KR102079508B1 - Method and device for managing traffics in order to efficiently manage networks on basis of requirements of users - Google Patents

Abstract

Disclosed is a method of managing traffics to efficiently manage networks based on requirements of users. The method comprises: (a) a step in which a controller performs (i) a process of acquiring VLAN information for a plurality of VLANs desired to be set to a target network by a manager and (ii) a process of setting at least part of legacy switches to be connected to a controller to operate by establishing a communication connection with the at least part of the legacy switches included in the target network through a predetermined dedicated communications channel; (b) a step in which the controller sets at least part of the legacy switches to operate according to VLAN setting information by transmitting the VLAN setting information generated using the VLAN information to the at least part of the legacy switches; (c) a step in which the controller acquires connection information of a new host by referring to a new ARP packet of the new host acquired by a specific legacy switch when the new host is connected to the specific legacy switch which is one of the legacy switches; and (d) a step in which the controller allows the specific legacy switch to set connection for the target network of the new host by referring to the connection information.

Description

METHOD AND DEVICE FOR MANAGING TRAFFICS IN ORDER TO EFFICIENTLY MANAGE NETWORKS ON BASIS OF REQUIREMENTS OF USERS}

The present invention relates to a traffic management method and apparatus for efficiently managing a network based on a user's request.

Software-Defined Network (SDN) refers to a network that controls / manages the traffic delivery operation of the network through a software-based controller through an open API. SDN is relatively widely used because it is relatively easy to operate, such as network segmentation, and has the advantage that network users can easily access the network while moving through space.

However, such an existing SDN has a problem that it is expensive to implement it. Specifically, the existing SDN implementation method adopts the openflow protocol, and requires an expensive switch equipped with H / W TCAM for use in the openflow protocol. Accordingly, since it cannot be implemented with only existing legacy switches, it is expensive to replace all of them with the above-mentioned expensive switches, and it is also more expensive to operate them than when using the existing legacy switches. .

In the end, it is expensive because it requires an expensive switch equipped with H / W TCAM to implement SDN. If so, if you can implement SDN without using it, you can take advantage of SDN at a relatively low cost. It will be there, so this will be a good way. Also, unlike the backbone network or the core network, in an access network having a simple connection relationship, there is no need for a complicated routing algorithm that is the reason why H / W TCAM is used in the openflow protocol, so only legacy switches without H / W TCAM are installed. If a method that can be implemented to enable an access network to operate as an SDN is studied, this will be very advantageous. Such a method has not been studied.

The present invention aims to solve the above-mentioned problems.

An object of the present invention is to provide a method for efficiently managing a network based on a user's needs without replacing additional switches or directly configuring additional programs for the legacy switches.

An object of the present invention is to provide a method for efficiently managing a network based on a user's request by using only legacy switches without H / W TCAM function used in an existing method for implementing SDN.

The characteristic configuration of the present invention for achieving the objects of the present invention as described above and for realizing the characteristic effects of the present invention described below is as follows.

The characteristic configuration of the present invention for achieving the objects of the present invention as described above and for realizing the characteristic effects of the present invention described below is as follows.

According to an aspect of the present invention, in a traffic management method for efficiently managing a network based on a user's request, (a) a controller, (i) a plurality of VLANs for an administrator to set in a target network By establishing a communication connection with at least some of the legacy switches included in the target network through a process of obtaining VLAN information and (ii) a predetermined dedicated communication channel, at least some of the legacy switches will operate in conjunction with the controller Performing a setting process to enable; (b) setting, by the controller, at least some of the legacy switches to operate according to the VLAN setting information by transmitting VLAN setting information generated using the VLAN information to at least some of the legacy switches; (c) When a new host is connected to a specific legacy switch that is one of the legacy switches, the controller obtains connection information of the new host by referring to the new ARP packet of the new host acquired by the specific legacy switch. To do; And (d) causing the controller to establish the connection to the target network of the new host with the specific legacy switch, with reference to the connection information.

As an example, in step (b), the controller transmits the VLAN setting information to at least some of the legacy switches, causing at least some of the legacy switches to refer to the VLAN information, and the legacy switches By setting at least one of each port included in at least some of the ports to be a trunk port for the VLANs, the hosts connected to different legacy switches through the trunk port perform communication according to VLAN rules. Disclosed is a method characterized by setting the legacy switches.

As an example, in step (c), when the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch connected to the new host receives it. After acquiring, the information is transmitted to the controller through the dedicated communication channel, and the controllers refer to the new IP address included in the new ARP packet and the VLANs to which the new host is to be included. Disclosed is a method characterized by acquiring the connection information including the desired group information for a specific VLAN, which is one of them.

As an example, in step (d), the controller, by referring to the desired group information, causes the specific legacy switch to assign its new connection port to which the new host is connected to the specific VLAN, thereby specifying the specific VLAN. A method is disclosed that is characterized by setting a legacy switch.

As an example, in step (c), in the first case for a case in which the new host has been previously connected to the target network and the past IP address set when the target network was connected has not expired, the A method is disclosed in which a new host uses the old IP address as the new IP address.

As an example, the step (c) corresponds to a case in which the new host has never been previously connected to the target network or when the old IP address set when the new host was previously connected to the target network has expired. In the second case, after the new host provides each graphic object corresponding to the respective VLANs to the user through the UI displayed on a predetermined display device, the user is one of the graphic objects. When a specific graphic object is selected, a method is disclosed in which one of the IP addresses included in a specific IP subnet corresponding to the specific VLAN corresponding to the specific graphic object is used as the new IP address.

As an example, the step (c) corresponds to a case in which the new host has never been previously connected to the target network or when the old IP address set when the new host was previously connected to the target network has expired. In the second case, when a DHCP server exists in the specific VLAN including the new host, the new host uses the IP address obtained by interworking with the DHCP server as the new IP address. The method is disclosed.

As an example, in step (c), when the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch connected to the new host receives it. After acquisition, the information is transmitted to the controller through the dedicated communication channel, and the controller includes this by acquiring address binding information with reference to the new IP address and the new MAC address included in the new ARP packet. Disclosed is a method characterized by obtaining the connection information.

As an example, in step (d), the controller, with reference to the address binding information and a predetermined network rule table, a network in which a correspondence relationship between the new IP address and the new MAC address corresponds to the network rule table After determining whether to violate the rule, a method is disclosed in which the specific legacy switch is configured to establish a connection to the target network of the new host by referring to the determination result as a reference.

As an example, in step (c), when the new host generates and broadcasts the new ARP packet using its new category information, the specific legacy switch connected to the new host acquires it and information about it Is transmitted to the controller through the dedicated communication channel, and the controller acquires the connection information including the new category information included in the new ARP packet.

As an example, in step (d), the controller may refer to the new category information, and at least one of each of the fixed IP addresses preset for at least some of the respective categories may be generated by the new host. Assign as a new IP address to be used on the network, assign at least one of the fixed VLANs preset for at least some of the respective categories as a specific VLAN to which the new host will be included, and cause the specific legacy switch, the new IP address And establishing a connection to the target network of the new host with reference to the specific VLAN.

As an example, the controller sets the legacy switches by sending routing configuration information for setting a default route and a static route of the legacy switches to at least some of the legacy switches, wherein the default route is the target network and the A method is disclosed, which is determined with reference to an inter-network connection relationship between inter-networks outside a target network, and the static route is determined with reference to an intra-network connection relationship between the legacy switches inside the target network. .

As an example, (e) when the controller acquires additional VLAN information for at least one additional VLAN to be newly configured in the target network by the administrator, after generating additional VLAN configuration information with reference to the update information A method is disclosed that further comprises the step of sending it to at least some of the legacy switches, causing at least some of the legacy switches to update their settings using the additional VLAN configuration information.

According to another aspect of the present invention, in a traffic management method for efficiently managing a network based on a user's request, (a) a controller, (i) a plurality of VLANs for an administrator to set in a target network By establishing a communication connection with at least some of the legacy switches included in the target network through a process of obtaining VLAN information and (ii) a predetermined dedicated communication channel, at least some of the legacy switches will operate in conjunction with the controller Performing a setting process to enable; (b) When a first new host is connected to the first specific legacy switch, which is one of the legacy switches, the controller refers to the first new ARP of the first new host acquired by the first specific legacy switch. Obtaining first connection information of the first new host by using the method; (c) After the controller generates (i) first VLAN configuration information with reference to the first connection information, it transmits it to at least some of the legacy switches, whereby at least some of the legacy switches are A process of setting to operate according to the first VLAN setting information and (ii) allowing the first specific legacy switch to establish a connection to the target network of the first new host with reference to the first connection information A method is disclosed that includes performing a process.

As an example, (d) when a second new host is connected to the second specific legacy switch, which is one of the legacy switches, the second new ARP of the second new host acquired by the second specific legacy switch Obtaining second connection information of the second new host from a packet; And (e) the controller, (a) generates second VLAN configuration information with reference to the second connection information, and then transmits it to at least some of the legacy switches, so that at least some of the legacy switches Updating the setting and (b) performing the step of causing the second specific legacy switch to establish a connection to the target network of the second new host, with reference to the second connection information. Disclosed is a method comprising a.

According to another embodiment of the present invention, a controller that efficiently manages a network based on a user's request, the controller comprising: one or more memories storing instructions; And one or more processors configured to perform the instructions, wherein the processor comprises: (I) (i) a process of obtaining VLAN information for a plurality of VLANs that an administrator wants to set in a target network; and (ii) a predetermined process. A process of establishing a communication connection with at least some of the legacy switches included in the target network through a dedicated communication channel so that at least some of the legacy switches can operate in conjunction with the controller; (II) a process of setting at least some of the legacy switches to operate according to the VLAN setting information by sending VLAN setting information generated using the VLAN information to at least some of the legacy switches; (III) when a new host is connected to a specific legacy switch that is one of the legacy switches, a process of obtaining connection information of the new host by referring to the new ARP packet of the new host acquired by the specific legacy switch; And (IV) a controller that performs the process of causing the specific legacy switch to establish a connection to the target network of the new host, with reference to the connection information.

As an example, in the process (II), the processor transmits the VLAN configuration information to at least some of the legacy switches, causing at least some of the legacy switches to refer to the VLAN information to refer to the legacy switches. By setting at least one of each port included in at least some of the ports to be a trunk port for the VLANs, the hosts connected to different legacy switches through the trunk port perform communication according to VLAN rules. Disclosed is a controller, characterized in that to set the legacy switches.

As an example, in the process (III), when the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch associated with the new host is configured to broadcast the new ARP packet. After acquiring, the information is transmitted to the controller through the dedicated communication channel, and the processor attempts to include the new host by referring to the new IP address included in the new ARP packet. Disclosed is a controller characterized by acquiring the connection information including it by acquiring the desired group information for a specific VLAN.

As an example, the (IV) process may be performed by allowing the processor to assign its new connection port to which the new host is connected to the specific VLAN by referring to the desired group information. A controller characterized by setting a legacy switch is disclosed.

As an example, the process (III) may include, in the first case, when the new host has been previously connected to the target network, and the past IP address set when the target network was connected has not expired. A controller is characterized in that the new host uses the past IP address as the new IP address.

As an example, the process (III) corresponds to a case in which the new host has never been previously connected to the target network or when the old IP address set when the new host was previously connected to the target network has expired. In the second case, after the new host provides each graphic object corresponding to the respective VLANs to the user through the UI displayed on a predetermined display device, the user is one of the graphic objects. When a specific graphic object is selected, a controller characterized in that one of the IP addresses included in a specific IP subnet corresponding to the specific VLAN corresponding to the specific graphic object is used as the new IP address.

As an example, the process (III) corresponds to a case in which the new host has never been previously connected to the target network or when the old IP address set when the new host was previously connected to the target network has expired. In the second case, when a DHCP server exists in the specific VLAN including the new host, the new host uses the IP address obtained by interworking with the DHCP server as the new IP address. The controller is started.

As an example, in the process (III), when the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch associated with the new host is configured to broadcast the new ARP packet. After acquiring, this information is transmitted to the controller through the dedicated communication channel, and the processor includes this by acquiring address binding information with reference to the new IP address and the new MAC address included in the new ARP packet. Disclosed is a controller, characterized in that for obtaining the connection information.

As an example, in the (IV) process, the processor, with reference to the address binding information and a predetermined network rule table, a network in which a correspondence relationship between the new IP address and the new MAC address corresponds to the network rule table After determining whether or not to violate the rule, a controller is disclosed, characterized by allowing the specific legacy switch to establish a connection to the target network of the new host, by further referring to the determination result.

As an example, in the process (III), when the new host generates and broadcasts the new ARP packet using its new category information, the specific legacy switch connected to the new host acquires it and then information on it Is transmitted to the controller through the dedicated communication channel, and the processor obtains the connection information including the new category information included in the new ARP packet.

As an example, in the process (IV), the processor may refer to the new category information, and at least one of each of the fixed IP addresses preset for at least some of the respective categories may be generated by the new host. Assign as a new IP address to be used on the network, assign at least one of the fixed VLANs preset for at least some of the respective categories as a specific VLAN to which the new host will be included, and cause the specific legacy switch, the new IP address And a controller configured to establish a connection to the target network of the new host with reference to the specific VLAN.

As an example, the processor sends routing configuration information for setting a default route and a static route of the legacy switches to at least some of the legacy switches to set the legacy switches, wherein the default route is the target network and the A controller characterized in that the static route is determined by referring to the intra network connection relationship between the inter networks outside the target network, and the static route is determined by referring to the intra network connection relationship between the legacy switches inside the target network. .

As an example, when the processor, (V) the administrator obtains additional VLAN information for at least one additional VLAN to be newly set in the target network, after generating additional VLAN configuration information with reference to the update information Disclosed is a controller characterized by further performing a process of sending this to at least some of the legacy switches, so that at least some of the legacy switches update their settings using the additional VLAN configuration information.

According to another aspect of the present invention, a controller that efficiently manages a network based on a user's request, the controller comprising: one or more memories storing instructions; And one or more processors configured to perform the instructions, wherein the processor comprises: (I) (i) a process of obtaining VLAN information for a plurality of VLANs an administrator wants to set in the target network; and (ii) a predetermined process. Establishing a communication connection with at least some of the legacy switches included in the target network through a dedicated communication channel of performing a process of setting at least some of the legacy switches to operate in conjunction with the controller; (II) When a first new host is connected to a first specific legacy switch that is one of the legacy switches, the first new ARP of the first new host acquired by the first specific legacy switch is referred to as the first new host. A process of obtaining first connection information of a new host; (III) (i) After generating the first VLAN setting information with reference to the first connection information, send it to at least some of the legacy switches, so that at least some of the legacy switches set the first VLAN A process of setting to operate according to information and (ii) a process of causing the first specific legacy switch to establish a connection to the target network of the first new host with reference to the first connection information A controller is disclosed that is characterized by performing a process.

As an example, when a second new host is connected to the second specific legacy switch that is one of the legacy switches (IV), the second new ARP of the second new host acquired by the second specific legacy switch A process of obtaining second connection information of the second new host from a packet; And (V) (i) generating second VLAN configuration information with reference to the second connection information, and then transmitting it to at least some of the legacy switches to update settings of at least some of the legacy switches. And (ii) a process of performing a process of causing the second specific legacy switch to establish a connection to the target network of the second new host, with reference to the second connection information. The controller to be started.

The present invention has an effect that can provide a method to efficiently manage the network based on the user's needs without replacing the legacy switches or performing additional configuration directly to the legacy switches.

The present invention has an effect of providing a method for efficiently managing a network based on a user's request by using only legacy switches without H / W TCAM function used in an existing method for implementing SDN. .

1 is a diagram illustrating a configuration of a controller performing a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.
2 is a flowchart illustrating a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.
3 is a diagram illustrating a connection relationship between a controller and legacy switches performing a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.
4 is a diagram showing an example of using a trunk port to perform a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.

For a detailed description of the present invention, which will be described later, reference is made to the accompanying drawings that illustrate, by way of example, specific embodiments in which the present invention may be practiced. These examples are described in detail enough to enable those skilled in the art to practice the present invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain shapes, structures, and properties described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in relation to one embodiment. In addition, it should be understood that the location or placement of individual components within each disclosed embodiment can be changed without departing from the spirit and scope of the invention. Therefore, the following detailed description is not intended to be taken in a limiting sense, and the scope of the present invention, if appropriately described, is limited only by the appended claims, along with all ranges equivalent to those claimed. In the drawings, similar reference numerals refer to the same or similar functions across various aspects.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings in order to enable those skilled in the art to easily implement the present invention.

However, the following description may be used as a method for operating the target network as a software-defined network (SDN) in order to efficiently manage the target network, but is not limited thereto.

1 is a diagram illustrating a configuration of a controller performing a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.

Referring to FIG. 1, the controller 100 may include a communication unit 110 and a processor 120. At this time, the input / output and the calculation process of the controller 100 may be performed by the communication unit 110 and the processor 120, respectively. However, in FIG. 1, a detailed connection relationship between the communication unit 110 and the processor 120 is omitted. At this time, the memory 115 may be in a state in which various instructions to be described later are stored, and the processor 120 is set to perform the instructions stored in the memory 115, but the processor 120 performs processes to be described later. By doing so, the present invention can be carried out. The controller 100 described above does not exclude the case where the controller 100 includes an integrated processor in which a medium, a processor, and a memory for implementing the present invention are integrated.

How to efficiently manage the network based on the needs of the user using the controller 100 as described above will be described schematically with reference to FIG. 2.

2 is a flowchart illustrating a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.

The controller 100 performs a process (S01-1) of acquiring VLAN information for a plurality of VLANs, which will be described later, and a process (S01-2) of establishing a communication connection with at least some of the legacy switches in parallel. You can. Both processes are parallel, either of which may be performed first, or both processes may be performed together. Thereafter, the controller 100 may transmit the VLAN configuration information generated with reference to the VLAN information to at least some of the legacy switches (S02). Thereafter, when a new host is connected to a specific legacy switch, which is one of the legacy switches, connection information about it is acquired (S03), and a connection between the specific legacy switch and the new host can be established using this (S04).

This is a rough summary of the method of the present invention, which will be described in more detail below.

First, the controller 100 includes (i) a process of obtaining VLAN information for a plurality of VLANs that an administrator wants to set in the target network and (ii) the included in the target network through a predetermined dedicated communication channel. By establishing a communication connection with at least some of the legacy switches, a process of setting at least some of the legacy switches to operate in conjunction with the controller may be performed.

First, (i) the administrator will describe a process for obtaining VLAN information for a plurality of VLANs to be set in the target network. The administrator can input the VLAN information on which IP subnet address range each VLAN corresponds to in the controller 100 while knowing each IP subnet address range of the target network. For example, suppose that when an IP address range assigned to a specific company is 10.10.10.0 to 10.10.30.255, an administrator wants to set a VLAN by assigning it to a laboratory department, a sales department, and a QA department respectively. At this time, in the VLAN information, the first VLAN for the laboratory department corresponds to the IP subnet address range of 10.10.10.0/24, and the second VLAN for the sales department corresponds to the IP subnet address range for 10.10.20.0/24. , May include information that the third VLAN for the QA department corresponds to the IP subnet address range of 10.10.30.0/24.

Next, (ii) the controller 100 will describe the process of establishing a communication connection with at least some of the legacy switches. Reference will be made to FIG. 3 to illustrate this.

3 is a diagram illustrating a connection relationship between a controller and legacy switches performing a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.

Referring to FIG. 3, an example diagram when the controller 100 establishes a communication connection with at least some of the legacy switches can be confirmed. Here, the communication connection can be established in various forms. For example, as shown in the figure, the controller 100 may establish a communication connection with one of the legacy switches, or may establish a communication connection with some of the legacy switches or the entire legacy switch. At this time, when the controller 100 establishes a communication connection with only some of the legacy switches, VLAN setting information to be described later is transmitted to some of the legacy switches, and some of the legacy switches obtained by this are transmitted to other legacy switches. Legacy switches can be set in the form of transmission. When a communication connection is established with the entire legacy switch, of course, VLAN configuration information is transmitted to each legacy switch, so that each can be established. For example, the communication connection between the controller 100 and legacy switches may be implemented using TSL secure web communication, but is not limited thereto.

Thereafter, the controller 100 may transmit the VLAN configuration information generated using the VLAN information to at least some of the legacy switches and set the legacy switches to operate according to the VLAN configuration information. Specifically, the controller 100 transmits VLAN configuration information to at least some of the legacy switches, so that the legacy switches refer to the VLAN information, and each port included in at least some of the legacy switches At least one of them may be set as a trunk port for the VLANs. Through this configuration, hosts connected to different legacy switches through the trunk port can be configured to perform communication according to VLAN rules.

At this time, the trunk port refers to a port assigned to a trunk link configured to transmit VLAN information of packets. Specifically, when a host connected to different legacy switches communicates with each other, it refers to a port set to follow a VLAN rule.

Reference will be made to FIG. 4 to describe such a trunk port.

4 is a diagram showing an example of using a trunk port to perform a traffic management method for efficiently managing a network based on a user's request according to an embodiment of the present invention.

FIG. 4 is a diagram illustrating a case in which the first exemplary host included in the aforementioned first VLAN broadcasts its packet to the first VLAN, connected to the legacy switch on the left side. In this case, when the second example host of the first VLAN connected to the right legacy switch, rather than the left legacy switch, receives the corresponding packet, when the corresponding packet is transmitted from the first exemplary legacy switch to the second exemplary legacy switch However, it is necessary to tag the information that the corresponding packet is for the first VLAN. The port assigned to the trunk link through which the packet tagged with the VLAN information is transmitted is the trunk port. If there are no trunk ports, packet communication cannot be smoothly performed when there are multiple VLANs on multiple switches, so such trunk ports must be set.

When the trunk port of the legacy switches is set through the above-described process, it can be considered that the foundation for managing the target network including the legacy switches is provided. In this case, a case in which a new host is connected to the target network will be described.

When a new host is connected to a specific legacy switch, which is one of the legacy switches, the controller 100 may obtain connection information of the new host from the new ARP packet of the new host obtained by the specific legacy switch. In other words, when a new host is newly connected to a target network, it generates a new ARP packet and broadcasts it to hosts included in the same VLAN as itself, and a specific legacy switch connected to the new host must receive it. At this time, the specific legacy switch may transmit it to the controller 100 through the above-described dedicated communication channel. Thereafter, the controller 100 may acquire connection information with reference to the new ARP packet.

The connection information may include at least a part of the desired group information, address binding information, and new category information of the new host. First, the desired group information will be described.

First, when the controller 100 acquires a new ARP packet generated by a new host using its new IP address and its new MAC address, the controller 100 refers to the new IP address included in the new ARP packet. Thus, it is possible to obtain desired group information for a specific VLAN, which is one of the VLANs, to which the new host is to be included.

Specifically, the controller 100 may determine which of the above-described IP subnet address ranges the new IP address belongs to, and obtain the desired group information for it. For example, when the new IP address of the new host is 10.10.10.2, the controller 100 confirms that the new IP address belongs to the IP subnet address range corresponding to the first VLAN described above, and the new host is the laboratory department. Inquiry group information indicating that it is included in the first VLAN may be obtained.

At this time, the new IP address of the new host may be determined in different ways depending on whether the new host has previously connected to the target network or whether the IP address obtained when connected has expired.

First, in the first case for a case where a new host has been previously connected to a target network, and the old IP address set when the target network was connected has not expired, the new host retains the old IP address as it is. It can be used as For example, if a laptop that was previously connected to a legacy switch on the floor where the lab department is located and used as part of the first VLAN was using the past IP address of 10.10.10.2, the notebook is located where the QA department is located. If you go to the floor and connect to the target network again, the old IP address of 10.10.10.2 will be used as the new IP address of the notebook.

On the other hand, in the second case corresponding to the case where the new host has never been previously connected to the target network or the old IP address set when the new host was previously connected to the target network has expired, from the user of the new host You can get a new IP address. Specifically, after a new host provides each graphic object corresponding to the respective VLANs to the user through a UI displayed on a predetermined display device, the specific graphic object that the user is one of the graphic objects If is selected, one of the IP addresses included in the specific IP subnet corresponding to the specific VLAN corresponding to the specific graphic object may be obtained as the new IP address. In this case, the new host may be in a preset state to perform such a process.

Alternatively, a user who knows the above-described VLAN information without using a graphic object as described above may directly set it using an IP configuration command of a new host.

 Alternatively, when a DHCP server exists in a specific VLAN including the new host, the new host may obtain the new IP address in conjunction with a DHCP server. Since the configuration of obtaining an IP address in conjunction with a DHCP server is a well-known prior art, a description thereof will be omitted.

When the desired group information is obtained as described above, the controller 100 refers to information on a specific VLAN, which is one of a plurality of VLANs to which a new host is to be connected, obtained with reference to the desired group information, to a specific legacy switch. It is possible to assign a new connection port of a specific legacy switch to which the new host is connected to the specific VLAN. By assigning a new connection port to a specific VLAN, when a packet is transmitted from a new host to a host included in a specific VLAN, a specific legacy switch may tag information about a specific VLAN while sending the packet to the trunk port. When a packet tagged with information on a specific VLAN is obtained through a trunk port from another legacy switch, it may be delivered to a new host through a new connection port assigned to the specific VLAN. Through this process, the target network can be managed.

Next, address binding information will be described. After acquiring a new ARP packet through the same process as described above, the controller 100 may obtain address binding information by referring to the new IP address and the new MAC address included therein. The address binding information may be information paired with a new IP address and a new MAC address. When the address binding information is obtained as described above, the controller 100 determines whether a correspondence relationship between the new IP address and the new MAC address violates the network rule by referring to the network rule table set in advance. Use to allow a specific legacy switch to establish a new host connection. At this time, the network rule may include a rule for fixing a specific host to have a specific IP address. Of course, any other IP allocation rules could be included.

For example, if the network rule includes a rule to fix a host having a MAC address of 00: 06: 33: 00: 00: 01 to have an IP address of 10.10.10.5, the controller 100 may have 00:06 If the new IP address of a new host with a new MAC address of 00: 06: 33: 00: 00: 05, not: 33: 00: 00: 01, is 10.10.10.5, instruct certain legacy switches to block it, or However, it may send a message to the new host instructing to change the IP address.

Finally, new category information will be described.

In a special case, the new host may generate and broadcast a new ARP without using its new IP address and its new MAC address. For example, this may be the case when the new host is a DHCP server. At this time, the new host generates a new ARP using his new category information, and the controller 100 can acquire it.

Then, the controller 100, with reference to the new category information, assigns at least one of each static IP address preset for at least some of the respective categories as a new IP address of the new host, and each category At least one of the fixed VLANs preset for at least some of them may be assigned as a specific VLAN to include the new host. Thereafter, the controller 100 may allow a specific legacy switch to establish a connection to the target network of the new host with reference to this. Here, the fixed IP address may be an IP address set in advance for each category by the administrator. For example, it may be set to give 10.10.20.230 to the DHCP server. The fixed VLAN may also be preset by each administrator for each category. For example, when it is determined that the DHCP server is used only in the second VLAN of the sales department, the administrator configures the DHCP server to be included in the second VLAN. May be

In an additional embodiment, the controller 100 obtains a new MAC address as connection information, finds a portion corresponding to the OUI among the new MAC addresses, compares it with the blocked OUI, and if the OUI corresponding portion of the new MAC address is If it is the same as the blocking OUI, a specific legacy switch can be made to block the connection of the new host.

Through the above-described process, legacy switches are set so that the target network can be efficiently managed. Hereinafter, a method for the controller 100 to perform routing setup on the target network for more efficient operation of the target network will be described.

That is, the controller 100 may set the legacy switches by sending routing setting information for setting the default route and the static route of the legacy switches to at least some of the legacy switches. At this time, the default route may be determined with reference to the inter-network connection relationship between the target network and the inter-network outside the target network, and the static route may be determined with reference to the intra-network connection relationship between legacy switches within the target network.

For example, if the first VLAN is set to be connected to both the second VLAN and the third VLAN, and the second VLAN and the third VLAN are set to be not connected to each other, packets from the second VLAN to the third VLAN The static route may be set to pass through the first VLAN, and vice versa. The default route may be set to route packets to any legacy switch that is connected to the inter-network, if routing is not possible using the static route.

Also, a description will be given of a case in which an administrator wants to change the target network setting. That is, when the controller 100 acquires additional VLAN information for at least one additional VLAN to be newly set in the target network, the controller 100 generates additional VLAN configuration information with reference to the update information and then switches the legacy VLANs. By sending to at least some of them, it is possible for at least some of the legacy switches to update their own settings using additional VLAN configuration information. For example, at least some of the legacy switches may be updated by reflecting information about additional VLANs in their Trunk port configuration.

In the above, the first embodiment, which is an example of a method of enabling a target network to efficiently manage a network based on a user's request, using only a legacy switch has been described. Hereinafter, a second embodiment will be described. Since most of the components are similar, descriptions of similar parts will be omitted, and the two methods will focus on different parts.

First, the controller 100 includes (i) a process of obtaining VLAN information for a plurality of VLANs that an administrator wants to set in a target network, and (ii) legacy switches included in the target network through a predetermined dedicated communication channel. By establishing a communication connection with at least some of them, a process of setting at least some of the legacy switches to operate in conjunction with the controller may be performed.

Then, when the first new host is connected to the first specific legacy switch, which is one of the legacy switches, the controller 100 refers to the first new ARP of the first new host acquired by the first specific legacy switch. 1 The first connection information of the new host can be obtained.

Then, after the controller 100 generates (i) the first VLAN setting information with reference to the first connection information, it transmits it to at least some of the legacy switches, so that at least some of the legacy switches have the first VLAN A process of setting to operate according to the setting information and (ii) a process of allowing the first specific legacy switch to establish a connection to the target network of the first new host may be performed with reference to the first connection information.

In the case of the second embodiment, unlike the first embodiment in which the controller 100 initially sets legacy switches using connection information, when a new host is connected to one of the legacy switches, the legacy switches are used using the information at that time. The configuration to be set is adopted. This is a method in which the controller 100 can respond to changes in the target network a little more actively than in the first embodiment, and the difference between the second new host and the process of checking the connection of the new host may be better seen.

First, when the second new host is connected to the second specific legacy switch, which is one of the legacy switches, the controller 100 receives the second new from the second new ARP packet of the second new host acquired by the second specific legacy switch. The second connection information of the host may be obtained.

Thereafter, the controller 100 generates (i) second VLAN configuration information with reference to the second connection information, and then transmits it to at least some of the legacy switches to update the settings of at least some of the legacy switches And (ii) a second specific legacy switch to establish a connection to the target network of the second new host with reference to the second connection information.

It is assumed that the new VLAN to be included in the second new host is not one of the VLANs initially set by the administrator. In this case, the controller 100 can set a new VLAN in the target network without receiving additional settings from the administrator. This is different from the method of setting for additional VLANs in the first embodiment, and it can be seen that unlike the first embodiment, the second embodiment gives a higher activity to the controller 100. Through this, the controller 100 can respond to changes in the target network more quickly.

The embodiments according to the present invention described above may be implemented in the form of program instructions that can be executed through various computer components and can be recorded in a computer-readable recording medium. The computer-readable recording medium may include program instructions, data files, data structures, or the like alone or in combination. The program instructions recorded on the computer-readable recording medium may be specially designed and configured for the present invention or may be known and available to those skilled in the computer software field. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tapes, optical recording media such as CD-ROMs, DVDs, and magneto-optical media such as floptical disks. media), and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine language codes produced by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules to perform processing according to the present invention, and vice versa.

In the above, the present invention has been described by specific matters such as specific components, etc. and limited embodiments and drawings, which are provided to help the overall understanding of the present invention, but the present invention is not limited to the above embodiments , Those skilled in the art to which the present invention pertains can make various modifications and variations from these descriptions.

Therefore, the spirit of the present invention is not limited to the above-described embodiment, and should not be determined, and all claims that are equally or equivalently modified with the claims as described below are within the scope of the spirit of the present invention. Would say

Claims (30)

In the traffic management method for efficiently managing the network based on the needs of the user,
Among the legacy switches included in the target network through (a) a controller, (i) a process of obtaining VLAN information for a plurality of VLANs that an administrator wants to set in a target network, and (ii) a predetermined dedicated communication channel. Performing a process of establishing a communication connection with at least a portion such that at least a portion of the legacy switches can operate in conjunction with the controller;
(b) setting, by the controller, at least some of the legacy switches to operate according to the VLAN setting information by transmitting VLAN setting information generated using the VLAN information to at least some of the legacy switches;
(c) When a new host is connected to a specific legacy switch that is one of the legacy switches, the controller obtains connection information of the new host by referring to the new ARP packet of the new host acquired by the specific legacy switch. To do; And
(d) causing the controller to establish a connection to the target network of the new host by the specific legacy switch with reference to the connection information.
Including,
The target network is a network that does not use the open flow protocol, and the legacy switches included in the target network do not have a hardware function used to perform the open flow protocol, but the legacy switches interwork with the controller The method according to claim 1, wherein the target network operates as a software-defined network (SDN) without using the open flow protocol. According to claim 1,
Step (b) is,
The controller transmits the VLAN configuration information to at least some of the legacy switches, causing at least some of the legacy switches to have respective ports included in at least some of the legacy switches with reference to the VLAN information By setting at least one of the VLAN as a trunk port for the VLANs, the legacy switches are configured to enable the hosts connected to different legacy switches through the trunk port to perform communication according to VLAN rules How to do. According to claim 1,
Step (c) is,
When the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch connected to the new host acquires the new ARP packet and then acquires the new ARP packet. One of the VLANs, which transmits information about a packet to the controller through the dedicated communication channel, and the controller refers to the new IP address included in the new ARP packet to include the new host. And obtaining the connection information including the desired group information by obtaining the desired group information for a specific VLAN. According to claim 3,
Step (d) is,
And the controller, by referring to the desired group information, sets the specific legacy switch by causing the specific legacy switch to allocate its new connection port to which the new host is connected to the specific VLAN. . According to claim 3,
Step (c) is,
In the first case for a case where the new host has been previously connected to the target network and the past IP address set when the target network was connected has not expired, the new host is configured to view the past IP address. A method characterized by using it as a new IP address. According to claim 3,
Step (c) is,
In the second case corresponding to the case where the new host has never been previously connected to the target network or the past IP address set when the new host was previously connected to the target network has expired, the new host is After providing each graphic object corresponding to each of the VLANs to the user through the UI displayed on a predetermined display device, when the user selects a specific graphic object that is one of the graphic objects, the specific graphic object Method for using one of the IP addresses included in a specific IP subnet corresponding to the specific VLAN corresponding to the new IP address. According to claim 3,
Step (c) is,
In the second case corresponding to the case where the new host has never been previously connected to the target network or the past IP address set when the new host was previously connected to the target network has expired, the new host is When a DHCP server exists in the specific VLAN included, the method of the new host, characterized in that using the IP address obtained by interworking with the DHCP server as the new IP address. According to claim 1,
Step (c) is,
When the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch connected to the new host acquires the new ARP packet and then acquires the new ARP packet. The address binding information by transmitting information on a packet to the controller through the dedicated communication channel, and the controller obtaining address binding information with reference to the new IP address and new MAC address included in the new ARP packet Method for obtaining the connection information comprising a. The method of claim 8,
Step (d) is,
After the controller determines whether a correspondence relationship between the new IP address and the new MAC address is in violation of the network rule corresponding to the network rule table, with reference to the address binding information and a preset network rule table, A method of claim 1, wherein the specific legacy switch is configured to establish a connection to the target network of the new host, by further referring to the determination result. According to claim 1,
Step (c) is,
When the new host generates and broadcasts the new ARP packet using its new category information, the specific legacy switch connected to the new host acquires the new ARP packet and then receives information about the new ARP packet. Method for transmitting to the controller through a dedicated communication channel, and the controller, by obtaining the new category information included in the new ARP packet, the connection information including the new category information. The method of claim 10,
Step (d) is,
The controller, with reference to the new category information, assigns at least one of each fixed IP address preset for at least some of the respective categories as a new IP address to be used by the new host on the network, respectively At least one of the fixed VLANs preset for at least some of the categories of is assigned as a specific VLAN to be included in the new host, and causes the specific legacy switch to refer to the new IP address and the specific VLAN to reference the new host. Method of characterized in that to establish a connection to the target network of the. According to claim 1,
The controller sets the legacy switches by sending routing setting information for setting a default route and a static route of the legacy switches to at least some of the legacy switches,
The default route is determined with reference to an inter-network connection relationship between the target network and an inter-network outside the target network, and the static route is determined with reference to an intra-network connection relationship between the legacy switches in the target network. The method characterized by being. According to claim 1,
(e) When the controller acquires additional VLAN information for at least one additional VLAN to be newly set in the target network, the administrator generates additional VLAN configuration information with reference to the additional VLAN information, and then adds the VLAN information. Sending VLAN configuration information to at least some of the legacy switches, so that at least some of the legacy switches update their settings using the additional VLAN configuration information
Method further comprising a. In the traffic management method for efficiently managing the network based on the needs of the user,
Among the legacy switches included in the target network through (a) a controller, (i) a process of obtaining VLAN information for a plurality of VLANs that an administrator wants to set in a target network, and (ii) a predetermined dedicated communication channel. Performing a process of establishing a communication connection with at least a portion such that at least a portion of the legacy switches can operate in conjunction with the controller;
(b) When a first new host is connected to the first specific legacy switch, which is one of the legacy switches, the controller refers to the first new ARP of the first new host acquired by the first specific legacy switch. Obtaining first connection information of the first new host by using the method;
(c) after the controller generates (i) first VLAN configuration information with reference to the first connection information, transmits the first VLAN configuration information to at least some of the legacy switches, A process of setting at least some of them to operate according to the first VLAN configuration information and (ii) the first specific legacy switch to the target network of the first new host with reference to the first connection information Steps through the process to establish a connection to
Including,
The target network is a network that does not use the open flow protocol, and the legacy switches included in the target network do not have a hardware function used to perform the open flow protocol, but the legacy switches interwork with the controller The method, characterized in that the target network operates as a Software-Defined Network (SDN) without using the open flow protocol. The method of claim 14,
(d) When a second new host is connected to the second specific legacy switch, which is one of the legacy switches, the controller may use the second new ARP packet of the second new host acquired by the second specific legacy switch. Obtaining second connection information of the second new host; And
(e) after the controller generates (a) second VLAN configuration information with reference to the second connection information, transmits the second VLAN configuration information to at least some of the legacy switches, Updating at least some of the settings and (b) making the second specific legacy switch establish a connection to the target network of the second new host with reference to the second connection information. Steps to perform
Method further comprising a. In the controller to efficiently manage the network based on the user's needs,
One or more memories storing instructions; And
It includes one or more processors configured to perform the instructions, wherein the processors include: (I) (i) a process for obtaining VLAN information for a plurality of VLANs that an administrator wants to set in a target network, and (ii) predetermined dedicated Performing a process of establishing a communication connection with at least some of the legacy switches included in the target network through a communication channel so that at least some of the legacy switches operate in conjunction with the controller; (II) a process of setting at least some of the legacy switches to operate according to the VLAN setting information by sending VLAN setting information generated using the VLAN information to at least some of the legacy switches; (III) when a new host is connected to a specific legacy switch that is one of the legacy switches, a process of obtaining connection information of the new host by referring to the new ARP packet of the new host acquired by the specific legacy switch; And (IV) referring to the connection information, performing a process of causing the specific legacy switch to establish a connection to the target network of the new host,
The target network is a network that does not use the open flow protocol, and the legacy switches included in the target network do not have a hardware function used to perform the open flow protocol, but the legacy switches interwork with the controller As the target network is a controller, characterized in that it operates as a Software-Defined Network (SDN) without using the open flow protocol. The method of claim 16,
The above (II) process,
The processor transmits the VLAN configuration information to at least some of the legacy switches, causing at least some of the legacy switches to have respective ports included in at least some of the legacy switches with reference to the VLAN information By setting at least one of the VLAN as a trunk port for the VLANs, the legacy switches are configured to enable the hosts connected to different legacy switches through the trunk port to perform communication according to VLAN rules Controller. The method of claim 16,
The (III) process is,
When the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch connected to the new host acquires the new ARP packet and then acquires the new ARP packet. One of the VLANs, which transmits information about a packet to the controller through the dedicated communication channel, and the processor wants to include the new host with reference to the new IP address included in the new ARP packet. A controller comprising obtaining the connection information including the desired group information by obtaining the desired group information for a specific VLAN. The method of claim 18,
The (IV) process,
The controller, with reference to the desired group information, to set the specific legacy switch by causing the specific legacy switch to assign its new connection port to which the new host is connected to the specific VLAN . The method of claim 18,
The (III) process is,
In the first case for a case where the new host has been previously connected to the target network and the past IP address set when the target network was connected has not expired, the new host is configured to view the past IP address. A controller characterized in that it is used as a new IP address. The method of claim 18,
The (III) process is,
In the second case corresponding to the case where the new host has never been previously connected to the target network or the past IP address set when the new host was previously connected to the target network has expired, the new host is After providing each graphic object corresponding to each of the VLANs to the user through the UI displayed on a predetermined display device, when the user selects a specific graphic object that is one of the graphic objects, the specific graphic object And one of the IP addresses included in the specific IP subnet corresponding to the specific VLAN corresponding to the new VLAN is used as the new IP address. The method of claim 18,
The (III) process is,
In the second case corresponding to the case where the new host has never been previously connected to the target network or the past IP address set when the new host was previously connected to the target network has expired, the new host is When a DHCP server is present in the specific VLAN included, the new host uses the IP address obtained by interworking with the DHCP server as the new IP address. The method of claim 16,
The (III) process is,
When the new host generates and broadcasts the new ARP packet using its new IP address and its new MAC address, the specific legacy switch connected to the new host acquires the new ARP packet and then acquires the new ARP packet. The address binding information is obtained by transmitting information about a packet to the controller through the dedicated communication channel, and the processor acquires address binding information with reference to the new IP address and new MAC address included in the new ARP packet Controller for obtaining the connection information comprising a. The method of claim 23,
The (IV) process,
After the processor determines whether a correspondence relationship between the new IP address and the new MAC address is in violation of the network rule corresponding to the network rule table, with reference to the address binding information and a preset network rule table, A controller, characterized in that the specific legacy switch is configured to establish a connection to the target network of the new host, by further referring to the determination result. The method of claim 16,
The (III) process is,
When the new host generates and broadcasts the new ARP packet using its new category information, the specific legacy switch connected to the new host acquires the ARP packet and then transfers the information about the new ARP packet to the dedicated host. The controller, characterized in that by transmitting to the controller through a communication channel, the processor acquires the connection information including the new category information by obtaining the new category information included in the new ARP packet. The method of claim 25,
The (IV) process,
The processor, with reference to the new category information, assigns at least one of each fixed IP address preset for at least some of the respective categories as a new IP address to be used by the new host on the target network, At least one of the fixed VLANs preset for at least some of the respective categories is assigned as a specific VLAN to be included in the new host, and the specific legacy switch is referred to the new IP address and the specific VLAN to refer to the new The controller, characterized in that to establish a connection to the target network of the host. The method of claim 16,
The processor sets the legacy switches by sending routing configuration information for setting a default route and a static route of the legacy switches to at least some of the legacy switches,
The default route is determined with reference to an inter-network connection relationship between the target network and an inter-network outside the target network, and the static route is determined with reference to an intra-network connection relationship between the legacy switches in the target network. Controller characterized in that it becomes. The method of claim 16,
The processor,
(V) When the administrator acquires additional VLAN information for at least one additional VLAN to be newly set in the target network, after generating additional VLAN configuration information with reference to the additional VLAN information, the additional VLAN configuration information is generated. And performing a process of sending to at least some of the legacy switches to cause at least some of the legacy switches to update their settings using the additional VLAN configuration information. In the controller to efficiently manage the network based on the user's needs,
One or more memories storing instructions; And
And one or more processors configured to perform the instructions,
The processor includes (I) (i) a process for obtaining VLAN information for a plurality of VLANs that an administrator wants to set in a target network, and (ii) legacy switches included in the target network through a predetermined dedicated communication channel. A process of establishing a communication connection with at least some of the at least some of the legacy switches so as to operate in conjunction with the controller; (II) When a first new host is connected to a first specific legacy switch that is one of the legacy switches, the first new ARP of the first new host acquired by the first specific legacy switch is referred to as the first new host. A process of obtaining first connection information of a new host; (III) (i) After generating the first VLAN configuration information with reference to the first connection information, the first VLAN configuration information is transmitted to at least some of the legacy switches, and at least some of the legacy switches The process of setting to operate according to the first VLAN setting information and (ii) referring to the first connection information, causing the first specific legacy switch to establish a connection to the target network of the first new host To do the process of doing the process
The target network is a network that does not use the open flow protocol, and the legacy switches included in the target network do not have a hardware function used to perform the open flow protocol, but the legacy switches interwork with the controller As the target network is a controller, characterized in that it operates as a Software-Defined Network (SDN) without using the open flow protocol. The method of claim 29,
The processor,
(IV) When a second new host is connected to a second specific legacy switch that is one of the legacy switches, the second new host from the second new ARP packet of the second new host acquired by the second specific legacy switch A process of obtaining second connection information of the; And (V) (i) generating second VLAN configuration information with reference to the second connection information, and then transmitting the second VLAN configuration information to at least some of the legacy switches, to at least one of the legacy switches. A process of updating some settings and (ii) a process of causing the second specific legacy switch to establish a connection to the target network of the second new host, with reference to the second connection information The controller characterized in that to perform more.

Images