US20170048157A1 - Intelligent Software-Defined Networking Based Service Paths - Google Patents
Intelligent Software-Defined Networking Based Service Paths Download PDFInfo
- Publication number
- US20170048157A1 US20170048157A1 US15/283,776 US201615283776A US2017048157A1 US 20170048157 A1 US20170048157 A1 US 20170048157A1 US 201615283776 A US201615283776 A US 201615283776A US 2017048157 A1 US2017048157 A1 US 2017048157A1
- Authority
- US
- United States
- Prior art keywords
- packet
- traffic flow
- instructions
- network device
- service path
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/35—Flow control; Congestion control by embedding flow control information in regular packets, e.g. piggybacking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0895—Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/34—Signalling channels for network management communication
- H04L41/342—Signalling channels for network management communication between virtual entities, e.g. orchestrators, SDN or NFV entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/40—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/12—Avoiding congestion; Recovering from congestion
- H04L47/125—Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2483—Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/32—Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/082—Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/20—Traffic policing
Definitions
- the present invention relates generally to networking, and, in particular embodiments, to systems, methods, computer program products, and apparatuses for intelligent software defined networking based service paths.
- SDN Software-defined networking
- a SDN node e.g., a switch
- a centralized SDN controller may provide the control plane functionality.
- Network traffic may be controlled by devices in a programmable central control plane, which may be configured remotely. Thus, greater flexibility may be achieved in controlling and configuring network traffic.
- an edge switch routes the packet to an external service provider device, which applies L 4 service rules to the packet. If the packet passes the service rules, the edge switch may then send the packet to internal switches of the network for forwarding to various target virtual machines (VMs). If the packet fails the service rules, the packet is dropped.
- VMs target virtual machines
- the current mechanism for handling services poses certain issues. For example, manual configuration of edge switches is necessary. Thus, every time service configurations are changed, all edge switches are reconfigured manually. Furthermore, all incoming packets are forwarded to the service device. However, when a packet in a traffic flow passes the service rules, all packets in the same traffic flow will generally also pass. Therefore, by forwarding every packet to the service device, unnecessary latency is created, and an unnecessary number of network resources are expended.
- a method for networking includes managing, by a network controller, network services for one or more network devices connected to the network controller.
- Managing network services includes receiving a packet in a traffic flow from a network device.
- the network device is one of the one or more network devices connected to the network controller.
- Managing network services further includes determining applicable services for the packet, transmitting the packet to a service provider in accordance with the applicable services for the packet, receiving, from the service provider, service results corresponding to the packet, and creating a forwarding entry providing instructions for handling the traffic flow in a service path table at the network device in accordance with the service results corresponding to the packet.
- a method for networking includes receiving, by a network device, a packet in a traffic flow. The method further includes searching a service path table for a forwarding entry providing instructions for handling the traffic flow, transmitting the packet to a service path controller when the forwarding path entry is not in the service path table, and transmitting the packet in accordance with the instructions for handling the traffic flow when the forwarding entry is in the service path table.
- a network device includes a receiver for receiving a packet in a traffic flow, a processor, and a computer readable storage medium storing programming for execution by the processor.
- the programming includes instructions to search a service path table for a forwarding entry providing instructions for handling the traffic flow, transmit the packet to a service path controller when the forwarding entry is not in the service path table, and transmit the packet in accordance with the instructions for handling the traffic flow when the forwarding entry is in the service path table.
- a network controller comprising a processor and a computer readable storage medium storing programming for execution by the processor.
- the programming includes instructions to manage network services for one or more network devices connected to the network controller.
- the instructions to manage network services comprises further instructions to receive a packet in a traffic flow from a first network device, wherein the first network device is one of the one or more network devices, determine applicable services for the packet, transmit the packet to a service provider in accordance with the applicable services for the packet, receive, from the service provider, service results corresponding to the packet, and create a forwarding entry providing an instruction for handling the traffic flow in a service path table at the first network device in accordance with the service results corresponding to the packet.
- FIG. 1 is a block diagram of a software defined network in accordance with various example embodiments
- FIG. 2 is a flow diagram describing network device behavior in accordance with various example embodiments
- FIG. 3 is a flow diagram describing network controller behavior in accordance with various example embodiments
- FIG. 4 is a flow diagram of a traffic flow path in accordance with various example embodiments.
- FIG. 5 is a block diagram of a computing system, which may be used to implement various example embodiments.
- SDN software defined networking
- L 4 layer four
- L 7 layer seven
- a network controller which may be referred to herein as a service path controller, provides centralized management for various services (e.g., layer four (L 4 ) to layer seven (L 7 ) services) in a software-defined networking (SDN) based network.
- SDN software-defined networking
- an edge switch in the network receives a packet in a traffic flow for an incoming transmission, the edge switch checks a service path table for a forwarding entry providing instructions on how to handle packets from the traffic flow. If the forwarding entry providing instructions for handling the traffic flow are not in the service path table, the edge switch sends the package to a service path controller.
- the service path controller determines what services are to be applied to the packet based on the traffic flow's service profile configured on the service path controller.
- the service path controller may then send the packet to the applicable service providers.
- the service path controller may update the service path table at the edge switch with a forwarding entry providing instructions for handling future packets in the same traffic flow. In such embodiments, these results are based on service results of the packet from the service providers.
- the edge switch may consult the service path table for instructions on how to act (e.g., to forward the follow-on packet to a destination virtual machine (VM) or to drop the follow-on packet).
- VM virtual machine
- a service path controller may manage services for any number of edge switches. Therefore, if service configurations in the network require updating, only the service path controller is updated and various edge switches need not be manually reconfigured.
- FIG. 1 illustrates an SDN based network 100 according to various example embodiments.
- data forwarding devices 104 also referred to herein as edge switches 104
- a controller 102 which generally may be referred to herein as service path controller 102 , manages network services for network 100 .
- Service path controller 102 functionality may be included in the functionality of a generic SDN controller managing network 100 .
- These network services may include higher layer services, such as L 4 , L 5 , L6, and/or L 7 services.
- Such services may include firewall services, authentication services, other security application services, load balancing services, IDS/IPS (intrusion detection/prevention services), DPI (deep packet inspection) services, WAN (wide area network) optimization services, and the like.
- incoming traffic flows may be transmitted to network 100 as a series of packets.
- the data forwarding device 104 may search a service path table for a forwarding entry providing instructions on how to handle packets in the traffic flow.
- the service path table may be a specific type of or a part of a packet forwarding table.
- Each data forwarding device 104 may include its own service path table, which may be managed by service path controller 102 . If the data forwarding device 104 finds a forwarding entry with instructions corresponding to the traffic flow in the service path table, the data forwarding device 104 handles the packet in accordance with such instructions.
- the instructions may direct data forwarding device 104 to forward packets in the traffic flow to a destination virtual machine (VM) 112 using, for example, various internal switches.
- the instructions may direct data forwarding device 104 to drop packets in the traffic flow.
- the data forwarding device 104 need not send the packet to service path controller 102 or a service provider 106 if a forwarding entry providing instructions for handling the traffic flow is found in the service path table.
- Other forms of instructions may also be included in the packet forwarding table, such as instructions to add/remove/upgrade tabs from a packet header, forward the packet to another table, egress the packets to a port, or the like. Therefore, any specific instructions described herein are used for illustrative purposes only-unless otherwise explicitly claimed.
- the data forwarding device 104 may send the packet to service path controller 102 .
- the data forwarding device 104 may send a first packet in a traffic flow to service path controller 102 because controller 102 has not programmed data forwarding device 104 with a forwarding entry for the traffic flow's packets yet. That is, the traffic flow may be new to network 100
- service path controller 102 may determine what services are needed for the packet's traffic flow, for example, by consulting the traffic flow's service profile, which may be saved on service path controller 102 .
- Service path controller 102 then sends the packet to the applicable service providers 106 , which may provide L 4 services (e.g., firewall services, load balancing services, security application services, and the like).
- service provider 106 may apply various service rules to the packet.
- Service provider 106 may then send the packet back to service path controller 102 along with a service result (e.g., whether the packet passed or failed the various service rules or which port to egress the packet as a result of a load balancing algorithm).
- service path controller 102 may return the packet to the data forwarding device 104 with instructions on how to handle the packet based on the service results. These instructions may be sent, for example, by updating the data forwarding device 104 's service path table with a forwarding entry in accordance with the service results. For example, if the packet passed the various service rules, service path controller 102 may update the data forwarding device 104 's service path table with instructions to forward the packet and other packets belonging to the same traffic flow to its target VM 112 . In an alternative example, if the packet failed the various service rules, service path controller 102 may update the data forwarding device 104 's service path table with instructions to drop the packet and other packets belonging to the same traffic flow.
- the service path controller 102 and service provider 106 may be configured by a virtual network service manager 108 .
- virtual network service manager 108 may configure different traffic flow profiles on service path controller 102 to identify applicable services of various traffic flows.
- virtual network service manager 108 may set different service rules at various service providers 106 .
- service configurations are updated, virtual network service manager 108 may only reconfigure service path controller 102 because network 100 's network services are managed by service path controller 102 . Therefore, reconfiguration of individual data forwarding devices 104 may not be necessary, simplifying the process for updating network 100 .
- service path controller 102 may maintain a master service path table containing instructions for all applicable traffic flows.
- Service path controller 102 may use the master service path table to update local service path tables at each data forwarding device 104 .
- service path controller 102 may periodically synchronize applicable traffic flow instructions on the master service path table with local service path tables by pushing (sometimes also referred to as injecting and/or programming) new entries to the applicable local service path tables.
- outdated traffic flow instructions may be removed from local service path tables.
- instructions in a service path table are removed after a configurable period of time, which may be implemented using a timer.
- service path controller 102 removes instructions for outdated traffic flows from local service path tables at data forwarding devices 104 .
- Outdated traffic flows may include, for example, traffic flows that have ended (e.g., a voice over IP call that is over) or a traffic flow that has migrated to a different part of network 100 or to an external network.
- service path controller 102 may be informed of outdated traffic flows, for example, by virtual network service manager 108 .
- FIG. 1 illustrates two data forwarding elements 104 connected to one internal switch 100 and two VMs 112
- various alternative example embodiments may include a network 100 having a controller 102 managing services for a varying number of data forwarding elements.
- each data forwarding element may be connected to a varying number of internal switches, each connected to a varying number of VMs.
- the various components illustrated in FIG. 1 are functional block representations of physical network devices. Therefore, the various elements illustrated in FIG. 1 may be implemented using any suitable hardware configuration.
- data forwarding devices 104 may be implemented as a virtual switch, a physical switch, a router, or any other suitable hardware device.
- controller 102 may be located in a separate physical device box than data forwarding devices 104 .
- other hardware and network configurations are contemplated herein; thus, any specific implementation described herein is used for illustrative purposes only-unless otherwise explicitly claimed.
- FIG. 2 illustrates a flow diagram of network device operations in accordance with various example embodiments.
- the network device may be, for example, a data forwarding device 104 illustrated in FIG. 1 .
- the network device receives a packet in a traffic flow in step 200 .
- the network device may search for a forwarding entry providing instructions on how to handle the traffic flow in a service path table.
- the service path table may be locally stored on the network device itself.
- the network device may determine if any forwarding entries providing instructions on for how to handle the traffic flow exist in the service path table. If such instructions exist, then in step 208 , the network device transmits the packet in accordance with the instructions. For example, the network device may transmit the packet to its target VM via one or more internal switches of the network. In another example, the network device may drop the packet. In yet another example, the network device may egress the packet to a particular port. If instructions for handling the packet's traffic flow are not in the service path table, the network device may transmit the packet to a service path controller to determine how to handle the packet.
- FIG. 3 illustrates a flow diagram of network controller operations in accordance with various example embodiments.
- the network controller may be, for example, a service path controller 102 illustrated in FIG. 1 .
- the network controller receives a packet in a traffic flow from a network device in step 100 .
- the network device may be any one of a plurality of network devices in a network managed by the network controller.
- the network device may be a data forwarding device 104 illustrated in FIG. 1 .
- the network controller may determine services to be applied to the packet. For example, the network controller may determine the services by consulting a service profile of the traffic flow, which may be configured on the network controller by a virtual network service manager.
- the network controller may transmit the packet to one or more service providers.
- the network controller may send any applicable information of the packet to a service provider (e.g., the applicable attributes of the packet used to apply applicable service rules) in lieu of sending the entire packet, reducing network traffic.
- the service provider may provide L 4 to L 7 services, such as firewall services, security services, authentication services, load balancing services, or the like.
- the applicable service providers may provide such services by applying one or more service rules to the packet.
- the network controller may receive the packet back from the service providers along with service results.
- the network controller may determine if the packet passed or failed the various service rules applied by the service provider in accordance with example embodiments. In such embodiments, if the packet passed, then in step 310 , the network controller may update a service path table at the network device with forwarding entry instructions to forward the packet and other packets in the same traffic flow towards a destination VM. Moreover, if the packet failed, then in step 312 , the network controller may update a service path table at the network device with forwarding entry instructions to drop the packet. In either step 310 or 312 , the network controller may update the service path table by syncing the service path table local to the network device with a master service path table at the network controller.
- the network controller may return the packet to the network device to handle in accordance with instructions in the updated service path table.
- the network controller may update the service path table with other instructions in accordance with the service results.
- the network controller may update the service path table with a forwarding entry identifying a port to egress the traffic flow's packets in accordance with results of a load balancing algorithm.
- FIG. 4 illustrates a flow diagram of a packet's path through a network, such as a SDN based network 100 illustrated in FIG. 1 , in accordance with various example embodiments.
- the packet is received by a network device, such as a data forwarding device of a SDN based network.
- the packet may be part of a traffic flow sent to the SDN based network by an external network.
- the network device may search a service path table for instructions for how to handle the traffic flow. If instructions are found, then in step 416 , the network device handles the packet in accordance with the instructions. For example, the network device may forward the packet to a destination VM, or the network device may drop the packet.
- the network device transmits the packet to a network controller.
- the network controller may be a service path controller that manages network services for multiple network devices in the SDN.
- the network controller determines what services are applicable to the packet, for example by consulting a traffic flow profile.
- the network controller may then transmit the packet to one or more service providers in step 406 .
- the service provider may provide L 4 -L 7 services.
- the network controller may transmit the packet to various service providers sequentially if the service profile for the packet identifies multiple applicable services.
- the network controller may send applicable information and/or attributes regarding the packet to a service provider in lieu of sending the entire packet, further reducing network traffic.
- the service provider(s) may apply various service rules to the packet.
- the service provider(s) may return the packet and service results to the network controller.
- the network controller updates a service path table in accordance with the service results.
- the network controller may update the service path table to forward the packets in the traffic flow to a target VM.
- the network controller may update the service path table to drop the packet.
- the network controller may update the service path table with a port to egress the packet as a result of a load balancing algorithm.
- the service path controller may return the packet to the network device to handle in accordance with instructions in the updated service path table.
- the network device handles the packet in accordance with instructions in the service path table.
- Various example embodiments described herein include a service path controller in a SDN based network.
- the service path controller manages network services for packets received by a SDN based network.
- the service path controller updates service path tables at a plurality of data forwarding devices of the network with instructions on how to handle packets in a data flow.
- follow-on packets in a pre-examined traffic flow are not forwarded to various service providers, saving network resources and reducing latency.
- new configurations for various services are applied to the network, only the service path controller is updated.
- Various data forwarding devices may not be reconfigured, simplifying the network updating process.
- FIG. 5 is a block diagram of a processing system that may be used for implementing the devices and methods disclosed herein. Specific devices may utilize all of the components shown, or only a subset of the components, and levels of integration may vary from device to device. Furthermore, a device may contain multiple instances of a component, such as multiple processing units, processors, memories, transmitters, receivers, etc.
- the processing system may comprise a processing unit equipped with one or more input/output devices, such as a speaker, microphone, mouse, touchscreen, keypad, keyboard, printer, display, and the like.
- the processing unit may include a central processing unit (CPU), memory, a mass storage device, a video adapter, and an I/O interface connected to a bus.
- CPU central processing unit
- the bus may be one or more of any type of several bus architectures including a memory bus or memory controller, a peripheral bus, video bus, or the like.
- the CPU may comprise any type of electronic data processor.
- the memory may comprise any type of system memory such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous DRAM (SDRAM), read-only memory (ROM), a combination thereof, or the like.
- SRAM static random access memory
- DRAM dynamic random access memory
- SDRAM synchronous DRAM
- ROM read-only memory
- the memory may include ROM for use at boot-up, and DRAM for program and data storage for use while executing programs.
- the mass storage device may comprise any type of storage device configured to store data, programs, and other information and to make the data, programs, and other information accessible via the bus.
- the mass storage device may comprise, for example, one or more of a solid state drive, hard disk drive, a magnetic disk drive, an optical disk drive, or the like.
- the video adapter and the I/O interface provide interfaces to couple external input and output devices to the processing unit.
- input and output devices include the display coupled to the video adapter and the mouse/keyboard/printer coupled to the I/O interface.
- Other devices may be coupled to the processing unit, and additional or fewer interface cards may be utilized.
- a serial interface card (not shown) may be used to provide a serial interface for a printer.
- the processing unit also includes one or more network interfaces, which may comprise wired links, such as an Ethernet cable or the like, and/or wireless links to access nodes or different networks.
- the network interface allows the processing unit to communicate with remote units via the networks.
- the network interface may provide wireless communication via one or more transmitters/transmit antennas and one or more receivers/receive antennas.
- the processing unit is coupled to a local-area network or a wide-area network for data processing and communications with remote devices, such as other processing units, the Internet, remote storage facilities, or the like.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
An example method embodiment for networking includes managing, by a network controller, network services for one or more network devices connected to the network controller. Managing network services includes receiving a packet in a traffic flow from a network device. The network device is one of the one or more network devices connected to the network controller. Managing network services further includes determining applicable services for the packet, transmitting the packet to a service provider in accordance with the applicable services for the packet, receiving, from the service provider, service results corresponding to the packet, and creating a forwarding entry providing instructions for handling the traffic flow in a service path table at the network device in accordance with the service results corresponding to the packet.
Description
- This application is a continuation of U.S. patent application Ser. No. 13/936,705, filed on Jul. 8, 2013, which application is hereby incorporated herein by reference.
- The present invention relates generally to networking, and, in particular embodiments, to systems, methods, computer program products, and apparatuses for intelligent software defined networking based service paths.
- Software-defined networking (SDN) is an emerging network technology that may improve customization, optimization, and improvement of networks. SDN may simplify networks by decoupling data-forwarding functionality (sometimes referred as a data plane) from a routing, resource, and other management functionality (sometimes referred as a control plane). As a result, while traditional network nodes may provide both the data plane functionality and the control plane functionality, a SDN node (e.g., a switch) may provide the data plane functionality and a centralized SDN controller may provide the control plane functionality. Network traffic may be controlled by devices in a programmable central control plane, which may be configured remotely. Thus, greater flexibility may be achieved in controlling and configuring network traffic.
- In existing SDN based networks, the settings of various network services (e.g., higher layer services) are manually configured at both the service provider and edge switches of a network path. When an incoming packet is received by the network, an edge switch routes the packet to an external service provider device, which applies L4 service rules to the packet. If the packet passes the service rules, the edge switch may then send the packet to internal switches of the network for forwarding to various target virtual machines (VMs). If the packet fails the service rules, the packet is dropped.
- The current mechanism for handling services poses certain issues. For example, manual configuration of edge switches is necessary. Thus, every time service configurations are changed, all edge switches are reconfigured manually. Furthermore, all incoming packets are forwarded to the service device. However, when a packet in a traffic flow passes the service rules, all packets in the same traffic flow will generally also pass. Therefore, by forwarding every packet to the service device, unnecessary latency is created, and an unnecessary number of network resources are expended.
- These and other problems are generally solved or circumvented, and technical advantages are generally achieved, by preferred embodiments of the present invention which provide intelligent software-defined networking based service paths.
- In accordance with an example embodiment, a method for networking includes managing, by a network controller, network services for one or more network devices connected to the network controller. Managing network services includes receiving a packet in a traffic flow from a network device. The network device is one of the one or more network devices connected to the network controller. Managing network services further includes determining applicable services for the packet, transmitting the packet to a service provider in accordance with the applicable services for the packet, receiving, from the service provider, service results corresponding to the packet, and creating a forwarding entry providing instructions for handling the traffic flow in a service path table at the network device in accordance with the service results corresponding to the packet.
- In accordance with another example embodiment, a method for networking includes receiving, by a network device, a packet in a traffic flow. The method further includes searching a service path table for a forwarding entry providing instructions for handling the traffic flow, transmitting the packet to a service path controller when the forwarding path entry is not in the service path table, and transmitting the packet in accordance with the instructions for handling the traffic flow when the forwarding entry is in the service path table.
- In accordance with another example embodiment, a network device includes a receiver for receiving a packet in a traffic flow, a processor, and a computer readable storage medium storing programming for execution by the processor. The programming includes instructions to search a service path table for a forwarding entry providing instructions for handling the traffic flow, transmit the packet to a service path controller when the forwarding entry is not in the service path table, and transmit the packet in accordance with the instructions for handling the traffic flow when the forwarding entry is in the service path table.
- In accordance with yet another example embodiment, a network controller comprising a processor and a computer readable storage medium storing programming for execution by the processor. The programming includes instructions to manage network services for one or more network devices connected to the network controller. The instructions to manage network services comprises further instructions to receive a packet in a traffic flow from a first network device, wherein the first network device is one of the one or more network devices, determine applicable services for the packet, transmit the packet to a service provider in accordance with the applicable services for the packet, receive, from the service provider, service results corresponding to the packet, and create a forwarding entry providing an instruction for handling the traffic flow in a service path table at the first network device in accordance with the service results corresponding to the packet.
- For a more complete understanding of the present invention, and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawing, in which:
-
FIG. 1 is a block diagram of a software defined network in accordance with various example embodiments; -
FIG. 2 is a flow diagram describing network device behavior in accordance with various example embodiments; -
FIG. 3 is a flow diagram describing network controller behavior in accordance with various example embodiments; -
FIG. 4 is a flow diagram of a traffic flow path in accordance with various example embodiments; and -
FIG. 5 is a block diagram of a computing system, which may be used to implement various example embodiments. - Example embodiments covering various aspects of the encompassed innovation are discussed in greater detail below. It should be appreciated, however, that the present invention provides many applicable unique and novel concepts that can be embodied in a wide variety of specific contexts. Accordingly, the specific embodiments discussed herein are merely illustrative of specific ways to make, use, and implement various aspects the present invention, and do not necessarily limit the scope thereof unless otherwise claimed.
- The following various example embodiments are described in a specific context, namely a software defined networking (SDN) based network providing higher layer services (e.g., layer four (L4)-layer seven (L7) services). As will be appreciated, however, such example embodiments may also manage networks services for other network configurations.
- As described herein, a network controller, which may be referred to herein as a service path controller, provides centralized management for various services (e.g., layer four (L4) to layer seven (L7) services) in a software-defined networking (SDN) based network. When an edge switch in the network receives a packet in a traffic flow for an incoming transmission, the edge switch checks a service path table for a forwarding entry providing instructions on how to handle packets from the traffic flow. If the forwarding entry providing instructions for handling the traffic flow are not in the service path table, the edge switch sends the package to a service path controller.
- In such embodiments, the service path controller determines what services are to be applied to the packet based on the traffic flow's service profile configured on the service path controller. The service path controller may then send the packet to the applicable service providers. After various service rules are applied to the packet by the service providers, the service path controller may update the service path table at the edge switch with a forwarding entry providing instructions for handling future packets in the same traffic flow. In such embodiments, these results are based on service results of the packet from the service providers. Thus, for future packets in the traffic flow, the edge switch may consult the service path table for instructions on how to act (e.g., to forward the follow-on packet to a destination virtual machine (VM) or to drop the follow-on packet). These follow-on packets need not be sent to the service provider, saving network resources and reducing latency. Furthermore, a service path controller may manage services for any number of edge switches. Therefore, if service configurations in the network require updating, only the service path controller is updated and various edge switches need not be manually reconfigured.
-
FIG. 1 illustrates an SDN basednetwork 100 according to various example embodiments. As shown inFIG. 1 , data forwarding devices 104 (also referred to herein as edge switches 104) receive incoming traffic flowtransmissions entering network 100 from external networks. Furthermore, acontroller 102, which generally may be referred to herein asservice path controller 102, manages network services fornetwork 100.Service path controller 102 functionality may be included in the functionality of a generic SDN controller managingnetwork 100. These network services may include higher layer services, such as L4, L5, L6, and/or L7 services. Such services may include firewall services, authentication services, other security application services, load balancing services, IDS/IPS (intrusion detection/prevention services), DPI (deep packet inspection) services, WAN (wide area network) optimization services, and the like. - Generally, incoming traffic flows may be transmitted to
network 100 as a series of packets. When adata forwarding device 104 receives a packet in a traffic flow, thedata forwarding device 104 may search a service path table for a forwarding entry providing instructions on how to handle packets in the traffic flow. The service path table may be a specific type of or a part of a packet forwarding table. Eachdata forwarding device 104 may include its own service path table, which may be managed byservice path controller 102. If thedata forwarding device 104 finds a forwarding entry with instructions corresponding to the traffic flow in the service path table, thedata forwarding device 104 handles the packet in accordance with such instructions. For example, the instructions may directdata forwarding device 104 to forward packets in the traffic flow to a destination virtual machine (VM) 112 using, for example, various internal switches. As another example, the instructions may directdata forwarding device 104 to drop packets in the traffic flow. Thedata forwarding device 104 need not send the packet toservice path controller 102 or aservice provider 106 if a forwarding entry providing instructions for handling the traffic flow is found in the service path table. Other forms of instructions may also be included in the packet forwarding table, such as instructions to add/remove/upgrade tabs from a packet header, forward the packet to another table, egress the packets to a port, or the like. Therefore, any specific instructions described herein are used for illustrative purposes only-unless otherwise explicitly claimed. - In such embodiments, if the
data forwarding device 104 does not find a forwarding entry providing instructions corresponding to the traffic flow in the service path table, thedata forwarding device 104 may send the packet toservice path controller 102. Generally, thedata forwarding device 104 may send a first packet in a traffic flow toservice path controller 102 becausecontroller 102 has not programmeddata forwarding device 104 with a forwarding entry for the traffic flow's packets yet. That is, the traffic flow may be new tonetwork 100 - In various example embodiments, when
service path controller 102 receives a packet,service path controller 102 may determine what services are needed for the packet's traffic flow, for example, by consulting the traffic flow's service profile, which may be saved onservice path controller 102.Service path controller 102 then sends the packet to theapplicable service providers 106, which may provide L4 services (e.g., firewall services, load balancing services, security application services, and the like). In such embodiments,service provider 106 may apply various service rules to the packet.Service provider 106 may then send the packet back toservice path controller 102 along with a service result (e.g., whether the packet passed or failed the various service rules or which port to egress the packet as a result of a load balancing algorithm). - In such embodiments,
service path controller 102 may return the packet to thedata forwarding device 104 with instructions on how to handle the packet based on the service results. These instructions may be sent, for example, by updating thedata forwarding device 104's service path table with a forwarding entry in accordance with the service results. For example, if the packet passed the various service rules,service path controller 102 may update thedata forwarding device 104's service path table with instructions to forward the packet and other packets belonging to the same traffic flow to itstarget VM 112. In an alternative example, if the packet failed the various service rules,service path controller 102 may update thedata forwarding device 104's service path table with instructions to drop the packet and other packets belonging to the same traffic flow. - In an example embodiment, the
service path controller 102 andservice provider 106 may be configured by a virtualnetwork service manager 108. For example, virtualnetwork service manager 108 may configure different traffic flow profiles onservice path controller 102 to identify applicable services of various traffic flows. As another example, virtualnetwork service manager 108 may set different service rules atvarious service providers 106. When service configurations are updated, virtualnetwork service manager 108 may only reconfigureservice path controller 102 becausenetwork 100's network services are managed byservice path controller 102. Therefore, reconfiguration of individualdata forwarding devices 104 may not be necessary, simplifying the process for updatingnetwork 100. - In various example embodiments,
service path controller 102 may maintain a master service path table containing instructions for all applicable traffic flows.Service path controller 102 may use the master service path table to update local service path tables at eachdata forwarding device 104. For example,service path controller 102 may periodically synchronize applicable traffic flow instructions on the master service path table with local service path tables by pushing (sometimes also referred to as injecting and/or programming) new entries to the applicable local service path tables. - Similarly, outdated traffic flow instructions may be removed from local service path tables. For example, in one example embodiment, instructions in a service path table are removed after a configurable period of time, which may be implemented using a timer. In another example,
service path controller 102 removes instructions for outdated traffic flows from local service path tables atdata forwarding devices 104. Outdated traffic flows may include, for example, traffic flows that have ended (e.g., a voice over IP call that is over) or a traffic flow that has migrated to a different part ofnetwork 100 or to an external network. In such embodiments,service path controller 102 may be informed of outdated traffic flows, for example, by virtualnetwork service manager 108. - Although
FIG. 1 illustrates twodata forwarding elements 104 connected to oneinternal switch 100 and twoVMs 112, various alternative example embodiments may include anetwork 100 having acontroller 102 managing services for a varying number of data forwarding elements. Moreover, each data forwarding element may be connected to a varying number of internal switches, each connected to a varying number of VMs. Furthermore, the various components illustrated inFIG. 1 are functional block representations of physical network devices. Therefore, the various elements illustrated inFIG. 1 may be implemented using any suitable hardware configuration. For example,data forwarding devices 104 may be implemented as a virtual switch, a physical switch, a router, or any other suitable hardware device. In various example embodiments,controller 102 may be located in a separate physical device box thandata forwarding devices 104. In alternative example embodiments, other hardware and network configurations are contemplated herein; thus, any specific implementation described herein is used for illustrative purposes only-unless otherwise explicitly claimed. -
FIG. 2 illustrates a flow diagram of network device operations in accordance with various example embodiments. In such embodiments, the network device may be, for example, adata forwarding device 104 illustrated inFIG. 1 . As shown inFIG. 2 , the network device receives a packet in a traffic flow instep 200. Instep 202, the network device may search for a forwarding entry providing instructions on how to handle the traffic flow in a service path table. The service path table may be locally stored on the network device itself. - In
step 204, the network device may determine if any forwarding entries providing instructions on for how to handle the traffic flow exist in the service path table. If such instructions exist, then instep 208, the network device transmits the packet in accordance with the instructions. For example, the network device may transmit the packet to its target VM via one or more internal switches of the network. In another example, the network device may drop the packet. In yet another example, the network device may egress the packet to a particular port. If instructions for handling the packet's traffic flow are not in the service path table, the network device may transmit the packet to a service path controller to determine how to handle the packet. -
FIG. 3 illustrates a flow diagram of network controller operations in accordance with various example embodiments. In such embodiments, the network controller may be, for example, aservice path controller 102 illustrated inFIG. 1 . As shown inFIG. 3 , the network controller receives a packet in a traffic flow from a network device instep 100. The network device may be any one of a plurality of network devices in a network managed by the network controller. In such embodiments, the network device may be adata forwarding device 104 illustrated inFIG. 1 . Instep 302, the network controller may determine services to be applied to the packet. For example, the network controller may determine the services by consulting a service profile of the traffic flow, which may be configured on the network controller by a virtual network service manager. - In
step 304 the network controller may transmit the packet to one or more service providers. In an alternative example embodiment, the network controller may send any applicable information of the packet to a service provider (e.g., the applicable attributes of the packet used to apply applicable service rules) in lieu of sending the entire packet, reducing network traffic. In various example embodiments, the service provider may provide L4 to L7 services, such as firewall services, security services, authentication services, load balancing services, or the like. Moreover, the applicable service providers may provide such services by applying one or more service rules to the packet. Instep 306, the network controller may receive the packet back from the service providers along with service results. - Furthermore, in
step 308, the network controller may determine if the packet passed or failed the various service rules applied by the service provider in accordance with example embodiments. In such embodiments, if the packet passed, then instep 310, the network controller may update a service path table at the network device with forwarding entry instructions to forward the packet and other packets in the same traffic flow towards a destination VM. Moreover, if the packet failed, then instep 312, the network controller may update a service path table at the network device with forwarding entry instructions to drop the packet. In eitherstep -
FIG. 4 illustrates a flow diagram of a packet's path through a network, such as a SDN basednetwork 100 illustrated inFIG. 1 , in accordance with various example embodiments. Instep 400, the packet is received by a network device, such as a data forwarding device of a SDN based network. The packet may be part of a traffic flow sent to the SDN based network by an external network. Instep 402, the network device may search a service path table for instructions for how to handle the traffic flow. If instructions are found, then in step 416, the network device handles the packet in accordance with the instructions. For example, the network device may forward the packet to a destination VM, or the network device may drop the packet. - If instructions are not found, in
step 404, the network device transmits the packet to a network controller. The network controller may be a service path controller that manages network services for multiple network devices in the SDN. The network controller determines what services are applicable to the packet, for example by consulting a traffic flow profile. - The network controller may then transmit the packet to one or more service providers in
step 406. The service provider may provide L4-L7 services. For example, the network controller may transmit the packet to various service providers sequentially if the service profile for the packet identifies multiple applicable services. In an alternative example embodiment, the network controller may send applicable information and/or attributes regarding the packet to a service provider in lieu of sending the entire packet, further reducing network traffic. Instep 408, the service provider(s) may apply various service rules to the packet. Instep 410, the service provider(s) may return the packet and service results to the network controller. Instep 412, the network controller updates a service path table in accordance with the service results. For example, if the packet passed the various service rules, the network controller may update the service path table to forward the packets in the traffic flow to a target VM. As another example, if the packet failed the various service rules, the network controller may update the service path table to drop the packet. As yet another example, the network controller may update the service path table with a port to egress the packet as a result of a load balancing algorithm. Furthermore, the service path controller may return the packet to the network device to handle in accordance with instructions in the updated service path table. Finally, in step 416, the network device handles the packet in accordance with instructions in the service path table. - Various example embodiments described herein include a service path controller in a SDN based network. The service path controller manages network services for packets received by a SDN based network. The service path controller updates service path tables at a plurality of data forwarding devices of the network with instructions on how to handle packets in a data flow. Thus, follow-on packets in a pre-examined traffic flow are not forwarded to various service providers, saving network resources and reducing latency. Furthermore, when new configurations for various services are applied to the network, only the service path controller is updated. Various data forwarding devices may not be reconfigured, simplifying the network updating process.
-
FIG. 5 is a block diagram of a processing system that may be used for implementing the devices and methods disclosed herein. Specific devices may utilize all of the components shown, or only a subset of the components, and levels of integration may vary from device to device. Furthermore, a device may contain multiple instances of a component, such as multiple processing units, processors, memories, transmitters, receivers, etc. The processing system may comprise a processing unit equipped with one or more input/output devices, such as a speaker, microphone, mouse, touchscreen, keypad, keyboard, printer, display, and the like. The processing unit may include a central processing unit (CPU), memory, a mass storage device, a video adapter, and an I/O interface connected to a bus. - The bus may be one or more of any type of several bus architectures including a memory bus or memory controller, a peripheral bus, video bus, or the like. The CPU may comprise any type of electronic data processor. The memory may comprise any type of system memory such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous DRAM (SDRAM), read-only memory (ROM), a combination thereof, or the like. In an embodiment, the memory may include ROM for use at boot-up, and DRAM for program and data storage for use while executing programs.
- The mass storage device may comprise any type of storage device configured to store data, programs, and other information and to make the data, programs, and other information accessible via the bus. The mass storage device may comprise, for example, one or more of a solid state drive, hard disk drive, a magnetic disk drive, an optical disk drive, or the like.
- The video adapter and the I/O interface provide interfaces to couple external input and output devices to the processing unit. As illustrated, examples of input and output devices include the display coupled to the video adapter and the mouse/keyboard/printer coupled to the I/O interface. Other devices may be coupled to the processing unit, and additional or fewer interface cards may be utilized. For example, a serial interface card (not shown) may be used to provide a serial interface for a printer.
- The processing unit also includes one or more network interfaces, which may comprise wired links, such as an Ethernet cable or the like, and/or wireless links to access nodes or different networks. The network interface allows the processing unit to communicate with remote units via the networks. For example, the network interface may provide wireless communication via one or more transmitters/transmit antennas and one or more receivers/receive antennas. In an embodiment, the processing unit is coupled to a local-area network or a wide-area network for data processing and communications with remote devices, such as other processing units, the Internet, remote storage facilities, or the like.
- While this invention has been described with reference to illustrative example embodiments, this description is not intended to be construed in a limiting sense. Various modifications and combinations of the illustrative example embodiments, as well as other example embodiments of the invention, will be apparent to persons skilled in the art upon reference to the description. It is therefore intended that the appended claims encompass any such modifications or example embodiments.
Claims (20)
1. A method comprising:
receiving, by a network device, a packet in a traffic flow;
searching, by the network device, in a service path table on the network device for a forwarding entry providing instructions for handling the traffic flow;
transmitting, by the network device, the packet to a service path controller when the forwarding entry is not in the service path table; and
transmitting, by the network device, the packet in accordance with the instructions for handling the traffic flow when the forwarding entry is in the service path table.
2. The method of claim 1 , wherein transmitting the packet in accordance with the instructions for handling the traffic flow comprises one of:
forwarding, by the network device, the packet towards a target virtual machine when a previously-received packet in the traffic flow passed applicable service rules; or
dropping, by the network device, the packet when the previously-received packet in the traffic flow failed the applicable service rules.
3. The method of claim 1 , wherein transmitting the packet in accordance with the instructions for handling the traffic flow comprises:
egressing, by the network device, the packet to an identified port in accordance with a load balancing algorithm.
4. The method of claim 1 , further comprising:
synchronizing, by the network device, the service path table on the network device with a master service path table on the service path controller.
5. The method of claim 1 , further comprising:
not transmitting, by the network device, the packet to the service path controller when the forwarding entry is in the service path table.
6. The method of claim 1 , further comprising:
receiving, by the network device, the forwarding entry, the forwarding entry including the instructions for handling the traffic flow; and
storing, by the networking device, the forwarding entry in the service path table.
7. The method of claim 1 , further comprising:
receiving, by the network device, a second packet in a second traffic flow; and
transmitting, by the network device, the second packet in accordance with the instructions for handling the traffic flow.
8. The method of claim 1 , further comprising:
receiving, by the network device, a second packet in a second traffic flow;
transmitting, by the network device, the second packet to the service path controller when a second forwarding entry for the second packet is not in the service path table;
receiving, by the network device, the second forwarding entry, the second forwarding entry including second instructions for handling the second traffic flow; and
transmitting, by the network device, the second packet in accordance with the second instructions for handling the second traffic flow.
9. The method of claim 1 , wherein the instructions for handling the traffic flow are determined according to applicable services for a traffic flow service profile for the traffic flow.
10. The method of claim 9 , wherein the applicable services include one of firewall services, load balancing services, security services, or a combination thereof.
11. The method of claim 9 , wherein the instructions for handling the traffic flow are further determined according to layer four services, layer five services, layer six services, layer seven services, or a combination thereof.
12. A network device comprising:
a non-transitory memory storage comprising instructions; and
one or more processors in communication with the memory, wherein the one or more processors execute the instructions to:
receive a packet in a traffic flow;
search in a service path table on the network device for a forwarding entry providing instructions for handling the traffic flow;
transmit the packet to a service path controller when the forwarding entry is not in the service path table; and
transmit the packet in accordance with the instructions for handling the traffic flow when the forwarding entry is in the service path table.
13. The network device of claim 12 , wherein the service path table is synchronized with a master service path table on the service path controller.
14. The network device of claim 12 , wherein the instructions to transmit the packet in accordance with the instructions for handling the traffic flow comprises instructions to perform one of:
forward the packet towards a target virtual machine when a previously-received packet in the traffic flow passed applicable service rules; or
drop the packet when the previously-received packet in the traffic flow failed the applicable service rules.
15. The network device of claim 12 , wherein the one or more processors execute the instructions to further:
receive the forwarding entry, the forwarding entry including the instructions for handling the traffic flow; and
store the forwarding entry in the service path table.
16. The network device of claim 12 , wherein the instructions for handling the traffic flow comprises instructions to egress other data packets to a port in accordance with a load balancing algorithm.
17. The network device of claim 12 , wherein the one or more processors execute the instructions to further:
receive a second packet in a second traffic flow;
transmit the second packet to the service path controller when a second forwarding entry for the second packet is not in the service path table;
receive the second forwarding entry, the second forwarding entry including second instructions for handling the second traffic flow; and
transmit the second packet in accordance with the second instructions for handling the second traffic flow.
18. The network device of claim 12 , wherein the instructions for handling the traffic flow are determined according to applicable services for a traffic flow service profile for the traffic flow.
19. The network device of claim 18 , wherein the applicable services include one of firewall services, load balancing services, security services, or a combination thereof.
20. The network device of claim 18 , wherein the instructions for handling the traffic flow are further determined according to layer four services, layer five services, layer six services, layer seven services, or a combination thereof.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/283,776 US20170048157A1 (en) | 2013-07-08 | 2016-10-03 | Intelligent Software-Defined Networking Based Service Paths |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/936,705 US9485187B2 (en) | 2013-07-08 | 2013-07-08 | Intelligent software-defined networking based service paths |
US15/283,776 US20170048157A1 (en) | 2013-07-08 | 2016-10-03 | Intelligent Software-Defined Networking Based Service Paths |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/936,705 Division US9485187B2 (en) | 2013-07-08 | 2013-07-08 | Intelligent software-defined networking based service paths |
Publications (1)
Publication Number | Publication Date |
---|---|
US20170048157A1 true US20170048157A1 (en) | 2017-02-16 |
Family
ID=52132743
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/936,705 Active 2034-05-24 US9485187B2 (en) | 2013-07-08 | 2013-07-08 | Intelligent software-defined networking based service paths |
US15/283,776 Abandoned US20170048157A1 (en) | 2013-07-08 | 2016-10-03 | Intelligent Software-Defined Networking Based Service Paths |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/936,705 Active 2034-05-24 US9485187B2 (en) | 2013-07-08 | 2013-07-08 | Intelligent software-defined networking based service paths |
Country Status (1)
Country | Link |
---|---|
US (2) | US9485187B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10757031B2 (en) * | 2014-08-25 | 2020-08-25 | Intel Corporation | Technologies for aligning network flows to processing resources |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8611355B1 (en) * | 2013-09-03 | 2013-12-17 | tw telecom holdings inc. | Buffer-less virtual routing |
US20150180769A1 (en) * | 2013-12-20 | 2015-06-25 | Alcatel-Lucent Usa Inc. | Scale-up of sdn control plane using virtual switch based overlay |
US20160057206A1 (en) * | 2014-08-19 | 2016-02-25 | International Business Machines Corporation | Application profile to configure and manage a software defined environment |
US9971620B2 (en) * | 2014-10-15 | 2018-05-15 | Keysight Technologies Singapore (Holdings) Pte Ltd | Methods and systems for network packet impairment within virtual machine host systems |
US9971619B2 (en) | 2014-10-15 | 2018-05-15 | Keysight Technologies Singapore (Holdings) Pte Ltd | Methods and systems for forwarding network packets within virtual machine host systems |
US9344265B2 (en) | 2014-10-15 | 2016-05-17 | Anue Systems, Inc. | Network packet timing synchronization for virtual machine host systems |
US9912613B2 (en) | 2015-03-30 | 2018-03-06 | International Business Machines Corporation | Dynamic service orchestration within PaaS platforms |
CN107404439B (en) * | 2016-05-18 | 2020-02-21 | 华为技术有限公司 | Method and system for redirecting data streams, network device and control device |
WO2018178906A1 (en) | 2017-03-28 | 2018-10-04 | Marvell World Trade Ltd. | Flexible processor of a port extender device |
US11343358B2 (en) | 2019-01-29 | 2022-05-24 | Marvell Israel (M.I.S.L) Ltd. | Flexible header alteration in network devices |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130223442A1 (en) * | 2012-02-29 | 2013-08-29 | Dell Products, Lp | System and Method for Managing Unknown Flows in a Flow-Based Switching Device |
US20140211795A1 (en) * | 2011-08-29 | 2014-07-31 | Nec Corporation | Communication system, control device, node, node control method, and program |
US20140281669A1 (en) * | 2013-03-15 | 2014-09-18 | International Business Machines Corporation | OpenFlow Controller Master-slave Initialization Protocol |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030145128A1 (en) * | 2002-01-25 | 2003-07-31 | Baird Roger T. | Mapping managing devices to managed devices |
JP4598462B2 (en) * | 2004-09-16 | 2010-12-15 | 富士通株式会社 | Provider network providing an L2-VPN service and edge router |
EP2491745B1 (en) * | 2009-12-18 | 2018-07-04 | Intel Corporation | System and method of utilizing a framework for information routing in large-scale distributed systems using swarm intelligence |
US8675664B1 (en) * | 2011-08-03 | 2014-03-18 | Juniper Networks, Inc. | Performing scalable L2 wholesale services in computer networks using customer VLAN-based forwarding and filtering |
US9473570B2 (en) * | 2013-03-13 | 2016-10-18 | Cisco Technology, Inc. | Instantiating an application flow into a chain of services in a virtual data center |
-
2013
- 2013-07-08 US US13/936,705 patent/US9485187B2/en active Active
-
2016
- 2016-10-03 US US15/283,776 patent/US20170048157A1/en not_active Abandoned
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140211795A1 (en) * | 2011-08-29 | 2014-07-31 | Nec Corporation | Communication system, control device, node, node control method, and program |
US20130223442A1 (en) * | 2012-02-29 | 2013-08-29 | Dell Products, Lp | System and Method for Managing Unknown Flows in a Flow-Based Switching Device |
US20140281669A1 (en) * | 2013-03-15 | 2014-09-18 | International Business Machines Corporation | OpenFlow Controller Master-slave Initialization Protocol |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10757031B2 (en) * | 2014-08-25 | 2020-08-25 | Intel Corporation | Technologies for aligning network flows to processing resources |
US11792132B2 (en) | 2014-08-25 | 2023-10-17 | Intel Corporation | Technologies for aligning network flows to processing resources |
Also Published As
Publication number | Publication date |
---|---|
US9485187B2 (en) | 2016-11-01 |
US20150009809A1 (en) | 2015-01-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9485187B2 (en) | Intelligent software-defined networking based service paths | |
US11134012B2 (en) | Communication system, communication device, controller, and method and program for controlling forwarding path of packet flow | |
US20230163999A1 (en) | Method and apparatus for providing a point-to-point connection over a network | |
EP3063903B1 (en) | Method and system for load balancing at a data network | |
US9948553B2 (en) | System and method for virtual network-based distributed multi-domain routing control | |
US9565135B2 (en) | System and method for service chaining with tunnel chains in software defined network | |
US9654395B2 (en) | SDN-based service chaining system | |
EP3072263B1 (en) | Multi-tenant isolation in a cloud environment using software defined networking | |
US10606454B2 (en) | Stage upgrade of image versions on devices in a cluster | |
KR101473783B1 (en) | Method and apparatus for control of dynamic service chaining by using tunneling | |
JP2023527999A (en) | Loop prevention of virtual L2 network | |
US20150350102A1 (en) | Method and System for Integrated Management of Converged Heterogeneous Resources in Software-Defined Infrastructure | |
CN103905523A (en) | Cloud computing network virtualization method and system based on SDN | |
US10848432B2 (en) | Switch fabric based load balancing | |
US9866436B2 (en) | Smart migration of monitoring constructs and data | |
US9537751B2 (en) | Divided hierarchical network system based on software-defined networks | |
EP2924925A1 (en) | Communication system, virtual-network management device, communication node, and communication method and program | |
Chen et al. | Traffic-aware load balancing for M2M networks using SDN | |
Park et al. | Janus: Design of a software-defined infrastructure manager and its network control architecture | |
WO2014133025A1 (en) | Communication system, host controller, network control method, and program | |
KR101543735B1 (en) | System and method for processing packets for nfv | |
JP2014171056A (en) | Network system resource management system and method | |
KR20180085592A (en) | Virtual router system and method to integrate with openstack based orchestration | |
CN107769983B (en) | Network function sharing method and system based on extended vSDN | |
Granelli et al. | Realizing network slicing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |