JP6291437B2 - Node device, transfer method, control device, and program - Google Patents

Description

  The present invention relates to a node device in a network system, a packet transfer method, a control device that controls the node device, and a program that causes a computer to function as the node device.

  In an SDN (Software Defined Network) network system that performs flow-based transfer destination determination such as Openflow, all communication packets between node devices are processed as data communication (see, for example, Non-Patent Document 1). All control communications are exchanged between the control device and the node device. Examples of control communication include message transmission / reception for flow setting for the node device to perform flow-based transfer destination determination, OAM (Operations, Administration, and Maintenance) for monitoring the flow. FIG. 1 is a diagram illustrating processing performed by the node device 100 of Non-Patent Document 1. The node device 100 includes, for example, a network interface (NIF) 120 including a transmission unit 10 that transmits a packet, a reception unit 14 that receives a packet, and a transfer destination determination unit 11 that performs flow-based transfer destination determination. Prepare. Further, the node device 100 includes a transfer circuit 13 that delivers a packet whose transfer destination has been determined by each NIF 120 to the transmission unit 14, and a setting function unit 12 that implements a setting request from the control device to each NIF 120 of the own node device. .

“OpenFlow Specification Version 1.3.4”, “2 Switch Components”, Open Networking Foundation, March 27, 2014.

  The problem which exists in a network system like a nonpatent literature is demonstrated.

(Problem 1) Load Concentration on Control Device FIG. For example, control communication such as OAM monitoring communication that is required to have a high communication frequency and a low communication delay value is preferably exchanged directly between node devices. However, the conventional SDN network system is designed so that control communication is always performed via the control device for OAM for monitoring the flow, and the load is concentrated on the control device. High performance is required. For example, when transmitting OAM continuity check (CC) for monitoring the normality of communication at intervals of 3 msec, a load of 0.3 kilo packet per sec (kpps) per flow is applied, and 0.1 million flow (M flow). To handle the load, the control device processes a load of about 30 Mbps. Note that a communication apparatus that generally performs processing of about 30 Mbps is a communication apparatus that can perform processing of about 450 Gbps.

(Problem 2) Packet Interference FIG. 3 is a diagram for explaining Problem 2. The conventional SDN network system does not include a mechanism for identifying control communication or data communication for packet communication exchanged between node devices. Here, the node device can be set so as to transfer a packet in which information identifying control communication is assigned to a specific region of the packet to the control device. However, for example, when a device outside the SDN network system inputs the same packet to the SDN network system to which information for identifying control communication is added, the node device inputs from the external network whether the packet is a control signal. It is not possible to determine whether the signal is received or not, resulting in interference.

(Problem 3) Problems in flow management The conventional SDN network system can be implemented for OAM CC communication defined by individual protocols such as Ethernet (registered trademark) and IP, for example. There are the following problems.

  For example, the control device adds a flow entry in which the CC-monitored flow information and the OAM information are paired to the node device, and the control device sends the monitored flow information and the OAM information to the node device. It is possible to monitor the flow by transmitting the assigned CC packet. However, there is a possibility that a device that can generate a packet of the flow to be monitored and is other than the control device may give information equivalent to the OAM information to the packet, and packet interference occurs as in Problem 2. Sometimes. Furthermore, since different flow entries are created for the flow to be monitored and the flow for OAM, the number of flow entries increases, and twice the flow entries are required to monitor all the flows. Further, even if the flow entry to be inspected is erased due to an erroneous operation or malfunction, as long as the flow entry for OAM remains, reachability seems to be secured. In this way, there is a difficulty in managing the flow.

  On the other hand, a method of not adding a flow entry that is a combination of flow information to be monitored and OAM information is also conceivable. The control device sets the time to live (TTL) value of the CC packet to which the flow information and the OAM information to be monitored are added to the node device to be small, and controls the packet to which the OAM information is added regardless of the flow entry. The flow is monitored by returning to the device. However, there is a possibility that a device that generates a packet of the flow to be monitored and is other than the control device may add information equivalent to the OAM information including the TTL value to the packet. Interference may occur. Further, the last node device in the monitoring section transfers the packet to the control device only when the TTL value is 0 even if the matching result between the flow entry and the packet is different from the set value. It is difficult to monitor the normality of the flow entry of the target flow.

(Problem 4) Flexibility to protocol Since the conventional SDN network system performs matching on the assumption that the L2 of the flow is Ethernet (registered trademark), for example, it handles the L2 protocol of a standard different from Ethernet (registered trademark). There was a problem that it was not possible.

  In the conventional SDN network system, the rule of flow matching is fixedly defined on the assumption of a protocol suite defined by standards such as Ethernet (registered trademark) / IP / TCP. For this reason, for example, in order to perform flow matching efficiently, there is a problem that it is difficult to introduce flow matching with a mechanism different from an existing flow matching mechanism.

(Problem 5) Limiting the number of flows The flow matching in the node device of the conventional SDN network system has a long matching field so that various flows can be handled, and an arbitrary bit matching rule (the packet matching target bit is 0). Is designed to handle matching rules that match in either case or 1), but this design consumes a lot of memory due to the long flow entry, There is a problem that the calculation for matching is complicated, and it is difficult to increase the number of flows that can be accommodated by the node device.

  Accordingly, an object of the present invention is to provide a node device, a transfer method, a control device, and a program that solve the above-described problems 1 to 5.

  In the present invention, a dedicated header is added to a packet flowing from the outside of the network system to identify control communication and data communication, and the dedicated header is deleted from the packet flowing out of the network system to communicate with an existing network system. It was decided that.

Specifically, the node device according to the present invention is a node device of a network system that performs transfer destination determination using flow information of a communication packet,
A transmission source determination unit that determines whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system;
A dedicated header adding unit that adds a dedicated header including communication type identification information indicating data communication to the communication packet when the transmission source of the communication packet is outside the own network system in the determination of the transmission source determination unit;
A packet type for determining whether the communication packet is control communication or data communication based on communication type identification information included in a dedicated header when the transmission source of the communication packet is within the local network system as determined by the transmission source determination unit A determination unit;
When the communication packet is control communication as determined by the packet type determination unit, a control communication processing unit that executes processing specified in the communication packet;
A transfer destination that determines a transfer destination of a communication packet to which a dedicated header is added by the dedicated header adding unit, a communication packet that is determined to be data communication by the packet type determination unit, and a communication packet that is processed by the control communication processing unit A determination unit;
A dedicated header deleting unit that deletes a dedicated header from the communication packet when the transfer destination of the communication packet is outside the own network system in the determination of the transfer destination determining unit;
A transmission unit that transmits a communication packet in which the dedicated header is deleted by the dedicated header deletion unit, and a communication packet in which the transfer destination is determined to be in its own network system by the transfer destination determination unit;
It is characterized by providing.

Specifically, a transfer method according to the present invention is a transfer method for performing transfer destination determination using flow information of a communication packet in a node device of a network system,
A transmission source determination procedure for determining whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system;
A dedicated header providing procedure for adding a dedicated header including communication type identification information indicating data communication to the communication packet when the transmission source of the communication packet is outside the own network system in the determination of the transmission source determination procedure;
Packet type for determining whether the communication packet is control communication or data communication based on communication type identification information included in a dedicated header when the transmission source of the communication packet is within the local network system in the determination of the transmission source determination procedure Judgment procedure;
A control communication processing procedure for executing processing specified in the communication packet when the communication packet is control communication in the determination of the packet type determination procedure;
A transfer destination for determining a transfer destination of a communication packet to which a dedicated header is added in the dedicated header adding procedure, a communication packet determined to be data communication in the packet type determining procedure, and a communication packet processed in the control communication processing procedure Judgment procedure;
A dedicated header deletion procedure for deleting a dedicated header from the communication packet when the transfer destination of the communication packet is outside the own network system in the determination of the transfer destination determination procedure;
A transmission procedure for transmitting a communication packet from which the dedicated header has been deleted in the dedicated header deletion procedure, and a communication packet in which the transfer destination is determined to be within its own network system in the transfer destination determination procedure;
It is characterized by performing.

Specifically, a control device according to the present invention is a control device that controls a node device of a network system that performs transfer destination determination using flow information of a communication packet,
Of the node device,
Let the transmission source determination unit determine whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system,
When a transmission source of the communication packet is outside the own network system as determined by the transmission source determination unit, a dedicated header including communication type identification information indicating data communication is attached to the communication packet. ,
In the packet type determination unit, when the transmission source of the communication packet is within the local network system as determined by the transmission source determination unit, the communication packet is controlled communication or data communication based on the communication type identification information included in the dedicated header. Determine whether
When the communication packet is control communication in the determination of the packet type determination unit, the control communication processing unit is caused to execute the process specified in the communication packet,
Transfer of a communication packet to which a dedicated header is added by the dedicated header adding unit to the transfer destination determining unit, a communication packet determined to be data communication by the packet type determining unit, and a communication packet processed by the control communication processing unit Let's judge the destination,
When the transfer destination of the communication packet is outside the own network system in the determination of the transfer destination determination unit, the dedicated header deletion unit deletes the dedicated header from the communication packet,
The transmission unit is configured to transmit the communication packet from which the dedicated header is deleted by the dedicated header deletion unit and the communication packet from which the transfer destination is determined to be within the own network system by the transfer destination determination unit.

  In a network system that performs forwarding destination determination using flow information of communication packets, data communication and control communication are clarified by adding a dedicated header to packets that flow from the outside and removing the dedicated header from packets that flow to the outside Thus, it becomes possible to handle the control communication while preventing interference between the node devices (solution of Problem 2). In addition, since direct communication is possible between the node devices, the load on the control device is reduced (solution to Problem 1). Therefore, the present invention can provide a node device, a transfer method, and a control device that can solve the problems 1 and 2.

The forwarding destination determining unit of the node device according to the present invention is
An extended transfer destination determination unit that considers the dedicated header in determining the transfer destination of a communication packet;
A shift transfer destination determination unit that does not consider the dedicated header in determining the transfer destination of the communication packet;
A packet distribution unit that distributes communication packets to the extended transfer destination determination unit or the shift transfer destination determination unit based on the dedicated header;
It is characterized by having.

  By switching between the extended transfer destination determination unit and the shift transfer destination determination unit depending on the packet, OAM of the flow can be reliably performed (solution of Problem 3) and backward compatibility with the existing network system can be maintained. The reason why backward compatibility can be maintained is as follows. The dedicated header adding unit adds a dedicated header to all received packets, but also retains the existing header. If the packet is a conventional protocol suite (Ethernet (registered trademark) / IP / TCP system), the shift transfer destination The determination unit can perform flow matching using the existing header. For this reason, the present invention can maintain backward compatibility with existing network systems.

The packet type determination unit of the node device according to the present invention,
When the communication packet is determined to be data communication, it has a function of giving information for identifying a protocol suite of the communication packet to the dedicated header.

  The effect of enabling processing of the new L2 protocol and the flow composed of a protocol suite different from the existing protocol suite can be processed together with the existing protocol suite (solution of Problem 4).

The extended transfer destination determination unit of the node device according to the present invention,
When a communication packet uses another node device in its own network system as a transfer destination, a dedicated label field is formed in the communication packet to give a transfer label of the other node device, or transfer of the dedicated label field Rewrite the label,
In other cases, the transfer label in the dedicated label field is deleted.

  By forming a dedicated label field in the packet and assigning the label of the destination node device, flow matching between the node devices can be simplified, the flow table can be kept small, and the packet can be transferred at high speed. Yes (Solving Problem 5)

  The program according to the present invention causes a computer to function as the node device. The node device according to the present invention can be realized by a computer and a program, and the program can be recorded on a recording medium or provided through a network.

  The present invention can provide a node device, a transfer method, a control device, and a program that solve the problems 1 to 5 described above.

It is a figure explaining the process which a node apparatus performs. It is a figure explaining the subject which the present invention tends to solve. It is a figure explaining the subject which the present invention tends to solve. It is a figure explaining the structural example of the network system containing the node apparatus and control apparatus which concern on this invention. (A), (b), and (c) are packet formats described in FIG. It is a figure explaining the process which the node apparatus which concerns on this invention performs. It is a sequence diagram explaining the data communication setting which the node apparatus which concerns on this invention performs. It is a sequence diagram explaining the control communication setting which the node apparatus which concerns on this invention performs. It is a figure explaining how this invention solved the subject. It is a figure explaining how this invention solved the subject. It is a figure explaining the process which the node apparatus which concerns on this invention performs. It is a figure explaining operation | movement of the shift transfer destination determination part of the node apparatus which concerns on this invention. It is a figure explaining the structural example of the network system containing the node apparatus and control apparatus which concern on this invention. It is a figure explaining the process which the node apparatus which concerns on this invention performs. It is a sequence diagram explaining the data communication setting which the node apparatus which concerns on this invention performs. It is a figure explaining the example of the packet format in the network system containing the node apparatus and control apparatus which concern on this invention. It is a figure explaining the example of the packet format in the network system containing the node apparatus and control apparatus which concern on this invention.

  Embodiments of the present invention will be described with reference to the accompanying drawings. The embodiments described below are examples of the present invention, and the present invention is not limited to the following embodiments. In the present specification and drawings, the same reference numerals denote the same components.

(Embodiment 1)
FIG. 4 is a diagram illustrating a configuration example of the network system 301 according to the present embodiment. The network system 301 is an SDN network system, and includes a plurality of first node devices 101 and a control device 150 that controls them. These devices are connected to each other and can perform data communication and control communication.

  Part or all of the first node device 101 is connected to the second node device 100 included in the network system (300A, 300B) outside the network system 301. The second node device 100 is the node device 100 described in FIG.

  FIG. 4 also shows the formats (a), (b), and (c) of packets transmitted and received by the network system 301. A specific example of the formats (a), (b), and (c) will be described with reference to FIG. The format of a packet transmitted and received between the network system 301 and the network system (300A, 300B) is the format (a) of FIG. On the other hand, the packet format of data communication transferred within the network system 301 is the format (b) of FIG. 15, and the packet format of control communication is the format (c) of FIG.

FIG. 5 is a diagram for explaining processing performed by the first node device 101. The first node device 101 is a node device of a network system that performs transfer destination determination using flow information of a communication packet,
A transmission source determination unit 21 for determining whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system;
A dedicated header adding unit 22 for adding a dedicated header including communication type identification information indicating data communication to the communication packet when the transmission source of the communication packet is outside the own network system as determined by the transmission source determining unit 21; ,
Packet type for determining whether the communication packet is control communication or data communication based on communication type identification information included in a dedicated header when the transmission source of the communication packet is within the own network system as determined by the transmission source determination unit 21 A determination unit (23a, 23b);
A control communication processing unit (24a, 24b) that executes processing specified in the communication packet when the communication packet is control communication as determined by the packet type determination unit (23a, 23b);
Transfer destination for determining the transfer destination of the communication packet to which the dedicated header is added by the dedicated header adding unit 22, the communication packet determined to be data communication by the packet type determining unit 23a, and the communication packet processed by the control communication processing unit 24a A determination unit 11a;
A dedicated header deleting unit 25 for deleting a dedicated header from the communication packet when the transfer destination of the communication packet is outside the own network system as determined by the transfer destination determining unit 11a;
A transmission unit 14 that transmits the communication packet from which the dedicated header is deleted by the dedicated header deletion unit 25 and the communication packet in which the transfer destination is determined to be within the own network system by the transfer destination determination unit 11a;
It is characterized by providing.

  The NIF 121 of the first node device 101 includes a reception unit 10, a transmission source determination unit 21, a dedicated header addition unit 22, a packet type determination unit (23a, 23b), a control communication processing unit (24a, 24b), and a transfer destination determination unit 11a. A dedicated header deleting unit 25 and a transmitting unit 14. The first node device 101 also transfers a packet whose transfer destination has been determined by each NIF 121 to the packet type determination unit 23b, and a setting function unit that implements a setting request from the control device to each NIF 121 of the own node device. 12.

The operation of the first node device 101 will be described in detail.
The receiving unit 10 receives the packet from outside the first node device 101 (step S401). The format of the packet received by the receiving unit 10 is the format (a) of FIG. 15 if the data communication is from outside the SDN network system 301 including the first node device 101, and is within the SDN network system 301 such as the control device 150. 15 is the format (c) of FIG.
The determination unit 1 of the transmission source determination unit 21 sends the received packet to the setting function unit 12 when the setting value preset in the storage area of the device from the terminal or the like indicates the NIF connected to the control device 150. Send (step S402).
The setting function unit 12 interprets the setting request from the control device 150 and performs necessary settings for each NIF 121 (step S403). In this embodiment, the NIF connected to the control device 150 is shared with other NIFs. However, the NIF connected to the control device 150 may be installed separately from other NIFs. good.
The determination unit 2 of the transmission source determination unit 21 identifies whether the connection destination of the NIF 121 is a device outside the SDN network system based on setting information notified in advance from the control device 150. When the connection destination of the NIF 121 is a device outside the SDN network system, the determination unit 2 sends the packet to the dedicated header adding unit 22, and otherwise sends the packet to the communication type information determination unit 23a (steps S405 and S406). ).
The dedicated header adding unit 22 adds a dedicated header indicating that the communication type is data communication to the packet (step S407). Here, the format of the data communication packet is changed from the format (a) to the format (b) in FIG.
The communication type information determination unit 23a determines whether the communication is data communication or control communication based on the information indicating the communication type of the dedicated header of the packet (step S408). Otherwise, the packet is sent to the control communication processing unit 24a (step S409).
The transfer destination determination unit 11a searches for the flow of the packet from the flow table using information including the dedicated header of the packet, selects an appropriate output destination NIF of the packet, and stores it in the queue (step S410).
The transfer circuit 13 checks the queue of the transfer destination determination unit 11a of each NIF, and sequentially transfers the packets to an appropriate output destination NIF (step S411).
When the control communication processing unit 24a receives the control communication packet, if there is a process requested in advance by the control device, the control communication processing unit 24a performs the process on the packet and checks whether the packet is addressed to itself (step S412). If it is addressed, it is received; otherwise, it is sent to the transfer destination determination unit 11a (step S413). Further, when receiving a packet generation request from the control device 150, the control communication processing unit 24a generates, for example, an OAM CC packet in accordance with the request and sends it to the transfer destination determination unit 11a (step S414).
The communication type information determination unit 23b determines whether the packet is data communication or control communication based on the type information of the dedicated header of the packet that has passed through the transfer circuit 13 (step 415). If it is a control communication, it is sent to the control communication processing unit 24b (step S416).
When the control communication processing unit 24b receives the control packet, if there is a process requested in advance by the control device 150, the control communication processing unit 24b performs the process on the packet (step S417), confirms whether the packet is addressed to itself, Is received, otherwise it is transferred to the determination unit 3 (step S418).
The determination unit 3 identifies whether the connection destination of the NIF is a device outside the SDN network system based on the setting information notified in advance from the control device 150 (step S419). When the connection destination of the NIF is an apparatus outside the SDN network system, the determination unit 3 sends the packet to the dedicated header removal unit 25, and otherwise sends the packet to the transmission unit 14 (step S420).
The dedicated header removing unit 25 removes the dedicated header from the packet and sends it to the transmitting unit 14 (step S421). Here, the format of the data communication packet is changed from the format (b) in FIG. 15 to the format (a).
The transmission unit 14 transmits the packet to the outside of the first node device (other first node device 101, control device 150, or second node device 100) (step S422).

The control device 150 is a control device that controls the node device 101 of the network system that performs transfer destination determination using the flow information of the communication packet.
Of the node device 101,
The transmission source determination unit 21 determines whether the transmission source of the communication packet received by the reception unit 10 is outside the local network system or within the local network system,
When the transmission source determination unit 21 determines that the transmission source of the communication packet is outside its own network system, a dedicated header including communication type identification information indicating data communication is added to the communication packet. Let
When the transmission source determination unit 21 determines that the transmission source of the communication packet is within its own network system, the packet type determination unit (23a, 23b) transmits the communication packet based on the communication type identification information included in the dedicated header. Determine whether control communication or data communication,
When the communication packet is control communication as determined by the packet type determination unit (23a, 23b), the control communication processing unit (24a, 24b) executes the process specified in the communication packet,
The communication packet to which the dedicated header is added by the dedicated header adding unit, the communication packet determined to be data communication by the packet type determining unit 23a, and the communication packet processed by the control communication processing unit 24a are transferred to the transfer destination determining unit 11a. Determine the forwarding destination,
The dedicated header deleting unit 25 deletes the dedicated header from the communication packet when the transfer destination of the communication packet is outside the own network system as determined by the transfer destination determining unit 11a.
The transmission unit 14 is configured to transmit the communication packet from which the dedicated header is deleted by the dedicated header deletion unit 25 and the communication packet from which the transfer destination is determined to be within the own network system by the transfer destination determination unit 11a.

  FIGS. 6 and 7 are diagrams for explaining a setting sequence performed from the control device 150 to each first node device 101 so that the first node device 101 performs the processing described in FIG. FIG. 6 illustrates settings for data communication, and FIG. 7 illustrates settings for control communication. The setting can be performed by sending a program from the control device to each first node device 101 and causing each first node device 101 to execute the program.

First, the setting relating to data communication in FIG. 6 will be described. In a state before setting, the packet (format (a)) transferred from the second node device 100 is discarded by the first node device 101 because it is different from the format in the SDN network system 301.
A setting program is sent from the control device to the first node device (steps S111 and S113), and the setting is started. Step S111 is connected to the second node device 100 with a setting in which the communication type adds a dedicated header for data communication to the packet received by the receiving unit 10 of the first node device 101 connected to the second node device 100. This is a setting request for removing the dedicated header from the packet transmitted by the transmission unit 14 of the first node device 101. Step S113 is a setting request for transferring the data communication packet by the transfer determination unit 11a of the first node device 101. Step S112 and step S114 implement the request of step S111 and step S113, respectively. Then, after the setting of the first node device 101 is completed, the packet (format (a)) transferred from the second node device 100 is added with a dedicated header in the first node device 101 to become the format (b). Transfer within the SDN network system 301 becomes possible. When the packet flows out of the SDN network system 301, the first node device 101 deletes the dedicated header and returns to the format (a). For this reason, the former second node device 100 can receive the packet. That is, even when a packet is transferred from the previous SDN network 300A to the SDN network 300B, the packet can be transferred without considering the existence of the SDN network 301 having a different packet format.

  Next, settings related to control communication in FIG. 7 will be described. A setting program is sent from the control device 150 to each first node device 101, and the setting is started. Steps S121, S122, and S123 are requests for setting transmission, transfer, and reception of control communication packets in the control communication processing units (24a, 24b) of the first node device 101, respectively. Each of the first node devices 101 sets transmission, transfer, and reception of the control communication packet in step S124, step S125, and step S126. After the setting is completed, the control communication packet transmitted by the first node device (1) is transferred by the first node device (2) and received by the first node device (3). If the first node device (2) detects a failure due to a reception timeout of the control communication packet (step S127), the first node device (2) notifies the control device 150 of the failure detection (step S128).

  FIG. 8 is a diagram for explaining that the SDN network system according to the present embodiment can solve the first problem. FIG. 8A shows a network system having the conventional problem 1, and the control device 150 becomes a very high load because it becomes the start point and end point of all control communication including monitoring. FIG. 8B shows the network system of this embodiment. The first node device 101 exchanges control communication such as monitoring between node devices, and notifies the control device 150 only when a failure or the like is detected. For this reason, since the control device 150 only performs setting and failure report reception as control communication, the load is greatly reduced. Therefore, the SDN network system of this embodiment solves the problem 1.

  FIG. 9 is a diagram for explaining that the SDN network system of this embodiment can solve the problem 2. FIG. 9A is a network system having the conventional problem 2, and a packet transmitted from the SDN network system 300A to the SDN network system 300B has the same information as information used for control communication in the SDN network system 300C. In this case, it was transferred to the control device by mistake. FIG. 9B shows the SDN network system 301 according to the present embodiment. Since the packet transmitted from the SDN network system 300A is always classified as data communication in the SDN network system 301, it is erroneously transferred to the control device 150. Without being transferred to the destination SDN network system 300B. Therefore, the SDN network system of this embodiment solves the problem 2.

(Embodiment 2)
The configuration of the network system and the packet format of this embodiment are the same as those of the first embodiment.

FIG. 10 is a diagram illustrating processing performed by the first node device 101A. The difference between the first node device 101A and the first node device 101 in FIG. 5 is that the transfer determination unit 11a includes a determination unit 4, a shift transfer destination determination unit 31, and an extended transfer destination determination unit 32. . That is, the transfer destination determination unit 11a includes an extended transfer destination determination unit 32 that considers the dedicated header in determining the transfer destination of the communication packet, and a shift transfer destination determination unit that does not consider the dedicated header in the determination of the transfer destination of the communication packet. 31 and a packet distribution unit (determination unit 4) that distributes communication packets to the extended transfer destination determination unit 32 or the shift transfer destination determination unit 31 based on the dedicated header,
Have

  FIG. 11 is a diagram illustrating a method in which the shift transfer destination determination unit 31 determines a transfer destination. FIGS. 11B and 11C are the same as the formats described in FIGS. 4B and 4C. The shift transfer destination determination unit 31 searches the flow of the packet from the flow table using the part excluding the dedicated header of the packet, selects an appropriate output destination NIF of the packet, and stores it in the queue. The extended transfer destination determination unit 32 searches the flow of the packet from the flow table using information including the dedicated header of the packet, selects an appropriate output destination NIF of the packet, and stores it in the queue.

  The determination unit 4 receives setting information (either or both of a list of protocol sweet values transferred to the shift transfer destination determination unit and a list of protocol sweet values transferred to the extended transfer destination determination unit) from the control device 150. It is notified beforehand. Alternatively, in the determination unit 4, setting information (same as above) is set in advance in the storage area of the first node device from a terminal or the like. Then, the determination unit 4 uses either or both of the setting information, and sends the packet to the shift transfer destination determination unit based on the protocol suite value of the dedicated header field of the received packet, or the extended transfer destination determination unit Decide what to send to.

It will be described that the first node device 101A of the present embodiment solves the problem 3. The problem 3 will be described again as follows.
In a conventional SDN network system, when a node device distinguishes a packet with OAM information from a monitoring packet and transfers the packet to a control device, information other than the control device adds information equivalent to OAM information to a data communication packet. If
(Bug 1) The possibility that a packet of data communication to which information equivalent to OAM information other than the control device is given is erroneously processed as a monitoring packet by the node device,
(Bug 2) The number of flow entries is increased by creating different flow entries for the data communication flow and the OAM flow to be monitored in the node device. In order to monitor all the flows, a flow entry is required. Double required (Bug 3) Even if the flow entry to be monitored is erased due to an erroneous operation or malfunction, the reachability may seem to be ensured if only the flow entry for OAM remains,
There was a problem that.

  In the present embodiment, any packet to which information equivalent to OAM information other than the control device is added can be further distinguished as a data communication packet by adding a dedicated header. Therefore, the node device is not erroneously processed as a monitoring packet, and the above problem 1 can be solved. In addition, since the data transfer and the control communication can pass through the same flow table in the shift transfer destination determination unit, it is possible to prevent the flow entry from increasing unnecessarily and to solve the above-mentioned problem 2. Furthermore, since the present embodiment requires only two flows, ie, the monitoring target flow and the OAM flow, it can be easily recognized that the flow entry has been erased due to an erroneous operation or malfunction. 3 can be eliminated.

(Embodiment 3)
FIG. 12 is a diagram illustrating the configuration of the network system according to the present embodiment. FIG. 16 is a diagram for explaining a format example of a packet according to the present embodiment. The format of a packet transmitted and received between the network system 301 and the network system (300A, 300B) is the format (a) of FIG. The format (a) in FIG. 16 is the same as the format (a) in FIG. On the other hand, the packet format of data communication transferred in the network system 301 is the format (d) or format (e) of FIG. 16, and the packet format of control communication is the format (f) or format (g) of FIG. is there.

  FIG. 13 is a diagram illustrating processing performed by the first node device 101B. The difference between the first node device 101B and the first node device 101A of FIG. 10 is that a description item of a dedicated header given to the packet and a transfer label are further given to the packet. That is, the packet type determination unit 23a has a function of adding information identifying the protocol suite of the communication packet to the dedicated header when the communication packet is determined to be data communication. Further, the extended transfer destination determination unit 32 forms a dedicated label field in the communication packet and sets the transfer label of the other node device when the communication packet is another node device in the own network system. Or rewriting the transfer label in the dedicated label field, and deleting the transfer label in the dedicated label field in other cases.

  FIG. 14 is a diagram illustrating a data communication setting sequence performed from the control device 150 to each first node device 101B so that the first node device 101B performs the processing described in FIG. FIG. 14 will be described. Steps S111 and S112 are the same as those described in the first embodiment. After step S112 is completed, the control device 150 calculates the first node device that becomes the route of the flow, and pays out each NIF of the first node device that becomes the route (determines the packet transfer destination). A value (transfer label) is determined and notified to each first node device (step S213). Then, the first node device 101B sets a label to the extended transfer destination determination unit 32 so as to enable packet transmission / reception to / from the packet transfer destination node device. Then, after the setting of the first node device 101B is completed, a packet (format (a)) transferred from the second node device 100 is added with a dedicated header and a label field by the first node device (1). Format (e) is entered, and label A is written. Then, this packet is transferred to the first node device (2) indicated as the transfer destination of the packet given the label A, and the label A is rewritten to the label B. Further, this packet is transferred to the first node device (3) indicated as the transfer destination of the packet to which the label B is given, the dedicated header field and the label field are removed, and the process returns to the format (a). For this reason, the former second node device 100 can receive the packet. That is, even when a packet is transferred from the previous SDN network 300A to the SDN network 300B, the packet can be transferred without considering the existence of the SDN network 301 having a different packet format.

It will be described that the first node device 101B of the present embodiment solves the problems 4 and 5.
When the packet is data communication, the first node device 101B adds data communication protocol identification information, which is information for identifying a data communication protocol suite, to the dedicated header (see format (d) in FIG. 16). This function facilitates the addition / deletion of protocol suites that were difficult with existing SDN network systems. For example, in a node device that processes a protocol suite created on the assumption that only the beginning of the flow is searched for exactly, it is possible to determine the transfer destination with a smaller amount of memory and a shorter calculation time than existing ones, and many more inexpensively. It is possible to implement a node device that can accommodate the flow of
Specifically, an IP that performs a partial match search at the beginning of the flow requires a process for narrowing down search results when multiple search results appear, or a process for changing the range used for partial match. is there. However, since EXACT MATCH, which searches for the exact beginning of the flow, does not require these processes, the transfer destination can be determined with a smaller amount of memory and less calculation time than IP.

[Appendix]
The following describes the node device, transfer method, control device, and program according to the present invention.

Problems to be solved by the present invention are:
(1) Mechanism for performing control communication (for example, OAM of a flow) between node devices with Openflow (2) For handling a flow other than a flow composed of Ethernet (registered trademark) / IP / TCP system protocol suite with Openflow Mechanism (3) It is to provide a node device, a transfer method, a control device, and a program that include a mechanism for efficiently transferring a packet with Openflow.

For this reason, the present invention
(A) A dedicated header is attached to a packet flowing from outside the Openflow network, and control communication and data communication are separated. Also, the dedicated header is removed from the packet that flows out of the Openflow network.
(B) In the data communication, protocol suite identification information or the like is further described in a dedicated header, and is made to correspond to a Clean Slate (a new protocol other than the protocol suite (Ethernet (registered trademark) / IP / TCP system)). When a conventional protocol suite (Ethernet (registered trademark) / IP / TCP system) is used, the matching mechanism is improved so that flow matching is performed in a portion other than the dedicated header in order to maintain backward compatibility.
(C) In order to show the effect of changing the protocol suite (especially L2) with Openflow, label information that performs high-speed matching is added to the packet using a new label that combines a flow identifier and a port identifier.
(D) Control communication is also subjected to flow matching processing as necessary (for OAM Continuity check (CC)).
(E) The packet size to the extent that information for identifying control communication and data communication and the type of control communication or data communication (the above protocol suite identification information and control communication identification information (such as OAM)) are described in the dedicated header. And the increase in header processing time are small.
It has the characteristics.

The effect of the present invention is
(Α) Since control communication can be realized only between node devices, the load on the control device related to control communication can be reduced.
(Β) Flow OAM, which was difficult to realize with the prior art, can be realized while maintaining backward compatibility.
(Γ) Protocols and mechanisms for efficiently performing flow-based transfer can be introduced while maintaining backward compatibility.

[Definition]
Provides definitions for terms used in the specification.
SDN: Software Defined Network
OAM: Operations, Administration, and Maintenance
Flow: Flow of packets with the same source and destination Flow table: Table that describes the forwarding destination of the flow Flow entry: Each entry in the flow table Flow matching: Search for a flow that matches the received packet from the flow entry

  The node device, transfer method, control device, and program according to the present invention can be applied to general network systems other than the SDN and Openflow described in the embodiments.

10: reception unit 11, 11a: transfer destination determination unit 12: setting function unit 13: transfer circuit 14: transmission unit 21: transmission source determination unit 22: dedicated header assignment units 23, 23a, 23b: packet type determination unit, communication type Identification information determination unit 24, 24a, 24b: control communication processing unit 25: dedicated head removal unit 31: shift transfer destination determination unit 32: extended transfer destination determination unit 100, 101: node device 120: NIF
150: Control devices 300, 200A, 300B, 300C, 301: SDN network system

Claims (7)

A node device of a network system that performs forwarding destination determination using flow information of a communication packet,
A transmission source determination unit that determines whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system;
A dedicated header adding unit that adds a dedicated header including communication type identification information indicating data communication to the communication packet when the transmission source of the communication packet is outside the own network system in the determination of the transmission source determination unit;
A packet type for determining whether the communication packet is control communication or data communication based on communication type identification information included in a dedicated header when the transmission source of the communication packet is within the local network system as determined by the transmission source determination unit A determination unit;
When the communication packet is control communication as determined by the packet type determination unit, a control communication processing unit that executes processing specified in the communication packet;
A transfer destination that determines a transfer destination of a communication packet to which a dedicated header is added by the dedicated header adding unit, a communication packet that is determined to be data communication by the packet type determination unit, and a communication packet that is processed by the control communication processing unit A determination unit;
A dedicated header deleting unit that deletes a dedicated header from the communication packet when the transfer destination of the communication packet is outside the own network system in the determination of the transfer destination determining unit;
A transmission unit that transmits a communication packet in which the dedicated header is deleted by the dedicated header deletion unit, and a communication packet in which the transfer destination is determined to be in its own network system by the transfer destination determination unit;
A node device comprising: The forwarding destination determination unit
An extended transfer destination determination unit that considers the dedicated header in determining the transfer destination of a communication packet;
A shift transfer destination determination unit that does not consider the dedicated header in determining the transfer destination of the communication packet;
A packet distribution unit that distributes communication packets to the extended transfer destination determination unit or the shift transfer destination determination unit based on the dedicated header;
The node device according to claim 1, comprising: The packet type determination unit
3. The node device according to claim 1, wherein when the communication packet is determined to be data communication, the node device has a function of adding information identifying a protocol suite of the communication packet to the dedicated header. The extended transfer destination determination unit
When a communication packet uses another node device in its own network system as a transfer destination, a dedicated label field is formed in the communication packet to give a transfer label of the other node device, or transfer of the dedicated label field Rewrite the label,
The node device according to claim 3, further comprising a function of deleting a transfer label in the dedicated label field in another case. A transfer method for determining a transfer destination using flow information of a communication packet in a node device of a network system,
A transmission source determination procedure for determining whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system;
A dedicated header providing procedure for adding a dedicated header including communication type identification information indicating data communication to the communication packet when the transmission source of the communication packet is outside the own network system in the determination of the transmission source determination procedure;
Packet type for determining whether the communication packet is control communication or data communication based on communication type identification information included in a dedicated header when the transmission source of the communication packet is within the local network system in the determination of the transmission source determination procedure Judgment procedure;
A control communication processing procedure for executing processing specified in the communication packet when the communication packet is control communication in the determination of the packet type determination procedure;
A transfer destination for determining a transfer destination of a communication packet to which a dedicated header is added in the dedicated header adding procedure, a communication packet determined to be data communication in the packet type determining procedure, and a communication packet processed in the control communication processing procedure Judgment procedure;
A dedicated header deletion procedure for deleting a dedicated header from the communication packet when the transfer destination of the communication packet is outside the own network system in the determination of the transfer destination determination procedure;
A transmission procedure for transmitting a communication packet from which the dedicated header has been deleted in the dedicated header deletion procedure, and a communication packet in which the transfer destination is determined to be within its own network system in the transfer destination determination procedure;
The transfer method characterized by performing. A control device that controls a node device of a network system that performs transfer destination determination using flow information of a communication packet,
Of the node device,
Let the transmission source determination unit determine whether the transmission source of the communication packet received by the reception unit is outside the local network system or within the local network system,
When a transmission source of the communication packet is outside the own network system as determined by the transmission source determination unit, a dedicated header including communication type identification information indicating data communication is attached to the communication packet. ,
In the packet type determination unit, when the transmission source of the communication packet is within the local network system as determined by the transmission source determination unit, the communication packet is controlled communication or data communication based on the communication type identification information included in the dedicated header. Determine whether
When the communication packet is control communication in the determination of the packet type determination unit, the control communication processing unit is caused to execute the process specified in the communication packet,
Transfer of a communication packet to which a dedicated header is added by the dedicated header adding unit to the transfer destination determining unit, a communication packet determined to be data communication by the packet type determining unit, and a communication packet processed by the control communication processing unit Let's judge the destination,
When the transfer destination of the communication packet is outside the own network system in the determination of the transfer destination determination unit, the dedicated header deletion unit deletes the dedicated header from the communication packet,
A control apparatus, characterized by causing a transmission unit to transmit a communication packet from which a dedicated header has been deleted by the dedicated header deletion unit, and a communication packet from which the transfer destination is determined to be within its own network system by the transfer destination determination unit.   The program for functioning a computer as a node apparatus in any one of Claim 1 to 4.

Images