WO2015087947A1 - Système de communications, nœud de communications, dispositif de commande, procédé de commande de communications et programme - Google Patents

Système de communications, nœud de communications, dispositif de commande, procédé de commande de communications et programme Download PDF

Info

Publication number
WO2015087947A1
WO2015087947A1 PCT/JP2014/082775 JP2014082775W WO2015087947A1 WO 2015087947 A1 WO2015087947 A1 WO 2015087947A1 JP 2014082775 W JP2014082775 W JP 2014082775W WO 2015087947 A1 WO2015087947 A1 WO 2015087947A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
information
packet
communication node
control
Prior art date
Application number
PCT/JP2014/082775
Other languages
English (en)
Japanese (ja)
Inventor
雅也 川本
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Publication of WO2015087947A1 publication Critical patent/WO2015087947A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/645Splitting route computation layer and forwarding layer, e.g. routing according to path computational element [PCE] or based on OpenFlow functionality

Definitions

  • the present invention is based on the priority claim of Japanese patent application: Japanese Patent Application No. 2013-256978 (filed on December 12, 2013), the entire contents of which are incorporated herein by reference. Shall.
  • the present invention relates to a communication system, a communication node, a control device, a communication control method, and a program, and in particular, a communication system, a communication node, a control device, a communication control method, and a program that realize communication by the control device controlling the communication node.
  • a communication system a communication node, a control device, a communication control method, and a program that realize communication by the control device controlling the communication node.
  • OpenFlow switch includes a secure channel for communication with the OpenFlow controller (OFC), and operates according to a flow table instructed to be added or rewritten as appropriate from the OFC.
  • OFC OpenFlow controller
  • a flow table instructed to be added or rewritten as appropriate from the OFC.
  • a control information a set of a matching rule that matches a packet header, flow statistical information, and an action (instruction) that defines processing content is defined (see Non-Patent Documents 1 and 2).
  • the OFS searches the flow table for an entry having a matching rule that matches the header information of the received packet. If an entry that matches the received packet is found as a result of the search, the OFS updates the flow statistical information and processes the received packet for the processing content (packet from the specified port) described in the action field of the entry. (Transmission, flooding, disposal, etc.) On the other hand, if no entry matching the received packet is found as a result of the search, OFS cannot determine the packet transfer destination on its own, and transfers a copy of the packet information to the OFC via the secure channel (OpenFlow protocol Packet-in message).
  • the OFS searches the flow table for an entry having a matching rule that matches the header information of the received packet. If an entry that matches the received packet is found as a result of the search, the OFS updates the flow statistical information and processes the received packet for the processing content (packet from the specified port) described in the action field of the entry. (Transmission, flooding, disposal, etc.)
  • OFS cannot determine the packet transfer destination on
  • the OFC can also control layer 2 (L2) networks.
  • L2 control layer 2
  • the OFC extracts the source MAC address, VLAN (Virtual Local Network) ID and connection port from the packet information, and generates a MAC (Media Access Control) address table.
  • the OFC sets a flow entry for transferring the L2 packet to the OFS according to the generated MAC address table. Further, the OFC searches the MAC address table, and when the destination MAC address exists, instructs the OFS to output a copy of the packet that has been packetized in from the corresponding physical port (packet-out message of OpenFlow protocol). .
  • OFC may not be processed and packet loss may occur for several minutes, or system control packets may be lost and existing communication may become unstable. There is also. Such a large amount of packet-in messages may occur when a large number of terminals are activated all at once and broadcast packets such as GARP (Gratuous Address Resolution Protocol) and DHCP (Dynamic Host Configuration Protocol) discovery are transmitted all at once.
  • GARP Gramuous Address Resolution Protocol
  • DHCP Dynamic Host Configuration Protocol
  • Patent Document 1 discloses a technique that can reduce the flow entry inquiries to the OFC. Specifically, the OFS described in the same document stacks received packets after execution of a flow entry inquiry to the OFC until the flow entry is set from the OFC, and uses the same stacking packet. Control (for example, broadcast) the transfer of packets of the flow.
  • Patent Document 2 also discloses a technique that can reduce inquiries about flow entry to the OFC. Specifically, the OFC of the same document sets a flow entry by obtaining terminal information from a virtual machine management system outside the OpenFlow network.
  • Patent Document 1 The method of Patent Document 1 is effective when packets belonging to the same flow arrive at the OFS continuously, but has a problem that it cannot cope with the packet-in messages that occur simultaneously and frequently.
  • Patent Document 2 is effective only for terminals managed by the virtual machine management system, and cannot be used by other servers and network devices.
  • An object of the present invention is to provide a communication system, a communication node, a control device, a communication control method, and a program that can reduce the load on the control device that controls the communication node in the centralized control network represented by the OFC. .
  • the packet processing unit that processes the received packet based on the control information set by the control device, the position of the terminal extracted from the packet received from the terminal connected to the own device, and A terminal information storage unit that stores terminal information including address information, a terminal information management unit that receives and manages the terminal information from a control target communication node, and the control target communication node Control information that realizes communication of a terminal connected to the control target communication node based on the network configuration configured by the terminal information managed by the terminal information management unit, and corresponding
  • a communication system including a control device including a control unit configured to be a communication node.
  • the packet processing unit that processes the received packet based on the control information set by the control device, the position of the terminal extracted from the packet received from the terminal connected to the own device, and And a terminal information storage unit that stores terminal information including address information, and a communication node that transmits the terminal information to the control device at a predetermined opportunity is provided.
  • the packet processing unit that processes the received packet based on the control information set by the control device, the position of the terminal extracted from the packet received from the terminal connected to the own device, and
  • a communication node comprising: a terminal information storage unit that stores terminal information including address information; a terminal information management unit that is connected and receives and manages the terminal information from a communication node to be controlled; and the control target Control information for realizing communication of a terminal connected to the communication node to be controlled is generated based on the configuration of the network constituted by the communication nodes and the terminal information managed by the terminal information management unit. And a control unit configured to set the corresponding communication node.
  • a communication node including a packet processing unit that processes a received packet based on control information set by a control device, uses a packet received from a terminal connected to the own device, A step of extracting and storing terminal information including location and address information; and a control device comprising a terminal information management unit that receives and manages the terminal information from a communication node to be controlled.
  • Control information that realizes communication of a terminal connected to the control target communication node based on the network configuration configured by the terminal information managed by the terminal information management unit, and corresponding
  • a communication control method including a step of setting the communication node. This method is associated with a specific machine called a control device that controls a communication node.
  • a program for realizing the function of the communication node described above and a program for realizing the function of the control device described above are provided.
  • This program can be recorded on a computer-readable (non-transient) storage medium. That is, the present invention can be embodied as a computer program product.
  • the present invention generates a communication node 20 including a packet processing unit 21 that processes a received packet based on control information set from the control device 10, and generates control information. And the control device 10 including the control unit 12A that is set in the corresponding communication node.
  • the communication node 20 further includes a terminal information storage unit 22 for storing terminal information including the location and address information of the terminal extracted from the packet received from the terminal connected to the own device. Prepare. Further, the communication node 20 is set not to immediately make an inquiry about control information to the control device 10 even when a packet that cannot be processed by the packet processing unit 21 is received.
  • control device 10 includes a terminal information management unit 11 that receives (acquires) and manages the terminal information from the communication node 20. Then, the control device 10 communicates a terminal connected to the control-target communication node based on a network configuration constituted by the communication node 20 and terminal information managed by the terminal information management unit. Is generated and set in the corresponding communication node (see FIGS. 3 and 4).
  • control device 10 is configured to collect information on terminals connected to the communication node 20 and to set necessary control information based on the information.
  • FIG. 2 is a diagram illustrating the configuration of the communication system according to the first embodiment of this invention.
  • a configuration in which a control device 10A and a communication node 20 are connected via a control channel is shown.
  • one communication node 20 is shown, but a plurality of communication nodes 20 may be provided.
  • a plurality of control devices 10 may be arranged as necessary.
  • the control device 10A includes a terminal information management unit 11, a physical network control unit 12, a virtual network control unit 13, and a broadcast packet distribution control unit 14. Note that such a control device 10A is based on the OpenFlow controller of Non-Patent Documents 1 and 2 including the physical network control unit 12, and the terminal information management unit 11, the virtual network control unit 13, and the broadcast packet distribution control unit. 14 and can be realized.
  • the terminal information management unit 11 manages terminal information collected from a plurality of communication nodes.
  • FIG. 3 is a diagram illustrating an example of terminal information collected from each of the communication nodes 20A to 20C in the control device 10A.
  • the communication node 20A extracts terminal information including the position and address information of the terminal 30A from the packet received from the terminal 30A connected to the own device, and further associates the information with the learning time. And remember.
  • the control device 10A collects information indicating that the terminal 30A is connected to the communication node 20A and its MAC address from the communication node 20A, and manages them by the terminal information management unit 11.
  • the location of the terminal (connected communication node and its port) and the MAC address are managed.
  • other VLAN IDs may be extracted and managed.
  • the physical network control unit 12 refers to the topology information indicating the connection relationship of the communication nodes 20A to 20C and the terminal information managed by the terminal information management unit 11, and sets control information (set in the communication nodes 20A to 20C). Flow entry) is created and set in the corresponding communication nodes 20A to 20C.
  • Control information is set as follows. First, the physical network control unit 12 calculates communication node 20A-communication node 20B as a packet transfer path between the terminal 30A and the terminal 30B. Next, the physical network control unit 12 creates and sets control information (flow entry) to be set in the communication nodes 20A and 20B on the route. Specifically, control information (flow entry) for outputting a packet addressed to the terminal 30B from the terminal 30A from the port P2 and transferring it to the communication node 20B is set in the communication node 20A.
  • control information (flow entry) for outputting a packet addressed to the terminal 30B from the terminal 30A from the port P3 and transferring it to the terminal 30B is set in the communication node 20B.
  • control information (flow entry) for transferring a backward packet addressed to the terminal 30A from the terminal 30B is also set.
  • the virtual network control unit 13 has a function of virtually realizing a router or a bridge on the control device 10A, and performs layer 3 flow control that cannot be handled by the physical network control unit 12 (referred to as “second control unit”). Equivalent).
  • the virtual network control unit 13 sets control information (flow entry) for L3 control triggered by an explicit request (reception of a packet-in message) from a communication node. Note that, in the control information for L3 control set here (flow entry; second control information), a higher priority than the control information set by the physical network control unit 12 is set. By doing so, it is possible to avoid contention between the control information set by the physical network control unit 12 and the control information for L3 control (second control information).
  • the broadcast packet distribution control unit 14 has a function of setting control information (flow entry) for broadcast distribution in the communication nodes 20A to 20C.
  • the communication nodes 20A to 20C include a packet processing unit 21, a terminal information storage unit 22, and a control information storage unit 23.
  • the packet processing unit 21 refers to the control information storage unit 23, and if there is control information (flow entry) that matches the received packet, the processing (instruction field) defined in the control information (flow entry) ( Packet transfer etc.). In addition, the packet processing unit 21 extracts the terminal information of the unlearned terminal from the received packet and stores it in the terminal information storage unit 22 at the same time as performing the above processing. Note that such communication nodes 20A to 20C are based on the OpenFlow switch of Non-Patent Documents 1 and 2 including a packet processing unit 21 and a control information storage unit (corresponding to a flow table) 23. This can be realized by adding a terminal information learning function for an unlearned terminal and a function for suppressing a request for setting control information (flow entry).
  • each unit (processing means) of the control device 10A and the communication nodes 20A to 20C shown in FIG. 2 is executed by a computer program that causes a computer mounted on these devices to execute the above-described processes using the hardware. It can also be realized.
  • FIG. 5 is a flowchart showing the operation of the communication node of the communication system according to the first exemplary embodiment of the present invention.
  • the packet processing unit 21 of the communication node 20 refers to the control information storage unit 23 and matches the corresponding packet.
  • the entry to be searched is searched (step S001).
  • the packet processing unit 21 applies the processing (packet rewriting, forwarding, discarding, etc.) defined in the action field of the corresponding entry to the received packet ( Step S002).
  • the packet processing unit 21 extracts terminal information (for example, MAC address, VLAN ID and connection port) from the received packet (step S004).
  • terminal information for example, MAC address, VLAN ID and connection port
  • the communication node of this embodiment immediately sends control information to the control device 10A even if there is no entry having a matching condition that matches the received packet in the control information storage unit 23. (Flow entry) setting request (packet in) is not performed.
  • the packet processing unit 21 receives the packet if the packet is a broadcast packet (BC packet) (Yes in step S003).
  • Terminal information is extracted from the packet (step S004).
  • the broadcast packet is a learning target of terminal information even when matching control information (flow entry) exists. The reason is that it only matches the broadcast control information (flow entry) in the control information storage unit 23 and cannot be said to have learned the terminal information of the transmission source.
  • the packet processing unit 21 checks whether or not an entry corresponding to the extracted terminal information already exists in the terminal information storage unit 22 (step S005).
  • the packet processing unit 21 adds the corresponding terminal information to the terminal information storage unit 22 (step S006).
  • the packet processing unit 21 confirms the last update time (most recent learning time) of the corresponding terminal information and calculates the difference from the current time (Ste S007).
  • the packet processing unit 21 sends information on the packet to the control device 10A.
  • Request (packet in) setting of control information (flow entry) for L3 (virtual network) (step S009).
  • the predetermined threshold value is set to determine whether or not the communication is L3 communication that cannot be controlled by the L2 control information (flow entry) set when the terminal information is learned. Thereby, not only L2 communication but virtual network control by the virtual network control unit 13 is executed. For example, when the terminal information collection interval is 1 second, the same value (1 second) can be set as the predetermined threshold. This makes it possible to determine that a packet that does not conform to the existing control information (flow entry) has been received from a learned terminal.
  • FIG. 6 is a flowchart showing the operation of the control device 10A of the communication system according to the first embodiment of this invention.
  • the control device 10A periodically collects terminal information in the terminal information storage unit 22 of each communication node and stores it in the terminal information management unit 11 (step S101; control device of FIG. 3). (Refer to the balloon inside 10A).
  • control device 10A uses the physical network control unit 12 to implement control information for realizing communication of the terminal corresponding to the updated terminal information. (Flow entry) is created (step S103).
  • control device 10A sets the created control information (flow entry) in each communication node (step S104).
  • the communication nodes (for example, the communication nodes 20A and 20B in FIG. 4) store the control information (flow entry) in the control information storage unit 23.
  • control device 10A sets control information (flow entry) necessary for communication of a terminal connected to the communication node 20 without being triggered by a control information setting request (packet-in) from the communication node. . For this reason, even if traffic from a newly connected terminal is concentrated in a short time, the frequency of occurrence of packet-in messages or the like can be reduced. As a result, it is possible to reduce the load on the control device 10A and prevent the system from becoming unstable.
  • the communication node 20 transmits the packet to the control device 10A and requests the setting of the control information for the virtual network, as before, for the packet that requires L3 control. (See step S009 in FIG. 5). For this reason, it is possible to coexist with a method of emulating a virtual network device by the control device 10A.
  • the terminal information collection interval is a value that is tuned according to the hardware performance of the control device 10A and the communication node 20, the number of terminal information, the update frequency, and the like. Therefore, it is considered that a collection interval of about 1 second is appropriate.
  • control information (flow entry) necessary for L2 packet transfer is set for all the updated terminals at the same time, the secure connection between the control device 10A and the communication node 20 is secured.
  • Channel processing capability may be exceeded.
  • the number of control information (flow entries) set per unit time according to the performance of the control device 10A and the communication node 20 such that one control device 10A has an upper limit of 1000 entries per second. It is also desirable to tune.
  • the control device 10A has been described as collecting terminal information periodically, but the communication node 20 performs control at a predetermined trigger (a predetermined time interval, each time a new entry is detected). It is good also as a method of notifying terminal information to apparatus 10A. In particular, if the communication node 20 notifies the control device 10A of terminal information each time a new entry is detected, the control information (flow entry) can be set more quickly.
  • the terminal position (port), the MAC address, and the VLAN ID are learned as the terminal information.
  • the IP address may be learned as the terminal information.
  • an ARP table can be generated from the terminal information.
  • the communication node is Record the learning time of each terminal information, When the time when a packet is newly received from a terminal registered in the terminal information storage unit has passed a predetermined time from the learning time of the terminal information of the corresponding terminal, the packet is processed with respect to the control device.
  • the communication system which requests the setting of the control information for.
  • the control device In the communication system of the second form, The control device that has received the request for setting the control information for processing the packet has the second control applied with higher priority than the control information generated based on the network configuration and the terminal information terminal information.
  • the communication node is The communication system which omits the process which extracts and memorize
  • the communication system of the fourth form Even when the packet processing based on the control information set by the control device can be executed, if the received packet is a broadcast packet, terminal information including the location and address information of the terminal is extracted from the broadcast packet. Communication system.
  • a terminal comprising a terminal information storage unit, and a computer comprising a connected control device, Processing to receive and manage the terminal information from the communication node to be controlled; Control information for realizing communication of a terminal connected to the communication node to be controlled based on the configuration of the network configured by the communication node to be controlled and the terminal information managed by the terminal information management unit Generating and setting the corresponding communication node;
  • a program that executes It should be noted that the twelfth to fourteenth forms can be developed into the second to fifth forms as in the first form.
  • control device 10A control device 20, 20A to 20C communication node 11 terminal information management unit 12 physical network control unit 12A control unit 13 virtual network control unit (second control unit) 14 broadcast packet distribution control unit 21 packet processing unit 22 terminal information storage unit 23 control information storage unit 30A to 30C terminal

Abstract

La présente invention réduit la charge sur un dispositif de commande pour un réseau à commande centrale. Chaque nœud de communications comporte: une unité de traitement de paquets qui traite des paquets reçus d'après des informations de commande spécifiées par ledit dispositif de commande; et une unité de stockage d'informations de terminaux qui extrait des informations de terminaux de paquets reçus en provenance de terminaux connectés au nœud de communications en question, lesdites informations de terminaux comprenant les positions et les informations d'adresse desdits terminaux, et stocke lesdites informations de terminaux. Le dispositif de commande comporte: une unité de gestion d'informations de terminaux qui reçoit lesdites informations de terminaux en provenance de nœuds de communications sous le contrôle dudit dispositif de commande et gère lesdites informations de terminaux; et une unité de commande qui, d'après la configuration d'un réseau comportant lesdits nœuds de communications et les informations de terminaux gérées par ladite unité de gestion d'informations de terminaux, génère des informations de commande qui mettent en œuvre une communication avec les terminaux connectés auxdits nœuds de communications et applique lesdites informations de commande aux nœuds de communications correspondants.
PCT/JP2014/082775 2013-12-12 2014-12-11 Système de communications, nœud de communications, dispositif de commande, procédé de commande de communications et programme WO2015087947A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013-256978 2013-12-12
JP2013256978 2013-12-12

Publications (1)

Publication Number Publication Date
WO2015087947A1 true WO2015087947A1 (fr) 2015-06-18

Family

ID=53371246

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/082775 WO2015087947A1 (fr) 2013-12-12 2014-12-11 Système de communications, nœud de communications, dispositif de commande, procédé de commande de communications et programme

Country Status (1)

Country Link
WO (1) WO2015087947A1 (fr)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013175996A (ja) * 2012-02-27 2013-09-05 Hitachi Ltd 管理計算機、転送経路管理方法及び計算機システム

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013175996A (ja) * 2012-02-27 2013-09-05 Hitachi Ltd 管理計算機、転送経路管理方法及び計算機システム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
DAISUKE KOTANI ET AL.: "A Method of Controlling Packet-In Messages in OpenFlow Switches for Reducing Loads of Switches and Control Networks", IEICE TECHNICAL REPORT, vol. 112, no. 212, 14 September 2012 (2012-09-14), pages 31 - 36 *

Similar Documents

Publication Publication Date Title
JP6418261B2 (ja) 通信システム、ノード、制御装置、通信方法及びプログラム
EP2643952B1 (fr) Système de communication, dispositif de communication, dispositif de commande et procédé et programme de commande de trajet de transmission de flux de paquets
JP5994851B2 (ja) 転送装置の制御装置、転送装置の制御方法、通信システムおよびプログラム
JP5880560B2 (ja) 通信システム、転送ノード、受信パケット処理方法およびプログラム
WO2012133290A1 (fr) Système informatique et procédé de communication
WO2011162215A1 (fr) Système de communication, appareil de contrôle, procédé de contrôle de nœud et programme
KR20130032314A (ko) 통신 시스템, 노드, 제어 장치, 통신 방법 및 프로그램
JP5858141B2 (ja) 制御装置、通信装置、通信システム、通信方法及びプログラム
WO2014017631A1 (fr) Dispositif de contrôle, système de communication, procédé de communication, et programme
WO2014084250A1 (fr) Dispositif de commutateur, procédé et programme de gestion de configuration d'un vlan
WO2014129624A1 (fr) Dispositif de commande, système de communication, procédé de commutation de chemin et programme
US20190007279A1 (en) Control apparatus, communication system, virtual network management method, and program
JP5991427B2 (ja) 制御装置、通信システム、制御情報の送信方法及びプログラム
WO2015087947A1 (fr) Système de communications, nœud de communications, dispositif de commande, procédé de commande de communications et programme
JP6187466B2 (ja) 制御装置、通信システム、通信方法及びプログラム
WO2014175335A1 (fr) Contrôleur, système informatique, procédé permettant de commander une communication, et programme
WO2014010724A1 (fr) Dispositif de contrôle, système de communication, procédé de communication, et programme
JP2016139908A (ja) 通信システム、通信ノード、制御装置、通信制御方法、及び、プログラム
JP6314970B2 (ja) 通信システム、制御装置、通信方法およびプログラム
JP6365663B2 (ja) 通信装置、制御装置、通信システム、受信パケットの処理方法、通信装置の制御方法及びプログラム
JP5768600B2 (ja) 通信システム、制御装置、パケット転送方法およびプログラム
JP5861424B2 (ja) 通信システム、制御装置、通信方法およびプログラム
WO2014142081A1 (fr) Nœud de transfert, dispositif de commande, système de communication, procédé et programme de traitement de paquets

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14870210

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14870210

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP