WO2010006520A1 - Method and device for two-layer intercommunication of data stream - Google Patents

Method and device for two-layer intercommunication of data stream Download PDF

Info

Publication number
WO2010006520A1
WO2010006520A1 PCT/CN2009/070894 CN2009070894W WO2010006520A1 WO 2010006520 A1 WO2010006520 A1 WO 2010006520A1 CN 2009070894 W CN2009070894 W CN 2009070894W WO 2010006520 A1 WO2010006520 A1 WO 2010006520A1
Authority
WO
WIPO (PCT)
Prior art keywords
data stream
rule
control point
control
module
Prior art date
Application number
PCT/CN2009/070894
Other languages
French (fr)
Chinese (zh)
Inventor
李晋
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2010006520A1 publication Critical patent/WO2010006520A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/324Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the data link layer [OSI layer 2], e.g. HDLC

Definitions

  • the present invention relates to the field of data communications, and in particular, to a method and apparatus for data layer two-layer interworking. Background technique
  • FIG. 1 is a schematic structural diagram of a prior art access network architecture.
  • the existing access network architecture consists of three parts: a broadband gateway, an aggregation network, and an access network. Layer 2 is isolated between all users on the access network. Even if communication is between two users under the same gateway, traffic must pass through the gateway.
  • P2P peer-to-peer
  • a scheme for implementing Layer 2 interworking by establishing a P2P virtual local area network is as follows: First, a dedicated P2P VLAN needs to be newly created in the access network, and all accesses are required. A node (Access Node, hereinafter referred to as AN) and a P2P VLAN are created on the aggregation point device to implement Layer 2 interworking through P2P VLANs. Address Resolution Protocol (Address Resolution Protocol) is added to all access nodes.
  • Address Resolution Protocol Address Resolution Protocol
  • the ARP proxy function on the access node includes three modules: upstream ARP proxy (upstream ARP proxy), downstream ARP proxy (downstream ARP proxy) and ARP cache (ARP Cache); The judgment function is added to determine whether the P2P service is enabled by the user directly connected to it.
  • the problem to be solved by the embodiments of the present invention is to provide a method and apparatus for data layer two-layer interworking, which realizes identification and Layer 2 interworking of data streams in the same or different subnets.
  • an embodiment of the present invention provides a method for data layer two-layer interworking, including:
  • an embodiment of the present invention further provides a network unit, including: a parameter extraction module, configured to extract feature information of a data stream;
  • control point selection module configured to determine a control point of the data stream
  • a rule establishing module configured to establish, according to the feature information extracted by the parameter extraction module, a feature identifier and a control rule of the data stream on a control point determined by the control point selection module.
  • an embodiment of the present invention further provides a control point, including:
  • a rule receiving module configured to receive a feature identifier and a control rule for the data stream
  • a traffic matching module configured to match, according to the feature identifier received by the rule receiving module, a corresponding data stream
  • a flow operation module configured to operate the data flow message according to a control rule received by the rule receiving module.
  • the technical solution of the embodiment of the present invention has the following advantages, because the extraction feature information is selected, the control point is selected, the data flow message is identified and modified, and the second layer interworking method is established, thereby realizing the data in the same or different subnets.
  • the identification of the flow and the interworking of the second layer achieve the effect of reducing the network load, improving the network transmission efficiency, and improving the user experience.
  • FIG. 1 is a schematic structural diagram of a prior art access network architecture
  • 2 is a schematic flowchart of a method for interworking two-layer data flows according to an embodiment of the present invention
  • FIG. 3 is a schematic diagram of control points in a tree network structure according to an embodiment of the present invention
  • FIG. 4 is a schematic flowchart of establishing a Layer 2 path of a data flow service according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram of a process of forwarding a ⁇ text in a different VLAN of a communication party according to an embodiment of the present invention
  • FIG. 6 is a schematic diagram of a process of forwarding a ⁇ text in a case where two communicating parties are in the same VLAN according to an embodiment of the present invention
  • FIG. 7 is a schematic structural diagram of a network unit according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a control point according to an embodiment of the present invention. detailed description
  • the solution proposed by the invention does not affect the existing services, and the communication between them still passes through the gateway, and the gateway implements the service control and management functions.
  • a dedicated Layer 2 path is created for some P2P services that occupy a high bandwidth, so that traffic of these services does not pass through the gateway, reducing the burden on the gateway and not affecting other original services.
  • FIG. 2 it is a schematic flowchart of a method for interworking two-layer data flows in an embodiment of the present invention, including:
  • Step S201 The network access server extracts feature information of the data stream.
  • the data stream is obtained by reading the packet in the data stream and extracting the feature information of the packet. Characteristic information.
  • Step S202 Determine a control point of the data stream.
  • the control point is a concept proposed by the embodiment of the present invention, and the specific content is as follows:
  • the existing network structure includes a tree, a ring, and a fully connected structure. In either structure, there may be many paths for the user node to reach the network access server. Suppose there are two users A and B. There are at least one intersection between the various possible paths from A to the network access server and the various possible paths from B to the network access server. When there is only one intersection, this intersection That is, the control points proposed in the embodiments of the present invention.
  • the determination of the control points may be based on at least one of the following rules or a combination thereof:
  • intersection has the smallest hop count from the source user (ie, user A) and the destination user (ie, user B);
  • one of the intersections with the smallest number of hops matching the preset rule is selected as the control point.
  • Such a rule may be to select the closest intersection point of the source user (ie, user A) as the control point, or select the intersection point closest to the destination user (ie, user B) as the control point, or select the focus with strong processing capability as the control point. Control points, etc.
  • the control point between the two users is the network access server. At this point, it can be considered that the two users do not have the need for Layer 2 interworking.
  • the optimal control point can be determined according to the network topology and the physical location of the intersection point and its performance, and the control point is performed at the control point.
  • Layer interworking
  • FIG. 3 is a schematic diagram of control points in a tree network structure according to an embodiment of the present invention.
  • an embodiment of the present invention provides an example of determining a control point in a tree network structure.
  • Path 1 represents a possible path for the user 1 to connect to the network access server
  • path 2 represents a possible path for the user 4 to connect with the network access server.
  • the connection point closest to the source user is selected as the preset rule of the control point according to the above selection, or the intersection point of the user closest to the destination is selected as the control point.
  • the default rule is that the network device X is more suitable as a control point than the network access server. Therefore, if the hardware condition of the network device X itself can support the implementation of the second layer interworking, Then, the network device X is selected as the control point.
  • the network device X does not have the hardware condition for implementing the layer 2 interworking, then even if the network device X is closer to the source user or the destination user than the network access server, the network device X cannot be selected as the network device X.
  • a network access server with Layer 2 interworking capability should be selected as the control point.
  • Step S203 Establish a feature identifier and a control rule of the data stream at the control point according to the feature information.
  • a feature identifier is established on the control point, and a matching condition of the data stream is determined, so that the control point identifies the corresponding data stream according to the feature identifier.
  • the feature identifier described in the embodiment of the present invention may be key information of the data stream extracted according to the data stream feature information, such as: a source address and a port number, a destination address, and a port number, etc.
  • the message is distinguished from the information of other messages; it may also be a feature description generated according to the feature information of the data stream, which describes the characteristics of the destination data stream, and/or the difference from other data streams.
  • the above differences in feature identification content do not affect the scope of protection of the present invention.
  • Step S204 The control point determines whether the received data stream matches the feature identifier.
  • step S205 If the matching is successful, it indicates that the data stream is a data flow that is determined by the network access server and needs to establish Layer 2 interworking, and the process proceeds to step S205;
  • the match is unsuccessful, it indicates that the data flow is not a data flow that is determined by the network access server and needs to establish Layer 2 interworking, and the data flow is still forwarded according to the original path through the network access server.
  • Step S205 The control point adjusts the data flow that needs to establish Layer 2 interworking according to the control rule.
  • the adjustment of the data stream includes modifying the source media access control (Media Access Control, hereinafter referred to as MAC address) and tampering the destination MAC address;
  • Media Access Control Media Access Control
  • Step S206 The data stream performs Layer 2 interworking through the control point.
  • the data streams identified by the above steps are no longer communicated through the network access server, but are directly connected to each other through the control point.
  • FIG. 4 are schematic flowcharts of establishing a Layer 2 path of a data flow service according to an embodiment of the present invention, including:
  • Step S401 The network access server extracts feature information of a data stream formed by a session between the user 1 and the user 2.
  • the session connection of the service is established between the user 1 and the user 2.
  • All traffic of User 1 and User 2 needs to be transited through the network access server.
  • the network access server analyzes the session between user 1 and user 2 to obtain the feature information formed by the session.
  • Step S402 determining control points of the user 1 and the user 2.
  • the network access server determines the control points of the user 1 and the user 2 according to the known network topology.
  • the method for determining the control points is similar to the foregoing steps S202 to S203, and details are not described herein again.
  • the network access server notifies the control point of the feature identifier of the data stream and the corresponding control rule.
  • Step S403 Adjust a data flow of the session by using a control point to implement Layer 2 interworking.
  • the control point When the control point receives the packet, the feature identifier is used to match the packet feature information in the data stream. If the match is successful, the control point modifies and forwards the packet according to the operation rule.
  • FIG. 5 it is a schematic diagram of a packet forwarding process when the two communication parties are in different VLANs according to the embodiment of the present invention, including:
  • VLAN1 Voice over IP
  • User 2 VLAN2
  • User 1 sends a setup P2P session request message to User 2, which passes through the network access server.
  • the network access server extracts the feature information from the message of the request message, so as to determine the feature identifier of the data stream corresponding to the request information according to the feature information, and further, in the intersection between the user 1 and the user 2, according to The preset rule selects the optimal intersection as the control point.
  • Step S501 The user 1 sends a data packet to the access node 1.
  • the request message includes: a source MAC address (ie, the address of user 1) and a destination MAC address (ie, the address of the network access server).
  • Step S502 The access node 1 adds a VLAN identifier field VLAN1 to the data packet, and sends the packet to the control point.
  • Step S503 The control point adjusts the data packet according to the preset data packet operation rule, and sends the data packet to the access node 2.
  • the control point determines that the data packet sent by the access node 1 matches the matching condition in the feature identifier, then the data stream is determined to be the target P2P data stream, and the data packet is operated according to the data packet established in the control point in advance.
  • the rule adjusts the packet: Change the VLAN ID field to VLAN 2, adjust the source MAC address to the network access server, and adjust the destination MAC address to user 2. This allows users 1 on the two subnets to send to the network access server.
  • the P2P data stream of User 2 is converted into a P2P data stream located on the same subnet without going through the network access server.
  • Step S504 The access node 2 forwards the adjusted data packet to the user 2 to implement Layer 2 interworking.
  • FIG. 6 is a schematic diagram of a packet forwarding process when the two communication parties are in the same VLAN according to the embodiment of the present invention, including:
  • User 1 and user 2 belonging to the same VLAN communicate.
  • the user 1 sends a request message to the user 2 to establish a P2P session, and the request message passes through the network access server.
  • the network access server extracts the feature information of the data stream corresponding to the request message from the request message, and determines the control points of the user 1 and the user 2.
  • Set the packet matching conditions (source IP, source port number, destination IP address, destination port number, service type) and corresponding data packet operation rules at the control point. Modify the source MAC address as the MAC address of the network access server and modify the destination MAC address. For user 2's MAC), to establish a Layer 2 channel.
  • Step S601 The user 1 sends a data packet to the access node 1.
  • the data packet includes: a source MAC address, that is, an address of the user 1, and a destination MAC address, that is, an address of the network access server.
  • Step S602 The access node 1 forwards the data packet to the control point.
  • Step S603 The control point adjusts the data packet according to the preset data packet operation rule, and sends the data packet to the access node 2.
  • the control point determines that the packet sent by the access node 1 matches the matching condition in the feature identifier, determines that the data stream is the target P2P data stream, and determines the datagram according to the data packet operation rule established in the control point in advance.
  • the text is adjusted: the source MAC address is adjusted to the network access server, and the destination MAC address is adjusted to user 2, thereby realizing that the P2P data stream sent by user 1 to the user 2 through the network access server is converted into a network access server without going through the network access server. P2P data stream.
  • Step S604 The access node 2 forwards the adjusted packet to the user 2 to implement Layer 2 interworking.
  • a schematic structural diagram of a network unit includes: a parameter extraction module 1 configured to extract feature information of a data stream;
  • control point selection module 2 for determining a control point of the data stream
  • the rule establishing module 3 is configured to establish, according to the feature information extracted by the parameter extraction module 1, the feature identifier and the control rule of the data stream on the control point determined by the control point selection module 2.
  • control point selection module 2 includes:
  • a rule setting sub-module 21 configured to preset a rule for selecting a control point
  • the control point selection sub-module 22 the user selects the control point of the data flow according to the rule of the rule selection sub-module 21 preset selection control point.
  • the rule establishing module 3 includes:
  • a feature identifier establishing sub-module 31, configured to establish a feature identifier of the data stream according to the feature information extracted by the parameter extraction module 1;
  • the control rule establishing sub-module 32 is configured to determine a control rule for the data flow that meets the feature identifier established by the feature identifier establishing sub-module 31.
  • a schematic structural diagram of a control point includes: a rule receiving module 1 configured to receive a feature identifier and a control rule about a data flow sent by a network device;
  • the traffic matching module 2 is configured to match the corresponding data stream according to the feature identifier received by the rule receiving module 1;
  • the traffic operation module 3 is configured to import data according to a control rule received by the rule receiving module 1 Line operations, such as modifying the message content and identity of the data stream.
  • the technical solution of the embodiment of the present invention has the following advantages, because the extraction feature information is selected, the control point is selected, the data flow message is identified and modified, and the second layer interworking method is established, thereby realizing the data in the same or different subnets.
  • the identification of the flow and the interworking of the second layer achieve the effect of reducing the network load, improving the network transmission efficiency, and improving the user experience.
  • the present invention can be implemented by hardware, or can be implemented by means of software plus a necessary general hardware platform.
  • the technical solution of the present invention may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a USB flash drive, a mobile hard disk, etc.), including several The instructions are for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods described in various embodiments of the present invention.

Abstract

A method and a device for two-layer intercommunication of data stream are provided. The method includes the steps of: extracting the characteristic information of data stream (S201); determining the control point of the data stream (S202); and establishing the feature identifier and the control rule of the data stream on the control point based on the characteristic information of the data stream (S203), in order to realize two-layer intercommunication for the data stream on the basis of the feature identifier and the control rule. The present invention realizes to identify the data streams and implement two-layer intercommunication of the data streams that are in the same subnets or in the different subnets, and reduces the load of network, and improves the transmission efficiency of network.

Description

数据流二层互通的方法和装置 本申请要求于 2008 年 07 月 15 日提交中国专利局、 申请号为 200810132434.1、发明名称为"一种数据流二层互通的方法和装置 "的中国专利 申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域  Method and apparatus for data stream two-layer intercommunication The present application claims to be filed on July 15, 2008 in the Chinese Patent Office, the application number is 200810132434.1, and the invention name is "a method and device for data stream two-layer interworking" Priority is hereby incorporated by reference in its entirety. Technical field
本发明涉及数据通信领域, 特别是涉及一种数据流二层互通的方法和装 置。 背景技术  The present invention relates to the field of data communications, and in particular, to a method and apparatus for data layer two-layer interworking. Background technique
图 1为现有技术的接入网架构的结构示意图。 如图 1所示, 现有的接入 网架构包括三个部分: 宽带网关、 汇聚层(Aggregation Network )和接入层 ( Access Network )。 在接入网中所有的用户之间二层隔离, 即使是在同一个 网关下的两个用户之间通信, 流量也必须要经过网关。 随着用户的不断增长 和 P2P ( peer-to-peer ) 业务的不断涌现, 现有接入网的架构导致经过网关的 流量过高, 成为网絡中的瓶颈。  FIG. 1 is a schematic structural diagram of a prior art access network architecture. As shown in Figure 1, the existing access network architecture consists of three parts: a broadband gateway, an aggregation network, and an access network. Layer 2 is isolated between all users on the access network. Even if communication is between two users under the same gateway, traffic must pass through the gateway. With the continuous growth of users and the emergence of peer-to-peer (P2P) services, the existing access network architecture leads to excessive traffic passing through the gateway and becomes a bottleneck in the network.
在现有技术中, 通过建立 P2P虚拟局域网 (Virtual Local Area Network, 以下简称: VLAN ) 实现二层互通的方案具体为: 首先需要在接入网中新创 建一个专门的 P2P VLAN, 在所有接入节点 (Access Node, 以下简称: AN ) 和汇聚点设备上创建 P2P VLAN, 以实现这些设备通过 P2P VLAN实现二层 互通;同时在所有接入节点上增加地址解析协议( Address Resolution Protocol, 以下简称: ARP )代理功能, 接入节点上的 ARP代理功能包括三个模块: 上 游 ARP代理 ( Upstream ARP proxy )、下游 ARP代理 ( Downstream ARP proxy ) 和 ARP緩存( ARP Cache ); 另外还需要在接入节点上增加判断功能, 判断 当前与它直接相连的用户是否使能 P2P业务。  In the prior art, a scheme for implementing Layer 2 interworking by establishing a P2P virtual local area network (VLAN) is as follows: First, a dedicated P2P VLAN needs to be newly created in the access network, and all accesses are required. A node (Access Node, hereinafter referred to as AN) and a P2P VLAN are created on the aggregation point device to implement Layer 2 interworking through P2P VLANs. Address Resolution Protocol (Address Resolution Protocol) is added to all access nodes. ARP) proxy function, the ARP proxy function on the access node includes three modules: upstream ARP proxy (upstream ARP proxy), downstream ARP proxy (downstream ARP proxy) and ARP cache (ARP Cache); The judgment function is added to determine whether the P2P service is enabled by the user directly connected to it.
发明人在研究过程中发现, 上述现有技术在接入节点设备上只是判断是 否使能 P2P业务, 而不能判断到底是哪种 P2P业务, 辨别的准确度受到了很 大限制。 另一方面, 该方案只能实现同一 IP子网内的二层互通, 应用范围受 到了很大局限。 发明内容 During the research, the inventor found that the above-mentioned prior art only judges whether the P2P service is enabled on the access node device, and cannot determine which P2P service is in the end, and the accuracy of the discrimination is greatly limited. On the other hand, the solution can only implement Layer 2 interworking in the same IP subnet, and the application scope is affected. It has reached a lot of limitations. Summary of the invention
本发明实施例要解决的问题是提供一种数据流二层互通的方法和装置, 实现相同或不同子网中的数据流的识别和二层互通。  The problem to be solved by the embodiments of the present invention is to provide a method and apparatus for data layer two-layer interworking, which realizes identification and Layer 2 interworking of data streams in the same or different subnets.
为达到上述目的,本发明实施例一方面提出一种数据流二层互通的方法, 包括:  To achieve the above objective, an embodiment of the present invention provides a method for data layer two-layer interworking, including:
提取数据流的特征信 , ;  Extract the feature letter of the data stream, ;
确定所述数据流的控制点;  Determining a control point of the data stream;
在所述控制点上根据所述数据流的特征信息建立所述数据流的特征标识 和控制规则, 以根据所述特征标识和控制规则为所述数据流实现二层互通。  And establishing a feature identifier and a control rule of the data stream according to the feature information of the data stream, to implement Layer 2 interworking for the data flow according to the feature identifier and the control rule.
另一方面, 本发明实施例还提出了一种网絡单元, 其特征在于, 包括: 参数提取模块, 用于提取数据流的特征信息;  On the other hand, an embodiment of the present invention further provides a network unit, including: a parameter extraction module, configured to extract feature information of a data stream;
控制点选择模块, 用于确定所述数据流的控制点;  a control point selection module, configured to determine a control point of the data stream;
规则建立模块, 用于根据所述参数提取模块提取的特征信息在所述控制 点选择模块确定的控制点上建立所述数据流的特征标识和控制规则。  And a rule establishing module, configured to establish, according to the feature information extracted by the parameter extraction module, a feature identifier and a control rule of the data stream on a control point determined by the control point selection module.
另一方面, 本发明实施例还提出了一种控制点, 包括:  On the other hand, an embodiment of the present invention further provides a control point, including:
规则接收模块, 用于接收关于所述数据流的特征标识和控制规则; 流量匹配模块, 用于根据所述规则接收模块接收的特征标识匹配相应的 数据流;  a rule receiving module, configured to receive a feature identifier and a control rule for the data stream; a traffic matching module, configured to match, according to the feature identifier received by the rule receiving module, a corresponding data stream;
流量操作模块, 用于根据所述规则接收模块接收的控制规则操作所述数 据流报文。  And a flow operation module, configured to operate the data flow message according to a control rule received by the rule receiving module.
本发明实施例的技术方案具有以下优点, 因为釆用了提取特征信息, 选 择控制点, 识别并修改数据流报文, 建立二层互通的方法, 从而, 实现了相 同或不同子网中的数据流的识别和二层互通, 达到了减轻网絡负担, 提高网 絡传输效率, 改善用户使用体验的效果。 附图说明  The technical solution of the embodiment of the present invention has the following advantages, because the extraction feature information is selected, the control point is selected, the data flow message is identified and modified, and the second layer interworking method is established, thereby realizing the data in the same or different subnets. The identification of the flow and the interworking of the second layer achieve the effect of reducing the network load, improving the network transmission efficiency, and improving the user experience. DRAWINGS
图 1为现有技术的接入网架构的结构示意图; 图 2为本发明实施例中数据流二层互通的方法流程示意图; 图 3为本发明实施例中树形网絡结构中控制点示意图; 1 is a schematic structural diagram of a prior art access network architecture; 2 is a schematic flowchart of a method for interworking two-layer data flows according to an embodiment of the present invention; FIG. 3 is a schematic diagram of control points in a tree network structure according to an embodiment of the present invention;
图 4为本发明实施例中建立数据流业务的二层通路的流程示意图; 图 5为本发明实施例中通信双方处于不同 VLAN时的 "^文转发流程示意 图;  4 is a schematic flowchart of establishing a Layer 2 path of a data flow service according to an embodiment of the present invention; FIG. 5 is a schematic diagram of a process of forwarding a ^ text in a different VLAN of a communication party according to an embodiment of the present invention;
图 6为本发明实施例中通信双方处于相同 VLAN时的 "^文转发流程示意 图;  6 is a schematic diagram of a process of forwarding a ^ text in a case where two communicating parties are in the same VLAN according to an embodiment of the present invention;
图 7为本发明实施例所述网絡单元的结构示意图;  FIG. 7 is a schematic structural diagram of a network unit according to an embodiment of the present invention;
图 8为本发明实施例所述控制点的结构示意图。 具体实施方式  FIG. 8 is a schematic structural diagram of a control point according to an embodiment of the present invention. detailed description
下面通过具体实施例并结合附图对本发明做进一步的详细描述。  The present invention will be further described in detail below by way of specific embodiments and drawings.
在现有的大部分接入网解决方案中,处于不同 VLAN或处于不同 IP子网 的流量都需要经过网絡接入服务器转发, 对网絡接入服务器的冲击太大。 另 一方面, 有些现有技术虽然实现了用户间的二层互通, 但是不能对业务进行 细分, 同时还要求用户处于同一 IP子网中, 不同子网的用户仍然需要经过网 絡接入服务器互通。  In most of the existing access network solutions, traffic in different VLANs or on different IP subnets needs to be forwarded through the network access server, which has a great impact on the network access server. On the other hand, some existing technologies implement Layer 2 interworking between users, but cannot subdivide services. Users are also required to be in the same IP subnet. Users of different subnets still need to communicate with each other through the network access server. .
本发明提出的方案不会影响现有业务, 它们之间的通信还是经过网关, 由网关实现业务控制和管理功能。 但对占用带宽较高的一些 P2P业务创建专 门的二层通路, 使得这些业务的流量并不经过网关, 减少网关的负担, 同时 并不影响其他原有的业务。  The solution proposed by the invention does not affect the existing services, and the communication between them still passes through the gateway, and the gateway implements the service control and management functions. However, a dedicated Layer 2 path is created for some P2P services that occupy a high bandwidth, so that traffic of these services does not pass through the gateway, reducing the burden on the gateway and not affecting other original services.
如图 2所示, 为本发明实施例中数据流二层互通的方法流程示意图, 包 括:  As shown in FIG. 2, it is a schematic flowchart of a method for interworking two-layer data flows in an embodiment of the present invention, including:
步骤 S201、 网絡接入服务器提取数据流的特征信息。  Step S201: The network access server extracts feature information of the data stream.
当网絡接入服务器认为两个用户之间某条数据流不需要通过网絡接入服 务器进行转发时,通过读取该数据流中的报文并提取报文的特征信息等方式, 获取该数据流的特征信息。  When the network access server considers that a certain data stream between two users does not need to be forwarded through the network access server, the data stream is obtained by reading the packet in the data stream and extracting the feature information of the packet. Characteristic information.
步骤 S202、 确定该数据流的控制点。  Step S202: Determine a control point of the data stream.
控制点为本发明实施例提出的概念, 具体内容如下: 现有网絡结构包括树形, 环形和全连接形等结构, 在任一种结构中, 用 户节点到达网絡接入服务器的路径可能有很多条。 假设有两个用户 A和 B, 从 A到网絡接入服务器的各种可能路径和从 B到网絡接入服务器的各种可能 路径必然会有至少一个交点, 当仅有一个交点时, 这个交点即为本发明实施 例所提出的控制点。 The control point is a concept proposed by the embodiment of the present invention, and the specific content is as follows: The existing network structure includes a tree, a ring, and a fully connected structure. In either structure, there may be many paths for the user node to reach the network access server. Suppose there are two users A and B. There are at least one intersection between the various possible paths from A to the network access server and the various possible paths from B to the network access server. When there is only one intersection, this intersection That is, the control points proposed in the embodiments of the present invention.
当有多个交点存在时, 控制点的确定可以依据如下规则中至少之一或其 结合:  When there are multiple intersections, the determination of the control points may be based on at least one of the following rules or a combination thereof:
1、 该交点距离源用户 (即用户 A )和距离目的用户 (即用户 B )的跳数 之和最小;  1. The intersection has the smallest hop count from the source user (ie, user A) and the destination user (ie, user B);
2、根据一定预设规则, 在符合该预设规则的跳数最小的交点中选择一个 作为控制点。  2. According to a certain preset rule, one of the intersections with the smallest number of hops matching the preset rule is selected as the control point.
这种规则可以是选择距离源用户 (即用户 A )最近的交点作为控制点, 或者选择距离目的用户 (即用户 B )最近的交点作为控制点, 又或者选择具 有较强的处理能力的焦点作为控制点等。 在极端的情况下, 两个用户之间的 控制点就是网絡接入服务器, 此时就可以认为这两个用户没有二层互通的必 要。  Such a rule may be to select the closest intersection point of the source user (ie, user A) as the control point, or select the intersection point closest to the destination user (ie, user B) as the control point, or select the focus with strong processing capability as the control point. Control points, etc. In extreme cases, the control point between the two users is the network access server. At this point, it can be considered that the two users do not have the need for Layer 2 interworking.
比较理想的情况下, 用户 A和用户 B之间存在除网絡接入服务器以外的 其他交点,可以根据网絡拓朴和交点物理位置及其性能决定出最优的控制点, 在该控制点进行二层互通。  In an ideal situation, there is another intersection point between the user A and the user B except the network access server, and the optimal control point can be determined according to the network topology and the physical location of the intersection point and its performance, and the control point is performed at the control point. Layer interworking.
图 3为本发明实施例中树形网絡结构中控制点示意图。 如图 3所示, 本 发明实施例给出了树形网絡结构下确定控制点的一个例子。 路径 1代表用户 1与网絡接入服务器连接的可能路径, 路径 2代表用户 4与网絡接入服务器 连接的可能路径, 两条路径存在两个交点, 即网絡设备 X和网絡接入服务器, 均可以成为控制点, 但由于在网絡中, 只需选择一个最优的交点成为控制点, 所以, 需要根据上述的预设规则, 选择最优的交点成为控制点。 由于网絡设 备 X比网絡接入服务器更靠近用户 1和用户 4, 那么, 无论按照上述的选择 距离源用户最近的交点作为控制点的预设规则, 或者按照选择距离目的用户 最近的交点作为控制点的预设规则, 网絡设备 X均比网絡接入服务器更适合 成为控制点,所以,如果网絡设备 X本身的硬件条件可以支持实施二层互通, 那么, 就选择网絡设备 X作为控制点。 FIG. 3 is a schematic diagram of control points in a tree network structure according to an embodiment of the present invention. As shown in FIG. 3, an embodiment of the present invention provides an example of determining a control point in a tree network structure. Path 1 represents a possible path for the user 1 to connect to the network access server, and path 2 represents a possible path for the user 4 to connect with the network access server. There are two intersections between the two paths, that is, the network device X and the network access server. It becomes a control point, but since it is only necessary to select an optimal intersection point as a control point in the network, it is necessary to select the optimal intersection point as the control point according to the above-mentioned preset rule. Since the network device X is closer to the user 1 and the user 4 than the network access server, the connection point closest to the source user is selected as the preset rule of the control point according to the above selection, or the intersection point of the user closest to the destination is selected as the control point. The default rule is that the network device X is more suitable as a control point than the network access server. Therefore, if the hardware condition of the network device X itself can support the implementation of the second layer interworking, Then, the network device X is selected as the control point.
但是, 需要进一步指出的是, 如果网絡设备 X不具备实施二层互通的硬 件条件, 那么, 即使网絡设备 X比网絡接入服务器距离源用户或目的用户距 离更近, 也不能选择网絡设备 X作为控制点, 而应选择具有二层互通能力的 网絡接入服务器作为控制点。  However, it should be further pointed out that if the network device X does not have the hardware condition for implementing the layer 2 interworking, then even if the network device X is closer to the source user or the destination user than the network access server, the network device X cannot be selected as the network device X. For the control point, a network access server with Layer 2 interworking capability should be selected as the control point.
步骤 S203、根据特征信息在控制点上建立数据流的特征标识和控制规则。 根据步骤 S201中提取的特征信息, 在控制点上建立特征标识, 确定对该 数据流的匹配条件, 以便供控制点根据特征标识识别相应的数据流。  Step S203: Establish a feature identifier and a control rule of the data stream at the control point according to the feature information. According to the feature information extracted in step S201, a feature identifier is established on the control point, and a matching condition of the data stream is determined, so that the control point identifies the corresponding data stream according to the feature identifier.
需要进一步进行说明的是, 本发明实施例所述的特征标识, 可以是根据 数据流特征信息所提取的数据流关键信息, 如: 如源地址及端口号, 目的地 址及端口号等能够使该报文区别于其他报文的信息; 也可以是根据数据流的 特征信息所生成的特征描述, 该特征描述说明了目的数据流的特征, 和 /或与 其他数据流的区别。上述的特征标识内容的差别并不影响本发明的保护范围。  It should be further noted that the feature identifier described in the embodiment of the present invention may be key information of the data stream extracted according to the data stream feature information, such as: a source address and a port number, a destination address, and a port number, etc. The message is distinguished from the information of other messages; it may also be a feature description generated according to the feature information of the data stream, which describes the characteristics of the destination data stream, and/or the difference from other data streams. The above differences in feature identification content do not affect the scope of protection of the present invention.
另一方面,控制规则用于规定对满足匹配条件的数据流进行调整的规则。 步骤 S204、 控制点判断接收的数据流与该特征标识是否匹配。  On the other hand, the control rules are used to specify rules for adjusting the data flow that satisfies the matching condition. Step S204: The control point determines whether the received data stream matches the feature identifier.
如果匹配成功, 则表明该数据流即为网絡接入服务器所确定的需要建立 二层互通的数据流, 转入步骤 S205;  If the matching is successful, it indicates that the data stream is a data flow that is determined by the network access server and needs to establish Layer 2 interworking, and the process proceeds to step S205;
如果匹配不成功, 则表明该数据流不是网絡接入服务器所确定的需要建 立二层互通的数据流, 对该数据流仍按照原路径经由网絡接入服务器进行转 发。  If the match is unsuccessful, it indicates that the data flow is not a data flow that is determined by the network access server and needs to establish Layer 2 interworking, and the data flow is still forwarded according to the original path through the network access server.
步骤 S205、 控制点按照控制规则对所述需要建立二层互通的数据流进行 调整。  Step S205: The control point adjusts the data flow that needs to establish Layer 2 interworking according to the control rule.
当所述需要建立二层互通的数据流的通信双方位于相同的 VLAN时, 对 该数据流的调整包括修改源介质访问控制( MediaAccess Control, 以下简称: MAC )地址和爹改目的 MAC地址;  When the communication parties that need to establish the Layer 2 interworking data stream are located in the same VLAN, the adjustment of the data stream includes modifying the source media access control (Media Access Control, hereinafter referred to as MAC address) and tampering the destination MAC address;
当所述数据流的通信双方位于不同的虚拟局域网 VLAN时, 对该数据流 的调整除了修改源 MAC地址和修改目的 MAC地址外, 还包括修改 VLAN 标识字段, 从而实现不同子网下的通信双方可以按照相同子网下的通信规则 进行通信。 步骤 S206、 数据流通过控制点进行二层互通。 When the communication parties of the data stream are located in different virtual local area network VLANs, the adjustment of the data stream includes modifying the source MAC address and modifying the destination MAC address, and modifying the VLAN identification field to implement communication between different subnets. You can communicate according to the communication rules under the same subnet. Step S206: The data stream performs Layer 2 interworking through the control point.
被上述步骤识别的数据流不再经过网絡接入服务器进行通信, 而是直接 通过控制点进行二层互通。  The data streams identified by the above steps are no longer communicated through the network access server, but are directly connected to each other through the control point.
进一步的, 上述步骤如图 4所示, 为本发明实施例中建立数据流业务的 二层通路的流程示意图, 包括:  Further, the foregoing steps are as shown in FIG. 4, which are schematic flowcharts of establishing a Layer 2 path of a data flow service according to an embodiment of the present invention, including:
步骤 S401、 网絡接入服务器提取用户 1和用户 2之间会话所形成的数据 流的特征信息。  Step S401: The network access server extracts feature information of a data stream formed by a session between the user 1 and the user 2.
当用户 1要与用户 2进行特定业务的传输时, 用户 1与用户 2之间建立 该业务的会话连接。 在二层通道建立之前, 用户 1和用户 2的所有流量都需 要经过网絡接入服务器中转。 网絡接入服务器分析用户 1和用户 2之间的会 话, 获取该会话所形成的特征信息。  When the user 1 wants to perform the transmission of the specific service with the user 2, the session connection of the service is established between the user 1 and the user 2. Before the Layer 2 channel is established, all traffic of User 1 and User 2 needs to be transited through the network access server. The network access server analyzes the session between user 1 and user 2 to obtain the feature information formed by the session.
步骤 S402、 确定用户 1与用户 2的控制点。  Step S402, determining control points of the user 1 and the user 2.
网絡接入服务器根据已知的网絡拓朴结构, 确定用户 1和用户 2的控制 点, 确定控制点的方法与上述步骤 S202至 S203类似, 在此不再赘述。 网絡 接入服务器通知控制点该数据流的特征标识及相应的控制规则。  The network access server determines the control points of the user 1 and the user 2 according to the known network topology. The method for determining the control points is similar to the foregoing steps S202 to S203, and details are not described herein again. The network access server notifies the control point of the feature identifier of the data stream and the corresponding control rule.
步骤 S403、 通过控制点调整该会话的数据流, 实现二层互通。  Step S403: Adjust a data flow of the session by using a control point to implement Layer 2 interworking.
当控制点收到报文时,利用特征标识对数据流中报文特征信息进行匹配, 如果匹配成功, 则通过控制点按照操作规则对报文进行修改和转发。  When the control point receives the packet, the feature identifier is used to match the packet feature information in the data stream. If the match is successful, the control point modifies and forwards the packet according to the operation rule.
下面结合附图和实施例, 对本发明的具体实施方式作进一步详细描述: 为方便叙述, 本发明实施例以 P2P业务为例进行说明, 但对于其他业务 也同样可以通过本发明的技术方案进行特定识别和二层互通, 业务的不同不 影响本发明的保护范围。  The specific embodiments of the present invention are further described in detail below with reference to the accompanying drawings and embodiments. For the convenience of description, the P2P service is taken as an example for the description of the present invention, but other services can also be specified by the technical solution of the present invention. Identification and Layer 2 interworking, the difference in service does not affect the scope of protection of the present invention.
如图 5所示, 为本发明实施例中通信双方处于不同 VLAN时的报文转发 流程示意图, 包括:  As shown in FIG. 5, it is a schematic diagram of a packet forwarding process when the two communication parties are in different VLANs according to the embodiment of the present invention, including:
属于不同 VLAN的用户 1 ( VLAN1 )和用户 2 ( VLAN2 )进行通信。 用 户 1向用户 2发送建立 P2P会话请求消息,该请求消息经过网絡接入服务器。 网絡接入服务器从该请求消息的报文中提取出特征信息, 从而根据该特征信 息确定该请求信息所对应的数据流的特征标识, 并进一步在用户 1和用户 2 之间的交点中, 根据预设规则选择最优的交点作为控制点。 在控制点处建立 才艮文匹配条件(源 IP, 源端口号, 目的 IP, 目的端口号, 业务类型)及相应 的数据报文操作规则 (修改源 MAC 为网絡接入服务器的 MAC, 修改目的 MAC为用户 2的 MAC, 把 VLAN标记从 VLAN1改成 VLAN2 ), 以建立二 层通道。 User 1 (VLAN1) and User 2 (VLAN2) belonging to different VLANs communicate. User 1 sends a setup P2P session request message to User 2, which passes through the network access server. The network access server extracts the feature information from the message of the request message, so as to determine the feature identifier of the data stream corresponding to the request information according to the feature information, and further, in the intersection between the user 1 and the user 2, according to The preset rule selects the optimal intersection as the control point. Established at the control point Matching conditions (source IP, source port number, destination IP address, destination port number, service type) and corresponding data packet operation rules (modify the source MAC address as the MAC address of the network access server, and modify the destination MAC address as user 2) MAC, change the VLAN tag from VLAN1 to VLAN2) to establish a Layer 2 channel.
步骤 S501、 用户 1向接入节点 1发送数据报文。  Step S501: The user 1 sends a data packet to the access node 1.
该请求消息中包含: 源 MAC地址(即用户 1的地址)、 目的 MAC地址 (即网絡接入服务器的地址)。  The request message includes: a source MAC address (ie, the address of user 1) and a destination MAC address (ie, the address of the network access server).
步骤 S502、 接入节点 1在该数据报文中添加 VLAN标识字段 VLAN1 , 发送给控制点。  Step S502: The access node 1 adds a VLAN identifier field VLAN1 to the data packet, and sends the packet to the control point.
步骤 S503、 控制点按照预设的数据报文操作规则调整该数据报文, 发送 给接入节点 2。  Step S503: The control point adjusts the data packet according to the preset data packet operation rule, and sends the data packet to the access node 2.
如果控制点判定接入节点 1发送的数据报文与特征标识中的匹配条件相 匹配, 那么, 确定该数据流为目标 P2P数据流, 并才艮据预先在控制点中建立 的数据报文操作规则对报文进行调整: 更改 VLAN标识字段为 VLAN2, 源 MAC地址调整为网絡接入服务器, 目的 MAC地址调整为用户 2, 从而实现 了将位于两个子网的用户 1通过网絡接入服务器发送给用户 2的 P2P数据流 转化为无需经过网絡接入服务器的位于相同子网的 P2P数据流。  If the control point determines that the data packet sent by the access node 1 matches the matching condition in the feature identifier, then the data stream is determined to be the target P2P data stream, and the data packet is operated according to the data packet established in the control point in advance. The rule adjusts the packet: Change the VLAN ID field to VLAN 2, adjust the source MAC address to the network access server, and adjust the destination MAC address to user 2. This allows users 1 on the two subnets to send to the network access server. The P2P data stream of User 2 is converted into a P2P data stream located on the same subnet without going through the network access server.
步骤 S504、接入节点 2转发调整后的数据报文给用户 2, 实现二层互通。 如图 6所示, 为本发明实施例中通信双方处于相同 VLAN时的报文转发 流程示意图, 包括:  Step S504: The access node 2 forwards the adjusted data packet to the user 2 to implement Layer 2 interworking. FIG. 6 is a schematic diagram of a packet forwarding process when the two communication parties are in the same VLAN according to the embodiment of the present invention, including:
属于相同 VLAN的用户 1和用户 2进行通信。 用户 1向用户 2发送建立 P2P会话的请求消息, 该请求消息经过网絡接入服务器。 网絡接入服务器从 该请求报文中提取出该请求报文所对应的数据流的特征信息, 并确定用户 1 和用户 2的控制点。 在控制点处建立报文匹配条件 (源 IP, 源端口号, 目的 IP, 目的端口号, 业务类型)及相应的数据报文操作规则 (修改源 MAC为网 絡接入服务器的 MAC,修改目的 MAC为用户 2的 MAC ),以建立二层通道。  User 1 and user 2 belonging to the same VLAN communicate. The user 1 sends a request message to the user 2 to establish a P2P session, and the request message passes through the network access server. The network access server extracts the feature information of the data stream corresponding to the request message from the request message, and determines the control points of the user 1 and the user 2. Set the packet matching conditions (source IP, source port number, destination IP address, destination port number, service type) and corresponding data packet operation rules at the control point. Modify the source MAC address as the MAC address of the network access server and modify the destination MAC address. For user 2's MAC), to establish a Layer 2 channel.
步骤 S601、 用户 1向接入节点 1发送数据报文。  Step S601: The user 1 sends a data packet to the access node 1.
该数据报文包含: 源 MAC地址, 即用户 1的地址; 目的 MAC地址, 即 网絡接入服务器的地址。 步骤 S602、 接入节点 1转发该数据报文给控制点。 The data packet includes: a source MAC address, that is, an address of the user 1, and a destination MAC address, that is, an address of the network access server. Step S602: The access node 1 forwards the data packet to the control point.
步骤 S603、 控制点按照预设的数据报文操作规则调整该数据报文, 发送 给接入节点 2。  Step S603: The control point adjusts the data packet according to the preset data packet operation rule, and sends the data packet to the access node 2.
控制点判定接入节点 1发送的报文与特征标识中的匹配条件相匹配, 确 定为该数据流为目标 P2P数据流, 并根据预先在控制点中建立的数据报文操 作规则对该数据报文进行调整: 源 MAC地址调整为网絡接入服务器, 目的 MAC地址调整为用户 2, 从而实现了将用户 1通过网絡接入服务器发送给用 户 2的 P2P数据流转化为无需经过网絡接入服务器的 P2P数据流。  The control point determines that the packet sent by the access node 1 matches the matching condition in the feature identifier, determines that the data stream is the target P2P data stream, and determines the datagram according to the data packet operation rule established in the control point in advance. The text is adjusted: the source MAC address is adjusted to the network access server, and the destination MAC address is adjusted to user 2, thereby realizing that the P2P data stream sent by user 1 to the user 2 through the network access server is converted into a network access server without going through the network access server. P2P data stream.
步骤 S604、 接入节点 2转发调整后的报文给用户 2, 实现二层互通。 如图 7所示, 为本发明实施例所述网絡单元的结构示意图, 包括: 参数提取模块 1 , 用于提取数据流的特征信息;  Step S604: The access node 2 forwards the adjusted packet to the user 2 to implement Layer 2 interworking. As shown in FIG. 7, a schematic structural diagram of a network unit according to an embodiment of the present invention includes: a parameter extraction module 1 configured to extract feature information of a data stream;
控制点选择模块 2 , 用于确定数据流的控制点;  a control point selection module 2 for determining a control point of the data stream;
规则建立模块 3 , 用于根据参数提取模块 1提取的特征信息, 在控制点 选择模块 2确定的控制点上, 建立数据流的特征标识和控制规则。  The rule establishing module 3 is configured to establish, according to the feature information extracted by the parameter extraction module 1, the feature identifier and the control rule of the data stream on the control point determined by the control point selection module 2.
其中, 控制点选择模块 2, 包括:  Wherein, the control point selection module 2 includes:
规则设置子模块 21 , 用于预设选择控制点的规则;  a rule setting sub-module 21, configured to preset a rule for selecting a control point;
控制点选择子模块 22, 用户根据规则设置子模块 21预设的选择控制点 的规则选择数据流的控制点。  The control point selection sub-module 22, the user selects the control point of the data flow according to the rule of the rule selection sub-module 21 preset selection control point.
其中, 规则建立模块 3 , 包括:  The rule establishing module 3 includes:
特征标识建立子模块 31 , 用于根据参数提取模块 1提取的特征信息建立 数据流的特征标识;  a feature identifier establishing sub-module 31, configured to establish a feature identifier of the data stream according to the feature information extracted by the parameter extraction module 1;
控制规则建立子模块 32, 用于确定对符合特征标识建立子模块 31 建立 的特征标识的数据流的控制规则。  The control rule establishing sub-module 32 is configured to determine a control rule for the data flow that meets the feature identifier established by the feature identifier establishing sub-module 31.
如图 8所示, 为本发明实施例所述控制点的结构示意图, 包括: 规则接收模块 1 , 用于接收网絡设备发送的关于数据流的特征标识和控 制规则;  As shown in FIG. 8, a schematic structural diagram of a control point according to an embodiment of the present invention includes: a rule receiving module 1 configured to receive a feature identifier and a control rule about a data flow sent by a network device;
流量匹配模块 2, 用于根据规则接收模块 1接收的特征标识匹配相应的 数据流;  The traffic matching module 2 is configured to match the corresponding data stream according to the feature identifier received by the rule receiving module 1;
流量操作模块 3 , 用于根据规则接收模块 1接收的控制规则对数据流进 行操作, 如修改数据流的报文内容和标识等。 The traffic operation module 3 is configured to import data according to a control rule received by the rule receiving module 1 Line operations, such as modifying the message content and identity of the data stream.
本发明实施例的技术方案具有以下优点, 因为釆用了提取特征信息, 选 择控制点, 识别并修改数据流报文, 建立二层互通的方法, 从而, 实现了相 同或不同子网中的数据流的识别和二层互通, 达到了减轻网絡负担, 提高网 絡传输效率, 改善用户使用体验的效果。  The technical solution of the embodiment of the present invention has the following advantages, because the extraction feature information is selected, the control point is selected, the data flow message is identified and modified, and the second layer interworking method is established, thereby realizing the data in the same or different subnets. The identification of the flow and the interworking of the second layer achieve the effect of reducing the network load, improving the network transmission efficiency, and improving the user experience.
通过以上的实施方式的描述, 本领域的技术人员可以清楚地了解到本发 明可以通过硬件实现, 也可以可借助软件加必要的通用硬件平台的方式来实 现。 基于这样的理解, 本发明的技术方案可以以软件产品的形式体现出来, 该软件产品可以存储在一个非易失性存储介质 (可以是 CD-ROM, U盘, 移 动硬盘等)中, 包括若干指令用以使得一台计算机设备 (可以是个人计算机, 服务器, 或者网絡设备等)执行本发明各个实施例所述的方法。  Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by hardware, or can be implemented by means of software plus a necessary general hardware platform. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a USB flash drive, a mobile hard disk, etc.), including several The instructions are for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods described in various embodiments of the present invention.
最后应说明的是: 以上实施例仅用以说明本发明的技术方案, 而非对其 限制; 尽管参照前述实施例对本发明进行了详细的说明, 本领域的普通技术 人员应当理解: 其依然可以对前述各实施例所记载的技术方案进行修改, 或 者对其中部分技术特征进行等同替换; 而这些修改或者替换, 并不使相应技 术方案的本质脱离本发明各实施例技术方案的精神和范围。  It should be noted that the above embodiments are only for explaining the technical solutions of the present invention, and are not intended to be limiting; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that: The technical solutions described in the foregoing embodiments are modified, or some of the technical features are equivalently replaced. The modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

权利要求 Rights request
1、 一种数据流二层互通的方法, 其特征在于, 包括:  A method for interworking two-layer data streams, which is characterized by:
提取数据流的特征信 , ;  Extract the feature letter of the data stream, ;
确定所述数据流的控制点;  Determining a control point of the data stream;
在所述控制点上根据所述数据流的特征信息建立所述数据流的特征标识 和控制规则, 以根据所述特征标识和控制规则为所述数据流实现二层互通。  And establishing a feature identifier and a control rule of the data stream according to the feature information of the data stream, to implement Layer 2 interworking for the data flow according to the feature identifier and the control rule.
2、 如权利要求 1所述数据流二层互通的方法, 其特征在于, 所述提取数 据流的特征信息, 具体为:  2. The method of the data stream layer 2 interworking according to claim 1, wherein the extracting the feature information of the data stream is specifically:
提取所述数据流的报文中的特征信息。  Extracting feature information in the message of the data stream.
3、 如权利要求 1所述数据流二层互通的方法, 其特征在于, 所述在所述 控制点上根据所述数据流的特征信息建立所述数据流的特征标识, 具体为: 根据所述特征信息建立的表示所述数据流的报文匹配条件的特征标识。 The method of the data stream two-layer interworking according to claim 1, wherein the determining, by the control point, the feature identifier of the data stream according to the feature information of the data stream, specifically: A feature identifier of the message matching condition indicating the data flow established by the feature information.
4、 如权利要求 1所述数据流二层互通的方法, 其特征在于, 所述在所述 控制点上根据所述数据流的特征信息建立所述数据流的控制规则, 具体为: 建立符合所述报文匹配条件的数据流的报文的操作规则。 The method of the data stream two-layer interworking according to claim 1, wherein the control rule of the data flow is established according to the feature information of the data flow at the control point, specifically: establishing a match The message matches the operation rule of the message of the conditional data stream.
5、 如权利要求 3或 4所述数据流二层互通的方法, 其特征在于, 所述根 据所述特征标识和控制规则为所述数据流实现二层互通, 具体为:  The method for interworking the second layer of the data stream according to claim 3 or 4, wherein the layer 2 is interconnected according to the feature identifier and the control rule, specifically:
所述控制点根据所述数据流的特征标识匹配相应的数据流报文; 按照所述控制规则操作所述数据流报文。  And the control point matches the corresponding data flow message according to the feature identifier of the data flow; and operates the data flow message according to the control rule.
6、 如权利要求 1所述的数据流二层互通的方法, 其特征在于, 所述确定 所述数据流的控制点, 具体为: 根据预设规则确定所述数据流的控制点。  The method for determining the data stream two-layer interworking according to claim 1, wherein the determining the control point of the data stream is: determining a control point of the data stream according to a preset rule.
7、 一种网絡单元, 其特征在于, 包括:  7. A network element, comprising:
参数提取模块, 用于提取数据流的特征信息;  a parameter extraction module, configured to extract feature information of the data stream;
控制点选择模块, 用于确定所述数据流的控制点;  a control point selection module, configured to determine a control point of the data stream;
规则建立模块, 用于根据所述参数提取模块提取的特征信息在所述控制 点选择模块确定的控制点上建立所述数据流的特征标识和控制规则。  And a rule establishing module, configured to establish, according to the feature information extracted by the parameter extraction module, a feature identifier and a control rule of the data stream on a control point determined by the control point selection module.
8、 如权利要求 7所述网絡单元, 其特征在于, 所述控制点选择模块, 包 括:  The network unit according to claim 7, wherein the control point selection module comprises:
规则设置子模块, 用于预设选择所述控制点的规则; 控制点选择子模块, 用户根据所述规则设置子模块预设的选择控制点的 规则选择数据流的控制点。 a rule setting submodule, configured to preset a rule for selecting the control point; The control point selects a sub-module, and the user selects a control point of the data flow according to the rule of the rule that the sub-module presets the selected control point.
9、如权利要求 7所述网絡单元,其特征在于, 所述规则建立模块, 包括: 特征标识建立子模块, 用于根据所述参数提取模块提取的特征信息建立 所述数据流的特征标识;  The network unit according to claim 7, wherein the rule establishing module comprises: a feature identifier establishing submodule, configured to establish a feature identifier of the data stream according to the feature information extracted by the parameter extracting module;
控制规则建立子模块, 用于确定对符合所述特征标识建立子模块建立的 特征标识的数据流的控制规则。  And a control rule establishing submodule, configured to determine a control rule for the data flow that meets the feature identifier established by the feature identifier establishing submodule.
10、 一种控制点, 其特征在于, 包括:  10. A control point, comprising:
规则接收模块, 用于接收关于所述数据流的特征标识和控制规则; 流量匹配模块, 用于根据所述规则接收模块接收的特征标识匹配相应的 数据流;  a rule receiving module, configured to receive a feature identifier and a control rule for the data stream; a traffic matching module, configured to match, according to the feature identifier received by the rule receiving module, a corresponding data stream;
流量操作模块, 用于根据所述规则接收模块接收的控制规则操作所述数 据流报文。  And a flow operation module, configured to operate the data flow message according to a control rule received by the rule receiving module.
PCT/CN2009/070894 2008-07-15 2009-03-19 Method and device for two-layer intercommunication of data stream WO2010006520A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200810132434.1 2008-07-15
CN200810132434.1A CN101631135A (en) 2008-07-15 2008-07-15 Method and device for two-layer intercommunication for data stream

Publications (1)

Publication Number Publication Date
WO2010006520A1 true WO2010006520A1 (en) 2010-01-21

Family

ID=41550005

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/070894 WO2010006520A1 (en) 2008-07-15 2009-03-19 Method and device for two-layer intercommunication of data stream

Country Status (2)

Country Link
CN (1) CN101631135A (en)
WO (1) WO2010006520A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106302525B (en) * 2016-09-27 2021-02-02 黄小勇 Network space security defense method and system based on camouflage
CN111009966A (en) * 2019-11-22 2020-04-14 贵州电网有限责任公司 Data interaction system, method and device of transformer substation equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1466340A (en) * 2002-06-24 2004-01-07 �人��������������ι�˾ Method for forwarding data by strategic stream mode and data forwarding equipment
CN1588921A (en) * 2004-09-17 2005-03-02 杭州恒生电子股份有限公司 Data processing system and data processing method based on multilayer structure
US7092363B1 (en) * 2000-06-26 2006-08-15 Aperto Networks, Inc. High-capacity scalable integrated wireless backhaul for broadband access networks
CN101035088A (en) * 2007-04-20 2007-09-12 华为技术有限公司 Method, system and access device for realizing the intercommunication of two layers of local specific service

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7092363B1 (en) * 2000-06-26 2006-08-15 Aperto Networks, Inc. High-capacity scalable integrated wireless backhaul for broadband access networks
CN1466340A (en) * 2002-06-24 2004-01-07 �人��������������ι�˾ Method for forwarding data by strategic stream mode and data forwarding equipment
CN1588921A (en) * 2004-09-17 2005-03-02 杭州恒生电子股份有限公司 Data processing system and data processing method based on multilayer structure
CN101035088A (en) * 2007-04-20 2007-09-12 华为技术有限公司 Method, system and access device for realizing the intercommunication of two layers of local specific service

Also Published As

Publication number Publication date
CN101631135A (en) 2010-01-20

Similar Documents

Publication Publication Date Title
EP3522457B1 (en) Dedicated virtual local area network for peer-to-peer traffic transmitted between switches
EP1816796B1 (en) Bi-directional forwarding in ethernet-based service domains over networks
US8971335B2 (en) System and method for creating a transitive optimized flow path
US20060117174A1 (en) Method of auto-configuration and auto-prioritizing for wireless security domain
US8774180B2 (en) Transporting multicast over MPLS backbone using virtual interfaces to perform reverse-path forwarding checks
US7366894B1 (en) Method and apparatus for dynamically securing voice and other delay-sensitive network traffic
US8325733B2 (en) Method and system for layer 2 manipulator and forwarder
US8270406B2 (en) Method and apparatus for blocking forged multicast packets
EP2579544A1 (en) Methods and apparatus for a scalable network with efficient link utilization
CN100583801C (en) A method, system and switching device for dynamically establishing multicast virtual LAN
WO2012171169A1 (en) Communications method and load balancer
WO2011022992A1 (en) Control element, forwarding element and routing method for internet protocol network
WO2017107814A1 (en) Method, apparatus and system for propagating qos policies
WO2006114037A1 (en) A communication system with session border controller and a method for the transmission of the signaling
JP2016506109A (en) Network address translated device identification for device specific traffic flow steering
US8861339B2 (en) Packet forwarding function of a mobility switch deployed as routed SMLT (RSMLT) node
WO2007059679A1 (en) A method for processing the abnormal multicast service and a network equipment thereof
WO2012095022A1 (en) Method and device for message transmission under mff manual mode
US8559431B2 (en) Multiple label based processing of frames
WO2008128449A1 (en) Method, system and access device for implementing two-layer intercommunication of special service
Oki et al. Advanced internet protocols, services, and applications
RU2611990C1 (en) Method for group transmission of packets via software-configurable networks
WO2007031006A1 (en) A virtual switching method which could be routed
JP2007521693A (en) Quality of service control in wireless local area networks
WO2010006520A1 (en) Method and device for two-layer intercommunication of data stream

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09797367

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09797367

Country of ref document: EP

Kind code of ref document: A1