WO2018001373A1 - Method and device for limiting transmission speed of messages - Google Patents

Method and device for limiting transmission speed of messages Download PDF

Info

Publication number
WO2018001373A1
WO2018001373A1 PCT/CN2017/091289 CN2017091289W WO2018001373A1 WO 2018001373 A1 WO2018001373 A1 WO 2018001373A1 CN 2017091289 W CN2017091289 W CN 2017091289W WO 2018001373 A1 WO2018001373 A1 WO 2018001373A1
Authority
WO
WIPO (PCT)
Prior art keywords
rate
limiting
tokens
bucket
packet
Prior art date
Application number
PCT/CN2017/091289
Other languages
French (fr)
Chinese (zh)
Inventor
刘伟平
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018001373A1 publication Critical patent/WO2018001373A1/en

Links

Images

Definitions

  • the present disclosure relates to the field of data networks, for example, to a method and apparatus for rate limiting of messages.
  • the method can be adopted to limit the rate of packets on the inbound port of the Ethernet switch. If the rate of the packet is lower than the specified. The rate is received, and if the rate of the packet exceeds the specified rate, the later sent packet can be directly discarded.
  • the leak rate is used to limit the rate of the packet.
  • the principle of the rate limit of the leaking bucket is: uniformly removing the leaking bucket at the rate of the speed limit. Card until the leaky bucket is empty.
  • the receiver can send a signal. The sender is notified that the sender stops sending the message. If the sender continues to send the message, when the number of tokens in the leaky bucket reaches the number of tokens corresponding to the discard (DISCARD) line, the subsequent packet can be discarded.
  • the method of limiting the rate of the packets by using the leaky buckets described above does not distinguish between all the inbound packets.
  • the number of packets with a small number of packets but important packets may be discarded.
  • This problem is also proposed in the related art.
  • the main method is to pre-divide the service flow and prioritize the packets, and divide the available space according to the principle and priority of the leaky bucket to distinguish the packets of different levels. Discarding, this method causes delays in the forwarding efficiency of high-priority packets. When the delay is severe, the link may be interrupted.
  • a packet rate limiting method can prevent important protocol packets from being discarded, and can quickly forward important packets to ensure uninterrupted links, improve data forwarding stability and efficiency, and improve data network services. quality.
  • a method for rate limiting a message comprising:
  • the ACL matching is performed on the packets that are forwarded to the filter forwarding bucket according to the ACL matching keyword that is set in advance, and the packets obtained after the matching are redirected and forwarded;
  • the number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is determined according to the number of tokens corresponding to the packet obtained by the matching, and the rate of the packet passing the first rate-limiting leaky bucket is limited.
  • the method before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
  • the parameter of the speed limit configuration of the first rate limiting leaky bucket in the current processing period further includes: a number of tokens corresponding to a pause line of the first speed limit leaking bucket, a token bucket refresh period, a token removal rate, and The number of tokens remaining in the first rate limit leak bucket in the previous processing cycle;
  • the current number of tokens in the first rate-limiting bucket is obtained by subtracting the number of tokens remaining in the previous processing cycle from the product of the token bucket refresh period and the token removal rate.
  • the method further includes:
  • the number of tokens in the first rate-limiting leaky bucket is not less than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, and the ACL is preset to obtain a second limit.
  • Speed limit configuration parameters of the quick leaking bucket
  • the speed limit configuration parameter of the second speed limit leaking bucket includes: the number of tokens corresponding to the third discard line of the first speed limit leaking bucket, and the number of tokens remaining in the first speed limit leaking bucket in the previous processing period;
  • the number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket and the number of tokens corresponding to the matched packet. Subtracted.
  • the limiting the rate of the packets passing the first rate-limiting leaky bucket includes:
  • the rate of the packet passing the first rate-limiting leaky bucket is limited.
  • the method includes:
  • the method before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
  • the received packet is forwarded.
  • the method further includes:
  • the packets that are forwarded to the filtering and forwarding buckets are matched by the ACL.
  • a message speed limiting device includes:
  • the forwarding module is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket.
  • Token is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket.
  • the filtering module is configured to perform ACL matching on the packets that are forwarded to the filtering and forwarding bucket according to the ACL rule that is set in advance, and redirect the packets obtained after the matching;
  • the rate limiting module is configured to determine the number of tokens corresponding to the second discarding line of the first rate limiting leaky bucket according to the number of tokens corresponding to the matched packet, and limit the rate of the packet passing the first rate limiting leaky bucket.
  • a computer readable storage medium storing computer executable instructions arranged to perform the above method.
  • a terminal device comprising:
  • At least one processor At least one processor
  • the memory stores instructions executable by the at least one processor, the instructions being executed by the at least one processor to cause the at least one processor to perform the method described above.
  • the ACL rule is configured to match the important packet in the packet that is discarded by the first rate-limiting leaky bucket, and the important packet is redirected and forwarded according to the matched packet.
  • the number of tokens is used to determine the second discard line of the first rate-limiting leaky bucket, and the rate limit is adopted for the packet that passes the first leaky rate limit.
  • the ACL can be used to prevent important protocol packets from being discarded and to quickly forward important protocol packets. This ensures that the link is not interrupted, improves the stability and efficiency of data forwarding, and improves the quality of data network services.
  • the packet of the first rate-limiting leaky bucket is subjected to the second speed limit, and the accuracy of the speed limit can be ensured when the bandwidth is constant.
  • Figure 1 is a basic schematic diagram of the speed limit of a leaky bucket
  • FIG. 2 is a flowchart of a method for limiting a message rate of the first embodiment
  • FIG. 3 is a schematic structural diagram of a message rate limiting apparatus according to a second embodiment
  • FIG. 4 is a schematic diagram showing the hardware structure of a terminal device according to an embodiment.
  • This embodiment provides a packet rate limiting method, where the method includes:
  • the ACL matching is performed on the packets that are forwarded to the filter forwarding bucket according to the ACL matching keyword that is set in advance, and the packets obtained after the matching are redirected and forwarded;
  • the number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is determined according to the number of tokens corresponding to the packet obtained by the matching, and the rate of the packet passing the first rate-limiting leaky bucket is limited.
  • the method before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
  • the parameter of the speed limit configuration of the first rate limiting leaky bucket in the current processing period further includes: a number of tokens corresponding to a pause line of the first speed limit leaking bucket, a token bucket refresh period, a token removal rate, and The number of tokens remaining in the first rate limit leak bucket in the previous processing cycle;
  • the current number of tokens in the first rate-limiting bucket is obtained by subtracting the number of tokens remaining in the previous processing cycle from the product of the token bucket refresh period and the token removal rate.
  • the method further includes:
  • the number of tokens in the first rate-limiting leaky bucket is not less than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, and the ACL is preset to obtain a second limit.
  • Speed limit configuration parameters of the quick leaking bucket
  • the speed limit configuration parameter of the second speed limit leaking bucket includes: the number of tokens corresponding to the third discard line of the first speed limit leaking bucket, and the number of tokens remaining in the first speed limit leaking bucket in the previous processing period;
  • the number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket and the number of tokens corresponding to the matched packet. Subtracted.
  • the limiting the rate of the packets passing the first rate-limiting leaky bucket includes:
  • the rate of the packet passing the first rate-limiting leaky bucket is limited.
  • the method includes:
  • the method before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
  • the received packet is forwarded.
  • the method further includes:
  • the packets that are forwarded to the filtering and forwarding buckets are matched by the ACL.
  • the embodiment provides a packet rate limiting device, including: a forwarding module, a filtering module, and a rate limiting module.
  • the forwarding module is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket.
  • the token module is configured to perform ACL matching on the packets that are forwarded to the filter forwarding bucket according to the ACL rule set in advance, and redirect the packets obtained after the matching; and the rate limiting module is set to match according to the ACL.
  • the number of tokens corresponding to the packet obtained by the first rate-limiting leaky bucket is used to determine the number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket.
  • this embodiment provides a packet rate limiting method, including the following steps.
  • step 201 the parameter acquired current speed leaky bucket configuration, said parameters comprising: a leaky bucket suspended (the PAUSE) line leaky bucket number of tokens corresponding to P n, leaky bucket discarded (the DISCARD) corresponding to the line
  • the number of leaky bucket tokens D n the token bucket refresh period T, the token removal rate V, and the remaining number of tokens P s1 of the previous processing cycle.
  • step 202 the number of leaky bucket tokens P a available in the leaky bucket during the processing cycle is obtained.
  • step 203 the received packets, calculating the number of tokens received during the cycle P c packets need to be added.
  • P c is the number of tokens that the corresponding message needs to be added to the leaky bucket.
  • the number of tokens P c can be determined according to the packet length of the message.
  • step 204 the number of tokens P e in the current leaky bucket after the message is forwarded is calculated.
  • the number of tokens P e P a +P c , that is, P e is the number of tokens available in the current leaky bucket P a and the tokens that need to be added to the leaked bucket in the received packet The sum of the numbers P c .
  • step 205 P e is compared with the number of tokens P n corresponding to the pause (PAUSE) line. If P e ⁇ P n , the process proceeds to step 206, and if P e ⁇ P n , the process proceeds to step 216.
  • step 206 an ACL initialization configuration is performed.
  • the ACL matching keyword can be determined according to the system requirements and the important packets to be filtered.
  • the ACL matching keyword can be a protocol number, a sub-protocol number, or a media access control (MAC) address.
  • MAC media access control
  • a packet that is carried in a Transmission Control Protocol (TCP) packet or a User Data Protocol (UDP) packet, such as a Border Gateway Protocol (BGP) packet is routed.
  • TCP Transmission Control Protocol
  • UDP User Data Protocol
  • BGP Border Gateway Protocol
  • a routing information protocol (RIP) packet, the ACL matching keyword may be at least one of a protocol type and a port number.
  • IP Internet Protocol
  • OSPF Open Shortest Path First
  • PIM Protocol Independent Multicast
  • the ACL matching keyword may be at least one of a matching protocol number, a MAC, a multicast packet, and a destination address.
  • the matching keyword may be an Ethernet type.
  • step 207 a secondary speed limit leaky bucket configuration is performed.
  • the second speed limit configuration may include: acquiring a speed limit configuration parameter of the second speed limit leaky bucket, where the parameter may include a number of leaky bucket tokens D n corresponding to a discard discard (DISCARD) line of the second speed limit leaking bucket, Token bucket refresh period T and remaining token P s2 in the previous cycle
  • step 208 the number of tokens P e available in the current leaky bucket is compared with D n . If P e ⁇ D n , the process proceeds to step 209, and if P e ⁇ D n , the process proceeds to step 216.
  • step 209 the packet corresponding to the first token is transferred to the filter forwarding bucket, where the first token is the number of tokens corresponding to the first discarding line of the first speed limit leaky bucket. Token.
  • step 210 the packet that enters the filtering and forwarding bucket is matched according to the pre-configured ACL matching keyword; the matching may be that the keyword of the packet that enters the filtering forwarding bucket is matched with the ACL matching keyword, if If the matching is successful, the process proceeds to step 212. If the matching is unsuccessful, the process proceeds to step 211.
  • step 211 the packet whose matching is unsuccessful is discarded.
  • the obtained filtered packet is an important packet that is discarded, and the number of tokens P p corresponding to the filtered packet at this time is recorded.
  • step 213 the important packet is redirected, and the packet is forwarded to a central processing unit (CPU) or a designated egress port, and the packet processing is completed before other packets.
  • CPU central processing unit
  • the CPU port is a port connected to the CPU.
  • step 214 the rate limit of the filtered protocol packet and the first rate-limiting leaky packet is performed.
  • a first rate limit speed leaky bucket parameters a first speed leaky bucket (the PAUSE) line leaky bucket number of tokens corresponding to P n, a first speed discarded tub drain (DISCARD) the corresponding number of leaky bucket tokens D
  • the rate of the rate limit can be reduced. If the rate limit cannot be changed, the rate of the rate limit can be guaranteed. If the number of packets matching the ACL has been completely occupied by the rate limit, that is, (D n -P p +P s2 ) ⁇ 0, some packets after the first rate limit can be discarded. Continue Go to step 216.
  • step 216 the packet enters the forwarding process, and the packet can be processed in the forwarding process, and the processing cycle ends.
  • the present embodiment provides a packet rate limiting apparatus, and the apparatus includes: a forwarding module 31, a filtering module 32, and a rate limiting module 33.
  • the forwarding module 31 is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is a command corresponding to the first discard (DISCARD) line of the first speed limit leaky bucket.
  • the filtering module 32 is configured to perform ACL matching on the packets that are forwarded to the filtering and forwarding bucket according to the preset ACL rule, and forward and forward the matched packets.
  • the speed limit module 33 is configured to determine the number of tokens corresponding to the second discard (DISCARD) line of the second rate-limiting leaky bucket according to the number of tokens corresponding to the matched packet, and report the number of tokens passing through the first speed limit bucket The text is speed limited.
  • the embodiment provides a computer readable storage medium storing computer executable instructions.
  • the computer executable instructions are arranged to perform the method of any of the above embodiments.
  • the terminal device includes:
  • At least one processor 40 is exemplified by a processor 40 in FIG. 4; a memory 41; and a communication interface 42 and a bus 43.
  • the processor 40, the memory 41, and the communication interface 42 can complete communication with each other through the bus 43.
  • Communication interface 44 can transmit signals.
  • Processor 40 may invoke logic instructions in memory 41 to perform the methods of the above-described embodiments.
  • logic instructions in the memory 41 described above may be implemented in the form of a software functional unit and sold or used as a stand-alone product, and may be stored in a computer readable storage medium.
  • the memory 41 is a computer readable storage medium and can be used to store a software program, a computer executable program, such as a program instruction or a module corresponding to the method in the above embodiment.
  • the processor 40 executes the functional application and data processing by executing software programs, instructions or modules stored in the memory 41, i.e., implements the methods in the above embodiments.
  • the memory 41 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function; the storage data area may store data created according to use of the terminal device, and the like. Further, the memory 41 may include a high speed random access memory, and may also include a nonvolatile memory.
  • the above technical solution may be embodied in the form of a software product stored in a storage medium, including one or more instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to execute All or part of the steps of the method described in the above embodiments.
  • the foregoing storage medium may be a non-transitory storage medium, including: a USB flash drive, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk.
  • the plurality of modules or steps described above may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices, optionally using computing devices
  • Executable program code is implemented such that they can be stored in a storage device for execution by a computing device, and in some cases, the steps shown or described can be performed in an order different than that herein, or
  • the plurality of integrated circuit modules are separately fabricated, or a plurality of modules or steps are fabricated into a single integrated circuit module.
  • a packet rate limiting method and device can prevent important protocol packets from being discarded, and can quickly forward important packets to ensure that links are not interrupted, improving data forwarding stability and efficiency, and improving Data network service quality.

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method and a device for limiting the transmission speed of messages, the method comprising: transferring messages corresponding to first tokens into a filtering and forwarding bucket, the number of the first tokens exceeding the number of tokens corresponding to a first discard line of a first speed limiting leaky bucket; according to a preset access control list (ACL) matching keyword, performing an ACL matching on the messages transferred into the filtering and forwarding bucket, redirecting and forwarding the resulting messages; and determining, according to the number of tokens corresponding to the resulting messages, the number of tokens corresponding to a second discard line of the first speed limiting leaky bucket, and limiting the transmission speed of the messages passing the first speed limiting leaky bucket.

Description

报文限速的方法及装置Method and device for limiting rate of message 技术领域Technical field
本公开涉及数据网络领域,例如,涉及一种报文限速的方法和装置。The present disclosure relates to the field of data networks, for example, to a method and apparatus for rate limiting of messages.
背景技术Background technique
随着数据网络技术发展,网络业务多种多样,网络业务的多元化可能导致网络拥塞。为了避免网络拥塞,提高数据网络的服务质量(Quality of service,QoS),可以采取的方式是:在以太网交换机接收报文的入端口对报文进行限速,如果报文的速率低于规定的速率,则接收报文;如果报文的速率超过规定的速率,则后来发送的报文可以被直接丢弃。With the development of data network technology, network services are diverse, and the diversification of network services may lead to network congestion. In order to avoid network congestion and improve the quality of service (QoS) of the data network, the method can be adopted to limit the rate of packets on the inbound port of the Ethernet switch. If the rate of the packet is lower than the specified. The rate is received, and if the rate of the packet exceeds the specified rate, the later sent packet can be directly discarded.
相关技术中采用的报文限速方法中,利用漏桶对报文进行限速,如图1所示,漏桶限速原理为:按限速的速率均匀不断地从漏桶中移走令牌,直到漏桶为空。当报文到来时,往漏桶里面添加报文的包长所对应数量的令牌;如果此时漏桶内的令牌数达到暂停(PAUSE)线对应的令牌数,接收方可以发信号通知发送方希望发送方停止继续发送报文,若发送方继续发送报文,当漏桶里面的令牌数到达丢弃(DISCARD)线对应的令牌数时,可以将后来的报文丢弃。In the packet rate limiting method used in the related art, the leak rate is used to limit the rate of the packet. As shown in Figure 1, the principle of the rate limit of the leaking bucket is: uniformly removing the leaking bucket at the rate of the speed limit. Card until the leaky bucket is empty. When the packet arrives, add the token corresponding to the packet length of the packet to the leaked bucket. If the number of tokens in the leaky bucket reaches the number of tokens corresponding to the pause (PAUSE) line, the receiver can send a signal. The sender is notified that the sender stops sending the message. If the sender continues to send the message, when the number of tokens in the leaky bucket reaches the number of tokens corresponding to the discard (DISCARD) line, the subsequent packet can be discarded.
采用上述所述漏桶对所述报文进行限速的方法,对所有的入端口报文丢弃时不做区分,一些报文数量不大但很重要的协议报文可能被丢弃掉;为了解决这个问题,相关技术中的还提出一些处理方法,主要是对报文预先进行业务流分流及优先级标记区分,依据漏桶原理和优先级,划分不同的可用空间,对不同等级的报文区别丢弃,这种方法导致高优先级报文的转发效率存在延时,延时严重时可能导致链路中断。The method of limiting the rate of the packets by using the leaky buckets described above does not distinguish between all the inbound packets. The number of packets with a small number of packets but important packets may be discarded. This problem is also proposed in the related art. The main method is to pre-divide the service flow and prioritize the packets, and divide the available space according to the principle and priority of the leaky bucket to distinguish the packets of different levels. Discarding, this method causes delays in the forwarding efficiency of high-priority packets. When the delay is severe, the link may be interrupted.
发明内容Summary of the invention
一种报文限速方法,能避免重要的协议报文不被丢弃,又可以将重要的报文快速地转发,确保链路不中断,提高数据转发的稳定性和高效性,提升数据网络服务质量。A packet rate limiting method can prevent important protocol packets from being discarded, and can quickly forward important packets to ensure uninterrupted links, improve data forwarding stability and efficiency, and improve data network services. quality.
一种报文限速方法,所述方法包括: A method for rate limiting a message, the method comprising:
将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃线对应的令牌数的令牌;Transmitting the packet corresponding to the first token into the filter forwarding bucket, where the first token is a token whose number of tokens exceeds the number of tokens corresponding to the first discard line of the first rate-limiting leaky bucket;
根据预先设置的访问控制列表ACL匹配关键字对转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发;以及The ACL matching is performed on the packets that are forwarded to the filter forwarding bucket according to the ACL matching keyword that is set in advance, and the packets obtained after the matching are redirected and forwarded;
根据匹配后得到的报文对应的令牌数确定第一限速漏桶的第二丢弃线对应的令牌数,对通过第一限速漏桶的报文进行限速。The number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is determined according to the number of tokens corresponding to the packet obtained by the matching, and the rate of the packet passing the first rate-limiting leaky bucket is limited.
可选的,在所述将第一令牌对应的报文转入过滤转发桶前,所述方法还包括:Optionally, before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
获取到当前处理周期第一限速漏桶的限速配置的参数,其中,所述参数包括:第一限速漏桶的第一丢弃线对应的令牌数;Acquiring a parameter of the rate limit configuration of the first rate limit leaky bucket in the current processing period, where the parameter includes: the number of tokens corresponding to the first discard line of the first speed limit leaky bucket;
确定第一限速漏桶内的当前令牌数和转发接收到的报文需要消耗的令牌数;Determining the current number of tokens in the first rate-limiting leaky bucket and the number of tokens to be consumed in forwarding the received packet;
根据所述第一限速漏桶内的当前令牌数和所述转发接收到的报文需要消耗的令牌数,确定转发所述接收到的报文后第一限速漏桶内的令牌数;以及Determining, according to the current number of tokens in the first rate-limiting leaky bucket and the number of tokens to be used for forwarding the received packet, determining, in the first rate-limiting leaky bucket after forwarding the received packet Number of cards;
确定转发所述接收的报文后第一限速漏桶内的令牌数,不小于所述第一限速漏桶的暂停线对应的令牌数。And determining, by the number of tokens in the first rate-limiting leaky bucket after forwarding the received packet, not less than the number of tokens corresponding to the pause line of the first speed-limiting leaky bucket.
可选的,所述当前处理周期第一限速漏桶的限速配置的参数还包括:第一限速漏桶的暂停线对应的令牌数、令牌桶刷新周期、令牌移出速率和上一个处理周期第一限速漏桶内剩余的令牌数;Optionally, the parameter of the speed limit configuration of the first rate limiting leaky bucket in the current processing period further includes: a number of tokens corresponding to a pause line of the first speed limit leaking bucket, a token bucket refresh period, a token removal rate, and The number of tokens remaining in the first rate limit leak bucket in the previous processing cycle;
所述第一限速漏桶内的当前令牌数是所述上一个处理周期剩余的令牌数与令牌桶刷新周期和令牌移出速率的乘积相减得到的。The current number of tokens in the first rate-limiting bucket is obtained by subtracting the number of tokens remaining in the previous processing cycle from the product of the token bucket refresh period and the token removal rate.
可选的,所述方法还包括:Optionally, the method further includes:
在转发所述接收到的报文后第一限速漏桶内的令牌数不小于所述第一限速漏桶的暂停线对应的令牌数时,启动ACL预先设置,获取二次限速漏桶的限速配置参数;其中,After forwarding the received packet, the number of tokens in the first rate-limiting leaky bucket is not less than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, and the ACL is preset to obtain a second limit. Speed limit configuration parameters of the quick leaking bucket;
所述二次限速漏桶的限速配置参数包括:第一限速漏桶的第三丢弃线对应的令牌数,上一个处理周期第一限速漏桶内剩余的令牌数; The speed limit configuration parameter of the second speed limit leaking bucket includes: the number of tokens corresponding to the third discard line of the first speed limit leaking bucket, and the number of tokens remaining in the first speed limit leaking bucket in the previous processing period;
所述第一限速漏桶的第二丢弃线对应的令牌数是第一限速漏桶的第一丢弃线对应的令牌数与所述匹配后得到的报文对应的令牌数相减得到的。The number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket and the number of tokens corresponding to the matched packet. Subtracted.
可选的,所述对通过第一限速漏桶的报文进行限速包括:Optionally, the limiting the rate of the packets passing the first rate-limiting leaky bucket includes:
在所述匹配后的报文对应的令牌数不小于0时,对通过第一限速漏桶的报文进行限速。When the number of tokens corresponding to the matched packet is not less than 0, the rate of the packet passing the first rate-limiting leaky bucket is limited.
可选的,所述方法包括:Optionally, the method includes:
对所述第二丢弃线对应的令牌数与所述上一个周期第二限速漏桶内剩余令牌数进行求和,若求和结果不小于0,对通过第一漏桶限速的报文进行限速;若求和结果小于0,则转发报文。And summing the number of tokens corresponding to the second discard line to the number of remaining tokens in the second rate-limiting leaky bucket in the previous period, and if the summation result is not less than 0, limiting the rate of passing the first leaky bucket The packet is rate-limited; if the summation result is less than 0, the packet is forwarded.
可选的,在所述将第一令牌对应的报文转入过滤转发桶前,所述方法还包括:Optionally, before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
如果转发所述接收到报文后第一限速漏桶内的令牌数,小于所述第一限速漏桶的暂停线对应的令牌数,则转发所述接收到的报文。If the number of tokens in the first rate-limiting leaky bucket after the receipt of the packet is smaller than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, the received packet is forwarded.
可选的,所述方法还包括:Optionally, the method further includes:
根据预先设置的ACL规则对所述转入过滤转发桶的报文进行ACL匹配,没有通过匹配过滤的报文直接丢弃。The packets that are forwarded to the filtering and forwarding buckets are matched by the ACL.
一种报文限速装置,包括:A message speed limiting device includes:
转发模块,设置为将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃线对应的令牌数的令牌;The forwarding module is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket. Token
过滤模块,设置为根据预先设置的访问控制列表ACL规则对转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发;以及The filtering module is configured to perform ACL matching on the packets that are forwarded to the filtering and forwarding bucket according to the ACL rule that is set in advance, and redirect the packets obtained after the matching;
限速模块,设置为根据匹配后得到的报文对应的令牌数确定第一限速漏桶的第二丢弃线对应的令牌数,对通过第一限速漏桶的报文进行限速。The rate limiting module is configured to determine the number of tokens corresponding to the second discarding line of the first rate limiting leaky bucket according to the number of tokens corresponding to the matched packet, and limit the rate of the packet passing the first rate limiting leaky bucket. .
一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令设置为执行上述方法。A computer readable storage medium storing computer executable instructions arranged to perform the above method.
一种终端设备,包括:A terminal device comprising:
至少一个处理器;以及 At least one processor;
与所述至少一个处理器通信连接的存储器;其中,a memory communicatively coupled to the at least one processor; wherein
所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,以使所述至少一个处理器执行上述的方法。The memory stores instructions executable by the at least one processor, the instructions being executed by the at least one processor to cause the at least one processor to perform the method described above.
上述技术方案中,通过设置ACL规则,匹配出被第一限速漏桶丢弃的报文中的重要报文,将所述重要报文进行重定向转发,并根据匹配后得到的报文对应的令牌数,确定第一限速漏桶的第二丢弃线,对通过第一漏桶限速的报文进行限速。结合ACL,能避免重要的协议报文不被丢弃又可以快速将重要的协议报文转发出去,确保链路不会中断,提高数据转发的稳定性和高效性,提升数据网络服务质量,对通过第一限速漏桶的报文进行二次限速,在带宽不变的情况下,可以保证限速的准确性。In the foregoing technical solution, the ACL rule is configured to match the important packet in the packet that is discarded by the first rate-limiting leaky bucket, and the important packet is redirected and forwarded according to the matched packet. The number of tokens is used to determine the second discard line of the first rate-limiting leaky bucket, and the rate limit is adopted for the packet that passes the first leaky rate limit. The ACL can be used to prevent important protocol packets from being discarded and to quickly forward important protocol packets. This ensures that the link is not interrupted, improves the stability and efficiency of data forwarding, and improves the quality of data network services. The packet of the first rate-limiting leaky bucket is subjected to the second speed limit, and the accuracy of the speed limit can be ensured when the bandwidth is constant.
附图说明DRAWINGS
图1是漏桶限速的基本原理图;Figure 1 is a basic schematic diagram of the speed limit of a leaky bucket;
图2是第一实施例的报文限速方法的流程图;2 is a flowchart of a method for limiting a message rate of the first embodiment;
图3是第二实施例的报文限速装置的结构示意图;以及3 is a schematic structural diagram of a message rate limiting apparatus according to a second embodiment;
图4是一实施例的终端设备的硬件结构示意图。FIG. 4 is a schematic diagram showing the hardware structure of a terminal device according to an embodiment.
具体实施方式detailed description
本实施例提供一种报文限速方法,所述方法包括:This embodiment provides a packet rate limiting method, where the method includes:
将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃线对应的令牌数的令牌;Transmitting the packet corresponding to the first token into the filter forwarding bucket, where the first token is a token whose number of tokens exceeds the number of tokens corresponding to the first discard line of the first rate-limiting leaky bucket;
根据预先设置的访问控制列表ACL匹配关键字对转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发;以及The ACL matching is performed on the packets that are forwarded to the filter forwarding bucket according to the ACL matching keyword that is set in advance, and the packets obtained after the matching are redirected and forwarded;
根据匹配后得到的报文对应的令牌数确定第一限速漏桶的第二丢弃线对应的令牌数,对通过第一限速漏桶的报文进行限速。The number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is determined according to the number of tokens corresponding to the packet obtained by the matching, and the rate of the packet passing the first rate-limiting leaky bucket is limited.
可选的,在所述将第一令牌对应的报文转入过滤转发桶前,所述方法还包括:Optionally, before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
获取到当前处理周期第一限速漏桶的限速配置的参数,其中,所述参数包括:第一限速漏桶的第一丢弃线对应的令牌数;Acquiring a parameter of the rate limit configuration of the first rate limit leaky bucket in the current processing period, where the parameter includes: the number of tokens corresponding to the first discard line of the first speed limit leaky bucket;
确定第一限速漏桶内的当前令牌数和转发接收到的报文需要消耗的令牌 数;Determining the current number of tokens in the first rate-limiting leaky bucket and the tokens needed to forward the received message number;
根据所述第一限速漏桶内的当前令牌数和所述转发接收到的报文需要消耗的令牌数,确定转发所述接收到的报文后第一限速漏桶内的令牌数;以及Determining, according to the current number of tokens in the first rate-limiting leaky bucket and the number of tokens to be used for forwarding the received packet, determining, in the first rate-limiting leaky bucket after forwarding the received packet Number of cards;
确定转发所述接收的报文后第一限速漏桶内的令牌数,不小于所述第一限速漏桶的暂停线对应的令牌数。And determining, by the number of tokens in the first rate-limiting leaky bucket after forwarding the received packet, not less than the number of tokens corresponding to the pause line of the first speed-limiting leaky bucket.
可选的,所述当前处理周期第一限速漏桶的限速配置的参数还包括:第一限速漏桶的暂停线对应的令牌数、令牌桶刷新周期、令牌移出速率和上一个处理周期第一限速漏桶内剩余的令牌数;Optionally, the parameter of the speed limit configuration of the first rate limiting leaky bucket in the current processing period further includes: a number of tokens corresponding to a pause line of the first speed limit leaking bucket, a token bucket refresh period, a token removal rate, and The number of tokens remaining in the first rate limit leak bucket in the previous processing cycle;
所述第一限速漏桶内的当前令牌数是所述上一个处理周期剩余的令牌数与令牌桶刷新周期和令牌移出速率的乘积相减得到的。The current number of tokens in the first rate-limiting bucket is obtained by subtracting the number of tokens remaining in the previous processing cycle from the product of the token bucket refresh period and the token removal rate.
可选的,所述方法还包括:Optionally, the method further includes:
在转发所述接收到的报文后第一限速漏桶内的令牌数不小于所述第一限速漏桶的暂停线对应的令牌数时,启动ACL预先设置,获取二次限速漏桶的限速配置参数;其中,After forwarding the received packet, the number of tokens in the first rate-limiting leaky bucket is not less than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, and the ACL is preset to obtain a second limit. Speed limit configuration parameters of the quick leaking bucket;
所述二次限速漏桶的限速配置参数包括:第一限速漏桶的第三丢弃线对应的令牌数,上一个处理周期第一限速漏桶内剩余的令牌数;The speed limit configuration parameter of the second speed limit leaking bucket includes: the number of tokens corresponding to the third discard line of the first speed limit leaking bucket, and the number of tokens remaining in the first speed limit leaking bucket in the previous processing period;
所述第一限速漏桶的第二丢弃线对应的令牌数是第一限速漏桶的第一丢弃线对应的令牌数与所述匹配后得到的报文对应的令牌数相减得到的。The number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket and the number of tokens corresponding to the matched packet. Subtracted.
可选的,所述对通过第一限速漏桶的报文进行限速包括:Optionally, the limiting the rate of the packets passing the first rate-limiting leaky bucket includes:
在所述匹配后得到的报文对应的令牌数不小于0时,对通过第一限速漏桶的报文进行限速。When the number of tokens corresponding to the packet obtained by the matching is not less than 0, the rate of the packet passing the first rate-limiting leaky bucket is limited.
可选的,所述方法包括:Optionally, the method includes:
对所述第二丢弃线对应的令牌数与所述上一个周期第二限速漏桶内剩余令牌数进行求和,若求和结果不小于0,对通过第一漏桶限速的报文进行限速;若求和结果小于0,则转发报文。And summing the number of tokens corresponding to the second discard line to the number of remaining tokens in the second rate-limiting leaky bucket in the previous period, and if the summation result is not less than 0, limiting the rate of passing the first leaky bucket The packet is rate-limited; if the summation result is less than 0, the packet is forwarded.
可选的,在所述将第一令牌对应的报文转入过滤转发桶前,所述方法还包括:Optionally, before the forwarding the packet corresponding to the first token to the filter forwarding bucket, the method further includes:
如果转发所述接收到报文后第一限速漏桶内的令牌数,小于所述第一限速漏桶的暂停线对应的令牌数,则转发所述接收到的报文。If the number of tokens in the first rate-limiting leaky bucket after the receipt of the packet is smaller than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, the received packet is forwarded.
可选的,所述方法还包括: Optionally, the method further includes:
根据预先设置的ACL规则对所述转入过滤转发桶的报文进行ACL匹配,没有通过匹配过滤的报文直接丢弃。The packets that are forwarded to the filtering and forwarding buckets are matched by the ACL.
本实施例提供一种报文限速装置,包括:转发模块、过滤模块以及限速模块。The embodiment provides a packet rate limiting device, including: a forwarding module, a filtering module, and a rate limiting module.
其中,转发模块设置为将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃线对应的令牌数的令牌;过滤模块设置为根据预先设置的访问控制列表ACL规则对转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发;以及限速模块设置为根据匹配后得到的报文对应的令牌数确定第一限速漏桶的第二丢弃线对应的令牌数,对通过第一限速漏桶的报文进行限速。The forwarding module is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket. The token module is configured to perform ACL matching on the packets that are forwarded to the filter forwarding bucket according to the ACL rule set in advance, and redirect the packets obtained after the matching; and the rate limiting module is set to match according to the ACL. The number of tokens corresponding to the packet obtained by the first rate-limiting leaky bucket is used to determine the number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket.
第一实施例First embodiment
参见图2所述,本实施例提出了一种报文限速方法,包括以下步骤。As shown in FIG. 2, this embodiment provides a packet rate limiting method, including the following steps.
在步骤201中,获取到当前漏桶的限速配置的参数,所述参数包括:漏桶的暂停(PAUSE)线对应的漏桶令牌数Pn,漏桶的丢弃(DISCARD)线对应的漏桶令牌数Dn,令牌桶刷新周期T,令牌移出速率V,上一个处理周期剩余的令牌数Ps1In step 201, the parameter acquired current speed leaky bucket configuration, said parameters comprising: a leaky bucket suspended (the PAUSE) line leaky bucket number of tokens corresponding to P n, leaky bucket discarded (the DISCARD) corresponding to the line The number of leaky bucket tokens D n , the token bucket refresh period T, the token removal rate V, and the remaining number of tokens P s1 of the previous processing cycle.
在步骤202中,得到该处理周期内漏桶内可用的漏桶令牌数PaIn step 202, the number of leaky bucket tokens P a available in the leaky bucket during the processing cycle is obtained.
得到本周期(处理周期)可以移出的令牌数为(T*V),若上一个周期中漏桶内有剩余的令牌数为Ps,当前处理周期的漏桶内可用的令牌总数Pa=Ps-(T*V),其中,*为乘法运算符,-为减法运算符。每个处理周期内,都可以得到该处理周期内可用的漏桶令牌数。The number of tokens that can be removed in this cycle (processing cycle) is (T*V). If the number of tokens remaining in the leaky bucket in the previous cycle is P s , the total number of tokens available in the leaky bucket of the current processing cycle. P a =P s -(T*V), where * is a multiplication operator and - is a subtraction operator. The number of leaky bucket tokens available during the processing cycle is available for each processing cycle.
在步骤203中,接收报文,计算本周期内接收的报文需要添加的令牌数Pc。Pc即对应报文需要添加到漏桶里面的令牌数。In step 203, the received packets, calculating the number of tokens received during the cycle P c packets need to be added. P c is the number of tokens that the corresponding message needs to be added to the leaky bucket.
所述令牌数Pc可以根据报文的包长确定。The number of tokens P c can be determined according to the packet length of the message.
在步骤204中,计算报文转发后当前漏桶内的令牌数PeIn step 204, the number of tokens P e in the current leaky bucket after the message is forwarded is calculated.
可选的,所述令牌数Pe=Pa+Pc,即,Pe为当前漏桶内可用的令牌数Pa与此次接收的报文需要添加到漏桶里面的令牌数Pc之和。Optionally, the number of tokens P e =P a +P c , that is, P e is the number of tokens available in the current leaky bucket P a and the tokens that need to be added to the leaked bucket in the received packet The sum of the numbers P c .
在步骤205中,Pe与暂停(PAUSE)线对应的令牌数Pn比较,若Pe≥Pn,转入步骤206,若Pe<Pn则转入步骤216。In step 205, P e is compared with the number of tokens P n corresponding to the pause (PAUSE) line. If P e P n , the process proceeds to step 206, and if P e < P n , the process proceeds to step 216.
若当前可用令牌数达到了暂停(PAUSE)线对应的令牌数,则启动过滤转 发桶和二次过滤限速桶的配置。If the number of currently available tokens reaches the number of tokens corresponding to the Pause (PAUSE) line, then the filter is started. The configuration of the barrel and the secondary filter speed limit barrel.
在步骤206中,进行ACL初始化配置。In step 206, an ACL initialization configuration is performed.
ACL初始化配置过程中,可以根据系统要求以及需要过滤的重要报文确定ACL匹配关键字,所述ACL匹配关键字可以是协议号、子协议号、媒体访问控制(Media Access Control,MAC)地址、源端口、目的端口和前导码中的一种或者几种组合。During the ACL initialization configuration, the ACL matching keyword can be determined according to the system requirements and the important packets to be filtered. The ACL matching keyword can be a protocol number, a sub-protocol number, or a media access control (MAC) address. One or several combinations of source port, destination port, and preamble.
比如,对于承载于传输控制协议(Transmission Control Protocol,TCP)的报文或用户数据报协议(User Data Protocol,UDP)的报文,例如边界网关协议(Border Gateway Protocol,BGP)的报文,路由信息协议(Routing Information Protocol,RIP)报文,ACL匹配关键字可以是协议类型和端口号中的至少一个。For example, a packet that is carried in a Transmission Control Protocol (TCP) packet or a User Data Protocol (UDP) packet, such as a Border Gateway Protocol (BGP) packet, is routed. A routing information protocol (RIP) packet, the ACL matching keyword may be at least one of a protocol type and a port number.
对于承载于因特网协议(Internet Protocol,IP)报文的协议报文,例如Open开放式最短路径优先(Shortest Path First,OSPF)协议报文,协议无关组播(Protocol Independent Multicast,PIM)协议报文等,所述ACL匹配关键字可以是匹配协议号、MAC、组播报文和目的地址中的至少一个。For protocol packets carrying Internet Protocol (IP) packets, such as Open Shortest Path First (OSPF) packets, and Protocol Independent Multicast (PIM) protocol packets. The ACL matching keyword may be at least one of a matching protocol number, a MAC, a multicast packet, and a destination address.
对于二层协议,例如,链路汇聚控制协议(Link Aggregation Control Protocol,LACP)报文、网桥协议数据单元(Bridge Protocol Data Unit,BPDU)协议报文、链路层发现协议(Link Layer Discovery Protocol,LLDP)报文等,所述匹配关键字可以是以太网类型。For Layer 2 protocols, for example, Link Aggregation Control Protocol (LACP) packets, Bridge Protocol Data Unit (BPDU) protocol packets, and Link Layer Discovery Protocol (Link Layer Discovery Protocol) , LLDP) message, etc., the matching keyword may be an Ethernet type.
在步骤207中,进行二次限速漏桶配置。In step 207, a secondary speed limit leaky bucket configuration is performed.
所述二次限速配置可以包括:获取二次限速漏桶的限速配置参数,所述参数可以包括二次限速漏桶的丢弃(DISCARD)线对应的漏桶令牌数Dn,令牌桶刷新周期T以及上一个周期剩余的令牌Ps2 The second speed limit configuration may include: acquiring a speed limit configuration parameter of the second speed limit leaky bucket, where the parameter may include a number of leaky bucket tokens D n corresponding to a discard discard (DISCARD) line of the second speed limit leaking bucket, Token bucket refresh period T and remaining token P s2 in the previous cycle
在步骤208中,当前漏桶内可用的令牌数Pe与Dn比较,若Pe≥Dn,转入步骤209,若Pe<Dn则转入步骤216。In step 208, the number of tokens P e available in the current leaky bucket is compared with D n . If P e ≥ D n , the process proceeds to step 209, and if P e < D n , the process proceeds to step 216.
在步骤209中,将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃线对应的令牌数的令牌。In step 209, the packet corresponding to the first token is transferred to the filter forwarding bucket, where the first token is the number of tokens corresponding to the first discarding line of the first speed limit leaky bucket. Token.
在步骤210中,根据预先配置的ACL匹配关键字对进入过滤转发桶的报文进行匹配;所述匹配可以是将进入到过滤转发桶的报文的关键字与ACL匹配关键字进行匹配,若匹配成功,转入步骤212,若匹配不成功,则转入步骤211。In step 210, the packet that enters the filtering and forwarding bucket is matched according to the pre-configured ACL matching keyword; the matching may be that the keyword of the packet that enters the filtering forwarding bucket is matched with the ACL matching keyword, if If the matching is successful, the process proceeds to step 212. If the matching is unsuccessful, the process proceeds to step 211.
在步骤211中,丢弃匹配不成功的报文。 In step 211, the packet whose matching is unsuccessful is discarded.
在步骤212中,得到的过滤报文是被丢弃的重要报文,记录下此时过滤报文对应的令牌数PpIn step 212, the obtained filtered packet is an important packet that is discarded, and the number of tokens P p corresponding to the filtered packet at this time is recorded.
在步骤213中,对所述重要报文进行重定向,将报文转发到中央处理器(CPU,Central Processing Unit)口或者指定的出端口,先于其它报文完成报文的处理。In step 213, the important packet is redirected, and the packet is forwarded to a central processing unit (CPU) or a designated egress port, and the packet processing is completed before other packets.
其中,CPU口是与CPU连接的端口。The CPU port is a port connected to the CPU.
在步骤214中,对过滤到的协议报文和第一限速漏桶的报文进行限速。In step 214, the rate limit of the filtered protocol packet and the first rate-limiting leaky packet is performed.
在步骤215中,根据获取到第一限速漏桶的限速配置参数(第一限速漏桶的暂停(PAUSE)线对应的漏桶令牌数Pn,第一限速漏桶的丢弃(DISCARD)线对应的漏桶令牌数Dn),重新调整第一限速漏桶的丢弃(DISCARD)线对应的漏桶令牌数Dn1,Dn1=Dn-Pp,其中,-为减法运算符,获取到目前周期内剩余的令牌数Ps2,若(Dn-Pp+Ps2)≥0,即将通过ACL匹配后的报文考虑进去后对通过第一限速桶的报文再作限速,在限速带宽不能改变的情况下,可以对通过第一限速桶的报文进行二次限速,在带宽不变的情况下,保证限速的准确性;如果发现通过ACL匹配后的报文的数量已经完全占满了限速的带宽,即(Dn-Pp+Ps2)<0,第一次限速后的部分报文可以被丢弃;继续执行步骤216。In step 215, the obtained suspension according to a first rate limit speed leaky bucket parameters (a first speed leaky bucket (the PAUSE) line leaky bucket number of tokens corresponding to P n, a first speed discarded tub drain (DISCARD) the corresponding number of leaky bucket tokens D n ), and re-adjust the number of leaky bucket tokens D n1 , D n1 =D n -P p corresponding to the discard (DISCARD) line of the first speed limit leaky bucket, wherein - for the subtraction operator, obtain the number of tokens P s2 remaining in the current period. If (D n -P p +Ps2) ≥ 0, the packet that has passed the ACL matching is considered to pass through the first speed limit bucket. The rate of the rate limit can be reduced. If the rate limit cannot be changed, the rate of the rate limit can be guaranteed. If the number of packets matching the ACL has been completely occupied by the rate limit, that is, (D n -P p +P s2 )<0, some packets after the first rate limit can be discarded. Continue Go to step 216.
在步骤216中,报文进入到转发处理流程,在转发处理流程中可以对报文进行处理,本处理周期结束。In step 216, the packet enters the forwarding process, and the packet can be processed in the forwarding process, and the processing cycle ends.
第二实施例Second embodiment
参见图3所述,本实施例提出了一种报文限速装置,所述装置包括:转发模块31、过滤模块32以及限速模块33。As shown in FIG. 3, the present embodiment provides a packet rate limiting apparatus, and the apparatus includes: a forwarding module 31, a filtering module 32, and a rate limiting module 33.
转发模块31设置为将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃(DISCARD)线对应的令牌数的令牌。The forwarding module 31 is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is a command corresponding to the first discard (DISCARD) line of the first speed limit leaky bucket. The number of tokens.
过滤模块32设置为根据预先设置的ACL规则对所述转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发。The filtering module 32 is configured to perform ACL matching on the packets that are forwarded to the filtering and forwarding bucket according to the preset ACL rule, and forward and forward the matched packets.
限速模块33设置为根据所述匹配后得到的报文对应的令牌数确定第二限速漏桶的第二丢弃(DISCARD)线对应的令牌数,对通过第一限速桶的报文进行限速。The speed limit module 33 is configured to determine the number of tokens corresponding to the second discard (DISCARD) line of the second rate-limiting leaky bucket according to the number of tokens corresponding to the matched packet, and report the number of tokens passing through the first speed limit bucket The text is speed limited.
本实施例提供了一种计算机可读存储介质,存储有计算机可执行指令,所 述计算机可执行指令设置为执行上述任一实施例中的方法。The embodiment provides a computer readable storage medium storing computer executable instructions. The computer executable instructions are arranged to perform the method of any of the above embodiments.
本实施例提供了一种终端设备的硬件结构示意图。参见图4,该终端设备包括:This embodiment provides a hardware structure diagram of a terminal device. Referring to FIG. 4, the terminal device includes:
至少一个处理器(processor)40,图4中以一个处理器40为例;存储器(memory)41;还可以包括通信接口(Communications Interface)42和总线43。其中,处理器40、存储器41以及通信接口42可以通过总线43完成相互间的通信。通信接口44可以传输信号。处理器40可以调用存储器41中的逻辑指令,以执行上述实施例的方法。At least one processor 40 is exemplified by a processor 40 in FIG. 4; a memory 41; and a communication interface 42 and a bus 43. The processor 40, the memory 41, and the communication interface 42 can complete communication with each other through the bus 43. Communication interface 44 can transmit signals. Processor 40 may invoke logic instructions in memory 41 to perform the methods of the above-described embodiments.
此外,上述的存储器41中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。In addition, the logic instructions in the memory 41 described above may be implemented in the form of a software functional unit and sold or used as a stand-alone product, and may be stored in a computer readable storage medium.
存储器41作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序,如上述实施例中的方法对应的程序指令或模块。处理器40通过运行存储在存储器41中的软件程序、指令或模块,从而执行功能应用以及数据处理,即实现上述实施例中的方法。The memory 41 is a computer readable storage medium and can be used to store a software program, a computer executable program, such as a program instruction or a module corresponding to the method in the above embodiment. The processor 40 executes the functional application and data processing by executing software programs, instructions or modules stored in the memory 41, i.e., implements the methods in the above embodiments.
存储器41可包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端设备的使用所创建的数据等。此外,存储器41可以包括高速随机存取存储器,还可以包括非易失性存储器。The memory 41 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function; the storage data area may store data created according to use of the terminal device, and the like. Further, the memory 41 may include a high speed random access memory, and may also include a nonvolatile memory.
以上技术方案可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括一个或多个指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行上述实施例所述方法的全部或部分步骤。而前述的存储介质可以是非暂态存储介质,包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等多种可以存储程序代码的介质,也可以是暂态存储介质。The above technical solution may be embodied in the form of a software product stored in a storage medium, including one or more instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to execute All or part of the steps of the method described in the above embodiments. The foregoing storage medium may be a non-transitory storage medium, including: a USB flash drive, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk. A medium that can store program code, or a transitory storage medium.
上述的多个模块或多个步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在一些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成多个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。 The plurality of modules or steps described above may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices, optionally using computing devices Executable program code is implemented such that they can be stored in a storage device for execution by a computing device, and in some cases, the steps shown or described can be performed in an order different than that herein, or The plurality of integrated circuit modules are separately fabricated, or a plurality of modules or steps are fabricated into a single integrated circuit module.
工业实用性Industrial applicability
一种报文限速方法和装置,能避免重要的协议报文不被丢弃,又可以将重要的报文快速地转发,确保链路不会中断,提高数据转发的稳定性和高效性,提升数据网络服务质量。 A packet rate limiting method and device can prevent important protocol packets from being discarded, and can quickly forward important packets to ensure that links are not interrupted, improving data forwarding stability and efficiency, and improving Data network service quality.

Claims (10)

  1. 一种报文限速方法,包括:A method for limiting the rate of packets, including:
    将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃线对应的令牌数的令牌;Transmitting the packet corresponding to the first token into the filter forwarding bucket, where the first token is a token whose number of tokens exceeds the number of tokens corresponding to the first discard line of the first rate-limiting leaky bucket;
    根据预先设置的访问控制列表ACL匹配关键字对转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发;以及The ACL matching is performed on the packets that are forwarded to the filter forwarding bucket according to the ACL matching keyword that is set in advance, and the packets obtained after the matching are redirected and forwarded;
    根据匹配后得到的报文对应的令牌数确定第一限速漏桶的第二丢弃线对应的令牌数,对通过第一限速漏桶的报文进行限速。The number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is determined according to the number of tokens corresponding to the packet obtained by the matching, and the rate of the packet passing the first rate-limiting leaky bucket is limited.
  2. 如权利要求1所述方法,在将第一令牌对应的报文转入过滤转发桶前,所述方法还包括:The method of claim 1, before the packet corresponding to the first token is transferred to the filter forwarding bucket, the method further includes:
    获取到当前处理周期第一限速漏桶的限速配置的参数,其中,所述参数包括:第一限速漏桶的第一丢弃线对应的令牌数;Acquiring a parameter of the rate limit configuration of the first rate limit leaky bucket in the current processing period, where the parameter includes: the number of tokens corresponding to the first discard line of the first speed limit leaky bucket;
    确定第一限速漏桶内的当前令牌数和转发接收到的报文需要消耗的令牌数;Determining the current number of tokens in the first rate-limiting leaky bucket and the number of tokens to be consumed in forwarding the received packet;
    根据所述第一限速漏桶内的当前令牌数和所述转发接收到的报文需要消耗的令牌数,确定转发所述接收到的报文后第一限速漏桶内的令牌数;以及Determining, according to the current number of tokens in the first rate-limiting leaky bucket and the number of tokens to be used for forwarding the received packet, determining, in the first rate-limiting leaky bucket after forwarding the received packet Number of cards;
    确定转发所述接收的报文后第一限速漏桶内的令牌数,不小于所述第一限速漏桶的暂停线对应的令牌数。And determining, by the number of tokens in the first rate-limiting leaky bucket after forwarding the received packet, not less than the number of tokens corresponding to the pause line of the first speed-limiting leaky bucket.
  3. 如权利要求2所述方法,其中,The method of claim 2 wherein
    所述当前处理周期第一限速漏桶的限速配置的参数还包括:第一限速漏桶的暂停线对应的令牌数、令牌桶刷新周期、令牌移出速率和上一个处理周期第一限速漏桶内剩余的令牌数;The parameter of the speed limit configuration of the first rate limiting leaky bucket in the current processing period further includes: the number of tokens corresponding to the pause line of the first speed limit leaking bucket, the token bucket refresh period, the token removal rate, and the previous processing period. The number of tokens remaining in the first speed limit leaky bucket;
    所述第一限速漏桶内的当前令牌数是所述上一个处理周期剩余的令牌数与 令牌桶刷新周期和令牌移出速率的乘积相减得到的。The current number of tokens in the first rate limiting bucket is the number of tokens remaining in the previous processing period and The product of the token bucket refresh period and the token removal rate is subtracted.
  4. 如权利要求3所述方法,还包括:The method of claim 3 further comprising:
    在转发所述接收到的报文后第一限速漏桶内的令牌数不小于所述第一限速漏桶的暂停线对应的令牌数时,启动ACL预先设置,获取二次限速漏桶的限速配置参数;其中,After forwarding the received packet, the number of tokens in the first rate-limiting leaky bucket is not less than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, and the ACL is preset to obtain a second limit. Speed limit configuration parameters of the quick leaking bucket;
    所述二次限速漏桶的限速配置参数包括:第一限速漏桶的第三丢弃线对应的令牌数,上一个处理周期第一限速漏桶内剩余的令牌数;The speed limit configuration parameter of the second speed limit leaking bucket includes: the number of tokens corresponding to the third discard line of the first speed limit leaking bucket, and the number of tokens remaining in the first speed limit leaking bucket in the previous processing period;
    所述第一限速漏桶的第二丢弃线对应的令牌数是第一限速漏桶的第一丢弃线对应的令牌数与所述匹配后得到的报文对应的令牌数相减得到的。The number of tokens corresponding to the second discarding line of the first rate-limiting leaky bucket is the number of tokens corresponding to the first discarding line of the first rate-limiting leaky bucket and the number of tokens corresponding to the matched packet. Subtracted.
  5. 如权利要求4所述的方法,其中,所述对通过第一限速漏桶的报文进行限速包括:The method of claim 4, wherein the limiting the rate of the packets passing the first rate-limiting leaky bucket comprises:
    在所述匹配后得到的报文对应的令牌数不小于0时,对通过第一限速漏桶的报文进行限速。When the number of tokens corresponding to the packet obtained by the matching is not less than 0, the rate of the packet passing the first rate-limiting leaky bucket is limited.
  6. 如权利要求5所述的方法,包括:The method of claim 5 comprising:
    对所述第二丢弃线对应的令牌数与所述上一个周期第二限速漏桶内剩余令牌数进行求和,若求和结果不小于0,对通过第一漏桶限速的报文进行限速;若求和结果小于0,则转发报文。And summing the number of tokens corresponding to the second discard line to the number of remaining tokens in the second rate-limiting leaky bucket in the previous period, and if the summation result is not less than 0, limiting the rate of passing the first leaky bucket The packet is rate-limited; if the summation result is less than 0, the packet is forwarded.
  7. 如权利要求2所述的方法,在所述将第一令牌对应的报文转入过滤转发桶前,所述方法还包括:The method of claim 2, before the forwarding of the packet corresponding to the first token into the filter forwarding bucket, the method further includes:
    如果转发所述接收到报文后第一限速漏桶内的令牌数,小于所述第一限速漏桶的暂停线对应的令牌数,则转发所述接收到的报文。If the number of tokens in the first rate-limiting leaky bucket after the receipt of the packet is smaller than the number of tokens corresponding to the pause line of the first rate-limiting leaky bucket, the received packet is forwarded.
  8. 如权利要求1-7所述的方法,还包括: The method of claims 1-7, further comprising:
    根据预先设置的ACL规则对所述转入过滤转发桶的报文进行ACL匹配,没有通过匹配过滤的报文直接丢弃。The packets that are forwarded to the filtering and forwarding buckets are matched by the ACL.
  9. 一种报文限速装置,包括:A message speed limiting device includes:
    转发模块,设置为将第一令牌对应的报文转入过滤转发桶,其中,所述第一令牌是令牌数超过第一限速漏桶的第一丢弃对应的令牌数的令牌;The forwarding module is configured to forward the packet corresponding to the first token to the filter forwarding bucket, where the first token is an order that the number of tokens exceeds the number of tokens corresponding to the first discard of the first rate-limiting leaky bucket brand;
    过滤模块,设置为根据预先设置的访问控制列表ACL规则对转入过滤转发桶的报文进行ACL匹配,将匹配后得到的报文进行重定向转发;以及The filtering module is configured to perform ACL matching on the packets that are forwarded to the filtering and forwarding bucket according to the ACL rule that is set in advance, and redirect the packets obtained after the matching;
    限速模块,设置为根据匹配后得到的报文对应的令牌数确定第一限速漏桶的第二丢弃线对应的令牌数,对通过第一限速漏桶的报文进行限速。The rate limiting module is configured to determine the number of tokens corresponding to the second discarding line of the first rate limiting leaky bucket according to the number of tokens corresponding to the matched packet, and limit the rate of the packet passing the first rate limiting leaky bucket. .
  10. 一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令设置为执行权利要求1-8中任一项的方法。 A computer readable storage medium storing computer executable instructions arranged to perform the method of any of claims 1-8.
PCT/CN2017/091289 2016-06-30 2017-06-30 Method and device for limiting transmission speed of messages WO2018001373A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610512629.3 2016-06-30
CN201610512629.3A CN107566293B (en) 2016-06-30 2016-06-30 Method and device for limiting message speed

Publications (1)

Publication Number Publication Date
WO2018001373A1 true WO2018001373A1 (en) 2018-01-04

Family

ID=60786822

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/091289 WO2018001373A1 (en) 2016-06-30 2017-06-30 Method and device for limiting transmission speed of messages

Country Status (2)

Country Link
CN (1) CN107566293B (en)
WO (1) WO2018001373A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901248A (en) * 2020-07-27 2020-11-06 新华三信息安全技术有限公司 Load balancing method, device, equipment and machine readable storage medium
CN112822119A (en) * 2020-12-31 2021-05-18 北京浩瀚深度信息技术股份有限公司 Flow control method, flow control equipment and storage medium based on reverse token bucket

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108848037B (en) * 2018-05-31 2023-06-20 平安医疗科技有限公司 Service request processing method, device, computer equipment and storage medium
CN110677188B (en) * 2019-09-23 2021-05-28 四川安迪科技实业有限公司 Dynamic adjusting method, sending method and device for air interface speed limit of satellite communication
CN111431816B (en) * 2020-06-15 2020-11-10 广东睿江云计算股份有限公司 Distributed flow rate limiting method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040151184A1 (en) * 2002-12-13 2004-08-05 Zarlink Semiconductor V.N. Inc. Class-based rate control using multi-threshold leaky bucket
CN201563132U (en) * 2009-07-03 2010-08-25 北京星网锐捷网络技术有限公司 Network bandwidth control device and a router
CN102420773A (en) * 2012-01-05 2012-04-18 北京网御星云信息技术有限公司 Token-bucket-algorithm-based data transmission method and traffic control device
CN104104592A (en) * 2013-04-12 2014-10-15 华为技术有限公司 Message processing method, device and system
CN104333882A (en) * 2014-10-27 2015-02-04 浪潮电子信息产业股份有限公司 Wireless network traffic control method

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100395981C (en) * 2003-09-26 2008-06-18 华为技术有限公司 Access rate limiting method based on token pail algorithm
CN100399770C (en) * 2004-08-18 2008-07-02 华为技术有限公司 Sending controller channel stream limiting method
US8023482B2 (en) * 2007-03-15 2011-09-20 Cisco Technology, Inc. Dynamic rate limiting in wireless mesh networks
CN101631077A (en) * 2009-08-24 2010-01-20 中兴通讯股份有限公司 Message processing method and device
US9374300B2 (en) * 2013-09-12 2016-06-21 Oracle International Corporation Methods, systems, and computer readable media for regulation of multi-priority traffic in a telecommunications network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040151184A1 (en) * 2002-12-13 2004-08-05 Zarlink Semiconductor V.N. Inc. Class-based rate control using multi-threshold leaky bucket
CN201563132U (en) * 2009-07-03 2010-08-25 北京星网锐捷网络技术有限公司 Network bandwidth control device and a router
CN102420773A (en) * 2012-01-05 2012-04-18 北京网御星云信息技术有限公司 Token-bucket-algorithm-based data transmission method and traffic control device
CN104104592A (en) * 2013-04-12 2014-10-15 华为技术有限公司 Message processing method, device and system
CN104333882A (en) * 2014-10-27 2015-02-04 浪潮电子信息产业股份有限公司 Wireless network traffic control method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901248A (en) * 2020-07-27 2020-11-06 新华三信息安全技术有限公司 Load balancing method, device, equipment and machine readable storage medium
CN111901248B (en) * 2020-07-27 2022-05-27 新华三信息安全技术有限公司 Load balancing method, device, equipment and machine readable storage medium
CN112822119A (en) * 2020-12-31 2021-05-18 北京浩瀚深度信息技术股份有限公司 Flow control method, flow control equipment and storage medium based on reverse token bucket
CN112822119B (en) * 2020-12-31 2022-09-13 北京浩瀚深度信息技术股份有限公司 Flow control method, flow control equipment and storage medium based on reverse token bucket

Also Published As

Publication number Publication date
CN107566293A (en) 2018-01-09
CN107566293B (en) 2022-03-25

Similar Documents

Publication Publication Date Title
WO2018001373A1 (en) Method and device for limiting transmission speed of messages
US11770309B2 (en) On-demand probing for quality of experience metrics
US11792046B2 (en) Method for generating forwarding information, controller, and service forwarding entity
US11005729B2 (en) Satisfying service level agreement metrics for unknown applications
JP6430634B2 (en) Chaining network service functions in communication networks
US8644149B2 (en) Mechanism for packet forwarding using switch pools in flow-based, split-architecture networks
WO2015074324A1 (en) Data packet express forwarding method and apparatus
CN107566273B (en) Generating an automatic bandwidth adjustment policy from a label switched path
US10079805B2 (en) Bypassing a firewall for authorized flows using software defined networking
EP2509262B1 (en) Unaddressed device communication from within an MPLS network
CN113395212B (en) Network device, method of operating the same, and non-transitory computer readable medium
EP3718269B1 (en) Packet value based packet processing
CN113037691A (en) Message processing method, device and system
JP5542240B2 (en) Method for routing and associated routing and destination devices
JP2009135772A (en) Router device
CN110661721B (en) Message anti-attack method and device
JP6801075B2 (en) How to get path information for data packets and devices
WO2024060590A1 (en) Deterministic service packet forwarding method, border router, and controller
WO2018002688A1 (en) Head drop scheduler

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17819369

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17819369

Country of ref document: EP

Kind code of ref document: A1