WO2015124015A1 - Data packet forwarding method and device - Google Patents

Data packet forwarding method and device Download PDF

Info

Publication number
WO2015124015A1
WO2015124015A1 PCT/CN2014/093014 CN2014093014W WO2015124015A1 WO 2015124015 A1 WO2015124015 A1 WO 2015124015A1 CN 2014093014 W CN2014093014 W CN 2014093014W WO 2015124015 A1 WO2015124015 A1 WO 2015124015A1
Authority
WO
WIPO (PCT)
Prior art keywords
data packet
packet
index record
layer information
index
Prior art date
Application number
PCT/CN2014/093014
Other languages
French (fr)
Chinese (zh)
Inventor
沈伟锋
钟来军
刘洪宽
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2015124015A1 publication Critical patent/WO2015124015A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/38Flow based routing

Definitions

  • the present application relates to the field of network communications, and in particular, to a packet forwarding method and device.
  • the OpenFlow technology was first proposed by Stanford University. Based on the existing TCP/IP technology conditions, the OpenFlow technology aims to solve the bottlenecks caused by the current network facing new services based on the innovative network interconnection concept. Its core idea is to transform the packet forwarding process, which was originally controlled by the switch/router, into an independent process completed by the OpenFlow switch and the control server respectively.
  • the IP layer performs packet fragmentation on the data packet and obtains the fragmentation.
  • the first packet is called the first packet.
  • the first packet contains the fourth layer information of the open system interconnection OSI required in the packet forwarding process.
  • the other packets except the first packet do not contain the fourth layer information of the OSI. .
  • the fourth layer information is forwarded to data packets other than the first packet.
  • the embodiment of the invention provides a data packet forwarding method and device, so as to solve the problem that an OpenFlow switch cannot forward data packets other than the first packet according to the fourth layer information.
  • the embodiment of the present invention provides the following technical solutions:
  • a data packet forwarding method including:
  • Reading the index record when the index record corresponding to the packet identifier is found The open system of the recorded system interconnects the fourth layer information of the OSI, and forwards the fragmented data packet according to the fourth layer information;
  • the index record is generated according to a first packet corresponding to the fragment data packet, where the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet. relationship.
  • the process of establishing the index record includes:
  • the index record that includes a correspondence between the data packet identifier and the fourth layer information in the index table.
  • the method further includes:
  • the fragment data packet is cached; and when the cache duration meets a preset cache period, the index record is re-searched in the index table.
  • the forwarding, by the fourth layer information, the fragment data packet includes:
  • the method further includes:
  • the fourth layer information in the fragmented data packet is marked as unmodifiable information.
  • the method further includes:
  • the index record is deleted according to a preset deletion condition.
  • a packet forwarding device including:
  • a receiving unit configured to receive a fragmented data packet that is not the first packet
  • a searching unit configured to be connected to the receiving unit, configured to search, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
  • a forwarding unit configured to connect to the searching unit, to read the fourth of the open system interconnection OSI in the index record when the index record corresponding to the data packet identifier is found Layer information, and forwarding the fragment data packet according to the fourth layer information;
  • the index record is generated according to a first packet corresponding to the fragment data packet, where the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet. relationship.
  • the method further includes:
  • An obtaining unit configured to acquire, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet;
  • An establishing unit configured to be connected to the acquiring unit, configured to establish an index relationship between the data packet identifier and the fourth layer information
  • a generating unit configured to be connected to the establishing unit, configured to generate, in the index table, the index record that includes a correspondence between the data packet identifier and the fourth layer information according to the index relationship.
  • the method further includes:
  • a cache unit configured to be connected to the search unit, configured to cache the fragment data packet when the index record is not found.
  • the method further includes:
  • the deleting unit is configured to delete the index record according to a preset deletion condition.
  • a data packet forwarding method is provided in the embodiment of the present invention.
  • the method is applied to an OpenFlow switch.
  • the switch When the method is applied, when the first packet of the fragmented data packet arrives at the OpenFlow
  • the switch generates an index record according to the first packet, where the index record includes a correspondence between a data packet identifier of the data packet in which the first packet is located and fourth layer information in the first packet;
  • the non-first packet fragment data packet of the packet arrives at the OpenFlow switch, the fourth layer information in the index record is read, and the non-first packet fragment data packet is performed according to the fourth layer information.
  • Forwarding solves the problem that the OpenFlow switch cannot forward packets other than the first packet according to the fourth layer information.
  • FIG. 1 is a schematic structural diagram of an IP fragment data packet according to an embodiment of the present disclosure
  • FIG. 2 is a flowchart of a method for forwarding a data packet according to an embodiment of the present invention
  • FIG. 3 is a flowchart of a specific method for forwarding a data packet according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of an index table according to an embodiment of the present invention.
  • FIG. 5 is a flowchart of a specific method for forwarding a data packet according to an embodiment of the present invention
  • FIG. 6 is a schematic structural diagram of a data packet forwarding device according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of a data packet forwarding device according to an embodiment of the present disclosure.
  • FIG. 8 is still another schematic structural diagram of a data packet forwarding device according to an embodiment of the present invention.
  • IP packets are fragmented in the IP packet during network transmission. Because the link layer has the Maximum Transmission Unit (MTU) feature, it limits the maximum length of data frames, and different network types have an upper limit.
  • MTU Maximum Transmission Unit
  • the MTU of Ethernet is 1500. If the IP layer has a data packet to transmit and the length of the data packet exceeds the MTU, then the IP layer performs a fragmentation operation on the data packet so that each slice has a length less than or equal to the MTU.
  • MTU Maximum Transmission Unit
  • the data packet contains multi-layer information of the open system interconnection OSI, and the multi-layer information of the OSI includes: the first layer information L1 refers to a physical transmission medium, such as an optical fiber, Network line, etc.; the second layer of information L2 refers to the mac address; the third layer of information L3 refers to the IP address; the fourth layer of information L4 refers to the port, for example, the web service generally uses port 80; the fourth layer of information refers to a specific network protocol, such as http Agreement, or https protocol, etc.
  • the first layer information L1 refers to a physical transmission medium, such as an optical fiber, Network line, etc.
  • the second layer of information L2 refers to the mac address
  • the third layer of information L3 refers to the IP address
  • the fourth layer of information L4 refers to the port, for example, the web service generally uses port 80
  • the fourth layer of information refers to a specific network protocol, such as http Agreement, or https protocol, etc.
  • the first data packet obtained by the fragmentation is called the first packet, and the first packet is encapsulated. Contains all packet information: Layer 1 information, Layer 2 information, Layer 3 information, Layer 4 information, and Layer 4 and above information.
  • the slice data packet after the first packet does not include the fourth layer information and the fourth layer or more information, that is, the fragment data packet other than the first packet contains only the mac address and the ip information.
  • FIG. 1 is a schematic structural diagram of an IP fragment data packet. After a complete data packet is fragmented, each fragment data packet has the same segment identifier, and the segment identifier is used to indicate that each fragment data packet belongs to the same data pack.
  • the DF identifier in the IP fragment packet structure indicates whether the fragment packet is a fragmented packet, and the MF identifier indicates whether the current fragment packet has a subsequent fragment packet.
  • the OpenFlow switch forwards the fragmented data packet according to the preset forwarding rule
  • the preset forwarding rule specifies that the data packet is forwarded according to the second layer information or the third layer information
  • the OpenFlow switch is based on the fragmented data packet.
  • the second layer information or the third layer information in the middle is forwarded to each fragment data packet.
  • the first packet includes the fourth layer information
  • the OpenFlow switch may directly forward the first packet according to the fourth layer information in the first packet.
  • the layered data packet other than the first packet does not contain the fourth layer information, so OpenFlow cannot forward the fragmented data packet that is not the first packet according to the preset forwarding rule.
  • the present invention provides a data packet forwarding method, which is applied to an OpenFlow switch, and its execution subject may be a processor component in an OpenFlow switch or an Openflow switch.
  • FIG. 2 the present invention is shown in the present invention.
  • a schematic diagram of a structure of a packet forwarding method including:
  • Step S101 Receive a fragment data packet that is not the first packet
  • the OpenFlow switch When the OpenFlow switch receives the data packet, it can determine whether the received data packet is a fragmented data packet according to the segment identifier in the data packet, and can determine the DF identifier, the MF identifier, and the segment offset in the data packet. Whether the received fragmented packet is the first packet.
  • the data packet may be directly forwarded according to the preset forwarding rule, and the forwarding rule is to forward the data packet according to the fourth layer information in the data packet.
  • the fragment data packet is used as a target data packet for subsequent processing.
  • Step S102 Searching, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
  • the data packet identifier in the fragment data packet is obtained, where the data packet identifier may be a segment identifier in the fragment data packet, or may be a destination IP included in the fragment data packet. And combining the source IP and the IP packet identifier, and then searching for an index record corresponding to the data packet identifier according to the data packet identifier.
  • the index record in the embodiment of the present invention is generated according to the first packet corresponding to the fragment data packet received by the OpenFlow switch, where the index record includes the data packet identifier and the first packet. The correspondence between the fourth layer of information.
  • the generated index record is stored in a pre-established index table.
  • the first packet corresponding to the fragmented data packet refers to a first packet that belongs to the same complete data packet as the fragmented data packet, and the first packet has the same data as the fragmented data packet.
  • the package identifier has the same segment identifier.
  • Step S103 When the index record corresponding to the data packet identifier is found, read the fourth layer information of the Open System Interconnection OSI in the index record, and according to the fourth layer information The fragmented data packet is forwarded.
  • the fourth layer information in the index record is read, and the fourth layer information is The fourth layer information in the first packet corresponding to the fragmented data packet is forwarded, so that the fragmented data packet can be forwarded according to the fourth layer information in the index record.
  • the OpenFlow switch forwards the fragmented data packet, when the forwarding rule forwards all the fragmented data packets according to the fourth layer information, the OpenFlow switch generates an index according to the received first packet when receiving the first packet.
  • Recording referring to FIG. 3, shows an index of an embodiment of the present invention. Record generation process, including:
  • Step S201 When the first packet is received, obtain the data packet identifier and the fourth layer information included in the first packet.
  • the OpenFlow switch determines whether the received fragmented data packet is the first packet according to the DF identifier, the MF identifier, and the segment offset in the fragmented data packet, and determines the received fragmented data packet.
  • the packet identifier and the fourth layer information included in the first packet are obtained, and the packet identifier of the first packet may be the segment identifier in the first packet, or may be the destination IP included in the first packet. , a combination of source IP and IP packet identifiers.
  • Step S202 Establish an index relationship between the data packet identifier and the fourth layer information.
  • the combination of the destination IP, the source IP, and the IP packet identifier in the first packet is used as the packet identifier of the first packet, and the fourth layer information in the first packet is obtained, that is, the source of the forwarding. Port information and destination port information; establishing an index relationship between the data packet identifier of the first packet and the fourth layer information.
  • Step S203 Generate, in the index table, the index record that includes the correspondence between the data packet identifier and the fourth layer information according to the index relationship.
  • An index record is generated according to the established index table relationship, and the packet identifier of the first packet is used as an index record identifier of the index record. As shown in FIG. 4, the index record includes the packet identifier of the first packet and the fourth layer information in the first packet.
  • the packet forwarding method provided by the embodiment of the present invention is applicable, because the first packet and the non-first packet fragment data packet belonging to the same complete data packet all contain the same data packet identifier, and therefore the fragment data of the non-first packet is received.
  • the index record having the same packet identifier can be searched according to the packet identifier of the non-first packet, and then the fourth layer information in the index record is read, and the non-first packet received according to the fourth layer information is received.
  • the fragmented packets are forwarded.
  • an OpenFlow switch receives a plurality of different first packets, and an index record corresponding to the first packet is generated for each first packet OpenFlow switch. Obtaining a packet identifier of the fragmented data packet when receiving a fragmented data packet that is not the first packet; Each index record of the OpenFlow switch is traversed one by one according to the data packet identifier.
  • the index record having the same data packet identifier as the received fragment data packet is found, it is indicated that the index record is established according to the first packet corresponding to the fragment data packet, and the index record is determined as The data packet of the fragmented data packet identifies a corresponding index table.
  • FIG. 5 is a flowchart of a detailed method for forwarding a data packet according to an embodiment of the present invention, including:
  • Step S301 Receive a fragment data packet
  • Step S302 determining whether the fragmented data packet is the first packet, if yes, executing step S303; otherwise, executing step S304;
  • Step S303 generating an index record according to the first packet, and performing a step S309;
  • Step S304 Find an index record corresponding to the fragment data packet
  • Step S305 determining whether the index record is found, when found, step S307; otherwise, executing step S306;
  • Step S306 Cache the fragment data packet for a preset period of time, and return to step S304 again;
  • the fragmented packet obtained by the fragment will arrive at the OpenFlow switch in a certain period of time. If the fragmented packet of the non-first packet arrives at the OpenFlow switch before the first packet, it is not the first packet. The fragmented data packet cannot be found with the corresponding index record. At this time, the non-first packet fragment data packet that has been received is cached for a period of time, and then the corresponding index record is searched in the OpenFlow switch.
  • Step S307 The fourth layer information in the index record is added to the forwarding information of the fragment data packet;
  • the fourth layer information in the index record is read, and the The four layers of information are added to the forwarding information corresponding to the fragmented data packet, and then according to the forwarding information.
  • the fourth layer of information forwards the fragmented data packet.
  • the fragmented data packet needs to be analyzed, the forwarding information of the fragmented data packet is obtained, and the fragmented data packet is forwarded according to the forwarding information.
  • the forwarding information obtained by analyzing the fragment data packet does not include the fourth layer information.
  • the fourth layer information is added to the forwarding information corresponding to the fragment data packet, so that the fourth layer information can be forwarded according to the fourth layer information.
  • the forwarding information is rule information required in the data packet forwarding process, and includes information such as a port and a protocol corresponding to the packet forwarding.
  • Step S308 Marking the fourth layer information in the fragment data packet as unmodifiable information
  • the received non-first packet fragment data packet does not include the fourth layer information
  • only the fourth layer information is added in the forwarding information of the fragment data packet, so the fourth layer information in the fragmented data packet needs to be marked.
  • the information cannot be modified to prevent the modification of the fourth layer information in the fragmented data packet in the subsequent forwarding process, which affects the subsequent forwarding process.
  • Step S309 Query the multi-level flow table in the OpenFlow switch, and forward the fragmented data packet.
  • the multi-level flow table in the OpenFlow switch may be queried to forward the fragmented data packet.
  • the established index table may be deleted according to a preset deletion condition to release the memory. space.
  • the preset deletion condition may be set to a certain time interval. When the time interval is reached, the established index record is deleted, and the established index may be directly determined after determining that each fragment packet of a complete data packet is forwarded. The record is deleted.
  • the first packet a, the fragmented data packet b, and the fragmented data packet c are obtained; in a certain time interval, the time of the above three data packets reaching the OpenFlow is compliant.
  • the sequence is fragmented packet b, first packet a, and fragment packet c.
  • the fragmented data packet b When the fragmented data packet b reaches the OpenFlow switch, it is determined that the fragmented data packet b is a fragmented data packet that is not the first packet, and the fragmented data packet b is used as a target data packet to be processed, and according to the fragmented data packet b In the data packet identifier, the index record corresponding to the packet identifier of the fragmented data packet b is searched, and since the fragmented data packet b arrives before the first packet a, the corresponding index record cannot be found, and the fragmented data packet is obtained. b cache for a while.
  • the OpenFlow switch determines that the first packet a is the first packet
  • the packet identifier of the first packet a and the fourth layer information in the first packet a are read, and the packet identifier of the first packet a is established. Index relationship with the fourth layer of information, and generate an index record.
  • the first packet a is forwarded according to a preset forwarding rule.
  • the fragmented data packet c arrives at the OpenFlow switch, it is determined that the fragmented data packet c is a fragmented data packet that is not the first packet, and the fragmented data packet c is used as a target data packet to be processed, and according to the fragmented data packet.
  • the packet identifier in the packet c is searched for an index record corresponding to the fragment packet c, and the index record is established according to the first packet a.
  • the fragmented data packet c has the same data packet identifier as the first packet a.
  • the fourth layer information in the index record is read, and the fourth layer information is added to the forwarding information corresponding to the fragmented data packet c. In the table, the fourth layer information is marked as non-modifiable information.
  • the fragmented data packet c is then forwarded according to the fourth layer information in the forwarding information table.
  • the index record is re-discovered, and the same execution process as the fragmented data packet c is performed, and when the first packet a, the fragmented data packet b, and the fragmented data packet c are all forwarded. After that, delete the created index table.
  • FIG. 6 is a schematic structural diagram of the device.
  • the device may be an OpenFlow switch, and the device includes:
  • the receiving unit 401 is configured to receive a fragmented data packet that is not the first packet
  • the receiving unit 401 can determine the receiving according to the segment identifier in the data packet. Whether the received data packet is a fragmented data packet, according to the DF identifier, the MF identifier, and the segment offset in the data packet, it can be determined whether the received fragmented data packet is the first packet.
  • the data packet may be directly forwarded according to the preset forwarding rule, and the forwarding rule is to forward the data packet according to the fourth layer information in the data packet.
  • the fragment data packet is used as a target data packet for subsequent processing.
  • the searching unit 402 is connected to the receiving unit 401, and configured to search, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
  • the data packet identifier in the fragment data packet is obtained, where the data packet identifier may be a segment identifier in the fragment data packet, or may be a destination IP included in the fragment data packet. And a combination of the source IP and the IP packet identifier, the searching unit 402 searches for an index record corresponding to the data packet identifier according to the data packet identifier.
  • the index record in the embodiment of the present invention is generated according to the first packet corresponding to the fragment data packet received by the OpenFlow switch, where the index record includes the data packet identifier and the first packet. The correspondence between the fourth layer of information.
  • the generated index record is stored in a pre-established index table.
  • the first packet corresponding to the fragmented data packet refers to a first packet that belongs to the same complete data packet as the fragmented data packet, and the first packet has the same data as the fragmented data packet.
  • the package identifier has the same segment identifier.
  • the forwarding unit 403 is connected to the searching unit, and is configured to read the fourth layer information of the Open System Interconnection OSI in the index record when the index record corresponding to the data packet identifier is found. And forwarding the fragment data packet according to the fourth layer information;
  • the forwarding unit 403 reads the fourth layer information in the index record, where the fourth layer information is the The fourth layer of information in the first packet corresponding to the slice data packet, so it can be based on the first in the index record The four layers of information forward the fragmented data packet.
  • FIG. 7 is a schematic structural diagram of a data packet forwarding device according to an embodiment of the present invention.
  • the data packet forwarding device in the present invention further includes:
  • the obtaining unit 404 is configured to acquire, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet.
  • the establishing unit 405 is connected to the obtaining unit 404, and establishes an index relationship between the data packet identifier and the fourth layer information.
  • the generating unit 406 is connected to the establishing unit 405, and configured to generate, in the index table, the index record that includes the correspondence between the data packet identifier and the fourth layer information according to the index relationship.
  • the data packet forwarding device provided by the embodiment of the present invention further includes:
  • the cache unit 407 is connected to the search unit 402, and is configured to buffer the fragment data packet when the index record is not found.
  • the deleting unit 408 is configured to delete the index record according to a preset deletion condition.
  • the data packet forwarding device 500 may include a CPU 501 and a memory 502 in hardware.
  • the CPU 501 can at least perform the following steps by running the software program 503 stored in the memory 502 and calling the data stored in the memory 502:
  • the fourth layer information of the Open System Interconnection OSI in the index record is read, and the fragment is compared according to the fourth layer information.
  • the data packet is forwarded;
  • the index record is generated according to a first packet corresponding to the fragmented data packet,
  • the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet.
  • the foregoing memory may specifically be a DDR SDRAM, an SRAM, a FLASH, an SSD, etc., and mainly includes a program storage area and a data storage area, wherein the program storage area may store an operating system and an application required for at least one function (for example, the above software program) 503) and the like; the data storage area may store data finally generated according to the execution condition of the CPU, and the intermediate data generated by the CPU in executing the above steps is stored in the memory.
  • the program storage area may store an operating system and an application required for at least one function (for example, the above software program) 503) and the like
  • the data storage area may store data finally generated according to the execution condition of the CPU, and the intermediate data generated by the CPU in executing the above steps is stored in the memory.
  • CPU 501 and the memory 502 can be integrated into the same chip, or can be two independent devices.
  • the foregoing program may be stored in a computer readable storage medium, and the program is executed when executed.
  • the foregoing steps include the steps of the foregoing method embodiments; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.
  • the disclosed apparatus and method may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the modules is only a logical function division.
  • there may be another division manner for example, multiple modules or components may be combined or Can be integrated into another device, Or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some communication interface, device or module, and may be in an electrical, mechanical or other form.
  • modules described as separate components may or may not be physically separated, and the components displayed as modules may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to implement the objectives of the solution of the embodiment.
  • each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed is a data packet forwarding method, which is applied to an OpenFlow switch. In the application process, the method comprises: when a first packet of fragmented data packets reaches an OpenFlow switch, generating an index record in accordance with the first packet, the index record containing a correlation between a data packet identifier of a data packet where the first packet is located and the fourth layer of information in the first packet; and when a fragmented data packet of a non-first packet corresponding to the first packet reaches the OpenFlow switch, reading the fourth layer of information in the index record, and forwarding the fragmented data packet of a non-first packet in accordance with the fourth layer of information, thereby solving the problem that an OpenFlow switch cannot forward data packets except the non-first packet in accordance with the fourth layer of information.

Description

一种数据包转发方法及设备Data packet forwarding method and device 技术领域Technical field
本申请涉及网络通信领域,特别是涉及一种数据包转发方法及设备。The present application relates to the field of network communications, and in particular, to a packet forwarding method and device.
背景技术Background technique
开放流(OpenFlow)技术最早由斯坦福大学提出,旨在基于现有TCP/IP技术条件,以创新的网络互联理念,解决当前网络面对新业务产生的种种瓶颈。它的核心思想就是将原本完全由交换机/路由器控制的数据包转发过程,转化为OpenFlow交换机和控制服务器分别完成的独立过程。The OpenFlow technology was first proposed by Stanford University. Based on the existing TCP/IP technology conditions, the OpenFlow technology aims to solve the bottlenecks caused by the current network facing new services based on the innovative network interconnection concept. Its core idea is to transform the packet forwarding process, which was originally controlled by the switch/router, into an independent process completed by the OpenFlow switch and the control server respectively.
一个完整的数据包在进行转发的过程中,当数据包的长度超过链路层的最大传输单元(Maximum Transmission Unit,MTU)时,IP层会对数据包进行数据包分片,分片获得的第一个数据包称为首包,首包中包含了数据包转发过程中所需的开放式系统互联OSI的第四层信息,除首包以外的其它数据包中不包含OSI的第四层信息。In the process of forwarding a complete data packet, when the length of the data packet exceeds the Maximum Transmission Unit (MTU) of the link layer, the IP layer performs packet fragmentation on the data packet and obtains the fragmentation. The first packet is called the first packet. The first packet contains the fourth layer information of the open system interconnection OSI required in the packet forwarding process. The other packets except the first packet do not contain the fourth layer information of the OSI. .
发明人经过研究发现,OpenFlow交换机对经过分片的非首包的数据包进行转发时,由于经过分片的非首包的数据包中不包含OSI的第四层数信息,导致OpenFlow交换机无法根据所述第四层信息对非首包以外的数据包进行转发。The inventor found that when the OpenFlow switch forwards the fragmented non-first packet, the OpenFlow switch cannot be used because the fragmented non-first packet does not contain the fourth layer of OSI information. The fourth layer information is forwarded to data packets other than the first packet.
发明内容Summary of the invention
本发明实施例提供一种数据包转发方法及设备,以解决OpenFlow交换机无法根据第四层信息对非首包以外的数据包进行转发的问题。The embodiment of the invention provides a data packet forwarding method and device, so as to solve the problem that an OpenFlow switch cannot forward data packets other than the first packet according to the fourth layer information.
为实现上述目的,本发明实施例提供如下技术方案:To achieve the above objective, the embodiment of the present invention provides the following technical solutions:
第一方面,提供一种数据包转发方法,包括:In a first aspect, a data packet forwarding method is provided, including:
接收非首包的分片数据包;Receiving a fragmented data packet that is not the first packet;
依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;Determining, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记 录中的开放式系统互联OSI的第四层信息,并依据所述第四层信息对所述分片数据包进行转发;Reading the index record when the index record corresponding to the packet identifier is found The open system of the recorded system interconnects the fourth layer information of the OSI, and forwards the fragmented data packet according to the fourth layer information;
其中,所述索引记录是根据与所述分片数据包相对应的首包生成的,所述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。The index record is generated according to a first packet corresponding to the fragment data packet, where the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet. relationship.
结合第一方面,在第一种可能的实现方式中,所述索引记录的建立过程包括:With reference to the first aspect, in a first possible implementation manner, the process of establishing the index record includes:
当接收到所述首包时,获取所述首包中包含的所述数据包标识及所述第四层信息;And acquiring, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet;
建立所述数据包标识与所述第四层信息的索引关系;Establishing an index relationship between the data packet identifier and the fourth layer information;
根据所述索引关系在所述索引表中生成包含所述数据包标识与所述第四层信息的对应关系的所述索引记录。And generating, according to the index relationship, the index record that includes a correspondence between the data packet identifier and the fourth layer information in the index table.
结合第一方面,在第二种可能的实现方式中,还包括:In combination with the first aspect, in a second possible implementation manner, the method further includes:
当未查找到所述索引记录时,对所述分片数据包进行缓存;并在缓存时长满足预设缓存周期时,在所述索引表中重新查找所述索引记录。When the index record is not found, the fragment data packet is cached; and when the cache duration meets a preset cache period, the index record is re-searched in the index table.
结合第一方面,在第三种可能的实现方式中,所述依据所述第四层信息对所述分片数据包进行转发包括:With reference to the first aspect, in a third possible implementation, the forwarding, by the fourth layer information, the fragment data packet includes:
将所述第四层信息补充至与所述分片数据包相对应的转发信息中;Adding the fourth layer information to the forwarding information corresponding to the fragment data packet;
依据所述转发信息对所述分片数据包进行转发。And forwarding the fragmented data packet according to the forwarding information.
结合第一方面的第三种可能的实现方式,在第四种可能的实现方式中,还包括:In conjunction with the third possible implementation of the first aspect, in a fourth possible implementation, the method further includes:
标记所述分片数据包中的第四层信息为不可修改信息。The fourth layer information in the fragmented data packet is marked as unmodifiable information.
结合第一方面,或第一方面的第一种可能的实现方式,在第五种可能的实现方式中,还包括:With reference to the first aspect, or the first possible implementation manner of the first aspect, in a fifth possible implementation manner, the method further includes:
依据预设的删除条件,对所述索引记录进行删除。The index record is deleted according to a preset deletion condition.
第二方面,提供一种数据包转发设备,包括:In a second aspect, a packet forwarding device is provided, including:
接收单元,用于接收非首包的分片数据包;a receiving unit, configured to receive a fragmented data packet that is not the first packet;
查找单元,与所述接收单元相连接,用于依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;a searching unit, configured to be connected to the receiving unit, configured to search, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
转发单元,与所述查找单元相连接,用于当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记录中的开放式系统互联OSI的第四 层信息,并依据所述第四层信息对所述分片数据包进行转发;a forwarding unit, configured to connect to the searching unit, to read the fourth of the open system interconnection OSI in the index record when the index record corresponding to the data packet identifier is found Layer information, and forwarding the fragment data packet according to the fourth layer information;
其中,所述索引记录是根据与所述分片数据包相对应的首包生成的,所述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。The index record is generated according to a first packet corresponding to the fragment data packet, where the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet. relationship.
结合第二方面,在第一种可能的实现方式中,还包括:In combination with the second aspect, in the first possible implementation manner, the method further includes:
获取单元,用于当接收到所述首包时,获取所述首包中包含的所述数据包标识及所述第四层信息;An obtaining unit, configured to acquire, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet;
建立单元,与所述获取单元相连接,用于建立所述数据包标识与所述第四层信息的索引关系;An establishing unit, configured to be connected to the acquiring unit, configured to establish an index relationship between the data packet identifier and the fourth layer information;
生成单元,与所述建立单元相连接,用于根据所述索引关系在所述索引表中生成包含所述数据包标识与所述第四层信息的对应关系的所述索引记录。a generating unit, configured to be connected to the establishing unit, configured to generate, in the index table, the index record that includes a correspondence between the data packet identifier and the fourth layer information according to the index relationship.
结合第二方面,在第二种可能的实现方式中,还包括:In combination with the second aspect, in a second possible implementation manner, the method further includes:
缓存单元,与所述查找单元相连接,用于当未查找到所述索引记录时,对所述分片数据包进行缓存。And a cache unit, configured to be connected to the search unit, configured to cache the fragment data packet when the index record is not found.
结合第二方面,在第三种可能的实现方式中,还包括:In combination with the second aspect, in a third possible implementation manner, the method further includes:
删除单元,用于依据预设的删除条件,对所述索引记录进行删除。The deleting unit is configured to delete the index record according to a preset deletion condition.
由以上本发明实施例提供的技术方案可见,本发明实施例提供的一种数据包转发方法,该方法应用于OpenFlow交换机,在该方法应用过程中,当有分片数据包的首包到达OpenFlow交换机时,依据所述首包生成索引记录,所述索引记录中包含有所述首包所在数据包的数据包标识与所述首包中的第四层信息的对应关系;当与所述首包相对应的非首包的分片数据包到达OpenFlow交换机时,读取所述索引记录中的第四层信息,并依据所述第四层信息对所述非首包的分片数据包进行转发,从而解决了OpenFlow交换机无法根据第四层信息对非首包以外的数据包进行转发的问题。According to the technical solution provided by the embodiment of the present invention, a data packet forwarding method is provided in the embodiment of the present invention. The method is applied to an OpenFlow switch. When the method is applied, when the first packet of the fragmented data packet arrives at the OpenFlow The switch generates an index record according to the first packet, where the index record includes a correspondence between a data packet identifier of the data packet in which the first packet is located and fourth layer information in the first packet; When the non-first packet fragment data packet of the packet arrives at the OpenFlow switch, the fourth layer information in the index record is read, and the non-first packet fragment data packet is performed according to the fourth layer information. Forwarding solves the problem that the OpenFlow switch cannot forward packets other than the first packet according to the fourth layer information.
附图说明DRAWINGS
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请中记载的一些实施例,对于本领域普通技术人员来讲,在不 付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the embodiments or the prior art description will be briefly described below. Obviously, the drawings in the following description are only in the present application. Some of the embodiments described are for those of ordinary skill in the art, not Other drawings can also be obtained from these drawings on the premise of creative work.
图1为本发明实施例提供的一种IP分片数据包的结构示意图;FIG. 1 is a schematic structural diagram of an IP fragment data packet according to an embodiment of the present disclosure;
图2为本发明实施例提供的一种数据包转发方法的方法流程图;2 is a flowchart of a method for forwarding a data packet according to an embodiment of the present invention;
图3为本发明实施例提供的一种数据包转发方法的一具体方法流程图;FIG. 3 is a flowchart of a specific method for forwarding a data packet according to an embodiment of the present invention;
图4为本发明实施例提供的索引表的结构示意图;4 is a schematic structural diagram of an index table according to an embodiment of the present invention;
图5为本发明实施例提供的一种数据包转发方法的一具体方法流程图;FIG. 5 is a flowchart of a specific method for forwarding a data packet according to an embodiment of the present invention;
图6为本发明实施例提供的一种数据包转发设备的结构示意图;FIG. 6 is a schematic structural diagram of a data packet forwarding device according to an embodiment of the present disclosure;
图7为本发明实施例提供的一种数据包转发设备的一具体结构示意图;FIG. 7 is a schematic structural diagram of a data packet forwarding device according to an embodiment of the present disclosure;
图8为本发明实施例提供的一种数据包转发设备的又一结构示意图。FIG. 8 is still another schematic structural diagram of a data packet forwarding device according to an embodiment of the present invention.
具体实施方式detailed description
为了使本技术领域的人员更好地理解本申请方案。下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本申请保护的范围。In order to enable those skilled in the art to better understand the solution of the present application. The technical solutions in the embodiments of the present application are clearly and completely described in the following with reference to the drawings in the embodiments of the present application. It is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present application without departing from the inventive scope shall fall within the scope of the application.
IP数据包在网络传输过程中,会进行IP数据包分片。因为链路层具有最大传输单元(Maximum Transmission Unit,MTU)这个特性,它限制了数据帧的最大长度,不同的网络类型都有一个上限值。以太网的MTU是1500。如果IP层有数据包要传,而且数据包的长度超过了MTU,那么IP层就要对数据包进行分片(fragmentation)操作,使每一片的长度都小于或等于MTU。IP packets are fragmented in the IP packet during network transmission. Because the link layer has the Maximum Transmission Unit (MTU) feature, it limits the maximum length of data frames, and different network types have an upper limit. The MTU of Ethernet is 1500. If the IP layer has a data packet to transmit and the length of the data packet exceeds the MTU, then the IP layer performs a fragmentation operation on the data packet so that each slice has a length less than or equal to the MTU.
一个完整的数据包在传输过程中,数据包中包含有开放式系统互联OSI的多层信息,所述OSI的多层信息中包含有:第一层信息L1指物理的传输介质,比如光纤、网线等;第二层信息L2指mac地址;第三层信息L3指IP地址;第四层信息L4指端口,比如网页服务一般使用80端口;第四层以上信息指具体的网络协议,比如http协议,或者https协议等。A complete data packet in the transmission process, the data packet contains multi-layer information of the open system interconnection OSI, and the multi-layer information of the OSI includes: the first layer information L1 refers to a physical transmission medium, such as an optical fiber, Network line, etc.; the second layer of information L2 refers to the mac address; the third layer of information L3 refers to the IP address; the fourth layer of information L4 refers to the port, for example, the web service generally uses port 80; the fourth layer of information refers to a specific network protocol, such as http Agreement, or https protocol, etc.
IP层对数据包进行分片时,分片得到的第一数据包称为首包,首包中包 含有全部的数据包信息:第一层信息、第二层信息、第三层信息、第四层信息及第四层以上的信息。首包之后的分片数据包中不包含第四层信息及第四层以上的信息,即首包之外的分片数据包中只包含有mac地址和ip信息。When the IP layer fragments a data packet, the first data packet obtained by the fragmentation is called the first packet, and the first packet is encapsulated. Contains all packet information: Layer 1 information, Layer 2 information, Layer 3 information, Layer 4 information, and Layer 4 and above information. The slice data packet after the first packet does not include the fourth layer information and the fourth layer or more information, that is, the fragment data packet other than the first packet contains only the mac address and the ip information.
图1示出了IP分片数据包的结构示意图,一个完整的数据包经过分片之后,各个分片数据包具有相同的分段标识,分段标识用于表示各个分片数据包属于同一个数据包。IP分片数据包结构中的DF标识表示该分片数据包是否为分片数据包,MF标识表示当前分片数据包是否有后续分片数据包。FIG. 1 is a schematic structural diagram of an IP fragment data packet. After a complete data packet is fragmented, each fragment data packet has the same segment identifier, and the segment identifier is used to indicate that each fragment data packet belongs to the same data pack. The DF identifier in the IP fragment packet structure indicates whether the fragment packet is a fragmented packet, and the MF identifier indicates whether the current fragment packet has a subsequent fragment packet.
OpenFlow交换机依据预设的转发规则对分片数据包进行转发时,当所述预设的转发规则规定依据第二层信息或第三层信息对数据包进行转发时,OpenFlow交换机依据分片数据包中的第二层信息或第三层信息对各个分片数据包进行转发。When the OpenFlow switch forwards the fragmented data packet according to the preset forwarding rule, when the preset forwarding rule specifies that the data packet is forwarded according to the second layer information or the third layer information, the OpenFlow switch is based on the fragmented data packet. The second layer information or the third layer information in the middle is forwarded to each fragment data packet.
当所述预设的转发规则规定依据第四层信息对分片数据包进行转发时,首包中包含第四层信息,OpenFlow交换机可以依据首包中的第四层信息直接对首包进行转发。首包以外的其它分片数据包中不包含第四层信息,因此OpenFlow无法依据预设的转发规则对非首包的分片数据包进行转发。When the preset forwarding rule specifies that the fragmented data packet is forwarded according to the fourth layer information, the first packet includes the fourth layer information, and the OpenFlow switch may directly forward the first packet according to the fourth layer information in the first packet. . The layered data packet other than the first packet does not contain the fourth layer information, so OpenFlow cannot forward the fragmented data packet that is not the first packet according to the preset forwarding rule.
针对上述问题,本发明提供一种数据包转发方法,该方法应用于OpenFlow交换机中,其执行主体可以为OpenFlow交换机或Openflow交换机中的某一处理器部件,参见图2,示出了本发明中一种数据包转发方法的结构示意图,包括:The present invention provides a data packet forwarding method, which is applied to an OpenFlow switch, and its execution subject may be a processor component in an OpenFlow switch or an Openflow switch. Referring to FIG. 2, the present invention is shown in the present invention. A schematic diagram of a structure of a packet forwarding method, including:
步骤S101:接收非首包的分片数据包;Step S101: Receive a fragment data packet that is not the first packet;
当OpenFlow交换机接收到数据包时,依据数据包中的分段标识可以确定出接收到的数据包是否为分片数据包,依据数据包中的DF标识、MF标识及段偏移,可以确定出接收的分片数据包是否为首包。When the OpenFlow switch receives the data packet, it can determine whether the received data packet is a fragmented data packet according to the segment identifier in the data packet, and can determine the DF identifier, the MF identifier, and the segment offset in the data packet. Whether the received fragmented packet is the first packet.
当接收的数据包为完整数据包或首包时,可以直接依据预设的转发规则进行转发,所述转发规则为依据数据包中的第四层信息对数据包进行转发。 When the received data packet is a complete data packet or a first packet, the data packet may be directly forwarded according to the preset forwarding rule, and the forwarding rule is to forward the data packet according to the fourth layer information in the data packet.
当确定接收的数据包为非首包的分片数据包时,将所述分片数据包作为目标数据包进行后续的处理。When it is determined that the received data packet is a non-first packet fragment data packet, the fragment data packet is used as a target data packet for subsequent processing.
步骤S102:依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;Step S102: Searching, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
本发明实施例中,获取所述分片数据包中的数据包标识,所述数据包标识可以为所述分片数据包中的分段标识,也可以为分片数据包中包含的目的IP、源IP及IP包标示符的组合,然后依据所述数据包标识查找与所述数据包标识相对应的索引记录。In the embodiment of the present invention, the data packet identifier in the fragment data packet is obtained, where the data packet identifier may be a segment identifier in the fragment data packet, or may be a destination IP included in the fragment data packet. And combining the source IP and the IP packet identifier, and then searching for an index record corresponding to the data packet identifier according to the data packet identifier.
本发明实施例中的索引记录是依据OpenFlow交换机接收到的与所述分片数据包相对应的首包生成的,所述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。所述生成的索引记录存储在预建立的索引表中。The index record in the embodiment of the present invention is generated according to the first packet corresponding to the fragment data packet received by the OpenFlow switch, where the index record includes the data packet identifier and the first packet. The correspondence between the fourth layer of information. The generated index record is stored in a pre-established index table.
本发明实施例中,与所述分片数据包相对应的首包是指与所述分片数据包属于同一完整数据包的首包,该首包与所述分片数据包具有相同的数据包标识,即具有相同的分段标识。In the embodiment of the present invention, the first packet corresponding to the fragmented data packet refers to a first packet that belongs to the same complete data packet as the fragmented data packet, and the first packet has the same data as the fragmented data packet. The package identifier has the same segment identifier.
步骤S103:当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记录中的开放式系统互联OSI的第四层信息,并依据所述第四层信息对所述分片数据包进行转发。Step S103: When the index record corresponding to the data packet identifier is found, read the fourth layer information of the Open System Interconnection OSI in the index record, and according to the fourth layer information The fragmented data packet is forwarded.
本发明实施例中,在OpenFlow交换机中,查找到与分片数据包的数据包标识相对应的索引记录后,读取所述索引记录中的第四层信息,所述第四层信息为所述分片数据包对应的首包中的第四层信息,因此可以依据所述索引记录中的第四层信息对所述分片数据包进行转发。In the embodiment of the present invention, after the index record corresponding to the data packet identifier of the fragmented data packet is found in the OpenFlow switch, the fourth layer information in the index record is read, and the fourth layer information is The fourth layer information in the first packet corresponding to the fragmented data packet is forwarded, so that the fragmented data packet can be forwarded according to the fourth layer information in the index record.
OpenFlow交换机对分片数据包进行转发时,当转发规则为依据第四层信息对所有的分片数据包进行转发时,OpenFlow交换机在接收到首包时,依据所述接收到的首包生成索引记录,参见图3,示出了本发明实施例中,索引记 录的生成过程,包括:When the OpenFlow switch forwards the fragmented data packet, when the forwarding rule forwards all the fragmented data packets according to the fourth layer information, the OpenFlow switch generates an index according to the received first packet when receiving the first packet. Recording, referring to FIG. 3, shows an index of an embodiment of the present invention. Record generation process, including:
步骤S201:当接收到所述首包时,获取所述首包中包含的所述数据包标识及所述第四层信息;Step S201: When the first packet is received, obtain the data packet identifier and the fourth layer information included in the first packet.
OpenFlow交换机接收到分片数据包时,依据所述分片数据包中的DF标识、MF标识及段偏移,可以确定出接收的分片数据包是否为首包,当确定接收的分片数据包为首包时,获取所述首包中包含的数据包标识及第四层信息,所述首包的数据包标识可以为首包中的分段标识,也可以为也可以为首包中包含的目的IP、源IP及IP包标示符的组合。When receiving the fragmented data packet, the OpenFlow switch determines whether the received fragmented data packet is the first packet according to the DF identifier, the MF identifier, and the segment offset in the fragmented data packet, and determines the received fragmented data packet. For the first packet, the packet identifier and the fourth layer information included in the first packet are obtained, and the packet identifier of the first packet may be the segment identifier in the first packet, or may be the destination IP included in the first packet. , a combination of source IP and IP packet identifiers.
步骤S202:建立所述数据包标识与所述第四层信息的索引关系;Step S202: Establish an index relationship between the data packet identifier and the fourth layer information.
如本发明实施例图4所示,将首包中的目的IP、源IP及IP包标示符的组合作为首包的数据包标识,并获取首包中的第四层信息,即转发的源端口信息及目的端口信息;建立首包的数据包包标识与第四层信息的索引关系。As shown in FIG. 4 of the embodiment of the present invention, the combination of the destination IP, the source IP, and the IP packet identifier in the first packet is used as the packet identifier of the first packet, and the fourth layer information in the first packet is obtained, that is, the source of the forwarding. Port information and destination port information; establishing an index relationship between the data packet identifier of the first packet and the fourth layer information.
步骤S203:根据所述索引关系在所述索引表中生成包含所述数据包标识与所述第四层信息的对应关系的所述索引记录。Step S203: Generate, in the index table, the index record that includes the correspondence between the data packet identifier and the fourth layer information according to the index relationship.
依据建立的索引表关系生成索引记录,将首包的数据包标识作为所述索引记录的索引记录标识。如图4中,索引记录中包含了首包的数据包标识及首包中的第四层信息。An index record is generated according to the established index table relationship, and the packet identifier of the first packet is used as an index record identifier of the index record. As shown in FIG. 4, the index record includes the packet identifier of the first packet and the fourth layer information in the first packet.
应用本发明实施例提供的数据包转发方法,因为属于同一完整数据包的首包及非首包的分片数据包中均包含了相同的数据包标识,因此接收到非首包的分片数据包时,即可依据非首包的数据包标识查找具有相同数据包标识的索引记录,然后读取索引记录中的第四层信息,并依据所述第四层信息对接收到的非首包的分片数据包进行转发。The packet forwarding method provided by the embodiment of the present invention is applicable, because the first packet and the non-first packet fragment data packet belonging to the same complete data packet all contain the same data packet identifier, and therefore the fragment data of the non-first packet is received. When the packet is used, the index record having the same packet identifier can be searched according to the packet identifier of the non-first packet, and then the fourth layer information in the index record is read, and the non-first packet received according to the fourth layer information is received. The fragmented packets are forwarded.
本发明实施例提供的数据包转发方法中,OpenFlow交换机会接收多个不同的首包,对于每一个首包OpenFlow交换机都会生成与该首包对应的索引记录。当接收到某一非首包的分片数据包时,获取该分片数据包的数据包标识; 依据所述数据包标识逐一遍历所述OpenFlow交换机的每一个索引记录。In the data packet forwarding method provided by the embodiment of the present invention, an OpenFlow switch receives a plurality of different first packets, and an index record corresponding to the first packet is generated for each first packet OpenFlow switch. Obtaining a packet identifier of the fragmented data packet when receiving a fragmented data packet that is not the first packet; Each index record of the OpenFlow switch is traversed one by one according to the data packet identifier.
当查找到与所述接收的分片数据包具有相同数据包标识的索引记录时,表明该索引记录是依据与所述分片数据包相对应的首包建立的,将该索引记录确定为与所述分片数据包的数据包标识相对应的索引表。When the index record having the same data packet identifier as the received fragment data packet is found, it is indicated that the index record is established according to the first packet corresponding to the fragment data packet, and the index record is determined as The data packet of the fragmented data packet identifies a corresponding index table.
参见图5示出了,本发明实施例提供的一种数据包转发方法的一详细方法流程图,包括:FIG. 5 is a flowchart of a detailed method for forwarding a data packet according to an embodiment of the present invention, including:
步骤S301:接收分片数据包;Step S301: Receive a fragment data packet;
步骤S302:判断所述分片数据包是否为首包,如果是,执行步骤S303;否则,执行步骤S304;Step S302: determining whether the fragmented data packet is the first packet, if yes, executing step S303; otherwise, executing step S304;
步骤S303:依据所述首包生成索引记录,跳转执行步骤S309;Step S303: generating an index record according to the first packet, and performing a step S309;
步骤S304:查找与所述分片数据包相对应的索引记录;Step S304: Find an index record corresponding to the fragment data packet;
步骤S305:判断是否查找到所述索引记录,当查找到时,执行步骤S307;否则,执行步骤S306;Step S305: determining whether the index record is found, when found, step S307; otherwise, executing step S306;
步骤S306:对所述分片数据包缓存预设周期时长,返回重新执行步骤S304;Step S306: Cache the fragment data packet for a preset period of time, and return to step S304 again;
一个完整的数据包经过IP分片之后,分片得到的分片数据包在一定时间内会集中到达OpenFlow交换机,如果非首包的分片数据包在首包之前到达OpenFlow交换机,则非首包的分片数据包是无法找到与其对应的索引记录的,此时将接受到的该非首包的分片数据包缓存一段时间后,重新在OpenFlow交换机中对其所对应的索引记录进行查找。After a complete packet is IP fragmented, the fragmented packet obtained by the fragment will arrive at the OpenFlow switch in a certain period of time. If the fragmented packet of the non-first packet arrives at the OpenFlow switch before the first packet, it is not the first packet. The fragmented data packet cannot be found with the corresponding index record. At this time, the non-first packet fragment data packet that has been received is cached for a period of time, and then the corresponding index record is searched in the OpenFlow switch.
步骤S307:将所述索引记录中的第四层信息补充至所述分片数据包的转发信息中;Step S307: The fourth layer information in the index record is added to the forwarding information of the fragment data packet;
本发明实施例中,对于接收到的非首包的分片数据包,当查找到该分片数据包对应的索引记录后,读取所述索引记录中的第四层信息,将所述第四层信息补充至所述分片数据包对应的转发信息中,然后依据所述转发信息中 的第四层信息对分片数据包进行转发。接收到每个分片数据包后,需要对分片数据包进行分析,获取分片数据包的转发信息,并根据转发信息对该分片数据包进行转发。分析分片数据包获得的转发信息中并不包含第四层信息,这里将所述第四层信息补充至分片数据包对应的转发信息中,从而可以根据第四层信息进行转发。所述转发信息为数据包转发过程中需要的规则信息,其中包含了数据包转发对应的端口、协议等信息。In the embodiment of the present invention, for the received fragmented data packet of the non-first packet, after the index record corresponding to the fragment data packet is found, the fourth layer information in the index record is read, and the The four layers of information are added to the forwarding information corresponding to the fragmented data packet, and then according to the forwarding information. The fourth layer of information forwards the fragmented data packet. After receiving each fragmented data packet, the fragmented data packet needs to be analyzed, the forwarding information of the fragmented data packet is obtained, and the fragmented data packet is forwarded according to the forwarding information. The forwarding information obtained by analyzing the fragment data packet does not include the fourth layer information. Here, the fourth layer information is added to the forwarding information corresponding to the fragment data packet, so that the fourth layer information can be forwarded according to the fourth layer information. The forwarding information is rule information required in the data packet forwarding process, and includes information such as a port and a protocol corresponding to the packet forwarding.
步骤S308:标记所述分片数据包中的第四层信息为不可修改信息;Step S308: Marking the fourth layer information in the fragment data packet as unmodifiable information;
由于接收的非首包的分片数据包中不包含第四层信息,仅是在分片数据包的转发信息中补充了第四层信息,因此需要标记分片数据包中的第四层信息为不可修改信息,以防止在后续的转发过程中对分片数据包中的第四层信息进行修改,影响后续的转发过程。Since the received non-first packet fragment data packet does not include the fourth layer information, only the fourth layer information is added in the forwarding information of the fragment data packet, so the fourth layer information in the fragmented data packet needs to be marked. The information cannot be modified to prevent the modification of the fourth layer information in the fragmented data packet in the subsequent forwarding process, which affects the subsequent forwarding process.
步骤S309:查询OpenFlow交换机中的多级流表,对分片数据包进行转发。Step S309: Query the multi-level flow table in the OpenFlow switch, and forward the fragmented data packet.
本发明实施例中,在对非首包的分片数据包的转发信息中补充完整第四层信息后,即可以查询OpenFlow交换机中的多级流表,对分片数据包进行转发。In the embodiment of the present invention, after the complete layer 4 information is added to the forwarding information of the non-first packet of the fragmented data packet, the multi-level flow table in the OpenFlow switch may be queried to forward the fragmented data packet.
本发明实施例中,对于一个完整的数据包,当所述完整数据包的所有分片数据包均转发完毕后,即可以依据预设的删除条件,将建立的索引表进行删除,以释放内存空间。In the embodiment of the present invention, for a complete data packet, after all the fragment data packets of the complete data packet are forwarded, the established index table may be deleted according to a preset deletion condition to release the memory. space.
所述预设的删除条件可以设定一定时间间隔,当到达该时间间隔时,删除建立的索引记录,还可以在确定一个完整数据包的各个分片包均转发完成后,直接对建立的索引记录进行删除。The preset deletion condition may be set to a certain time interval. When the time interval is reached, the established index record is deleted, and the established index may be directly determined after determining that each fragment packet of a complete data packet is forwarded. The record is deleted.
针对上述的数据包转发方法,本发明实施例举一详细的实例对各个步骤的执行进行详细说明:For the above data packet forwarding method, a detailed example of the implementation of each step is described in detail in the embodiment of the present invention:
对于一个完成的数据包A,经过IP分片后,获得首包a,分片数据包b和分片数据包c;在一定的时间间隔内,上述三个数据包到达OpenFlow的时间顺 序为,分片数据包b、首包a和分片数据包c。For a completed data packet A, after the IP fragmentation, the first packet a, the fragmented data packet b, and the fragmented data packet c are obtained; in a certain time interval, the time of the above three data packets reaching the OpenFlow is compliant. The sequence is fragmented packet b, first packet a, and fragment packet c.
当分片数据包b到达OpenFlow交换机时,确定分片数据包b为非首包的分片数据包,将分片数据包b作为要进行处理的目标数据包,并依据所述分片数据包b中的数据包标识,查找与分片数据包b的数据包标识相对应的索引记录,由于分片数据包b在首包a之前到达,未能查找到对应的索引记录,对分片数据包b缓存一段时间。When the fragmented data packet b reaches the OpenFlow switch, it is determined that the fragmented data packet b is a fragmented data packet that is not the first packet, and the fragmented data packet b is used as a target data packet to be processed, and according to the fragmented data packet b In the data packet identifier, the index record corresponding to the packet identifier of the fragmented data packet b is searched, and since the fragmented data packet b arrives before the first packet a, the corresponding index record cannot be found, and the fragmented data packet is obtained. b cache for a while.
当首包a到达OpenFlow交换机时,当OpenFlow交换机确定首包a为首包时,读取所述首包a的数据包标识及首包a中的第四层信息,建立首包a的数据包标识与第四层信息的索引关系,并生成索引记录。同时对首包a依据预设的转发规则进行转发。When the first packet a arrives at the OpenFlow switch, when the OpenFlow switch determines that the first packet a is the first packet, the packet identifier of the first packet a and the fourth layer information in the first packet a are read, and the packet identifier of the first packet a is established. Index relationship with the fourth layer of information, and generate an index record. At the same time, the first packet a is forwarded according to a preset forwarding rule.
当分片数据包c到达OpenFlow交换机时,确定分片数据包c为非首包的分片数据包,将分片数据包c作为要进行处理的目标数据包,并依据所述所述分片数据包c中的数据包标识,查找与所述分片数据包c相对应的索引记录,所述索引记录是依据首包a建立的。分片数据包c与首包a具有相同的数据包标识,当查找到时,读取索引记录中的第四层信息,将所述第四层信息添加至分片数据包c对应的转发信息表中,标记所述第四层信息为不可修改信息。然后依据所述转发信息表中的第四层信息对分片数据包c进行转发。When the fragmented data packet c arrives at the OpenFlow switch, it is determined that the fragmented data packet c is a fragmented data packet that is not the first packet, and the fragmented data packet c is used as a target data packet to be processed, and according to the fragmented data packet. The packet identifier in the packet c is searched for an index record corresponding to the fragment packet c, and the index record is established according to the first packet a. The fragmented data packet c has the same data packet identifier as the first packet a. When found, the fourth layer information in the index record is read, and the fourth layer information is added to the forwarding information corresponding to the fragmented data packet c. In the table, the fourth layer information is marked as non-modifiable information. The fragmented data packet c is then forwarded according to the fourth layer information in the forwarding information table.
当分片数据包b的缓存时间满足条件时,重新查找索引记录,对其执行与分片数据包c相同的执行过程,当首包a,分片数据包b和分片数据包c均转发完成后,删除建立的索引表。When the buffer time of the fragmented data packet b satisfies the condition, the index record is re-discovered, and the same execution process as the fragmented data packet c is performed, and when the first packet a, the fragmented data packet b, and the fragmented data packet c are all forwarded. After that, delete the created index table.
与上述数据包转发方法,相对应的,本发明实施例还提供了一种数据包转发设备,图6示出了该设备的结构示意图,该设备可以为OpenFlow交换机,所述设备包括:Corresponding to the foregoing packet forwarding method, the embodiment of the present invention further provides a data packet forwarding device, and FIG. 6 is a schematic structural diagram of the device. The device may be an OpenFlow switch, and the device includes:
接收单元401,用于接收非首包的分片数据包;The receiving unit 401 is configured to receive a fragmented data packet that is not the first packet;
接收单元401接收到数据包时,依据数据包中的分段标识可以确定出接收 到的数据包是否为分片数据包,依据数据包中的DF标识、MF标识及段偏移,可以确定出接收的分片数据包是否为首包。When receiving the data packet, the receiving unit 401 can determine the receiving according to the segment identifier in the data packet. Whether the received data packet is a fragmented data packet, according to the DF identifier, the MF identifier, and the segment offset in the data packet, it can be determined whether the received fragmented data packet is the first packet.
当接收的数据包为完整数据包或首包时,可以直接依据预设的转发规则进行转发,所述转发规则为依据数据包中的第四层信息对数据包进行转发。When the received data packet is a complete data packet or a first packet, the data packet may be directly forwarded according to the preset forwarding rule, and the forwarding rule is to forward the data packet according to the fourth layer information in the data packet.
当确定接收的数据包为非首包的分片数据包时,将所述分片数据包作为进行后续处理的目标数据包。When it is determined that the received data packet is a non-first packet fragment data packet, the fragment data packet is used as a target data packet for subsequent processing.
查找单元402,与所述接收单元401相连接,用于依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;The searching unit 402 is connected to the receiving unit 401, and configured to search, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
本发明实施例中,获取所述分片数据包中的数据包标识,所述数据包标识可以为所述分片数据包中的分段标识,也可以为分片数据包中包含的目的IP、源IP及IP包标示符的组合,查找单元402依据所述数据包标识查找与所述数据包标识相对应的索引记录。In the embodiment of the present invention, the data packet identifier in the fragment data packet is obtained, where the data packet identifier may be a segment identifier in the fragment data packet, or may be a destination IP included in the fragment data packet. And a combination of the source IP and the IP packet identifier, the searching unit 402 searches for an index record corresponding to the data packet identifier according to the data packet identifier.
本发明实施例中的索引记录是依据OpenFlow交换机接收到的与所述分片数据包相对应的首包生成的,所述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。所述生成的索引记录存储在预建立的索引表中。The index record in the embodiment of the present invention is generated according to the first packet corresponding to the fragment data packet received by the OpenFlow switch, where the index record includes the data packet identifier and the first packet. The correspondence between the fourth layer of information. The generated index record is stored in a pre-established index table.
本发明实施例中,与所述分片数据包相对应的首包是指与所述分片数据包属于同一完整数据包的首包,该首包与所述分片数据包具有相同的数据包标识,即具有相同的分段标识。In the embodiment of the present invention, the first packet corresponding to the fragmented data packet refers to a first packet that belongs to the same complete data packet as the fragmented data packet, and the first packet has the same data as the fragmented data packet. The package identifier has the same segment identifier.
转发单元403,与所述查找单元相连接,用于当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记录中的开放式系统互联OSI的第四层信息,并依据所述第四层信息对所述分片数据包进行转发;The forwarding unit 403 is connected to the searching unit, and is configured to read the fourth layer information of the Open System Interconnection OSI in the index record when the index record corresponding to the data packet identifier is found. And forwarding the fragment data packet according to the fourth layer information;
本发明实施例中,查找到与分片数据包的数据包标识相对应的索引记录后,转发单元403读取所述索引记录中的第四层信息,所述第四层信息为所述分片数据包对应的首包中的第四层信息,因此可以依据所述索引记录中的第 四层信息对所述分片数据包进行转发。In the embodiment of the present invention, after the index record corresponding to the data packet identifier of the fragmented data packet is found, the forwarding unit 403 reads the fourth layer information in the index record, where the fourth layer information is the The fourth layer of information in the first packet corresponding to the slice data packet, so it can be based on the first in the index record The four layers of information forward the fragmented data packet.
图7示出了本发明实施例提供的数据包转发设备的一详细结构示意图,本发明中的数据包转发设备中,还包括:FIG. 7 is a schematic structural diagram of a data packet forwarding device according to an embodiment of the present invention. The data packet forwarding device in the present invention further includes:
获取单元404,用于当接收到所述首包时,获取所述首包中包含的所述数据包标识及所述第四层信息;The obtaining unit 404 is configured to acquire, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet.
建立单元405,与所述获取单元404相连接,建立所述数据包标识与所述第四层信息的索引关系;The establishing unit 405 is connected to the obtaining unit 404, and establishes an index relationship between the data packet identifier and the fourth layer information.
生成单元406,与所述建立单元405相连接,用于根据所述索引关系在所述索引表中生成包含所述数据包标识与所述第四层信息的对应关系的所述索引记录。The generating unit 406 is connected to the establishing unit 405, and configured to generate, in the index table, the index record that includes the correspondence between the data packet identifier and the fourth layer information according to the index relationship.
优选的,本发明实施例提供的数据包转发设备中,还包括:Preferably, the data packet forwarding device provided by the embodiment of the present invention further includes:
缓存单元407,与所述查找单元402相连接,用于当未查找到所述索引记录时,对所述分片数据包进行缓存。The cache unit 407 is connected to the search unit 402, and is configured to buffer the fragment data packet when the index record is not found.
删除单元408,用于依据预设的删除条件,对所述索引记录进行删除。The deleting unit 408 is configured to delete the index record according to a preset deletion condition.
参见图8,示出了本发明实施例中数据包转发设备的又一结构示意图,数据包转发设备500在硬件上可包括CPU501和存储器502。其中,CPU501通过运行存储在存储器502内的软件程序503以及调用存储在存储器502内的数据,至少可执行如下步骤:Referring to FIG. 8, another schematic structural diagram of a data packet forwarding device in an embodiment of the present invention is shown. The data packet forwarding device 500 may include a CPU 501 and a memory 502 in hardware. The CPU 501 can at least perform the following steps by running the software program 503 stored in the memory 502 and calling the data stored in the memory 502:
接收非首包的分片数据包;Receiving a fragmented data packet that is not the first packet;
依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;Determining, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记录中的开放式系统互联OSI的第四层信息,并依据所述第四层信息对所述分片数据包进行转发;When the index record corresponding to the data packet identifier is found, the fourth layer information of the Open System Interconnection OSI in the index record is read, and the fragment is compared according to the fourth layer information. The data packet is forwarded;
其中,所述索引记录是根据与所述分片数据包相对应的首包生成的,所 述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。Wherein the index record is generated according to a first packet corresponding to the fragmented data packet, The index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet.
上述各个步骤的详细执行过程参见本文前述方法的介绍,在此不作赘述。For detailed implementation of the above various steps, refer to the introduction of the foregoing method herein, and no further description is provided herein.
上述存储器具体可为DDR SDRAM、SRAM、FLASH、SSD等,其主要包括程序存储区和数据存储区,其中,程序存储区可存储操作系统,以及至少一个功能所需的应用程序(例如上述软件程序503)等;数据存储区可存储根据CPU的执行情况而最终产生的数据,至于CPU在执行上述步骤所产生的中间数据,则存储在内存中。The foregoing memory may specifically be a DDR SDRAM, an SRAM, a FLASH, an SSD, etc., and mainly includes a program storage area and a data storage area, wherein the program storage area may store an operating system and an application required for at least one function (for example, the above software program) 503) and the like; the data storage area may store data finally generated according to the execution condition of the CPU, and the intermediate data generated by the CPU in executing the above steps is stored in the memory.
需要说明的是,CPU501和存储器502可集成于同一芯片内,也可为独立的两个器件。It should be noted that the CPU 501 and the memory 502 can be integrated into the same chip, or can be two independent devices.
本发明实施例中程序具体可以包括:The program in the embodiment of the present invention may specifically include:
接收单元、查找单元和转发单元,所述接收单元、查找单元和转发单元的结构与功能具体可参见本文前述记载,在此不再赘述。The details of the structure and function of the receiving unit, the searching unit, and the forwarding unit are described in the foregoing description, and are not described herein again.
对于本发明实施例提供的方案而言,所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的设备和模块的具体工作过程,可以参考前述方法实施例中的对应过程描述,在此不再赘述。For the solution provided by the embodiment of the present invention, those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the foregoing device and module can refer to the corresponding process in the foregoing method embodiment. Description, no longer repeat here.
本领域普通技术人员可以理解:实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述的程序可以存储于一计算机可读取存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质包括:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。A person skilled in the art can understand that all or part of the steps of implementing the above method embodiments may be completed by using hardware related to the program instructions. The foregoing program may be stored in a computer readable storage medium, and the program is executed when executed. The foregoing steps include the steps of the foregoing method embodiments; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.
在本申请所提供的几个实施例中,应该理解到,所揭露的设备和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个模块或组件可以结合或者可以集成到另一个设备中, 或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些通信接口,装置或模块的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of the modules is only a logical function division. In actual implementation, there may be another division manner, for example, multiple modules or components may be combined or Can be integrated into another device, Or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some communication interface, device or module, and may be in an electrical, mechanical or other form.
所述作为分离部件说明的模块可以是或者也可以不是物理上分开的,作为模块显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部,模块来实现本实施例方案的目的。The modules described as separate components may or may not be physically separated, and the components displayed as modules may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to implement the objectives of the solution of the embodiment.
另外,在本发明各个实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。In addition, each functional module in each embodiment of the present invention may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module.
最后应说明的是:以上各实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述各实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分或者全部技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的范围。 Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, and are not intended to be limiting; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that The technical solutions described in the foregoing embodiments may be modified, or some or all of the technical features may be equivalently replaced; and the modifications or substitutions do not deviate from the technical solutions of the embodiments of the present invention. range.

Claims (10)

  1. 一种数据包转发方法,其特征在于,包括:A data packet forwarding method, comprising:
    接收非首包的分片数据包;Receiving a fragmented data packet that is not the first packet;
    依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;Determining, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
    当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记录中的开放式系统互联OSI的第四层信息,并依据所述第四层信息对所述分片数据包进行转发;When the index record corresponding to the data packet identifier is found, the fourth layer information of the Open System Interconnection OSI in the index record is read, and the fragment is compared according to the fourth layer information. The data packet is forwarded;
    其中,所述索引记录是根据与所述分片数据包相对应的首包生成的,所述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。The index record is generated according to a first packet corresponding to the fragment data packet, where the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet. relationship.
  2. 根据权利要求1所述的方法,其特征在于,所述索引记录的建立过程包括:The method according to claim 1, wherein the process of establishing the index record comprises:
    当接收到所述首包时,获取所述首包中包含的所述数据包标识及所述第四层信息;And acquiring, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet;
    建立所述数据包标识与所述第四层信息的索引关系;Establishing an index relationship between the data packet identifier and the fourth layer information;
    根据所述索引关系在所述索引表中生成包含所述数据包标识与所述第四层信息的对应关系的所述索引记录。And generating, according to the index relationship, the index record that includes a correspondence between the data packet identifier and the fourth layer information in the index table.
  3. 根据权利要求1所述的方法,其特征在于,还包括:The method of claim 1 further comprising:
    当未查找到所述索引记录时,对所述分片数据包进行缓存;并在缓存时长满足预设缓存周期时,在所述索引表中重新查找所述索引记录。When the index record is not found, the fragment data packet is cached; and when the cache duration meets a preset cache period, the index record is re-searched in the index table.
  4. 根据权利要求1所述的方法,其特征在于,所述依据所述第四层信息对所述分片数据包进行转发包括:The method according to claim 1, wherein the forwarding the fragment data packet according to the fourth layer information comprises:
    将所述第四层信息补充至与所述分片数据包相对应的转发信息中;Adding the fourth layer information to the forwarding information corresponding to the fragment data packet;
    依据所述转发信息对所述分片数据包进行转发。And forwarding the fragmented data packet according to the forwarding information.
  5. 根据权利要求4所述的方法,其特征在于,还包括:The method of claim 4, further comprising:
    标记所述分片数据包中的第四层信息为不可修改信息。The fourth layer information in the fragmented data packet is marked as unmodifiable information.
  6. 根据权利要求1或2所述的方法,其特征在于,还包括:The method according to claim 1 or 2, further comprising:
    依据预设的删除条件,对所述索引记录进行删除。 The index record is deleted according to a preset deletion condition.
  7. 一种数据包转发设备,其特征在于,包括:A packet forwarding device, comprising:
    接收单元,用于接收非首包的分片数据包;a receiving unit, configured to receive a fragmented data packet that is not the first packet;
    查找单元,与所述接收单元相连接,用于依据所述分片数据包中的数据包标识,查找索引表中与所述数据包标识相对应的索引记录;a searching unit, configured to be connected to the receiving unit, configured to search, according to the data packet identifier in the fragment data packet, an index record corresponding to the data packet identifier in the index table;
    转发单元,与所述查找单元相连接,用于当查找到与所述数据包标识相对应的所述索引记录时,读取所述索引记录中的开放式系统互联OSI的第四层信息,并依据所述第四层信息对所述分片数据包进行转发;a forwarding unit, configured to be configured to read, when the index record corresponding to the data packet identifier is found, read the fourth layer information of the open system interconnection OSI in the index record, And forwarding the fragment data packet according to the fourth layer information;
    其中,所述索引记录是根据与所述分片数据包相对应的首包生成的,所述索引记录中包含有所述数据包标识与所述首包中的所述第四层信息的对应关系。The index record is generated according to a first packet corresponding to the fragment data packet, where the index record includes a correspondence between the data packet identifier and the fourth layer information in the first packet. relationship.
  8. 根据权利要求7所述的设备,其特征在于,还包括:The device according to claim 7, further comprising:
    获取单元,用于当接收到所述首包时,获取所述首包中包含的所述数据包标识及所述第四层信息;An obtaining unit, configured to acquire, when the first packet is received, the data packet identifier and the fourth layer information included in the first packet;
    建立单元,与所述获取单元相连接,用于建立所述数据包标识与所述第四层信息的索引关系;An establishing unit, configured to be connected to the acquiring unit, configured to establish an index relationship between the data packet identifier and the fourth layer information;
    生成单元,与所述建立单元相连接,用于根据所述索引关系在所述索引表中生成包含所述数据包标识与所述第四层信息的对应关系的所述索引记录。a generating unit, configured to be connected to the establishing unit, configured to generate, in the index table, the index record that includes a correspondence between the data packet identifier and the fourth layer information according to the index relationship.
  9. 根据权利要求7所述的设备,其特征在于,还包括:The device according to claim 7, further comprising:
    缓存单元,与所述查找单元相连接,用于当未查找到所述索引记录时,对所述分片数据包进行缓存。And a cache unit, configured to be connected to the search unit, configured to cache the fragment data packet when the index record is not found.
  10. 根据权利要求8所述的设备,其特征在于,还包括:The device according to claim 8, further comprising:
    删除单元,用于依据预设的删除条件,对所述索引记录进行删除。 The deleting unit is configured to delete the index record according to a preset deletion condition.
PCT/CN2014/093014 2014-02-21 2014-12-04 Data packet forwarding method and device WO2015124015A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410060240.0 2014-02-21
CN201410060240.0A CN104869062B (en) 2014-02-21 2014-02-21 A kind of data packet forwarding method and equipment

Publications (1)

Publication Number Publication Date
WO2015124015A1 true WO2015124015A1 (en) 2015-08-27

Family

ID=53877613

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/093014 WO2015124015A1 (en) 2014-02-21 2014-12-04 Data packet forwarding method and device

Country Status (2)

Country Link
CN (1) CN104869062B (en)
WO (1) WO2015124015A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112637616A (en) * 2020-12-08 2021-04-09 网宿科技股份有限公司 Object storage method, system and server
CN113438176A (en) * 2021-05-17 2021-09-24 翱捷科技股份有限公司 Method and device for processing fragment IP data packet
CN116723162A (en) * 2023-08-10 2023-09-08 浪潮电子信息产业股份有限公司 Network first packet processing method, system, device, medium and heterogeneous equipment

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110198290B (en) * 2018-03-14 2021-11-19 腾讯科技(深圳)有限公司 Information processing method, equipment, device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1561049A (en) * 2004-03-10 2005-01-05 中兴通讯股份有限公司 Slicing transmitting method of tunnel packet
CN1585381A (en) * 2004-05-25 2005-02-23 中兴通讯股份有限公司 Method for high-speed processing TCP/IP wafer separated pack in network addressing port projection
CN102957600A (en) * 2011-08-19 2013-03-06 中兴通讯股份有限公司 Method and device for data message forwarding

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5561366B2 (en) * 2010-09-08 2014-07-30 日本電気株式会社 Switch system, switch control method, and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1561049A (en) * 2004-03-10 2005-01-05 中兴通讯股份有限公司 Slicing transmitting method of tunnel packet
CN1585381A (en) * 2004-05-25 2005-02-23 中兴通讯股份有限公司 Method for high-speed processing TCP/IP wafer separated pack in network addressing port projection
CN102957600A (en) * 2011-08-19 2013-03-06 中兴通讯股份有限公司 Method and device for data message forwarding

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112637616A (en) * 2020-12-08 2021-04-09 网宿科技股份有限公司 Object storage method, system and server
CN112637616B (en) * 2020-12-08 2024-02-23 网宿科技股份有限公司 Object storage method, system and server
CN113438176A (en) * 2021-05-17 2021-09-24 翱捷科技股份有限公司 Method and device for processing fragment IP data packet
CN113438176B (en) * 2021-05-17 2022-08-23 翱捷科技股份有限公司 Method and device for processing fragment IP data packet
CN116723162A (en) * 2023-08-10 2023-09-08 浪潮电子信息产业股份有限公司 Network first packet processing method, system, device, medium and heterogeneous equipment
CN116723162B (en) * 2023-08-10 2023-11-03 浪潮电子信息产业股份有限公司 Network first packet processing method, system, device, medium and heterogeneous equipment

Also Published As

Publication number Publication date
CN104869062B (en) 2018-11-09
CN104869062A (en) 2015-08-26

Similar Documents

Publication Publication Date Title
US10075374B2 (en) Setting SDN flow entries
RU2493677C2 (en) Method and router for implementing mirroring
US20160308770A1 (en) Packet Processing Method, Node, and System
US10505759B2 (en) Access layer-2 virtual private network from layer-3 virtual private network
US10178129B2 (en) Network security method and device
US10419358B2 (en) Packet buffering
JP2020508004A (en) Packet processing method and apparatus
US9800551B2 (en) AVC Bi-directional correlation using an overlay fabric header
CN106878194B (en) Message processing method and device
US20150188815A1 (en) Packet Forwarding Method and System
WO2017156908A1 (en) Method and device for forwarding packet
US20180324095A9 (en) Packet Processing Method and Device
WO2015124015A1 (en) Data packet forwarding method and device
US10212083B2 (en) Openflow data channel and control channel separation
WO2020258302A1 (en) Method, switch, and sites for data transmission
WO2016197689A1 (en) Method, apparatus and system for processing packet
US20140040477A1 (en) Connection mesh in mirroring asymmetric clustered multiprocessor systems
WO2017114378A1 (en) Forwarding of ip data packet
WO2015106623A1 (en) Method and apparatus for configuring and delivering flow table entry
WO2016187967A1 (en) Method and apparatus for realizing log transmission
CN111026324A (en) Updating method and device of forwarding table entry
US20170048153A1 (en) Data Packet Processing Method and Device
WO2013023509A1 (en) Message receiving and sending method, device, and system
CN116996478A (en) Tunnel encapsulation table resource management method, DPU and related equipment
CN106470156B (en) Method and device for forwarding message

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14883176

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14883176

Country of ref document: EP

Kind code of ref document: A1