JP2015159500A - Open flow control apparatus, path management method, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an open flow control apparatus, a path management method, and a path management program capable of simply expanding the number of flows which can be housed in a switch.SOLUTION: The open flow control apparatus which controls a switch for transferring a packet on the basis of flow entry comprises a transfer controller 10 which performs transfer control for transferring a process on a packet inputted from a terminal, which is to be performed by an edge switch installed at the edge of a network, to a switch other than the edge switch.

Description

  The present invention relates to an open flow control device, a route management method, and a route management program that control a plurality of switches.

  In a network environment, as a technique for increasing the degree of integration of terminals accommodated in a physical interface of a switch, there are a method of logically dividing a segment by a VLAN (Virtual Local Area Network) and a technique of virtualizing a server. With the spread of such virtualization technology and the improvement of the performance of IT devices, the density of terminals in a network environment is increasing.

  In an environment in which flow control is performed by open flow (OpenFlow), as the density of terminals increases, the number of flows accommodated in the network increases and the number of necessary flow entries increases. In particular, in an environment where fine flow control, which is one of the features of OpenFlow, is performed, the number of necessary flow entries may be increased. If the switch flow table overflows due to an increase in the number of flow entries, a new flow cannot be generated. Thereby, there is a concern that the flow entry of the switch is insufficient with respect to the number of flows.

  In particular, control methods such as SPB (Shortest Path Bridging) and TRILL (Transparent Interconnection of Lots of Links), which perform encapsulation at a switch (edge switch) installed at the edge (boundary) of the network, use the edge switch to specify the destination. It is necessary to associate information with an encapsulation tag, and the more the number of terminals and the number of flows, the more the flow table is consumed in the edge switch. Further, in a network such as a data center, the number of flows may temporarily increase due to the convenience of the user or an external attack.

  Generally, switches are classified according to the number of interfaces, and switches with a larger number of interfaces are more expensive products. Also, the larger the flow table capacity, the greater the number of interfaces. Therefore, a switch having a larger capacity of the flow table is more expensive. Therefore, if an attempt is made to construct a network using an expensive switch having a large capacity of the flow table in accordance with the increased number of flows, a large cost is required.

  A general-purpose RAM (Random Access Memory) can flexibly expand its capacity by adding memory modules. However, in the case of hardware such as a TCAM (Ternary content-addressable memory) that searches for a flow entry of a switch, it is necessary to change the design level in order to expand the capacity. That is, in order to expand the capacity of the flow table, many development man-hours are required.

  Patent Document 1 describes a specific method for realizing “preliminary entry registration” in which, in an OpenFlow network, a controller voluntarily registers an entry before data communication starts.

International Publication WO2012 / 096131

  In the method described in Patent Document 1, the number of flow entries of switches, particularly edge switches, increases depending on the number of terminals and the number of flows, and the flow table may overflow.

  Accordingly, an object of the present invention is to provide an open flow control device, a route management method, and a route management program that can easily increase the number of flows that can be accommodated in a switch.

  An OpenFlow control device according to the present invention is an OpenFlow control device that controls a switch that forwards a packet based on a flow entry, and performs processing for a packet input from a terminal performed by an edge switch, separately from the edge switch. It includes a delegation control unit that performs delegation control for delegation to the switch.

  A route management method according to the present invention is a route management method in an open flow control device that controls a switch that forwards a packet based on a flow entry, and performs processing on a packet input from a terminal performed by an edge switch. It is characterized by delegating to another switch.

  The route management program according to the present invention performs processing for a packet input from a terminal, which is performed by an edge switch, on a computer in an open flow control device that controls a switch that transfers a packet based on a flow entry. It is characterized in that a process for delegating to a switch is executed.

  According to the present invention, the number of flows that can be accommodated in the switch can be easily increased.

It is a block diagram which shows the structure of 1st Embodiment of the communication system containing the open flow control apparatus by this invention. It is explanatory drawing which shows an example of the table containing the entry delegation origin and delegation destination for input, and ID corresponding to it. It is explanatory drawing which shows an example of the entry for input which transfers the packet addressed to a terminal to OFS for output. FIG. 4 is an explanatory diagram showing an example of an input entry registered in another OFS when the input entry shown in FIG. 3 is delegated to the other OFS. FIG. 10 is an explanatory diagram illustrating an example of an input entry registered in an OFS when an OFS that is two hops away is an input entry delegation destination. It is explanatory drawing which shows an example of an input delegation entry. It is explanatory drawing which shows an example of the communication path after the entry entry transfer. It is explanatory drawing which shows an example of the table containing the entry delegation origin and delegation destination for output, and ID corresponding to it. It is explanatory drawing which shows an example of the entry for an output which transfers the packet addressed to a terminal to IF of output OFS. FIG. 10 is an explanatory diagram illustrating an example of an output entry registered in another OFS when the output entry illustrated in FIG. 9 is delegated to the other OFS. It is explanatory drawing which shows an example of an output transfer entry. It is explanatory drawing which shows an example of the communication path after the entry delegation for output. It is a block diagram which shows the minimum structure of the open flow control apparatus by this invention.

Embodiment 1. FIG.
A first embodiment of the present invention will be described below with reference to the drawings.

  In the present embodiment, a communication system that performs flow control by open flow will be described as an example.

  FIG. 1 is a block diagram showing a configuration of a first embodiment of a communication system including an open flow control device (OFC (OpenFlow Controller)) according to the present invention. As illustrated in FIG. 1, the communication system includes an OFC 11 and OFS (Open Flow Switch) 21 to 24. Terminals 31 and 32 are connected to the communication system. In FIG. 1, four OFSs 21 to 24 are illustrated, but any number of OFSs may be provided. Moreover, although the two terminals 31 and 32 are illustrated, how many terminals may be connected to the communication system.

  The OFS 21 to 24 transfers the packet based on a flow entry in which a match condition for extracting a packet to be processed and an action for the packet are described.

  The OFS 21 has IFs (interfaces) 212 to 214. The OFS 22 has IFs 223 to 224. The OFS 23 has IFs 231 to 232 and 234. The OFS 24 has IFs 241 and 244. The terminal 31 is connected to the IF 214 of the OFS 21. The terminal 32 is connected to the IF 234 of the OFS 23.

  The OFC 11 controls the OFSs 21 to 24. Specifically, the OFC 11 generates a flow entry and registers it in the flow tables of OFS 21 to 24.

  Note that the number of interfaces for controlling each OFS from the OFC 11 may be one. For example, a switch may be arranged between the OFC 11 and the OFS 21 to 24 to branch one interface. Further, a switch different from the above switch may be disposed between the terminals 31 and 32 and the OFSs 21 to 24, and another terminal may be connected to the switch.

  The OFC 11 includes a path management unit 110. In addition, although expressions such as “controlled by OFC 11” are used, specifically, the path management unit 110 executes processing.

  Note that the path management unit 110 is realized by, for example, a CPU of a computer (for example, the OFC 11) that operates according to a path management program. The route management program is stored in, for example, a storage device (not shown) of the OFC 11. The CPU reads the program and operates as the path management unit 110 according to the program.

  Next, the operation of this embodiment will be described.

  In the following description, the OFS serving as a traffic entrance is referred to as Ingress OFS (input OFS). Further, the flow entry of the input OFS is called an Ingress entry (input entry). The OFS that is the traffic exit is called EgressOFS (output OFS). The flow entry of the output OFS is referred to as an Egress entry (output entry). Further, the OFS on the way between the input OFS and the output OFS is referred to as “Core OFS”. The flow entry of the core OFS is called a Core entry (core entry).

  Here, it is assumed that a terminal is connected to the OFS 21 shown in FIG. Further, it is assumed that a flow entry for communication of these terminals is registered in the OFS 21. Further, it is assumed that the OFC 11 detects a state where the flow table of the OFS 21 is exhausted. Flow table depletion refers to a state in which the flow table capacity is full and a flow entry cannot be newly registered. As a method of detecting the exhaustion of the flow table, a method of calculating from the capacity of the flow table of the OFS 21 and the number of registered flow entries, or a method of detecting from an error response to a flow entry registration request due to the exhaustion of the flow table is considered. It is done.

  The OFC 11 delegates the input entry for the packet input from the IF of the OFS 21 to another OFS in order to cope with the exhaustion of the flow table of the OFS 21 that is the edge switch. That is, the OFC 11 delegates processing for a packet input from the terminal 31 to another OFS. Here, it is assumed that the OFC 11 determines to delegate the input entry for the packet input from the IF 214 of the OFS 21 (hereinafter simply referred to as the input entry of the IF 214) to the OFS 22.

  As a method of determining the delegation source interface, for example, a method of determining based on the number of entries for input, traffic statistical information, and the like can be considered. As a method of determining the OFS of the delegation destination, for example, a method of determining based on the availability of the flow table, the distance from the delegation source OFS (here, OFS 21), traffic statistical information, and the like can be considered. Further, the OFC 11 may determine that a part of the specific VLAN of the IF 214 is delegated when determining the delegation source interface. Further, the OFC 11 may determine that an OFS that is two or more hops away is used as a delegation destination when determining an OFS as a delegation destination.

  Next, the OFC 11 delegates the input entry of the IF 214 of the OFS 21 to the IF 224 of the OFS 22 to regenerate a flow path having the IF 214 of the OFS 21 as an entrance. For example, when there is a flow addressed from the terminal 31 to the terminal 32, the traffic addressed from the terminal 31 to the terminal 32 is transferred to the OFS 22 after the input entry is transferred. Therefore, if the path from the OFS 22 to the terminal 32 has not been generated in advance, the OFC 11 determines the path of the OFS 22 → OFS 24 → OFS 23 → the terminal 32 (hereinafter referred to as the first path) or OFS 22 → OFS 21 → OFS 23 → the terminal 32. It is necessary to generate a route (hereinafter referred to as a second route). Hereinafter, the operation when the first route is applied will be described, but the second route can also be applied. When the second route is applied, the core route passes through the OFS 21. However, when the core entries are aggregated, the number of core entries registered in the OFS 21 is small, and the flow table of the OFS 21 is not compressed.

  Next, the OFC 11 assigns an ID for identifying the switch and the interface to the input entry delegation source switch and interface. The ID is a value included as a tag for identifying the delegation source in the packet. A field in a packet that can be set as a flow entry match condition, such as VLAN or MPLS (Multi Protocol Label Switching), can be used as a tag. The OFC 11 manages the ID together with information indicating the delegation source and delegation destination switches and interfaces. In the present embodiment, the OFC 11 holds a table indicating correspondence between IDs and entry entry delegation source / delegation destination in a storage unit (not shown). FIG. 2 is an explanatory diagram showing an example of a table including input entry delegation source / delegation destination and corresponding IDs. Here, it is assumed that the OFC 11 assigns 1001 as the ID of the IF 214 of the OFS 21 that is the entry entry delegation source, as shown in FIG.

  Next, the OFC 11 delegates the input entry of the IF 214 of the OFS 21 to the OFS 22. Specifically, the OFC 11 registers a flow entry corresponding to the input entry of the IF 214 of the OFS 21 in the OFS 22. For example, it is assumed that there is a flow that flows from the terminal 31 to the terminal 32, and the entry for entry registered in the OFS 21 corresponding to the flow by the OFC 11 has the contents shown in FIG. FIG. 3 is an explanatory diagram showing an example of a flow entry (input entry) for transferring a packet addressed to the terminal 32 to the OFS 23 which is an output OFS. In the entry for entry shown in FIG. 3, an action for adding a route control tag X at the time of transfer is set. The path control tag X is a tag for flow entry control by the OFC 11. The path control tag is a tag added for flow control by the OFC 11, and is a tag depending on the flow generation architecture of the OFC 11. Therefore, the route control tag can be omitted or replaced in other forms. Similarly to the ID, the route control tag can use a field in the packet such as VLAN or MPLS.

  FIG. 4 is an explanatory diagram showing an example of an input entry registered in another OFS when the entry for input shown in FIG. 3 is delegated to another OFS (here, OFS 22). The input entry shown in FIG. 4 is a flow in which the route control tag X is set and transferred to the packet addressed to the terminal 32 transferred from the OFS 21 in the same manner as the input entry shown in FIG. Note that “Remove” shown in FIG. 4 represents an action of removing a tag at the time of transfer.

  The difference between the entry for input shown in FIG. 4 and the entry for input shown in FIG. 3 is that the input / output interface is changed and the delegation of the same ID as that shown in FIG. The control tag is in the match condition. The link between the OFS 21 and the OFS 22 is used not only as a core path but also for delegation of input entries for a plurality of interfaces of the OFS 21. Therefore, a delegation control tag for identifying delegation from the IF 214 of the OFS 21 is included in the match condition.

  In the input entry shown in FIG. 4, an action for removing the delegation control tag at the time of transfer is set. However, when the delegation control tag and the path control tag are set in the same method (for example, both VLANID The OFC 11 may set an action for changing the value of the delegation control tag to the value of the path control tag in the input entry.

  Also, not all input entries must be delegated. By setting the priority of the match condition of the input delegation entry, which will be described later, lower than the priority of the match condition of the input entry, it is possible to match only the packets that did not match the input entry with the input delegation entry. In this way, by delegating only a small number of input entries from the OFS 21 to the OFS 22, it becomes possible to prepare a free area in the flow table of the OFS 21 at a higher speed. Therefore, even when the flow table of the OFS 21 is already overflowing, it is possible to prepare an area for setting an input delegation entry at high speed.

  FIG. 5 is an explanatory diagram illustrating an example of an entry for input registered in the OFS when an OFS that is two or more hops away is an input entry delegation destination. When the OFS 24 that is two hops away from the OFS 21 is used as the transfer destination of the entry for entry, the OFC 11 keeps the transfer control tag attached to the OFS 22 using the input interface and the transfer control tag as a match condition as shown in FIG. A flow entry to be transferred to the OFS 24 is registered. Note that an action for rewriting a tag may be added to the flow entry shown in FIG. 5 in order to avoid duplication of the delegation control tag ID.

  Next, the OFC 11 registers the flow entry shown in FIG. This flow entry is called an input delegation entry. FIG. 6 is an explanatory diagram showing an example of the input delegation entry. The flow entry shown in FIG. 6 shows a flow in which the transfer control tag is attached to the input packet of the IF 214 of the OFS 21 and transferred to the OFS 22. The delegation control tag set by the action indicates that it has been input from the IF 214 of the OFS 21. That is, the ID of the delegation control tag is an ID managed in the table shown in FIG. 2, and is the same ID as the delegation control tag of the entry entry match condition shown in FIG.

  FIG. 6 shows a flow for transferring all input packets of IF 214, but by narrowing down the range for delegating the entry for input, for example, only a specific VLAN can be delegated by changing the match condition. Can do. Also, by registering an input delegation entry to be transferred to a different OFS for each VLANID of the input packet, it is possible to switch the delegation destination OFS of the entry for input according to the VLANID.

  Finally, the OFC 11 deletes the input entry delegated from the OFS 21 to the OFS 22 from the OFS 21. However, if the flow table of the OFS 21 is already overflowing, the OFC 11 needs to delete the entry for entry from the OFS 21 and register a flow entry for the input delegation entry before registering the input delegation entry in the OFS 21. There is. In this case, the flow corresponding to the deleted input entry is temporarily interrupted.

  As described above, the entry for the flow from the terminal 31 to the terminal 32 is delegated from the OFS 21 to the OFS 22. An input delegation entry is set in the OFS 21, an input entry is set in the OFS 22, a core entry is set in the OFS 24, and an output entry is set in the OFS 23. FIG. 7 is an explanatory diagram showing an example of the communication path after the entry entry delegation. As shown in FIG. 7, the communication path is terminal 31 → OFS 21 → OFS 22 → OFS 24 → OFS 23 → terminal 32. Although this route is not the shortest route, another flow entry can be registered in the flow table because the flow table of the OFS 21 is empty.

  Next, a method for generating a flow after delegating an entry for input will be described.

  When the OFC 11 adopts a method of generating a flow triggered by a packet-in message of a first packet (a new packet that does not match an existing flow entry), when the input delegation entry is registered in the delegation source OFS, The first packet of the new flow also hits the input delegation entry and is transferred to the delegation destination OFS. Therefore, the OFC 11 needs to cope with a change in the OFS that is the notification source of the packet-in message.

  For example, it is assumed that a new flow from the terminal 31 to the terminal 32 occurs. The first packet hits the input delegation entry (the flow shown in FIG. 6) of the OFS 21, the delegation control tag is set, and the first packet is transferred to the IF 224 of the OFS 22. Then, the OFS 22 notifies the OFC 11 of a packet-in message.

  The OFC 11 can detect from the received packet-in message that the packet in which the delegation control tag with ID 1001 is set has reached the IF 224 of the OFS 22. The OFC 11 collates the notification source switch and interface of the packet-in message and the ID of the delegation control tag with the input entry delegation destination switch and interface and ID of the table shown in FIG. Is determined to be a packet delegated from the IF 214 of the OFS 21. If there is no same combination in the table shown in FIG. 2, the OFC 11 determines that there is no input entry delegation and generates a flow by a normal method.

  When the OFC 11 determines that the packet is delegated from the IF 214 of the OFS 21, the OFC 11 generates a flow entry corresponding to the flow. At this time, the OFC 11 can select either the OFS 21 that is the input entry delegation source OFS or the OFS 22 that is the input entry delegation destination OFS as the input OFS. If the OFS 21 flow table continues to be exhausted, the OFC 11 sets an entry for entry including a delegation control tag in the match condition in the OFS 22 as shown in FIG. When the flow table of the OFS 21 has been depleted, the OFC 11 can set an entry for input in the OFS 21 with a higher priority than the input delegation entry, and can set the flow of the shortest path.

  In this embodiment, as shown in FIG. 6, when delegating an entry for input, an ID indicating a delegation source is included in the packet as a tag (delegation control tag), but it is not necessary to identify the delegation source The tag can be omitted. For example, when all the interfaces of the delegation source OFS belong to the same segment, it is not essential to identify the interface of the delegation source OFS. Therefore, in this case, the delegation control tag can be omitted.

  When the delegation control tag is omitted, the OFC 11 cannot identify the interface of the delegation source OFS from the packet-in message received from the delegation destination OFS. However, when canceling the state where the input entry is delegated, if the input interface does not need to be specified in the input entry match condition set in the OFS of the entry entry delegation source, the OFC 11 It is not essential to know the OFS interface. Therefore, in that case, the delegation control tag can be omitted.

  As described above, in this embodiment, the entry for registration registered in the OFS is delegated to another OFS. For example, when the flow entry of the edge switch is insufficient, the function of the edge switch can be shared with a nearby switch that has a sufficient number of flow entries, so that the flow entry of another switch can be used. . Therefore, according to the present embodiment, the number of flows that can be accommodated in the OFS (not the number of flow entries but the number of flows that use the OFS as an entrance / exit) can be increased. That is, it is possible to cope with an increase in the number of terminals accommodated in the switch interface and the number of flows per terminal.

  Therefore, for example, if the present invention is applied to the system described in Patent Document 1, it is possible to avoid overflowing the edge switch flow table even when the number of terminals or the number of flows increases. In the system described in Patent Document 1, since the flow entries of the core switch are aggregated in the number of switches, the number of flows that can be accommodated in the switch can be further expanded by applying the present invention.

  Further, according to the present embodiment, it is possible to utilize the flow entry of a nearby switch having a sufficient number of flow entries, so that it is possible to increase the usage rate of the switch flow table in the entire network.

Embodiment 2. FIG.
Hereinafter, a second embodiment of the present invention will be described with reference to the drawings.

  In the first embodiment, the communication system that delegates the entry for input is taken as an example, but in the present embodiment, the communication system that delegates the entry for output is taken as an example.

  The configuration of the second embodiment of the communication system is the same as the configuration of the first embodiment shown in FIG.

  Here, it is assumed that a terminal is connected to the OFS 23 shown in FIG. Further, it is assumed that a flow entry for communication of those terminals is registered in the OFS 23. Further, it is assumed that the OFC 11 detects a state where the flow table of the OFS 23 is exhausted.

  The OFC 11 delegates the output entry having the IF 234 of the OFS 23 as an exit to another OFS (here, OFS 24) in order to cope with the exhaustion of the flow table of the OFS 23 that is the edge switch. That is, the OFC 11 delegates the processing for the packet output to the terminal 32 to another OFS.

  In this case, the OFC 11 creates a table as shown in FIG. FIG. 8 is an explanatory diagram showing an example of a table including output entry delegation source / delegation destination and IDs corresponding thereto. The OFC 11 registers an output entry to be transferred to the OFS 23 with the tag shown in FIG. When the OFC 23 receives a packet with the same tag as the ID shown in FIG. 8, the OFC 11 removes the tag and registers an output delegation entry to be transferred to the IF 234.

  For example, it is assumed that the output entry set in the OFS 23 before the transfer of the output entry has the contents shown in FIG. FIG. 9 is an explanatory diagram showing an example of an output entry for transferring a packet addressed to the terminal 32 to an IF (here, IF234) of the output OFS. In the output entry shown in FIG. 9, an action for removing a path control tag added for flow control by the OFC 11 at the time of transfer is set.

  FIG. 10 is an explanatory diagram showing an example of an output entry registered in another OFS when the output entry shown in FIG. 9 is delegated to another OFS (here, OFS 24). The output entry shown in FIG. 10 is a flow in which the routing control tag is removed from the packet addressed to the terminal 32, and instead a delegation control tag having the same ID as the ID shown in FIG. 8 is set and transferred to the OFS 23. Further, the output delegation entry set in the OFS 23 has contents as shown in FIG. FIG. 11 is an explanatory diagram of an example of the output delegation entry. The output delegation entry shown in FIG. 11 is a flow in which, when a packet with the ID delegation control tag shown in FIG. 8 arrives from the OFS 24, the tag is removed and the packet is transferred to the IF 234.

  Even when there are a plurality of output entries for IF 234, the output delegation entry can be associated with one entry regardless of the number of output entries. Therefore, after delegating the output entry, the OFC 11 can delete all the output entries of the IF 234 from the OFS 23 and free the OFS 23 flow table.

  Normally, in the state before the OFC 11 delegates the output entry, the flow entry should be created in the switch on the path so that the packet addressed to the terminal 32 goes to the OFS 23. Therefore, when the OFC 11 delegates the output entry from the OFS 23 to the OFS 24, the OFC 11 needs to change the flow of other switches so that the packet addressed to the terminal 32 is directed to the OFS 24. Therefore, the operation of the OFC 11 when delegating the output entry is more complicated than when delegating the input entry. However, in an environment in which output entries are concentrated on a specific switch in an environment where one-way communication is used, depletion of the flow table can be avoided by delegating the output entries.

  When the transfer path by the input entry and the core entry is OFS21 → OFS22 → OFS24, the flow path from the terminal 31 to the terminal 32 is finally as shown in FIG. FIG. 12 is an explanatory diagram showing an example of a communication path after the output entry delegation.

  By setting the priority of the output delegation entry to be lower than the priority of the output entry, the OFC 11 can leave some output entries in the OFS 23 without delegating to other OFSs. . In this case, the OFC 11 needs to control the input entry and core entry of another switch in accordance with the OFS in which the output entry is set so that the packet is transferred to an appropriate output OFS. is there.

  Even when the output entry is delegated, the packet-in message is notified from the input OFS as usual for the first packet of the new flow. Therefore, the OFC 11 sets the input entry to the input OFS that is the notification source of the packet-in message, and controls the flow so that the packet reaches the output OFS in which the output entry is set.

  As described above, in this embodiment, the output entry to be registered in the OFS is delegated to another OFS. Therefore, similarly to the first embodiment, the number of flows that can be accommodated in the OFS can be increased.

  As mentioned above, although the communication system applied to OpenFlow in each embodiment was taken as an example, the present invention is applicable to other than OpenFlow. For example, the OFC in each embodiment may be a control device other than the controller in the open flow. Further, for example, the OFS in each embodiment may be a packet transfer apparatus other than the switch in the open flow. That is, the present invention can be applied to any hop-by-hop network in which switches other than the edge switch are controlled. Further, the present invention can be suitably applied to an environment with a high density of terminals such as a data center.

  The above embodiments can be used in combination.

  Next, the outline of the present invention will be described. FIG. 13 is a block diagram showing a minimum configuration of the open flow control apparatus according to the present invention. As shown in FIG. 13, the OpenFlow control device according to the present invention controls an OpenFlow control device (for example, FIG. 1) that controls switches (for example, equivalent to OFS 21 to 24 shown in FIG. 1) that transfer packets based on flow entries. 1 is equivalent to the OFC 11 shown in FIG. 1), and the processing for a packet input from a terminal (for example, corresponding to the terminals 31 and 32 shown in FIG. 1) performed by the edge switch is delegated to a switch different from the edge switch. A delegation control unit 10 (for example, corresponding to the path management unit 110 in the OFC 11 illustrated in FIG. 1) that performs delegation control is included.

  According to such a configuration, for example, in the OpenFlow network, an entry for input registered in the OFS can be delegated to another OFS. Thereby, for example, when the flow entry of the edge switch is insufficient, the function of the edge switch can be shared by a nearby switch having a sufficient number of flow entries. Therefore, the flow entry of another switch can be used, and the number of flows that can be accommodated in the switch can be increased.

  Further, the delegation control unit 10 may perform delegation control when a new flow entry cannot be registered in the edge switch. According to such a configuration, exhaustion of the flow table of the edge switch can be avoided, and a new flow can be generated reliably. Also, since entry entry delegation is executed when the flow table is depleted, if the depletion of the flow table has been resolved, the entry for the shortest path is not delegated. A flow can be set.

  In addition, the delegation control unit 10 re-registers the flow entry set in the delegation source switch for processing the packet input from the terminal in the delegation destination switch, and inputs the flow entry from the terminal to the delegation source switch. An input delegation entry for transferring the packet to the delegation destination switch may be registered. According to such a configuration, a packet input from the terminal by the delegation source switch is transferred to the delegation destination switch via the delegation source switch. The packet is processed in the delegation destination switch. That is, it is possible to reliably delegate the processing of the packet to the delegation destination switch.

  Further, the delegation control unit 10 may set a match condition of the input delegation entry so that a specific packet input from the terminal is transferred to the delegation destination switch. According to such a configuration, it is possible to narrow the range of delegating the flow entry, such as delegating only a specific VLAN.

  In addition, the delegation control unit 10 may register an input delegation entry for transferring the packet to a different switch according to the content of the packet input from the terminal in the delegation source switch. According to such a configuration, for example, an input delegation entry to be transferred to a different switch for each VLANID of the input packet can be registered in the delegation source switch. Therefore, a more appropriate switch can be a delegation destination according to the status of the network environment.

  Further, the delegation control unit 10 may delegate the processing performed by the edge switch to the packet output to the terminal to a switch different from the edge switch. According to such a configuration, for example, in an OpenFlow network, an output entry registered in the OFS can be delegated to another OFS. Therefore, the number of flows that can be accommodated in the OFS can be further increased.

10 Delegation Control Unit 11 OFC
21-24 OFS
31-32 terminal 110 route management unit 212-214, 223-224, 231-232, 234, 241, 244 IF

Claims (8)

An open flow control device that controls a switch that forwards a packet based on a flow entry,
An open flow control device comprising: a delegation control unit that performs delegation control for delegating a process performed by an edge switch to a packet input from a terminal to a switch different from the edge switch. The open flow control device according to claim 1, wherein the delegation control unit performs delegation control when a new flow entry cannot be registered in the edge switch. The delegation control unit re-registers the flow entry set in the delegation source switch for processing the packet input from the terminal in the delegation destination switch, and the packet input from the terminal in the delegation source switch The open flow control device according to claim 1 or 2, wherein an input delegation entry for transferring a request to a delegation destination switch is registered. The OpenFlow control device according to claim 3, wherein the delegation control unit sets a match condition for an input delegation entry so that a specific packet input from a terminal is transferred to a delegation destination switch. The open flow control device according to claim 3 or 4, wherein the delegation control unit registers an input delegation entry for transferring the packet to a different switch according to the content of the packet input from the terminal, to the delegation source switch. 6. The open flow control according to claim 1, wherein the delegation control unit delegates the processing performed by the edge switch to the packet output to the terminal to a switch different from the edge switch. 7. apparatus. A path management method in an OpenFlow control device that controls a switch that forwards a packet based on a flow entry,
A route management method characterized by delegating a process performed by an edge switch to a packet input from a terminal to a switch different from the edge switch. To the computer in the OpenFlow control device that controls the switch that forwards the packet based on the flow entry,
A route management program for executing processing for delegating the processing of packets input from a terminal by an edge switch to a switch different from the edge switch.

Images