JP2017098660A - Network system and switch - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a network system which determines a control content while taking an aggregation relation between switches into account without increasing a load of transfer processing in the switch.SOLUTION: A network control device holds an aggregation relation indicating a relation between an aggregate switch and an edge switch that transmits/receives a packet aggregated by the aggregate switch. The edge switch and the aggregate switch count the number of received packets meeting monitor conditions that are set to the switches. The switch transmits a notification indicating that the counted number of received packets meets a predetermined condition, to the network control device. Upon receiving the notification, on the basis of the aggregation relation, the network control device identifies a switch to exchange a packet with the switch that has transmitted the notification. On the basis of the number of received packets counted by the identified switch, a content of control on the packet to be transmitted from the identified switch to the switch that has transmitted the notification, is determined.SELECTED DRAWING: Figure 14

Description

  The present invention relates to a network system in which a network control device controls a switch.

  One of the techniques for constructing a layer 2 network is a communication method in which encapsulation headers are added in multiple stages to layer 2 packets. Examples of this communication method include PBB (Provider Backbone Bridge) or MPLS (Multiprotocol Label Switching). By encapsulating the layer 2 header in multiple stages, a plurality of virtual networks can be constructed on one physical network.

  Since mobile terminals of mobile users communicate on a mobile network, a large amount of communication may be performed locally in places where a large number of people gather, such as downtowns or event venues.

  Furthermore, applications that use mobile networks are diversified, in addition to conventional web applications, applications that deliver high-definition video, applications that communicate with sensors, and the like have emerged. Examples of applications with which the sensor communicates include M2M (Machine To Machine) and IoT (Internet of Things).

  In the distribution of moving images, a large amount of data is transferred by one communication, and in the communication between sensors, the amount of data transferred by one communication is small, but a large amount of different communication occurs at the same time. Thus, with the diversification of applications that use mobile networks, mobile network traffic trends have become more complex.

  For this reason, in order to optimize the network control in the entire mobile network, it is necessary to monitor and control the mobile network by specifying at least one of the place where the communication is performed and the type of application. The mobile network is a network that connects a base station that communicates with a terminal wirelessly and a packet core. The packet core executes an authentication process for connecting the terminal to the mobile network, manages the movement of the terminal, and transfers packets transmitted and received by the terminal with the communication destination.

  As background arts in this technical field, there are JP-A-2009-267642 (Patent Document 1) and JP-A-2014-171226 (Patent Document 2).

  Patent Document 1 describes a control technique for congestion due to flow control, and describes that a termination apparatus is instructed to limit the amount of data when congestion is detected by a relay apparatus ([0007] to [0013]).

  Patent Document 2 describes that the result of monitoring by the switch is transmitted to the controller, and the controller changes the transfer table of the switch based on statistical information collected from the switch ([0016] to [0016]. 0019]).

JP 2009-267642 A JP 2014-171226 A

  In the technique described in Patent Document 1, the data amount of a plurality of terminal devices under the relay device is limited. However, since the termination device is specified and controlled, the relay device must monitor the entire packet header including the encapsulation header to identify each termination device. This increases the load of packet transfer processing in the relay apparatus.

  In the technique described in Patent Document 2, the control content of the switch can be changed according to the usage status of the switch. However, when one switch aggregates packets sent by other switches, it is impossible to determine the control content of the switch in consideration of the aggregation relationship. Depending on the control content of the switch, the control content may be unfair. May occur. Here, the unfairness of the control content means that, for example, a control content with a large limit amount is set even though the switch has a small actual communication amount.

  An object of the present invention is to provide a network system that determines control contents in consideration of an aggregation relationship between switches without increasing the load of switch transfer processing.

  In order to solve the above-described problem, a network system including a plurality of switches and a network control device that controls the plurality of switches, wherein a network constructed by the plurality of switches is between a terminal and an external network. The plurality of switches include an edge switch located on the terminal side and an aggregation switch located on the external network side, and the aggregation switch transmits packets to and from at least one edge switch under its control. The network control device holds an aggregation relationship indicating a relationship between the aggregation switch and an edge switch that transmits and receives packets aggregated by the aggregation switch, and the edge switch and the aggregation switch are set in the network control device. Count the number of received packets that match the monitoring conditions, The edge switch or the aggregation switch transmits a notification that the predetermined condition is satisfied when the counted number of receptions satisfies a predetermined condition to the network control apparatus, and the network control apparatus receives the notification Based on the aggregation relationship, the switch that transmits and receives packets to and from the switch that transmitted the notification is identified, the number of receptions counted by the identified switch is obtained, and the number of receptions obtained is based on the obtained number of receptions. The control content for the packet transmitted by the specified switch is determined to the switch that has transmitted the notification, the determined control content is set in the specified switch, and the specified switch The packet is transmitted based on contents.

  ADVANTAGE OF THE INVENTION According to this invention, the network system which determines the control content in consideration of the aggregation relationship between switches can be provided, without increasing the load of the transfer process of a switch.

  Problems, configurations, and effects other than those described above will be clarified by the following description of embodiments.

1 is a configuration diagram of a network system according to a first embodiment. 1 is a configuration diagram of an NW switch according to Embodiment 1. FIG. 1 is a configuration diagram of a line card according to Embodiment 1. FIG. It is explanatory drawing of the identification table of Example 1. FIG. It is explanatory drawing of the monitoring table of Example 1. FIG. It is explanatory drawing of the transfer table of Example 1. FIG. 2 is a configuration diagram of a management card according to Embodiment 1. FIG. 1 is a configuration diagram of a network control device of Embodiment 1. FIG. It is explanatory drawing of the topology database of Example 1. FIG. It is explanatory drawing of the procedure in which the network control apparatus of Example 1 builds a topology database. It is explanatory drawing of the format of the PBB packet of Example 1. FIG. It is explanatory drawing of the format of the MPLS packet of Example 1. FIG. FIG. 3 is an explanatory diagram of an Ethernet packet format according to the first embodiment (Ethernet is a registered trademark; the same applies hereinafter). An outline of processing when the aggregation switch according to the first embodiment detects congestion will be described. 6 is a flowchart of packet reception processing of the aggregation switch according to the first embodiment. 3 is a flowchart of packet reception processing of the edge switch according to the first exemplary embodiment. 6 is a flowchart of count instruction reception processing of the edge switch according to the first embodiment. 6 is a flowchart of counter value transmission instruction reception processing of the edge switch according to the first embodiment. 3 is a flowchart of a congestion notification reception process of the network control device according to the first embodiment. 6 is a flowchart of counter value reception processing of the network control apparatus according to the first embodiment. 3 is a flowchart of a control content generation process of the network control device according to the first embodiment. It is explanatory drawing of the connection control to the mobile network of the terminal of Example 2. FIG. It is explanatory drawing of the packet format of the various messages transmitted / received using S1AP of Example 2. FIG. 10 is a flowchart of a congestion notification reception process of the network control device according to the second embodiment. An outline of processing when the edge switch according to the third embodiment detects congestion will be described.

  Example 1 will be described with reference to FIGS.

  FIG. 1 is a configuration diagram of a network system according to the first embodiment.

  The network system of the present embodiment shows an example applied to a mobile network, but is not limited to this, and can be applied to various networks such as FTTH (Fiber To The Home).

  The network system includes a mobile backhaul 5, a packet core 4, and a network control device 2.

  The mobile backhaul 5 is a network that connects the base stations 3 </ b> A to 3 </ b> L and the packet core 4. The base stations 3 </ b> A to 3 </ b> L are collectively referred to as the base station 3. The packet core 4 is a network that executes an authentication process for connecting the terminal 6 connected to the base station 3 to the mobile network, manages the movement of the terminal, and transfers packets transmitted and received by the terminal to and from the communication destination.

  The mobile backhaul 5 will be described. The mobile backhaul 5 is constructed by a plurality of network switches (NW switches) 11A to 13B. The NW switches 11A to 13B are collectively referred to as NW switch 1. The NW switches 11A to 13B are classified into the edge switch 11, the relay switch 12, and the aggregation switch 13 according to the installation location.

  The edge switch 11 is the NW switch 1 connected to the base station 3 that accommodates the terminal 6, and is arranged on the base station 3 side of the mobile backhaul 5. In FIG. 1, the edge switches 11 are edge switches 11A to 11F. For example, the edge switch 11A is connected to the base stations 3A and 3B. The number of edge switches 11 included in the mobile backhaul 5 and the number of base stations 3 connected to the edge switch 11 are not limited to FIG.

  The aggregation switch 13 is the NW switch 1 connected to the packet core 4, and is arranged on the packet core 4 side of the mobile backhaul 5. In FIG. 1, the aggregation switch 13 is the aggregation switches 13A and 13B. The number of aggregation switches 13 included in the mobile backhaul 5 is not limited to FIG.

  The relay switch 12 is the NW switch 1 that connects the edge switch 11 and the aggregation switch 13, and is arranged between the edge switch 11 and the aggregation switch 13 of the mobile backhaul 5. In FIG. 1, the relay switch 12 is the relay switches 12A to 12C. The relay switch 12A is connected to the edge switches 11A and 11B in a ring topology, the relay switch 12B is connected to the edge switches 11C and 11D in a ring topology, and the relay switch 12C is connected to the edge switches 11E and 11F in a ring topology. The The relay switches 12A to 12C are connected to the aggregation switches 13A and 13B in a ring topology.

  Each NW switch 1 holds a flow table 106 in which a relationship between header information (for example, VLANID) of a received packet and packet transfer is registered. When a packet is received, the NW switch 1 refers to the flow table 116. The packet is transferred to the transfer destination corresponding to the header information of the received packet. Details of the NW switch 1 will be described with reference to FIGS. Specifically, the edge switch 11 adds new header information to the header information of the data received from the base station 3, encapsulates the data received from the base station 3, and transmits it to the mobile backhaul 5. The relay device 12 and the aggregation switch 13 transfer the received data with reference to the encapsulated header information.

  The network control device 2 is a computer that is connected to each NW switch 1 included in the mobile backhaul 5 via the control network 7 and controls the NW switch 1 included in the mobile backhaul 5. Details of the network control device 2 will be described with reference to FIG.

  The packet core 4 will be described.

  The packet core 4 includes an S-GW (Serving-Gateway) 41, a P-GW (PDN-Gateway) 42, an MME (Mobility Management Entity) 43, and a PCRF (Policy and Charging Rule Function) 44.

  The S-GW 41 receives the data transmitted from the base station 3 via the mobile backhaul 5, transfers the received data to the P-GW 4, receives the data transmitted from the P-GW 4, and receives the received data. Is transferred to the base station 3 via the mobile backhaul 5.

  The P-GW 42 receives the data transmitted from the S-GW 41, transfers the received data to the external network, receives the data transmitted from the external network, and transfers the received data to the S-GW 41.

  The MME 43 manages the position of the terminal 6 and executes an authentication process for the terminal 6 to connect to the mobile network.

  The PCRF 44 is a subscription service management device that holds information (subscriber information) related to services that the subscriber of the terminal 6 is subscribed to.

  FIG. 2 is a configuration diagram of the NW switch 1 according to the first embodiment.

  The NW switch 1 includes line cards 100A to 100N, an internal switch 110, and a management card 120. The NW switch 1 may have at least one of the line cards 100A to 100N. The line cards 100A to 100N are collectively referred to as the line card 100.

  The line card 100 is connected to another device such as the adjacent NW switch 1, the base station 3, or the S-GW 41. Each line card 100 has a port (not shown), determines a destination port based on header information of a packet received from another device, and outputs the packet to the internal switch 110. Each line card 100 outputs the packet input from the internal switch 110 from the port that is the destination of the packet. Details of the line card 100 will be described with reference to FIG.

  The management card 120 is connected to the network control device 2 via the control network 7. The management card 120 receives an update instruction for the flow table 106 (see FIG. 3) of the line card 100 from the network control device 2, and updates the flow table 106 based on the received update instruction. In addition, the management card 120 transmits information to be transmitted to the network control device 2 to the network control device 2. Details of the management card 120 will be described with reference to FIG.

  The internal switch 110 connects the line card 100 and the management card 120 to each other. The internal switch 110 outputs the packet input from the line card 100 to the line card 100 having a destination port. Further, the internal switch 110 outputs the update instruction received by the management card 120 to the line card 100.

  FIG. 3 is a configuration diagram of the line card 100 according to the first embodiment.

  The line card 100 includes a physical layer / MAC processing unit 101, an in-device interface 102, a flow identification unit 103, a packet monitoring unit 104, a transfer processing unit 105, and a flow table 106. In the present embodiment, the flow identification unit 103, the packet monitoring unit 104, and the transfer processing unit 105 will be described as being realized by hardware (for example, a field-programmable gate array (FPGA)). This may be realized by executing a program to be executed by a processor (not shown).

  The physical layer / MAC processing unit 101 executes a process for terminating the physical layer and the MAC layer of a packet input from another device, and outputs the packet that has executed the process to the flow identification unit 103. Also, the physical layer / MAC processing unit 101 adds a physical layer header and a MAC layer header to a packet to be output to another apparatus, and outputs the packet to the other apparatus. The in-device interface 102 is an interface connected to the internal switch 110.

  The flow identification unit 113 refers to the identification table 1063 included in the flow table 106 and determines the output destination of the packet based on the header information of the packet input from the physical layer / MAC processing unit 101 or the transfer unit The processing unit 105 is determined. A packet whose output destination is the packet monitoring unit 104 is a packet to be monitored.

  The packet monitoring unit 104 determines whether the packet input from the flow identification unit 113 matches the monitoring condition registered in the monitoring table 1062, counts the number of packets that match the monitoring condition, and receives the input The packet is output to the transfer processing unit 105. For example, as monitoring conditions, header information of packets before encapsulation is registered in the edge switch 11, and header information of packets after encapsulation is registered in the aggregation switch 13. Information other than the header information, that is, IP layer information (for example, a port number) may be registered as the monitoring condition.

  The transfer processing unit 105 refers to the transfer table 1061 registered in the flow table 106, determines the destination of the input packet, and outputs it to the in-device interface 102.

  The flow table 106 includes a transfer table 1061, a monitoring table 1062, and an identification table 1063.

  The forwarding table 1061 is a table that is referred to by the forwarding processing unit 105, and an action corresponding to packet header information is registered in the forwarding table 1061. Details of the transfer table 1061 will be described with reference to FIG.

  The monitoring table 1062 is a table that is referred to by the packet monitoring unit 104. In the monitoring table 1062, a monitoring condition and a count value corresponding to the monitoring condition are registered. Details of the monitoring table 1062 will be described with reference to FIG.

  The identification table 1063 is a table that is referred to by the flow identification unit 103. In the identification table 1063, header information of a packet and an output destination corresponding to the header information are registered. Details of the identification table 1063 will be described with reference to FIG.

  FIG. 4 is an explanatory diagram of the identification table 1063 according to the first embodiment.

  The identification table 1063 includes header information 401 and a distribution destination 402. In the header information 401, information (header information) set in the header of the received packet is registered. In FIG. 4, VLANID is registered in the header information 401, but the present invention is not limited to this, and an MPLS label or the like may be registered. In addition, the header information 401 of the packet before encapsulation is registered in the header information 401 of the identification table 1063 of the edge switch 11, and is encapsulated in the header information 401 of the identification table 1063 of the relay device 12 and the aggregation switch 13. Header information newly added by the later edge switch 11 is registered. In the distribution destination 402, identification information of the packet monitoring unit 104 or the transfer processing unit 105 that is the distribution destination corresponding to the header information is registered.

  FIG. 5 is an explanatory diagram of the monitoring table 1062 according to the first embodiment.

  The monitoring table 1062 includes a monitoring condition 501 and a counter 502. In the monitoring condition 501, a packet monitoring condition is registered. Note that the header information of the packet before encapsulation is registered in the monitoring condition 501 of the monitoring table 1062 of the edge switch 11, and is encapsulated in the monitoring condition 501 of the monitoring table 1062 of the relay device 12 and the aggregation switch 13. Header information newly added by the later edge switch 11 is registered. As described with reference to FIG. 3, information registered in the IP layer (for example, a port number) may be registered in the monitoring condition 501. For example, a condition that the VLAN ID is “# 2” and the port number is “# 1” is registered in the monitoring condition 501 of the record in the second row in FIG. As a result, the packet monitoring unit 104 only needs to snooping the IP layer only for the packet whose VLAN ID is “# 2” to obtain the port number, and does not need to snoop the IP layer of other packets. While reducing the processing load of 100, it is possible to count packets in which predetermined information of the IP layer is the same. In addition, only IP layer information may be registered in the monitoring condition 501. In this case, the IP layer of all the packets input to the packet monitoring unit 104 is snooped. However, since the flow identification unit 103 distributes the packet to the packet monitoring unit 104 based on the header information, the IP layer is input to the line card 100. It is not necessary to snooping the IP layer of all the packets that have been sent, and the processing load on the line card 100 can be reduced.

  In the counter 502, the number of received packets that match the monitoring condition registered in the monitoring condition 501 is registered. The information registered in the counter 502 is not limited to the number of packets that match the monitoring condition, and for example, the total capacity of packets that match the monitoring condition may be registered.

  FIG. 6 is an explanatory diagram of the transfer table 1061 according to the first embodiment.

  The forwarding table 1061 includes header information 601 and an action 602. In the header information 601, packet header information is registered. The header information 601 of the packet before encapsulation is registered in the header information 601 of the forwarding table 1061 of the edge switch 11, and is encapsulated in the header information 601 of the forwarding table 1061 of the relay device 12 and the aggregation switch 13. Header information newly added by the later edge switch 11 is registered. In the action 602, an action for a packet that matches the header information registered in the header information 601 is registered. In the action 602 of the records in the second and third lines shown in FIG. 6, an action for transferring a packet to be transferred to a predetermined port is registered. Further, as in the record on the first line shown in FIG. 6, the ratio of packets to be discarded and the port number to be transferred may be registered in the action 602.

  FIG. 7 is a configuration diagram of the management card 120 according to the first embodiment.

  The management card 120 includes an in-device interface 121, a device management unit 122, and an external interface 123.

  Although the device management unit 122 is described as being realized by a processor, the device management unit 122 may be realized by executing hardware (not shown) (for example, a field-programmable gate array (FPGA)) corresponding thereto.

  The in-device interface 121 is an interface connected to the internal switch 110. The device management unit 122 manages the entire NW switch 1 and executes update processing of the flow table 106 of the line card 100. The external interface 123 is an interface connected to the network control device 2 via the control network 7.

  FIG. 8 is a configuration diagram of the network control device 2 according to the first embodiment.

  First, the hardware configuration of the network control device 2 will be described. The network control device 2 includes a control interface 21, a processor 22, a memory 23, and a secondary storage device 24. The control interface 21, processor 22, memory 23, and secondary storage device 24 are connected to each other via a bus 25.

  The control interface 21 is an interface connected to each NW switch 1 via the control network 7.

  The processor 22 executes various arithmetic processes. The secondary storage device 24 is a non-volatile non-transitory storage medium, and stores various programs and various data. The memory 23 is a volatile temporary storage medium. The memory 23 is loaded with various programs and various data stored in the secondary storage device 24, and the processor 22 executes the various programs loaded in the memory 23. Then, various data loaded in the memory 23 are read and written.

  The processor 22 includes a topology management unit 221 and a flow management unit 222. Although the topology management unit 221 and the flow management unit 222 are described as being realized by the processor 22 executing programs corresponding thereto, they may be realized by hardware.

  The topology management unit 221 manages the network topology of the mobile backhaul 5. The flow management unit 222 generates a flow table 106 for each NW switch 1 and executes setting processing for each NW switch 1 in the flow table 106.

  The memory 23 stores a topology database 231 and a flow management database 232. In the topology database 231, the network topology of the mobile backhaul 5 is registered. Details of the topology database 231 will be described with reference to FIG. Information registered in the flow table 106 of each NW switch 1 is registered in the flow management database 232.

  FIG. 9 is an explanatory diagram of the topology database 231 according to the first embodiment.

  In the topology database 231, information relating to the flow of packets aggregated by the aggregation switch 13 is registered. The topology database 231 includes an edge switch 901 and an aggregation switch 902.

  The edge switch 901 encapsulates the port number at which the edge switch 11 receives a packet from the base station 3 and the VLAN ID before encapsulation, and the port number at which the edge switch 11 transmits the packet and the edge switch 11 encapsulated. Later VLANIDs are registered.

  In the aggregation switch 902, a port number at which the aggregation switch 13 receives a packet transmitted by the edge switch 11 and a VLAN ID after the packet is encapsulated by the edge switch 11 are registered.

  For example, the records in the first to third lines shown in FIG. 9 indicate that packets received as VLAN # 100 at port # 1 of SW # 100 that is the aggregation switch are received by SW # 1 that is edge switch 11 and port # 1. VLAN # 1 packet received at 0, VLAN # 2 packet received by SW # 1 as the edge switch 11 at port # 0, and VLAN # 2 received by SW # 1 as the edge switch 11 at port # 1 5 packets are aggregated.

  Also, the records in the fourth and fifth lines shown in FIG. 9 indicate that packets received as VLAN # 200 at port # 1 of SW # 100 that is the aggregation switch are received by SW # 1 that is edge switch 11 and port # 1. 2 indicates that the packet of VLAN # 10 received by port 2 and the packet of VLAN # 20 received by SW # 1 which is the edge switch 11 at port # 2 are aggregated.

  In other words, the topology database 231 only needs to register an aggregation relationship indicating the relationship between the aggregation switch 13 and the edge switch 11 that transmits and receives packets aggregated by the aggregation switch 13.

  FIG. 10 is an explanatory diagram of a procedure in which the network control device 2 according to the first embodiment constructs the topology database 231.

  In FIG. 10, the network control device 2 communicates with each NW switch 1 in the layer 2 network by LLDP (Link Layer Discovery Protocol), which is standardized as IEEE 802.1AB, and OpenFlow (OpenFlow is a registered trademark, the same applies hereinafter). ).

  First, the network control device 2 transmits an LLDP packet to the NW switch 1A using an OpenFlow Packet-out message. When receiving the packet-out, the NW switch 1A transmits an LLDP packet to the adjacent NW switch 1B. When the NW switch 1B receives LLDP from the NW switch 1A, the NW switch 1B transmits an LLDP frame to the network control device 2 using an OpenFlow Packet-in message.

  The network control device 2 sets information related to the connection relationship between the network switch 1A and the network switch 1B in the topology database 231 based on the information included in the Packet-in received from the NW switch 1B.

  The network control device 2 can grasp the network topology of the layer 2 network by executing the procedure shown in FIG. 10 for all the NW switches 1 in the layer 2 network. Then, the network control device 2 constructs the topology database 231 shown in FIG. 9 based on the connection relationship of each NW switch 1.

  Note that the topology management unit 221 executes processing for the network control device 2 to construct the topology database 231.

  FIG. 11 is an explanatory diagram of the format of the PBB packet according to the first embodiment.

  The PBB packet includes a PBB header, a MAC header, an IP header, and the like. The packet transmitted from the base station 3 is a normal packet that does not include a PBB header. When receiving the packet from the base station 3, the edge switch 11 refers to the destination MAC address (CMAC DA) and VLAN of the MAC header, adds a PBB header to the received packet, and encapsulates the received packet. The packet with the PBB header added is transferred to the relay switch 12.

  When receiving the packet with the PBB header added, the relay switch 12 and the aggregation switch 13 refer to the PBB header of the received packet and transfer the packet.

  The edge switch 11 monitors the packet flow for each base station 3 connected to the edge switch 11 by referring to the transmission source MAC address and VLAN in the MAC header.

  Further, the aggregation switch 13 refers to the PBB header and monitors the packet flow. For example, the aggregation switch 13 refers to the source MAC address (BMAC SA), BVID (Backbone VLAN (Virtual Area Network) Identifier), and ISID (I-service instance identifier) switch 13 of the PBB header, Monitor the flow of aggregated packets before reaching.

  In the present embodiment, the mobile backhaul 5 is described as a PBB packet to which a PBB header is added, but is not limited thereto. For example, in this embodiment, an MPLS packet to which an MPLS header is added may be transferred, or an Ethernet over Ethernet packet to which a MAC header is further added to a normal packet may be transferred.

  FIG. 12 is an explanatory diagram of a format of an MPLS packet according to the first embodiment.

  The MPLS packet includes an MPLS header, a MAC header, an IP header, and the like. When the edge switch 11 receives a packet from the base station 3, the edge switch 11 refers to the destination MAC address (MAC DA) and VLAN of the MAC header of the packet transmitted from the base station 3, and adds an MPLS header to the received packet. The received packet is encapsulated, and the packet with the MPLS header added is transferred to the relay switch 12.

  When receiving the packet with the MPLS header added, the relay switch 12 and the aggregation switch 13 refer to the MPLS header of the received packet and transfer the packet.

  The edge switch 11 monitors the packet flow for each base station 3 connected to the edge switch 11 by referring to the transmission source MAC address and VLAN in the MAC header.

  Further, the aggregation switch 13 refers to the MPLS header and monitors the packet flow. For example, the aggregation switch 13 refers to the label value of the MPLS header, and monitors the flow of packets that have been aggregated until reaching the aggregation switch 13.

  FIG. 13 is an explanatory diagram of a packet format of the Ethernet over Ethernet according to the first embodiment.

  The Ethernet over Ethernet packet includes a first MAC header, a second MAC header, an IP header, and the like. When the edge switch 11 receives the packet from the base station 3, the edge switch 11 refers to the transmission destination MAC address (CMAC DA) and the VLAN of the second MAC header of the normal packet transmitted from the base station 3, and adds the first MAC to the received packet. The header is added, the received packet is encapsulated, and the packet with the first MAC header added is transferred to the relay switch 12.

  When receiving the packet with the first MAC header added, the relay switch 12 and the aggregation switch 13 refer to the first MAC header of the received packet and transfer the packet.

  The edge switch 11 monitors the packet flow for each base station 3 connected to the edge switch 11 by referring to the transmission source MAC address and VLAN of the second MAC header.

  Further, the aggregation switch 13 refers to the first MAC header and monitors the packet flow. For example, the aggregation switch 13 refers to the transmission source MAC address and VLAN in the first MAC header, and monitors the flow of packets that have been aggregated until the aggregation switch 13 is reached.

  FIG. 14 illustrates an outline of processing when the aggregation switch 13 according to the first embodiment detects congestion. FIG. 14 shows an example in which a packet is transferred in the upstream direction (direction from the edge switch 11 toward the aggregation switch 13).

  The packet monitoring unit 104 of the aggregation switch 13A monitors packets that match the monitoring conditions registered in the monitoring table 1062. The aggregation switch 13A determines that congestion has occurred in the packet flow of the monitoring condition when the counter of the packet of the monitoring condition exceeds a predetermined threshold, and transmits a congestion notification to the network control device 2 (1401). ). Assume that the monitoring condition in which congestion occurs is, for example, VLAN #N. Here, the VLAN #N packet received by the aggregation switch 13A is, for example, the VLAN #A packet received from the base station 3 by the edge switches 11A and 11B. The aggregation relationship is registered in the topology database 231 of the network control device 2. In the present embodiment, the aggregation switch 13A detects congestion based on the number of received packets that match the monitoring condition and transmits a congestion notification to the network control device 2, but the present invention is not limited to this. For example, the aggregation switch 13 may transmit a notification to that effect to the network control device 2 if the number of received packets that match the monitoring condition satisfies a predetermined condition. Specifically, the monitoring table 1062 of the aggregation switch 13 registers a monitoring condition regarding a packet indicating that an abnormality has been detected, and if “1” is registered as a threshold for the monitoring condition, the aggregation switch 13 When a packet indicating that an abnormality has been detected is received, a notification to that effect may be sent immediately to the network control device 2.

  When the network control apparatus 2 receives the congestion notification transmitted in the process of step 1401, the network control apparatus 2 refers to the topology database 231 and identifies VLAN # A to be aggregated in the VLAN # N of the monitoring condition where the congestion has occurred. The edge switches 11A and 11B that transmit the VLAN #A packet to the aggregation switch 13 are specified. Then, the network control device 2 transmits a VLAN #A packet count instruction using the identified edge switches 11A and 11B (1402). The count instruction is a packet indicating the update instruction of the monitoring table 1062 for adding VLAN #A to the monitoring conditions of the monitoring table 1062 of the edge switches 11A and 11B, and the distribution destination of VLAN #A in the identification table 1063 of the edge switches 11A and 11B. An update instruction for the identification table 1063 to be added or changed to the monitoring unit 104 is included.

  The edge switches 11A and 11B update the flow table 106 based on the count instruction transmitted from the network control device 2 and start counting VLAN # A. When a predetermined time has elapsed or when a counter value transmission instruction has been received from the network control device 2, the edge switches 11A and 11B use the received VLAN #A packet count as a count value and the network control device 2 (1403). Since the edge switches 11A and 11B normally do not monitor packets, the count results of the edge switches 11A and 11B packets are not transmitted to the network control device 2, so that the communication traffic of the control network 7 can be reduced.

  When the network control device 2 receives the count results from the edge switches 11A and 11B, the network control device 2 determines a new action (control content) for the VLAN #A packet of the edge switches 11A and 11B based on the received count results. A registration instruction for registering a new action for the determined VLAN # A packet in the forwarding table 1061 is transmitted to the edge switches 11A and 11B (1404).

  The edge switches 11A and 11B update the transfer table 1061 based on the registration instruction transmitted in step 1404, and transfer the packet based on the updated transfer table 1061.

  Although the packet transferred in the upstream direction has been described, the present embodiment can also be applied to a packet transferred in the downstream direction. The details when the present embodiment is applied to a packet transferred in the downstream direction will be described in a third embodiment.

  FIG. 15 is a flowchart of packet reception processing of the aggregation switch 13 according to the first embodiment.

  When the aggregation switch 13 receives a packet from the relay switch 12 (1501), the flow identification unit 103 refers to the identification table 1063 and determines whether the received packet is a monitoring target packet (1502). Specifically, the flow identification unit 103 monitors the packet to the distribution destination 402 of the record in which the header information added by the edge switch 11 of the received packet matches the header information registered in the header information 401 of the identification table 1063. If the information indicating the section 104 is registered, it is determined that the received packet is a packet to be monitored. If the information indicating the packet monitoring section 104 is not registered in the distribution destination 402 of the record, the received packet is received. It is determined that the packet is not a monitoring target packet.

  If it is determined in step 1502 that the received packet is a packet to be monitored (1502: Yes), the flow identifying unit 103 outputs the received packet to the packet monitoring unit 104 (1503).

  The packet monitoring unit 104 refers to the monitoring table 1062 and determines whether or not the input packet matches the condition registered in the monitoring condition 501 (1504).

  When it is determined in step 1504 that the input packet matches the condition registered in the monitoring condition 501 (1504: YES), the packet monitoring unit 104 registers the input packet in the monitoring condition 501. 1 is added to the counter 502 of the record in the monitoring table 1062 that matches the condition (1505). Then, the packet monitoring unit 104 determines whether or not the value registered in the counter 502 of the record in the monitoring table 1062 is greater than or equal to the threshold (1506).

  If it is determined in step 1506 that the value registered in the counter 502 is greater than or equal to the threshold (1506: Yes), the packet monitoring unit 104 is congested under the monitoring condition that the received packets match. And the congestion notification is transmitted to the network control device 2 (1507).

  Next, the transfer processing unit 105 refers to the transfer table 1061, determines the action of the received packet, executes the transfer process on the received packet (1508), and ends the packet reception process.

  If it is determined in step 1502 that the received packet is not a packet to be monitored (1502: No), the process proceeds to step 1508, and the transfer processing unit 105 executes the transfer process on the received packet. The packet reception process is terminated. In addition, when it is determined that the packet input to the packet monitoring unit 104 does not match the condition registered in the monitoring condition 501 in the process of step 1504 (1504: No), and registered in the counter 502 in the process of step 1506 Similarly, when it is determined that the calculated value is equal to or greater than the threshold (1506: No), the process proceeds to step 1508, and the transfer processing unit 105 executes the transfer process on the received packet, and performs the packet reception process. finish.

  FIG. 16 is a flowchart of packet reception processing of the edge switch 11 according to the first embodiment.

  When the edge switch 11 receives a packet from the base station 3 (1601), the flow identification unit 103 refers to the identification table 1063 and determines whether the received packet is a monitoring target packet (1602). Specifically, the flow identification unit 103 sets the packet monitoring unit to the distribution destination 402 of the record in which the header information before encapsulation of the received packet matches the header information registered in the header information 401 of the identification table 1063. If the information indicating 104 is registered, it is determined that the received packet is a packet to be monitored. If the information indicating the packet monitoring unit 104 is not registered in the distribution destination 402 of the record, the received packet is determined. Is not a packet to be monitored.

  If it is determined in step 1602 that the received packet is a packet to be monitored (1602: Yes), the flow identification unit 103 outputs the received packet to the packet monitoring unit 104 (1603).

  The packet monitoring unit 104 refers to the monitoring table 1062 and determines whether or not the input packet matches the condition registered in the monitoring condition 501 (1604).

  If it is determined in step 1604 that the input packet matches the condition registered in the monitoring condition 501 (1604: YES), the packet monitoring unit 104 registers the input packet in the monitoring condition 501. 1 is added to the counter 502 of the record in the monitoring table 1062 that matches the condition (1605). Next, the transfer processing unit 105 refers to the transfer table 1061, determines the action of the received packet, executes the transfer process on the received packet (1606), and ends the packet reception process.

  If it is determined in step 1602 that the received packet is not a packet to be monitored (1602: No), the process proceeds to step 1606, and the transfer processing unit 105 executes the transfer process on the received packet. The packet reception process is terminated. Similarly, when it is determined in step 1604 that the packet input to the packet monitoring unit 104 does not match the condition registered in the monitoring condition 501 (1604: No), the process proceeds to step 1508, and the transfer process is performed. The unit 105 executes a transfer process on the received packet and ends the packet reception process.

  FIG. 17 is a flowchart of the count instruction reception process of the edge switch 11 according to the first embodiment.

  The edge switch 11 receives a count instruction from the network control device 2 (1701). The count instruction includes an update instruction for the identification table 1063 and an update instruction for the monitoring table 1062 so that the edge switch 11 can count packets that become monitoring conditions in which congestion has occurred.

  The device management unit 122 of the management card 120 of the edge switch 11 updates the identification table 1063 via the in-device interface 121 based on the update instruction of the identification table 1063 included in the count instruction (1702). Specifically, when there is a record in which the header information of the monitoring condition packet in which congestion has occurred matches the header information registered in the header information 401 of the identification table 1063, the apparatus management unit 122 assigns the record to the destination 402 is changed to information indicating the packet monitoring unit 104. In addition, when there is no record that matches the header information, the device management unit 122 adds a new record, registers the header information of the monitoring condition packet in which congestion occurs in the header information 401 of the added record, and Information indicating the packet monitoring unit 104 is registered in the minute 402.

  Next, the device management unit 122 updates the monitoring table 1062 via the in-device interface 121 based on the update instruction of the monitoring table 1062 included in the count instruction (1703), and ends the count instruction receiving process. Specifically, the device management unit 122 adds a new record to the monitoring table 1062, registers the monitoring condition in which congestion has occurred in the monitoring condition 501 of the added record, and initializes the counter 502 of the added record. .

  FIG. 18 is a flowchart of counter value transmission instruction reception processing of the edge switch 11 according to the first embodiment.

  The edge switch 11 receives a counter value transmission instruction from the network control device 2 (1801). Next, the edge switch 11 transmits the value registered in the counter 502 of the monitoring table 1062 to the network control device 2 (1802).

  Next, the edge switch 11 deletes the record in which the value transmitted in the process of step 1802 is registered in the counter 502 from the monitoring table 1062 (1803).

  Next, the edge switch 11 distributes the record 402 to which the header information corresponding to the monitoring condition registered in the monitoring condition 501 of the record deleted from the monitoring table 1062 in the process of step 1803 is registered in the header information 401. Is changed to information indicating the transfer processing unit 105 (1804), and the counter value transmission instruction reception process is terminated.

  Even if the edge switch 11 does not receive the counter value transmission instruction, the edge switch 11 may execute the counter value transmission instruction reception process when a predetermined time has elapsed after receiving the count instruction from the network control device 2.

  FIG. 19 is a flowchart of the congestion notification reception process of the network control device 2 according to the first embodiment.

  The network control device 2 receives the congestion notification transmitted from the aggregation switch 13 (1901). The congestion notification includes the identifier of the aggregation switch 13 that has detected the congestion and the monitoring condition in which the congestion has been detected.

  Next, the network control device 2 refers to the topology database 231 and identifies the edge switch 11 that transmits to the aggregation switch 13 a packet that is aggregated into the monitoring condition packets in which congestion is detected (1902). Specifically, the network control device 2 registers in the aggregation switch 902 registered in the topology database 231 in the edge switch 901 of the record in which the identifier of the aggregation switch 13 included in the received congestion notification and the monitoring condition is registered. The identification information of the edge switch 11 is acquired.

  Next, the network control device 2 identifies and monitors the identification table 1063 and the monitoring table of the edge switch 11 so that the edge switch 11 identified in the processing of Step 1902 counts the packets of the monitoring condition for which congestion is detected by the aggregation switch 13. An update instruction 1062 is generated (1903). Specifically, the network control device 2 registers in the aggregation switch 902 registered in the topology database 231 in the edge switch 901 of the record in which the identifier of the aggregation switch 13 included in the received congestion notification and the monitoring condition is registered. Obtain the VLANID before being encapsulated. Then, the network control apparatus 2 monitors the identification table 1063 of the edge switch 11 identified in the processing of Step 1902 to update the packet monitoring unit 104 to distribute the acquired VLAN ID packet, and monitors the acquired VLAN ID packet. Thus, an instruction to update the monitoring table 1062 of the edge switch 11 identified in the process of step 1902 is generated.

  Next, the network control apparatus 2 transmits a count instruction including an update instruction for the identification table 1063 and the monitoring table 1062 generated in the process of step 1903 to the edge switch 11 specified in the process of step 1902 (1904), and congestion The notification reception process ends.

  FIG. 20 is a flowchart of counter value reception processing of the network control device 2 according to the first embodiment.

  The network control device 2 receives the counter value transmitted by the edge switch 11 in the counter value transmission instruction reception process shown in FIG. 18 (2001).

  Next, the network control device 2 determines whether or not counter values have been received from all the edge switches 11 that have transmitted count instructions (2002).

  If it is determined in step 2002 that the counter values have been received from all the edge switches 11 that have transmitted the count instruction (2002: YES), the network control device 2 issues a count instruction based on the received counter value. A control content generation process for generating the control content of the packet of the flow in which congestion is detected at each edge switch 11 that has been transmitted is executed (2003). Details of the control content generation processing will be described with reference to FIG. The control content generated in the process of step 2003 is the control content when the edge switch 11 receives a packet of a flow that is aggregated into a packet with a monitoring condition in which congestion is detected. Including actions.

  If it is determined in step 2002 that the counter values have been received from all the edge switches 11 that have transmitted the count instruction, the network control device 2 generates the control content based on the received count values. The target edge switch 11 may be selected, and the control content generation process may be executed for the selected edge switch 11. For example, the network control device 2 may select the edge switch 11 for which the received count value is equal to or greater than the threshold as the edge switch 11 for which the control content is to be generated. A number of edge switches 11 may be selected as the edge switch 11 for which the control content is generated. As a result, the processing load of the network control device 2 can be reduced as compared with the case where the control content generation processing is executed for all the edge switches 11 that have received the count value.

  Next, the network control apparatus 2 transmits a flow table change message including the control content generated in the process of step 2003 to the edge switch 11 that transmitted the count instruction (2004), and ends the counter value reception process.

  On the other hand, if it is determined in step 2002 that the counter value has not been received from all the edge switches 11 that have transmitted the count instruction (2002: NO), the network control device 2 ends the counter value reception process. .

  When the edge switch 11 receives the flow table change message, the edge switch 11 updates the transfer table 1061 based on the control contents included in the received flow table change message.

  FIG. 21 is a flowchart of the control content generation process of the network control device 2 according to the first embodiment.

  First, the network control device 2 sets a value (C) indicating the sum of the counter values received from the edge switch 11 to 0 (2101).

  Next, the network control device 2 calculates the sum of the counter values received from the edge switch 11 (2102). In FIG. 21, i is an identifier of the edge switch 11, j is an identifier of the physical port of the edge switch 11, and k is a VLAN ID transmitted and received by the edge switch 11.

  Next, the network control device 2 calculates a value obtained by dividing the counter value of each edge switch 11 by the processing of step 2102 as a packet discard rate of each edge switch 11 (2103), and ends the control content generation processing. In the processing in step 2103, the packet discard rate is a control content.

  In the present embodiment, the aggregation switch 13 counts packets whose monitoring conditions match a preset monitoring condition, and detects congestion only when congestion of packets of a certain flow is detected by the aggregation switch 13. The edge switch 11 counts the packets of the flow that are aggregated into the flow that has been made, but the start timing of the packet count of the edge switch 11 is not limited to this. For example, the edge switch 11 may also count packets under the same monitoring conditions as the aggregation switch 13.

  As described above, in this embodiment, the network system includes a plurality of switches and a network control device that controls the plurality of switches, and the network constructed by the plurality of switches is located between the terminal and the external network. The plurality of switches include an edge switch located on the terminal side and an aggregation switch located on the external network side. The aggregation switch aggregates packets transmitted and received with at least one edge switch under its control, and a network control device Holds the aggregation relationship indicating the relationship between the aggregation switch and the edge switch that transmits and receives the packet aggregated by the aggregation switch. The edge switch and the aggregation switch indicate the number of received packets that match the monitoring conditions set in itself. Counting, edge switch or aggregation switch, counting If the received number satisfies the predetermined condition, a notification indicating that the predetermined condition is satisfied is transmitted to the network control apparatus. When the network control apparatus receives the notification, the network control apparatus communicates with the switch that transmitted the notification based on the aggregation relationship. The switch that transmits and receives packets is identified, the number of receptions counted by the identified switch is obtained, and based on the obtained number of receptions, the control content for the packet transmitted by the switch identified by the switch that sent the notification is determined. Then, the determined control content is set in a specified switch, and the specified switch transmits a packet based on the set control content. Thus, since the switch monitors only packets that match the monitoring condition, it is possible to prevent an increase in the load of transfer processing, and control content can be determined in consideration of the aggregation relationship between the switches.

  Further, according to the present embodiment, the aggregation switch transmits a notification to the network control device when the counted number of receptions satisfies the predetermined condition, and the network control device, based on the aggregation relationship, when receiving the notification, Identifies the edge switch that transmits packets that are aggregated by the aggregation switch that sent the notification, acquires the number of receptions counted by the identified edge switch, and identifies the aggregation switch that sent the notification based on the received number of receptions The control content for the packet transmitted by the selected edge switch is determined, and the determined control content is set in the specified edge switch. Accordingly, when the number of packets received by the aggregation switch in the upstream direction satisfies a predetermined condition, the control content of the edge switch that transmits the packet is determined. For example, when congestion or the like occurs in the upstream packet, The congestion can be suppressed on the edge switch side.

  In addition, according to the present embodiment, the network control device selects which edge switch control content is to be determined from among the identified edge switches based on the acquired number of receptions. As a result, the network control apparatus determines, for example, the control content of the edge switch whose number of reception is equal to or greater than the threshold value, and therefore the processing load on the network control apparatus can be reduced.

  In addition, according to the present embodiment, the network control device sums the number of receptions counted by all the specified edge switches, and divides the value obtained by dividing the number of receptions counted by each identified edge switch by the total value. The control content to be set as the packet discard rate is determined, and the edge switch discards the received packet at the packet discard rate of the set control content. Thereby, the packet discard rate of each edge switch can be determined fairly according to the number of packets actually communicated by each edge switch.

  Further, according to the present embodiment, when the network control device receives the notification, the network control device transmits a counting instruction including the monitoring condition of the number of receptions satisfying the predetermined condition to the specified switch, and the switch specified by the network control device When receiving the counting instruction, set the monitoring condition included in the received counting instruction, count the number of received packets that match the set monitoring condition, send the counted number of reception to the network control device, and The control device obtains the reception number by receiving the reception number counted from the specified switch. Thus, when a switch that transmits a packet to a switch that has transmitted a notification that the number of received packets satisfies a predetermined condition receives a counting instruction, the switch counts the number of received packets that match the monitoring condition. , And the amount of communication between the network control device and the switch can be reduced.

  Further, according to the present embodiment, when the edge switch receives data transmitted from the terminal, it receives a new header including a second identifier corresponding to the first identifier included in the header of the received data. Even if the packets have different first identifiers, they are aggregated by the aggregation switch by adding the same second identifier. As a result, the same second identifier is added to packets having different first identifiers, and the packets are aggregated in a certain aggregation switch.

  Further, according to the present embodiment, the network control device receives the second identifier included in the packet received by the aggregation switch, the edge switch that receives the packet aggregated by the aggregation switch from the terminal, and transmits the packet to the network, and the packet The monitoring condition set in the aggregation switch is a monitoring condition set in the edge switch, in which the received packet includes a predetermined second identifier. Is characterized in that the received packet includes a predetermined first identifier. As a result, the edge switch monitors the first identifier and counts the number of received packets, so the transfer processing load of the edge switch can be reduced. The aggregation switch monitors the second identifier and the number of received packets. Therefore, the transfer processing load of the aggregation switch can be reduced.

  In the first embodiment, an example in which the monitoring condition set in the aggregation switch 13 and the edge switch 11 is packet header information (for example, VLANID) has been described. However, in this embodiment, the aggregation switch 13 and the edge switch 11 are described. In addition to the packet header information, the monitoring condition set in the example described here includes information that can identify the application that transmitted the packet.

  FIG. 22 is an explanatory diagram of connection control to the mobile network of the terminal 6 according to the second embodiment.

  When connecting to the mobile network, the terminal 6 transmits and receives signals to and from the base station 3 and sets up a radio link (2201).

  Next, the terminal 6 transmits an Attach Request message to the packet core 4 (2202), and executes an authentication process with the packet core 4. The Attach Request message reaches the packet core 4 via the base station 3, the edge switch 111, the relay switch 12, and the aggregation switch 13.

  When the packet core 4 receives the Attach Request message transmitted in the process of Step 2202, the packet core 4 transmits an Identify Request message to the terminal 6 (2203). The Identify Request message reaches the terminal 6 via the aggregation switch 13, the relay switch 12, the edge switch 111, and the base station 3.

  When the terminal 6 receives the Identify Request message, the terminal 6 transmits an Identify Response message to the packet core 4 as a response corresponding to the Identify Request message (2204). The Identify Request message reaches the packet core 4 via the base station 3, the edge switch 111, the relay switch 12, and the aggregation switch 13.

  Thereafter, a concealment process and bearer setting are executed between the terminal 6 and the packet core 4, and the terminal 6 is connected to the mobile network.

  Here, an Attach Request message, an Identify Request message, and an Identify Response message in mobile network connection control are transmitted and received between the base station 3 and the packet core 4 using S1AP (Application Protocol) defined by 3GPP. .

  Here, packet formats of various messages transmitted and received using S1AP will be described. FIG. 23 is an explanatory diagram of packet formats of various messages transmitted and received using the S1AP according to the second embodiment.

  When the edge switch 11 receives the Attach Request message and the Identify Response message from the base station 3, the edge switch 11 adds a PBB header to these messages and encapsulates them. When the aggregation switch 13 receives the Identify Request message from the packet core 4, the aggregation switch 13 adds a PBB header to the message and encapsulates the message.

  Information indicating that transmission / reception is performed using these S1APs and information for identifying these messages are registered in the SIAP of the IP layer. This is information that can identify the application that sent these messages.

  If the aggregation switch 13 refers to the S1AP of the received packet and is an Attach Request message, the aggregation switch 13 counts the Attach Request message. When the aggregation switch 13 detects congestion for an Attach Request message of a certain VLAN ID included in the PBB header, the VLAN ID packet included in the MAC header aggregated in the VLAN ID packet included in the PBB header where the congestion is detected passes. The edge switch 11 counts the Attach Request message of VLANID included in the MAC header. Then, the network control apparatus 2 acquires a counter value from the edge switch 11, determines the control content for the VLAN ID packet included in the MAC header based on the acquired counter value, and controls the edge switch 11 to control content. Set.

  Thereby, based on the first message (Attach Request message) when the terminal 6 connects to the mobile network, congestion is detected, and the edge of the VLAN ID packet of the MAC header that is aggregated to the VLAN ID of the message in which the congestion is detected The control contents in the switch 11 can be determined, and network control corresponding to congestion can be performed at first. In the above example, the application specifying information is referred to monitor a predetermined message (Attach Request message). However, the application specifying information may be referred to monitor a predetermined application.

  Note that the monitoring condition 501 of the monitoring table 1062 of the aggregation switch 13 according to the present embodiment includes the VLAN ID included in the PBB header, the information that can specify the Attach Request message registered in the S1AP, and the information that can specify the application. Are registered in advance. In addition, in the identification table 1063 of the aggregation switch 13, the packet monitoring unit 104 is registered in advance so that the distribution destination of the VLAN ID packet included in the PBB header that refers to the information that can identify the application is the packet monitoring unit 104. As a result, information capable of specifying an application only for a predetermined VLAN ID included in the PBB header is snooping, so that the processing load on the aggregation switch 13 can be reduced.

  Also, when the aggregation switch 13 of this embodiment detects congestion, the network control device 2 uses the VLAN ID included in the MAC header and information that can identify the application in the monitoring condition 501 of the monitoring table 1062 of the edge switch 11. And information that can identify the Attach Request message registered in the S1AP. In addition, in the identification table 1063 of the edge switch 11, the packet monitoring unit 104 is registered so that the distribution destination of the VLAN ID packet included in the MAC header that refers to the information that can identify the application is used. As a result, information capable of specifying an application only for a predetermined VLAN ID included in the MAC header is snooping, so that the processing load on the edge switch 11 can be reduced.

  FIG. 24 is a flowchart of the congestion notification reception process of the network control device 2 according to the second embodiment. In FIG. 24, the same processes as those shown in FIG.

  In the congestion notification receiving process of the present embodiment, the network control device 2 identifies the edge switch 11 that receives from the base station 3 the packets aggregated in the monitoring condition packets in which congestion is detected in the process of step 1902. Step 2401 is executed.

  In the processing of Step 2401, the network control device 2 acquires information that can identify the application included in the monitoring condition where congestion is detected.

  In step 1903, the network control device 2 identifies the edge switch 11 so that the edge switch 11 specified in step 1902 counts the packets under the monitoring condition in which congestion is detected by the aggregation switch 13. An update instruction for the table 1063 and the monitoring table 1062 is generated. Specifically, the network control device 2 registers in the aggregation switch 902 registered in the topology database 231 in the edge switch 901 of the record in which the identifier of the aggregation switch 13 included in the received congestion notification and the monitoring condition is registered. Obtain the VLANID before being encapsulated. Then, the network control device 2 generates an instruction to update the identification table 1063 of the edge switch 11 identified in the process of Step 1902 so that the acquired VLAN ID packet is distributed to the packet monitoring unit 104. Further, the network control device 2 updates the monitoring table 1062 of the edge switch 11 identified in the process of step 1902 so as to monitor the packet including the acquired VLAN ID and information that can identify the application acquired in the process of step 2401. Generate instructions.

  In step 1904, the network control apparatus 2 transmits a count instruction including the update instruction generated in step 1903 to the edge switch 11 specified in step 1902, and ends the congestion notification reception process. .

  As described above, according to the present embodiment, the monitoring condition set in the aggregation switch and the monitoring condition set in the edge switch are determined by the application specified by the information that can specify the application included in the received packet being predetermined. It is an application. As a result, the edge switch and the aggregation switch can count packets in detail according to the application, and packets other than the first identifier or the second identifier included in the monitoring condition do not refer to the application identifiable information. An increase in processing load can be minimized.

  In the first and second embodiments, when the aggregation switch 13 detects congestion of the upstream packet flow, the network control device 2 transmits the packet of the flow that is aggregated into the flow in which the congestion is detected. An example has been described in which the control content of the edge switch 11 is determined based on the counter value. In this embodiment, when the edge switch 11 detects the congestion of the downstream packet flow, the network control device 2 is based on the counter value of the aggregation switch 13 that transmits the packet of the flow whose congestion is detected by the edge switch 11. An example of determining the control content of the aggregation switch 13 will be described.

  FIG. 25 illustrates an outline of processing when the edge switch 11 according to the third embodiment detects congestion.

  The packet monitoring unit 104 of the edge switch 11 monitors packets that match the monitoring conditions registered in the monitoring table 1062. For example, when the counter of a packet with a certain monitoring condition becomes equal to or greater than a predetermined threshold, the edge switch 11A determines that congestion has occurred in the packet flow with the monitoring condition, and transmits a congestion notification to the network control device 2. (2501). In the monitoring table 1062 of the edge switch 11A, it may be registered as a monitoring condition that the MAC header is VLAN #A, or it may be registered as a monitoring condition that the MAC header is VLAN #N. Assume that the packets whose PBB header is VLAN # N are aggregated of packets whose MAC header is VLAN # A and packets whose MAC header is VLAN # B. Assume that the edge switch 11A receives a packet whose MAC header is VLAN # A, and the edge switch 11B receives a packet whose MAC header is VLAN # B.

  When the network control device 2 receives the congestion notification transmitted in the processing of step 2501, the network control device 2 refers to the topology database 231 and identifies the aggregation switch 13A that transmits the packet of the monitoring condition flow in which the congestion has occurred to the edge switch 11A. To do. Then, the network control device 2 transmits a packet count instruction for the flow of the monitoring condition in which congestion has occurred to the aggregation switch 13A (2502). The count instruction includes an update instruction for the identification table 1063 of the aggregation switch 13 and an update instruction for the monitoring table 1062.

  Processing for generating an update instruction for the identification table 1063 of the aggregation switch 13 and an update instruction for the monitoring table 1062 will be described.

  When VLAN # A is registered as a monitoring condition in the monitoring table 1062 of the edge switch 11A, the network control device 2 refers to the topology database 231 and identifies VLAN # N that aggregates VLAN # A. Then, the network control device 2 generates an update instruction for the identification table 1063 for updating the identification table 1063 so as to set the transfer destination of VLAN #N in the packet monitoring unit 104. Further, the network control apparatus 2 registers in the monitoring condition of the monitoring table 1062 that the PBB header is VLAN # N, the MAC header is VLAN # A, and the PBB header is VLAN # N. An update instruction for the monitoring table 1062 for updating the monitoring table 1062 is generated.

  When VLAN #N is registered as a monitoring condition in the monitoring table 1062 of the edge switch 11A, the network control device 2 refers to the topology database 231 and identifies the VLAN #A of the edge switch 11 aggregated in the VLAN #N. To do. Then, the network control device 2 generates an update instruction for the identification table 1063 for updating the identification table 1063 so as to set the transfer destination of VLAN #N in the packet monitoring unit 104. Further, the network control apparatus 2 registers in the monitoring condition of the monitoring table 1062 that the PBB header is VLAN # N, the MAC header is VLAN # A, and the PBB header is VLAN # N. An update instruction for the monitoring table 1062 for updating the monitoring table 1062 is generated.

  The aggregation switch 13A updates the identification table 1063 based on the update instruction of the identification table 1063 included in the count instruction, updates the monitoring table 1062 included in the count instruction, and the PBB header is VLAN # N. The counting of the packets of the flow whose MAC header is VLAN # A and the packets of the flow whose PBB header is VLAN # N is started. When a predetermined time has elapsed after the count starts, the aggregation switch 13A transmits the count result to the network control device 2 (2503).

  When receiving the count result from the aggregation switch 13A, the network control device 2 determines a new action of the aggregation switch 13A for the packet of the monitoring condition flow in which congestion is detected by the edge switch 11A based on the received count result. Then, a registration instruction for registering the determined new action in the transfer table 1061 of the aggregation switch 13A is transmitted to the aggregation switch 13A (2504).

  For example, in this embodiment, the network control device 2 transmits from the aggregation switch 13A the counter value of the packet whose PBB header transmitted from the aggregation switch 13A is VLAN # N and whose MAC header is VLAN # A. A new action is determined in which the value obtained by dividing the PBB header by the counter value of the packet whose VLAN number is P # is the packet discard rate. As a result, the packet discard rate of the action of the packet whose PBB header is VLAN # N and MAC header is VLAN # A is registered in the forwarding table 1061 of the aggregation switch 13A.

  The aggregation switch 13A discards the packet whose PBB header is VLAN #N and whose MAC header is VLAN #A based on the number of reception of the packet by the aggregation switch 13A.

  Moreover, although the example which detects congestion about the packet which edge switch 11A receives was demonstrated, the network control apparatus 2 may detect congestion about the packet of VLAN # N.

  A process in which the network control device 2 detects congestion in the VLAN #N packet will be described.

  The network control apparatus 2 acquires the counter value of VLAN # A from the edge switch 11A that receives VLAN # A aggregated to VLAN # N, and from the edge switch 11B that receives VLAN # B aggregated to VLAN # N. The counter value of VLAN # B is acquired. If the sum of the counter value of VLAN #A and the counter value of VLAN #B is equal to or greater than the threshold, the network control device 2 determines that congestion has occurred in VLAN #N, and the aggregation switch 13A is processed in step 2502. Send a count instruction to

  The process of step 2502 will be specifically described. The network control device 2 refers to the topology database 231 and identifies the aggregation switch 13A that receives a packet that is VLAN #N and the VLAN #A and VLAN #B of the edge switch 11 that are aggregated to VLAN #N. Then, the network control device 2 generates an update instruction for updating the identification table 1063 of the aggregation switch 13A so as to set the transfer destination of VLAN #N in the packet monitoring unit 104. Further, the network control device 2 uses the monitoring conditions of the monitoring table 1062 of the aggregation switch 13A as follows: the PBB header is VLAN # N, the MAC header is VLAN # A, and the PBB header is VLAN # N. An update instruction for registering that the MAC header is VLAN # B is generated.

  The aggregation switch 13A updates the identification table 1063 based on the received update instruction of the identification table 1063, updates the monitoring table 1062 based on the received update instruction of the monitoring table 1062, and the PBB header is VLAN # N. And the MAC header is VLAN # A, and the PBB header is VLAN # N and the MAC header is VLAN # B. Then, the aggregation switch 13A transmits the count values of these packets to the network control device 2 in the process of step 2503.

  When the network control device 2 receives the packet count value from the aggregation switch 13A, the network control device 2 uses the counter value of the packet with the PBB header transmitted from the aggregation switch 13A as VLAN #N and the MAC header as VLAN #A. Then, a total value is calculated with the counter value of the packet whose PBB header transmitted from the aggregation switch 13A is VLAN # N and whose MAC header is VLAN # B. Then, the network control apparatus 2 determines the packet discard rate of the packet as a value obtained by dividing the counter value of the packet whose PBB header is VLAN #N and whose MAC header is VLAN #A by the total value. A value obtained by dividing the counter value of the packet whose header is VLAN #N and whose MAC header is VLAN #B by the total value is determined as the packet discard rate of the packet. Then, the network control device 2 uses the action of the packet whose PBB header is VLAN # N and MAC header is VLAN # A, and the PBB header is VLAN # N and MAC header is VLAN # B. A registration instruction for registering the packet discard rate determined as an action of a packet in the forwarding table 1061 of the aggregation switch 13A is transmitted to the aggregation switch 13A.

  The aggregation switch 13A updates the transfer table 1061 based on the received registration instruction of the transfer table 1061.

  As a result, the aggregation switch 13A discards the packet whose PBB header is VLAN # N and MAC header is VLAN # A based on the number of reception of the packet by the aggregation switch 13A, and the PBB header is VLAN #. N and the packet whose MAC header is VLAN # B is discarded based on the number of packets received by the aggregation switch 13A.

  As described above, in this embodiment, the edge switch transmits a notification to the network control device when the received reception count satisfies the predetermined condition, and the network control device establishes the aggregation relationship when the notification is received. Refer to the edge switch that sent the notification to identify the aggregation switch that sends the packet, obtain the number of receptions counted by the identified aggregation switch, and notify the identified aggregation switch based on the obtained number of receptions The control content for the packet to be transmitted to the edge switch that transmitted is determined, and the determined control content is set in the specified aggregation switch. As a result, when the number of packets received by the edge switch in the downlink direction satisfies the predetermined condition, the control content of the aggregation switch that transmits the packet is determined. For example, when congestion or the like occurs in the packet in the downlink direction, The congestion can be suppressed on the aggregation switch side.

  Further, the computer program described in the above embodiment may be realized by hardware by designing it with an integrated circuit (LSI), for example.

  In addition, this invention is not limited to an above-described Example, Various modifications are included. For example, the above-described embodiments have been described in detail for easy understanding of the present invention, and are not necessarily limited to those having all the configurations described. Further, a part of the configuration of a certain embodiment can be replaced with the configuration of another embodiment, and the configuration of another embodiment can be added to the configuration of a certain embodiment. Further, it is possible to add, delete, and replace other configurations for a part of the configuration of each embodiment.

  Further, it is possible to add, delete, and replace other configurations for a part of the configuration of each embodiment. Each of the above-described configurations, functions, processing units, processing means, and the like may be realized by hardware by designing a part or all of them with, for example, an integrated circuit.

  In addition, each of the above-described configurations, functions, and the like may be realized by software by the processor interpreting and executing a program that realizes each function.

  Information such as programs, tables, and files that realize each function is stored in a memory, a hard disk, a recording device such as an SSD (Solid State Drive), an IC (Integrated Circuit) card, an SD card, a DVD (Digital Versatile Disc), etc. Can be placed on any recording medium.

  Further, the control lines and information lines are those that are considered necessary for the explanation, and not all the control lines and information lines on the product are necessarily shown. Actually, it may be considered that almost all the components are connected to each other.

DESCRIPTION OF SYMBOLS 1 NW switch 2 Network control apparatus 3 Base station 4 Packet core 5 Mobile backhaul 6 Terminal 11 Edge switch 12 Relay switch 13 Aggregation switch 100 Line card 101 Physical layer and MAC processing part 102 In-device interface 103 Flow identification part 104 Packet monitoring part 105 Transfer Processing Unit 106 Flow Table 110 Internal Switch 111 Edge Switch 113 Flow Identification Unit 116 Flow Table 120 Management Card 1061 Transfer Table 1062 Monitoring Table 1063 Identification Table

Claims (10)

A network system comprising a plurality of switches and a network control device that controls the plurality of switches,
The network constructed by the plurality of switches is located between the terminal and the external network,
The plurality of switches include an edge switch located on the terminal side and an aggregation switch located on the external network side,
The aggregation switch aggregates packets transmitted and received with at least one edge switch under its control,
The network control device holds an aggregation relationship indicating a relationship between the aggregation switch and an edge switch that transmits and receives packets aggregated by the aggregation switch;
The edge switch and the aggregation switch count the number of received packets that match the monitoring conditions set in itself,
The edge switch or the aggregation switch, when the counted number of receptions satisfies a predetermined condition, sends a notification that the predetermined condition is satisfied to the network control device,
The network controller is
When receiving the notification, based on the aggregation relationship, identify a switch that transmits and receives packets to and from the switch that transmitted the notification,
Obtaining the number of receptions counted by the identified switch;
Based on the acquired number of receptions, determine the control content for the packet transmitted by the identified switch to the switch that transmitted the notification,
Set the determined control content to the specified switch,
The specified switch transmits the packet on the basis of the set control content. The network system according to claim 1,
The aggregation switch transmits the notification to the network control device when the counted number of receptions satisfies a predetermined condition,
The network controller is
When receiving the notification, based on the aggregation relationship, identify an edge switch that transmits packets aggregated by the aggregation switch that transmitted the notification,
Obtaining the number of receptions counted by the identified edge switch;
Based on the acquired number of reception, determine the control content for the packet transmitted by the specified edge switch to the aggregation switch that transmitted the notification,
The network system, wherein the determined control content is set in the specified edge switch. The network system according to claim 2,
The network control device selects which edge switch to determine the control content of from the specified edge switches based on the acquired number of receptions. The network system according to claim 2,
The network controller is
Sum the receptions counted by all the specified edge switches,
Determining the control content with a packet discard rate as a value obtained by dividing the number of receptions counted by each identified edge switch by the total value;
The network system according to claim 1, wherein the edge switch discards received packets at the packet discard rate of the set control content. The network system according to claim 1,
The edge switch transmits the notification to the network control device when the counted number of receptions satisfies a predetermined condition,
The network controller is
When the notification is received, referring to the aggregation relationship, identify the aggregation switch that transmits the packet to the edge switch that transmitted the notification,
Obtaining the number of receptions counted by the identified aggregation switch;
Based on the acquired number of reception, determine the control content for the packet to be transmitted to the edge switch that has transmitted the notification of the identified aggregation switch,
The network system, wherein the determined control content is set in the specified aggregation switch. The network system according to claim 1,
When the network control device receives the notification, the network control device transmits a counting instruction including a monitoring condition for the number of receptions satisfying the predetermined condition to the specified switch,
The switch identified by the network controller is
When receiving the counting instruction, set a monitoring condition included in the received counting instruction,
Count the number of received packets that match the set monitoring conditions,
Transmitting the counted number of receptions to the network control device;
The network controller is
The network system according to claim 1, wherein the reception number is acquired by receiving the counted reception number from the specified switch. The network system according to claim 1,
When the edge switch receives data transmitted from the terminal, it adds a new header including a second identifier corresponding to the first identifier included in the header of the received data to the received packet, Forward into the network,
A network system, wherein packets having different first identifiers are aggregated to the aggregation switch by adding the same second identifier. The network system according to claim 7,
The network controller is
A relationship between a second identifier included in a packet received by the aggregation switch, an edge switch that receives a packet aggregated by the aggregation switch from the terminal and transmits the packet to the network, and a first identifier included in the packet. , Hold as the aggregation relationship,
The monitoring condition set in the aggregation switch is that the received packet includes a predetermined second identifier,
The network system according to claim 1, wherein the monitoring condition set in the edge switch is that the received packet includes a predetermined first identifier. The network system according to claim 8, wherein
The monitoring condition set in the aggregation switch and the monitoring condition set in the edge switch are characterized in that an application specified by information capable of specifying an application included in a received packet is a predetermined application. Network system. A switch for constructing a network,
The network is located between the terminal and an external network,
The switch is an edge switch located on the terminal side,
The switch is controlled by a network control device,
The network control device holds an aggregation relationship indicating a relationship between an aggregation switch that aggregates packets to be transmitted and received with at least one edge switch under its control and an edge switch that transmits and receives packets aggregated by the aggregation switch,
The aggregation switch counts the number of received packets that match the monitoring condition set in itself,
The aggregation switch, when the counted number of receptions satisfies a predetermined condition, sends a notification that the predetermined condition is satisfied to the network control device,
The network controller is
When receiving the notification, based on the aggregation relationship, identify an edge switch including the switch that transmits and receives packets to and from the aggregation switch that transmitted the notification,
Obtaining the number of receptions counted by the identified edge switch;
Based on the acquired number of reception, determine the control content for the packet transmitted by the specified edge switch to the aggregation switch that transmitted the notification,
Transmitting the determined control content to the specified edge switch;
The switch is
If the control content is received, set the received control content,
A switch that transmits the packet to the aggregation switch based on the set control content.

Images