WO2014142081A1 - Nœud de transfert, dispositif de commande, système de communication, procédé et programme de traitement de paquets - Google Patents

Nœud de transfert, dispositif de commande, système de communication, procédé et programme de traitement de paquets Download PDF

Info

Publication number
WO2014142081A1
WO2014142081A1 PCT/JP2014/056209 JP2014056209W WO2014142081A1 WO 2014142081 A1 WO2014142081 A1 WO 2014142081A1 JP 2014056209 W JP2014056209 W JP 2014056209W WO 2014142081 A1 WO2014142081 A1 WO 2014142081A1
Authority
WO
WIPO (PCT)
Prior art keywords
entry
packet
identifier
match condition
condition
Prior art date
Application number
PCT/JP2014/056209
Other languages
English (en)
Japanese (ja)
Inventor
倫明 宮崎
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Publication of WO2014142081A1 publication Critical patent/WO2014142081A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/64Hybrid switching systems
    • H04L12/6418Hybrid transport

Definitions

  • the present invention is based on the priority claim of Japanese Patent Application No. 2013-049168 (filed on Mar. 12, 2013), the entire contents of which are incorporated herein by reference. Shall.
  • the present invention relates to a forwarding node, a control device, a communication system, a packet processing method, and a program, and in particular, a forwarding node, a control device, a communication system, a packet processing method, and a program that operate according to control information (entries) set from the control device.
  • control information entries
  • Non-Patent Documents 1 and 2 OpenFlow captures communication as an end-to-end flow and performs path control, failure recovery, load balancing, and optimization on a per-flow basis.
  • the OpenFlow switch specified in Non-Patent Document 2 includes a secure channel for communication with the OpenFlow controller, and operates according to a flow table that is appropriately added or rewritten from the OpenFlow controller. For each flow, a set of match conditions (Match Fields), flow statistical information (Counters), and instructions (Instructions) that define processing contents are defined for each flow (non-patented). (Refer to “5.2 Flow Table” in Document 2).
  • the OpenFlow switch searches the flow table for an entry having a matching condition (see “5.3 Matching” in Non-Patent Document 2) that matches the header information of the received packet. If an entry that matches the received packet is found as a result of the search, the OpenFlow switch updates the flow statistical information (counter) and processes the processing (designated) in the instruction field of the entry for the received packet. Perform packet transmission, flooding, discard, etc. from the port. On the other hand, if no entry matching the received packet is found as a result of the search, the OpenFlow switch sends an entry setting request to the OpenFlow controller via the secure channel, that is, a control for processing the received packet. An information transmission request (Packet-In message) is transmitted. The OpenFlow switch receives a flow entry whose processing content is defined and updates the flow table. As described above, the OpenFlow switch performs packet transfer using the entry stored in the flow table as control information.
  • a matching condition see “5.3 Matching” in Non-Patent Document 2
  • the OpenFlow switch updates the flow statistical information (counter
  • Patent Document 1 discloses a configuration in which a communication device (corresponding to the OpenFlow switch) can perform high-speed path switching in a communication system using the OpenFlow when a network failure or congestion occurs.
  • the communication device of the same document is stored in a processing storage unit that stores a processing rule that associates identification information of a received packet with a process for the received packet, and the processing storage unit for the received packet.
  • An alternative processing storage unit that stores a processing rule including processing different from processing, and the received packet according to the processing rule obtained by searching the processing storage unit or the alternative processing storage unit based on identification information of the received packet And a processing unit that performs the above process.
  • Flow Mod a flow entry operation message called Flow Mod is prepared (6.4 Flow Table Modulation Messages).
  • Flow Mod command in addition to rewriting and deleting by strict match specifying the contents of the flow entry, it is possible to collectively correct and delete entries that meet the conditions specified using the wildcard.
  • the switch (forwarding node) side needs to rewrite the entries that match the conditions one by one. There may be a large number of entries to be rewritten. In this case, a change time proportional to the number of entries is required, and the time until communication becomes possible is also increased.
  • a first table that holds an entry in which a match condition is associated with a processing content to be applied to a packet that matches the match condition, an identifier that replaces at least a part of the match condition,
  • a second table holding an entry defining a correspondence relationship with the content before replacement, and an entry in which the identifier is set as a part of the match condition in the first table.
  • a forwarding node is provided that includes a packet processing unit that determines whether or not the matching condition matches the received packet and determines the processing content to be applied to the received packet.
  • a control device that is connected to the forwarding node described above and operates the first and second tables of the forwarding node.
  • a communication system including the transfer node and the control device described above is provided.
  • a first table holding an entry in which a match condition is associated with a processing content applied to a packet that matches the match condition, an identifier that replaces at least a part of the match condition
  • a forwarding node comprising a second table that holds an entry that defines a correspondence relationship with the content before replacement
  • the identifier is set as part of the match condition in the first table
  • the second table For the entry, refer to the second table to determine whether or not the received packet matches the match condition, and if the received packet and the match condition match, the processing set in the entry Applying a content to the received packet.
  • This method is linked to a specific machine called a forwarding node that processes received packets with reference to the first and second tables.
  • a first table that holds entries in which match conditions are associated with processing contents applied to packets that match the match conditions, an identifier that replaces at least a part of the match conditions
  • a second table that holds an entry that defines a correspondence relationship with the content before replacement, and the identifier is added to a part of the match condition in the first table.
  • the entry is set.
  • a process for applying the processing content set to the received packet to the received packet can be recorded on a computer-readable (non-transient) storage medium. That is, the present invention can be embodied as a computer program product.
  • the present invention it is possible to contribute to the reduction of the rewriting cost of the packet processing entry in the forwarding node of the centralized control network.
  • FIG. 6 is a diagram illustrating an example of entries set in a switch A.
  • FIG. 6 is a diagram illustrating an example of entries set in a switch B.
  • FIG. 6 is a diagram illustrating a calculation example of a packet transfer path from terminal A to terminal B. It is a figure which shows the example which changed the packet transfer path
  • FIG. 6 is a diagram illustrating a change location of an entry set in a switch A.
  • FIG. 6 is a diagram illustrating a change location of an entry set in a switch B. It is a figure which shows the structure of the table used in the 2nd Embodiment of this invention. It is a figure which shows the structure of the table used in the 3rd Embodiment of this invention.
  • the first table 201 holding an entry in which a match condition is associated with a processing content applied to a packet that matches the match condition, and the match
  • a second table 202 that holds an entry defining a correspondence relationship between an identifier (virtual match condition) in which at least a part of the condition is replaced, and the content (actual match condition) before the replacement, a packet processing unit 203, Can be realized by the forwarding node 200 including.
  • the packet processing unit 203 refers to the second table 202 for an entry in which the identifier is set as part of the match condition in the first table 201, and receives a received packet And whether or not the match condition is satisfied, and determines the processing contents to be applied to the received packet.
  • the entry modification cost is as follows. For example, when a change occurs in a transmission source terminal of communication to be controlled, it is necessary to change a transmission source IP (Internet Protocol) address used in a match condition of three entries as shown in FIG. May occur. In this case, the forwarding node 200 needs to update these three entries in accordance with an instruction from the control device (for example, in the case of the open flow of Non-Patent Document 2, the Flow mod message is used).
  • IP Internet Protocol
  • the source IP address 192.168.10.1 replaced with the identifier “A” in the second table is changed to 192. What is necessary is just to change to 168.10.2, and it is not necessary to change three entries like FIG. 2 and 3 show an example in which there are three entries with common change contents. However, as the number of entries with common change contents increases, the amount of processing required to change the entries is greatly reduced. It will be possible.
  • FIG. 4 is a diagram illustrating the configuration of the communication system according to the first embodiment of this invention.
  • a plurality of switches 200A and 200B, a control device 100 that is controlled by setting flow entries in these switches 200A and 200B, and terminals A and B that communicate via the switches 200A and 200B are shown. Has been.
  • Each of the switches 200A and 200B includes a plurality of ports 1 to 3, first and second tables 201/202, and a packet processing unit 203.
  • the first table 201 includes a match condition for identifying a packet to be processed by collating with a header of a received packet, and a process applied to a packet that matches the match condition. It is a table which stores the entry which matched the content. As the first table 201, a table similar to the flow table of the OpenFlow switch specified in Non-Patent Document 2 can be used.
  • the second table 202 is a correspondence relationship between an identifier (“X” in FIG. 6) obtained by replacing at least a part of the match condition in the first table 201 and the content before the replacement. It is a table that holds entries that define
  • the packet processing unit 203 When the packet processing unit 203 receives a packet from the ports 1 to 3, the packet processing unit 203 searches the first table 201 for an entry in which a matching condition matching the received packet is set. If a corresponding entry is found as a result of the search, the packet processing unit 203 applies the processing content set in the action field of the entry to the received packet. On the other hand, if the corresponding entry is not found as a result of the search, the packet processing unit 203 requests the control device 100 to transmit the entry set in the first table 201.
  • a specific match condition (actual match condition) is not set in part of the match condition of the entry in the first table 201, and an identifier for specifying communication is not set. May be set.
  • the packet processing unit 203 refers to the second table 202, finds the actual match condition associated with the identifier, and performs matching based on the content.
  • Specific match conditions include, for example, match conditions (also referred to as “Tuple”) that can be set in the flow entry of Non-Patent Document 2.
  • the first and second tables 201/202 are preferably stored in a CAM (Content Addressable Memory) or the like.
  • the packet processing unit 203 can be realized by a program executed by a computer mounted on the switch 200A / 200B. However, the packet processing unit 203 is configured by a dedicated circuit such as ASIC (Application Specific Integrated Circuit). Can be improved.
  • ASIC Application Specific Integrated Circuit
  • port 1 of switch 200A is connected to terminal A
  • port 1 of switch 200B is connected to terminal B
  • the port 2 of the switch 200A is connected to the port 1 of the switch 200B
  • the port 3 of the switch 200A is connected to the port 3 of the switch 200B.
  • the control device 100 matches the switch 200A and the switch 200B with a match condition for identifying a packet to be processed by collating with the header of the received packet, etc., and a process content to be applied to a packet that matches the match condition. Communication between the terminal A and the terminal B is realized by setting the associated entry.
  • the control device 100 replaces the content with a unique identifier, In the second table 202, an entry in which the identifier is replaced with the replaced content is set.
  • Such a control device 100 is based on an open flow controller of Non-Patent Document 2 that sets a flow entry in a switch to be controlled as a request from a switch (Packet-In message of Non-Patent Document 2) or an initial setting operation. Further, it can be realized by adding a function for creating two types of entries using the identifier.
  • the control device 100 receives a packet from the terminal A received by the switch 200A from the terminal A at the port 1 as port 2 of the switch 200A and port 1 of the switch 200B. It is assumed that the route to be output from the port 2 of the switch 200B is determined through the above.
  • FIG. 5 is a diagram showing entries set in the first table 201 and the second table 202 of the switch 200A by the control device 100 in order to realize packet transfer along the route.
  • the first table 201 shows an entry that associates a match condition of receiving from port 1 (others are a wild card “any”) and an action of transferring the packet from port 2. .
  • the packet processing unit 203 of the switch 200A receives a packet from the port 1, the packet processing unit 203 performs an operation of transferring the packet to the port 2.
  • no identifier is used in the match condition of the first table 201 of the switch 200A, so no entry is set in the second table 202.
  • FIG. 6 is a diagram illustrating entries set in the first table 201 and the second table 202 of the switch 200B by the control device 100 in order to realize packet transfer along the route.
  • the first table 201 is transferred from the port 2 with the match condition 1 partially replaced with the identifier “X”, other match conditions (represented by a to e for convenience), and the corresponding packet.
  • An entry that associates an action to be performed is shown.
  • the packet processing unit 203 of the switch 200B also refers to the second table 202 and determines whether the packet is received from the port 1 or not. If the content received from the port 1 and the content defined in the match condition 2 matches any of a to e, the packet processing unit 203 performs an operation of transferring the corresponding packet to the port 2.
  • control device 100 determines that the packet transfer route shown in FIG. 7 is disconnected, and calculates an alternative route.
  • the packet from terminal A received by switch 200A from terminal A at port 1 passes through port 3 of switch 200A and port 3 of switch 200B, and the port of switch 200B. It is assumed that the alternative route output from 2 is determined.
  • FIG. 9 is a diagram showing changes to the entry set in the switch 200A.
  • FIG. 8 it is necessary to change the output port of the switch 200A for the packet received from the terminal A from the port 2 to the port 3. Therefore, in the example of FIG. 9, the action of the corresponding entry in the first table 201 shown in FIG. 5 is changed to “transfer from port 3”. Thereby, the packet received from the terminal A is output from the port 3 of the switch 200A.
  • FIG. 10 is a diagram showing changes to the entry set in the switch 200B.
  • the packet processing unit 203 of the switch 200B refers to the second table 202 after the change and determines whether the packet is received from the port 3 or not. To do.
  • the packet processing unit 203 of the switch 200B performs an operation of forwarding the corresponding packet to the port 2. Become.
  • the time required for changing a plurality of entries having a common match condition in the switch can be reduced. This is because the number of entries required to change a plurality of entries is reduced.
  • the entry change instruction from the control device and the period until the change processing on the switch side is completed are the target. Unable to forward the packet.
  • the communication interruption time can be dramatically shortened.
  • FIG. 11 is a diagram showing a configuration of a table used in the second embodiment of the present invention.
  • a third table 204 is added.
  • the third table 204 includes an identifier (“a” in FIG. 11) obtained by replacing another part of the match condition of the first table 201, and the contents before the replacement (FIG. 11 is a table that holds entries that define a correspondence relationship with 11 transmission source MAC addresses (SMAC).
  • SMAC transmission source MAC addresses
  • the packet processing unit 203 When searching for an entry that matches the received packet, the packet processing unit 203 refers to the third table 204 in addition to the second table 202 to find the actual match condition associated with the identifier, and its contents Perform matching at.
  • FIG. 12 is a diagram showing a configuration of a table used in the third embodiment of the present invention.
  • a fourth table 205 is added.
  • the fourth table 205 includes an identifier (“ACT01” in FIG. 12) obtained by replacing the content of the action field of the first table 201, the content before the replacement (action “transfer from port 2” in FIG. 12), It is a table holding entries that define the correspondence relationship.
  • the packet processing unit 203 When an identifier (“ACT01” in FIG. 12) that replaces the content of the action field is set in the action field of the entry that matches the received packet, the packet processing unit 203 refers to the fourth table 205. Then, the action associated with the identifier is found, and packet processing is performed based on the action.
  • match conditions and actions used in the above-described embodiment are merely examples, and may be contents that can be set as match conditions and actions.
  • a MAC (Media Access Protocol) address (source / destination), an IP (Internet Protocol) address (source / destination), The port number (source / destination) of TCP / UDP (Transmission Control Protocol / User Datagram Protocol), VLAN ID (Virtual Local Network ID), etc. can be replaced with an identifier.
  • TCP / UDP Transmission Control Protocol / User Datagram Protocol
  • VLAN ID Virtual Local Network ID
  • a change instruction of the second table 202, the third table 204, and the fourth table 205 from the control device 100 to the switch 200B is a control protocol between the control device 100 and the switch 200B (for example, Non-Patent Document 2). It is preferable to transmit using an extended control message of the OpenFlow protocol (for example, a control message for an additional function called an Expert message of Non-Patent Document 2 can be used). In this way, an instruction can be sent from the control device 100 using the control channel between the switches 200B, and the mounting on the control device and the 100 and switch 200A / 200B side is facilitated.
  • a control protocol between the control device 100 and the switch 200B for example, Non-Patent Document 2.
  • the packet processing unit refers to the fourth table for an entry in which the identifier is set in the processing content in the first table, and determines a processing content to be applied to a received packet with reference to the fourth table.
  • a forwarding node that can substantially change two or more entries in the first table by changing an entry in the second table.
  • Control apparatus 200 Forwarding node 200A, 200B Switch 201 1st table 202 2nd table 203 Packet processing part 204 3rd table 205 4th table

Abstract

La présente invention contribue à réduire le coût de réécriture d'une entrée de traitement de paquets dans un nœud de transfert d'un réseau de commande intégré. Le nœud de transfert est équipé des éléments suivants : une première table permettant de maintenir des entrées associant des conditions de correspondance, et les détails de traitement à appliquer aux paquets compatibles avec les conditions de correspondance ; une seconde table permettant de maintenir des entrées déterminant les rapports de correspondance d'identifiants où au moins une partie des conditions de correspondance est substituée, et les détails avant la substitution ; et une unité de traitement de paquets permettant d'évaluer, en ce qui concerne les entrées dans la première table pour lesquelles les identifiants sont définis pour une partie des conditions de correspondance, en référence à la seconde table, si le paquet de réception et les conditions de correspondance sont compatibles, et de déterminer les détails de traitement à appliquer au paquet de réception.
PCT/JP2014/056209 2013-03-12 2014-03-10 Nœud de transfert, dispositif de commande, système de communication, procédé et programme de traitement de paquets WO2014142081A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013-049168 2013-03-12
JP2013049168 2013-03-12

Publications (1)

Publication Number Publication Date
WO2014142081A1 true WO2014142081A1 (fr) 2014-09-18

Family

ID=51536737

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/056209 WO2014142081A1 (fr) 2013-03-12 2014-03-10 Nœud de transfert, dispositif de commande, système de communication, procédé et programme de traitement de paquets

Country Status (1)

Country Link
WO (1) WO2014142081A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005333220A (ja) * 2004-05-18 2005-12-02 Hitachi Ltd ネットワークノード装置
JP2006129213A (ja) * 2004-10-29 2006-05-18 Hitachi Ltd パケット通信装置

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005333220A (ja) * 2004-05-18 2005-12-02 Hitachi Ltd ネットワークノード装置
JP2006129213A (ja) * 2004-10-29 2006-05-18 Hitachi Ltd パケット通信装置

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHIGEAKI MAEDA: "OpenFlow ver1.1 Oyobi verl.2 no Tsuika Kino to Katsuyo Rei, Rensai: OpenFlow -Imamade no Gainen o Kutsugaesu Atarashii Network no Jitsugen", THINKIT, IMPRESS BUSINESS MEDIA CORPORATION, 23 February 2012 (2012-02-23) *

Similar Documents

Publication Publication Date Title
JP5994851B2 (ja) 転送装置の制御装置、転送装置の制御方法、通信システムおよびプログラム
JP5850068B2 (ja) 制御装置、通信システム、通信方法およびプログラム
US9590898B2 (en) Method and system to optimize packet exchange between the control and data plane in a software defined network
WO2016071843A1 (fr) Codage de bloc explicite d'informations d'appartenance à un groupe de multidiffusion avec réplication explicite indexée de bits (bier)
WO2011087085A1 (fr) Calculateur, procédé de commutation de connexion réseau, et programme
JP5939353B2 (ja) 制御装置、通信システム、スイッチ制御方法及びプログラム
JP5858141B2 (ja) 制御装置、通信装置、通信システム、通信方法及びプログラム
WO2014112616A1 (fr) Appareil de commande, appareil de communication, système de communication, procédé et logiciel de commande de commutateur
JP5999251B2 (ja) 通信システム、スイッチ、制御装置、パケット処理方法及びプログラム
JP5861772B2 (ja) ネットワークアプライアンス冗長化システム、制御装置、ネットワークアプライアンス冗長化方法及びプログラム
JP5725236B2 (ja) 通信システム、ノード、パケット転送方法およびプログラム
US20150003291A1 (en) Control apparatus, communication system, communication method, and program
WO2014175423A1 (fr) Nœud de communication, système de communication, méthode de traitement de paquet et programme
US20150256455A1 (en) Communication system, path information exchange apparatus, communication node, forwarding method for path information and program
JP5747997B2 (ja) 制御装置、通信システム、仮想ネットワークの管理方法およびプログラム
US20150381775A1 (en) Communication system, communication method, control apparatus, control apparatus control method, and program
JP5991427B2 (ja) 制御装置、通信システム、制御情報の送信方法及びプログラム
US20150312206A1 (en) Control apparatus, communication system, communication method, and program
WO2014142081A1 (fr) Nœud de transfert, dispositif de commande, système de communication, procédé et programme de traitement de paquets
WO2014119602A1 (fr) Appareil de commande, commutateur, système de communication, procédé de commande de commutateur et programme
US20160094357A1 (en) Control apparatus, computer system, communication control method, and program
JP6314970B2 (ja) 通信システム、制御装置、通信方法およびプログラム
JP6175766B2 (ja) 通信ノード、制御装置、通信システム、エントリ集約方法及びプログラム
JP5768600B2 (ja) 通信システム、制御装置、パケット転送方法およびプログラム
WO2015129727A1 (fr) Terminal de communications, procédé de communications et programme

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14765503

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14765503

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP