFlow Consortium that centrally controls transfer processing and the like in each switch constituting a network by a controller.

JP 2005-167435 A

  Since existing network devices operate autonomously, when a device equipped with a VRRP function is connected to a network using the open flow technology, the controller can select any of the devices that form the same VRRP group. Information about whether it is functioning as an active system cannot be obtained.

  For this reason, when a device that forms a VRRP group is connected to a network that uses OpenFlow technology, the controller cannot centrally control the transfer processing of each switch.

  The present invention has been made to solve the above-described problems, and an OpenFlow network system capable of connecting a redundant network device to an OpenFlow network while maintaining a redundant configuration, and An object of the present invention is to provide a data communication method.

In order to achieve the above object, an OpenFlow network system according to the first aspect of the present invention provides:
Each switch that makes up the OpenFlow network
A controller that centrally controls the data transfer processing of each switch when the life / death monitoring packet, which is packet data for life / death monitoring, is received from a physically redundant network device. Alive monitoring packet transfer means to transfer to,
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving the Address Resolution Protocol) packet, a GARP packet transfer means for transferring the received GARP packet to the controller;
With
The controller is
Controlling a switch connected to a network device other than the network device that has transmitted the alive monitoring packet among the physically redundant network devices, the alive monitoring packet is monitored by the alive monitoring. A packet transfer control means for alive monitoring that transmits the packet to a network device other than the network device that has transmitted the packet;
Route calculation means for calculating a route from the switch to which the node is connected to the active network device;
By controlling each switch on the route calculated by the route calculating means, packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device is transmitted. Packet transfer control means for transmitting to the active network device;
Comprising
It is characterized by that.

The controller is
A storage unit for storing network device switch correspondence information in which information that can uniquely identify each switch connected to the physically redundant network device is associated;
The life and death monitoring packet transfer control unit transmits the life and death monitoring packet among the physically redundant network devices based on the network device switch correspondence information stored in the storage unit. Identifying a network device other than the network device, controlling a switch to which the identified network device is connected, and transmitting the alive monitoring packet to the identified network device.
You may do it.

In addition, the storage unit includes the network device switch correspondence information and the switch to which the physically redundant network device is connected, which network device is connected to the active network Stores connection information that associates the active system information that can be identified as a device,
The controller is
An acquisition unit for acquiring a physical MAC (Media Access Control) address of the active network device included in the GARP packet transferred by the GARP packet transfer unit;
The path calculating unit is configured to match the destination MAC address included in the header information of the packet data based on the physical MAC address of the active network device acquired by the acquiring unit and the connection information. Identifying a switch corresponding to the physical MAC address of the network device, and calculating a path from the switch to which the node is connected to the active network device connected to the identified switch;
You may do it.

In addition, the controller
Further comprising transmission source determination means for referring to connection information stored in the storage unit to determine whether the network device that has transmitted the alive monitoring packet is an active network device;
The life and death monitoring packet transfer control means is configured so that the network device that is physically redundant only when the transmission source determination means determines that the network device that has transmitted the life and death monitoring packet is an active network device. A network device other than the network device that has transmitted the alive monitoring packet by controlling a switch to which a network device other than the network device that has transmitted the alive monitoring packet is connected. To send to
You may do it.

In addition, the controller
When the alive monitoring packet from the active network device cannot be received within a predetermined time, it is determined that a failure has occurred in the active network device, and the update for updating the corresponding active information in the connection information Further comprising means,
You may do it.

The physically redundant network device has a VRRP (Virtual Router Redundancy Protocol) function, and the alive monitoring packet is a VRRP packet.
You may do it.

The physically redundant network device is a router.
You may do it.

In order to achieve the above object, an OpenFlow network system according to the second aspect of the present invention provides:
Each switch that makes up the OpenFlow network
When a life / death monitoring packet that is packet data for life / death monitoring is received from a physically redundant network device, the life / death monitoring packet is transmitted from the physically redundant network device. The flow setting for transmitting the life / death monitoring packet received to the network device other than the network device is executed for each switch on the path from the own switch to the network device that is the transmission destination of the life / death monitoring packet. Flow setting request transmitting means for transmitting a flow setting request for requesting to the controller;
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving the Address Resolution Protocol) packet, a GARP packet transfer means for transferring the received GARP packet to the controller;
With
The controller is
When the flow setting request is received, a path from the switch that transmitted the flow setting request to a network device other than the network device that transmitted the alive monitoring packet among the physically redundant network devices First route calculating means for calculating
For each switch on the route calculated by the first route calculating means, among the network devices that are physically redundant, to network devices other than the network device that transmitted the alive monitoring packet, Life and death monitoring packet transfer control means for setting a flow for transmitting the life and death monitoring packet,
Second route calculating means for calculating a route from the switch to which the node is connected to the active network device;
Packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device for each switch on the route calculated by the second route calculating means A packet transfer control means for setting a flow for transmitting to the active network device,
Comprising
It is characterized by that.

Each switch is
Upon receiving the alive monitoring packet from the network device, the alive monitoring received from the physically redundant network device to a network device other than the network device that has transmitted the received alive monitoring packet. A determination unit for determining whether or not a flow for transmitting a packet has already been set;
The flow setting request transmission means receives the life / death monitoring packet received by the determination means to a network device other than the network device that has transmitted the received life / death monitoring packet among the physically redundant network devices. The flow setting request is transmitted to the controller only when it is determined that the flow for transmitting is not yet set.
You may do it.

In addition, the controller
A storage unit for storing network device switch correspondence information in which information that can uniquely identify each switch connected to the physically redundant network device is associated;
The first path calculation unit is a network that transmits the alive monitoring packet among the physically redundant network devices based on the network device switch correspondence information stored in the storage unit. Specify a network device other than the device, and calculate a route from the switch that transmitted the flow setting request to the specified network device.
You may do it.

The physically redundant network device has a VRRP (Virtual Router Redundancy Protocol) function, and the alive monitoring packet is a VRRP packet.
You may do it.

The physically redundant network device is a router.
You may do it.

In order to achieve the above object, a data communication method according to a third aspect of the present invention includes:
Each switch that makes up the OpenFlow network
A controller that centrally controls the data transfer processing of each switch when the life / death monitoring packet, which is packet data for life / death monitoring, is received from a physically redundant network device. Alive monitoring packet forwarding step to forward to,
The controller is
Controlling a switch connected to a network device other than the network device that has transmitted the alive monitoring packet among the physically redundant network devices, the alive monitoring packet is monitored by the alive monitoring. A packet transfer control step for alive monitoring that transmits a packet to a network device other than the network device that transmitted the packet,
Each switch constituting the OpenFlow network is
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving an Address Resolution Protocol) packet, a GARP packet transfer step for transferring the received GARP packet to the controller;
The controller is
A route calculating step for calculating a route from the switch to which the node is connected to the active network device;
The controller is
By controlling each switch on the route calculated by the route calculating step, packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device A packet transfer control step for transmitting to the active network device;
Comprising
It is characterized by that.

In order to achieve the above object, a data communication method according to a fourth aspect of the present invention includes:
Each switch that makes up the OpenFlow network
When a life / death monitoring packet that is packet data for life / death monitoring is received from a physically redundant network device, the life / death monitoring packet is transmitted from the physically redundant network device. The flow setting for transmitting the life / death monitoring packet received to the network device other than the network device is executed for each switch on the path from the own switch to the network device that is the transmission destination of the life / death monitoring packet. A flow setting request sending step for sending a flow setting request to the controller to the controller;
The controller is
When the flow setting request is received, a path from the switch that transmitted the flow setting request to a network device other than the network device that transmitted the alive monitoring packet among the physically redundant network devices A first route calculating step for calculating
The controller is
For each switch on the route calculated in the first route calculating step, among the network devices that are physically redundant, to network devices other than the network device that transmitted the alive monitoring packet, Life and death monitoring packet transfer control step for setting a flow for transmitting the life and death monitoring packet, and
Each switch on the route calculated in the first route calculating step is
Based on the flow set in the first route calculation step, the life and death monitoring packet is sequentially transferred, so that the life and death monitoring packet is transmitted among the physically redundant network devices. A life / death monitoring packet transmission step for transmitting the life / death monitoring packet to a network device other than the network device,
Each switch constituting the OpenFlow network is
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving an Address Resolution Protocol) packet, a GARP packet transfer step for transferring the received GARP packet to the controller;
The controller is
A second route calculating step for calculating a route from the switch to which the node is connected to the active network device;
The controller is
Packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device for each switch on the route calculated in the second route calculating step A packet transfer control step for setting a flow for transmitting to the active network device,
Each switch on the route calculated in the second route calculating step is
A packet transmission step of transmitting the packet data to the active network device by sequentially transferring the packet data based on the flow set in the packet transfer control step,
Comprising
It is characterized by that.

  According to the present invention, it is possible to connect a redundant network device to an OpenFlow network while maintaining a redundant configuration.

It is a block diagram which shows the structure of the open flow network system in Embodiment 1. FIG. 6 is a diagram illustrating an example of a format of a VRRP packet in Embodiment 1. FIG. FIG. 3 is a block diagram illustrating a configuration of each switch in the first embodiment. It is a figure which shows the example of the flow table in Embodiment 1. FIG. FIG. 2 is a block diagram illustrating a configuration of a controller in the first embodiment. It is a figure which shows the example of the setting time table in Embodiment 1. FIG. It is a figure which shows the example of the connection information table in Embodiment 1. FIG. 3 is a block diagram illustrating an example of an address table in Embodiment 1. FIG. It is a figure which shows the example of the topology information table in Embodiment 1. FIG. FIG. 6 is a diagram illustrating a flowchart of VRRP packet transfer processing in the first embodiment. It is a figure for demonstrating the flow of the process of the whole system of a normal time which made the example of the open flow network system shown in FIG. 1 in Embodiment 1. FIG. FIG. 2 is a diagram for explaining a processing flow of the entire system when a failure occurs, taking the OpenFlow network system shown in FIG. 1 as an example in the first embodiment; 6 is a block diagram illustrating a configuration of a controller in Embodiment 2. FIG. It is a figure which shows the example of the connection information table in Embodiment 2. FIG. FIG. 9 is a diagram for explaining a processing flow of the entire system in a normal state, taking the OpenFlow network system shown in FIG. 1 as an example in the second embodiment. FIG. 9 is a diagram for explaining a processing flow of the entire system when a failure occurs, taking the OpenFlow network system shown in FIG. 1 as an example in Embodiment 2.

(Embodiment 1)
The present embodiment will be described with reference to the accompanying drawings.

  With reference to FIG. 1, the structure of the open flow network system 1 in this embodiment is demonstrated. As shown in FIG. 1, the network system 1 includes a switch group 2 including a plurality of open flow switches (hereinafter referred to as switches) SW1 to SWn, and an open flow controller (hereinafter referred to as a controller) C. Note that n is a natural number of 2 or more, and the switches SW1 to SWn are collectively referred to as switches SW without being distinguished.

  Routers R1 and R2 are connected to the switches SW1 and SW2 of the OpenFlow network system 1, respectively, and the routers R1 and R2 have a VRRP (Virtual Router Redundancy Protocol) function and are made redundant. That is, even if a failure occurs in the active router, the standby router takes over the processing, the router function is stopped, and communication is not interrupted. Further, the layer 3 node N1 is connected to the switch SWn. In the present embodiment, a configuration in which a VRRP group including routers R1 and R2 is connected to the OpenFlow network system 1 will be described as an example. However, a plurality of VRRP groups are connected to the OpenFlow network 1. It may be a configuration. Further, the number of routers constituting the VRRP group may be three or more, and the devices constituting the VRRP group may be a load balancer having a VRRP function instead of a router.

  Routers that form the same VRRP group transmit the VRRP packet illustrated in FIG. 2 to other routers that form the same VRRP group. That is, in the present embodiment, the router R1 transmits the VRRP packet to the router R2, and the router R2 transmits the VRRP packet to the router R1. However, when the working router is determined between the routers, only the working router transmits the VRRP packet to the standby router. Which router becomes the active system among the routers forming the same VRRP group is determined based on the priority included in the VRRP packet described later in detail. When the active router is determined, as described above, only the active router transmits the VRRP packet to the standby router, and the standby router receives the VRRP packet transmitted from the active router within a predetermined time. If not, it is determined that a failure has occurred in the active router, the processing of the active router in which the failure has occurred is taken over, and a VRRP packet is transmitted as the active router.

  FIG. 2 is a diagram illustrating an example of the format of a VRRP packet. As shown in FIG. 2, the VRRP version is stored in the “version” field, and “1” is stored in the “type” field when the VRRP packet is an advertisement (announcement). Stored. The VRID value is stored in the “VRID” field, and the same VRID value is stored in the “VRID” field of each router that forms the same VRRP group, in the present embodiment, the VRRP packets transmitted from the routers R1 and R2. Stored. The priority of the VRRP packet source router is stored in the “priority” field, and the router that transmits the VRRP packet having a high priority value becomes the active router.

  The “count IP (Internet Protocol) address” field stores the number of IP addresses advertised by the VRRP packet, and the “authentication type” field stores a value for specifying the authentication type. For example, “0” is stored when authentication is not performed, and “1” is stored when authentication is performed using a text password. In the “advertisement interval” field, a value for specifying an interval for transmitting a VRRP packet as an advertisement packet is stored. The other routers that have received the VRRP packet obtain the VRRP packet transmission interval from the value stored in the “advertisement interval” field. For example, the VRRP packet from the working router is displayed in the “advertisement interval” field. If it is not received within the time S defined by the following formula based on the prescribed transmission interval, the standby router determines that a failure has occurred in the active router, and the standby router determines that the active router As a router, take over the processing of the active router where the failure occurred.

(Formula 1)
Time S = (advertisement interval) × 3 + (256−priority value) / 256

  The “IP address” field stores an IP address that can be used as a virtual IP address. This virtual IP address is an IP address shared by the routers R1 and R2 forming the same VRRP group in the network.

  The active router transmits a Gratuitous ARP packet (hereinafter referred to as a GARP packet) for updating an ARP (Address Resolution Protocol) table. The “source IP address” field of the GARP packet stores a virtual IP address shared by the routers R1 and R2 forming the same VRRP group in the network, and the “source hardware address” field transmits the GARP packet. The physical MAC address of the active router is stored. The device that has received the GARP packet refers to the ARP table held by itself, and when an entry corresponding to the IP address (virtual IP address) included in the GARP packet exists, the MAC address of the entry is set to the GARP packet. Update with the MAC address stored in the "source hardware address" field. On the other hand, when an entry corresponding to the IP address (virtual IP address) included in the GARP packet does not exist in the ARP table, an entry that associates the virtual IP address of the transmission source router of the GARP packet with the physical MAC address is displayed. Added to the ARP table.

  For example, when the GARP packet transmitted from the router R1 is received by the layer 3 node N1, and an entry corresponding to the IP address (virtual IP address) included in the GARP packet exists in the ARP table held by the layer 3 node N1 The MAC address of the entry is updated with the physical MAC address of the router R1 included in the GARP packet. On the other hand, if there is no entry corresponding to the IP address (virtual IP address) included in the GARP packet in the ARP table held by the layer 3 node N1, the virtual IP address and physical MAC of the router R1 included in the GARP packet are stored. An entry associated with an address is added to the ARP table.

  As shown in FIG. 3, the switch SW includes a control unit S1 and a storage unit S2.

  The control unit S1 includes a CPU (Central Processing Unit), and by executing an operation program stored in the storage unit S2, the VRRP packet processing unit S1A, the GARP packet processing unit S1B, the flow setting unit S1C, Functions as the determination unit S1D and the flow processing unit S1E are realized.

  When receiving the VRRP packet from the router connected to the own switch, the VRRP packet processing unit S1A transfers the received VRRP packet to the controller C. When the VRRP packet processing unit 1A transfers the VRRP packet, the VRRP packet processing unit 1A specifies its own switch number SWN and the physical port number PN of the physical port to which the router of the received VRRP packet is connected. Is added. Here, the switch number SWN is a number that can uniquely identify each switch SW.

  For example, when the switch number SWN of the switch SW1 is “1” and the physical port number PN of the physical port of the switch SW1 to which the router R1 is connected is “10”, the switch SW1 receives a VRRP packet from the router R1. When received, the VRRP packet processing unit S1A of the switch SW1 adds information for specifying the switch number “1” and the physical port number “10” to the received VRRP packet and transfers the information to the controller C.

  Further, when receiving the VRRP packet transmission instruction from the controller C, the VRRP packet processing unit S1A transmits the VRRP packet transmitted together with the transmission instruction to the standby router connected to the own switch SW in accordance with the instruction. For example, when the transmission destination of the VRRP packet by the controller C is the switch SW2 and the transmission instruction of the controller C is a transmission instruction to the router R2, the VRRP packet processing unit S1A of the switch SW2 follows the instruction of the controller C. The received VRRP packet is transmitted to the router R2.

  When the GARP packet processing unit S1B receives the GARP packet transmitted from the active router connected to the own switch, the GARP packet processing unit S1B transfers the received GARP packet to the controller C. For example, when the active router is the router R1 and the switch SW1 receives the GARP packet from the router R1, the GARP packet processing unit S1B of the switch SW1 transfers the received GARP packet to the controller C.

  Further, when receiving the GARP packet transferred from the controller C, the GARP packet processing unit S1B transmits the received GARP packet according to the transmission instruction of the controller C. For example, when the transfer destination of the GARP packet by the controller C is the switch SWn, and the transmission instruction of the controller C is transmission to the layer 3 node N1, the GARP processing unit S1B of the switch SWn transmits the received GARP packet. Transmit to layer 3 node N1.

  The flow setting unit S1C sets the flow acquired from the controller C in the flow table T1 stored in the table storage unit S2A.

  When the determination unit S1D receives a packet transmitted from a node connected to its own switch SW, the determination unit S1D searches the “rule” column of the flow table T1 to determine whether there is a rule that matches the header information of the received packet. Determine.

  When the determination unit S1D determines that the rule that matches the header information of the received packet exists in the flow table T1, the flow processing unit S1E executes the action specified by the action information corresponding to the rule. . On the other hand, the flow processing unit S1E transmits a flow setting request to the controller C when the determination unit S1D determines that there is no rule in the flow table T1 that matches the header information of the received packet. The flow setting request includes packet header information, and information for specifying the switch number SWN of the own switch and the physical port number PN of the physical port to which the packet transmission source node is connected.

  For example, when the rule that matches the header information of the packet addressed to the virtual IP address shared by the router R1 and the router R2 that form the VRRP group from the layer 3 node N1 does not exist in the flow table T1 held by the switch SWn, The flow processing unit S1E of the switch SWn includes a flow setting including packet header information, and information for specifying the switch number n of the own switch and the physical port number 30 of the physical port to which the layer 3 node N1 is connected. Send the request to controller C. The controller C that has received the flow setting request calculates a route from the switch SWn to the active router based on the flow setting request, generates a flow in each switch SW installed on the calculated route, The generated flow is set for each switch SW installed above. Then, each switch SW installed on the calculated route processes the received packet according to the set flow, thereby sharing the virtual shared by the router R1 and the router R2 that form the VRRP group from the layer 3 node N1. A packet addressed to the IP address is delivered to the active router.

  FIG. 4 is a diagram illustrating an example of the flow table T1 held by each switch SW. In the flow table T1, as shown in FIG. 4, rules and action information are associated with each other. In the present embodiment, the rule defines a combination including a transmission source MAC address, a destination IP address, and a destination MAC address. For example, the destination of the received packet is defined in the action information associated with the rule. Each switch SW holds such a flow table T1, and when there is a rule that matches the header information of the received packet, the switch SW executes the action specified by the action information corresponding to the rule. Is possible.

  For example, a rule that matches the header information of the packet addressed to the virtual IP address shared by the router R1 and the router R2 that form the VRRP group from the layer 3 node N1 exists in the flow table T1 held by the switch SWn. When the action specified by the corresponding action information is transmission of the received packet to the switch SW5, the flow processing unit S1E of the switch SWn transmits the received packet to the switch SW5.

  The storage unit S2 includes a ROM (Read Only Memory), a RAM (Random Access Memory), and the like. The storage unit S2 functions as a table storage unit S2A, and a CPU (Central Processing Unit) working area included in the control unit S1 is executed by the CPU. It functions as a program area for storing operation programs to be executed, a data area for storing various data, and the like.

  The table storage unit S2A stores a flow table T1. As described above, the flow table T1 is set by the flow setting unit S1C. More specifically, when a flow is received from the controller C, the flow setting unit S1C sets the received flow in the flow table T1. At this time, if a flow including a rule that matches the rule included in the flow exists in the flow table T1, the flow is overwritten with the received flow, and a flow including the matching rule does not exist in the flow table T1 Is added to the flow table T1.

  As shown in FIG. 5, the controller C includes a control unit C1 and a storage unit C2. The controller C controls each switch SW in the open flow network 1 by open flow technology, and performs path control in an integrated manner. The open flow technology is a technology in which the controller C performs route control and node control in an integrated manner by setting multi-layer and flow unit route information (flow) in each switch SW according to the routing policy. That is.

  The control unit C1 includes a CPU and executes an operation program stored in the storage unit C2, thereby executing a transmission source determination unit C1A, a timer C1B, a determination unit C1C, a VRRP packet processing unit C1D, and a GARP packet. The functions of the processing unit C1E, the route calculation unit C1F, and the flow setting unit C1G are realized, and the control processing of each functional unit, VRRP packet transfer processing described later, and the like are executed.

  In addition, when it is determined that the VRRP packet received by the transmission source determination unit C1A is a VRRP packet transmitted from the active router, the control unit C1 adds additional information (switch number) added to the VRRP packet. Based on the SWN and the physical port number PN), the setting time Si corresponding to the router that is the transmission source of the VRRP packet is acquired from the setting time table T2 stored in the table storage unit C2A described later, and the acquired setting time Si is acquired. Is set in the timer C1B. If the next VRRP packet cannot be received from the working router before the timer C1B times out, the flag in the “working” column of the connection information table T3 stored in the table storage unit C2A is switched. For example, when the router R1 is the active system and the router R2 is the standby system and the VRRP packet from the router R1 cannot be received within the set time Si, the flag in the “active system” column of the connection information table T3 is set as follows: The router R1 (master router in FIG. 7) is switched to the router R2 (slave router in FIG. 7).

  FIG. 6 is a diagram illustrating an example of the set time table T2. In the set time table T2, as shown in FIG. 6, the switch number SWN and the set time Si are associated with each other. As each set time Si, the time calculated by the above-described equation 1 is set. Thereby, the control unit C1 can acquire the set time Si corresponding to the switch number SWN that matches the switch number SWN included in the additional information added to the received VRRP packet from the set time table T2. . Then, by setting the acquired set time Si in the timer C1B, the controller C assumes that an abnormality has occurred in the active router when the next VRRP packet cannot be received from the active router within the set time Si. It becomes possible to judge. Furthermore, since the time calculated by the above-described equation 1 is set as the setting time Si, the standby router that forms the same VRRP group has the same timing as that of determining that an abnormality has occurred in the active router. The controller C can determine that an abnormality has occurred in the working router, and can appropriately transfer the VRRP packet transmitted from the router that newly becomes the working router to the standby router.

  Returning to FIG. 5, when the controller C receives the VRRP packet, the transmission source determination unit C1A determines whether the received VRRP packet is a VRRP packet transmitted from the active router. Specifically, the transmission source determination unit C1A searches a “switch number” column and a “port number” column in the connection information table T3 stored in the table storage unit C2A described later, and adds the column to the received VRRP packet. The router in which the switch number SWN of the switch SW that has transferred the VRRP packet to the controller C matches the physical port number PN of the physical port to which the source router of the VRRP packet is connected is specified. Then, the transmission source determination unit C1A determines whether or not the received VRRP packet is a VRRP packet transmitted from the active router depending on whether or not a flag exists in the “active” column of the identified router. .

  FIG. 7 is a diagram illustrating an example of the connection information table T3 stored in the table storage unit C2A. As shown in FIG. 7, in the connection information table T3, a master router and a slave router that form a VRRP group are associated with nodes that communicate with the router that forms the VRRP group. The switch number SWN of the switch SW to be associated is associated with the port number PN. Each router forming the VRRP group is provided with a “working system” field, and a flag is set in the “working system” field (1 is stored), which router is the working system router. It is possible to determine whether or not. In the initial state, 1 is stored in the “working system” column of the master router, and when the next VRRP packet from the working system router cannot be received within the set time Si, the control unit C1 1 is stored in the “active system” column of the router, and 1 in the “active system” column of the master router is deleted.

  As the master router, the router having the highest priority setting value is selected from the routers forming the VRRP group. In the present embodiment, it is assumed that the router R1 is a master router and the router R2 is a slave router.

  Returning to FIG. 5, the timer C1B is a timer for determining whether or not an abnormality has occurred in the active router, and as described above, the VRRP packet received by the transmission source determination unit C1A is transmitted from the active router. If it is determined that the packet is a VRRP packet, the set time Si acquired from the set time table T2 by the control unit C1 is set and started.

  The determination unit C1C determines whether or not a VRRP packet has been received, and determines whether or not the timer C1B has timed out. When the determination unit C1C determines that the timer C1B has timed out before the next VRRP packet is received from the active router, the control unit C1 has an abnormality in the active router as described above. And the flag in the “active system” column of the connection information table T3 is switched.

  The VRRP packet processing unit C1D transfers the VRRP packet determined to be the VRRP packet transmitted from the active router by the transmission source determination unit C1A to the standby router that forms the same VRRP group. Specifically, the VRRP packet processing unit C1D refers to the connection information table T3 stored in the table storage unit C2A and acquires the switch number SWN of the switch SW to which the standby router of the same VRRP group is connected. To do. Then, the VRRP packet processing unit C1D transmits a command for instructing the switch SW having the acquired switch number SWN to transmit the VRRP packet to the standby router connected to the switch SW together with the received VRRP packet. To do.

  Further, the VRRP packet processing unit C1D discards the VRRP packet that is determined not to be the VRRP packet transmitted from the active router by the transmission source determination unit C1A.

  The GARP packet processing unit C1E acquires a transmission source MAC address included in the received GARP packet. Then, the GARP packet processing unit C1E acquires the switch number SWN of the switch SW to which the active router as the transmission source of the GARP packet is connected from the connection information table T3, and acquires the acquired transmission source MAC address and switch number SWN. Are stored in the address table T4. At this time, for example, when the MAC addresses of other routers forming the same VRRP group are stored, overwriting is performed.

  Further, the GARP packet processing unit C1E transfers the received GARP packet to each node that communicates with the transmission source router of the GARP packet. Specifically, referring to the connection information table T3, the switch SW to which the transfer target node is connected is identified, and a command for instructing the identified switch SW to transmit the GARP packet to the node together with the GARP packet. Send.

  FIG. 8 is a diagram illustrating an example of the address table T4 stored in the table storage unit C2A. In the address table T4, as shown in FIG. 8, the VRRP group ID (for example, VRID), the switch number SWN of the switch SW to which the active router is connected, and the physical MAC address of the active router are associated with each other. It has been. For example, when the router R1 is the active router and the physical MAC address of the router R1 is A1, the GARP packet processing unit C1E causes the physical MAC of the router R1 included in the GARP packet from the router R1 that is the active router. The address A1 is acquired, and the switch number 1 of the switch SW1 to which the router R1 is connected is acquired from the connection information table T3. Then, the GARP packet processing unit C1E associates the acquired physical MAC address A1 of the router R1 with the switch number 1 of the switch SW1 to which the router R1 is connected, and sets the VRRP group ID to which the router R1 of the address table T4 belongs. Store in the corresponding field.

  Returning to FIG. 5, for example, when receiving the flow setting request from the switch SWn, the route calculation unit C1F searches the “MAC address” column of the address table T4 and transmits the header information of the packet included in the flow setting request. The switch number SWN corresponding to the MAC address that matches the destination MAC address is specified. Then, the path calculation unit C1F refers to the topology information table T5 stored in the table storage unit C2A, and the packet connected to the switch SW having the identified switch number SWN from the switch SWn that transmitted the flow setting request. The route to the active router that is the transmission destination of is calculated.

  FIG. 9 is a diagram illustrating an example of the topology information table T5 stored in the table storage unit C2A. In the topology information table T5, as shown in FIG. 9, each switch SW and port connection destination information of the switch SW are stored in association with each other. The port connection destination information includes information for specifying the type of connection destination (for example, switch, node, etc.) for each port, and identification information for specifying the connection destination (for example, the connection destination is a switch SW). For example, the switch number SWN) of the switch SW is included.

  Returning to FIG. 5, the flow setting unit C1G generates a flow for each switch SW on the route based on the route calculated by the route calculation unit C1F and the header information of the packet included in the flow setting request, The generated flow is transmitted to each switch SW on the route. Then, the flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  For example, when the transmission destination MAC address of the header information of the packet included in the flow setting request is the MAC address of the router R1, and the switch SW that is the transmission source of the flow setting request is the switch SWn, the path calculation unit C1F A route from the switch SWn to the router R1 connected to the switch SW1 is calculated. For example, when the route calculated by the route calculation unit C1F is switch SWn> switch SW5> switch SW3> switch SW1> router R1, the flow setting unit C1G includes the switch SWn, the switch SW5, and the switch SW3. , And generate a flow for the switch SW1. For example, the action information included in the flow for the switch SW5 stores a packet transfer instruction to the switch SW3, and the rules include the MAC address and virtual IP address of the router R1, the MAC address of the packet source node, The combination including is stored. For example, the action information included in the flow for the switch SW1 stores a packet transfer instruction to the router R1, and the rule stores the same rule as the flow rule for the switch SW5. Thus, when a packet is transmitted from the same node to a virtual IP address shared by the router R1 and the router R2, the switch SWn does not transmit the flow setting request to the controller C again, and the switch SWn on the route The switch SW5, the switch SW3, and the switch SW1 can deliver the packet to the active router R1 according to the set flow.

  The storage unit C2 includes a ROM, a RAM, and the like. The storage unit C2 functions as a table storage unit C2A, and has a CPU (Central Processing Unit) working area included in the control unit C1, a program area for storing operation programs executed by the CPU, and various types. It functions as a data area for storing data.

  As described above, the table storage unit C2A stores the set time table T2, the connection information table T3, the address table T4, and the topology information table T5.

  Next, with reference to FIG. 10, the flow of the VRRP packet transfer process in the present embodiment executed by the controller C will be described. This VRRP packet transfer process is executed for each VRRP group connected to the OpenFlow network system 1. Since the VRRP packet transfer process in each VRRP group is the same process, the VRRP packet transfer process will be described below using the VRRP group formed by the router R1 and the router R2 as an example.

  The determination unit C1C determines whether or not the controller C has received the VRRP packet (step S101). If it is determined that the VRRP packet has not been received (step S101; NO), the process of step S101 is repeated until the VRRP packet is received.

  On the other hand, when it is determined that the VRRP packet has been received (step S101; YES), the transmission source determination unit C1A determines that the received VRRP packet is a VRRP packet from the active router (router R1 in this embodiment). It is determined whether or not (step S102). When it is determined that the received VRRP packet is a VRRP packet from the standby router (router R2 in this embodiment) (step S102; NO), the VRRP packet processing unit C1D receives the received VRRP packet. Discard (step S103), the process returns to the process of step S101, and the above-described process is repeated.

  On the other hand, when it is determined that the received VRRP packet is a VRRP packet from the active router (in this embodiment, the router R1) (step S102; YES), the control unit C1 adds the received VRRP packet to the received VRRP packet. Based on the added additional information (switch number SWN and physical port number PN), the set time Si corresponding to the active router that transmitted the VRRP packet is acquired from the set time table T2, and the acquired set time Si is obtained. The timer C1B is set, and the timer C1B is started (step S104).

  Then, the VRRP packet processing unit C1D transfers the received VRRP packet to the standby router (in this embodiment, the router R2) that forms the same VRRP group (step S105).

  Then, the determination unit C1C determines again whether or not the controller C has received the VRRP packet (step S106). If it is determined that the VRRP packet has not been received (step S106; NO), the process proceeds to the process of step S109.

  On the other hand, when it is determined that the VRRP packet has been received (step S106; YES), the transmission source determination unit C1A determines that the received VRRP packet is a VRRP packet from the active router (router R1 in this embodiment). It is determined whether or not (step S107). If it is determined that the received VRRP packet is a VRRP packet from the active router (router R1 in this embodiment) (step S107; YES), the process returns to the process of step S104, and the above-described process repeat.

  On the other hand, when it is determined that the received VRRP packet is a VRRP packet from the standby router (router R2 in this embodiment) (step S107; NO), the VRRP packet processing unit C1D receives the received VRRP packet. The packet is discarded (step S108).

  Then, the determination unit C1C determines whether or not the timer C1B has timed out (step S109). If it is determined that the timer C1B has not timed out (step S109; NO), the process returns to the process of step S106, and the above-described process is repeated.

  On the other hand, when it is determined that the timer C1B has timed out (step S109; YES), the control unit C1 switches the flag in the “active system” column of the connection information table T3 stored in the table storage unit C2A ( Step S110). And a process returns to the process of step S101 and repeats the above-mentioned process.

  Next, with reference to FIGS. 6 to 8 and FIG. 11, the processing flow of the entire system in a normal state will be described by taking the system shown in FIG. 1 as an example. FIG. 11 is a diagram for explaining the processing flow of the entire system shown in FIG. Note that the switch SWk in the figure is a switch SW obtained by removing the switch SWn and the switch SW1 (or the switch SW2) from the switch SW on the path from the switch SWn to the active router calculated by the path calculation unit C1F. Represent.

  Router R1 and router R2 forming the same VRRP group transmit VRRP packets to other routers in order to determine the working router. The VRRP packet transmitted by the router R2 is received by the switch SW2 to which the router R2 is connected. When receiving the VRRP packet from the router R2, the VRRP packet processing unit S1A of the switch SW2 sets its own switch number 2 to the received VRRP packet and the physical port number 20 of the physical port to which the router R2 is connected. Information for identification is added and transferred to the controller C.

  In the present embodiment, in the initial state of the connection information table T3 stored in the table storage unit C2A of the controller C, as described above, a flag is set in the “active system” column corresponding to the router R1 that is the master router. Yes. That is, in the initial state, the controller C recognizes the router R1 that is the master router as an active router. Therefore, even if the controller C receives the VRRP packet from the router R2, the transmission source determination unit C1A of the controller C determines that the received VRRP packet is not a VRRP packet from the active router, and the VRRP packet processing unit C1D Discards the received VRRP packet. The determination as to which router is the VRRP packet is made based on the additional information (switch number SWN and physical port number PN) added to the VRRP packet, as described above.

  On the other hand, the VRRP packet transmitted by the router R1 is received by the switch SW1 to which the router R1 is connected. When receiving the VRRP packet from the router R1, the VRRP packet processing unit S1A of the switch SW1 sets its own switch number 1 to the received VRRP packet and the physical port number 10 of the physical port to which the router R1 is connected. Information for identification is added and transferred to the controller C.

  As described above, since the controller C recognizes the router R1 as the active router in the initial state as described above, when the VRRP packet is received from the router R1, the transmission source determination unit C1A of the controller C receives the received VRRP packet. Is determined to be a VRRP packet from the active router. Then, the controller C1 of the controller C acquires the set time Si from the VRRP packet set time table T2, sets it in the timer C1B, and starts the timer C1B. Then, the VRRP packet processing unit C1D of the controller C transfers the received VRRP packet to the switch SW2 in order to reach the router R2.

  When receiving the VRRP packet, the VRRP packet processing unit S1A of the switch SW2 transfers the received VRRP packet to the router R2 in accordance with an instruction from the controller C. The router R2 that has received the VRRP packet from the router R1 determines that the router R1 is the active router based on the priority included in the VRRP packet, and then interrupts the transmission of the VRRP packet.

  Since the VRRP packet from the router R2 does not arrive, the router R1 determines that its own device is the active system, and periodically transmits the VRRP packet and transmits a GARP packet for updating the ARP table. When the switch SW1 receives the GARP packet from the router R1, the GARP processing unit S1B of the switch SW1 transfers the received GARP packet to the controller C.

  When the controller C receives the GARP packet, the GARP processing unit C1E of the controller C acquires the transmission source MAC address A1 from the received GARP packet, and is connected to the router R1 that is the transmission source of the GARP packet from the connection information table T3. The switch number 1 of the current switch SW1 is acquired. Then, the GARP processing unit C1E of the controller C associates the acquired transmission source MAC address A1 with the switch number 1, stores it in the address table T4, and transfers the received GARP packet to the layer 3 node N1. To the switch SWn.

  When receiving the GARP packet transferred from the controller C, the GARP packet processing unit S1B of the switch SWn transfers the received GARP packet to the layer 3 node N1 in accordance with an instruction from the controller C.

  When receiving the GARP packet, the layer 3 node N1 updates or adds the held ARP table.

  When the layer 3 node N1 transmits a packet addressed to the virtual IP address shared by the router R1 and the router R2 that form the VRRP group, the layer 3 node N1 generates a packet addressed to the virtual IP address by referring to the ARP table. Send the packet.

  When the determination unit S1D of the switch SWn receives a packet from the layer 3 node N1, the determination unit S1D searches the “rule” column of the flow table T1 to determine whether there is a rule that matches the header information of the received packet. To do. Assuming that the received packet is a so-called first packet addressed from the layer 3 node N1 to the active router R1, there is no rule in the flow table T1 that matches the header information of the received packet. It is determined that there is no rule in the flow table T1 that matches the header information of the received packet.

  Therefore, the flow processing unit S1E of the switch SWn transmits a flow setting request to the controller C.

  When the controller C receives the flow setting request from the switch SWn, the path calculation unit C1F of the controller C searches the “MAC address” column of the address table T4 and transmits the header information of the packet included in the flow setting request. The switch number 1 corresponding to the MAC address that matches the destination MAC address A1 is specified. Then, the path calculation unit C1F refers to the topology information table T5 and connects the path (switch SWn) from the switch SWn to the active router R1 that is the transmission destination of the packet connected to the switch SW1 with the identified switch number 1. > Switch SWk> Switch SW1> Router R1)

  Then, the flow setting unit C1G of the controller C performs the flow for the switch SWn, the switch SWk, and the switch SW1 on the route based on the route calculated by the route calculation unit C1F and the header information of the packet included in the flow setting request. Are generated, and the generated flow is transmitted to the switch SWn, the switch SWk, and the switch SW1 on the path.

  The flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  The switch SWn, the switch SWk, and the switch SW1 sequentially transfer packets from the layer 3 node N1 according to the set flow, and are delivered to the active router R1. Once the flow is set, packets transmitted from the layer 3 node N1 to the virtual IP address shared by the router 1 and the router 2 are transferred by the switch SWn, the switch SWk, and the switch SW1 according to the set flow. It is processed and delivered to the active router R1.

  Next, with reference to FIGS. 6, 7 and 12, an example of the system shown in FIG. 1 will be described to explain the flow of processing of the entire system when a failure occurs. FIG. 12 is a diagram for explaining the processing flow of the entire system shown in FIG. 1 when a failure occurs. Note that the switch SWk in the figure is a switch SW obtained by removing the switch SWn and the switch SW1 (or the switch SW2) from the switch SW on the path from the switch SWn to the active router calculated by the path calculation unit C1F. Represent.

  Router R1 and router R2 forming the same VRRP group transmit VRRP packets to other routers in order to determine the working router. The VRRP packet transmitted by the router R2 is received by the switch SW2 to which the router R2 is connected. When receiving the VRRP packet from the router R2, the VRRP packet processing unit S1A of the switch SW2 adds the switch number 2 of the own device to the received VRRP packet and the physical port number 20 of the physical port to which the router R2 is connected. Information for identifying each is added and transferred to the controller C.

  In the present embodiment, in the initial state of the connection information table T3 stored in the table storage unit C2A of the controller C, as described above, a flag is set in the “active system” column corresponding to the router R1 that is the master router. Yes. That is, in the initial state, the controller C recognizes the router R1 that is the master router as an active router. Therefore, even if the controller C receives the VRRP packet from the router R2, the transmission source determination unit C1A of the controller C determines that the received VRRP packet is not a VRRP packet from the active router, and the VRRP packet processing unit C1D Discards the received VRRP packet. The determination as to which router is the VRRP packet is made based on the additional information (switch number SWN and physical port number PN) added to the VRRP packet, as described above.

  On the other hand, the VRRP packet transmitted by the router R1 is received by the switch SW1 to which the router R1 is connected. When receiving the VRRP packet from the router R1, the VRRP packet processing unit S1A of the switch SW1 sets its own switch number 1 to the received VRRP packet and the physical port number 10 of the physical port to which the router R1 is connected. Information for identifying each is added and transferred to the controller C.

  As described above, since the controller C recognizes the router R1 as the active router in the initial state as described above, when the VRRP packet is received from the router R1, the transmission source determination unit C1A of the controller C receives the received VRRP packet. Is determined to be a VRRP packet from the active router. Then, the controller C1 of the controller C acquires the set time Si from the VRRP packet set time table T2, sets it in the timer C1B, and starts the timer C1B. Then, the VRRP packet processing unit C1D of the controller C transfers the received VRRP packet to the switch SW2 in order to reach the router R2.

  When receiving the VRRP packet, the VRRP packet processing unit S1A of the switch SW2 transfers the received VRRP packet to the router R2 in accordance with an instruction from the controller C. The router R2 that has received the VRRP packet from the router R1 determines that the router R1 is the active router based on the priority included in the VRRP packet, and then interrupts the transmission of the VRRP packet.

  Here, when a failure occurs in the router R1, the router R2 cannot receive the VRRP packet from the active router R1 within the set time, so the router R2 determines that a failure has occurred in the active router R1. Taking over the processing of the router R1, the VRRP packet is periodically transmitted as the active router.

  Since the next VRRP packet from the working router R1 cannot be received before the timer C1B times out, the control unit C1 of the controller C switches the flag in the “working” column of the connection information table T3. That is, the flag in the “active system” column of the connection information table T3 is switched from the router R1 to the router R2.

  The VRRP packet transmitted by the router R2 that is the active router is received by the switch SW2 to which the router R2 is connected. When receiving the VRRP packet from the router R2, the VRRP packet processing unit S1A of the switch SW2 adds the switch number 2 of the own device to the received VRRP packet and the physical port number 20 of the physical port to which the router R2 is connected. Information for identifying each is added and transferred to the controller C.

  The transmission source determination unit C1A of the controller C determines that the received VRRP packet from the router R2 is a VRRP packet from the active router. Then, the control unit C1 of the controller C acquires the set time Si from the set time table T2, sets it in the timer C1B, and starts the timer C1B. Then, the VRRP packet processing unit C1D of the controller C transfers the received VRRP packet to the switch SW1 in order to reach the router R1.

  When receiving the VRRP packet, the VRRP packet processing unit S1A of the switch SW1 transfers the received VRRP packet to the router R1 in accordance with an instruction from the controller C.

  Since the VRRP packet from the router R1 does not reach, the router R2 that has determined that the own device is the active system transmits a GARP packet for updating the ARP table. When the switch SW2 receives the GARP packet from the router R2, the GARP processing unit S1B of the switch SW2 transfers the received GARP packet to the controller C.

  When the controller C receives the GARP packet, the GARP processing unit C1E of the controller C acquires the transmission source MAC address (A2) from the received GARP packet, and from the connection information table T3, the GARP packet transmission source router The switch number 2 of the switch SW2 to which R2 is connected is acquired. Then, the GARP processing unit C1E of the controller C associates the acquired transmission source MAC address A2 with the switch number 2 and stores them in the address table T4 and forwards the received GARP packet to the layer 3 node N1. To the switch SWn.

  When receiving the GARP packet transferred from the controller C, the GARP packet processing unit S1B of the switch SWn transfers the received GARP packet to the layer 3 node N1 in accordance with an instruction from the controller C.

  When receiving the GARP packet, the layer 3 node N1 updates or adds the held ARP table.

  When the layer 3 node N1 transmits a packet addressed to the virtual IP address shared by the router 1 and the router 2, the layer 3 node N1 refers to the ARP table, generates a packet addressed to the virtual IP address, and transmits the generated packet. .

  When the determination unit S1D of the switch SWn receives a packet from the layer 3 node N1, the determination unit S1D searches the “rule” column of the flow table T1 to determine whether there is a rule that matches the header information of the received packet. To do. Assuming that the received packet is a so-called first packet addressed from the layer 3 node N1 to the active router R2, there is no rule in the flow table T1 that matches the header information of the received packet. It is determined that there is no rule in the flow table T1 that matches the header information of the received packet.

  Therefore, the flow processing unit S1E of the switch SWn transmits a flow setting request to the controller C.

  When the controller C receives the flow setting request from the switch SWn, the path calculation unit C1F of the controller C searches the “MAC address” column of the address table T4 and transmits the header information of the packet included in the flow setting request. The switch number 2 corresponding to the MAC address that matches the destination MAC address A2 is specified. Then, the path calculation unit C1F refers to the topology information table T5, and the path (switch SWn) from the switch SWn to the active router R2 that is the transmission destination of the packet connected to the switch SW2 with the identified switch number 2 > Switch SWk> Switch SW2> Router R2)

  Then, the flow setting unit C1G of the controller C performs the flow for the switch SWn, the switch SWk, and the switch SW2 on the route based on the route calculated by the route calculation unit C1F and the header information of the packet included in the flow setting request. Are generated, and the generated flow is transmitted to the switch SWn, the switch SWk, and the switch SW2 on the path.

  The flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  The switch SWn, the switch SWk, and the switch SW2 sequentially transfer the packets from the layer 3 node N1 according to the set flow, and are delivered to the active router R2. Once a flow is set, packets sent from the layer 3 node N1 to the virtual IP address shared by the router 1 and the router 2 are transferred by the switch SWn, the switch SWk, and the switch SW2 according to the set flow. After being processed, it is delivered to the router R2 that has become the new active system.

  According to the first embodiment, when a switch SW to which a device having a VRRP function is connected receives a VRRP packet from the device, the physical port to which the switch number SWN and the device are connected to the received VRRP packet. Port number PN was added and transferred to controller C. When the transferred VRRP packet is received, the transmission source determination unit C1A of the controller C refers to the connection information table T3 and determines whether or not the VRRP packet is a VRRP packet transmitted from the active system. When it is determined that the VRRP packet is not a VRRP packet transmitted from the active system, the VRRP packet processing unit C1D discards the VRRP packet. On the other hand, when it is determined that the VRRP packet is a VRRP packet transmitted from the active system, the VRRP packet is transferred to a standby apparatus that forms the same VRRP group. By doing so, it is possible to perform life and death monitoring performed between devices forming the VRRP group connected to the OpenFlow network 1 under the control of the controller C.

  Further, as the set time Si in the set time table T2, the set time used for determining that the standby device has failed in the active device is set. When the transmission source determination unit C1A determines that the VRRP packet is a VRRP packet transmitted from the active system, the control unit C1 sets the set time Si acquired from the set time table T2 in the timer C1B. The timer C1B is started. If the next VRRP packet from the active system cannot be received before the timer C1B times out, the control unit C1 switches the flag in the “active system” column of the connection information table T3. By doing so, the controller C can accurately grasp which device forming the VRRP group is the active system.

  When the switch SW to which the active device is connected receives the GARP packet from the device, the switch SW transfers the received GARP packet to the controller C. When the transferred GARP packet is received, the GARP packet processing unit C1E of the controller C acquires the transmission source MAC address from the received GARP packet, and from the connection information table T3, the working router of the transmission source of the GARP packet The switch number SWN of the switch SW connected to is obtained. Then, the acquired transmission source MAC address and the switch number SWN are associated with each other and stored in the address table T4. By doing so, it is possible to set a flow so that a packet transmitted to a virtual IP address shared by devices forming the VRRP group can be delivered to the active device.

  This makes it possible to connect the VRRP group to the OpenFlow network while maintaining the redundant configuration. In other words, life and death monitoring performed between devices forming the VRRP group can be executed under the control of the controller C, and the VRRP group is connected to the OpenFlow network while maintaining a redundant path. It becomes possible to do.

(Embodiment 2)
In the first embodiment, the switch SW that has received the VRRP packet is configured to transfer the received VRRP packet to the controller C. In the present embodiment, the switch SW that has received the VRRP packet transmits a flow setting request to the controller C instead of transferring the received VRRP packet to the controller C.

  The basic configuration of the OpenFlow network 1 in the present embodiment is the same as that in the first embodiment. However, the functions performed by the VRRP packet processing unit S1A, the determination unit S1D, and the flow processing unit S1E of the switch SW are slightly different from those in the first embodiment. Further, as shown in FIG. 13, the control unit C1 of the controller C does not include the transmission source determination unit C1A, the timer C1B, the determination unit C1C, and the VRRP packet processing unit C1D, and the table storage unit C2A. However, it differs from the first embodiment in that the set time table T2 is not provided. Further, the functions performed by the path calculation unit C1F of the controller C and the flow setting unit C1G are slightly different from those in the first embodiment.

  The VRRP packet processing unit S1A of the switch SW refers to the flow table T1 when the determination unit S1D determines that the rule regarding the VRRP packet from the router connected to the switch exists in the flow table T1. The VRRP packet from the router connected to the own switch is transferred according to the action specified by the action information corresponding to the rule. At that time, information for specifying the switch number SWN of the own switch and the port number PN of the physical port to which the router for sending the VRRP packet is connected is added. For example, the switch SW1 receives the VRRP packet from the router R1, and the determination unit S1D determines that the rule regarding the VRRP packet from the router R1 exists in the flow table T1, and is specified by the action information corresponding to the rule. When the action to be performed is “transfer to switch SW2”, the VRRP packet processing unit S1A of the switch SW1 adds information for specifying the switch number 1 and the port number 10 to the received VRRP packet, and the switch SW2 Forward to.

  On the other hand, when the determination unit S1D determines that the rule regarding the VRRP packet from the router connected to the switch does not exist in the flow table T1, the VRRP packet processing unit S1A sends a flow setting request to the controller C. Send. The flow setting request includes the packet type: VRRP packet, the switch number SWN of the own switch, and the physical port number PN of the physical port to which the router that has transmitted the received VRRP packet is connected.

  For example, the switch number SWN of the switch SW1 is “1”, the physical port number PN of the physical port of the switch SW1 to which the router R1 is connected is “10”, and the switch SW1 receives the VRRP packet from the router R1 and determines When the part S1D determines that the rule regarding the VRRP packet from the router R1 does not exist in the flow table T1, the VRRP packet processing part S1A of the switch SW1 determines the packet type: VRRP packet and the switch number “1”. And a flow setting request including the physical port number “10” is transmitted to the controller C.

  When the VRRP packet processing unit S1A receives the VRRP packet transferred from another switch SW, the VRRP packet processing unit S1A searches the “rule” column of the flow table T1 and adds the VRRP packet source router added to the VRRP packet. The rule is specified based on the combination of the switch number SWN of the switch SW connected to the port number PN of the physical port and the packet type: VRRP packet. Then, the VRRP packet processing unit S1A transfers the received VRRP packet according to the action specified by the action information corresponding to the specified rule.

  When the determination unit S1D receives a packet transmitted from a node connected to its own switch SW, the determination unit S1D searches the “rule” column of the flow table T1, and a rule that matches the header information of the received packet exists in the flow table T1. It is determined whether or not to do. Further, when receiving the VRRP packet from the router connected to the own switch, the determination unit S1D searches the “rule” column of the flow table T1, and determines the rule regarding the VRRP packet from the router connected to the own switch. Is present in the flow table T1.

  When the flow processing unit S1E receives a packet transmitted from a node connected to its own switch SW, and the determination unit S1D determines that a rule matching the header information of the received packet exists in the flow table T1, The action specified by the action information corresponding to the rule is executed. On the other hand, the flow processing unit S1E transmits a flow setting request to the controller C when the determination unit S1D determines that there is no rule in the flow table T1 that matches the header information of the received packet. The flow setting request includes information for specifying the packet type, the packet header information, the switch number SWN of the own switch, and the physical port number PN of the physical port to which the packet source node is connected. included.

  The control unit C1 of the controller C includes a CPU and executes an operation program stored in the storage unit C2, thereby performing a GARP packet processing unit C1E, a route calculation unit C1F, and a flow setting as shown in FIG. The function as the unit C1G is realized and processing such as control processing and flow setting processing of each functional unit is executed.

  For example, the path calculation unit C1F receives a flow setting request from the switch SWn, and if the packet type included in the flow setting request is a normal packet, the path calculation unit C1F searches the “MAC address” column of the address table T4. The switch number SWN corresponding to the MAC address that matches the destination MAC address in the header information of the packet included in the flow setting request is specified. Then, the path calculation unit C1F refers to the topology information table T5 stored in the table storage unit C2A, and the packet connected to the switch SW having the identified switch number SWN from the switch SWn that transmitted the flow setting request. The route to the active router that is the transmission destination of is calculated.

  For example, when the flow setting request is received from the switch SW1 and the packet type included in the flow setting request is a VRRP packet, the path calculation unit C1F refers to the connection information table T3 and sets the flow setting. Based on the switch number 1 and the port number 10 included in the request, the router R1 that transmitted the VRRP packet to the switch SW1 that transmitted the flow setting request is specified. Then, the route calculation unit C1F specifies the switch SW2 to which the router R2 that forms the same VRRP group as the specified router R1 is connected. Then, the route calculation unit C1F refers to the topology information table T5 stored in the table storage unit C2A, and transmits the VRRP packet that is connected to the identified switch SW2 from the switch SW1 that transmitted the flow setting request. The route to the router R2 forming the same VRRP group as the other router is calculated.

  FIG. 14 is a diagram illustrating an example of the connection information table T3 stored in the table storage unit C2A. In the connection information table T3, as shown in FIG. 14, each router that forms a VRRP group is associated with a node that communicates with the router that forms the VRRP group. Switch number SWN and port number PN are associated with each other.

  Returning to FIG. 13, when the type of the packet included in the flow setting request is a normal packet, the flow setting unit C1G and the header of the packet included in the flow setting request are calculated by the route calculating unit C1F. Based on the information, a flow for each switch SW on the route is generated, and the generated flow is transmitted to each switch SW on the route. Then, the flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  In addition, when the packet type included in the flow setting request is a VRRP packet, the flow setting unit C1G switches each switch on the route based on the route calculated by the route calculation unit C1F and the packet type. A flow for each SW is generated, and the generated flow is transmitted to each switch SW on the route. Then, the flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A. The rule included in the flow generated by the flow setting unit C1G when the packet type included in the flow setting request is a VRRP packet includes, for example, the packet type: VRRP packet and the source router of the VRRP packet. Information to be identified (for example, a combination of the switch number SWN of the switch SW to which the transmission source router is connected and the port number PN of the physical port to which the transmission source router is connected) is stored.

  For example, when the packet type included in the flow setting request is a VRRP packet and the switch SW that is the transmission source of the flow setting request is the switch SW1, the route calculation unit C1F connects the switch SW1 to the switch SW2. The route to the existing router R2 is calculated. In this case, the route calculated by the route calculation unit C1F is switch SW1> switch SW2> router R2. The flow setting unit C1G generates a flow for each of the switch SW1 and the switch SW2. For example, the action information included in the flow for the switch SW1 stores a VRRP packet transfer instruction to the switch SW2, and the rule includes the packet type: VRRP packet, the switch number 1 of the switch SW1, and the source of the VRRP packet. A pair with the port number 10 of the physical port to which the router R1 is connected is stored. Further, for example, the action information included in the flow for the switch SW2 stores a VRRP packet transfer instruction to the router R2, and the rule stores the same rule as the flow rule for the switch SW1. Thereby, when the next VRRP packet is transmitted from the router R1, the switch SW1 transmits the VRRP packet to the router R2 according to the flow set in the flow table T3 without transmitting a flow setting request to the controller C. It becomes possible to deliver.

  The table storage unit C2A stores a connection information table T3, an address table T4, and a topology information table T5.

  Next, with reference to FIG. 8, FIG. 14, and FIG. 15, an example of the system shown in FIG. FIG. 15 is a diagram for explaining the processing flow of the entire system shown in FIG. Note that the switch SWk in the figure is a switch SW obtained by removing the switch SWn and the switch SW1 (or the switch SW2) from the switch SW on the path from the switch SWn to the active router calculated by the path calculation unit C1F. Represent. It is assumed that the priority value of the router R1 is larger than the priority value of the router R2.

  Router R1 and router R2 forming the same VRRP group transmit VRRP packets to other routers in order to determine the working router. The VRRP packet transmitted by the router R2 is received by the switch SW2 to which the router R2 is connected. When the VRRP packet from the router R2 is received, the determination unit S1D of the switch SW2 searches the “rule” column of the flow table T1 to determine whether or not a rule regarding the VRRP packet from the router R2 exists in the flow table T1. judge. When the received VRRP packet is the first VRRP packet transmitted by the router R2, the determination unit S1D of the switch SW2 determines that there is no rule regarding the VRRP packet from the router R2 in the flow table T1, and the switch SW2 The VRRP packet processing unit S1A transmits a flow setting request to the controller C.

  The path calculation unit C1F of the controller C that has received the flow setting request from the switch SW2 refers to the connection information table T3 and determines the flow setting request based on the switch number 2 and the port number 20 included in the flow setting request. The router R2 that has transmitted the VRRP packet to the switch SW2 that has transmitted Then, the route calculation unit C1F identifies the switch SW1 to which the router R1 that forms the same VRRP group as the identified router R2 is connected. Then, the path calculation unit C1F refers to the topology information table T5 stored in the table storage unit C2A, and transmits the VRRP packet connected to the identified switch SW1 from the switch SW2 that transmitted the flow setting request. A route (switch SW2> switch SW1> router R1) to the router R1 that forms the same VRRP group as the original router R1 is calculated.

  The flow setting unit C1G of the controller C then selects the switch SW1 and the switch on the route based on the route (switch SW2> switch SW1> router R1) calculated by the route calculation unit C1F and the packet type: VRRP packet. A flow for SW2 is generated, and the generated flow is transmitted to switch SW1 and switch SW2 on the path.

  Then, the flow setting unit S1C of the switch SW1 and the switch SW2 that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  Accordingly, VRRP packets transmitted from the router R2 are sequentially transferred from the switch SW2 according to the flow set in the flow table T1, and delivered to the router R1 that forms the same VRRP group as the router R2 that is the transmission source of the VRRP packet. . The router R1 that has received the VRRP packet from the router R2 determines that the own router is the active router based on the priority included in the VRRP packet, periodically transmits the VRRP packet, and updates the ARP table. A GARP packet for sending the message is transmitted.

  The VRRP packet transmitted by the router R1 is received by the switch SW1 to which the router R1 is connected. When the VRRP packet from the router R1 is received, the determination unit S1D of the switch SW1 searches the “rule” column of the flow table T1 to determine whether or not a rule regarding the VRRP packet from the router R1 exists in the flow table T1. judge. When the received VRRP packet is the first VRRP packet transmitted by the router R1, the determination unit S1D of the switch SW1 determines that there is no rule regarding the VRRP packet from the router R1 in the flow table T1, and the switch SW1 The VRRP packet processing unit S1A transmits a flow setting request to the controller C.

  The path calculation unit C1F of the controller C that has received the flow setting request from the switch SW1 calculates the path (switch SW1> switch SW2> router R2). The flow setting unit C1G of the controller C then selects the switch SW1 and the switch on the route based on the route (switch SW1> switch SW2> router R2) calculated by the route calculation unit C1F and the packet type: VRRP packet. A flow for SW2 is generated, and the generated flow is transmitted to switch SW1 and switch SW2 on the path.

  Then, the flow setting unit S1C of the switch SW1 and the switch SW2 that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  Thereby, VRRP packets transmitted from the router R1 are sequentially transferred from the switch SW1 according to the flow set in the flow table T1, and delivered to the router R2 forming the same VRRP group as the router R1 that is the transmission source of the VRRP packet. . The router R2 that has received the VRRP packet from the router R1 determines that the router R1 is the active router based on the priority included in the VRRP packet, and then interrupts the transmission of the VRRP packet.

  When the switch SW1 receives the GARP packet from the router R1, the GARP processing unit S1B of the switch SW1 transfers the received GARP packet to the controller C. .

  When the controller C receives the GARP packet, the GARP processing unit C1E of the controller C acquires the transmission source MAC address A1 from the received GARP packet, and is connected to the router R1 that is the transmission source of the GARP packet from the connection information table T3. The switch number 1 of the current switch SW1 is acquired. Then, the GARP processing unit C1E of the controller C associates the acquired transmission source MAC address A1 with the switch number 1, stores it in the address table T4, and transfers the received GARP packet to the layer 3 node N1. To the switch SWn.

  When receiving the GARP packet transferred from the controller C, the GARP packet processing unit S1B of the switch SWn transfers the received GARP packet to the layer 3 node N1 in accordance with an instruction from the controller C.

  When receiving the GARP packet, the layer 3 node N1 updates or adds the held ARP table.

  When the layer 3 node N1 transmits a packet addressed to the virtual IP address shared by the router R1 and the router R2 that form the VRRP group, the layer 3 node N1 generates a packet addressed to the virtual IP address by referring to the ARP table. Send the packet.

  When the determination unit S1D of the switch SWn receives a packet from the layer 3 node N1, the determination unit S1D searches the “rule” column of the flow table T1 to determine whether there is a rule that matches the header information of the received packet. To do. Assuming that the received packet is a so-called first packet addressed from the layer 3 node N1 to the active router R1, there is no rule in the flow table T1 that matches the header information of the received packet. It is determined that there is no rule in the flow table T1 that matches the header information of the received packet.

  Therefore, the flow processing unit S1E of the switch SWn transmits a flow setting request to the controller C.

  When the controller C receives the flow setting request from the switch SWn, the path calculation unit C1F of the controller C searches the “MAC address” column of the address table T4 and transmits the header information of the packet included in the flow setting request. The switch number 1 corresponding to the MAC address that matches the destination MAC address A1 is specified. Then, the path calculation unit C1F refers to the topology information table T5 and connects the path (switch SWn) from the switch SWn to the active router R1 that is the transmission destination of the packet connected to the switch SW1 with the identified switch number 1. > Switch SWk> Switch SW1> Router R1)

  Then, the flow setting unit C1G of the controller C performs the flow for the switch SWn, the switch SWk, and the switch SW1 on the route based on the route calculated by the route calculation unit C1F and the header information of the packet included in the flow setting request. Are generated, and the generated flow is transmitted to the switch SWn, the switch SWk, and the switch SW1 on the path.

  The flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  The switch SWn, the switch SWk, and the switch SW1 sequentially transfer packets from the layer 3 node N1 according to the set flow, and are delivered to the active router R1. Once the flow is set, packets transmitted from the layer 3 node N1 to the virtual IP address shared by the router 1 and the router 2 are transferred by the switch SWn, the switch SWk, and the switch SW1 according to the set flow. It is processed and delivered to the active router R1.

  Next, with reference to FIG. 8, FIG. 14, and FIG. 16, the system shown in FIG. FIG. 16 is a diagram for explaining the processing flow of the entire system shown in FIG. 1 when a failure occurs. Note that the switch SWk in the figure is a switch SW obtained by removing the switch SWn and the switch SW1 (or the switch SW2) from the switch SW on the path from the switch SWn to the active router calculated by the path calculation unit C1F. Represent. It is assumed that the priority value of the router R1 is larger than the priority value of the router R2. Further, it is assumed that a flow related to the VRRP packet is already set in the flow table T1 of the switch SW1 and the switch SW2, and the router R1 functions as an active router.

  The router R1 of the active router periodically transmits VRRP packets. When the VRRP packet from the router R1 is received, the determination unit S1D of the switch SW1 searches the “rule” column of the flow table T1 to determine whether or not a rule regarding the VRRP packet from the router R1 exists in the flow table T1. judge. Since a flow related to the VRRP packet from the router R1 is already set in the flow table T1, the determination unit S1D of the switch SW1 determines that a rule related to the VRRP packet from the router R1 exists in the flow table T1. The switch SW1 does not transmit a flow setting request to the controller C, and the physical port of the physical port to which the switch number 1 of the own device and the router R1 are connected to the VRRP packet according to the flow set in the flow table T1. Information for identifying each of the numbers 10 is added and transferred, and the VRRP packet is delivered to the standby router R2 forming the same VRRP group.

  Here, when a failure occurs in the router R1, the router R2 cannot receive the VRRP packet from the active router R1 within the set time, so the router R2 determines that a failure has occurred in the active router R1. Taking over the processing of the router R1, the VRRP packet is periodically transmitted as the active router.

  When the VRRP packet from the router R2 is received, the determination unit S1D of the switch SW2 searches the “rule” column of the flow table T1 to determine whether or not a rule regarding the VRRP packet from the router R2 exists in the flow table T1. judge. Since a flow related to the VRRP packet from the router R2 is already set in the flow table T1, the determination unit S1D of the switch SW2 determines that a rule related to the VRRP packet from the router R2 exists in the flow table T1. The switch SW2 does not transmit the flow setting request to the controller C, and the physical port of the physical port to which the switch number 2 of the own device and the router R2 are connected in the VRRP packet according to the flow set in the flow table T1. Information for identifying each of the numbers 20 is added and transferred, and the VRRP packet is delivered to the standby router R1 forming the same VRRP group.

  The router R2 that has become the active system transmits a GARP packet for updating the ARP table. When the switch SW2 receives the GARP packet from the router R2, the GARP processing unit S1B of the switch SW2 transfers the received GARP packet to the controller C.

  When the controller C receives the GARP packet, the GARP processing unit C1E of the controller C acquires the transmission source MAC address (A2) from the received GARP packet, and from the connection information table T3, the GARP packet transmission source router The switch number 2 of the switch SW2 to which R2 is connected is acquired. Then, the GARP processing unit C1E of the controller C associates the acquired transmission source MAC address A2 with the switch number 2 and stores them in the address table T4 and forwards the received GARP packet to the layer 3 node N1. To the switch SWn.

  When receiving the GARP packet transferred from the controller C, the GARP packet processing unit S1B of the switch SWn transfers the received GARP packet to the layer 3 node N1 in accordance with an instruction from the controller C.

  When receiving the GARP packet, the layer 3 node N1 updates or adds the held ARP table.

  When the layer 3 node N1 transmits a packet addressed to the virtual IP address shared by the router 1 and the router 2, the layer 3 node N1 refers to the ARP table, generates a packet addressed to the virtual IP address, and transmits the generated packet. .

  When the determination unit S1D of the switch SWn receives a packet from the layer 3 node N1, the determination unit S1D searches the “rule” column of the flow table T1 to determine whether there is a rule that matches the header information of the received packet. To do. Assuming that the received packet is a so-called first packet addressed from the layer 3 node N1 to the active router R2, there is no rule in the flow table T1 that matches the header information of the received packet. It is determined that there is no rule in the flow table T1 that matches the header information of the received packet.

  Therefore, the flow processing unit S1E of the switch SWn transmits a flow setting request to the controller C.

  When the controller C receives the flow setting request from the switch SWn, the path calculation unit C1F of the controller C searches the “MAC address” column of the address table T4 and transmits the header information of the packet included in the flow setting request. The switch number 2 corresponding to the MAC address that matches the destination MAC address A2 is specified. Then, the path calculation unit C1F refers to the topology information table T5, and the path (switch SWn) from the switch SWn to the active router R2 that is the transmission destination of the packet connected to the switch SW2 with the identified switch number 2 > Switch SWk> Switch SW2> Router R2)

  Then, the flow setting unit C1G of the controller C performs the flow for the switch SWn, the switch SWk, and the switch SW2 on the route based on the route calculated by the route calculation unit C1F and the header information of the packet included in the flow setting request. Are generated, and the generated flow is transmitted to the switch SWn, the switch SWk, and the switch SW2 on the path.

  The flow setting unit S1C of each switch SW that has received the flow transmitted from the controller C sets the received flow in the flow table T1 stored in the table storage unit S2A.

  The switch SWn, the switch SWk, and the switch SW2 sequentially transfer the packets from the layer 3 node N1 according to the set flow, and are delivered to the active router R2. Once a flow is set, packets sent from the layer 3 node N1 to the virtual IP address shared by the router 1 and the router 2 are transferred by the switch SWn, the switch SWk, and the switch SW2 according to the set flow. After being processed, it is delivered to the router R2 that has become the new active system.

  According to the second embodiment, the determination unit S1D of the switch SW that has received the VRRP packet transmitted by the device having the VRRP function and that is connected to the device searches the “rule” column of the flow table T1, It was determined whether or not a rule relating to VRRP packets from the router connected to the own switch exists in the flow table T1. Then, the VRRP packet processing unit S1A of the switch SW to which the device is connected refers to the flow table T1 when the determination unit S1D determines that the rule regarding the VRRP packet from the device exists in the flow table T1. Then, the received VRRP packet is transferred according to the action specified by the action information corresponding to the rule. On the other hand, when the determination unit S1D determines that the rule regarding the VRRP packet from the device does not exist in the flow table T1, the VRRP packet processing unit S1A transmits a flow setting request to the controller C. Then, the path calculation unit C1F of the controller C that has received the flow setting request calculates a path from the switch SW to which the VRRP packet transmission source device is connected to a device that forms the same VRRP group as the device, The flow setting unit C1G of the controller C generates a flow for each switch SW installed on the route, and sets the generated flow for each switch SW. By doing so, the switch SW does not need to communicate with the controller C every time it receives a VRRP packet from the connected device having the VRRP function, thereby reducing the load on the controller C. It becomes possible. In addition, since a flow related to the VRRP packet is set for each switch SW on the route, even if a failure occurs in the controller C, the active device is periodically updated unless a failure occurs in the active device. Since the VRRP packet transmitted automatically is delivered to the standby device in accordance with the set flow, data communication can be continued.

  In the above embodiment, the present invention has been described by taking a router having a VRRP function as an example. However, the present invention can also be applied to a device using another redundancy protocol.

  In the first embodiment, the VRRP packet processing unit C1D of the controller C is configured to discard the VRRP packet from the standby router. However, the VRRP packet processing unit C1D may be configured to deliver the packet to the active router without discarding it.

In the embodiment, the program to be executed is a computer-readable recording medium such as a flexible disk, a CD-ROM (Compact Disc Read-Only Memory), a DVD (Digital Versatile Disc), and an MO (Magneto-Optical Disc). The above-described processing may be executed by storing and distributing in a medium and installing the program.
Further, the program may be stored in a disk device or the like included in a predetermined server device on a communication network such as the Internet, and may be acquired by being superimposed on a carrier wave, for example.

  As mentioned above, although preferable embodiment of this invention was described, this invention is not limited to the specific embodiment which concerns, This invention includes the invention described in the claim, and its equivalent range It is.

DESCRIPTION OF SYMBOLS 1 Open flow network system 2 Switch group SW1-SWn Switch S1 Control part S1A VRRP packet processing part S1B GARP packet processing part S1C Flow setting part S1D Judgment part S1E Flow processing part S2 Storage part S2A Table storage part C Controller C1 Control part C1A Transmission Original determination unit C1B timer C1C determination unit C1D VRRP packet processing unit C1E GARP packet processing unit C1F route calculation unit C1G flow setting unit C2 storage unit C2A table storage unit T1 flow table T2 set time table T3 connection information table T4 address table T5 topology information table

Claims (14)

Each switch that makes up the OpenFlow network
A controller that centrally controls the data transfer processing of each switch when the life / death monitoring packet, which is packet data for life / death monitoring, is received from a physically redundant network device. Alive monitoring packet transfer means to transfer to,
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving the Address Resolution Protocol) packet, a GARP packet transfer means for transferring the received GARP packet to the controller;
With
The controller is
Controlling a switch connected to a network device other than the network device that has transmitted the alive monitoring packet among the physically redundant network devices, the alive monitoring packet is monitored by the alive monitoring. A packet transfer control means for alive monitoring that transmits the packet to a network device other than the network device that has transmitted the packet;
Route calculation means for calculating a route from the switch to which the node is connected to the active network device;
By controlling each switch on the route calculated by the route calculating means, packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device is transmitted. Packet transfer control means for transmitting to the active network device;
Comprising
Open flow network system characterized by this. The controller is
A storage unit for storing network device switch correspondence information in which information that can uniquely identify each switch connected to the physically redundant network device is associated;
The life and death monitoring packet transfer control unit transmits the life and death monitoring packet among the physically redundant network devices based on the network device switch correspondence information stored in the storage unit. Identifying a network device other than the network device, controlling a switch to which the identified network device is connected, and transmitting the alive monitoring packet to the identified network device.
The open flow network system according to claim 1. The storage unit includes the network device switch correspondence information and the switch to which the physically redundant network device is connected, which network device is connected to the active network device. The connection information that associates the active system information that can be identified with
The controller is
An acquisition unit for acquiring a physical MAC (Media Access Control) address of the active network device included in the GARP packet transferred by the GARP packet transfer unit;
The path calculating unit is configured to match the destination MAC address included in the header information of the packet data based on the physical MAC address of the active network device acquired by the acquiring unit and the connection information. Identifying a switch corresponding to the physical MAC address of the network device, and calculating a path from the switch to which the node is connected to the active network device connected to the identified switch;
The open flow network system according to claim 2. The controller is
Further comprising transmission source determination means for referring to connection information stored in the storage unit to determine whether the network device that has transmitted the alive monitoring packet is an active network device;
The life and death monitoring packet transfer control means is configured so that the network device that is physically redundant only when the transmission source determination means determines that the network device that has transmitted the life and death monitoring packet is an active network device. A network device other than the network device that has transmitted the alive monitoring packet by controlling a switch to which a network device other than the network device that has transmitted the alive monitoring packet is connected. To send to
The open flow network system according to claim 3. The controller is
When the alive monitoring packet from the active network device cannot be received within a predetermined time, it is determined that a failure has occurred in the active network device, and the update for updating the corresponding active information in the connection information Further comprising means,
The open flow network system according to claim 3 or 4, wherein The physically redundant network device has a VRRP (Virtual Router Redundancy Protocol) function, and the alive monitoring packet is a VRRP packet.
The OpenFlow network system according to any one of claims 1 to 5, wherein The physically redundant network device is a router.
The OpenFlow network system according to any one of claims 1 to 6, wherein Each switch that makes up the OpenFlow network
When a life / death monitoring packet that is packet data for life / death monitoring is received from a physically redundant network device, the life / death monitoring packet is transmitted from the physically redundant network device. The flow setting for transmitting the life / death monitoring packet received to the network device other than the network device is executed for each switch on the path from the own switch to the network device that is the transmission destination of the life / death monitoring packet. Flow setting request transmitting means for transmitting a flow setting request for requesting to the controller;
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving the Address Resolution Protocol) packet, a GARP packet transfer means for transferring the received GARP packet to the controller;
With
The controller is
When the flow setting request is received, a path from the switch that transmitted the flow setting request to a network device other than the network device that transmitted the alive monitoring packet among the physically redundant network devices First route calculating means for calculating
For each switch on the route calculated by the first route calculating means, among the network devices that are physically redundant, to network devices other than the network device that transmitted the alive monitoring packet, Life and death monitoring packet transfer control means for setting a flow for transmitting the life and death monitoring packet,
Second route calculating means for calculating a route from the switch to which the node is connected to the active network device;
Packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device for each switch on the route calculated by the second route calculating means A packet transfer control means for setting a flow for transmitting to the active network device,
Comprising
Open flow network system characterized by this. Each of the switches
Upon receiving the alive monitoring packet from the network device, the alive monitoring received from the physically redundant network device to a network device other than the network device that has transmitted the received alive monitoring packet. A determination unit for determining whether or not a flow for transmitting a packet has already been set;
The flow setting request transmission means receives the life / death monitoring packet received by the determination means to a network device other than the network device that has transmitted the received life / death monitoring packet among the physically redundant network devices. The flow setting request is transmitted to the controller only when it is determined that the flow for transmitting is not yet set.
The open flow network system according to claim 8, wherein: The controller is
A storage unit for storing network device switch correspondence information in which information that can uniquely identify each switch connected to the physically redundant network device is associated;
The first path calculation unit is a network that transmits the alive monitoring packet among the physically redundant network devices based on the network device switch correspondence information stored in the storage unit. Specify a network device other than the device, and calculate a route from the switch that transmitted the flow setting request to the specified network device.
The open flow network system according to claim 8 or 9, characterized in that. The physically redundant network device has a VRRP (Virtual Router Redundancy Protocol) function, and the alive monitoring packet is a VRRP packet.
The OpenFlow network system according to any one of claims 8 to 10, wherein The physically redundant network device is a router.
The OpenFlow network system according to any one of claims 8 to 11, wherein Each switch that makes up the OpenFlow network
A controller that centrally controls the data transfer processing of each switch when the life / death monitoring packet, which is packet data for life / death monitoring, is received from a physically redundant network device. Alive monitoring packet forwarding step to forward to,
The controller is
Controlling a switch connected to a network device other than the network device that has transmitted the alive monitoring packet among the physically redundant network devices, the alive monitoring packet is monitored by the alive monitoring. A packet transfer control step for alive monitoring that transmits a packet to a network device other than the network device that transmitted the packet,
Each switch constituting the OpenFlow network is
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving an Address Resolution Protocol) packet, a GARP packet transfer step for transferring the received GARP packet to the controller;
The controller is
A route calculating step for calculating a route from the switch to which the node is connected to the active network device;
The controller is
By controlling each switch on the route calculated by the route calculating step, packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device A packet transfer control step for transmitting to the active network device;
Comprising
A data communication method characterized by the above. Each switch that makes up the OpenFlow network
When a life / death monitoring packet that is packet data for life / death monitoring is received from a physically redundant network device, the life / death monitoring packet is transmitted from the physically redundant network device. The flow setting for transmitting the life / death monitoring packet received to the network device other than the network device is executed for each switch on the path from the own switch to the network device that is the transmission destination of the life / death monitoring packet. A flow setting request sending step for sending a flow setting request to the controller to the controller;
The controller is
When the flow setting request is received, a path from the switch that transmitted the flow setting request to a network device other than the network device that transmitted the alive monitoring packet among the physically redundant network devices A first route calculating step for calculating
The controller is
For each switch on the route calculated in the first route calculating step, among the network devices that are physically redundant, to network devices other than the network device that transmitted the alive monitoring packet, Life and death monitoring packet transfer control step for setting a flow for transmitting the life and death monitoring packet, and
Each switch on the route calculated in the first route calculating step is
Based on the flow set in the first route calculation step, the life and death monitoring packet is sequentially transferred, so that the life and death monitoring packet is transmitted among the physically redundant network devices. A life / death monitoring packet transmission step for transmitting the life / death monitoring packet to a network device other than the network device,
Each switch constituting the OpenFlow network is
A GARP (Gratuitous) for updating an ARP (Address Resolution Protocol) table held by a node connected to the OpenFlow network, which is transmitted by an active network device among the physically redundant network devices. When receiving an Address Resolution Protocol) packet, a GARP packet transfer step for transferring the received GARP packet to the controller;
The controller is
A second route calculating step for calculating a route from the switch to which the node is connected to the active network device;
The controller is
Packet data transmitted from the node to a virtual IP (Internet Protocol) address shared by the physically redundant network device for each switch on the route calculated in the second route calculating step A packet transfer control step for setting a flow for transmitting to the active network device,
Each switch on the route calculated in the second route calculating step is
A packet transmission step of transmitting the packet data to the active network device by sequentially transferring the packet data based on the flow set in the packet transfer control step,
Comprising
A data communication method characterized by the above.

Images