582148 A7 -------B7___ 五、發明説明(1 ) 【本發明之領域】 本發明係關於一種網路存取路由器,尤指一種具有負 載平衡與封包來源位址轉換機制之網際網路存取路由器及 其轉換方法。 【本發明之背景】 按’存取路由器(a c c e s s r 〇 u t e r )係用以連接使用 不同網路通訊協定或不同傳輸媒介的區域網路(LAN)與 廣域網路(WAN)。由於存取路由器位於區域網路至其 他網路的出口,因此,存取路由器必須具有計算封包傳輸 路徑的能力,以避免封包傳送錯誤之情形發生。即,存取 路由器接收由區域網路所傳送的封包,並將該等封包透過 適當的傳輸路徑傳輸至廣域網路或網際網路。 由於全球網際網路通訊協定位址(g 1 〇 b a 1 I p address )有限,因此存取路由器還須具有私有位址 (private address)與全球網際網路通訊協定位址轉換 (Network Address Translation / Network Address Port Translation,NAT/NAPT )之能力。此外,當具 有複數廣域網路介面單元時,存取路由器還需具有負載平 衡能力,以選取較輕負載之廣域網路介面單元輸出封包, 減少封包所遭遇延遲或被遗失之機會。 目前的路由器所採用的封包傳送負載平衡演算法主要 有兩種:第一種係採用固定對應的方式,即使用封包標頭 4 本紙張尺度適用中國國家標準(CNS) A4規格(21GX297公愛) " - - (請先閱讀背面之注意事項再填寫本頁各攔) -' • m I n n n n n n · n I Bn n n n n n t 582148 五、發明説明(2 ) 中之欄位作為分配傳輸路徑之依據,例如,使用傳送封包 =目的位址作為分配傳輸路徑之依據,當傳送封包之目的 =址為偶數(例如:14〇."2 1〇7 "2, "2為偶數), ^傳輸㈣為第-傳輸路徑。當傳送封包之目的位址為奇 —、 · ’ 111為奇數),則傳輸路 輸路徑。此種負載平衡演算法容易造成傳輸封 t集中在某-傳輸路徑’使得負载平衡不佳。 另-種封包傳送負載平衡演算法係採用動態的方式來 ^成,例如統計出該路由器所具有的複數傳輸路徑中負載 取輕的-條傳輸路徑,以透過該負載最輕的傳輸路徑傳送 封包至網際網路。但,動態方式並無法直接應用於現行且 備網路位址轉換功能之存取路由器,主要原因在於,絕大 多數網路應用協定均要求屬㈣—連線(eGnneetion) 之封包在經網路位址轉換後須具有同樣之來源位址,單純 選擇負載最輕之傳輸介面會使得屬於同一連線之封包經由 不同傳輸介面輸出,繼而使用不同之來源位址。、工 更甚者,現行許多網路應用協定例如樓案傳輸 (FTP)、網路電話(h.323 )等,均要求屬於同一連線 階段(session)中之各連線之封包在經網路位址轉換後 須具有同樣之來源位址。同樣的,單純選擇負載最輕之傳 輸介面可能使得同-連線階段之封包經由不同傳輸介面輸 出,繼而使用不同之來源位址。由於這些網路應用協定大 多透過先建立之控制連線(contr〇1 c〇nnecti〇n)動態 協調建立屬於同一連線階段之新連線,因此既有之解決= 匕—____ 5 在張尺度適用中國國家標準(CNS) A4規;fi (21GX297公楚丁 裝·---------訂 -------. (請先閱讀背面之注意事項再填寫本頁各攔) 582148 A7 ____________B7_ 五、發明説明(3 ) " 一 ~ -- 法係針對各種網路應用協定逐一解析其控制封包内容,以 分類出屬於同-連線階段之封包,既複雜又缺乏效率。 又現有存取路由器幾乎都採用單一網際網路服務供 應商(Internet Service Provider ,ISP)所提供之傳 輸通道來傳送封包。由於lsp所提供的網路服務品質常常 發生不穩定,使得傳輸通道有時不可靠,且單一isp往往 在平均價格下所提供的傳輸頻寬又不足,造成路由器傳輸 封包時容易產生封包遺失或碰撞之情形發生,因此,具備 複數網際網路介面單元且提供負載平衡功能之存取路由器 實有其實用價値,而前述習知路由器之設計實仍有予以改 進之必要。 發明人爰因於此,本於積極發明之精神,亟思一種可 以解決上述問題之「具有負載平衡與封包來源位址轉換機 制之網際網路存取路由器及其轉換方法」,幾經研究實驗 終至完成此項嘉惠世人之發明。 【本發明之概述】 本發明之主要目的係在提供一種具有負載平衡與封包 來源位址轉換機制之網際網路存取路由器及其轉換方法, 以使得具有網路位址轉換機制(NAT/NAPT)之網際網 路存取路由器提供一負載平衡機制。 本發明之另一目的係在提供一種具有負載平衡與封包 來源位址轉換機制之網際網路存取路由器及其轉換方法, 以使得通過某一網際網路服務供應商(ISPi)的封包皆使 本紙張尺度適用中國國家標準(CNS) A4規格(210X297公釐) 582148 A7 B7 五、發明説明(4 ) 用某一ISPi所分配的全球網際網路通訊協定位址(gl〇bai IP address) ° 本發明之又一目的係在提供一種具有負載平衡與封包 來源位址轉換機制之網際網路存取路由器及其轉換方法, 以使得屬於同一連線(c〇nnecti〇n)的封包經負載平衡 與網路位址轉換後具有同樣的來源位址。 本發明之再一目的係在提供一種具有負載平衡與封包 來源位址轉換機制之網際網路存取路由器及其轉換方法, 以ί吏得在同-連線階段(sessi〇n)中的各連線的封包經 負載平衡與網路位址轉換後具有同樣的來源位址。 本發明之最後-目的係在提供一種具有負載平衡與封 包來源位址轉換機制之網際網路存取路由器及其轉換方 & ’俾能動H依據網路介面的負載來決定封包的輸 面。 …依據本發明之—特色m種網際網路存取路由 來源位址轉換方法,該路由器具有-記憶單元及 早7Q,圮憶單元用以儲存一繞送一 =要:ft㈣存複數筆負載平衡記二 複數欄ϋ下1^银·(Α)由一接收之封包之標頭掏取 複數搁位値,以計算出一 元尋找與該封包對應之連線記錄,若該封包對== 據該燒㈣表決二依 (請先閲讀背面之注意事項再填寫本頁各欄) '·裝 *f • ϋ n n in n ϋ ϋ m、一Iwv * n n n n n ·.! n ------ i#· 582148 五、發明説明(5 ) 驟(C ) ·’ ( n \ Mb ^ 4^ 、 孩搜畀索引値尋找該快取單元暫存之 :己錄中t錄’右孩負載平衡記錄有效,則以該負載平衡 2錄中所喊的輸出介面作為該封包傳送之輸出介面,若 !:則執行負載平衡演算法以決定輸出介面;以及⑻ 猎由決疋·^輸出介面送出該封包。 依據本發明之另—特色,所提出之具有負載平衡與封 匕來源位址轉換機制之畴網路存取路由器係連接於一區 域,罔路與至廣域網路之間,該網際網路存取路由器主 要包括:複數網路介面單元,用以接收複數封包,並將該 複數封包暫存於-緩衝單元;以及—負載平衡控制單元, 其包括-網路協定處理單元、一搜尋計算單元及一封包傳 送單兀,該網路協定處理單元依序處理該緩衝單元中的每 -封包,俾供對-封包㈣複數攔位値,該搜尋計算單元 依據該複數欄位値計算出一搜尋索引値,繼而利用一查表 手段來決定傳送該等封包之網路介面單元,以傳送該等封 包,該封包傳送單元藉由決定之輸出介面送出該封包。 由於本發明構造新穎,能提供產業上利用,且確有增 進功效,故依法申請發明專利。 印 【圖式簡單説明】 第1圖係本發明之功能方塊圖。 第2圖係本發明負載平衡之動作流程圖 第3圖係本發明與網路連結之示意圖。 本紙張尺度適用中國國家標準(CNS) Α4ϋ^7五0X297公楚) I 裝i (請先閱讀背面之注意事項再填寫本頁各襴) ** 訂 582148 五、發明説明(6 【圖號說明】 網路介面單元 負載平衡控制單元 搜尋計算單元 連線纪錄表 快取單元 中央處理單元 路由器 網際網路服務供應商 【較佳具體實施例之詳細説明】 此、有關本發明之較佳實施例,敬請參照第1圖顯示之与 能=塊圖,其主要由複數網路介面單元丨^⑴、封包鑛 衝單元2負載平衡控制單元3及中央處理單元*等主要賴 件^組成。其中’負載平衡控制單元3更包括網路協定處 里單元31、搜尋计算單元32、記憶單元^、快取單元^ 及封包傳送單元35。該複數網路介面單元11,12,13與封 包緩衝單元2、負載平衡控制單元3及中央處理單元4之間 係透過控制及資料匯流排5來進行資料傳輸。 該複數網路介面單元U,12,13為對外網路輸出入介 面,以接收由網路傳來的封包,或將封包傳送至網路上。 於本實施例中,複數網路介面單元〗丨,〗^ 13包含至少一區 域網路介面單元與複數廣域網路介面單&。於本實施例 中,搜尋計算單元3 2較佳為一雜湊函數計算單元,其用以 11,12,13 封包緩衝單元 2 3 網路協定處理單元 3 1 32 記憶單元 33 331 繞送路徑表 332 34 負載平衡記錄 341 4 匯流排 5 6 區域網路 7 81,82,83 網際網路 9 本紙張尺度勒中顯家標準(CNS) A4 規格(210X297公582148 A7 ------- B7___ V. Description of the invention (1) [Field of the invention] The present invention relates to a network access router, especially an Internet with a load balancing and packet source address conversion mechanism. Road access router and its conversion method. [Background of the invention] The access router (a c c s s r ο u t er) is used to connect a local area network (LAN) and a wide area network (WAN) using different network protocols or different transmission media. Because the access router is located at the exit from the local area network to other networks, the access router must have the ability to calculate the packet transmission path to avoid packet transmission errors. That is, the access router receives the packets transmitted by the local area network, and transmits the packets to the wide area network or the Internet through an appropriate transmission path. Because the global Internet Protocol address (g 1 〇ba 1 I p address) is limited, the access router must also have a private address and a global Internet Protocol address translation (Network Address Translation / Network Address Port Translation (NAT / NAPT). In addition, when there are multiple WAN interface units, the access router must also have load balancing capabilities in order to select a lighter load WAN interface unit to output packets, reducing the chance of delay or loss of packets. There are two main types of packet transmission load balancing algorithms used by current routers. The first is to use a fixed correspondence method, that is, to use packet headers. 4 This paper size is applicable to China National Standard (CNS) A4 specifications (21GX297) "--(Please read the precautions on the back before filling in the blocks on this page)-'• m I nnnnnn · n I Bn nnnnnt 582148 V. The fields in the description of the invention (2) are used as the basis for assigning transmission paths, for example , Use the transmission packet = destination address as the basis for assigning the transmission path. When the purpose of the transmission packet = the address is an even number (for example: 14〇. &Quot; 2 1〇7 " 2, " 2 is an even number), ^ Transmission㈣ For the first-transmission path. When the destination address of the transmitted packet is odd —, · '111 is an odd number), the transmission path is transmitted. Such a load balancing algorithm can easily cause transmission packets to be concentrated on a certain transmission path ', making load balancing poor. Another kind of packet transmission load balancing algorithm is implemented in a dynamic way. For example, it counts the lighter transmission path among the plural transmission paths of the router to transmit the packet through the lightest transmission path. To the internet. However, the dynamic method cannot be directly applied to an access router with an existing network address translation function. The main reason is that most network application protocols require e-nntion packets to pass through the network. After the address conversion, they must have the same source address. Simply selecting the transmission interface with the lightest load will cause packets belonging to the same connection to be output through different transmission interfaces, and then use different source addresses. Even worse, many current network application protocols such as building case transfer (FTP), Internet phone (h.323), etc., require packets of each connection that belong to the same connection phase (session) to be transmitted over the network. The road address must have the same source address after conversion. Similarly, simply selecting the transmission interface with the lightest load may cause packets in the same-connection phase to be output through different transmission interfaces, and then use different source addresses. Since most of these network application protocols establish a new connection belonging to the same connection stage through the control connection (contr〇1 c〇nnecti〇n) established first, the existing solution = dagger —____ 5 Applicable to China National Standard (CNS) A4 regulations; fi (21GX297) .--------- Order -------. (Please read the precautions on the back before filling in the blocks on this page ) 582148 A7 ____________B7_ V. Description of the invention (3) " I ~-The legal system analyzes the contents of its control packets one by one for various network application protocols to classify the packets belonging to the same-connection phase, which is both complicated and inefficient. In addition, almost all existing access routers use a transmission channel provided by a single Internet Service Provider (ISP) to transmit packets. Because the quality of network services provided by lsp is often unstable, the transmission channel sometimes Unreliable, and a single isp often provides insufficient transmission bandwidth at the average price, causing routers to easily lose or collide when transmitting packets. Therefore, it has multiple Internet The access router with a surface unit and providing load balancing function has its practical value, and the design of the conventional router described above still needs to be improved. Because of this, the inventor, in the spirit of active invention, urgently thinks of a kind of The "Internet access router with load balancing and packet source address conversion mechanism and its conversion method", which solves the above problem, has been completed after several research experiments to the benefit of the world's invention. [Summary of the invention] The invention The main purpose is to provide an Internet access router with a load balancing and packet source address translation mechanism and a conversion method thereof, so that an Internet access router with a network address translation mechanism (NAT / NAPT) is provided. Provide a load balancing mechanism. Another object of the present invention is to provide an Internet access router with a load balancing and packet source address conversion mechanism and a conversion method thereof, so that an Internet service provider ( ISPi) packets make this paper size applicable to China National Standard (CNS) A4 (210X297 mm) 582148 A7 B7 V. Description of the invention (4) Use a global Internet protocol address (glObai IP address) assigned by an ISPi ° Another object of the present invention is to provide a load balancing and packet source address conversion A mechanism-based Internet access router and a conversion method thereof so that packets belonging to the same connection (connectin) have the same source address after load balancing and network address conversion. Another aspect of the present invention The purpose is to provide an Internet access router with a load balancing and packet source address conversion mechanism and a conversion method thereof, so as to obtain the packet packets of each connection in the same-connection phase (session). Load balancing has the same source address as the network address translation. The last-objective of the present invention is to provide an Internet access router with a load balancing and packet source address conversion mechanism and its translator & 'active H to determine the packet output surface based on the load of the network interface. ... according to the present invention—featuring m kinds of Internet access routing source address conversion methods, the router has a-memory unit as early as 7Q, and a recall unit is used to store one winding one = required: ft㈣save multiple load balancing records Under the plural column, 1 ^ Silver (Α) The plural headers are taken from the header of a received packet to calculate a yuan to find the connection record corresponding to the packet. If the packet pair == according to the burning ㈣ Voting II (please read the notes on the back before filling in the columns on this page) '· 装 * f • ϋ nn in n ϋ ϋ m 、 一 Iwv * nnnnn ·.! N ------ i # · 582148 V. Description of the invention (5) Step (C) · '(n \ Mb ^ 4 ^ 、 Search for the index 値 look for the cache unit temporarily stored: t recorded in the recorded t right load balance record is valid, then Use the output interface called in the load balance 2 as the output interface for the packet transmission. If!:, Execute the load balancing algorithm to determine the output interface; and then send the packet from the output interface. Another invention-features, the proposed domain network with load balancing and source address conversion mechanism The access router is connected to an area between Kushiro and the wide area network. The Internet access router mainly includes a plurality of network interface units for receiving a plurality of packets and temporarily storing the plurality of packets in a buffer. A unit; and a load balancing control unit, which includes a network protocol processing unit, a search calculation unit, and a packet transmission unit, and the network protocol processing unit processes each packet in the buffer unit in order, for -Packet ㈣ plural block 値, the search calculation unit calculates a search index 依据 based on the plural field 値, and then uses a table lookup method to determine a network interface unit for transmitting the packets to transmit the packets, the The packet transmission unit sends out the packet through the determined output interface. Because the invention has a novel structure, can provide industrial use, and indeed has enhanced efficacy, it applies for an invention patent in accordance with the law. [Simplified Description of the Drawings] Figure 1 is the invention Functional block diagram. Figure 2 is a flowchart of the load balancing operation of the present invention. Figure 3 is a schematic diagram of the present invention connected to a network. Applicable to China National Standard (CNS) Α4ϋ ^ 7 五 0X297 公 楚) I installed i (Please read the notes on the back before filling in this page 本页) ** Order 582148 V. Description of the invention (6 [Illustration of drawing number] Internet Interface unit load balancing control unit search calculation unit connection history table cache unit central processing unit router Internet service provider [detailed description of the preferred embodiment] This, for the preferred embodiment of the present invention, please refer to Figure 1 shows the AND = block diagram, which is mainly composed of complex network interface units, ^^, packet mining unit, load balancing control unit 3, and central processing unit *. The 'load balancing control unit 3' further includes a network protocol processing unit 31, a search calculation unit 32, a memory unit ^, a cache unit ^, and a packet transmission unit 35. The plural network interface units 11, 12, 13 and the packet buffer unit 2, the load balancing control unit 3, and the central processing unit 4 perform data transmission through a control and data bus 5. The plurality of network interface units U, 12, 13 are external network input / output interfaces for receiving packets from the network or transmitting packets to the network. In this embodiment, the plural network interface units 〖丨,〗 ^ 13 include at least one local area network interface unit and plural wide area network interface sheets &. In this embodiment, the search calculation unit 3 2 is preferably a hash function calculation unit, which is used for 11, 12, 13 packet buffer unit 2 3 network protocol processing unit 3 1 32 memory unit 33 331 routing path table 332 34 Load balancing record 341 4 Bus 5 6 LAN 7 81, 82, 83 Internet 9 This paper is a standard of CNS A4 (210X297)
(請先閲讀背面之注意事項再填寫本頁各攔) 裝 I----訂·-------- M2148 B7 五、發明説明(7 ) 汁算出各種搜尋索引値(即雜湊函數 用以儲存一逯飨今你主”,b 彳匕)。圮憶早兀33 連、、泉记錄表3 3 1與一繞送路 table ) 332,於本實施例中,連線記錄表^ ^ng 路位址轉換(NAT/NAPT)之連線記錄表。&為一'•罔 =取單元34用以儲存複數筆負載平衡記錄,每一筆負 載平衡圮錄包括一來源位址、 ” m ^ 奴址、一輸出介面及 使用時間。快取單元34大小與备 可與變ϋ 一戰干衡圮錄的有效時間 了以曰負載平衡效果,容後詳述。於本實施例中,快取單 =34較佳為儲存256〜1〇24筆負載平衡記錄,其中,每一 筆負載平衡記錄的有效時間約數秒至十數秒。 第2圖顯示本發明負載平衡之動作流程圖,其中一網 路介面單元11接收由—網路端(例如:區域網路)所傳送 而來的封包’並料接收之封包暫存於封包緩衝單元2 (步驟S201)。繼而,網路協定處理單元31依封包所屬 的網路協定進行封包處理,封包處理係包括解封包(decapsulation) 處理與封 包檢查等處理 (例如:有 效跳躍 區#又數目(TTL)檢查與總和檢查(checksum))。 網路協定處理單元3 1並對通過檢查之封包(合法的封 包)抽取複數欄位値,以作為搜尋連線記錄表33丨與繞送 路徑表3 3 2之依據。以I p協定為例,該複數攔位値係包括 來源位址(source IP )、目的位址(destinaH〇n IP)、通訊協定型態(protocol type)、來源埠 (source port)及目的埠(destination port)等欄位 値(步騾S202 )。 10 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) (請先閲讀背面之注意事項再填寫本頁各攔) 裝 •声· 582148 五、發明説明( 擁取=源算單元32依據網路協定處理單元31所 …址計算出一雜凑函數鍵値(hash A 彡料函數鍵値用以映對至快取單 :::路協—”平:記錄3… 乃疋處理單兀3 1接著檢查記憶單 =之連線記錄表331,以確認連線記錄表= 否存在與m封包相對應的連線記錄。 中所在,則依據該連線記錄 斷該封包是否傳送:面,繼而判 傳送f廣域網路,則判斷該封包是否屬於特定:::用包: 足之控制連線(contro] Μ · 心】峪應用協 梦封勹e不么 nnection )封包,有關判斷 ::::: 連線封包之詳細情形,容後詳述。因 1確認網路位址轉換之連線記錄是否存 來源位址不—職況而遭=端應面m轉換後會有 右網路位址轉換之連線記錄 包,網路協定處理單元川心繞 ⑽單⑶中的繞送路徑表,以找到一合適的 =:。若找不到封包的繞送路徑,則丟棄該封包 是否傳、m°右找到—封包繞送路徑,則判斷該封包 疋否傳运至廣域網路。若該封包傳送至同—區域網路或另匕 W尺家標準(CNS) 观148 五 發明説明(9 了區域網路’則直接將封包傳送出去(步驟S2G7)。若 該封,係傳送至廣域網路,網路協定處理單元31依據之前 U算it!的雜湊函數鍵値來映對到快取單元2 4中所儲存的 負載㈣記錄341,若該負貞平衡記錄341之使用時間顯 :=尤錄已過期’則通知中央處理單元4執行—負載平衡 演算法來選擇—負餘小的輸出介面作為該封包的傳送介 面,其中,該負載平衡演算法係可採輪流(r〇und_ = bln )選擇万式、取最近_段時間平均負載最輕者或取 最L #又時間平均輸出仵列最短者。(步驟$ Μ 4 ),繼 而傳送該封包(步驟S207 )。 时若該負載平衡記錄341之時效為有效,則網路協定處 里=3 1使用負載平衡記錄341中所記載之輸出介面作為 孩封包的傳送介面。 :有欲由廣域網路介面輸出之封包需透過檢查該封包 二H或目的埠來判斷該封包是否屬於特定 網路應用 U之㈣連㈣包。若該封包屬於_連線封包,則更 ill备:單兀34中’《則所計算出的雜湊函數鍵値所映對 平衡記錄之輸出介面與使用時間,然後再依據輸 出介面執行網路位址轉換(步驟S2 傳送單S35將封包傳送出去。 =顯示本發明之路由器6與網路連結之示意圖,本 器6係連接至少—區域網路7,並透過複數個網 :由-6二供應商(ISP) 81,82,83連接至網際網路9。 路由"係猎由上述之負載平衡機制使得通過某-網際網 ^ ---------^------- (請先閲讀背面之注意事項再填寫本頁各棚) ^! —----—- 12 582148 五、發明説明(10 ) 路服務供應商(ISPl) 81 的全球網際網路通訊協定位址所分配 二行網路位址轉換),並使得屬於同一連線:封== 換:具有_來源位址(因為= am錄表再執行負載平衡),且在同—連線 _ 各連線封包經負載平衡與網路 又中的 位址(因為新連線之建立必定先透 :通,且自溝通後至建立新連線之間隔時間相當短,二: 而言約數百毫秒至數秒,故會於快取記錄表中留下有2 藉由查詢負載平衡快取記錄可使得同—連線階段= f線封包經網路位址轉換後具有同樣的來源位址 逐一檢视各控制連線之封包内容)。 ”、、而 由以上之説明可知,本發明利用一快取記億 =載平衡記錄與利用一記憶單元來儲存網路二止轉換 ,及、兀运路徑表’當然亦可將所有表格整合儲存於一記憶 早兀。並藉由擷取封包中的欄位値來進行—搜尋索引鍵 値,俾供透過搜尋索引鍵値進行快速查表動作,利用畜載 平衡記錄以使得屬於同一連線或同一連線階段之封包具有 同樣的來源位址,並且能從相同的輸出介面傳送出去,而 負載平衡記錄之有效時間短暫使得屬於不同連線盥不_ 線階段的封包之間可以進行動態負載平衡。藉由使用足多 數量之負載平衡記錄與短暫之記錄有效時間可減少因雜_ 函數所導致之碰撞情況,進而提升動態負射衡之效果。 (請先閲讀背面之注意事項再填寫本頁各阈) 裝 訂--------- 13 582148 A7 B7 五、發明說明(11 ) 综上所陳,本發明無論就目的、手段及功效,在在均 顯示其迥異於習知技術之特徵,實為一極具實用價値之發 明。惟應注意的是,上述實施例係為了便於説明而已,本 發明所主張之權利範圍非僅限於上述實施例,而凡與本發 明有關之技術構想,均屬於本發明之範轉。 (請先閱讀背面之注意事項再填寫本頁各攔)(Please read the precautions on the back before filling in the blocks on this page) Install I ---- Order · -------- M2148 B7 V. Description of the invention (7) Calculate various search indexes 値 (ie, hash function It is used to store your present master ", b 彳 dagger).) 忆 Early Wu 33 Company, Spring record table 3 31 and a winding route table) 332, in this embodiment, the connection record table ^ ^ ng Connection record table for NAT / NAPT. & is a '• 罔 = take unit 34 for storing multiple load balancing records, each load balancing record includes a source address, ”M ^ slave address, an output interface and use time. The size and preparation of the cache unit 34 can be used to change the effective time of the World War I to record the load balance effect, which will be described in detail later. In this embodiment, the cache order = 34 preferably stores 256 to 1024 load balancing records, where each load balancing record is valid for several seconds to ten seconds. FIG. 2 shows a flow chart of the load balancing operation of the present invention, in which a network interface unit 11 receives a packet sent from a network terminal (for example, a local area network), and the received packet is temporarily stored in a packet buffer. Unit 2 (step S201). Then, the network protocol processing unit 31 performs packet processing according to the network protocol to which the packet belongs. The packet processing includes decapsulation processing and packet inspection processing (for example, effective skip area # and number (TTL) inspection and total inspection). (Checksum)). The network protocol processing unit 31 extracts a plurality of fields 并对 for packets that pass the inspection (legal packets), as a basis for searching the connection record table 33 丨 and the routing path table 3 3 2. Taking the IP protocol as an example, the plural blocking systems include a source address (source IP), a destination address (destina Hon IP), a protocol type, a source port, and a destination port. (Destination port) and other fields (step S202). 10 This paper size applies Chinese National Standard (CNS) A4 specification (210X297 mm) (Please read the precautions on the back before filling in the blocks on this page) Installation · Sound · 582148 V. Description of the invention (Obtaining = Source Computing Unit 32 A hash function key (hash A) is calculated according to the address of the network protocol processing unit 31. (Hash A is used to map to the cache order ::: road association— "ping: record 3 ... Wu 31 1 Then check the connection record table 331 of the memory list = to confirm that the connection record table = whether there is a connection record corresponding to the m packet. If it is in the middle, it is determined whether the packet is transmitted according to the connection record: surface , And then determine to transmit f wide area network, then determine whether the packet belongs to a specific ::: use packet: sufficient control connection (contro M · heart) 峪 apply the association dream seal 勹 e nnection) packet, the relevant judgment :: ::: The details of the connection packet will be described in detail later. Because 1 confirm whether the connection record of the network address conversion is stored in the source address is not the same as the job status = there will be a right network after the conversion Address translation connection record packet in the network protocol processing unit Routing table to find a suitable = :. If the routing path of the packet is not found, discard the packet whether it is transmitted, m ° is found right-the packet routing path, then determine whether the packet is being transmitted to the WAN If the packet is transmitted to the same local area network or another standard (CNS), see the 148 Five Inventions (9 LAN), then the packet is directly transmitted (step S2G7). If the packet is transmitted, To the wide area network, the network protocol processing unit 31 maps the load ㈣ record 341 stored in the cache unit 24 according to the hash function key 算 calculated by the previous U! It! : = Youlu has expired ', then it instructs the central processing unit 4 to execute-load balancing algorithm to choose-the output interface of negative margin as the transmission interface of the packet, where the load balancing algorithm can take turns (r〇und_ = bln) Choose one of the ten thousand styles, take the one with the lightest average load in the recent _ period or take the one with the least L # and the shortest time average output queue (step $ Μ 4), and then transmit the packet (step S207). The aging time of load balancing record 341 is If it is valid, then the network protocol office = 3 1 Use the output interface recorded in the load balancing record 341 as the transmission interface of the child packet.: A packet intended to be output from the WAN interface must be checked by checking the packet 2H or the destination port. Determine whether the packet belongs to a specific packet of a network application. If the packet belongs to a _connection packet, it is even better prepared: the calculated hash function key in the unit 34 records the balance record Output interface and usage time, and then perform network address conversion according to the output interface (step S2, transmission sheet S35 sends the packet out. = Shows a schematic diagram of the router 6 and network connection of the present invention, the device 6 is connected at least- Local network 7 and connected to Internet 9 through a number of providers: ISPs 81, 82, 83. Routing " is based on the above-mentioned load balancing mechanism to pass a certain -Internet ^ --------- ^ ------- (Please read the notes on the back before filling in the sheds on this page) ^! —----—- 12 582148 V. Description of the invention (10) The two-line network address conversion assigned by the global Internet protocol address of the service provider (ISPl) 81) and make them belong to the same Connection: seal == change: have _source address (because = am records the table and then perform load balancing), and in the same connection _ each connection packet is load balanced and the address in the network (because of the new The establishment of the connection must be transparent: the communication, and the interval from the communication to the establishment of a new connection is quite short, two: about hundreds of milliseconds to a few seconds, so 2 will be left in the cache log table. Querying the load balancing cache records can make the same-connection stage = f-line packets have the same source address after network address conversion, and view the packet content of each control connection one by one). ", And from the above description, the present invention uses a cache to record 100 million = load balance records and uses a memory unit to store the two-way network conversion, and, of course, all the tables can be integrated and stored It is early in a memory. And it is performed by capturing the field 値 in the packet—search index key 値, which is used for quick table lookup operation through the search index key 利用, and uses the animal load balance record to make it belong to the same connection or Packets in the same connection phase have the same source address and can be transmitted from the same output interface. The short validity period of the load balancing record allows dynamic load balancing between packets belonging to different connection stages. . By using a sufficient number of load balancing records and short record valid time, the collision caused by the miscellaneous function can be reduced, and the effect of dynamic negative shooting balance can be improved. (Please read the precautions on the back before filling this page (Thresholds) Binding --------- 13 582148 A7 B7 V. Description of the Invention (11) To sum up, the present invention is It shows that it is a feature that is very different from the conventional technology, and it is a very practical invention. However, it should be noted that the above embodiments are for the convenience of description. The scope of the claims of the present invention is not limited to the above embodiments, but All technical ideas related to the present invention belong to the scope of the present invention. (Please read the precautions on the back before filling in the blocks on this page)
f * · ,Js~yL · Β·^— ϋ— I 11 i^i I ^ ^ · 11 n 1_1 ϋ 、T if! 本紙張尺度適用中國國家標準(CNS) A4規格(210X297公釐)f * ·, Js ~ yL · Β · ^ — ϋ— I 11 i ^ i I ^ ^ · 11 n 1_1 、, T if! This paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm)