WO2013060191A1 - Method for forwarding message, and method and apparatus for generating table entry - Google Patents

Method for forwarding message, and method and apparatus for generating table entry Download PDF

Info

Publication number
WO2013060191A1
WO2013060191A1 PCT/CN2012/080679 CN2012080679W WO2013060191A1 WO 2013060191 A1 WO2013060191 A1 WO 2013060191A1 CN 2012080679 W CN2012080679 W CN 2012080679W WO 2013060191 A1 WO2013060191 A1 WO 2013060191A1
Authority
WO
WIPO (PCT)
Prior art keywords
field
packet
internet protocol
protocol
hash
Prior art date
Application number
PCT/CN2012/080679
Other languages
French (fr)
Chinese (zh)
Inventor
田小辉
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2013060191A1 publication Critical patent/WO2013060191A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling

Definitions

  • the present invention relates to a communication technology, and in particular, to a method for forwarding a message, and a method and an apparatus for generating a table.
  • the tunneling protocol has been widely used in the field of communications.
  • Typical tunneling protocols include the Generic Routing Encapsulation (GRE) protocol and the Layer 2 Tunneling Protocol (L2TP).
  • the corresponding tunnel protocol packets include GRE protocol packets and L2TP packets.
  • the tunnel protocol packet includes the tunnel protocol header and data.
  • the tunneling protocol can be encapsulated into an internet protocol packet by adding an Internet Protocol header.
  • the internet protocol packet can be transmitted over the Internet.
  • the quintuple in the Internet Protocol header can be hashed as a hash factor, and the physical outgoing interface to be forwarded can be determined according to the result of the hash operation.
  • the tunnel protocol header of the Internet Protocol packet can be parsed by the software code and the factor of performing the hash operation is extracted from the tunnel protocol header, thereby solving the problem that the quintuple granularity is insufficient.
  • the quintuple is a protocol field, a source address field, a destination address field, a source port field and a destination port field in a User Datagram Protocol header, respectively, in the Internet Protocol Header.
  • a method for forwarding a packet includes:
  • the internet protocol packet includes a public network internet protocol header and a tunneling protocol header, where the internet protocol packet includes a tunneling protocol identifier field, where the tunneling protocol identifier field is used to identify a tunneling protocol of the internet protocol packet;
  • an apparatus for forwarding a message includes: a receiver, configured to receive an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the internet protocol packet includes a tunneling protocol identifier field, where the tunneling protocol identifier field is used to identify a tunneling protocol of the internet protocol packet;
  • a searching unit configured to search, in the hash control table, a first entry that matches a tunneling protocol determination field and the tunneling protocol identifier field according to the tunneling protocol identifier field, where the entry of the hash control table includes a tunneling protocol determining field, a signaling message judgment field and a hash factor extraction field; an extracting unit, configured to extract a hash factor from the internet protocol packet according to the hash factor extraction field of the first entry;
  • An execution unit configured to perform a hash operation according to the hash factor
  • a determining unit configured to determine, according to a result of the hash operation, a physical outbound interface for forwarding the internet protocol packet
  • a transmitter configured to forward the internet protocol packet according to the physical outbound interface.
  • a method for generating an entry includes: Generating an entry of a hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunneling protocol determination field is configured to determine whether a tunneling protocol identifier field of the internet protocol packet matches the tunneling protocol determination field,
  • the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify a tunnel association of the internet protocol packet, so that the tunnel protocol identifier field matches the tunnel protocol determination field, the software
  • the code extracts a hash factor from the internet protocol packet.
  • an apparatus for generating an entry includes: an entry generating unit, configured to generate an entry of a hash control table, where the entry includes a tunnel protocol determination field and a hash factor extraction field.
  • the tunnel protocol determination field is configured to determine whether the tunnel protocol identifier field of the internet protocol packet matches the tunnel protocol determination field, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify the tunnel protocol identifier field.
  • a tunneling protocol for internet protocol grouping the hash factor extraction field is used to assign a value to a variable of the second software code
  • a first assignment unit configured to assign a value to a variable of the software code for extracting the hash factor according to the hash factor extraction field, so that the software code is used when the tunneling protocol identification field matches the tunneling protocol determination field A hash factor is extracted from the internet protocol packet.
  • the method for forwarding a message, the device for forwarding a message, the method for generating an entry, and the device for generating a table all relate to a hash control table.
  • the entries of the hash control table include a tunnel protocol decision field and a hash factor extraction field.
  • the tunnel protocol judgment field an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunneling protocol.
  • the hash factor extraction field the factor for hashing can be extracted from the internet protocol packet.
  • the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table.
  • the factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. It can be seen that, by using the method for forwarding a packet and the method and device for generating an entry provided by the embodiment of the present invention, it is possible to solve different software protocols for extracting a factor for performing hash operation for different tunnel protocols, and occupying A problem with more storage space.
  • FIG. 1 is a flowchart of a method for forwarding a message according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of an apparatus for forwarding a message according to an embodiment of the present invention
  • FIG. 3 is a flowchart of a method for generating an entry according to an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of an apparatus for generating an entry according to an embodiment of the present invention.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • the embodiment of the invention provides a method for forwarding a message, which can be used in a scenario in which hash operation is required.
  • the method for forwarding the packet according to the embodiment of the present invention may obtain a hash factor from the Internet Protocol packet, and then perform a hash operation.
  • FIG. 1 is a flowchart of a method for forwarding a certificate according to an embodiment of the present invention, where the method includes:
  • the internet protocol packet includes a public network internet protocol header and a tunnel protocol header.
  • the internet protocol packet contains a tunneling protocol identification field.
  • the tunnel protocol identification field A tunneling protocol used to identify the internet protocol packet.
  • the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6.
  • the tunnel protocol header can be a GRE protocol header, or an L2TP header.
  • the network device receiving the internet protocol packet can be a router.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header.
  • the tunneling protocol of the Internet Protocol packet is L2TP.
  • the tunnel protocol identifier field may be the Next header field in the public network protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunneling protocol identification field may also include a source port field or a destination port field in the user datagram protocol header. For example, when the next header field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
  • Step 102 Search, according to the tunnel protocol identifier field, a first entry in the hash control table that matches the tunnel protocol determination field and the tunnel protocol identifier field.
  • the entries of the hash control table include a tunnel protocol decision field and a hash factor extraction field.
  • a hash control table can be generated through the embedded system development environment, such as VxWorks provided by Wind River System Inc.
  • the user can also update the hash control table by inputting a command line at the console, including adding or deleting an entry of the hash control table.
  • the hash control table can be stored in the storage space located on the forwarding plane.
  • the hash control table can be stored in a synchronous dynamic random access memory located on the forwarding plane of the router. (Synchronous Dynamic Random Access Memory).
  • the hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, the first entry can be found by traversing multiple entries.
  • the tunneling protocol judgment field of the first entry is equal to the tunneling protocol identification field of the internet protocol packet.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunnel protocol judgment field corresponding to the protocol field in the first entry is 37.
  • the tunnel protocol identifier field further includes a source port field or a destination port field in the header of the user datagram protocol.
  • the tunnel protocol judgment field corresponding to the protocol field in the header of the public network protocol header in the first entry is 17
  • the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701 in the first entry.
  • the offset subfield is used to define the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the length of the hash factor. Therefore, the hash factor can be extracted from the internet protocol packet according to the offset subfield and the length subfield in the hash factor extraction field.
  • the first entry may include two hash factor extraction fields.
  • Each hash factor extraction field may include an offset subfield and a length subfield.
  • the offset subfield in the hash factor extraction factor extraction field corresponding to the source internet protocol address field in the passenger message is 20, indicating that the offset of the hash factor relative to the first bit of the tunnel protocol header is 20 bytes.
  • the bit corresponding to the destination internet protocol address field in the passenger message is byte.
  • the offset subfield in the hash factor extraction field is 24 to indicate the hash factor relative to the tunnel.
  • the offset of the first bit of the track protocol header is 24 bytes.
  • the first entry may include two hash factor extraction fields.
  • the two hash factor extraction fields correspond to the Session ID field and the Tunnel ID field, respectively.
  • Each hash factor extraction field can include an offset subfield and a length subfield.
  • the offset subfield and the length subfield in the hash factor extraction field corresponding to the Session ID field may be 6 and 2, respectively, and the unit is byte.
  • the offset subfield in the hash factor extraction field is 6 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 6 bytes.
  • the offset subfield and the length subfield in the hash factor extraction field corresponding to the Tunnel ID field may be 4 and 2, respectively, in bytes.
  • the offset subfield of 4 in the hash factor extraction field indicates that the hash factor has an offset of 4 bytes from the first bit of the tunnel protocol header.
  • the hash operation may be performed only according to the hash factor obtained in step 103.
  • the hash factor and the quintuple obtained in step 103 may be used as all hash factors required for performing the hash operation, and the hash operation is performed. .
  • the step 103 can obtain the tunnel ID and the session ID in the tunneling protocol header.
  • the entry includes a tunneling protocol decision field and a hash factor extraction field. According to the tunnel protocol judgment field, an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunneling protocol. Extracting fields based on hash factors, which can be extracted from the internet protocol grouping The factor of the hash operation. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table.
  • the factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the method provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation needs to be developed for the different tunnel protocols in the prior art, and the storage space occupied is large.
  • the method includes: signaling according to the first entry a message judgment field, determining whether the internet protocol packet is a signaling message;
  • the tunneling protocol header in the internet protocol packet may include a signaling identifier field.
  • the signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet.
  • the type field in the tunnel protocol header is a signaling message identification field.
  • the Internet Protocol packet is a data message; when the Type field is 1, the Internet Protocol packet is a signaling message.
  • the signaling message determination field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield in the signalling message judgment field is used to define the starting position of the signaling message identification field in the tunnel protocol header.
  • the length subfield in the Signaling Message Judgment field is used to define the length of the signaling message identification field. Therefore, the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing the signaling packet identifier field with the value subfield in the signaling packet judgment field, it is possible to determine whether the internet protocol packet is a signaling packet.
  • the signaling packet identifier field in the tunnel protocol header may identify the Internet Protocol packet as a signaling packet, or may identify the Internet Protocol packet as a data packet.
  • the value in the signaling message judgment field If the subfield is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, it indicates that the internet protocol packet is a signaling report. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
  • the signaling packet judgment field in the first entry may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield and the length subfield can be 0 and 1, respectively.
  • the value subfield in the signalling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet.
  • the signaling packet identifier field is not equal to the value subfield in the signaling packet judgment field, indicating that the internet protocol packet is not a data packet.
  • the signaling control table entry corresponding to the GRE protocol does not need to have a signaling packet judgment field.
  • the tunneling protocol identifier field is a protocol field in the public network protocol header of the public network.
  • the tunnel protocol identifier field is the next header field in the public network protocol header of the public network.
  • the tunnel protocol identifier field further includes a source port field or a destination port field in the public network protocol header of the public network.
  • the determining, according to the signaling packet judgment field of the first entry, the determining whether the internet protocol packet is a signaling packet includes: a signaling packet identifier field in a channel protocol header, the signaling packet The identifier field is used to identify whether the internet protocol packet is a signaling packet, and the offset subfield in the signaling packet determination field is used to define a starting position of the signaling packet identifier field in the tunnel protocol header.
  • the length subfield in the signaling message judgment field is used to define the length of the signaling packet identifier field;
  • the hash factor is extracted according to the hash factor of the first entry, and extracting the hash factor from the internet protocol packet includes: extracting the hash factor in the protocol packet, and extracting the offset in the field by the hash factor
  • the field is used to define a starting position of the hash factor in the internet protocol packet, and the length subfield in the hash factor extraction field is used to define the length of the hash factor.
  • the method After the first entry matching the tunnel protocol determination field and the tunnel protocol identification field in the hash control table, and extracting the hash factor from the internet protocol packet, the method includes:
  • the hash factor is extracted from the internet protocol packet, and the hash factor is the stream attribute field.
  • a stream attribute field may be included in the internet protocol packet.
  • the stream attribute field is used to identify that the internet protocol packet belongs to a stream and does not belong to other streams.
  • flow The attribute fields may be different.
  • the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header.
  • the tunnel protocol of the Internet Protocol packet is the GRE protocol
  • the stream attribute field is the passenger.
  • the hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs.
  • the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
  • the stream attribute judgment field is used to judge whether the internet protocol packet contains a stream attribute field.
  • the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet.
  • the stream attribute judgment field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield is used to define the starting position of the stream attribute identification field in the tunnel protocol header.
  • the Length subfield is used to define the length of the stream attribute identification field. Therefore, the flow attribute identification field can be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the flow attribute judgment field. By comparing whether the flow attribute field and the value sub-field in the flow attribute judgment field are equal, it is possible to judge whether the Internet Protocol packet contains the flow attribute field.
  • the flow attribute identifier field is the Protocol Type field in the tunnel protocol header.
  • the protocol type field is 0x0800
  • the passenger message in the Internet Protocol packet contains the stream attribute field, that is, the source internet protocol address field and the destination internet protocol address field.
  • the offset subfield and the length subfield in the stream attribute judgment field corresponding to the protocol type field are 16 and 16, respectively, and the unit is a bit.
  • the offset subfield in the stream attribute judgment field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunnel protocol header is 16 bits.
  • the value subfield in the stream attribute judgment field is 0x0800.
  • the Internet Protocol packet when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, the flow attribute determination field does not need to be included in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • the embodiment of the invention provides a device for forwarding a message, which can be used in a scenario in which hash operation is required.
  • the device that forwards the packet according to the embodiment of the present invention may obtain a hash factor from the Internet Protocol packet, and then perform a hash operation.
  • FIG. 2 is a schematic diagram of an apparatus for forwarding a message according to an embodiment of the present invention, where the apparatus includes:
  • the receiver 201 is configured to receive an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header.
  • the internet protocol packet contains a tunneling protocol identification field.
  • the tunnel protocol identification field is used to identify the tunneling protocol of the internet protocol packet.
  • the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6.
  • the tunnel protocol header can be a GRE protocol header, or an L2TP header.
  • the network device receiving the internet protocol packet can be a router.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header.
  • the tunneling protocol of the Internet Protocol packet is L2TP.
  • the tunneling protocol identification field may be the next header field in the public network internet protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunnel protocol identifier field may further include a source port field or a destination port word in the user datagram protocol header.
  • the tunneling protocol of the Internet Protocol packet is L2TP.
  • the searching unit 202 is configured to search, in the hash control table, the first entry that matches the tunnel protocol determination field and the tunnel protocol identifier field according to the tunnel protocol identifier field.
  • the entries of the hash control table include a tunneling protocol decision field, and a hash factor extraction field.
  • a hash control table can be generated through the embedded system development environment, such as VxWorks provided by American Wind River Systems.
  • the user can also update the hash control table by entering a command line at the console, including adding or deleting entries of the hash control table.
  • the hash control table can be stored in the storage space located on the forwarding plane.
  • the hash control table can be stored in synchronous dynamic random access memory located at the router's forwarding plane.
  • the hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, the first entry can be found by traversing multiple entries.
  • the tunneling protocol judgment field of the first entry is equal to the tunneling protocol identification field of the internet protocol packet.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunnel protocol judgment field corresponding to the protocol field in the first entry is 37.
  • the tunnel protocol identifier field further includes a source port field or a destination port field in the header of the user datagram protocol.
  • the tunnel protocol judgment field corresponding to the protocol field in the header of the public network protocol header in the first entry is 17, and the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701 in the first entry. .
  • the extracting unit 203 is configured to extract a hash factor from the internet protocol packet according to the hash factor extraction field of the first entry.
  • the offset subfield is used to define the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the length of the hash factor. Therefore, you can extract the fields based on the hash factor
  • the offset subfield and the length subfield extract a hash factor from the internet protocol packet.
  • the first entry may include two hash factor extraction fields.
  • Each hash factor extraction field can include an offset subfield and a length subfield.
  • the offset subfield in the hash factor extraction factor extraction field corresponding to the source internet protocol address field in the passenger message is 20, indicating that the offset of the hash factor relative to the first bit of the tunnel protocol header is 20 bytes.
  • the bit corresponding to the destination internet protocol address field in the passenger message is byte.
  • the offset subfield in the hash factor extraction field is 24 indicating that the offset of the hash factor relative to the first bit of the tunnel protocol header is 24 bytes.
  • the first entry may include two hash factor fields.
  • Each hash factor extraction field may include an offset subfield and a length subfield. Its fields can be 6 and 2, respectively, in bytes.
  • the offset subfield in the hash factor extraction field is 6 to indicate that the hash factor is offset from the first bit of the tunneling protocol header by 6 bytes. With to be 4 and 2, the unit is byte.
  • the offset subfield in the hash factor extraction field is 4 indicating that the hash factor has an offset of 4 bytes from the first bit of the tunnel protocol header.
  • the executing unit 204 is configured to perform a hash operation according to the hash factor.
  • the hash operation may be performed only according to the hash factor obtained by the extracting unit 203.
  • the hash factor and the quintuple obtained according to the extracting unit 203 may also be performed as all hash factors required to perform the hash operation. Hash operation.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol
  • the tunneling protocol can obtain the tunnel in the tunneling protocol header according to the extracting unit 203. ID and Session ID.
  • the determining unit 205 is configured to determine, according to the result of the hash operation, a physical outbound interface for forwarding the internet protocol packet.
  • the transmitter 206 is configured to forward the internet protocol packet according to the physical outbound interface.
  • the entry of the hash control table in the apparatus for forwarding a message includes a tunnel protocol determination field and a hash factor extraction field.
  • the tunnel protocol judgment field an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunnel protocol.
  • the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table.
  • the factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the apparatus provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation is different for the different tunnel protocols, and the storage space occupied by the device is occupied.
  • the device for forwarding the message may include:
  • a first determining unit configured to: after the first entry matching the tunnel protocol determination field and the tunnel protocol identifier field in the hash control table, and before extracting the hash factor from the internet protocol packet,
  • the tunneling protocol header in the internet protocol packet may include a signaling identifier field.
  • the signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet.
  • the type field in the tunnel protocol header is a signaling message identifier field.
  • the Internet Protocol is grouped into data messages;
  • the type field is 1, the Internet Protocol packet is a signaling message.
  • the signaling message determination field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield in the signalling message judgment field is used to define the starting position of the signaling message identification field in the tunnel protocol header.
  • the length subfield in the Signaling Message Judgment field is used to define the length of the signaling message identification field. Therefore, the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing the signaling packet identifier field with the value subfield in the signaling packet judgment field, it is possible to determine whether the internet protocol packet is a signaling packet.
  • the signaling packet identifier field in the tunnel protocol header may identify the internet protocol packet as a signaling message, or may identify the internet protocol packet as a data packet. If the value subfield in the signaling packet judgment field is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
  • the signaling packet judgment field in the first entry may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield and the length subfield may be 0 and 1, respectively.
  • the value subfield in the signaling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the value subfield in the signaling message judgment field is 0, if the signaling packet identification field and the signaling packet judgment field are If the value subfields are equal, it indicates that the Internet Protocol packet is a data packet. If the signaling packet identification field and the value subfield in the signaling packet judgment field are not equal, it indicates that the Internet Protocol packet is not a data packet.
  • the signaling control table entry corresponding to the GRE protocol does not need to have a signaling packet judgment field.
  • the first determining unit may include:
  • An extraction subunit configured to extract, according to the offset subfield and the length subfield in the signaling packet, a signaling packet identifier field in the tunnel protocol header, where the signaling packet identifier field is used to identify the identifier Whether the internet protocol packet is a signaling packet, and the offset subfield in the signaling packet determining field is used to define a starting position of the signaling packet identifier field in the tunnel protocol header, and the signaling packet is determined.
  • the length subfield in the field is used to define the length of the signaling packet identifier field.
  • the comparison subunit is configured to compare whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal. Whether the internet protocol packet is a signaling message is judged.
  • the extracting unit 203 may include:
  • Extracting a subunit configured to extract the hash factor from the internet protocol packet according to the offset subfield and the length subfield in the hash factor extraction field, where the offset subfield in the hash factor extraction field is used A starting position of the hash factor in the internet protocol packet is defined, and a length subfield in the hash factor extraction field is used to define the length of the hash factor.
  • the device for forwarding the message may include:
  • a second determining unit configured to: after the first entry matching the tunneling protocol determination field and the tunneling protocol identifier field is found in the hash control table, and before extracting the hash factor from the internet protocol packet, Determining, according to the flow attribute judgment field of the first entry, whether the internet protocol packet includes a flow attribute field;
  • a stream attribute field may be included in the internet protocol packet.
  • the stream attribute field is used to identify that the internet protocol packet belongs to a stream and not to other streams.
  • the stream attribute fields may be different in different scenarios. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field.
  • the hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs.
  • the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
  • the stream attribute judgment field is used to judge whether the internet protocol packet contains a stream attribute field.
  • the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet.
  • the stream attribute judgment field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield is used to define the starting position of the stream attribute identification field in the tunnel protocol header.
  • the Length subfield is used to define the length of the stream attribute identification field. Therefore, the flow attribute identification field can be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the flow attribute judgment field. By comparing whether the flow attribute field and the value sub-field in the flow attribute judgment field are equal, it is possible to judge whether the Internet Protocol packet contains the flow attribute field.
  • the flow attribute identifier field is the protocol type field in the tunnel protocol header.
  • the protocol type field is 0x0800
  • the passenger message in the internet protocol packet includes a stream attribute field, that is, a source internet protocol address field and a destination internet protocol address field.
  • the offset attribute field in the stream attribute judgment field corresponding to the protocol type field and the length The degree subfields are 16 and 16, respectively, in units of bits.
  • the offset subfield in the stream attribute determination field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunneling protocol header is 16 bits.
  • the value subfield in the stream attribute judgment field is 0x0800.
  • the Internet Protocol packet when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, it is not necessary to include a flow attribute judgment field in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • the embodiment of the invention provides a method for generating an entry, which can be used in a scenario in which hash operation is required. For example, when the router forwards the Internet Protocol packet of the GRE protocol, the method for generating an entry according to the embodiment of the present invention may obtain a hash factor from the Internet Protocol packet, and then perform a hash operation.
  • FIG. 3 is a flowchart of a method for generating an entry according to an embodiment of the present invention, where the method includes:
  • the internet protocol packet includes a public network internet protocol header and a tunneling protocol header, where the tunneling protocol identification field is used to identify a tunneling protocol of the internet protocol packet, and the hash factor extraction field is used for extracting from the internet protocol packet
  • the variable of the first software code of the hash factor is assigned such that the first software code extracts a hash factor from the internet protocol packet if the tunneling protocol identification field matches the tunneling protocol determination field.
  • the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6.
  • the tunnel protocol header can be a GRE protocol header, or an L2TP header.
  • the network device receiving the internet protocol packet can be a router.
  • the tunneling protocol identifier field may be a protocol field in the public network internet protocol header.
  • the protocol field is 37
  • the Internet Protocol is grouped.
  • the tunneling protocol is the GRE protocol.
  • the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header.
  • the tunneling protocol of the Internet Protocol packet is L2TP.
  • the tunneling protocol identification field may be the next header field in the public network internet protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunneling protocol identification field may also include a source port field or a destination port field in the user datagram protocol header. For example, when the next header field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
  • a hash control table can be generated through the embedded system development environment, such as VxWorks provided by American Wind River Systems.
  • the user can update the hash control table by entering a command line at the console, including adding or deleting entries for the hash control table.
  • the hash control table can be stored in the storage space located on the forwarding plane.
  • the hash control table can be stored in a synchronous dynamic random access memory located at the router forwarding plane.
  • the hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, you can find the entry by traversing multiple entries.
  • the tunneling protocol determination field of this entry is equal to the tunneling protocol identification field of the internet protocol packet.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunnel protocol judgment field corresponding to the protocol field in this entry is 37.
  • the tunnel protocol identifier field in addition to the protocol field in the public network protocol header, further includes a source port field or a destination port field in the user datagram protocol header.
  • the judgment field is 17
  • the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701.
  • the first software code is used to extract a hash factor from the internet protocol packet.
  • the hash factor extraction field can assign a value to the variable of the first software code such that the first software code can extract the hash factor from the internet protocol packet corresponding to a certain type of tunneling protocol.
  • the hash is defined as the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the hash factor field, and the hash factor is extracted from the internet protocol packet.
  • the entry may include two hash factor extraction fields.
  • Each hash factor extraction field may include an offset subfield and a length subfield.
  • the offset subfield and the length subfield in the hash factor extraction field corresponding to the source internet protocol address field in the passenger message may be 20 and 4, respectively, and the unit is byte.
  • the offset subfield in the hash factor extraction field is 20 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 20 bytes.
  • the offset subfield in the hash factor extraction field is 24 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 24 bytes.
  • the entry may include two hash factor extraction fields.
  • the two hash factor extraction fields correspond to the Session ID field and the Tunnel ID field, respectively.
  • Each hash factor extraction field may include an offset subfield and a length subfield. Its fields can be 6 and 2, respectively, in bytes.
  • the offset subfield in the hash factor extraction field is 6 to indicate that the hash factor is offset from the first bit of the tunneling protocol header by 6 bytes. With to be 4 and 2, the unit is byte.
  • the offset subfield in the hash factor extraction field is 4
  • the offset of the hash factor relative to the first bit of the tunneling protocol header is 4 bytes.
  • a hash factor can be used to perform a hash operation.
  • the hash operation may be performed only according to the hash factor obtained by the first software code; the hash factor and the quintuple obtained according to the first software code may also be used as all hash factors required for performing the hash operation. , perform a hash operation.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol
  • the tunneling protocol that can be obtained according to the first software code is L2TP
  • the tunnel ID and the session ID in the tunneling protocol header can be obtained according to the first software code.
  • a physical outgoing interface for forwarding the internet protocol packet can be determined.
  • the entry includes a tunneling protocol determination field and a hash factor extraction field.
  • an entry matching the Internet Protocol packet can be found in the hash control table.
  • This entry corresponds to a tunneling protocol.
  • the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table.
  • the factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the method provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation needs to be developed for different tunnel protocols in the prior art.
  • the entry may include a signaling message determination field, where the signaling message determination field is used to assign a value to a variable for determining whether the Internet Protocol packet is a second software code of the signaling message, so as to facilitate the second software.
  • the code determines whether the internet protocol packet is a signaling message.
  • the tunnel protocol header in the internet protocol packet may include a signaling identifier. Field.
  • the signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet.
  • the type field in the tunnel protocol header is a signaling message identifier field.
  • the Internet Protocol packet is a data message; when the Type field is 1, the Internet Protocol packet is a signaling message.
  • the second software code is used to determine whether the internet protocol packet is a signaling message.
  • the signaling message judgment field may be assigned a variable of the second software code, so that the second software code can determine whether the internet protocol packet corresponding to a certain type of tunneling protocol is a signaling message.
  • the signaling message judgment field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield in the signalling message judgment field is used to define the starting position of the signaling message identification field in the tunnel protocol header.
  • the length subfield in the Signaling Message Judgment field is used to define the length of the signaling message identification field.
  • the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing the signaling packet identifier field with the value subfield in the signaling packet judgment field, it is possible to determine whether the internet protocol packet is a signaling packet.
  • the signaling packet identifier field in the tunnel protocol header may identify the internet protocol packet as a signaling message, or may identify the internet protocol packet as a data packet. If the value subfield in the signaling packet judgment field is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
  • the signaling packet judgment field in the entry may include an offset subfield, a length subfield, and a value subfield. Where the offset subfield And the length subfields can be 0 and 1, respectively.
  • the value subfield in the signaling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet.
  • the signaling packet identifier field is not equal to the value subfield in the signaling packet judgment field, indicating that the internet protocol packet is not a data packet.
  • the signaling control table entry corresponding to the GRE protocol does not need to have a signaling packet judgment field.
  • the entry may include a flow attribute determination field for assigning a value to a variable of the third software code for determining whether the internet protocol packet includes a flow attribute field, to facilitate the third software code to the internet protocol Whether the packet is judged for the signaling message.
  • a stream attribute field may be included in the internet protocol packet.
  • the stream attribute field is used to identify that the internet protocol packet belongs to a stream and does not belong to other streams.
  • the stream attribute fields may be different in different scenarios. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field.
  • the hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs.
  • the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
  • the third software code is used to determine whether the internet protocol packet contains a stream attribute field.
  • the stream attribute determination field may assign a value to the variable of the third software code, thereby enabling the third software code to determine whether the internet protocol packet corresponding to a certain type of tunneling protocol includes a stream attribute field.
  • the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet.
  • the stream attribute determination field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield is used to define the starting position of the stream attribute identification field in the tunneling protocol header.
  • the length subfield is used to define the length of the stream attribute identification field. Therefore, the flow attribute identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the flow attribute judgment field. By comparing whether the stream attribute identifier field and the value attribute subfield in the stream attribute judgment field are equal, it is possible to judge whether the internet protocol packet includes the stream attribute field.
  • the flow attribute identifier field is the protocol type field in the tunnel protocol header.
  • the protocol type field is 0x0800
  • the passenger message in the internet protocol packet contains the stream attribute field, that is, the source internet protocol address field and the destination internet protocol address field.
  • the offset subfield and the length subfield in the stream attribute judgment field corresponding to the protocol type field are 16 and 16, respectively, and the unit is a bit.
  • the offset subfield in the stream attribute determination field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunneling protocol header is 16 bits.
  • the value subfield in the stream attribute judgment field is 0x0800.
  • the Internet Protocol packet when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, it is not necessary to include a flow attribute judgment field in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
  • Embodiment 4 is a diagrammatic representation of Embodiment 4:
  • the embodiment of the invention provides an apparatus for generating an entry, which can be used in a scenario in which a hash operation is required. For example, when a router forwards an internet protocol packet whose tunneling protocol is a GRE protocol, the device for generating an entry according to the embodiment of the present invention may obtain the network protocol packet from the internet protocol packet. The hash factor, which in turn performs a hash operation.
  • FIG. 4 is a schematic diagram of an apparatus for generating an entry according to an embodiment of the present invention, where the apparatus includes:
  • the entry generation unit 401 is configured to generate an entry of the hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunneling protocol determination field is used to determine whether the tunneling protocol identifier field of the internet protocol packet is The tunnel protocol judgment field is matched, and the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify a tunnel protocol of the internet protocol packet, and the hash factor extraction field is used for Deriving a variable assignment of the first software code of the hash factor in the internet protocol packet;
  • a first assignment unit 402 configured to assign a value to the variable of the first software code according to the hash factor extraction field, so that the first software code is obtained when the tunneling protocol identifier field matches the tunneling protocol determination field A hash factor is extracted from the internet protocol packet.
  • the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6.
  • the tunnel protocol header can be a GRE protocol header, or an L2TP header.
  • the network device receiving the internet protocol packet can be a router.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header.
  • the tunneling protocol of the Internet Protocol packet is L2TP.
  • the tunneling protocol identification field may be the next header field in the public network internet protocol header.
  • the tunneling protocol of the Internet Protocol packet is the GRE protocol.
  • the tunnel protocol identifier field may further include a source port field or a destination port word in the user datagram protocol header.
  • the tunneling protocol of the Internet Protocol packet is L2TP.
  • a hash control table can be generated through the embedded system development environment, such as VxWorks provided by American Wind River Systems.
  • the user can update the hash control table by entering a command line at the console, including adding or deleting entries for the hash control table.
  • the hash control table can be stored in the storage space located on the forwarding plane.
  • the hash control table can be stored in a synchronous dynamic random access memory located at the router forwarding plane.
  • the hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, you can find the entry by traversing multiple entries.
  • the tunneling protocol determination field of this entry is equal to the tunneling protocol identification field of the internet protocol packet.
  • the tunneling protocol identification field may be a protocol field in the public network internet protocol header.
  • the tunnel protocol judgment field corresponding to the protocol field in this entry is 37.
  • the tunnel protocol identifier field further includes a source port field or a destination port field in the header of the user datagram protocol.
  • the tunnel protocol judgment field corresponding to the protocol field in the public network protocol header of the entry is 17
  • the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701.
  • the first software code is used to extract a hash factor from the internet protocol packet.
  • the hash factor extraction field can assign a value to the variable of the first software code such that the first software code can extract the hash factor from the internet protocol packet corresponding to a certain type of tunneling protocol.
  • the hash is defined as the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the hash factor field, and the hash factor is extracted from the internet protocol packet.
  • the entry may include two hashes.
  • Factor extraction field may include an offset subfield and a length subfield.
  • the offset subfield and the length subfield in the hash factor extraction field corresponding to the source internet protocol address field in the passenger message may be 20 and 4, respectively, and the unit is byte.
  • the offset subfield in the hash factor extraction field is 20 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 20 bytes.
  • the offset subfield in the hash factor extraction field is 24 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 24 bytes.
  • the entry may include two hash factor extraction fields.
  • the two hash factor extraction fields correspond to the Session ID field and the Tunnel ID field, respectively.
  • Each hash factor extraction field may include an offset subfield and a length subfield. Its fields can be 6 and 2, respectively, in bytes.
  • the offset subfield in the hash factor extraction field is 6 to indicate that the hash factor is offset from the first bit of the tunneling protocol header by 6 bytes. With to be 4 and 2, the unit is byte.
  • the offset subfield in the hash factor extraction field is 4 indicating that the hash factor has an offset of 4 bytes from the first bit of the tunnel protocol header.
  • a hash factor can be used to perform a hash operation.
  • the hash operation may be performed only according to the hash factor obtained by the first software code; the hash factor and the quintuple obtained according to the first software code may also be used as all hash factors required for performing the hash operation.
  • the tunnel protocol of the hash protocol is the GRE protocol
  • the tunnel ID and the session ID in the tunnel protocol header can be obtained according to the first software code.
  • the physical exit for forwarding the internet protocol packet can be determined. Interface.
  • the entry of the hash control table involved in the device for generating an entry according to the embodiment of the present invention includes a tunnel protocol determination field and a hash factor extraction field.
  • the tunnel protocol judgment field an entry matching the Internet Protocol packet can be found in the hash control table.
  • This entry corresponds to a tunneling protocol.
  • the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table.
  • the factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the device provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation needs to be developed for different tunnel protocols in the prior art, and the storage space occupied is large.
  • the device for generating an entry may include:
  • a second evaluation unit configured to determine, according to the signaling message judgment field included in the entry, a variable for determining whether the internet protocol packet is a second software code of the signaling message, so as to facilitate the second software code pair Whether the internet protocol packet is used for signaling signaling.
  • the tunneling protocol header in the internet protocol packet may include a signaling identifier field.
  • the signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet.
  • the type field in the tunnel protocol header is a signaling message identifier field.
  • the Internet Protocol packet is a data packet; when the type field is 1, the Internet Protocol packet is a signaling message.
  • the second software code is used to determine whether the internet protocol packet is a signaling message.
  • the signaling message determination field may assign a value to the variable of the second software code, so that the second software code can determine whether the Internet Protocol packet corresponding to a certain type of tunneling protocol is a signaling message.
  • the signaling message judgment field may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield in the signaling message judgment field is used to define the signaling packet identification field in the tunneling protocol. The starting position in the head.
  • the length subfield in the signaling message judgment field is used to define the length of the signaling packet identification field.
  • the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, it is possible to determine whether the internet protocol packet is a signaling packet.
  • the signaling packet identifier field in the tunnel protocol header may identify the internet protocol packet as a signaling message, or may identify the internet protocol packet as a data packet. If the value subfield in the signaling packet judgment field is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
  • the signaling packet judgment field in the entry may include an offset subfield, a length subfield, and a value subfield.
  • the offset subfield and the length subfield may be 0 and 1, respectively.
  • the value subfield in the signaling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet.
  • the network protocol packet is a data packet.
  • the signaling packet identifier field is not equal to the value subfield in the signaling packet judgment field, indicating that the internet protocol packet is not a data packet. It should be noted that the tunnel protocol is not the signaling packet of the GRE protocol. Therefore, the signaling table of the hash control table corresponding to the GRE protocol does not need to have a signaling packet judgment field.
  • the device for generating an entry may include:
  • a third assignment unit configured to determine, according to the flow attribute judgment field included in the entry, a variable of a third software code for determining whether the internet protocol packet includes a flow attribute field, to facilitate the third software code to the internet protocol Whether the packet is judged for the signaling message.
  • a stream attribute field may be included in the internet protocol packet.
  • the stream attribute field is used to identify that the internet protocol packet belongs to a stream and not to other streams.
  • the stream attribute fields may be different in different scenarios. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field.
  • the hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs.
  • the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
  • the third software code is used to determine whether the internet protocol packet contains a stream attribute field.
  • the stream attribute determination field may assign a value to the variable of the third software code, thereby enabling the third software code to determine whether the internet protocol packet corresponding to a certain type of tunneling protocol includes a stream attribute field.
  • the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet.
  • the stream attribute determination field may include an offset subfield, a length subfield, and a value subfield. The offset subfield is used to define the starting position of the stream attribute identification field in the tunneling protocol header.
  • the length subfield is used to define the length of the stream attribute identification field.
  • the offset subfield in the field can be determined based on the stream attribute.
  • the length subfield extracting the stream attribute identification field from the tunnel protocol header. By comparing whether the stream attribute identifier field and the value attribute subfield in the stream attribute judgment field are equal, it is possible to judge whether the internet protocol packet includes the stream attribute field.
  • the flow attribute identifier field is the protocol type field in the tunnel protocol header.
  • the protocol type field is 0x0800
  • the passenger message in the internet protocol packet contains the stream attribute field, that is, the source internet protocol address field and the destination internet protocol address field.
  • the offset subfield and the length subfield in the stream attribute judgment field corresponding to the protocol type field are 16 and 16, respectively, and the unit is a bit.
  • the offset subfield in the stream attribute determination field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunneling protocol header is 16 bits.
  • the value subfield in the stream attribute judgment field is 0x0800.
  • the Internet Protocol packet when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, it is not necessary to include a flow attribute judgment field in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

An embodiment of the invention provides a method for forwarding a message. The method comprises: receiving an Internet protocol packet, the Internet protocol packet comprising an Internet protocol header of a public network, a tunnel protocol header and a tunnel protocol identifier field; searching for a first table entry in which a tunnel protocol judgment field is matched with the tunnel protocol identifier field in a Hash control table according to the tunnel protocol identifier field; extracting a Hash factor from the Internet protocol packet according to a Hash factor extraction field of the first table entry; performing a Hash operation according to the Hash factor; and determining a physical output interface used for forwarding the Internet protocol packet according to a result of the Hash operation. Moreover, also provided are an apparatus for forwarding a message, and a method for generating a table entry and an apparatus for generating a table entry. Through the method for forwarding a message, the method for generating a table entry, the apparatus for forwarding a message and the apparatus for generating a table entry, the technical problem that software codes occupy a large storage space because different software codes used for extracting a factor for performing a Hash operation are required to be developed for different tunnel protocols can be solved.

Description

一种转发报文的方法、 生成表项的方法及装置 技术领域 本发明实施例涉及通信技术, 尤其涉及一种转发报文的方法、 生成表 项的方法及装置。  TECHNICAL FIELD The present invention relates to a communication technology, and in particular, to a method for forwarding a message, and a method and an apparatus for generating a table.
背景技术 隧道协议已广泛应用于通信领域, 比较典型的隧道协议包括通用路由 封装 ( Generic Routing Encapsulation, GRE )协议、 第二层隧道协议 ( Layer 2 Tunneling Protocol, L2TP )等。 相应的隧道协议报文包括 GRE协议报文、 L2TP报文等。 隧道协议报文包括隧道协议头以及数据。 可以通过增加网际 协议( Internet Protocol )头的方式将隧道协议 4艮文封装为网际协议分组。 网 际协议分组可以在因特网上传输。 The tunneling protocol has been widely used in the field of communications. Typical tunneling protocols include the Generic Routing Encapsulation (GRE) protocol and the Layer 2 Tunneling Protocol (L2TP). The corresponding tunnel protocol packets include GRE protocol packets and L2TP packets. The tunnel protocol packet includes the tunnel protocol header and data. The tunneling protocol can be encapsulated into an internet protocol packet by adding an Internet Protocol header. The internet protocol packet can be transmitted over the Internet.
为实现负载分担, 对网际协议分组进行转发前, 可以将网际协议头中 的五元组作为哈希因子执行哈希运算, 并根据哈希运算的结果确定进行转 发的物理出接口。 当五元组哈希的粒度不够时, 可以通过软件代码对网际 协议分组的隧道协议头进行解析并从隧道协议头中提取进行哈希运算的因 子, 进而解决五元组粒度不够的问题。 其中, 五元组分别是网际协议头中 的协议字段、 源地址字段、 目的地址字段、用户数据报协议(User Datagram Protocol ) 头中的源端口字段以及目的端口字段。  To implement load balancing, before the Internet Protocol packet is forwarded, the quintuple in the Internet Protocol header can be hashed as a hash factor, and the physical outgoing interface to be forwarded can be determined according to the result of the hash operation. When the granularity of the quintuple hash is not enough, the tunnel protocol header of the Internet Protocol packet can be parsed by the software code and the factor of performing the hash operation is extracted from the tunnel protocol header, thereby solving the problem that the quintuple granularity is insufficient. The quintuple is a protocol field, a source address field, a destination address field, a source port field and a destination port field in a User Datagram Protocol header, respectively, in the Internet Protocol Header.
发明人发现, 现有技术存在以下问题:  The inventors have found that the prior art has the following problems:
针对不同的隧道协议, 需要开发不同的用于提取进行哈希运算的因子 的软件代码, 占用的存储空间较多。  For different tunneling protocols, it is necessary to develop different software codes for extracting the factors for hashing, which occupies more storage space.
发明内容 Summary of the invention
本发明实施例提供一种网络地址查找方法和装置, 可以解决针对不同 的隧道协议, 需要开发不同的用于提取进行哈希运算的因子的软件代码, 占用的存储空间较多的问题。 一方面, 本发明实施例提供的一种转发报文的方法, 包括: The embodiment of the invention provides a network address searching method and device, which can solve the problem that different software protocols for extracting the hashing factor need to be developed for different tunneling protocols, and occupying more storage space. In one aspect, a method for forwarding a packet according to an embodiment of the present invention includes:
接收网际协议分组, 该网际协议分组包含公网网际协议头以及隧道协 议头, 该网际协议分组包含隧道协议标识字段, 该隧道协议标识字段用于 标识该网际协议分组的隧道协议;  Receiving an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunneling protocol header, where the internet protocol packet includes a tunneling protocol identifier field, where the tunneling protocol identifier field is used to identify a tunneling protocol of the internet protocol packet;
根据该隧道协议标识字段, 在哈希控制表中查找隧道协议判断字段与 该隧道协议标识字段匹配的第一表项, 该哈希控制表的表项包括隧道协议 判断字段以及哈希因子提取字段;  And searching, in the hash control table, a first entry that matches the tunnel protocol determination field and the tunnel protocol identifier field, where the entry of the hash control table includes a tunnel protocol determination field and a hash factor extraction field. ;
根据该第一表项的哈希因子提取字段, 从该网际协议分组中提取哈希 因子;  Extracting a hash factor from the internet protocol packet according to the hash factor extraction field of the first entry;
根据该哈希因子执行哈希运算;  Performing a hash operation according to the hash factor;
根据该哈希运算的结果确定用于转发该网际协议分组的物理出接口; 根据该物理出接口转发该网际协议分组。  Determining, according to a result of the hash operation, a physical outbound interface for forwarding the internet protocol packet; forwarding the internet protocol packet according to the physical outbound interface.
另一方面, 本发明实施例提供的一种转发报文的装置, 包括: 接收器, 用于接收网际协议分组, 该网际协议分组包含公网网际协议 头以及隧道协议头, 该网际协议分组包含隧道协议标识字段, 该隧道协议 标识字段用于标识该网际协议分组的隧道协议;  On the other hand, an apparatus for forwarding a message according to an embodiment of the present invention includes: a receiver, configured to receive an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the internet protocol packet includes a tunneling protocol identifier field, where the tunneling protocol identifier field is used to identify a tunneling protocol of the internet protocol packet;
查找单元, 用于根据该隧道协议标识字段, 在哈希控制表中查找隧道 协议判断字段与该隧道协议标识字段匹配的第一表项, 该哈希控制表的表 项包括隧道协议判断字段、 信令报文判断字段以及哈希因子提取字段; 提取单元, 用于根据该第一表项的哈希因子提取字段, 从该网际协议 分组中提取哈希因子;  a searching unit, configured to search, in the hash control table, a first entry that matches a tunneling protocol determination field and the tunneling protocol identifier field according to the tunneling protocol identifier field, where the entry of the hash control table includes a tunneling protocol determining field, a signaling message judgment field and a hash factor extraction field; an extracting unit, configured to extract a hash factor from the internet protocol packet according to the hash factor extraction field of the first entry;
执行单元, 用于根据该哈希因子执行哈希运算;  An execution unit, configured to perform a hash operation according to the hash factor;
确定单元, 用于根据该哈希运算的结果确定用于转发该网际协议分组 的物理出接口;  a determining unit, configured to determine, according to a result of the hash operation, a physical outbound interface for forwarding the internet protocol packet;
发送器, 用于根据该物理出接口转发该网际协议分组。  a transmitter, configured to forward the internet protocol packet according to the physical outbound interface.
又一方面, 本发明实施例提供的一种生成表项的方法, 包括: 生成哈希控制表的表项, 该表项包括隧道协议判断字段以及哈希因子 提取字段, 该隧道协议判断字段用于判断网际协议分组的隧道协议标识字 段是否与该隧道协议判断字段匹配, 该网际协议分组包含公网网际协议头 以及隧道协议头, 该隧道协议标识字段用于标识该网际协议分组的隧道协 以便于在该隧道协议标识字段与该隧道协议判断字段匹配的情况下, 该软 件代码从该网际协议分组中提取哈希因子。 In another aspect, a method for generating an entry provided by the embodiment of the present invention includes: Generating an entry of a hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunneling protocol determination field is configured to determine whether a tunneling protocol identifier field of the internet protocol packet matches the tunneling protocol determination field, The internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify a tunnel association of the internet protocol packet, so that the tunnel protocol identifier field matches the tunnel protocol determination field, the software The code extracts a hash factor from the internet protocol packet.
再一方面, 本发明实施例提供的一种生成表项的装置, 包括: 表项生成单元, 用于生成哈希控制表的表项, 该表项包括隧道协议判 断字段以及哈希因子提取字段, 该隧道协议判断字段用于判断网际协议分 组的隧道协议标识字段是否与该隧道协议判断字段匹配, 该网际协议分组 包含公网网际协议头以及隧道协议头, 该隧道协议标识字段用于标识该网 际协议分组的隧道协议, 该哈希因子提取字段用于为第二软件代码的变量 赋值;  In another aspect, an apparatus for generating an entry according to an embodiment of the present invention includes: an entry generating unit, configured to generate an entry of a hash control table, where the entry includes a tunnel protocol determination field and a hash factor extraction field. The tunnel protocol determination field is configured to determine whether the tunnel protocol identifier field of the internet protocol packet matches the tunnel protocol determination field, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify the tunnel protocol identifier field. a tunneling protocol for internet protocol grouping, the hash factor extraction field is used to assign a value to a variable of the second software code;
第一赋值单元, 用于根据该哈希因子提取字段为用于提取哈希因子的 软件代码的变量赋值, 以便于在该隧道协议标识字段与该隧道协议判断字 段匹配的情况下, 该软件代码从该网际协议分组中提取哈希因子。  a first assignment unit, configured to assign a value to a variable of the software code for extracting the hash factor according to the hash factor extraction field, so that the software code is used when the tunneling protocol identification field matches the tunneling protocol determination field A hash factor is extracted from the internet protocol packet.
综上所述, 本发明实施例提供的转发报文的方法、 转发报文的装置、 生成表项的方法以及生成表项的装置均涉及到哈希控制表。 哈希控制表的 表项包括隧道协议判断字段以及哈希因子提取字段。 根据隧道协议判断字 段, 可以在哈希控制表中查找到与网际协议分组匹配的表项。 该表项与某 一隧道协议对应。 根据哈希因子提取字段, 可以从网际协议分组中提取出 进行哈希运算的因子。 也就是说哈希控制表的表项中的哈希因子提取字段 可以为用于提取哈希因子的软件代码的变量赋值, 从而使该软件代码可以 从釆用哈希控制表的表项对应的隧道协议的网际协议分组中提取出进行哈 希运算的因子。 可见, 通过本发明实施例提供的转发报文的方法、 生成表项的方法及 装置, 可以解决针对不同的隧道协议, 需要开发不同的用于提取进行哈希 运算的因子的软件代码, 占用的存储空间较多的问题。 In summary, the method for forwarding a message, the device for forwarding a message, the method for generating an entry, and the device for generating a table provided by the embodiments of the present invention all relate to a hash control table. The entries of the hash control table include a tunnel protocol decision field and a hash factor extraction field. According to the tunnel protocol judgment field, an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunneling protocol. According to the hash factor extraction field, the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table. The factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. It can be seen that, by using the method for forwarding a packet and the method and device for generating an entry provided by the embodiment of the present invention, it is possible to solve different software protocols for extracting a factor for performing hash operation for different tunnel protocols, and occupying A problem with more storage space.
附图说明 为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对 实施例或现有技术描述中所需要使用的附图作一简单地介绍, 显而易见地, 下面描述中的附图是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性劳动的前提下, 还可以根据这些附图获得其他的附图。 BRIEF DESCRIPTION OF THE DRAWINGS In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, a brief description of the drawings used in the embodiments or the prior art description will be briefly described below. The drawings are some embodiments of the present invention, and those skilled in the art can obtain other drawings based on these drawings without any creative work.
图 1是本发明实施例提供的转发报文的方法的流程图;  1 is a flowchart of a method for forwarding a message according to an embodiment of the present invention;
图 2是本发明实施例提供的转发报文的装置的示意图;  2 is a schematic diagram of an apparatus for forwarding a message according to an embodiment of the present invention;
图 3是本发明实施例提供的生成表项的方法的流程图;  3 is a flowchart of a method for generating an entry according to an embodiment of the present invention;
图 4是本发明实施例提供的生成表项的装置的示意图。  FIG. 4 is a schematic diagram of an apparatus for generating an entry according to an embodiment of the present invention.
具体实施方式 为使本发明实施例的目的、 技术方案和优点更加清楚, 下面将结合本 发明实施例中的附图, 对本发明实施例中的技术方案进行清楚、 完整地描 述, 显然, 所描述的实施例是本发明一部分实施例, 而不是全部的实施例。 基于本发明中的实施例, 本领域普通技术人员在没有作出创造性劳动前提 下所获得的所有其他实施例, 都属于本发明保护的范围。 The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. The embodiments are a part of the embodiments of the invention, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
实施例一:  Embodiment 1:
本发明实施例提供了一种转发报文的方法, 可以用于需要进行哈希运 算的场景。例如路由器对隧道协议为 GRE协议的网际协议分组进行转发时, 根据本发明实施例提供的转发报文的方法, 可以从该网际协议分组中获得 哈希因子, 进而进行哈希运算。 参见图 1 , 图 1是本发明实施例提供的转发 才艮文的方法的流程图, 该方法包括:  The embodiment of the invention provides a method for forwarding a message, which can be used in a scenario in which hash operation is required. For example, when the router forwards the Internet Protocol packet with the GRE protocol, the method for forwarding the packet according to the embodiment of the present invention may obtain a hash factor from the Internet Protocol packet, and then perform a hash operation. Referring to FIG. 1 , FIG. 1 is a flowchart of a method for forwarding a certificate according to an embodiment of the present invention, where the method includes:
101 : 接收网际协议分组, 该网际协议分组包含公网网际协议头以及隧 道协议头。 该网际协议分组包含隧道协议标识字段。 该隧道协议标识字段 用于标识该网际协议分组的隧道协议。 101: Receive an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header. The internet protocol packet contains a tunneling protocol identification field. The tunnel protocol identification field A tunneling protocol used to identify the internet protocol packet.
具体实现时, 网际协议分组的网际协议可以是网际协议版本 4, 或者网 际协议版本 6。 隧道协议头可以是 GRE协议头, 或者 L2TP头。 接收网际 协议分组的网络设备可以是路由器。  In specific implementation, the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6. The tunnel protocol header can be a GRE protocol header, or an L2TP header. The network device receiving the internet protocol packet can be a router.
在网际协议为网际协议版本 4 的场景下, 隧道协议标识字段可以是公 网网际协议头中的协议(Protocol )字段。 例如, 当协议字段为 37时, 网际 协议分组的隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 4, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. For example, when the protocol field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的协议字段时, 隧道协议 标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字段。 例如, 当协议字段为 17, 且源端口字段或者目的端口字段为 1701时, 网际 协议分组的隧道协议是 L2TP。  When the tunneling protocol identification field includes a protocol field in the public network protocol header, the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header. For example, when the protocol field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
在网际协议为网际协议版本 6 的场景下, 隧道协议标识字段可以是公 网网际协议头中的下一个头(Next header )字段。 例如, 当下一个头字段为 37时, 网际协议分组的隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 6, the tunnel protocol identifier field may be the Next header field in the public network protocol header. For example, when the next header field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的下一个头字段时, 隧道 协议标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字 段。 例如, 当下一个头字段为 17, 且源端口字段或者目的端口字段为 1701 时, 网际协议分组的隧道协议是 L2TP。  When the tunneling protocol identification field includes the next header field in the public network internet protocol header, the tunneling protocol identification field may also include a source port field or a destination port field in the user datagram protocol header. For example, when the next header field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
102: 根据该隧道协议标识字段, 在哈希控制表中查找隧道协议判断字 段与该隧道协议标识字段匹配的第一表项。 该哈希控制表的表项包括隧道 协议判断字段以及哈希因子提取字段。  Step 102: Search, according to the tunnel protocol identifier field, a first entry in the hash control table that matches the tunnel protocol determination field and the tunnel protocol identifier field. The entries of the hash control table include a tunnel protocol decision field and a hash factor extraction field.
具体实现时, 可以通过嵌入式系统开发环境生成哈希控制表, 例如美 国风河系统公司 ( Wind River System Inc. )提供的 VxWorks。 另夕卜, 用户也 可以通过在控制台输入命令行的方式更新哈希控制表, 包括增加或者删除 哈希控制表的表项。 哈希控制表可以存储在位于转发平面的存储空间。 例 如, 哈希控制表可以存储在位于路由器转发平面的同步动态随机存储器 ( Synchronous Dynamic Random Access Memory ) 。 In the specific implementation, a hash control table can be generated through the embedded system development environment, such as VxWorks provided by Wind River System Inc. In addition, the user can also update the hash control table by inputting a command line at the console, including adding or deleting an entry of the hash control table. The hash control table can be stored in the storage space located on the forwarding plane. For example, the hash control table can be stored in a synchronous dynamic random access memory located on the forwarding plane of the router. (Synchronous Dynamic Random Access Memory).
哈希控制表可以包括一个表项或者多个表项。 当哈希控制表包括多个 表项时, 可以通过遍历多个表项的方式查找第一表项。 第一表项的隧道协 议判断字段等于网际协议分组的隧道协议标识字段。  The hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, the first entry can be found by traversing multiple entries. The tunneling protocol judgment field of the first entry is equal to the tunneling protocol identification field of the internet protocol packet.
在网际协议分组的隧道协议是 GRE协议的场景下, 隧道协议标识字段 可以是公网网际协议头中的协议字段。 第一表项中与协议字段对应的隧道 协议判断字段为 37。  In the scenario where the tunneling protocol of the Internet Protocol packet is the GRE protocol, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. The tunnel protocol judgment field corresponding to the protocol field in the first entry is 37.
在网际协议分组的隧道协议是 L2TP的场景下,除了公网网际协议头中 的协议字段, 隧道协议标识字段还包括用户数据报协议头中的源端口字段 或者目的端口字段。 第一表项中与公网网际协议头中协议字段对应的隧道 协议判断字段为 17 , 第一表项中与用户数据报协议头中源端口字段或者目 的端口字段对应的隧道协议判断字段为 1701。  In the scenario where the tunnel protocol of the Internet Protocol packet is L2TP, in addition to the protocol field in the public network protocol header, the tunnel protocol identifier field further includes a source port field or a destination port field in the header of the user datagram protocol. The tunnel protocol judgment field corresponding to the protocol field in the header of the public network protocol header in the first entry is 17 , and the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701 in the first entry. .
103: 根据该第一表项的哈希因子提取字段, 从该网际协议分组中提取 哈希因子。 其中, 偏移子字段用于定义哈希因子在网际协议分组中的起始位置; 长度 子字段用于定义哈希因子的长度。 因此, 可以根据哈希因子提取字段中的 偏移子字段以及长度子字段, 从网际协议分组中提取出哈希因子。  103: Extract a hash factor from the internet protocol packet according to the hash factor extraction field of the first entry. The offset subfield is used to define the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the length of the hash factor. Therefore, the hash factor can be extracted from the internet protocol packet according to the offset subfield and the length subfield in the hash factor extraction field.
当网际协议分组的隧道协议为 GRE协议时, 第一表项可以包括 2个哈 希因子提取字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度 子字段。 其中, 与乘客报文中的源网际协议地址字段对应的哈希因子提取 希因子提取字段中的偏移子字段为 20表示哈希因子相对于隧道协议头的第 一个比特的偏移量为 20字节。 与乘客报文中的目的网际协议地址字段对应 位为字节。 哈希因子提取字段中的偏移子字段为 24表示哈希因子相对于隧 道协议头的第一个比特的偏移量为 24字节。 When the tunneling protocol of the internet protocol packet is the GRE protocol, the first entry may include two hash factor extraction fields. Each hash factor extraction field may include an offset subfield and a length subfield. The offset subfield in the hash factor extraction factor extraction field corresponding to the source internet protocol address field in the passenger message is 20, indicating that the offset of the hash factor relative to the first bit of the tunnel protocol header is 20 bytes. The bit corresponding to the destination internet protocol address field in the passenger message is byte. The offset subfield in the hash factor extraction field is 24 to indicate the hash factor relative to the tunnel. The offset of the first bit of the track protocol header is 24 bytes.
当网际协议分组的隧道协议为 L2TP时,第一表项可以包括 2个哈希因 子提取字段。 2个哈希因子提取字段分别对应会话身份(Session ID )字段 以及隧道身份(Tunnel ID )字段。 每个哈希因子提取字段都可以包括偏移 子字段以及长度子字段。其中,与 Session ID字段对应的哈希因子提取字段 中的偏移子字段以及长度子字段可以分别是 6和 2, 单位为字节。哈希因子 提取字段中的偏移子字段为 6表示哈希因子相对于隧道协议头的第一个比 特的偏移量为 6字节。与 Tunnel ID字段对应的哈希因子提取字段中的偏移 子字段以及长度子字段可以分别是 4和 2, 单位为字节。哈希因子提取字段 中的偏移子字段为 4表示哈希因子相对于隧道协议头的第一个比特的偏移 量为 4字节。  When the tunneling protocol of the Internet Protocol packet is L2TP, the first entry may include two hash factor extraction fields. The two hash factor extraction fields correspond to the Session ID field and the Tunnel ID field, respectively. Each hash factor extraction field can include an offset subfield and a length subfield. The offset subfield and the length subfield in the hash factor extraction field corresponding to the Session ID field may be 6 and 2, respectively, and the unit is byte. The offset subfield in the hash factor extraction field is 6 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 6 bytes. The offset subfield and the length subfield in the hash factor extraction field corresponding to the Tunnel ID field may be 4 and 2, respectively, in bytes. The offset subfield of 4 in the hash factor extraction field indicates that the hash factor has an offset of 4 bytes from the first bit of the tunnel protocol header.
104: 根据该哈希因子执行哈希运算。  104: Perform a hash operation according to the hash factor.
具体实现时, 可以仅根据步骤 103得到的哈希因子执行哈希运算; 也 可以将步骤 103得到的哈希因子以及五元组作为执行哈希运算所需的全部 哈希因子, 执行哈希运算。  In a specific implementation, the hash operation may be performed only according to the hash factor obtained in step 103. The hash factor and the quintuple obtained in step 103 may be used as all hash factors required for performing the hash operation, and the hash operation is performed. .
当网际协议分组的隧道协议为 GRE协议时, 执行步骤 103可以得到乘 道协议为 L2TP时, 执行步骤 103可以得到隧道协议头中的 Tunnel ID以及 Session ID。  When the tunneling protocol of the Internet Protocol packet is the GRE protocol, if the channel protocol is obtained as the L2TP, the step 103 can obtain the tunnel ID and the session ID in the tunneling protocol header.
105: 根据该哈希运算的结果确定用于转发该网际协议分组的物理出接 口。  105: Determine, according to a result of the hash operation, a physical outbound interface for forwarding the internet protocol packet.
106: 根据该物理出接口转发该网际协议分组。 项包括隧道协议判断字段以及哈希因子提取字段。 根据隧道协议判断字段, 可以在哈希控制表中查找到与网际协议分组匹配的表项。 该表项与某一隧 道协议对应。 根据哈希因子提取字段, 可以从网际协议分组中提取出进行 哈希运算的因子。 也就是说哈希控制表的表项中的哈希因子提取字段可以 为用于提取哈希因子的软件代码的变量赋值, 从而使该软件代码可以从釆 用哈希控制表的表项对应的隧道协议的网际协议分组中提取出进行哈希运 算的因子。 因此, 本发明实施例提供的方法, 解决了现有技术中, 针对不 同的隧道协议, 需要开发不同的用于提取进行哈希运算的因子的软件代码, 占用的存储空间较多的技术问题。 106: Forward the internet protocol packet according to the physical outbound interface. The entry includes a tunneling protocol decision field and a hash factor extraction field. According to the tunnel protocol judgment field, an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunneling protocol. Extracting fields based on hash factors, which can be extracted from the internet protocol grouping The factor of the hash operation. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table. The factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the method provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation needs to be developed for the different tunnel protocols in the prior art, and the storage space occupied is large.
可选的,  Optional,
该在哈希控制表中查找隧道协议判断字段与该隧道协议标识字段匹配 的第一表项之后, 并且该从该网际协议分组中提取哈希因子之前包括: 根据该第一表项的信令报文判断字段, 对该网际协议分组是否是信令 报文进行判断;  After the first entry matching the tunnel protocol determination field and the tunnel protocol identifier field is found in the hash control table, and the hash factor is extracted from the internet protocol packet, the method includes: signaling according to the first entry a message judgment field, determining whether the internet protocol packet is a signaling message;
当判断结果为否时, 执行该从该网际协议分组中提取哈希因子。  When the judgment result is no, the extraction of the hash factor from the internet protocol packet is performed.
具体实现时, 网际协议分组中的隧道协议头中可以包括信令 ^艮文标识 字段。 信令报文标识字段用于标识网际协议分组是否为信令报文。 例如, 在网际协议分组的隧道协议为 L2TP的场景下,隧道协议头中的类型( type ) 字段为信令报文标识字段。 当类型字段为 0时, 网际协议分组为数据报文; 当类型字段为 1时, 网际协议分组为信令报文。  In a specific implementation, the tunneling protocol header in the internet protocol packet may include a signaling identifier field. The signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet. For example, in a scenario where the tunnel protocol of the Internet Protocol packet is L2TP, the type field in the tunnel protocol header is a signaling message identification field. When the type field is 0, the Internet Protocol packet is a data message; when the Type field is 1, the Internet Protocol packet is a signaling message.
信令报文判断字段可以包括偏移子字段、 长度子字段以及值子字段。 信令报文判断字段中的偏移子字段用于定义信令报文标识字段在隧道协议 头中的起始位置。 信令报文判断字段中的长度子字段用于定义信令报文标 识字段的长度。 因此, 可以根据信令报文判断字段中的偏移子字段以及长 度子字段, 从隧道协议头中提取出信令报文标识字段。 通过比较信令报文 标识字段与信令报文判断字段中的值子字段是否相等, 可以对网际协议分 组是否是信令报文进行判断。  The signaling message determination field may include an offset subfield, a length subfield, and a value subfield. The offset subfield in the signalling message judgment field is used to define the starting position of the signaling message identification field in the tunnel protocol header. The length subfield in the Signaling Message Judgment field is used to define the length of the signaling message identification field. Therefore, the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing the signaling packet identifier field with the value subfield in the signaling packet judgment field, it is possible to determine whether the internet protocol packet is a signaling packet.
隧道协议头中的信令报文标识字段可以将网际协议分组标识为信令报 文, 也可以将网际协议分组标识为数据报文。 在信令报文判断字段中的值 子字段等于信令报文对应的信令报文标识字段的场景下, 如果信令报文标 识字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为 信令报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相 等, 则表明该网际协议分组不是信令报文。 在信令报文判断字段中的值子 字段等于数据报文对应的信令报文标识字段的场景下, 如果信令报文标识 字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为数 据报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相等, 则表明该网际协议分组不是数据报文。 The signaling packet identifier field in the tunnel protocol header may identify the Internet Protocol packet as a signaling packet, or may identify the Internet Protocol packet as a data packet. The value in the signaling message judgment field If the subfield is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, it indicates that the internet protocol packet is a signaling report. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield in the signal packet judgment field is equal to the signal packet identifier field corresponding to the data packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
当网际协议分组的隧道协议为 L2TP协议时,第一表项中的信令报文判 断字段可以包括偏移子字段、 长度子字段以及值子字段。 其中, 偏移子字 段以及长度子字段可以分别是 0和 1。信令报文判断字段中的值子字段可以 是 1 , 也可以是 0。 在信令报文判断字段中的值子字段是 1的场景下, 如果 信令报文标识字段与信令报文判断字段中的值子字段相等, 则表明网际协 议分组为信令报文; 如果信令报文标识字段与信令报文判断字段中的值子 字段不相等, 则表明网际协议分组不是信令报文。 在信令报文判断字段中 的值子字段是 0 的场景下, 如果信令报文标识字段与信令报文判断字段中 的值子字段相等, 则表明网际协议分组为数据报文; 如果信令报文标识字 段与信令报文判断字段中的值子字段不相等, 则表明网际协议分组不是数 据报文。  When the tunneling protocol of the Internet Protocol packet is the L2TP protocol, the signaling packet judgment field in the first entry may include an offset subfield, a length subfield, and a value subfield. The offset subfield and the length subfield can be 0 and 1, respectively. The value subfield in the signalling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a data packet. The signaling packet identifier field is not equal to the value subfield in the signaling packet judgment field, indicating that the internet protocol packet is not a data packet.
需要说明的是,隧道协议为 GRE协议的网际协议分组不存在信令报文, 因此, 与 GRE协议对应的哈希控制表的表项中不需要具备信令报文判断字 段。  It should be noted that there is no signaling packet in the inter-network protocol packet of the GRE protocol. Therefore, the signaling control table entry corresponding to the GRE protocol does not need to have a signaling packet judgment field.
可选的, 在网际协议版本 4 的场景下, 该隧道协议标识字段为该公网 网际协议头中的协议字段。  Optionally, in the scenario of the Internet Protocol version 4, the tunneling protocol identifier field is a protocol field in the public network protocol header of the public network.
可选的, 在网际协议版本 6 的场景下, 该隧道协议标识字段为该公网 网际协议头中的下一个头字段。 可选的, 该隧道协议标识字段还包括该公网网际协议头中的源端口字 段或目的端口字段。 Optionally, in the scenario of the Internet Protocol version 6, the tunnel protocol identifier field is the next header field in the public network protocol header of the public network. Optionally, the tunnel protocol identifier field further includes a source port field or a destination port field in the public network protocol header of the public network.
可选的, 该根据该第一表项的信令报文判断字段, 对该网际协议分组 是否是信令报文进行判断包括: 道协议头中的信令报文标识字段, 该信令报文标识字段用于标识该网际协 议分组是否为信令报文, 该信令报文判断字段中的偏移子字段用于定义该 信令报文标识字段在该隧道协议头中的起始位置, 该信令报文判断字段中 的长度子字段用于定义该信令报文标识字段的长度;  Optionally, the determining, according to the signaling packet judgment field of the first entry, the determining whether the internet protocol packet is a signaling packet includes: a signaling packet identifier field in a channel protocol header, the signaling packet The identifier field is used to identify whether the internet protocol packet is a signaling packet, and the offset subfield in the signaling packet determination field is used to define a starting position of the signaling packet identifier field in the tunnel protocol header. The length subfield in the signaling message judgment field is used to define the length of the signaling packet identifier field;
通过比较该信令报文标识字段与该信令报文判断字段中的值子字段是 否相等, 对该网际协议分组是否是信令报文进行判断。  By comparing whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, whether the internet protocol packet is a signaling packet is determined.
可选的, 该根据该第一表项的哈希因子提取字段, 从该网际协议分组 中提取哈希因子包括: 协议分组中提取该哈希因子, 该哈希因子提取字段中的偏移子字段用于定 义该哈希因子在该网际协议分组中的起始位置, 该哈希因子提取字段中的 长度子字段用于定义该哈希因子的长度。  Optionally, the hash factor is extracted according to the hash factor of the first entry, and extracting the hash factor from the internet protocol packet includes: extracting the hash factor in the protocol packet, and extracting the offset in the field by the hash factor The field is used to define a starting position of the hash factor in the internet protocol packet, and the length subfield in the hash factor extraction field is used to define the length of the hash factor.
可选的,  Optional,
该在哈希控制表中查找隧道协议判断字段与该隧道协议标识字段匹配 的第一表项之后, 并且从该网际协议分组中提取哈希因子之前包括:  After the first entry matching the tunnel protocol determination field and the tunnel protocol identification field in the hash control table, and extracting the hash factor from the internet protocol packet, the method includes:
根据该第一表项的流属性判断字段, 对该网际协议分组是否包含流属 性字段进行判断;  Determining, according to the flow attribute judgment field of the first entry, whether the internet protocol packet includes a flow attribute field;
当判断结果为是时, 执行该从该网际协议分组中提取哈希因子, 该哈 希因子为该流属性字段。  When the judgment result is YES, the hash factor is extracted from the internet protocol packet, and the hash factor is the stream attribute field.
具体实现时, 网际协议分组中可以包括流属性字段。 流属性字段用于 标识该网际协议分组属于某个流, 而不属于其他流。 在不同的场景下, 流 属性字段可能不同。 例如, 当网际协议分组的隧道协议为 L2TP时, 流属性 字段为隧道协议头中的 Session ID字段以及 Tunnel ID字段; 当网际协议分 组的隧道协议为 GRE协议时, 流属性字段为乘客 ^艮文中的源网际协议地址 字段以及目的网际协议地址字段。 以流属性字段为哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会发生乱序。 因此, 根据哈 希因子提取字段, 从网际协议分组中提取出流属性字段, 以流属性字段为 哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会 发生乱序。 In a specific implementation, a stream attribute field may be included in the internet protocol packet. The stream attribute field is used to identify that the internet protocol packet belongs to a stream and does not belong to other streams. In different scenarios, flow The attribute fields may be different. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field. The hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs. Therefore, according to the hash factor extraction field, the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
流属性判断字段用于对网际协议分组是否包含流属性字段进行判断。 具体实现时, 网际协议分组的隧道协议头中可以包括流属性标识字段, 该 流属性标识字段用于标识该网际协议分组中是否包含流属性字段。 流属性 判断字段可以包括偏移子字段、 长度子字段以及值子字段。 偏移子字段用 于定义流属性标识字段在隧道协议头中的起始位置。 长度子字段用于定义 流属性标识字段的长度。 因此, 可以根据流属性判断字段中的偏移子字段 以及长度子字段, 从隧道协议头中提取出流属性标识字段。 通过比较流属 性标识字段与流属性判断字段中的值子字段是否相等, 可以对网际协议分 组是否包含流属性字段进行判断。  The stream attribute judgment field is used to judge whether the internet protocol packet contains a stream attribute field. In a specific implementation, the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet. The stream attribute judgment field may include an offset subfield, a length subfield, and a value subfield. The offset subfield is used to define the starting position of the stream attribute identification field in the tunnel protocol header. The Length subfield is used to define the length of the stream attribute identification field. Therefore, the flow attribute identification field can be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the flow attribute judgment field. By comparing whether the flow attribute field and the value sub-field in the flow attribute judgment field are equal, it is possible to judge whether the Internet Protocol packet contains the flow attribute field.
在网际协议分组的隧道协议为 GRE协议的场景下, 流属性标识字段为 隧道协议头中的协议类型( Protocol Type )字段。 当协议类型字段为 0x0800 时, 网际协议分组中的乘客报文包含流属性字段, 即源网际协议地址字段 以及目的网际协议地址字段。 与协议类型字段对应的流属性判断字段中偏 移子字段以及长度子字段分别是 16和 16, 单位为比特。 流属性判断字段中 的偏移子字段为 16表示流属性标识字段相对于隧道协议头的第一个比特的 偏移量为 16比特。 流属性判断字段中值子字段为 0x0800。  In the scenario where the tunnel protocol of the Internet Protocol packet is GRE, the flow attribute identifier field is the Protocol Type field in the tunnel protocol header. When the protocol type field is 0x0800, the passenger message in the Internet Protocol packet contains the stream attribute field, that is, the source internet protocol address field and the destination internet protocol address field. The offset subfield and the length subfield in the stream attribute judgment field corresponding to the protocol type field are 16 and 16, respectively, and the unit is a bit. The offset subfield in the stream attribute judgment field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunnel protocol header is 16 bits. The value subfield in the stream attribute judgment field is 0x0800.
需要说明的是, 当隧道协议为 L2TP的网际协议分组为数据报文时, 该 网际协议分组必然具有流属性字段,即 Session ID字段以及 Tunnel ID字段。 因此,与隧道协议为 L2TP的网际协议分组对应的哈希控制表的表项中不需 要包含流属性判断字段。 It should be noted that when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, the flow attribute determination field does not need to be included in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
实施例二:  Embodiment 2:
本发明实施例提供了一种转发报文的装置, 可以用于需要进行哈希运 算的场景。例如路由器对隧道协议为 GRE协议的网际协议分组进行转发时, 根据本发明实施例提供的转发报文的装置, 可以从该网际协议分组中获得 哈希因子, 进而进行哈希运算。 参见图 2, 图 2是本发明实施例提供的转发 报文的装置的示意图, 该装置包括:  The embodiment of the invention provides a device for forwarding a message, which can be used in a scenario in which hash operation is required. For example, when the router forwards the Internet Protocol packet with the GRE protocol, the device that forwards the packet according to the embodiment of the present invention may obtain a hash factor from the Internet Protocol packet, and then perform a hash operation. Referring to FIG. 2, FIG. 2 is a schematic diagram of an apparatus for forwarding a message according to an embodiment of the present invention, where the apparatus includes:
接收器 201 , 用于接收网际协议分组, 该网际协议分组包含公网网际协 议头以及隧道协议头。 该网际协议分组包含隧道协议标识字段。 该隧道协 议标识字段用于标识该网际协议分组的隧道协议。  The receiver 201 is configured to receive an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunnel protocol header. The internet protocol packet contains a tunneling protocol identification field. The tunnel protocol identification field is used to identify the tunneling protocol of the internet protocol packet.
具体实现时, 网际协议分组的网际协议可以是网际协议版本 4, 或者网 际协议版本 6。 隧道协议头可以是 GRE协议头, 或者 L2TP头。 接收网际 协议分组的网络设备可以是路由器。  In specific implementation, the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6. The tunnel protocol header can be a GRE protocol header, or an L2TP header. The network device receiving the internet protocol packet can be a router.
在网际协议为网际协议版本 4 的场景下, 隧道协议标识字段可以是公 网网际协议头中的协议字段。 例如, 当协议字段为 37时, 网际协议分组的 隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 4, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. For example, when the protocol field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的协议字段时, 隧道协议 标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字段。 例如, 当协议字段为 17, 且源端口字段或者目的端口字段为 1701时, 网际 协议分组的隧道协议是 L2TP。  When the tunneling protocol identification field includes a protocol field in the public network protocol header, the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header. For example, when the protocol field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
在网际协议为网际协议版本 6 的场景下, 隧道协议标识字段可以是公 网网际协议头中的下一个头字段。 例如, 当下一个头字段为 37时, 网际协 议分组的隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 6, the tunneling protocol identification field may be the next header field in the public network internet protocol header. For example, when the next header field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的下一个头字段时, 隧道 协议标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字 段。 例如, 当下一个头字段为 17, 且源端口字段或者目的端口字段为 1701 时, 网际协议分组的隧道协议是 L2TP。 When the tunnel protocol identifier field includes the next header field in the public network protocol header, the tunnel protocol identifier field may further include a source port field or a destination port word in the user datagram protocol header. Paragraph. For example, when the next header field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
查找单元 202, 用于根据该隧道协议标识字段, 在哈希控制表中查找隧 道协议判断字段与该隧道协议标识字段匹配的第一表项。 该哈希控制表的 表项包括隧道协议判断字段、 以及哈希因子提取字段。  The searching unit 202 is configured to search, in the hash control table, the first entry that matches the tunnel protocol determination field and the tunnel protocol identifier field according to the tunnel protocol identifier field. The entries of the hash control table include a tunneling protocol decision field, and a hash factor extraction field.
具体实现时, 可以通过嵌入式系统开发环境生成哈希控制表, 例如美 国风河系统公司提供的 VxWorks。 另外, 用户也可以通过在控制台输入命 令行的方式更新哈希控制表, 包括增加或者删除哈希控制表的表项。 哈希 控制表可以存储在位于转发平面的存储空间。 例如, 哈希控制表可以存储 在位于路由器转发平面的同步动态随机存储器。  In the specific implementation, a hash control table can be generated through the embedded system development environment, such as VxWorks provided by American Wind River Systems. In addition, the user can also update the hash control table by entering a command line at the console, including adding or deleting entries of the hash control table. The hash control table can be stored in the storage space located on the forwarding plane. For example, the hash control table can be stored in synchronous dynamic random access memory located at the router's forwarding plane.
哈希控制表可以包括一个表项或者多个表项。 当哈希控制表包括多个 表项时, 可以通过遍历多个表项的方式查找第一表项。 第一表项的隧道协 议判断字段等于网际协议分组的隧道协议标识字段。  The hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, the first entry can be found by traversing multiple entries. The tunneling protocol judgment field of the first entry is equal to the tunneling protocol identification field of the internet protocol packet.
在网际协议分组的隧道协议是 GRE协议的场景下, 隧道协议标识字段 可以是公网网际协议头中的协议字段。 第一表项中与协议字段对应的隧道 协议判断字段为 37。  In the scenario where the tunneling protocol of the Internet Protocol packet is the GRE protocol, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. The tunnel protocol judgment field corresponding to the protocol field in the first entry is 37.
在网际协议分组的隧道协议是 L2TP的场景下,除了公网网际协议头中 的协议字段, 隧道协议标识字段还包括用户数据报协议头中的源端口字段 或者目的端口字段。 第一表项中与公网网际协议头中协议字段对应的隧道 协议判断字段为 17, 第一表项中与用户数据报协议头中源端口字段或者目 的端口字段对应的隧道协议判断字段为 1701。  In the scenario where the tunnel protocol of the Internet Protocol packet is L2TP, in addition to the protocol field in the public network protocol header, the tunnel protocol identifier field further includes a source port field or a destination port field in the header of the user datagram protocol. The tunnel protocol judgment field corresponding to the protocol field in the header of the public network protocol header in the first entry is 17, and the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701 in the first entry. .
提取单元 203 , 用于根据该第一表项的哈希因子提取字段,从该网际协 议分组中提取哈希因子。 其中, 偏移子字段用于定义哈希因子在网际协议分组中的起始位置; 长度 子字段用于定义哈希因子的长度。 因此, 可以根据哈希因子提取字段中的 偏移子字段以及长度子字段, 从网际协议分组中提取出哈希因子。 The extracting unit 203 is configured to extract a hash factor from the internet protocol packet according to the hash factor extraction field of the first entry. The offset subfield is used to define the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the length of the hash factor. Therefore, you can extract the fields based on the hash factor The offset subfield and the length subfield extract a hash factor from the internet protocol packet.
当网际协议分组的隧道协议为 GRE协议时, 第一表项可以包括 2个哈 希因子提取字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度 子字段。 其中, 与乘客报文中的源网际协议地址字段对应的哈希因子提取 希因子提取字段中的偏移子字段为 20表示哈希因子相对于隧道协议头的第 一个比特的偏移量为 20字节。 与乘客报文中的目的网际协议地址字段对应 位为字节。 哈希因子提取字段中的偏移子字段为 24表示哈希因子相对于隧 道协议头的第一个比特的偏移量为 24字节。  When the tunneling protocol of the internet protocol packet is the GRE protocol, the first entry may include two hash factor extraction fields. Each hash factor extraction field can include an offset subfield and a length subfield. The offset subfield in the hash factor extraction factor extraction field corresponding to the source internet protocol address field in the passenger message is 20, indicating that the offset of the hash factor relative to the first bit of the tunnel protocol header is 20 bytes. The bit corresponding to the destination internet protocol address field in the passenger message is byte. The offset subfield in the hash factor extraction field is 24 indicating that the offset of the hash factor relative to the first bit of the tunnel protocol header is 24 bytes.
当网际协议分组的隧道协议为 L2TP时,第一表项可以包括 2个哈希因 字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度子字段。 其 字段可以分别是 6和 2, 单位为字节。哈希因子提取字段中的偏移子字段为 6 表示哈希因子相对于隧道协议头的第一个比特的偏移量为 6 字节。 与 以分别是 4和 2, 单位为字节。哈希因子提取字段中的偏移子字段为 4表示 哈希因子相对于隧道协议头的第一个比特的偏移量为 4字节。  When the tunneling protocol of the internet protocol packet is L2TP, the first entry may include two hash factor fields. Each hash factor extraction field may include an offset subfield and a length subfield. Its fields can be 6 and 2, respectively, in bytes. The offset subfield in the hash factor extraction field is 6 to indicate that the hash factor is offset from the first bit of the tunneling protocol header by 6 bytes. With to be 4 and 2, the unit is byte. The offset subfield in the hash factor extraction field is 4 indicating that the hash factor has an offset of 4 bytes from the first bit of the tunnel protocol header.
执行单元 204 , 用于根据该哈希因子执行哈希运算。  The executing unit 204 is configured to perform a hash operation according to the hash factor.
具体实现时, 可以仅根据提取单元 203得到的哈希因子执行哈希运算; 也可以将根据提取单元 203得到的哈希因子以及五元组作为执行哈希运算 所需的全部哈希因子, 执行哈希运算。  In a specific implementation, the hash operation may be performed only according to the hash factor obtained by the extracting unit 203. The hash factor and the quintuple obtained according to the extracting unit 203 may also be performed as all hash factors required to perform the hash operation. Hash operation.
当网际协议分组的隧道协议为 GRE协议时, 根据提取单元 203可以得 的隧道协议为 L2TP时,根据提取单元 203可以得到隧道协议头中的 Tunnel ID以及 Session ID。 When the tunneling protocol of the Internet Protocol packet is the GRE protocol, according to the tunneling protocol that can be obtained by the extracting unit 203, the tunneling protocol can obtain the tunnel in the tunneling protocol header according to the extracting unit 203. ID and Session ID.
确定单元 205 ,用于根据该哈希运算的结果确定用于转发该网际协议分 组的物理出接口。  The determining unit 205 is configured to determine, according to the result of the hash operation, a physical outbound interface for forwarding the internet protocol packet.
发送器 206, 用于根据该物理出接口转发该网际协议分组。  The transmitter 206 is configured to forward the internet protocol packet according to the physical outbound interface.
综上所述, 本发明实施例提供的转发报文的装置中的哈希控制表的表 项包括隧道协议判断字段以及哈希因子提取字段。 根据隧道协议判断字段, 可以在哈希控制表中查找到与网际协议分组匹配的表项。 该表项与某一隧 道协议对应。 根据哈希因子提取字段, 可以从网际协议分组中提取出进行 哈希运算的因子。 也就是说哈希控制表的表项中的哈希因子提取字段可以 为用于提取哈希因子的软件代码的变量赋值, 从而使该软件代码可以从釆 用哈希控制表的表项对应的隧道协议的网际协议分组中提取出进行哈希运 算的因子。 因此, 本发明实施例提供的装置, 解决了现有技术中, 针对不 同的隧道协议, 需要开发不同的用于提取进行哈希运算的因子的软件代码, 占用的存储空间较多的技术问题。  In summary, the entry of the hash control table in the apparatus for forwarding a message provided by the embodiment of the present invention includes a tunnel protocol determination field and a hash factor extraction field. According to the tunnel protocol judgment field, an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunnel protocol. Based on the hash factor extraction field, the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table. The factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the apparatus provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation is different for the different tunnel protocols, and the storage space occupied by the device is occupied.
可选的,  Optional,
转发报文的装置可以包括:  The device for forwarding the message may include:
第一判断单元, 用于该在哈希控制表中查找隧道协议判断字段与该隧 道协议标识字段匹配的第一表项之后, 并且该从该网际协议分组中提取哈 希因子之前,  a first determining unit, configured to: after the first entry matching the tunnel protocol determination field and the tunnel protocol identifier field in the hash control table, and before extracting the hash factor from the internet protocol packet,
根据该第一表项的信令报文判断字段, 对该网际协议分组是否是信令 报文进行判断;  Determining, according to the signaling packet judgment field of the first entry, whether the internet protocol packet is a signaling packet;
当判断结果为否时, 执行该从该网际协议分组中提取哈希因子。  When the judgment result is no, the extraction of the hash factor from the internet protocol packet is performed.
具体实现时, 网际协议分组中的隧道协议头中可以包括信令 ^艮文标识 字段。 信令报文标识字段用于标识网际协议分组是否为信令报文。 例如, 在网际协议分组的隧道协议为 L2TP的场景下,隧道协议头中的类型字段为 信令报文标识字段。 当类型字段为 0 时, 网际协议分组为数据报文; 当类 型字段为 1时, 网际协议分组为信令报文。 In a specific implementation, the tunneling protocol header in the internet protocol packet may include a signaling identifier field. The signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet. For example, in a scenario where the tunnel protocol of the Internet Protocol packet is L2TP, the type field in the tunnel protocol header is a signaling message identifier field. When the type field is 0, the Internet Protocol is grouped into data messages; When the type field is 1, the Internet Protocol packet is a signaling message.
信令报文判断字段可以包括偏移子字段、 长度子字段以及值子字段。 信令报文判断字段中的偏移子字段用于定义信令报文标识字段在隧道协议 头中的起始位置。 信令报文判断字段中的长度子字段用于定义信令报文标 识字段的长度。 因此, 可以根据信令报文判断字段中的偏移子字段以及长 度子字段, 从隧道协议头中提取出信令报文标识字段。 通过比较信令报文 标识字段与信令报文判断字段中的值子字段是否相等, 可以对网际协议分 组是否是信令报文进行判断。  The signaling message determination field may include an offset subfield, a length subfield, and a value subfield. The offset subfield in the signalling message judgment field is used to define the starting position of the signaling message identification field in the tunnel protocol header. The length subfield in the Signaling Message Judgment field is used to define the length of the signaling message identification field. Therefore, the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing the signaling packet identifier field with the value subfield in the signaling packet judgment field, it is possible to determine whether the internet protocol packet is a signaling packet.
隧道协议头中的信令报文标识字段可以将网际协议分组标识为信令报 文, 也可以将网际协议分组标识为数据报文。 在信令报文判断字段中的值 子字段等于信令报文对应的信令报文标识字段的场景下, 如果信令报文标 识字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为 信令报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相 等, 则表明该网际协议分组不是信令报文。 在信令报文判断字段中的值子 字段等于数据报文对应的信令报文标识字段的场景下, 如果信令报文标识 字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为数 据报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相等, 则表明该网际协议分组不是数据报文。  The signaling packet identifier field in the tunnel protocol header may identify the internet protocol packet as a signaling message, or may identify the internet protocol packet as a data packet. If the value subfield in the signaling packet judgment field is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield in the signal packet judgment field is equal to the signal packet identifier field corresponding to the data packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
当网际协议分组的隧道协议为 L2TP协议时,第一表项中的信令报文判 断字段可以包括偏移子字段、 长度子字段以及值子字段。 其中, 偏移子字 段以及长度子字段可以分别是 0和 1。信令报文判断字段中的值子字段可以 是 1 , 也可以是 0。 在信令报文判断字段中的值子字段是 1的场景下, 如果 信令报文标识字段与信令报文判断字段中的值子字段相等, 则表明网际协 议分组为信令报文; 如果信令报文标识字段与信令报文判断字段中的值子 字段不相等, 则表明网际协议分组不是信令报文。 在信令报文判断字段中 的值子字段是 0 的场景下, 如果信令报文标识字段与信令报文判断字段中 的值子字段相等, 则表明网际协议分组为数据报文; 如果信令报文标识字 段与信令报文判断字段中的值子字段不相等, 则表明网际协议分组不是数 据报文。 When the tunneling protocol of the Internet Protocol packet is the L2TP protocol, the signaling packet judgment field in the first entry may include an offset subfield, a length subfield, and a value subfield. The offset subfield and the length subfield may be 0 and 1, respectively. The value subfield in the signaling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. In the scenario where the value subfield in the signaling message judgment field is 0, if the signaling packet identification field and the signaling packet judgment field are If the value subfields are equal, it indicates that the Internet Protocol packet is a data packet. If the signaling packet identification field and the value subfield in the signaling packet judgment field are not equal, it indicates that the Internet Protocol packet is not a data packet.
需要说明的是,隧道协议为 GRE协议的网际协议分组不存在信令报文, 因此, 与 GRE协议对应的哈希控制表的表项中不需要具备信令报文判断字 段。  It should be noted that there is no signaling packet in the inter-network protocol packet of the GRE protocol. Therefore, the signaling control table entry corresponding to the GRE protocol does not need to have a signaling packet judgment field.
可选的,  Optional,
第一判断单元可以包括:  The first determining unit may include:
提取子单元, 用于根据该信令报文判断字段中的偏移子字段以及长度 子字段, 提取该隧道协议头中的信令报文标识字段, 该信令报文标识字段 用于标识该网际协议分组是否为信令报文, 该信令报文判断字段中的偏移 子字段用于定义该信令报文标识字段在该隧道协议头中的起始位置, 该信 令报文判断字段中的长度子字段用于定义该信令报文标识字段的长度; 比较子单元, 用于通过比较该信令报文标识字段与该信令报文判断字 段中的值子字段是否相等, 对该网际协议分组是否是信令报文进行判断。  An extraction subunit, configured to extract, according to the offset subfield and the length subfield in the signaling packet, a signaling packet identifier field in the tunnel protocol header, where the signaling packet identifier field is used to identify the identifier Whether the internet protocol packet is a signaling packet, and the offset subfield in the signaling packet determining field is used to define a starting position of the signaling packet identifier field in the tunnel protocol header, and the signaling packet is determined. The length subfield in the field is used to define the length of the signaling packet identifier field. The comparison subunit is configured to compare whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal. Whether the internet protocol packet is a signaling message is judged.
可选的,  Optional,
提取单元 203可以包括:  The extracting unit 203 may include:
提取子单元, 用于根据该哈希因子提取字段中的偏移子字段以及长度 子字段, 从该网际协议分组中提取该哈希因子, 该哈希因子提取字段中的 偏移子字段用于定义该哈希因子在该网际协议分组中的起始位置, 该哈希 因子提取字段中的长度子字段用于定义该哈希因子的长度。  Extracting a subunit, configured to extract the hash factor from the internet protocol packet according to the offset subfield and the length subfield in the hash factor extraction field, where the offset subfield in the hash factor extraction field is used A starting position of the hash factor in the internet protocol packet is defined, and a length subfield in the hash factor extraction field is used to define the length of the hash factor.
可选的,  Optional,
转发报文的装置可以包括:  The device for forwarding the message may include:
第二判断单元, 用于该在哈希控制表中查找隧道协议判断字段与该隧 道协议标识字段匹配的第一表项之后, 并且从该网际协议分组中提取哈希 因子之前, 根据该第一表项的流属性判断字段, 对该网际协议分组是否包含流属 性字段进行判断; a second determining unit, configured to: after the first entry matching the tunneling protocol determination field and the tunneling protocol identifier field is found in the hash control table, and before extracting the hash factor from the internet protocol packet, Determining, according to the flow attribute judgment field of the first entry, whether the internet protocol packet includes a flow attribute field;
当判断结果为是时, 执行该从该网际协议分组中提取哈希因子。  When the judgment result is YES, the extraction of the hash factor from the internet protocol packet is performed.
具体实现时, 网际协议分组中可以包括流属性字段。 流属性字段用于 标识该网际协议分组属于某个流, 而不属于其他流。 在不同的场景下, 流 属性字段可能不同。 例如, 当网际协议分组的隧道协议为 L2TP时, 流属性 字段为隧道协议头中的 Session ID字段以及 Tunnel ID字段; 当网际协议分 组的隧道协议为 GRE协议时, 流属性字段为乘客 ^艮文中的源网际协议地址 字段以及目的网际协议地址字段。 以流属性字段为哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会发生乱序。 因此, 根据哈 希因子提取字段, 从网际协议分组中提取出流属性字段, 以流属性字段为 哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会 发生乱序。  In a specific implementation, a stream attribute field may be included in the internet protocol packet. The stream attribute field is used to identify that the internet protocol packet belongs to a stream and not to other streams. The stream attribute fields may be different in different scenarios. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field. The hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs. Therefore, according to the hash factor extraction field, the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
流属性判断字段用于对网际协议分组是否包含流属性字段进行判断。 具体实现时, 网际协议分组的隧道协议头中可以包括流属性标识字段, 该 流属性标识字段用于标识该网际协议分组中是否包含流属性字段。 流属性 判断字段可以包括偏移子字段、 长度子字段以及值子字段。 偏移子字段用 于定义流属性标识字段在隧道协议头中的起始位置。 长度子字段用于定义 流属性标识字段的长度。 因此, 可以根据流属性判断字段中的偏移子字段 以及长度子字段, 从隧道协议头中提取出流属性标识字段。 通过比较流属 性标识字段与流属性判断字段中的值子字段是否相等, 可以对网际协议分 组是否包含流属性字段进行判断。  The stream attribute judgment field is used to judge whether the internet protocol packet contains a stream attribute field. In a specific implementation, the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet. The stream attribute judgment field may include an offset subfield, a length subfield, and a value subfield. The offset subfield is used to define the starting position of the stream attribute identification field in the tunnel protocol header. The Length subfield is used to define the length of the stream attribute identification field. Therefore, the flow attribute identification field can be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the flow attribute judgment field. By comparing whether the flow attribute field and the value sub-field in the flow attribute judgment field are equal, it is possible to judge whether the Internet Protocol packet contains the flow attribute field.
在网际协议分组的隧道协议为 GRE协议的场景下, 流属性标识字段为 隧道协议头中的协议类型字段。 当协议类型字段为 0x0800时, 网际协议分 组中的乘客报文包含流属性字段, 即源网际协议地址字段以及目的网际协 议地址字段。 与协议类型字段对应的流属性判断字段中偏移子字段以及长 度子字段分别是 16和 16, 单位为比特。 流属性判断字段中的偏移子字段为 16表示流属性标识字段相对于隧道协议头的第一个比特的偏移量为 16 比 特。 流属性判断字段中值子字段为 0x0800。 In the scenario where the tunnel protocol of the Internet Protocol packet is GRE, the flow attribute identifier field is the protocol type field in the tunnel protocol header. When the protocol type field is 0x0800, the passenger message in the internet protocol packet includes a stream attribute field, that is, a source internet protocol address field and a destination internet protocol address field. The offset attribute field in the stream attribute judgment field corresponding to the protocol type field and the length The degree subfields are 16 and 16, respectively, in units of bits. The offset subfield in the stream attribute determination field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunneling protocol header is 16 bits. The value subfield in the stream attribute judgment field is 0x0800.
需要说明的是, 当隧道协议为 L2TP的网际协议分组为数据报文时, 该 网际协议分组必然具有流属性字段,即 Session ID字段以及 Tunnel ID字段。 因此,与隧道协议为 L2TP的网际协议分组对应的哈希控制表的表项中不需 要包含流属性判断字段。  It should be noted that when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, it is not necessary to include a flow attribute judgment field in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
实施例三:  Embodiment 3:
本发明实施例提供了一种生成表项的方法, 可以用于需要进行哈希运 算的场景。例如路由器对隧道协议为 GRE协议的网际协议分组进行转发时, 根据本发明实施例提供的生成表项的方法, 可以从该网际协议分组中获得 哈希因子, 进而进行哈希运算。 参见图 3 , 图 3是本发明实施例提供的生成 表项的方法的流程图, 该方法包括:  The embodiment of the invention provides a method for generating an entry, which can be used in a scenario in which hash operation is required. For example, when the router forwards the Internet Protocol packet of the GRE protocol, the method for generating an entry according to the embodiment of the present invention may obtain a hash factor from the Internet Protocol packet, and then perform a hash operation. Referring to FIG. 3, FIG. 3 is a flowchart of a method for generating an entry according to an embodiment of the present invention, where the method includes:
301 : 生成哈希控制表的表项, 该表项包括隧道协议判断字段以及哈希 因子提取字段, 该隧道协议判断字段用于判断网际协议分组的隧道协议标 识字段是否与该隧道协议判断字段匹配, 该网际协议分组包含公网网际协 议头以及隧道协议头, 该隧道协议标识字段用于标识该网际协议分组的隧 道协议, 该哈希因子提取字段用于为用于从该网际协议分组中提取哈希因 子的第一软件代码的变量赋值, 以便于在该隧道协议标识字段与该隧道协 议判断字段匹配的情况下, 该第一软件代码从该网际协议分组中提取哈希 因子。  301: Generate an entry of a hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunneling protocol determination field is used to determine whether a tunneling protocol identifier field of the internet protocol packet matches the tunneling protocol determination field. The internet protocol packet includes a public network internet protocol header and a tunneling protocol header, where the tunneling protocol identification field is used to identify a tunneling protocol of the internet protocol packet, and the hash factor extraction field is used for extracting from the internet protocol packet The variable of the first software code of the hash factor is assigned such that the first software code extracts a hash factor from the internet protocol packet if the tunneling protocol identification field matches the tunneling protocol determination field.
具体实现时, 网际协议分组的网际协议可以是网际协议版本 4, 或者网 际协议版本 6。 隧道协议头可以是 GRE协议头, 或者 L2TP头。 接收网际 协议分组的网络设备可以是路由器。  In specific implementation, the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6. The tunnel protocol header can be a GRE protocol header, or an L2TP header. The network device receiving the internet protocol packet can be a router.
在网际协议为网际协议版本 4 的场景下, 隧道协议标识字段可以是公 网网际协议头中的协议字段。 例如, 当协议字段为 37时, 网际协议分组的 隧道协议是 GRE协议。 In the scenario where the Internet Protocol is the Internet Protocol version 4, the tunneling protocol identifier field may be a protocol field in the public network internet protocol header. For example, when the protocol field is 37, the Internet Protocol is grouped. The tunneling protocol is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的协议字段时, 隧道协议 标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字段。 例如, 当协议字段为 17, 且源端口字段或者目的端口字段为 1701时, 网际 协议分组的隧道协议是 L2TP。  When the tunneling protocol identification field includes a protocol field in the public network protocol header, the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header. For example, when the protocol field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
在网际协议为网际协议版本 6 的场景下, 隧道协议标识字段可以是公 网网际协议头中的下一个头字段。 例如, 当下一个头字段为 37时, 网际协 议分组的隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 6, the tunneling protocol identification field may be the next header field in the public network internet protocol header. For example, when the next header field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的下一个头字段时, 隧道 协议标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字 段。 例如, 当下一个头字段为 17, 且源端口字段或者目的端口字段为 1701 时, 网际协议分组的隧道协议是 L2TP。  When the tunneling protocol identification field includes the next header field in the public network internet protocol header, the tunneling protocol identification field may also include a source port field or a destination port field in the user datagram protocol header. For example, when the next header field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
生成哈希控制表的表项具体实现时, 可以通过嵌入式系统开发环境生 成哈希控制表, 例如美国风河系统公司提供的 VxWorks。 另外, 用户也可 以通过在控制台输入命令行的方式更新哈希控制表, 包括增加或者删除哈 希控制表的表项。 哈希控制表可以存储在位于转发平面的存储空间。 例如, 哈希控制表可以存储在位于路由器转发平面的同步动态随机存储器。  When the implementation of the table of the hash control table is generated, a hash control table can be generated through the embedded system development environment, such as VxWorks provided by American Wind River Systems. Alternatively, the user can update the hash control table by entering a command line at the console, including adding or deleting entries for the hash control table. The hash control table can be stored in the storage space located on the forwarding plane. For example, the hash control table can be stored in a synchronous dynamic random access memory located at the router forwarding plane.
哈希控制表可以包括一个表项或者多个表项。 当哈希控制表包括多个 表项时, 可以通过遍历多个表项的方式查找该表项。 该表项的隧道协议判 断字段等于网际协议分组的隧道协议标识字段。  The hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, you can find the entry by traversing multiple entries. The tunneling protocol determination field of this entry is equal to the tunneling protocol identification field of the internet protocol packet.
在网际协议分组的隧道协议是 GRE协议的场景下, 隧道协议标识字段 可以是公网网际协议头中的协议字段。 该表项中与协议字段对应的隧道协 议判断字段为 37。  In the scenario where the tunneling protocol of the Internet Protocol packet is the GRE protocol, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. The tunnel protocol judgment field corresponding to the protocol field in this entry is 37.
在网际协议分组的隧道协议是 L2TP的场景下,除了公网网际协议头中 的协议字段, 隧道协议标识字段还包括用户数据报协议头中的源端口字段 或者目的端口字段。 该表项中与公网网际协议头中协议字段对应的隧道协 议判断字段为 17 , 该表项中与用户数据报协议头中源端口字段或者目的端 口字段对应的隧道协议判断字段为 1701。 In the scenario where the tunnel protocol of the Internet Protocol packet is L2TP, in addition to the protocol field in the public network protocol header, the tunnel protocol identifier field further includes a source port field or a destination port field in the user datagram protocol header. The tunnel association corresponding to the protocol field in the header of the public network protocol in the entry. The judgment field is 17 , and the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701.
第一软件代码用于从网际协议分组中提取哈希因子。 哈希因子提取字 段可以为第一软件代码的变量赋值, 从而使得第一软件代码可以从某种类 型的隧道协议对应的网际协议分组中提取哈希因子。 具体实现时, 哈希因 定义哈希因子在网际协议分组中的起始位置; 长度子字段用于定义哈希因 字段, 从网际协议分组中提取出哈希因子。  The first software code is used to extract a hash factor from the internet protocol packet. The hash factor extraction field can assign a value to the variable of the first software code such that the first software code can extract the hash factor from the internet protocol packet corresponding to a certain type of tunneling protocol. In the specific implementation, the hash is defined as the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the hash factor field, and the hash factor is extracted from the internet protocol packet.
当网际协议分组的隧道协议为 GRE协议时, 该表项可以包括 2个哈希 因子提取字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度子 字段。 其中, 与乘客报文中的源网际协议地址字段对应的哈希因子提取字 段中的偏移子字段以及长度子字段可以分别是 20和 4, 单位是字节。 哈希 因子提取字段中的偏移子字段为 20表示哈希因子相对于隧道协议头的第一 个比特的偏移量为 20字节。 与乘客 ^艮文中的目的网际协议地址字段对应的 为字节。 哈希因子提取字段中的偏移子字段为 24表示哈希因子相对于隧道 协议头的第一个比特的偏移量为 24字节。  When the tunneling protocol of the Internet Protocol packet is the GRE protocol, the entry may include two hash factor extraction fields. Each hash factor extraction field may include an offset subfield and a length subfield. The offset subfield and the length subfield in the hash factor extraction field corresponding to the source internet protocol address field in the passenger message may be 20 and 4, respectively, and the unit is byte. The offset subfield in the hash factor extraction field is 20 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 20 bytes. The byte corresponding to the destination internet protocol address field in the passenger's text. The offset subfield in the hash factor extraction field is 24 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 24 bytes.
当网际协议分组的隧道协议为 L2TP时,该表项可以包括 2个哈希因子 提取字段。 2个哈希因子提取字段分别对应 Session ID字段以及 Tunnel ID 字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度子字段。 其 字段可以分别是 6和 2, 单位为字节。哈希因子提取字段中的偏移子字段为 6 表示哈希因子相对于隧道协议头的第一个比特的偏移量为 6 字节。 与 以分别是 4和 2, 单位为字节。哈希因子提取字段中的偏移子字段为 4表示 哈希因子相对于隧道协议头的第一个比特的偏移量为 4字节。 When the tunneling protocol of the internet protocol packet is L2TP, the entry may include two hash factor extraction fields. The two hash factor extraction fields correspond to the Session ID field and the Tunnel ID field, respectively. Each hash factor extraction field may include an offset subfield and a length subfield. Its fields can be 6 and 2, respectively, in bytes. The offset subfield in the hash factor extraction field is 6 to indicate that the hash factor is offset from the first bit of the tunneling protocol header by 6 bytes. With to be 4 and 2, the unit is byte. The offset subfield in the hash factor extraction field is 4 The offset of the hash factor relative to the first bit of the tunneling protocol header is 4 bytes.
哈希因子可以被用于执行哈希运算。 具体实现时, 可以仅根据第一软 件代码得到的哈希因子执行哈希运算; 也可以将根据第一软件代码得到的 哈希因子以及五元组作为执行哈希运算所需的全部哈希因子, 执行哈希运 算。  A hash factor can be used to perform a hash operation. In a specific implementation, the hash operation may be performed only according to the hash factor obtained by the first software code; the hash factor and the quintuple obtained according to the first software code may also be used as all hash factors required for performing the hash operation. , perform a hash operation.
当网际协议分组的隧道协议为 GRE协议时, 根据第一软件代码可以得 的隧道协议为 L2TP时,根据第一软件代码可以得到隧道协议头中的 Tunnel ID以及 Session ID。  When the tunneling protocol of the Internet Protocol packet is the GRE protocol, when the tunneling protocol that can be obtained according to the first software code is L2TP, the tunnel ID and the session ID in the tunneling protocol header can be obtained according to the first software code.
根据该哈希运算的结果, 可以确定用于转发该网际协议分组的物理出 接口。 表项包括隧道协议判断字段以及哈希因子提取字段。 根据隧道协议判断字 段, 可以在哈希控制表中查找到与网际协议分组匹配的表项。 该表项与某 一隧道协议对应。 根据哈希因子提取字段, 可以从网际协议分组中提取出 进行哈希运算的因子。 也就是说哈希控制表的表项中的哈希因子提取字段 可以为用于提取哈希因子的软件代码的变量赋值, 从而使该软件代码可以 从釆用哈希控制表的表项对应的隧道协议的网际协议分组中提取出进行哈 希运算的因子。 因此, 本发明实施例提供的方法, 解决了现有技术中, 针 对不同的隧道协议, 需要开发不同的用于提取进行哈希运算的因子的软件 代码, 占用的存储空间较多的技术问题。  Based on the result of the hash operation, a physical outgoing interface for forwarding the internet protocol packet can be determined. The entry includes a tunneling protocol determination field and a hash factor extraction field. According to the tunnel protocol judgment field, an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunneling protocol. Based on the hash factor extraction field, the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table. The factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the method provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation needs to be developed for different tunnel protocols in the prior art.
可选的,  Optional,
该表项可以包括信令报文判断字段, 该信令报文判断字段用于为用于 判断该网际协议分组是否为信令报文的第二软件代码的变量赋值, 以便于 该第二软件代码对该网际协议分组是否为信令报文进行判断。  The entry may include a signaling message determination field, where the signaling message determination field is used to assign a value to a variable for determining whether the Internet Protocol packet is a second software code of the signaling message, so as to facilitate the second software. The code determines whether the internet protocol packet is a signaling message.
具体实现时, 网际协议分组中的隧道协议头中可以包括信令 ^艮文标识 字段。 信令报文标识字段用于标识网际协议分组是否为信令报文。 例如, 在网际协议分组的隧道协议为 L2TP的场景下,隧道协议头中的类型字段为 信令报文标识字段。 当类型字段为 0 时, 网际协议分组为数据报文; 当类 型字段为 1时, 网际协议分组为信令报文。 In a specific implementation, the tunnel protocol header in the internet protocol packet may include a signaling identifier. Field. The signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet. For example, in a scenario where the tunnel protocol of the Internet Protocol packet is L2TP, the type field in the tunnel protocol header is a signaling message identifier field. When the type field is 0, the Internet Protocol packet is a data message; when the Type field is 1, the Internet Protocol packet is a signaling message.
第二软件代码用于判断网际协议分组是否为信令报文。 信令报文判断 字段可以为第二软件代码的变量赋值, 从而使得第二软件代码可以对某种 类型的隧道协议对应的网际协议分组是否是信令报文进行判断。 具体实现 时, 信令报文判断字段可以包括偏移子字段、 长度子字段以及值子字段。 信令报文判断字段中的偏移子字段用于定义信令报文标识字段在隧道协议 头中的起始位置。 信令报文判断字段中的长度子字段用于定义信令报文标 识字段的长度。 因此, 可以根据信令报文判断字段中的偏移子字段以及长 度子字段, 从隧道协议头中提取出信令报文标识字段。 通过比较信令报文 标识字段与信令报文判断字段中的值子字段是否相等, 可以对网际协议分 组是否是信令报文进行判断。  The second software code is used to determine whether the internet protocol packet is a signaling message. The signaling message judgment field may be assigned a variable of the second software code, so that the second software code can determine whether the internet protocol packet corresponding to a certain type of tunneling protocol is a signaling message. In a specific implementation, the signaling message judgment field may include an offset subfield, a length subfield, and a value subfield. The offset subfield in the signalling message judgment field is used to define the starting position of the signaling message identification field in the tunnel protocol header. The length subfield in the Signaling Message Judgment field is used to define the length of the signaling message identification field. Therefore, the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing the signaling packet identifier field with the value subfield in the signaling packet judgment field, it is possible to determine whether the internet protocol packet is a signaling packet.
隧道协议头中的信令报文标识字段可以将网际协议分组标识为信令报 文, 也可以将网际协议分组标识为数据报文。 在信令报文判断字段中的值 子字段等于信令报文对应的信令报文标识字段的场景下, 如果信令报文标 识字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为 信令报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相 等, 则表明该网际协议分组不是信令报文。 在信令报文判断字段中的值子 字段等于数据报文对应的信令报文标识字段的场景下, 如果信令报文标识 字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为数 据报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相等, 则表明该网际协议分组不是数据报文。  The signaling packet identifier field in the tunnel protocol header may identify the internet protocol packet as a signaling message, or may identify the internet protocol packet as a data packet. If the value subfield in the signaling packet judgment field is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield in the signal packet judgment field is equal to the signal packet identifier field corresponding to the data packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
当网际协议分组的隧道协议为 L2TP协议时,该表项中的信令报文判断 字段可以包括偏移子字段、 长度子字段以及值子字段。 其中, 偏移子字段 以及长度子字段可以分别是 0和 1。信令报文判断字段中的值子字段可以是 1 , 也可以是 0。 在信令报文判断字段中的值子字段是 1的场景下, 如果信 令报文标识字段与信令报文判断字段中的值子字段相等, 则表明网际协议 分组为信令报文; 如果信令报文标识字段与信令报文判断字段中的值子字 段不相等, 则表明网际协议分组不是信令报文。 在信令报文判断字段中的 值子字段是 0 的场景下, 如果信令报文标识字段与信令报文判断字段中的 值子字段相等, 则表明网际协议分组为数据报文; 如果信令报文标识字段 与信令报文判断字段中的值子字段不相等, 则表明网际协议分组不是数据 报文。 When the tunneling protocol of the Internet Protocol packet is the L2TP protocol, the signaling packet judgment field in the entry may include an offset subfield, a length subfield, and a value subfield. Where the offset subfield And the length subfields can be 0 and 1, respectively. The value subfield in the signaling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a data packet. The signaling packet identifier field is not equal to the value subfield in the signaling packet judgment field, indicating that the internet protocol packet is not a data packet.
需要说明的是,隧道协议为 GRE协议的网际协议分组不存在信令报文, 因此, 与 GRE协议对应的哈希控制表的表项中不需要具备信令报文判断字 段。  It should be noted that there is no signaling packet in the inter-network protocol packet of the GRE protocol. Therefore, the signaling control table entry corresponding to the GRE protocol does not need to have a signaling packet judgment field.
可选的,  Optional,
该表项可以包括流属性判断字段, 该流属性判断字段用于为用于判断 该网际协议分组是否包含流属性字段的第三软件代码的变量赋值, 以便于 该第三软件代码对该网际协议分组是否为信令报文进行判断。  The entry may include a flow attribute determination field for assigning a value to a variable of the third software code for determining whether the internet protocol packet includes a flow attribute field, to facilitate the third software code to the internet protocol Whether the packet is judged for the signaling message.
具体实现时, 网际协议分组中可以包括流属性字段。 流属性字段用于 标识该网际协议分组属于某个流, 而不属于其他流。 在不同的场景下, 流 属性字段可能不同。 例如, 当网际协议分组的隧道协议为 L2TP时, 流属性 字段为隧道协议头中的 Session ID字段以及 Tunnel ID字段; 当网际协议分 组的隧道协议为 GRE协议时, 流属性字段为乘客 ^艮文中的源网际协议地址 字段以及目的网际协议地址字段。 以流属性字段为哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会发生乱序。 因此, 根据哈 希因子提取字段, 从网际协议分组中提取出流属性字段, 以流属性字段为 哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会 发生乱序。 第三软件代码用于判断网际协议分组是否包含流属性字段。 流属性判 断字段可以为第三软件代码的变量赋值, 从而使得第三软件代码可以对某 种类型的隧道协议对应的网际协议分组是否包含流属性字段进行判断。 具 体实现时, 网际协议分组的隧道协议头中可以包括流属性标识字段, 该流 属性标识字段用于标识该网际协议分组中是否包含流属性字段。 流属性判 断字段可以包括偏移子字段、 长度子字段以及值子字段。 偏移子字段用于 定义流属性标识字段在隧道协议头中的起始位置。 长度子字段用于定义流 属性标识字段的长度。 因此, 可以根据流属性判断字段中的偏移子字段以 及长度子字段, 从隧道协议头中提取出流属性标识字段。 通过比较流属性 标识字段与流属性判断字段中的值子字段是否相等, 可以对网际协议分组 是否包含流属性字段进行判断。 In a specific implementation, a stream attribute field may be included in the internet protocol packet. The stream attribute field is used to identify that the internet protocol packet belongs to a stream and does not belong to other streams. The stream attribute fields may be different in different scenarios. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field. The hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs. Therefore, according to the hash factor extraction field, the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence. The third software code is used to determine whether the internet protocol packet contains a stream attribute field. The stream attribute determination field may assign a value to the variable of the third software code, thereby enabling the third software code to determine whether the internet protocol packet corresponding to a certain type of tunneling protocol includes a stream attribute field. In a specific implementation, the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet. The stream attribute determination field may include an offset subfield, a length subfield, and a value subfield. The offset subfield is used to define the starting position of the stream attribute identification field in the tunneling protocol header. The length subfield is used to define the length of the stream attribute identification field. Therefore, the flow attribute identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the flow attribute judgment field. By comparing whether the stream attribute identifier field and the value attribute subfield in the stream attribute judgment field are equal, it is possible to judge whether the internet protocol packet includes the stream attribute field.
在网际协议分组的隧道协议为 GRE协议的场景下, 流属性标识字段为 隧道协议头中的协议类型字段。 当协议类型字段为 0x0800时, 网际协议分 组中的乘客报文包含流属性字段, 即源网际协议地址字段以及目的网际协 议地址字段。 与协议类型字段对应的流属性判断字段中偏移子字段以及长 度子字段分别是 16和 16, 单位为比特。 流属性判断字段中的偏移子字段为 16表示流属性标识字段相对于隧道协议头的第一个比特的偏移量为 16 比 特。 流属性判断字段中值子字段为 0x0800。  In the scenario where the tunnel protocol of the Internet Protocol packet is GRE, the flow attribute identifier field is the protocol type field in the tunnel protocol header. When the protocol type field is 0x0800, the passenger message in the internet protocol packet contains the stream attribute field, that is, the source internet protocol address field and the destination internet protocol address field. The offset subfield and the length subfield in the stream attribute judgment field corresponding to the protocol type field are 16 and 16, respectively, and the unit is a bit. The offset subfield in the stream attribute determination field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunneling protocol header is 16 bits. The value subfield in the stream attribute judgment field is 0x0800.
需要说明的是, 当隧道协议为 L2TP的网际协议分组为数据报文时, 该 网际协议分组必然具有流属性字段,即 Session ID字段以及 Tunnel ID字段。 因此,与隧道协议为 L2TP的网际协议分组对应的哈希控制表的表项中不需 要包含流属性判断字段。  It should be noted that when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, it is not necessary to include a flow attribute judgment field in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
实施例四:  Embodiment 4:
本发明实施例提供了一种生成表项的装置, 可以用于需要进行哈希运 算的场景。例如路由器对隧道协议为 GRE协议的网际协议分组进行转发时, 根据本发明实施例提供的生成表项的装置, 可以从该网际协议分组中获得 哈希因子, 进而进行哈希运算。 参见图 4 , 图 4是本发明实施例提供的生成 表项的装置的示意图, 该装置包括: The embodiment of the invention provides an apparatus for generating an entry, which can be used in a scenario in which a hash operation is required. For example, when a router forwards an internet protocol packet whose tunneling protocol is a GRE protocol, the device for generating an entry according to the embodiment of the present invention may obtain the network protocol packet from the internet protocol packet. The hash factor, which in turn performs a hash operation. Referring to FIG. 4, FIG. 4 is a schematic diagram of an apparatus for generating an entry according to an embodiment of the present invention, where the apparatus includes:
表项生成单元 401 , 用于生成哈希控制表的表项, 该表项包括隧道协议 判断字段以及哈希因子提取字段, 该隧道协议判断字段用于判断网际协议 分组的隧道协议标识字段是否与该隧道协议判断字段匹配, 该网际协议分 组包含公网网际协议头以及隧道协议头, 该隧道协议标识字段用于标识该 网际协议分组的隧道协议, 该哈希因子提取字段用于为用于从该网际协议 分组中提取哈希因子的第一软件代码的变量赋值;  The entry generation unit 401 is configured to generate an entry of the hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunneling protocol determination field is used to determine whether the tunneling protocol identifier field of the internet protocol packet is The tunnel protocol judgment field is matched, and the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify a tunnel protocol of the internet protocol packet, and the hash factor extraction field is used for Deriving a variable assignment of the first software code of the hash factor in the internet protocol packet;
第一赋值单元 402 ,用于根据该哈希因子提取字段为该第一软件代码的 变量赋值, 以便于在该隧道协议标识字段与该隧道协议判断字段匹配的情 况下, 该第一软件代码从该网际协议分组中提取哈希因子。  a first assignment unit 402, configured to assign a value to the variable of the first software code according to the hash factor extraction field, so that the first software code is obtained when the tunneling protocol identifier field matches the tunneling protocol determination field A hash factor is extracted from the internet protocol packet.
具体实现时, 网际协议分组的网际协议可以是网际协议版本 4, 或者网 际协议版本 6。 隧道协议头可以是 GRE协议头, 或者 L2TP头。 接收网际 协议分组的网络设备可以是路由器。  In specific implementation, the Internet Protocol of the Internet Protocol packet may be Internet Protocol version 4, or Internet Protocol version 6. The tunnel protocol header can be a GRE protocol header, or an L2TP header. The network device receiving the internet protocol packet can be a router.
在网际协议为网际协议版本 4 的场景下, 隧道协议标识字段可以是公 网网际协议头中的协议字段。 例如, 当协议字段为 37时, 网际协议分组的 隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 4, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. For example, when the protocol field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的协议字段时, 隧道协议 标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字段。 例如, 当协议字段为 17 , 且源端口字段或者目的端口字段为 1701时, 网际 协议分组的隧道协议是 L2TP。  When the tunneling protocol identification field includes a protocol field in the public network protocol header, the tunneling protocol identification field may further include a source port field or a destination port field in the user datagram protocol header. For example, when the protocol field is 17 and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
在网际协议为网际协议版本 6 的场景下, 隧道协议标识字段可以是公 网网际协议头中的下一个头字段。 例如, 当下一个头字段为 37时, 网际协 议分组的隧道协议是 GRE协议。  In the scenario where the Internet Protocol is Internet Protocol version 6, the tunneling protocol identification field may be the next header field in the public network internet protocol header. For example, when the next header field is 37, the tunneling protocol of the Internet Protocol packet is the GRE protocol.
当隧道协议标识字段包括公网网际协议头中的下一个头字段时, 隧道 协议标识字段还可以包括用户数据报协议头中的源端口字段或目的端口字 段。 例如, 当下一个头字段为 17, 且源端口字段或者目的端口字段为 1701 时, 网际协议分组的隧道协议是 L2TP。 When the tunnel protocol identifier field includes the next header field in the public network protocol header, the tunnel protocol identifier field may further include a source port field or a destination port word in the user datagram protocol header. Paragraph. For example, when the next header field is 17, and the source port field or destination port field is 1701, the tunneling protocol of the Internet Protocol packet is L2TP.
生成哈希控制表的表项具体实现时, 可以通过嵌入式系统开发环境生 成哈希控制表, 例如美国风河系统公司提供的 VxWorks。 另外, 用户也可 以通过在控制台输入命令行的方式更新哈希控制表, 包括增加或者删除哈 希控制表的表项。 哈希控制表可以存储在位于转发平面的存储空间。 例如, 哈希控制表可以存储在位于路由器转发平面的同步动态随机存储器。  When the implementation of the table of the hash control table is generated, a hash control table can be generated through the embedded system development environment, such as VxWorks provided by American Wind River Systems. Alternatively, the user can update the hash control table by entering a command line at the console, including adding or deleting entries for the hash control table. The hash control table can be stored in the storage space located on the forwarding plane. For example, the hash control table can be stored in a synchronous dynamic random access memory located at the router forwarding plane.
哈希控制表可以包括一个表项或者多个表项。 当哈希控制表包括多个 表项时, 可以通过遍历多个表项的方式查找该表项。 该表项的隧道协议判 断字段等于网际协议分组的隧道协议标识字段。  The hash control table can include one entry or multiple entries. When the hash control table includes multiple entries, you can find the entry by traversing multiple entries. The tunneling protocol determination field of this entry is equal to the tunneling protocol identification field of the internet protocol packet.
在网际协议分组的隧道协议是 GRE协议的场景下, 隧道协议标识字段 可以是公网网际协议头中的协议字段。 该表项中与协议字段对应的隧道协 议判断字段为 37。  In the scenario where the tunneling protocol of the Internet Protocol packet is the GRE protocol, the tunneling protocol identification field may be a protocol field in the public network internet protocol header. The tunnel protocol judgment field corresponding to the protocol field in this entry is 37.
在网际协议分组的隧道协议是 L2TP的场景下,除了公网网际协议头中 的协议字段, 隧道协议标识字段还包括用户数据报协议头中的源端口字段 或者目的端口字段。 该表项中与公网网际协议头中协议字段对应的隧道协 议判断字段为 17 , 该表项中与用户数据报协议头中源端口字段或者目的端 口字段对应的隧道协议判断字段为 1701。  In the scenario where the tunnel protocol of the Internet Protocol packet is L2TP, in addition to the protocol field in the public network protocol header, the tunnel protocol identifier field further includes a source port field or a destination port field in the header of the user datagram protocol. The tunnel protocol judgment field corresponding to the protocol field in the public network protocol header of the entry is 17 , and the tunnel protocol judgment field corresponding to the source port field or the destination port field in the header of the user datagram protocol is 1701.
第一软件代码用于从网际协议分组中提取哈希因子。 哈希因子提取字 段可以为第一软件代码的变量赋值, 从而使得第一软件代码可以从某种类 型的隧道协议对应的网际协议分组中提取哈希因子。 具体实现时, 哈希因 定义哈希因子在网际协议分组中的起始位置; 长度子字段用于定义哈希因 字段, 从网际协议分组中提取出哈希因子。  The first software code is used to extract a hash factor from the internet protocol packet. The hash factor extraction field can assign a value to the variable of the first software code such that the first software code can extract the hash factor from the internet protocol packet corresponding to a certain type of tunneling protocol. In the specific implementation, the hash is defined as the starting position of the hash factor in the internet protocol packet; the length subfield is used to define the hash factor field, and the hash factor is extracted from the internet protocol packet.
当网际协议分组的隧道协议为 GRE协议时, 该表项可以包括 2个哈希 因子提取字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度子 字段。 其中, 与乘客报文中的源网际协议地址字段对应的哈希因子提取字 段中的偏移子字段以及长度子字段可以分别是 20和 4, 单位是字节。 哈希 因子提取字段中的偏移子字段为 20表示哈希因子相对于隧道协议头的第一 个比特的偏移量为 20字节。 与乘客 ^艮文中的目的网际协议地址字段对应的 为字节。 哈希因子提取字段中的偏移子字段为 24表示哈希因子相对于隧道 协议头的第一个比特的偏移量为 24字节。 When the tunnel protocol of the Internet Protocol packet is GRE, the entry may include two hashes. Factor extraction field. Each hash factor extraction field may include an offset subfield and a length subfield. The offset subfield and the length subfield in the hash factor extraction field corresponding to the source internet protocol address field in the passenger message may be 20 and 4, respectively, and the unit is byte. The offset subfield in the hash factor extraction field is 20 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 20 bytes. The byte corresponding to the destination internet protocol address field in the passenger's text. The offset subfield in the hash factor extraction field is 24 indicating that the offset of the hash factor relative to the first bit of the tunneling protocol header is 24 bytes.
当网际协议分组的隧道协议为 L2TP时,该表项可以包括 2个哈希因子 提取字段。 2个哈希因子提取字段分别对应 Session ID字段以及 Tunnel ID 字段。 每个哈希因子提取字段都可以包括偏移子字段以及长度子字段。 其 字段可以分别是 6和 2, 单位为字节。哈希因子提取字段中的偏移子字段为 6 表示哈希因子相对于隧道协议头的第一个比特的偏移量为 6 字节。 与 以分别是 4和 2, 单位为字节。哈希因子提取字段中的偏移子字段为 4表示 哈希因子相对于隧道协议头的第一个比特的偏移量为 4字节。  When the tunneling protocol of the Internet Protocol packet is L2TP, the entry may include two hash factor extraction fields. The two hash factor extraction fields correspond to the Session ID field and the Tunnel ID field, respectively. Each hash factor extraction field may include an offset subfield and a length subfield. Its fields can be 6 and 2, respectively, in bytes. The offset subfield in the hash factor extraction field is 6 to indicate that the hash factor is offset from the first bit of the tunneling protocol header by 6 bytes. With to be 4 and 2, the unit is byte. The offset subfield in the hash factor extraction field is 4 indicating that the hash factor has an offset of 4 bytes from the first bit of the tunnel protocol header.
哈希因子可以被用于执行哈希运算。 具体实现时, 可以仅根据第一软 件代码得到的哈希因子执行哈希运算; 也可以将根据第一软件代码得到的 哈希因子以及五元组作为执行哈希运算所需的全部哈希因子, 执行哈希运 当网际协议分组的隧道协议为 GRE协议时, 根据第一软件代码可以得 的隧道协议为 L2TP时,根据第一软件代码可以得到隧道协议头中的 Tunnel ID以及 Session ID。  A hash factor can be used to perform a hash operation. In a specific implementation, the hash operation may be performed only according to the hash factor obtained by the first software code; the hash factor and the quintuple obtained according to the first software code may also be used as all hash factors required for performing the hash operation. When the tunnel protocol of the hash protocol is the GRE protocol, when the tunnel protocol available according to the first software code is L2TP, the tunnel ID and the session ID in the tunnel protocol header can be obtained according to the first software code.
根据该哈希运算的结果, 可以确定用于转发该网际协议分组的物理出 接口。 According to the result of the hash operation, the physical exit for forwarding the internet protocol packet can be determined. Interface.
综上所述, 本发明实施例提供的生成表项的装置涉及的哈希控制表的 表项包括隧道协议判断字段以及哈希因子提取字段。 根据隧道协议判断字 段, 可以在哈希控制表中查找到与网际协议分组匹配的表项。 该表项与某 一隧道协议对应。 根据哈希因子提取字段, 可以从网际协议分组中提取出 进行哈希运算的因子。 也就是说哈希控制表的表项中的哈希因子提取字段 可以为用于提取哈希因子的软件代码的变量赋值, 从而使该软件代码可以 从釆用哈希控制表的表项对应的隧道协议的网际协议分组中提取出进行哈 希运算的因子。 因此, 本发明实施例提供的装置, 解决了现有技术中, 针 对不同的隧道协议, 需要开发不同的用于提取进行哈希运算的因子的软件 代码, 占用的存储空间较多的技术问题。  In summary, the entry of the hash control table involved in the device for generating an entry according to the embodiment of the present invention includes a tunnel protocol determination field and a hash factor extraction field. According to the tunnel protocol judgment field, an entry matching the Internet Protocol packet can be found in the hash control table. This entry corresponds to a tunneling protocol. Based on the hash factor extraction field, the factor for hashing can be extracted from the internet protocol packet. That is to say, the hash factor extraction field in the entry of the hash control table may assign a value to the variable of the software code for extracting the hash factor, so that the software code can correspond to the entry of the hash control table. The factor of the hash operation is extracted from the internet protocol packet of the tunneling protocol. Therefore, the device provided by the embodiment of the present invention solves the technical problem that the software code for extracting the factor for performing the hash operation needs to be developed for different tunnel protocols in the prior art, and the storage space occupied is large.
可选的,  Optional,
生成表项的装置可以包括:  The device for generating an entry may include:
第二赋值单元, 用于根据该表项包括的信令报文判断字段为用于判断 该网际协议分组是否为信令报文的第二软件代码的变量赋值, 以便于该第 二软件代码对该网际协议分组是否为信令报文进行判断。  a second evaluation unit, configured to determine, according to the signaling message judgment field included in the entry, a variable for determining whether the internet protocol packet is a second software code of the signaling message, so as to facilitate the second software code pair Whether the internet protocol packet is used for signaling signaling.
具体实现时, 网际协议分组中的隧道协议头中可以包括信令 ^艮文标识 字段。 信令报文标识字段用于标识网际协议分组是否为信令报文。 例如, 在网际协议分组的隧道协议为 L2TP的场景下,隧道协议头中的类型字段为 信令报文标识字段。 当类型字段为 0 时, 网际协议分组为数据报文; 当类 型字段为 1时, 网际协议分组为信令报文。  In a specific implementation, the tunneling protocol header in the internet protocol packet may include a signaling identifier field. The signaling packet identifier field is used to identify whether the internet protocol packet is a signaling packet. For example, in the scenario where the tunnel protocol of the Internet Protocol packet is L2TP, the type field in the tunnel protocol header is a signaling message identifier field. When the type field is 0, the Internet Protocol packet is a data packet; when the type field is 1, the Internet Protocol packet is a signaling message.
第二软件代码用于判断网际协议分组是否为信令报文。 信令报文判断 字段可以为第二软件代码的变量赋值, 从而使得第二软件代码可以对某种 类型的隧道协议对应的网际协议分组是否是信令报文进行判断。 具体实现 时, 信令报文判断字段可以包括偏移子字段、 长度子字段以及值子字段。 信令报文判断字段中的偏移子字段用于定义信令报文标识字段在隧道协议 头中的起始位置。 信令报文判断字段中的长度子字段用于定义信令报文标 识字段的长度。 因此, 可以根据信令报文判断字段中的偏移子字段以及长 度子字段, 从隧道协议头中提取出信令报文标识字段。 通过比较信令报文 标识字段与信令报文判断字段中的值子字段是否相等, 可以对网际协议分 组是否是信令报文进行判断。 The second software code is used to determine whether the internet protocol packet is a signaling message. The signaling message determination field may assign a value to the variable of the second software code, so that the second software code can determine whether the Internet Protocol packet corresponding to a certain type of tunneling protocol is a signaling message. In a specific implementation, the signaling message judgment field may include an offset subfield, a length subfield, and a value subfield. The offset subfield in the signaling message judgment field is used to define the signaling packet identification field in the tunneling protocol. The starting position in the head. The length subfield in the signaling message judgment field is used to define the length of the signaling packet identification field. Therefore, the signaling packet identification field may be extracted from the tunnel protocol header according to the offset subfield and the length subfield in the signaling message judgment field. By comparing whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, it is possible to determine whether the internet protocol packet is a signaling packet.
隧道协议头中的信令报文标识字段可以将网际协议分组标识为信令报 文, 也可以将网际协议分组标识为数据报文。 在信令报文判断字段中的值 子字段等于信令报文对应的信令报文标识字段的场景下, 如果信令报文标 识字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为 信令报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相 等, 则表明该网际协议分组不是信令报文。 在信令报文判断字段中的值子 字段等于数据报文对应的信令报文标识字段的场景下, 如果信令报文标识 字段与信令报文判断字段中的值子字段相等, 则表明该网际协议分组为数 据报文; 如果信令报文标识字段与信令报文判断字段中的值子字段不相等, 则表明该网际协议分组不是数据报文。  The signaling packet identifier field in the tunnel protocol header may identify the internet protocol packet as a signaling message, or may identify the internet protocol packet as a data packet. If the value subfield in the signaling packet judgment field is equal to the signaling packet identifier field corresponding to the signaling packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield in the signal packet judgment field is equal to the signal packet identifier field corresponding to the data packet, if the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal, The network protocol packet is a data packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a data packet.
当网际协议分组的隧道协议为 L2TP协议时,该表项中的信令报文判断 字段可以包括偏移子字段、 长度子字段以及值子字段。 其中, 偏移子字段 以及长度子字段可以分别是 0和 1。信令报文判断字段中的值子字段可以是 1 , 也可以是 0。 在信令报文判断字段中的值子字段是 1的场景下, 如果信 令报文标识字段与信令报文判断字段中的值子字段相等, 则表明网际协议 分组为信令报文; 如果信令报文标识字段与信令报文判断字段中的值子字 段不相等, 则表明网际协议分组不是信令报文。 在信令报文判断字段中的 值子字段是 0 的场景下, 如果信令报文标识字段与信令报文判断字段中的 值子字段相等, 则表明网际协议分组为数据报文; 如果信令报文标识字段 与信令报文判断字段中的值子字段不相等, 则表明网际协议分组不是数据 报文。 需要说明的是,隧道协议为 GRE协议的网际协议分组不存在信令报文, 因此, 与 GRE协议对应的哈希控制表的表项中不需要具备信令报文判断字 段。 When the tunneling protocol of the Internet Protocol packet is the L2TP protocol, the signaling packet judgment field in the entry may include an offset subfield, a length subfield, and a value subfield. The offset subfield and the length subfield may be 0 and 1, respectively. The value subfield in the signaling message judgment field may be 1 or 0. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a signaling packet. If the signaling packet identifier field and the value subfield in the signaling packet judgment field are not equal, it indicates that the internet protocol packet is not a signaling packet. If the value subfield of the signaling packet identification field is equal to the value subfield in the signaling packet judgment field, the network protocol packet is a data packet. The signaling packet identifier field is not equal to the value subfield in the signaling packet judgment field, indicating that the internet protocol packet is not a data packet. It should be noted that the tunnel protocol is not the signaling packet of the GRE protocol. Therefore, the signaling table of the hash control table corresponding to the GRE protocol does not need to have a signaling packet judgment field.
可选的,  Optional,
生成表项的装置可以包括:  The device for generating an entry may include:
第三赋值单元, 用于根据该表项包括的流属性判断字段为用于判断该 网际协议分组是否包含流属性字段的第三软件代码的变量赋值, 以便于该 第三软件代码对该网际协议分组是否为信令报文进行判断。  a third assignment unit, configured to determine, according to the flow attribute judgment field included in the entry, a variable of a third software code for determining whether the internet protocol packet includes a flow attribute field, to facilitate the third software code to the internet protocol Whether the packet is judged for the signaling message.
具体实施时, 网际协议分组中可以包括流属性字段。 流属性字段用于 标识该网际协议分组属于某个流, 而不属于其他流。 在不同的场景下, 流 属性字段可能不同。 例如, 当网际协议分组的隧道协议为 L2TP时, 流属性 字段为隧道协议头中的 Session ID字段以及 Tunnel ID字段; 当网际协议分 组的隧道协议为 GRE协议时, 流属性字段为乘客 ^艮文中的源网际协议地址 字段以及目的网际协议地址字段。 以流属性字段为哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会发生乱序。 因此, 根据哈 希因子提取字段, 从网际协议分组中提取出流属性字段, 以流属性字段为 哈希因子进行哈希运算, 并根据哈希运算的结果转发报文, 可以确保不会 发生乱序。  In a specific implementation, a stream attribute field may be included in the internet protocol packet. The stream attribute field is used to identify that the internet protocol packet belongs to a stream and not to other streams. The stream attribute fields may be different in different scenarios. For example, when the tunneling protocol of the Internet Protocol packet is L2TP, the stream attribute field is the Session ID field and the Tunnel ID field in the tunnel protocol header. When the tunnel protocol of the Internet Protocol packet is the GRE protocol, the stream attribute field is the passenger. Source Internet Protocol Address field and destination Internet Protocol Address field. The hash attribute is hashed by the stream attribute field, and the message is forwarded according to the result of the hash operation, which ensures that no out of order occurs. Therefore, according to the hash factor extraction field, the stream attribute field is extracted from the internet protocol packet, the stream attribute field is hashed by the hash factor, and the message is forwarded according to the result of the hash operation, thereby ensuring that no chaos occurs. sequence.
第三软件代码用于判断网际协议分组是否包含流属性字段。 流属性判 断字段可以为第三软件代码的变量赋值, 从而使得第三软件代码可以对某 种类型的隧道协议对应的网际协议分组是否包含流属性字段进行判断。 具 体实现时, 网际协议分组的隧道协议头中可以包括流属性标识字段, 该流 属性标识字段用于标识该网际协议分组中是否包含流属性字段。 流属性判 断字段可以包括偏移子字段、 长度子字段以及值子字段。 偏移子字段用于 定义流属性标识字段在隧道协议头中的起始位置。 长度子字段用于定义流 属性标识字段的长度。 因此, 可以根据流属性判断字段中的偏移子字段以 及长度子字段, 从隧道协议头中提取出流属性标识字段。 通过比较流属性 标识字段与流属性判断字段中的值子字段是否相等, 可以对网际协议分组 是否包含流属性字段进行判断。 The third software code is used to determine whether the internet protocol packet contains a stream attribute field. The stream attribute determination field may assign a value to the variable of the third software code, thereby enabling the third software code to determine whether the internet protocol packet corresponding to a certain type of tunneling protocol includes a stream attribute field. In a specific implementation, the tunneling protocol header of the Internet Protocol packet may include a flow attribute identifier field, where the flow attribute identifier field is used to identify whether the network attribute field is included in the internet protocol packet. The stream attribute determination field may include an offset subfield, a length subfield, and a value subfield. The offset subfield is used to define the starting position of the stream attribute identification field in the tunneling protocol header. The length subfield is used to define the length of the stream attribute identification field. Therefore, the offset subfield in the field can be determined based on the stream attribute. And the length subfield, extracting the stream attribute identification field from the tunnel protocol header. By comparing whether the stream attribute identifier field and the value attribute subfield in the stream attribute judgment field are equal, it is possible to judge whether the internet protocol packet includes the stream attribute field.
在网际协议分组的隧道协议为 GRE协议的场景下, 流属性标识字段为 隧道协议头中的协议类型字段。 当协议类型字段为 0x0800时, 网际协议分 组中的乘客报文包含流属性字段, 即源网际协议地址字段以及目的网际协 议地址字段。 与协议类型字段对应的流属性判断字段中偏移子字段以及长 度子字段分别是 16和 16, 单位为比特。 流属性判断字段中的偏移子字段为 16表示流属性标识字段相对于隧道协议头的第一个比特的偏移量为 16 比 特。 流属性判断字段中值子字段为 0x0800。  In the scenario where the tunnel protocol of the Internet Protocol packet is GRE, the flow attribute identifier field is the protocol type field in the tunnel protocol header. When the protocol type field is 0x0800, the passenger message in the internet protocol packet contains the stream attribute field, that is, the source internet protocol address field and the destination internet protocol address field. The offset subfield and the length subfield in the stream attribute judgment field corresponding to the protocol type field are 16 and 16, respectively, and the unit is a bit. The offset subfield in the stream attribute determination field is 16 indicating that the offset of the stream attribute identification field relative to the first bit of the tunneling protocol header is 16 bits. The value subfield in the stream attribute judgment field is 0x0800.
需要说明的是, 当隧道协议为 L2TP的网际协议分组为数据报文时, 该 网际协议分组必然具有流属性字段,即 Session ID字段以及 Tunnel ID字段。 因此,与隧道协议为 L2TP的网际协议分组对应的哈希控制表的表项中不需 要包含流属性判断字段。  It should be noted that when the Internet Protocol of the L2TP tunneling packet is a data packet, the Internet Protocol packet must have a flow attribute field, that is, a Session ID field and a Tunnel ID field. Therefore, it is not necessary to include a flow attribute judgment field in the entry of the hash control table corresponding to the Internet Protocol packet whose tunnel protocol is L2TP.
本领域普通技术人员可以理解: 实现上述方法实施例的全部或部分步 骤可以通过程序指令相关的硬件来完成, 前述程序可以存储于一计算机可 读取存储介质中, 该程序在执行时, 执行包括上述方法实施例的步骤; 而 前述的存储介质包括: ROM、 RAM, 磁碟或者光盘等各种可以存储程序代 码的介质。  A person skilled in the art can understand that all or part of the steps of implementing the foregoing method embodiments may be implemented by hardware related to program instructions, and the foregoing program may be stored in a computer readable storage medium, and when executed, the program includes The foregoing steps of the method embodiment; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.
最后应说明的是: 以上实施例仅用以说明本发明的技术方案, 而非对 其限制; 尽管参照前述实施例对本发明进行了详细的说明, 本领域的普通 技术人员应当理解: 其依然可以对前述各实施例所记载的技术方案进行修 改, 或者对其中部分技术特征进行等同替换; 而这些修改或者替换, 并不 使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。  It should be noted that the above embodiments are only for explaining the technical solutions of the present invention, and are not intended to be limiting; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that: The technical solutions described in the foregoing embodiments are modified, or some of the technical features are equivalently replaced. The modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

权利要求 Rights request
1.一种转发报文的方法, 其特征在于, 包括:  A method for forwarding a message, comprising:
接收网际协议分组, 所述网际协议分组包含公网网际协议头以及隧道 协议头, 所述网际协议分组包含隧道协议标识字段, 所述隧道协议标识字 段用于标识所述网际协议分组的隧道协议;  Receiving an internet protocol packet, where the internet protocol packet includes a public network internet protocol header and a tunneling protocol header, the internet protocol packet includes a tunneling protocol identifier field, and the tunneling protocol identifier field is used to identify a tunneling protocol of the internet protocol packet;
根据所述隧道协议标识字段, 在哈希控制表中查找隧道协议判断字段 与所述隧道协议标识字段匹配的第一表项, 所述哈希控制表的表项包括隧 道协议判断字段以及哈希因子提取字段;  And searching, in the hash control table, a first entry that matches the tunnel protocol determination field and the tunnel protocol identifier field, where the entry of the hash control table includes a tunnel protocol determination field and a hash. Factor extraction field;
根据所述第一表项的哈希因子提取字段, 从所述网际协议分组中提取 哈希因子;  Extracting a hash factor from the internet protocol packet according to a hash factor extraction field of the first entry;
根据所述哈希因子执行哈希运算;  Performing a hash operation according to the hash factor;
根据所述哈希运算的结果确定用于转发所述网际协议分组的物理出接 口;  Determining, according to a result of the hash operation, a physical outbound interface for forwarding the internet protocol packet;
根据所述物理出接口转发所述网际协议分组。  Forwarding the internet protocol packet according to the physical outbound interface.
2.根据权利要求 1所述方法, 其特征在于:  2. The method of claim 1 wherein:
所述在哈希控制表中查找隧道协议判断字段与所述隧道协议标识字段 匹配的第一表项之后, 并且所述从所述网际协议分组中提取哈希因子之前 包括:  After the first entry in the hash control table is searched for the tunneling protocol determination field that matches the tunneling protocol identification field, and the extracting the hashing factor from the internet protocol packet includes:
根据所述第一表项的信令报文判断字段, 对所述网际协议分组是否是 信令报文进行判断;  Determining, according to the signaling packet judgment field of the first entry, whether the internet protocol packet is a signaling packet;
当判断结果为否时, 执行所述从所述网际协议分组中提取哈希因子。 When the determination result is no, the extracting the hash factor from the internet protocol packet is performed.
3.根据权利要求 2所述方法, 其特征在于: 3. The method of claim 2, wherein:
所述根据所述第一表项的信令报文判断字段, 对所述网际协议分组是 否是信令报文进行判断包括: 述隧道协议头中的信令报文标识字段, 所述信令报文标识字段用于标识所 述网际协议分组是否为信令报文, 所述信令报文判断字段中的偏移子字段 用于定义所述信令报文标识字段在所述隧道协议头中的起始位置, 所述信 通过比较所述信令报文标识字段与所述信令报文判断字段中的值子字 段是否相等, 对所述网际协议分组是否是信令报文进行判断。 Determining, according to the signaling packet judgment field of the first entry, whether the internet protocol packet is a signaling packet, including: a signaling packet identifier field in a tunnel protocol header, the signaling The message identification field is used to identify the location Whether the network protocol packet is a signaling packet, and the offset subfield in the signaling packet determining field is used to define a starting position of the signaling packet identifier field in the tunnel protocol header, The message determines whether the internet protocol packet is a signaling packet by comparing whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal.
4.根据权利要求 1至 3中任一权利要求所述方法, 其特征在于: 所述根据所述第一表项的哈希因子提取字段, 从所述网际协议分组中 提取哈希因子包括: 网际协议分组中提取所述哈希因子, 所述哈希因子提取字段中的偏移子字 段用于定义所述哈希因子在所述网际协议分组中的起始位置, 所述哈希因  The method according to any one of claims 1 to 3, wherein: according to the hash factor extraction field of the first entry, extracting a hash factor from the internet protocol packet comprises: Extracting the hash factor in an internet protocol packet, where an offset subfield in the hash factor extraction field is used to define a starting position of the hash factor in the internet protocol packet, the hash factor
5.根据权利要求 1所述方法, 其特征在于: 5. The method of claim 1 wherein:
所述在哈希控制表中查找隧道协议判断字段与所述隧道协议标识字段 匹配的第一表项之后, 并且从所述网际协议分组中提取哈希因子之前包括: 根据所述第一表项的流属性判断字段, 对所述网际协议分组是否包含 流属性字段进行判断;  After the first entry matching the tunnel protocol determination field and the tunnel protocol identifier field in the hash control table, and extracting the hash factor from the internet protocol packet, the method includes: according to the first entry a stream attribute determination field, determining whether the internet protocol packet includes a stream attribute field;
当判断结果为是时, 执行所述从所述网际协议分组中提取哈希因子, 所述哈希因子为所述流属性字段。  When the determination result is yes, performing the extracting a hash factor from the internet protocol packet, where the hash factor is the stream attribute field.
6.根据权利要求 1至 5中任一权利要求所述方法, 其特征在于: 所述隧道协议标识字段为所述公网网际协议头中的协议字段。  The method according to any one of claims 1 to 5, wherein: the tunneling protocol identification field is a protocol field in the public network internet protocol header.
7.根据权利要求 2所述方法, 其特征在于:  7. The method of claim 2, wherein:
所述网际协议分组包括用户数据报协议头, 所述隧道协议标识字段还 包括所述用户数据报协议头中的源端口字段或目的端口字段。  The internet protocol packet includes a user datagram protocol header, and the tunnel protocol identification field further includes a source port field or a destination port field in the user datagram protocol header.
8.—种转发报文的装置, 其特征在于, 包括:  8. An apparatus for forwarding a message, comprising:
接收器, 用于接收网际协议分组, 所述网际协议分组包含公网网际协 议头以及隧道协议头, 所述网际协议分组包含隧道协议标识字段, 所述隧 道协议标识字段用于标识所述网际协议分组的隧道协议; a receiver, configured to receive an internet protocol packet, where the internet protocol packet includes a public network protocol a header and a tunnel protocol header, where the internet protocol packet includes a tunneling protocol identifier field, and the tunneling protocol identifier field is used to identify a tunneling protocol of the internet protocol packet;
查找单元, 用于根据所述隧道协议标识字段, 在哈希控制表中查找隧 道协议判断字段与所述隧道协议标识字段匹配的第一表项, 所述哈希控制 表的表项包括隧道协议判断字段、 哈希因子提取字段;  a searching unit, configured to search, in the hash control table, a first entry that matches a tunneling protocol determination field and the tunneling protocol identifier field according to the tunneling protocol identifier field, where the entry of the hash control table includes a tunneling protocol Judging field, hash factor extraction field;
提取单元, 用于根据所述第一表项的哈希因子提取字段, 从所述网际 协议分组中提取哈希因子;  An extracting unit, configured to extract a hash factor from the internet protocol packet according to a hash factor extraction field of the first entry;
执行单元, 用于根据所述哈希因子执行哈希运算;  An execution unit, configured to perform a hash operation according to the hash factor;
确定单元, 用于根据所述哈希运算的结果确定用于转发所述网际协议 分组的物理出接口;  a determining unit, configured to determine, according to a result of the hash operation, a physical outbound interface for forwarding the internet protocol packet;
发送器, 用于根据所述物理出接口转发所述网际协议分组。  And a transmitter, configured to forward the internet protocol packet according to the physical outbound interface.
9.根据权利要求 8所述装置, 其特征在于, 包括:  The device according to claim 8, comprising:
第一判断单元, 用于所述在哈希控制表中查找隧道协议判断字段与所 述隧道协议标识字段匹配的第一表项之后, 并且所述从所述网际协议分组 中提取哈希因子之前,  a first determining unit, configured to: after searching, in the hash control table, a first entry that matches a tunneling protocol determination field and the tunneling protocol identifier field, and before extracting a hash factor from the internet protocol packet ,
根据所述第一表项的信令报文判断字段, 对所述网际协议分组是否是 信令报文进行判断;  Determining, according to the signaling packet judgment field of the first entry, whether the internet protocol packet is a signaling packet;
当判断结果为否时, 执行所述从所述网际协议分组中提取哈希因子。 When the determination result is no, the extracting the hash factor from the internet protocol packet is performed.
10.根据权利要求 8所述装置, 其特征在于: 10. Apparatus according to claim 8 wherein:
所述第一判断单元包括:  The first determining unit includes:
提取子单元, 用于根据所述信令报文判断字段中的偏移子字段以及长 度子字段, 提取所述隧道协议头中的信令报文标识字段, 所述信令报文标 识字段用于标识所述网际协议分组是否为信令报文, 所述信令报文判断字 段中的偏移子字段用于定义所述信令报文标识字段在所述隧道协议头中的 标识字段的长度; 比较子单元, 用于通过比较所述信令报文标识字段与所述信令报文判 断字段中的值子字段是否相等, 对所述网际协议分组是否是信令报文进行 判断。 An extraction subunit, configured to extract, according to the offset subfield and the length subfield in the signaling message judgment field, a signaling packet identifier field in the tunnel protocol header, where the signaling packet identifier field is used Determining whether the internet protocol packet is a signaling packet, and the offset subfield in the signaling packet determining field is used to define an identifier field of the signaling packet identifier field in the tunnel protocol header. length; And a comparison subunit, configured to determine whether the internet protocol packet is a signaling packet by comparing whether the signaling packet identifier field and the value subfield in the signaling packet judgment field are equal.
11.根据权利要求 8至 10中任一权利要求所述装置, 其特征在于: 所述提取单元包括: 度子字段, 从所述网际协议分组中提取所述哈希因子, 所述哈希因子提取  The apparatus according to any one of claims 8 to 10, wherein: the extracting unit comprises: a degree subfield, and extracting the hash factor from the internet protocol packet, the hash factor Extraction
度。 degree.
12.根据权利要求 8所述装置, 其特征在于, 包括:  The device according to claim 8, comprising:
第二判断单元, 用于所述在哈希控制表中查找隧道协议判断字段与所 述隧道协议标识字段匹配的第一表项之后, 并且从所述网际协议分组中提 取哈希因子之前,  a second determining unit, configured to: after the first entry matching the tunneling protocol determination field and the tunneling protocol identifier field in the hash control table, and before extracting the hash factor from the internet protocol packet,
根据所述第一表项的流属性判断字段, 对所述网际协议分组是否包含 流属性字段进行判断;  Determining, according to the flow attribute determination field of the first entry, whether the network protocol packet includes a flow attribute field;
当判断结果为是时, 执行所述从所述网际协议分组中提取哈希因子。 When the judgment result is YES, the extracting the hash factor from the internet protocol packet is performed.
13.—种生成表项的方法, 其特征在于, 包括: 13. A method for generating an entry, characterized in that:
生成哈希控制表的表项, 所述表项包括隧道协议判断字段以及哈希因 子提取字段, 所述隧道协议判断字段用于判断网际协议分组的隧道协议标 识字段是否与所述隧道协议判断字段匹配, 所述网际协议分组包含公网网 际协议头以及隧道协议头, 所述隧道协议标识字段用于标识所述网际协议 中提取哈希因子的第一软件代码的变量赋值, 以便于在所述隧道协议标识 字段与所述隧道协议判断字段匹配的情况下, 所述第一软件代码从所述网 际协议分组中提取哈希因子。 Generating an entry of a hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunneling protocol determination field is used to determine whether a tunneling protocol identifier field of the internet protocol packet is associated with the tunneling protocol determination field Matching, the internet protocol packet includes a public network internet protocol header and a tunnel protocol header, where the tunnel protocol identifier field is used to identify a variable assignment of the first software code of the hash factor in the internet protocol, so as to be In a case where the tunneling protocol identification field matches the tunneling protocol determination field, the first software code extracts a hash factor from the internet protocol packet.
14.根据权利要求 13所述方法, 其特征在于: 14. The method of claim 13 wherein:
所述表项包括信令报文判断字段, 所述信令报文判断字段用于为用于 判断所述网际协议分组是否为信令报文的第二软件代码的变量赋值, 以便 于所述第二软件代码对所述网际协议分组是否为信令报文进行判断。  The entry includes a signaling message determination field, where the signaling message determination field is used to assign a value to a variable used to determine whether the Internet Protocol packet is a second software code of a signaling message, so as to facilitate the The second software code determines whether the internet protocol packet is a signaling message.
15.根据权利要求 13所述方法, 其特征在于:  15. The method of claim 13 wherein:
所述表项包括流属性判断字段, 所述流属性判断字段用于为用于判断 所述网际协议分组是否包含流属性字段的第三软件代码的变量赋值, 以便 于所述第三软件代码对所述网际协议分组是否为信令报文进行判断。  The entry includes a flow attribute determination field, and the flow attribute determination field is configured to assign a variable to the third software code for determining whether the internet protocol packet includes a flow attribute field, so as to facilitate the third software code pair. Whether the internet protocol packet is determined for the signaling message.
16.—种生成表项的装置, 其特征在于, 包括:  16. A device for generating an entry, characterized in that it comprises:
表项生成单元, 用于生成哈希控制表的表项, 所述表项包括隧道协议 判断字段以及哈希因子提取字段, 所述隧道协议判断字段用于判断网际协 议分组的隧道协议标识字段是否与所述隧道协议判断字段匹配, 所述网际 协议分组包含公网网际协议头以及隧道协议头, 所述隧道协议标识字段用 于标识所述网际协议分组的隧道协议, 所述哈希因子提取字段用于为用于 从所述网际协议分组中提取哈希因子的第一软件代码的变量赋值;  An entry generating unit, configured to generate an entry of a hash control table, where the entry includes a tunneling protocol determination field and a hash factor extraction field, where the tunnel protocol determination field is used to determine whether a tunnel protocol identifier field of the internet protocol packet is Matching the tunneling protocol determination field, the internet protocol packet includes a public network internet protocol header and a tunneling protocol header, where the tunneling protocol identification field is used to identify a tunneling protocol of the internet protocol packet, and the hash factor extraction field Assigning a value to a variable of a first software code for extracting a hash factor from the internet protocol packet;
第一赋值单元, 用于根据所述哈希因子提取字段为所述第一软件代码 的变量赋值, 以便于在所述隧道协议标识字段与所述隧道协议判断字段匹 配的情况下, 所述第一软件代码从所述网际协议分组中提取哈希因子。  a first assignment unit, configured to assign a value to the variable of the first software code according to the hash factor extraction field, so that, in a case that the tunnel protocol identifier field matches the tunnel protocol determination field, the A software code extracts a hash factor from the internet protocol packet.
PCT/CN2012/080679 2011-10-25 2012-08-29 Method for forwarding message, and method and apparatus for generating table entry WO2013060191A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110327770.3A CN102333039B (en) 2011-10-25 2011-10-25 Method for forwarding message, and method and device for generating table entry
CN201110327770.3 2011-10-25

Publications (1)

Publication Number Publication Date
WO2013060191A1 true WO2013060191A1 (en) 2013-05-02

Family

ID=45484648

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/080679 WO2013060191A1 (en) 2011-10-25 2012-08-29 Method for forwarding message, and method and apparatus for generating table entry

Country Status (2)

Country Link
CN (1) CN102333039B (en)
WO (1) WO2013060191A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110417766A (en) * 2019-07-22 2019-11-05 深圳市酷达通讯有限公司 A kind of method and apparatus of protocol analysis

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102333039B (en) * 2011-10-25 2014-09-17 华为技术有限公司 Method for forwarding message, and method and device for generating table entry
CN103718520B (en) * 2012-08-02 2017-07-21 华为技术有限公司 The method of processing data message, apparatus and system
ES2766861T3 (en) 2013-01-29 2020-06-15 Huawei Tech Co Ltd Packet Processing Method and Forwarding Item
CN104579998B (en) * 2013-10-29 2018-07-24 国家计算机网络与信息安全管理中心 A kind of load balance process device
CN104468391A (en) * 2014-12-16 2015-03-25 盛科网络(苏州)有限公司 Method and system for achieving load balance according to user information of tunnel message
CN106357547A (en) * 2016-09-08 2017-01-25 重庆邮电大学 Software-defined network congestion control algorithm based on stream segmentation
CN106911586B (en) * 2017-03-24 2020-04-14 京信通信系统(中国)有限公司 Quality of service (Qos) optimization method and device
CN108881037A (en) * 2018-09-12 2018-11-23 盛科网络(苏州)有限公司 It is a kind of that Hash operation, the method and device of load balancing are realized based on UDF message

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101610296A (en) * 2009-07-21 2009-12-23 杭州华三通信技术有限公司 A kind of network address translation (NAT) outgoing interface balancing method and device
CN102148768A (en) * 2011-05-26 2011-08-10 杭州华三通信技术有限公司 Message forwarding method and device
US8004990B1 (en) * 2002-07-29 2011-08-23 Juniper Networks, Inc. Network traffic distribution across parallel paths
CN102333039A (en) * 2011-10-25 2012-01-25 华为技术有限公司 Method for forwarding message, and method and device for generating table entry

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070248091A1 (en) * 2006-04-24 2007-10-25 Mohamed Khalid Methods and apparatus for tunnel stitching in a network
CN100562020C (en) * 2007-03-30 2009-11-18 华为技术有限公司 Detection method, statistic analysis server and detection system
CN102136989B (en) * 2010-01-26 2014-03-12 华为技术有限公司 Message transmission method, system and equipment
CN101964749A (en) * 2010-09-21 2011-02-02 北京网康科技有限公司 Message retransmission method and system based on multi-core architecture
CN102201933A (en) * 2011-04-29 2011-09-28 中兴通讯股份有限公司 Message sending method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8004990B1 (en) * 2002-07-29 2011-08-23 Juniper Networks, Inc. Network traffic distribution across parallel paths
CN101610296A (en) * 2009-07-21 2009-12-23 杭州华三通信技术有限公司 A kind of network address translation (NAT) outgoing interface balancing method and device
CN102148768A (en) * 2011-05-26 2011-08-10 杭州华三通信技术有限公司 Message forwarding method and device
CN102333039A (en) * 2011-10-25 2012-01-25 华为技术有限公司 Method for forwarding message, and method and device for generating table entry

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110417766A (en) * 2019-07-22 2019-11-05 深圳市酷达通讯有限公司 A kind of method and apparatus of protocol analysis

Also Published As

Publication number Publication date
CN102333039A (en) 2012-01-25
CN102333039B (en) 2014-09-17

Similar Documents

Publication Publication Date Title
WO2013060191A1 (en) Method for forwarding message, and method and apparatus for generating table entry
US10404605B2 (en) Packet processing method, device and computer storage medium
US7990976B2 (en) Negotiated secure fast table lookups for protocols with bidirectional identifiers
US9882808B2 (en) Packet processing method and apparatus
WO2015149488A1 (en) Method and apparatus for limiting rate by means of token bucket, and computer storage medium
US20200153728A1 (en) Multicast Forwarding Method and Related Device
WO2014177097A1 (en) Flow table entry generation method and corresponding device
US10505759B2 (en) Access layer-2 virtual private network from layer-3 virtual private network
CN109714274B (en) Method for acquiring corresponding relation and routing equipment
WO2013059991A1 (en) Data message processing method and system, message forwarding device
WO2017133647A1 (en) Packet processing method, traffic classifier, and service function instance
WO2017186159A1 (en) Packet transmission
WO2016029345A1 (en) Network flow information statistics method and apparatus
JP2020507289A5 (en)
WO2015172675A1 (en) Packet processing method and device
WO2015010256A1 (en) Packet forwarding method and device
EP2736202B1 (en) Message receiving and sending method, device, and system
WO2015081735A1 (en) Traffic offloading method, apparatus, and system
WO2014190843A1 (en) Input parameter generation method and device
WO2008141591A1 (en) A method and a device for qos guarantee of network datagrams transported in different networks
CN107547390B (en) The method and device of flow table creation and inquiry
WO2022100511A1 (en) Method and device for processing forwarding entry
KR100849494B1 (en) Apparatus and Method for IPv6 Tunneling
WO2014079319A1 (en) Message forwarding method, and routing device and identification device thereof
WO2015010514A1 (en) Signal conversion method, apparatus and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12844300

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12844300

Country of ref document: EP

Kind code of ref document: A1