WO2015118811A1 - Système de communication, dispositif d'acheminement de paquet, procédé d'acheminement de paquet et programme d'acheminement de paquet - Google Patents

Système de communication, dispositif d'acheminement de paquet, procédé d'acheminement de paquet et programme d'acheminement de paquet Download PDF

Info

Publication number
WO2015118811A1
WO2015118811A1 PCT/JP2015/000227 JP2015000227W WO2015118811A1 WO 2015118811 A1 WO2015118811 A1 WO 2015118811A1 JP 2015000227 W JP2015000227 W JP 2015000227W WO 2015118811 A1 WO2015118811 A1 WO 2015118811A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
attribute
internal
packet transfer
ofs
Prior art date
Application number
PCT/JP2015/000227
Other languages
English (en)
Japanese (ja)
Inventor
亮佑 河合
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Publication of WO2015118811A1 publication Critical patent/WO2015118811A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/64Routing or path finding of packets in data switching networks using an overlay routing layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/54Organization of routing tables

Definitions

  • the present invention relates to a communication system, a packet transfer device, a packet transfer method, and a packet transfer program, and in particular, a packet transfer device that transfers a packet, and a control device that controls a communication path by controlling packet transfer of the packet transfer device.
  • a route determination process from a packet source to a destination (destination) and a packet transfer process are individually performed by a plurality of switches on the path.
  • each switch on the route is required to have flexibility to determine an appropriate route for the received packet in response to a change in the network configuration.
  • the route determination processing program for each switch cannot be changed from the outside.
  • Non-Patent Document 1 An example of the CU separation type network is an open flow network using an open flow technology. The details of the open flow technique are described in Non-Patent Document 1.
  • OFC OpenFlow Controller
  • OFS OpenFlow Switch
  • FIG. 12 shows a general configuration of a communication system that constructs an OpenFlow network.
  • the communication system illustrated in FIG. 12 includes an OFC 910 that is a control device and OFS 921 to 924 that are packet transfer devices belonging to the OpenFlow network 900.
  • the OFC 910 and OFS 921 to 924 operate according to the OpenFlow protocol. At this time, OFS 921 to 924 constitute an arbitrary network topology. Further, the OFC 910 and each of the OFS 921 to 924 are connected by a secure channel (Secure Channel) connection.
  • a secure channel Secure Channel
  • the OFC 910 sets a flow entry in each flow table of the OFS 921 to 924.
  • the flow entry is information that defines the operation of the OFS according to the packet that is sent.
  • the flow entry may be referred to as a packet transfer rule.
  • a packet group (packet series) that conforms to each packet transfer rule is called a flow or a packet flow.
  • the flow or packet flow may be said to be a packet group (packet series) as a unit for controlling a route.
  • the packet may be read as a frame.
  • the OFC 910 performs communication between communication terminals (communication terminals 931, 932, and 932 in this example) connected to the OpenFlow network 900 by setting flow entries in the flow tables of the OFS 921 to 924. Route determination processing is performed.
  • the OFC 910 includes a network topology management function, a communication terminal location management function, a flow entry generation function, a route calculation function, and an OFS management function.
  • the network topology management function is a function for storing information representing the network topology formed by the OFS group based on information collected from the OFS.
  • the communication terminal location confirmation function is a function for managing which port of which OFS the communication terminal connected to the OpenFlow network constructed by OFS is connected.
  • the flow entry generation function is a function that creates a flow entry.
  • the OFC 910 determines the classification information, action information, and timer value by the flow entry generation function, and creates a flow entry including these pieces of information.
  • the classification information is information for identifying a flow, and is represented as, for example, a requirement for a packet belonging to the flow.
  • the flow to which the packet received by the OFS belongs is determined based on the classification information.
  • the action information is information indicating an OFS operation (for example, forwarding to a specific port, flooding, discarding, etc.) performed on the flow.
  • the timer value is a value for determining the valid period of the flow entry. The timer value may be included in the action information. In that case, the OFC 910 generates a flow entry including classification information and action information for each flow.
  • the route calculation function is a function that calculates the communication route of the flow.
  • the OFS management function is a function for controlling the OFS, specifically, a function for managing a channel for controlling the OFS, setting a flow entry in the OFS, and the like.
  • the OFS 921 to 924 process the received packet based on the flow entry set by the OFC 910.
  • the OFS 921 to 924 determine to which flow the packet belongs according to the set flow entry classification information, and receive the operation indicated by the action information of the flow entry defined for the flow. To the received packet. As a result, the OFS 921 to 924 forwards, floods, or discards the packet to a specific port based on the flow entry action information defined for the flow to which the received packet belongs.
  • Each OFS may have a function of creating statistical information regarding received packets and the like. Statistical information creation granularity includes flow entry units, port units, and the like.
  • the classification information is generally defined by various combinations using any or all of the destination address, source address, destination port, and source port included in the header area of each protocol layer of the packet.
  • the above address includes a MAC address (Media Access Control Address) and an IP address (Internet Protocol Address).
  • IP address Internet Protocol Address
  • Information of an input port is also used.
  • the OFS 921 to 924 if the OFS 921 to 924 does not hold a flow entry that matches the received packet, the OFS 910 notifies the OFC 910 that the first packet is received as the first packet that is the first packet of the new flow. . Specifically, the OFS 921 to 924 sends an inquiry about the received packet, also called an entry request, to the OFC 910. The OFS 921 to 924 may transfer the 1st packet to the OFC 910 as an entry request. Note that the message for transferring the first packet to the OFC is also called Packet_IN.
  • the OFC 910 When receiving an entry request from the OFS 921 to 924 under management, the OFC 910 determines the flow path to which the packet belongs and determines the operation that the OFS on the path performs on the packet to realize the path. To do. Then, the OFC 910 transmits a control message for setting a flow entry including classification information for identifying the flow and action information indicating the determined operation to each OFS on the route.
  • the OFC determines a route of a predetermined flow, and sets a flow entry that realizes the route in a related OFS. This method is referred to as “proactive type”, referring to “advance entry registration” voluntarily performed by the OFC.
  • the reactive type determines a flow path to which the requested packet belongs, and sets a flow entry for realizing the path in the related OFS.
  • This method refers to “real-time entry registration” performed by the OFC in response to a request from the OFS during actual data communication, and is called a reactive type.
  • the flow can be defined before the start of communication, so it is considered possible to avoid problems such as a large flow caused by viruses and unauthorized access due to unknown packets.
  • OFS 921, 923, 924 may be referred to as an “edge switch”.
  • the OFS 922 is sometimes called a “core switch”.
  • the edge switch is a packet transfer device that becomes a start point or an end point in the determined flow path.
  • a packet transfer apparatus serving as a start point of edge switches is referred to as an “Ingress switch”, and a packet transfer apparatus serving as an end point is referred to as an “Egress switch”.
  • the core switch is a packet transfer device that serves as a relay point in the determined flow path. Actually, an edge switch or a core switch is determined for each port.
  • the edge switch and the core switch exist exclusively, but in terms of the unit of the packet transfer device, it becomes an edge switch in one route and a core switch in another route.
  • a packet transfer device that serves as both an edge switch and a core switch. Therefore, it should be said that whether an OFS is an edge switch or a core switch is determined for each port and each flow.
  • a flow in which the OFS serves as an edge switch may be referred to as an edge flow.
  • a flow in which the OFS serves as an Ingress switch may be referred to as an Ingress flow
  • a flow in which the OFS serves as an Egress switch may be referred to as an Egress flow
  • a flow in which the OFS serves as a core switch may be referred to as a Core flow.
  • an entry for an Ingress switch is called an Ingress entry
  • an entry for an Egress switch is called an Egress entry
  • an entry for a core switch is called a Core entry.
  • Patent Document 1 describes an example of a communication system that realizes a proactive open flow network.
  • Patent Document 2 describes a packet transfer method in which a route of each flow can be set in advance in the core switch and the preset route can be easily changed.
  • the edge switch embeds a path identifier for identifying a path (a route not conscious of going and returning) in a field that can be restored by the Egress switch such as a destination MAC address of the packet.
  • Each core switch determines the operation according to the set path identifier using the destination MAC address in which the path identifier is embedded as a matching rule (matching rule) according to the classification information of the entry.
  • Patent Document 3 shows an example of a switching device that functions by mixing different switching methods.
  • the method described in Patent Document 3 uses the beginning of a packet label field (usually a field in which a destination MAC address and a source MAC address are registered) as identification information for identifying a switching method.
  • the switch device recognizes the leading value of the label field of the packet as identification information, and performs switching according to the identification information.
  • SDN Software Defined Networking
  • the first step in realizing this is to make the virtual switch compatible with the OpenFlow protocol, and network traffic for each virtual machine. Can be controlled from the OFC.
  • FIG. 13 is an explanatory diagram showing an example of a server virtualized physical server.
  • FIG. 13 shows an example in which a virtual switch 843 and a virtual machine 842 are built in the physical server 840 using the virtualization technology by the hypervisor 841.
  • the physical server 840 illustrated in FIG. 13 includes an application 844 and a physical NIC (Network Interface Controller) 845.
  • application is used to include an application program and physical means (such as a CPU) that realizes the operating environment.
  • the virtual switch 843 is associated with the physical NIC 845 of the physical server 840. If the packet received from the subordinate virtual machine 842 goes out of the physical server 840, the virtual switch 843 transmits the packet received via the physical NIC 845 to the switch 850. Specifically, the virtual switch 843 performs the above operation by outputting the received packet to the designated port according to the flow entry registered in the flow table.
  • the application 844 of this example is an application that can directly send a packet to the outside via the physical NIC 845 without going through the virtual switch 843.
  • a plurality of processing units such as the application 844 and the virtual switch 843 share one physical NIC 845 to reduce the number of consumed physical NICs and effectively use the performance.
  • FIG. 14 shows a configuration example when such a virtual switch sharing an application and one physical NIC is made compatible with the OpenFlow protocol.
  • FIG. 14 is an explanatory diagram showing a configuration example of a communication system compatible with the OpenFlow protocol, including the server virtualized physical server 840 illustrated in FIG.
  • the communication system shown in FIG. 14 includes an OFC 710 and OFS 721 to 724 as packet transfer apparatuses belonging to the OpenFlow network 700.
  • the OFS 721 is a virtual switch operating on the server virtualized physical server 840 that supports OpenFlow.
  • this OFS 721 may be referred to as a virtual OFS 721.
  • a virtual OFS may be provided.
  • the virtual machine 842 and the application 844 are treated as communication terminals that perform communication via the OpenFlow network 700.
  • the virtual machine 842 is handled as a communication terminal under the virtual OFS 721
  • the application 844 is handled as a communication terminal under the OFS 722.
  • the functions of the OFC 710 and OFS 721 to 724 are the same as those of the OFC 910 and OFS 921 to 924 of the communication system illustrated in FIG.
  • the port of the OFS 722 should be treated as an internal attribute (Internal attribute) when considering a packet received from the virtual OFS 721.
  • an internal attribute Internal attribute
  • the application 844 when considering a packet received from the application 844, it is received directly without passing through another OFS, and therefore should be treated as an external attribute (External attribute).
  • Such port attribute determination is required when the edge switch performs address conversion processing or the core switch performs transfer processing according to the address for the internal network.
  • the OFC is in each OFS. By assigning an internal or external attribute to a port, it was determined what type of flow entry was set.
  • OFC acquires information obtained by exchanging signals between OFS. For example, an arbitrary OFS transmits a special signal to an adjacent OFS. Then, the OFS that has received the notification notifies the OFC of the port that has received the signal. Thereby, OFC can know the port of OFS connected with other OFS. In that way, the network topology is recognized.
  • the OFC port attribute that has not received a signal for a predetermined time or longer is set as an external attribute.
  • Another method is a method in which information indicating whether an arbitrary port of an arbitrary OFS is an internal attribute or an external attribute is set in advance in the OFC itself.
  • the port attribute always has either an internal attribute or an external attribute. Therefore, in the method of setting the port attribute by such a method, it is not possible to correctly determine whether the port connected to the physical NIC 845 of the OFS 722 in the communication system illustrated in FIG. 14 is an internal attribute or an external attribute.
  • a Core entry that is an entry for relay to be applied to a packet from the virtual OFS 721 is set in the OFS 722 in advance.
  • conventional OpenFlow protocols cannot correctly determine whether a received packet is an internal packet or an external packet. In such a situation, the Core entry cannot be set for the corresponding port of the OFS 722 that may receive an external packet.
  • an Ingress entry that is an entry for a start point to be applied to an external packet is set for a corresponding port of the OFS 722 that may receive an internal packet. I can't.
  • VLAN Virtual LAN
  • Patent Documents 1 to 3 considers the problem caused by one port having both internal and external attributes as described above.
  • Patent Document 3 uses a communication terminal (virtual machine 842, application 844, communication in the example of FIG. 14) because the communication terminal gives identification information for identifying a switching method to a packet.
  • the terminal 731 and the communication terminal 732) need to be changed for this purpose, which is not realistic.
  • an object of the present invention is to enable both an entry applied to an internal packet and an entry applied to an external packet to operate correctly on one port without changing an external node.
  • the communication system includes a plurality of packet transfer apparatuses that transfer received packets, and each packet transfer apparatus is a predetermined area included in a header area of a packet, and is set in advance as an area for setting packet attributes.
  • the received packet attribute is either an internal attribute that represents an internal packet transferred from one of the packet transfer devices, or an external attribute that represents an external packet received from an external node.
  • Packet attribute determination means for determining whether or not an external packet is transferred to another packet transfer apparatus via an internal network, and a value indicating the internal attribute is set in the attribute setting area of the packet. The packet attribute determination means, if the value of the attribute setting area of the received packet is a value indicating an internal attribute Determines that the part attribute, and judging that the external attribute if a value other than the value indicating the internal attributes.
  • the packet transfer apparatus refers to a predetermined area included in the header area of the packet and refers to an attribute setting area that is predetermined as an area for setting the attribute of the packet.
  • Packet attribute determination means for determining whether the internal attribute representing an internal packet transferred from any of the packet transfer devices or the external attribute representing an external packet received from an external node, and the external packet
  • a packet attribute setting means for setting a value indicating an internal attribute in the attribute setting area of the packet when transferring to another packet transfer device via the packet attribute determining means, If the value of the attribute indicates an internal attribute, it is determined to be an internal attribute. And judging a.
  • the packet transfer method is a predetermined area included in the header area of the packet when each packet transfer apparatus receives the packet, and an attribute set in advance as an area for setting the attribute of the packet Referring to the setting area, it is determined whether the attribute of the received packet is an internal attribute representing an internal packet transferred from any of the packet transfer apparatuses or an external attribute representing an external packet received from an external node, When each packet transfer device transfers to another packet transfer device via the internal network, a value indicating the internal attribute is set in the attribute setting area of the packet, and each packet transfer device determines the attribute of the packet.
  • the value of the attribute setting area of the received packet is a value indicating an internal attribute, it is determined as an internal attribute, and other than the value indicating an internal attribute And judging that the external attribute if the value.
  • the packet transfer program is a predetermined area included in a header area of a packet in a computer included in the packet transfer apparatus, and includes an attribute setting area that is predetermined as an area for setting a packet attribute.
  • the packet attribute determination process for determining whether the attribute of the received packet is an internal attribute representing an internal packet transferred from any of the packet transfer devices or an external attribute representing an external packet received from an external node
  • the attribute information setting process for setting a value indicating the internal attribute is executed in the attribute setting area of the packet, and the packet attribute determination process If the value of the attribute setting area of the received packet is a value indicating the internal attribute, it is determined to be an internal attribute. Is allowed, characterized in that to determine that the external attribute if a value other than the value indicating the internal attributes.
  • FIG. 2 is a block diagram illustrating a configuration example of an OFC 110.
  • FIG. 3 is a block diagram illustrating a configuration example of an OFS 121.
  • FIG. It is a block diagram which shows the other structural example of OFS121.
  • It is a sequence diagram which shows an example of the flow of the setting of the flow entry in the communication system of 1st Embodiment, and the flow of packet transfer.
  • It is explanatory drawing which shows an example of the flow of the setting of the flow entry in the communication system of 1st Embodiment, and the flow of packet transfer.
  • FIG. 9 is a sequence diagram which shows an example of the flow of the setting of the flow entry in the communication system of 2nd Embodiment, and the flow of packet transfer.
  • FIG. 9 is a sequence diagram continued from FIG. 8. It is explanatory drawing which shows the example of the flow entry registered into the flow table of OFS121 in 2nd Embodiment. It is a block diagram which shows the minimum structural example expressing the characteristic of the communication system by this invention. It is explanatory drawing which shows the general structure of the communication system which builds an OpenFlow network. It is explanatory drawing which shows an example of the physical server virtualized. It is explanatory drawing which shows the structural example of the communication system corresponding to an OpenFlow protocol including the virtual switch in the physical server virtualized.
  • each port has the attribute information (information indicating whether it is external or internal) that has been possessed for each port of the packet transfer device so far, so that one port has the internal attribute and the external attribute.
  • the packet transfer apparatus having both of the attributes is intended to correctly process each packet. Furthermore, it is intended to achieve this without changing external nodes.
  • each packet has attribute information, even if there is a packet transfer device that has both internal and external attributes for one port, the entry to be applied to the internal packet and the entry to be applied to the external packet Can be used for each received packet.
  • an internal packet and an external packet received by one port can be correctly processed through the following three processes.
  • the first process is a packet attribute setting process by the Ingress switch.
  • the received packet has an internal attribute, that is, a flag indicating the internal attribute. Stand up.
  • this flag is referred to as an attribute flag.
  • the attribute flag is not necessarily 1 bit.
  • the second process is a packet attribute determination process by each packet transfer apparatus.
  • all packet transfer apparatuses check the attributes of the received packet. Specifically, it is determined whether or not the value of the attribute flag included in the received packet is a value indicating an internal attribute. If the value of the attribute flag is a value indicating an internal attribute, it is determined that the packet is an internal packet transferred from another packet transfer apparatus in the internal network, and an entry for an internal packet ( The packet is processed according to the Core entry and the Egress entry. On the other hand, if the value of the attribute flag is a value other than the value indicating the internal attribute, it is determined that the packet is an external packet received from an external node, and an entry for an external packet (Ingress entry) set in the flow table. To process the packet.
  • each packet transfer apparatus may transmit an entry request to the control apparatus assuming that the 1st packet has been received. As a result, the control device determines a route for the flow and sets a necessary entry in the related packet transfer device. Thereafter, each packet transfer apparatus can process the received packet according to the set entry. If the value of the attribute flag of the received packet is not a value indicating the internal attribute, the packet is an external packet, and the packet transfer apparatus that has received the packet is an Ingress switch in the flow to which the packet belongs. If there is, when the packet is transferred to another packet transfer apparatus, the attribute flag of the packet to be transferred is set to a value indicating the internal attribute (first process).
  • each entry is registered in a manner in which it can be determined whether the entry is an entry applied to an internal packet or an entry applied to an external packet.
  • the classification information of each entry may have a data structure including information specifying the value of the area in which the value of the attribute flag is set. With such a data structure, each packet transfer apparatus can select an entry corresponding to the attribute of the packet through the determination process corresponding to the classification information without recognizing the attribute flag.
  • an area of a table storing entries may be divided into an entry applied to an internal packet and an entry applied to an external packet.
  • the third process is a packet attribute flag clear process by the Egress switch.
  • the packet transfer apparatus serving as the Egress switch transmits the received packet to the external node, the value of the attribute flag of the packet is restored.
  • the value of the attribute flag is, for example, a value other than a value that is normally set in the corresponding area in the external network (when the external network is not operating uniquely) or a value that is clearly not set in the corresponding area in the external network. Is a value indicating. By doing so, it is possible to correctly perform attribute determination because the value of the corresponding area of the packet received from the external node takes a value other than the value indicating the internal attribute without modifying the external node. it can.
  • FIG. 1 is a block diagram illustrating a configuration example of a communication system according to the first embodiment of this invention.
  • the communication system shown in FIG. 1 includes an OFC 110 and OFS 121 to OFS 123.
  • OFS 121 to OFS 123 constitute an OpenFlow network that is an internal network in the communication system.
  • the OFS 121 is connected to the communication terminal 131, and the OFS 123 is connected to the communication terminal 132.
  • the communication terminal 131 and the communication terminal 132 are nodes belonging to an external network.
  • the OFC 110 may be the same as the OFC 910 or OFC 710 described above.
  • the OFC 110 preferably processes at least a part of the flows or paths in a proactive manner.
  • FIG. 2 is a block diagram illustrating a configuration example of the OFC 110.
  • the OFC 110 may include a route determination unit 1101 and a flow entry setting unit 1102 as illustrated in FIG.
  • the route determination unit 1101 determines a route according to the topology of the OpenFlow network constituted by each OFS (OFS 121 to OFS 123) for an arbitrary packet flow. For example, the route determination unit 1101 may determine a route between each edge switch for an arbitrary flow in advance (before communication is started) in accordance with the position of each OFS constituting the OpenFlow network. In addition, when receiving an entry request, the route determination unit 1101 determines a route between the edge switches for the flow to which the requested packet belongs according to the position of each OFS constituting the OpenFlow network.
  • the flow entry setting unit 1102 generates a flow entry for realizing the route determined by the route determination unit 1101 and sets (transfers) the flow entry to the related OFS.
  • the flow entry setting unit 1102 sets a Core entry for, for example, an OFS (OFS 122 in this example) serving as a relay point on the route determined by the route determining unit 1101.
  • the flow entry setting unit 1102 performs Ingress with respect to OFS (in this example, OFS 121 and OFS 123) connected to a node (external node) other than a node belonging to the open flow network such as a legacy network or a terminal.
  • An entry and an Egress entry are set. In practice, the above-described entry is set for the OFS port.
  • the edge flow is divided into two types depending on the direction.
  • One is an Ingress flow from the outside of the OpenFlow network to the inside of the OpenFlow network.
  • the other edge flow is an Egress flow that goes from the inside of the OpenFlow network to the outside of the OpenFlow network, as opposed to the Ingress float.
  • processing for the Ingress flow is defined.
  • a process for the Ingress flow for example, a process in which a packet header is edited and the edited packet is sent to another OFS in the OpenFlow network.
  • the Egress entry defines a process for the Egress flow.
  • processing for the Egress flow for example, processing for delivering a packet whose destination address of the received packet is the address of the subordinate communication terminal to the subordinate communication terminal can be cited.
  • Examples of packet header editing processing for the Ingress flow include editing of the destination MAC address of the L2 frame and addition of a VLAN tag.
  • the destination MAC address can be edited by setting the bit indicating the local address in the U / L flag (U: universal address / L: local address) and embedding the node ID and station ID information managed by the OFC 110. Good.
  • the node ID is information that uniquely identifies the OFS.
  • the station ID is information for uniquely identifying an external node.
  • the edited destination MAC address is referred to as an aggregate MAC address.
  • the route determination unit 1101 determines the flow route to which the 1st packet belongs. Then, the flow entry setting unit 1102 may create an Ingress entry based on the determined path and set it in the requesting OFS.
  • the Ingress entry includes, for example, classification information designating the identifier and source MAC address of the port that has received the 1st packet, and action information indicating the following processing.
  • the Ingress entry indicates, for example, processing of outputting from a predetermined port after embedding the node ID of the OFS used as the Egress switch in the determined path and the station ID of the communication terminal under the OFS in the destination MAC address of the packet. Contains action information.
  • the flow entry setting unit 1102 may set action information including processing for setting a predetermined value in the attribute flag in the action information of the Ingress entry.
  • the OFS can perform an attribute flag setting process as a process according to the Ingress entry.
  • the flow entry setting unit 1102 may set a Core entry for a predetermined port of the OFS that becomes a core switch in the determined route.
  • the Core entry performs, for example, a process of transferring a packet to the OFS in the next stage when the destination MAC address of the received packet is an aggregate MAC address and the value of the attribute flag is a value indicating an internal attribute. It is a specified entry.
  • the flow entry setting unit 1102 may set an Egress entry for an OFS that becomes an Egress switch in the determined route. For example, when the destination MAC address of the received packet is the aggregate MAC address and the value of the attribute flag is a value indicating the internal attribute, the Egress entry returns the destination MAC address to the original communication. This entry specifies that processing to be output from a predetermined port connected to the terminal is performed.
  • the first MAC packet and subsequent packets have a destination MAC address according to the Egress entry set in the OFS that is an Egress switch.
  • the aggregate MAC address is converted to the MAC address of the external node that is the destination, and then transmitted to the communication terminal that is the subordinate external node.
  • the flow entry setting unit 1102 may set action information including processing for restoring the value of the attribute flag in the action information of the Egress entry. By doing so, OFS can perform attribute flag clear processing as processing according to the Egress entry.
  • the processing other than the processing related to the attribute flag may be processing according to the OpenFlow protocol, and is not particularly limited.
  • the OFS 121 to OFS 123 are general OFS functions (a function for holding a flow entry, a function for processing a received packet according to the held flow entry, a function for creating statistical information, and discarding a flow entry according to a timer value.
  • the following functions are provided. That is, it has a function of executing the first to third processes described above. Note that the function of executing the first to third processes may be implemented as a part of the matching determination process with the entry as described above and a part of the action process performed according to the matched entry.
  • FIG. 3 and 4 are block diagrams showing a configuration example of the OFS 121.
  • FIG. The configuration of other OFS may be the same as that of the OFS 121.
  • FIG. 3 shows a configuration example of an OFS 121A that is an example of the OFS 121.
  • the OFS 121A shown in FIG. 3 includes a packet attribute determination unit 1201A, a packet attribute setting unit 1202A, a packet processing unit 1203A, and a flow table storage unit 1204A.
  • the packet attribute determination unit 1201A refers to the attribute flag included in the packet and determines whether the attribute of the received packet is an internal attribute or an external attribute.
  • the packet attribute determination unit 1201A determines that the attribute flag value included in the received packet is an internal attribute if the value indicates a predetermined internal attribute, and if the value is any other value, the external attribute indicates Judge that there is.
  • the packet attribute setting unit 1202A transfers the external packet to another OFS in the OpenFlow network when the type of the packet specified based on the received packet attribute is an external packet. A value indicating the internal attribute is set in the attribute flag of the packet to be processed. In addition, when transmitting an internal packet to an external node, the packet attribute setting unit 1202A restores the value of the attribute flag of the packet to be transmitted.
  • the flow table storage unit 1204A stores a flow entry. Note that the flow table storage unit 1204A of the present example stores the flow entry applied to the internal packet and the flow entry applied to the external packet in separate areas. This can be realized, for example, by the flow entry setting unit 1102 of the OFC 110 transferring the flow entry together with information indicating which flow entry to each OFS.
  • the packet processing unit 1203A executes processing on the received packet according to the flow table stored in the flow table storage unit 1204A.
  • the packet processing unit 1203A executes processing on the received packet according to the flow entry corresponding to the attribute of the received packet.
  • the packet processing unit 1203A of this example causes the packet attribute setting unit 1202A to pass through when actually transmitting a packet. As a result, the packet attribute setting unit 1202A can change the attribute flag of the transmitted packet as necessary.
  • the packet processing unit 1203A may pass information indicating the attribute of the packet together with the transmission packet to the packet attribute setting unit 1202A. These pieces of information can also be passed through a queue.
  • FIG. 4 shows a configuration example of OFS 121B, which is another example of OFS 121.
  • the OFS 121B shown in FIG. 3 includes a packet processing unit 1203B and a flow table storage unit 1204B.
  • the packet processing unit 1203B includes a rule determination unit 1205B and a rule execution unit 1206B.
  • the rule determination unit 1205B has a packet attribute determination unit 1201B.
  • the rule execution means 1206B has a packet attribute setting means 1202B.
  • the flow table storage unit 1204B stores a flow entry.
  • the flow entry classification information stored in the flow table storage unit 1204B of the present example includes information specifying the value of a predetermined area including the area where the value of the attribute flag is set. Thereby, it can be determined whether each flow entry is an entry applied to an internal packet or an entry applied to an external packet.
  • the rule determination unit 1205B determines which flow entry the received packet matches based on the flow entry classification information stored in the flow entry storage unit 1204B.
  • the rule determining unit 1205B refers to the area where the value is specified in the classification information, and determines whether the value of the area of the received packet matches the value specified in the classification information, thereby receiving the received packet The flow entry that matches is determined.
  • the packet attribute determination unit 1201B of this example is a unit that refers to the value of a predetermined area of the packet (area in which the attribute flag is set) and determines whether the packet attribute matches with the entry. This is performed as part of the above-described conformity determination process by the rule determination unit 1205B.
  • the rule execution means 1206B executes the process indicated by the action information of the flow entry.
  • the action information of this example may include information indicating that the value of the area in which the attribute flag of the packet to be transmitted is set is set to a predetermined value.
  • the packet attribute setting means 1202B of this example is a means for performing processing to set the value of the area in which the attribute flag of the packet is set to a value indicating the internal attribute when transferring the external packet to the internal network. This process is performed as part of the action execution process described above by the rule execution unit 1206B.
  • the route determination unit 1101 and the flow entry setting unit 1102 are realized by, for example, a computer (CPU or the like that operates according to a program) provided in the OFC.
  • the packet attribute determination unit 1201A, the packet attribute setting unit 1202A, the packet processing unit 1203A, the packet processing unit 1203B, the rule determination unit 1205B, and the rule execution unit 1206B are realized by, for example, a computer (such as a CPU that operates according to a program) provided in the OFS. Is done.
  • the flow table storage unit 1204A and the flow table storage unit 1204B are realized by a storage device (memory, database system, or the like) provided in the OFS, for example.
  • FIG. 5 is a sequence diagram showing an example of a flow entry setting flow and a packet transfer flow in the communication system of the present embodiment.
  • FIG. 5 shows an example of the flow entry setting flow and the packet transfer flow in the communication system of the present embodiment, focusing on communication from the communication terminal 131 to the communication terminal 132.
  • the communication handled by this communication system is not limited to the above.
  • the dotted arrow indicates control communication
  • the solid arrow indicates data communication.
  • the communication terminal 131 operates as a transmission terminal. Further, the communication terminal 132 operates as a destination terminal.
  • the OFS 121 operates as an Ingress switch in communication between the communication terminal 131 and the communication terminal 132.
  • the OFS 122 operates as a core switch in communication between the communication terminal 131 and the communication terminal 132.
  • the OFS 123 operates as an Egress switch in communication between the communication terminal 131 and the communication terminal 132.
  • the U / L bit of the source MAC address of the L2 frame is used as the assignment destination of the attribute flag in the packet. This is because the connected external node, encapsulation protocol, etc. It is assumed that there is no machine using a local MAC address. In such a case, a value indicating a local address that is not normally used may be used as a value indicating the internal attribute.
  • the first method is a method of expressing an attribute flag with an arbitrary address block of a MAC address. That is, a vendor-assigned address block or an address block assigned for normal multicast is reserved for use of the attribute flag. In this way, it is ensured that the unique value of the reserved address block is not used by any machine or encapsulation protocol in the external network. Therefore, such an address block area can be determined as the setting destination of the attribute flag. In that case, the secured unique value may be used as the value indicating the internal attribute.
  • the second method uses extension headers such as MPLS (Multi-protocol Label Switching), NVGRE (Network Virtualization Virtualization Using Routing Generic Encapsulation), and VxLAN (Virtual Network eXtensible Network Local Network Network) that IETF (Internet Engineering Task Task Force) is standardizing It is a method to do.
  • MPLS Multi-protocol Label Switching
  • NVGRE Network Virtualization Virtualization Using Routing Generic Encapsulation
  • VxLAN Virtual Network eXtensible Network Local Network Network
  • IETF Internet Engineering Task Task Force
  • the OFC 110 recognizes the topology of the OpenFlow network.
  • the OFC 110 recognizes that the OFS 121 and the OFS 122 are connected and the OFS 122 and the OFS 123 are connected.
  • the OFC 110 is connected to a port used for relaying the OFS 122 serving as a core switch in the communication path between the communication terminal 131 and the communication terminal 132, that is, the OFS 122 connected to the adjacent OFS (OFS 121 and OFS 123).
  • a Core entry for transferring the internal packet is set (transferred) to the port (step S101 in FIG. 5).
  • the classification information of the Core entry includes information specifying, as a packet requirement, that at least the U / L flag of the source MAC address indicates a local address, that is, the attribute flag is a value indicating an internal attribute. included. Furthermore, information specifying that the destination MAC address is a predetermined aggregate MAC address as a requirement of the packet may be included.
  • the OFS 122 that has received the Core entry from the OFC 110 registers the received Core entry in the flow table (step S102 in FIG. 5).
  • the OFC 110 sets an Egress entry assuming an opposite direction together with the Ingress entry for the corresponding port of the OFS 123 at the timing when Packet_In is transmitted for an arbitrary packet received from the communication terminal 132 under the control of the OFS 123, for example.
  • the classification information of the Egress entry includes information specifying, as a packet requirement, that at least the U / L flag of the source MAC address indicates a local address, that is, the attribute flag is a value indicating an internal attribute. included.
  • the classification information specifies that the destination MAC address is an aggregate MAC address in which the node ID of the OFS 123 and the station ID of the communication terminal 132 under the OFS 123 are embedded, as a packet requirement. May be included.
  • the action information of the Egress entry includes information indicating processing for restoring the attribute flag value of the packet, that is, setting the U / L flag of the packet source MAC address to a value indicating a universal address. .
  • the illustration is omitted.
  • the OFS 123 that has received the Egress entry from the OFC 110 registers the received Egress entry in the flow table (step S104 in FIG. 5).
  • the packet 1 which is the first packet addressed to the communication terminal 132 is transmitted from the communication terminal 131 to the OFS 121 (step S105 in FIG. 5).
  • the U / L flag of the source MAC address of the packet 1 is a value indicating a universal address. This means that when the U / L flag is viewed as an attribute flag, a value other than the value indicating the internal attribute is set.
  • the OFS 121 transmits Packet_In to the OFC 110 for the packet 1 (step S106 in FIG. 5).
  • the OFC 110 receives this Packet_In, calculates the route for the flow to which the packet 1 belongs, and transmits the Packet_Out for the packet 1 to the OFS 123 connected to the communication terminal 132 that is the destination terminal (step S107 in FIG. 5).
  • Packet_Out is a message for transmitting the packet from the designated port of the OFS.
  • the OFS 123 that has received Packet_Out transmits the transmitted packet 1 from the designated port (step S108 in FIG. 5). Thereby, the packet 1 which is the first packet of the flow reaches the communication terminal 132.
  • the OFC 110 receives the Packet_In for the packet 1 from the OFS 121 and sets an Ingress entry and an Egress entry assuming a reverse flow for the corresponding port of the OFS 121 (step S109 in FIG. 5).
  • the classification information of the Ingress entry specifies, as a packet requirement, that at least the U / L flag of the source MAC address is a value indicating a universal address, that is, the attribute flag is a value other than a value indicating an internal attribute.
  • the action information of the Ingress entry includes information indicating processing for transferring a packet to the OFS 122 at the next stage after setting the attribute flag to a value indicating the internal attribute. The setting process of the Egress entry at this time is not shown because it is a reverse flow.
  • the OFS 121 that has received the Ingress entry from the OFC 110 registers the received Ingress entry in the flow table (step S110 in FIG. 5).
  • a flow entry for delivering a packet transmitted from the communication terminal 131 to the communication terminal 132 to the communication terminal 132 is set for all OFS on the route of the flow.
  • the communication terminal 131 transmits the packet 2 that is the second packet addressed to the communication terminal 132 to the OFS 121 (step S111 in FIG. 5).
  • the U / L flag of the source MAC address of the packet 2 is a value indicating a universal address (that is, a value other than a value indicating an internal attribute), as with the packet 1.
  • the OFS 121 Since the Ingress entry suitable for the flow is registered in the flow table of the OFS 121 in step S110 described above, the OFS 121 sets the attribute flag of the received packet 2 to a value indicating the internal attribute in accordance with the Ingress entry. Then, the data is transferred to the OFS 122 at the next stage (step S112 in FIG. 5). The OFS 121 also performs processing for converting the destination MAC address into an aggregate MAC address in accordance with the Ingress entry.
  • the packet 2 in which the attribute flag is set to a value indicating the internal attribute and the destination MAC address is converted to the aggregate MAC address is referred to as a packet 2 '.
  • the OFS 122 transfers the received packet 2 ′ to the OFS 123 of the next stage according to the Core entry (FIG. 5 step S113).
  • the OFS 123 Since the Egress entry that matches the packet 2 ′ is registered in the flow table of the OFS 123 by the above-described step S104, the OFS 123 sets the attribute flag and the destination MAC address value of the received packet 2 ′ according to the Egress entry. After returning to the original state, the data is transmitted to the subordinate communication terminal 132 (step S114 in FIG. 5).
  • the first and subsequent packets follow the determined path without going through the OFC, and are finally transmitted to the destination terminal.
  • FIG. 6 is an explanatory diagram expressing the above-described series of flows on a block diagram.
  • the core OFS is the OFS 122.
  • the edge OFS (Ingress) is the OFS 121.
  • the edge OFS (Egress) is OFS123.
  • the transmitting terminal is the communication terminal 131.
  • the destination terminal is the communication terminal 132.
  • the contents of the attribute flag of the packet to be transmitted are indicated by the presence or absence of knitting.
  • the presence of shading indicates a value indicating the internal attribute, that is, the U / L flag is a local address
  • the absence of shading indicates a value other than the value indicating the internal attribute, that is, the U / L flag is a universal address. It shows that there is.
  • the OFS recognizes whether the packet is an internal packet or an external packet from information attached to the received packet instead of the reception port. Therefore, even if both an entry applied to an internal packet and an entry applied to an external packet are set for one port, they can be used properly without being confused. That is, one port can handle both internal packets and external packets. Further, the above effect can be realized without affecting the OpenFlow contract.
  • FIG. FIG. 7 is an explanatory diagram illustrating a configuration example of a communication system according to the second embodiment.
  • the communication system shown in FIG. 7 is different from the communication system shown in FIG. 1 in that an OFS 124 is further provided.
  • the OFS 124 is connected to one port of the OFS 121 via a port common to the communication terminal 131.
  • the OFS 124 is connected to the communication terminal 133 via another port.
  • the communication terminal 133 is a node belonging to an external network.
  • the OFS 124 may be a virtual OFS that operates on a virtualized physical server as exemplified in FIG.
  • the communication terminal 133 is a virtual machine that operates on the same physical server.
  • the communication terminal 131 is an application that operates on the physical server.
  • the configuration and operation of the OFS 124 may be the same as the configuration and operation of each OFS in the first embodiment.
  • one port of the OFS 121 can handle both the Ingress flow and the Egress flow.
  • the OFS 121 when the OFS 121 receives a packet transmitted from the communication terminal 131, the OFS 121 selects an Ingress entry based on the value of the attribute flag of the received packet and operates according to the selected Ingress entry. On the other hand, when receiving a packet transmitted from the communication terminal 133 and transferred by the OFS 124, the OFS 121 selects a Core entry based on the value of the attribute flag of the received packet, and operates according to the selected Core entry.
  • FIGS. 8 and 9 are sequence diagrams showing an example of a flow entry setting flow and a packet transfer flow in the communication system of the present embodiment.
  • the flow entry setting flow in the communication system of the present embodiment focuses on communication from the communication terminal 131 to the communication terminal 132 and communication from the communication terminal 133 to the communication terminal 132.
  • communication handled by the communication system of the present embodiment is not limited to the above.
  • the communication terminal 131 and the communication terminal 133 operate as transmission terminals. Further, the communication terminal 132 operates as a destination terminal.
  • the OFS 124 is an Ingress switch in communication between the communication terminal 133 and the communication terminal 132.
  • the OFS 121 is an Ingress switch in communication between the communication terminal 131 and the communication terminal 132, and is a core switch in communication between the communication terminal 133 and the communication terminal 132.
  • the OFS 123 is an Egress switch in communication between the communication terminal 131 and the communication terminal 132 and communication between the communication terminal 133 and the communication terminal 132.
  • the OFS 122 is a core switch in communication between the communication terminal 131 and the communication terminal 132 and communication between the communication terminal 133 and the communication terminal 132.
  • the OFC 110 recognizes the topology of the OpenFlow network.
  • the OFC 110 recognizes that the OFS 121 and the OFS 122 are connected, the OFS 122 and the OFS 123 are connected, and the OFS 124 and the OFS 121 are connected.
  • the OFC 110 performs communication on the communication path between the communication terminal 133 and the communication terminal 132 or the port used for relaying the OFS 121 and OFS 122 serving as core switches in the communication path between the communication terminal 131 and the communication terminal 132.
  • a Core entry for transferring the internal packet is set (transferred) (steps S101 and S201 in FIG. 8).
  • the classification information of the Core entry includes information specifying, as a packet requirement, that at least the U / L flag of the source MAC address indicates a local address, that is, the attribute flag is a value indicating an internal attribute. included.
  • the Core entry classification information may include information specifying that the destination MAC address is a predetermined aggregate MAC address as a packet requirement.
  • the OFS 121 and OFS 122 that have received the Core entry from the OFC 110 register the received Core entry in the flow table (steps S102 and S202 in FIG. 8).
  • the OFS 121 transmits Packet_In for the packet 1 to the OFC 110 as in the first embodiment (step S106 in FIG. 8).
  • the subsequent processing relating to packet 1 is the same as that in the first embodiment (steps S107 to S110).
  • the processing related to the packet from the communication terminal 131 after the packet 1 is the same as that in the first embodiment (steps S111 to S114).
  • the packet 3 that is the first packet addressed to the communication terminal 132 is transmitted from the communication terminal 133 to the OFS 124 (step S203 in FIG. 9).
  • the U / L flag of the source MAC address of the packet 3 is a value other than a value indicating a universal address, that is, a value indicating an internal attribute.
  • OFS 124 Since no flow entry matching packet 3 is registered in the flow table of OFS 124, OFS 124 transmits Packet_In for packet 3 to OFC 110 (step S204 in FIG. 9).
  • the OFC 110 receives this Packet_In, calculates the route for the flow to which the packet 3 belongs, and transmits the Packet_Out for the packet 3 to the OFS 123 connected to the communication terminal 132 that is the destination terminal (step S205 in FIG. 9). ).
  • the OFS 123 that has received the Packet_Out transmits the designated packet from the designated port (step S206 in FIG. 9). As a result, the packet 3 which is the first packet of the flow reaches the communication terminal 132.
  • the OFC 110 receives Packet_In for the packet 3 from the OFS 124, and sets an Ingress entry and an Egress entry assuming a reverse flow for the corresponding port of the OFS 124 (step S207 in FIG. 9).
  • the classification information of the Ingress entry includes information specifying, as a packet requirement, that at least the U / L flag of the source MAC address is a value indicating a universal address, that is, a value other than a value indicating an internal attribute. included.
  • the action information of the Ingress entry includes information indicating a process for transferring a packet to the OFS 121 at the next stage after setting the U / L flag to a value indicating an internal attribute.
  • the OFS 124 that has received the Ingress entry from the OFC 110 registers the received Ingress entry in the flow table (step S208 in FIG. 9).
  • a flow entry for delivering a packet addressed to the communication terminal 132 transmitted from the communication terminal 133 to the communication terminal 132 is set for all OFS on the flow path.
  • the communication terminal 133 transmits the packet 4 that is the second packet addressed to the communication terminal 132 to the OFS 124 (step S209 in FIG. 9).
  • the OFS 124 Since the Ingress entry suitable for the packet 4 is registered in the flow table of the OFS 124 in step S208, the OFS 124 transfers the received packet 4 to the next-stage OFS 121 in accordance with the Ingress entry (step S210 in FIG. 9). ). At this time, according to the Ingress entry, the OFS 124 sets the attribute flag of the packet 4 to a value indicating an internal attribute, converts the destination MAC address to an aggregate MAC address, and transfers the packet.
  • the packet 4 in which the attribute flag is set to a value indicating the internal attribute and the destination MAC address is converted into the aggregate MAC address is referred to as a packet 4 '.
  • the corresponding port of the OFS 121 receives the packet 4 '.
  • the packet 4 ' has the same source MAC address (except for the U / L flag) and the same destination MAC address as the packet 2 received in step S111.
  • the attribute flag is set to a value indicating the internal attribute in step S211. Due to this difference, in the OFS 121, the packet 4 'matches the Core entry, not the Ingress entry. Therefore, the OFS 121 transfers the received packet 4 ′ to the next-stage OFS 122 according to the matched Core entry (step S ⁇ b> 211 in FIG. 9).
  • the OFS 122 transfers the received packet 4 'to the next-stage OFS 123 according to the registered Core entry (step S212 in FIG. 9).
  • the OFS 123 transmits the received packet 4 ′ to the subordinate communication terminal 132 according to the Egress entry ( Step S213 in FIG. 9). At this time, the OFS 123 transmits the packet 4 'after returning the attribute flag and the destination MAC address of the packet 4' according to the Egress entry.
  • the packet after the 1st packet travels on the determined route without going through the OFC, and is finally transmitted to the destination terminal.
  • FIG. 10 is an explanatory diagram illustrating an example of a flow entry registered in the flow table of the OFS 121 according to the present embodiment.
  • the communication terminal 133 is a virtual machine that operates on a virtualized physical server.
  • the communication terminal 131 is assumed to be an application that operates on the same physical server.
  • the OFS 124 is a virtual switch that operates on the same physical server.
  • the physical server is assumed to be connected to the Port 1 of the OFS 121 via one physical NIC.
  • the OFS 122 is connected to the Port 2 of the OFS 121.
  • a flow entry as shown in FIG. 10 is registered in the flow table of the OFS 121.
  • the flow entry shown in the first record R101 is an example of an Ingress entry applied to a packet received from the communication terminal 131 (in this example, an application on a physical server).
  • the value of the U / L flag is U: as the designation of the source MAC address (indicated as “MAC src” in the figure). Contains information specifying that it is a universal address. This designation agrees with the fact that the value of the attribute flag is designated as a value indicating an external attribute.
  • action information (indicated as “Action Field” in the figure) associated with such classification information
  • the value of the U / L bit of the source MAC address is set to L: a value indicating a local address.
  • An operation indicating the output from Port 2 is specified after rewriting.
  • designation for converting the destination MAC address to the aggregate MAC address in the action information of the Ingress entry is omitted.
  • “Count Field” in the flow table illustrated in FIG. 10 is a timer value.
  • the flow entry indicated in the second record R102 is an example of a Core entry applied to a packet transferred from the OFS 124 (virtual OFS in this example).
  • the Core entry classification information includes information for designating that the value of the U / L flag is L: local address as designation of the source MAC address. This designation agrees with the fact that the attribute flag is designated as a value indicating an internal attribute.
  • the action information associated with such classification information specifies an operation indicating an output from Port2.
  • the attribute flag is embedded in the U / L bit of the source MAC address, it is determined whether the packet attribute is an internal attribute or an external attribute, the U / L of the source MAC address of the received packet. You can judge by looking at the bit.
  • the U / L flag is a value indicating U: universal address.
  • the packet from the virtual OFS (OFS 124) has the U / L flag rewritten to a value indicating L: local address by the packet attribute setting processing according to the present invention.
  • the OFS 121 when a packet is received from the Port 1, if it is a packet from the application (communication terminal 131) on the physical server, it matches the Ingress entry, and if it is a packet from the virtual OFS (OFS 124), The entry corresponding to the attribute of the packet is correctly selected so as to match.
  • OFS recognizes whether the attribute of the packet is an internal attribute or an external attribute from the information attached to the received packet instead of the reception port. To select the correct entry. As a result, both external packets and internal packets can be handled by one port.
  • one port can handle both internal and external packets, the following effects can be expected. That is, in the virtualized server on which the virtual switch operates, the number of necessary physical NICs can be suppressed and the communication band of the high-performance NIC can be effectively used. In addition, the number of used ports of OFS (for example, OFS 121) that is the opposite port of the virtual switch can be reduced. The above effect can be realized without affecting the OpenFlow protocol.
  • OFS for example, OFS 121
  • the present invention has been described using an OpenFlow network that is one of CU separation type networks as an example, but the OpenFlow network is only an example. Therefore, the network targeted by the present invention is not limited to the OpenFlow network. Further, the present invention is not limited to a CU separation type network. That is, the present invention can be applied to a network that is not a CU separation type network and each packet transfer apparatus performs transfer control.
  • FIG. 11 is a block diagram showing a minimum configuration example expressing the features of the communication system according to the present invention.
  • the communication system according to the present invention includes at least a plurality of packet transfer apparatuses (a packet transfer apparatus 501-1 and a packet transfer apparatus 501-2).
  • Each packet transfer apparatus includes a packet attribute determination unit 501 and a packet attribute setting unit 502.
  • the packet attribute determination unit 501 (for example, the packet attribute determination unit 1201A and the packet attribute determination unit 1201B) is a predetermined area included in the header area of the packet, and is an attribute set in advance as an area for setting the packet attribute Referring to the setting area (in the above example, the area to which the attribute flag is assigned), whether the attribute of the received packet is an internal attribute representing an internal packet transferred from one of the packet transfer apparatuses or an external node It is determined whether the external attribute represents an external packet received from.
  • the packet attribute determination unit 501 determines that the attribute setting area value of the received packet is an internal attribute if the value indicates an internal attribute, and determines that the value is an external attribute if the value is a value other than the value indicating the internal attribute. To do.
  • the packet attribute determination unit 502 when transferring an external packet to another packet transfer apparatus via the internal network, Set a value indicating the attribute.
  • the packet attribute determining unit 501 determines that the value of the attribute setting area of the received packet is an internal attribute if the value indicates a predetermined internal attribute, and if the value is a value other than the value indicating the internal attribute. It is determined to be an external attribute.
  • Each packet transfer device is a packet transfer rule that is information that determines the operation of the packet transfer device when a packet is received, and the classification indicates the requirements of packets belonging to the packet flow to which the packet transfer rule is applied.
  • Packet transfer rule storage means for example, flow table storage means 1204A, 1204B for storing packet transfer rules including information and action information indicating processing to be executed, and packet transfer rules stored in the packet transfer rule storage means
  • the packet processing means for example, packet processing means 1203A, 1203B) for executing processing on the received packet, the classification information has information specifying the value of the attribute setting area, and the packet processing means
  • Packets stored in the rule storage means A rule determination unit (for example, rule determination unit 1205B) for determining which of the packet transfer rules stored in the packet transfer rule storage unit matches the received packet based on the classification information of the data transfer rule;
  • a rule execution unit for example, rule execution unit 1206B) that executes processing indicated by the action information of the adapted packet transfer rule with respect to the received packet.
  • the communication system further includes a control device (for example, OFC 110) for controlling the packet communication path of each packet transfer device by controlling the packet processing of each packet transfer device.
  • a route determination unit for example, route determination unit 1101 that determines a route according to the topology of the internal network, which is a network formed by each packet transfer device, and a route that is determined by the route determination unit
  • a packet transfer rule setting unit for generating a packet transfer rule and transferring the packet transfer rule to a related packet transfer device.
  • the packet transfer rule storage unit of each packet transfer device includes: Memorize transferred packet transfer rules and transfer packets
  • the rule setting means includes, for a packet transfer apparatus serving as a relay point in a specific packet flow route, classification information having information specifying that the value of the attribute setting area is a value indicating an internal attribute, A packet transfer rule including action information indicating an output from the port may be transferred before communication of a specific packet flow is started.
  • the communication system includes a virtual packet transfer device (for example, OFS 124 in FIG. 7) operating on a virtualized server as a packet transfer device, and a second packet transfer connected to the virtual packet transfer device.
  • a virtual packet transfer device for example, OFS 124 in FIG. 7
  • one port of the second packet transfer device is one port of the server, and an internal packet transferred from the virtual packet transfer device and a virtual packet transfer It may be connected to one port capable of transmitting both external packets that do not pass through the device.
  • the attribute setting area may be a U / L bit area of the MAC address included in the header information
  • the value indicating the internal attribute may be a value indicating the local address in the U / L bit of the MAC address.
  • the attribute setting area may be an address block area of the MAC address to which a unique value is assigned in advance for the communication system in the protocol used by the external network, and the value indicating the internal attribute may be a unique value.
  • the attribute setting area is an extension header area extended by the header extension technology used in the protocol used by the external network, and one of the packet transfer devices has extended the extension header area with a value indicating the internal attribute. It may be a predetermined value indicating the effect.
  • the present invention can be preferably applied to a use in which communication is performed via a plurality of packet transfer apparatuses, and particularly applicable to a communication system including a virtualized packet transfer apparatus.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un système de communication comprenant des dispositifs d'acheminement de paquet individuels qui comportent : un moyen de détermination d'attributs de paquet servant à déterminer si les attributs d'un paquet reçu sont des attributs internes qui indiquent un paquet interne ou des attributs externes qui indiquent un paquet externe, en se référant à une région de définition d'attributs qui est une région imposée incluse dans la région d'en-tête du paquet et qui est prédéfinie pour faire office de région destinée à définir les attributs du paquet ; et un moyen de définition d'attributs de paquet conçu pour définir des valeurs indiquant des attributs internes dans la région de définition d'attributs du paquet lors de l'acheminement d'un paquet externe vers un autre dispositif d'acheminement de paquet par l'intermédiaire d'un réseau interne. En outre, le moyen de détermination d'attributs de paquet détermine que les attributs sont des attributs internes si les valeurs dans la région de définition d'attributs sont des valeurs indiquant des attributs internes, et détermine que les attributs sont des attributs externes si les valeurs sont des valeurs différentes de celles qui indiquent des attributs internes.
PCT/JP2015/000227 2014-02-10 2015-01-20 Système de communication, dispositif d'acheminement de paquet, procédé d'acheminement de paquet et programme d'acheminement de paquet WO2015118811A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2014023091 2014-02-10
JP2014-023091 2014-02-10

Publications (1)

Publication Number Publication Date
WO2015118811A1 true WO2015118811A1 (fr) 2015-08-13

Family

ID=53777626

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/000227 WO2015118811A1 (fr) 2014-02-10 2015-01-20 Système de communication, dispositif d'acheminement de paquet, procédé d'acheminement de paquet et programme d'acheminement de paquet

Country Status (1)

Country Link
WO (1) WO2015118811A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012033117A1 (fr) * 2010-09-09 2012-03-15 日本電気株式会社 Système de réseau et procédé de gestion de réseau
WO2012096131A1 (fr) * 2011-01-13 2012-07-19 日本電気株式会社 Système de réseau et procédé de commande de trajet

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012033117A1 (fr) * 2010-09-09 2012-03-15 日本電気株式会社 Système de réseau et procédé de gestion de réseau
WO2012096131A1 (fr) * 2011-01-13 2012-07-19 日本電気株式会社 Système de réseau et procédé de commande de trajet

Similar Documents

Publication Publication Date Title
EP2544417B1 (fr) Système de communication, appareil de commande de voie, appareil d'acheminement de paquet et procédé de commande de voie
JP5991424B2 (ja) パケット書換装置、制御装置、通信システム、パケット送信方法及びプログラム
KR101478475B1 (ko) 컴퓨터 시스템 및 컴퓨터 시스템에 있어서의 통신 방법
JP5862769B2 (ja) 通信システム、制御装置、通信方法及びプログラム
WO2012133060A1 (fr) Système de réseau et procédé pour acquérir des données d'étiquette d'un réseau vlan
US20160301603A1 (en) Integrated routing method based on software-defined network and system thereof
US20130250958A1 (en) Communication control system, control server, forwarding node, communication control method, and communication control program
CN107204867A (zh) 一种信息传输方法、装置和系统
JP6544401B2 (ja) パケット転送装置、制御装置、通信システム、通信方法及びプログラム
JP6323547B2 (ja) 通信システム、制御装置、通信制御方法、および、プログラム
JP5993817B2 (ja) キャリア網における経路制御システム及び方法
JP5858141B2 (ja) 制御装置、通信装置、通信システム、通信方法及びプログラム
JP5720340B2 (ja) 制御サーバ、通信システム、制御方法およびプログラム
CN105516025A (zh) 端到端的路径控制和数据传输方法、OpenFlow控制器和交换机
US20160294673A1 (en) Communication system, communication method, network information combination apparatus, and network information combination program
JP5534033B2 (ja) 通信システム、ノード、パケット転送方法およびプログラム
WO2015079615A1 (fr) Système de communication, procédé de communication, appareil de combinaison d'informations réseau, procédé de conversion de règle de traitement, et programme de conversion de règle de traitement
JPWO2015151442A1 (ja) 通信システム、通信方法および制御装置
JPWO2014126094A1 (ja) 通信システム、通信方法、制御装置、制御装置の制御方法及びプログラム
WO2015118811A1 (fr) Système de communication, dispositif d'acheminement de paquet, procédé d'acheminement de paquet et programme d'acheminement de paquet
JP2017175522A (ja) ネットワークシステム、制御装置、方法およびプログラム
JP5854488B2 (ja) 通信システム、制御装置、処理規則の設定方法およびプログラム
JP5359357B2 (ja) パケット処理装置、該処理装置に用いられるパケット処理順序制御方法及びパケット処理順序制御プログラム
JP6344005B2 (ja) 制御装置、通信システム、通信方法及びプログラム
RU2574350C2 (ru) Компьютерная система и способ осуществления связи в компьютерной системе

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15745751

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15745751

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP