WO2018214359A1 - Method for processing data packet, and access network device and non-transient readable storage medium - Google Patents

Method for processing data packet, and access network device and non-transient readable storage medium Download PDF

Info

Publication number
WO2018214359A1
WO2018214359A1 PCT/CN2017/103768 CN2017103768W WO2018214359A1 WO 2018214359 A1 WO2018214359 A1 WO 2018214359A1 CN 2017103768 W CN2017103768 W CN 2017103768W WO 2018214359 A1 WO2018214359 A1 WO 2018214359A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
modification
data packet
preset
instruction
Prior art date
Application number
PCT/CN2017/103768
Other languages
French (fr)
Chinese (zh)
Inventor
朱修利
Original Assignee
深圳市中兴微电子技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市中兴微电子技术有限公司 filed Critical 深圳市中兴微电子技术有限公司
Publication of WO2018214359A1 publication Critical patent/WO2018214359A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/06Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Definitions

  • the present invention relates to communication technologies, and in particular, to a data packet processing method, an access network device, and a non-transitory readable storage medium.
  • IPTV Internet Protocol Television
  • WLAN Internet Protocol Television
  • Mbps megabits per second
  • the data packet needs to be modified accordingly, such as: Media Access Control (MAC, Media Access Control) address translation, virtual local area network (VLAN, Virtual Local) Area Network) Add, delete or modify, Layer 3 Internet Protocol (IP) address and Network Address Port Translation (NAPT), Ethernet-based Point-to-Point Protocol over Ethernet (PPPOE) ) configuration information modification, Internet Protocol Version 4 (IPv4, Internet Protocol Version 4) to Internet Protocol Version 6 (IPv6, Internet Protocol Version 6), light double-stack (Ds-lite, Double stack-lite) configuration information modification, etc. .
  • Media Access Control Media Access Control
  • VLAN Virtual Local Area Network
  • NAPT Network Address Port Translation
  • PPOE Ethernet-based Point-to-Point Protocol over Ethernet
  • the commonly used packet processing method is instruction modification, and the processing method is: writing the instruction and the modified data into a random access memory (RAM, Random Access Memory), and performing stepwise modification by parsing the instruction until the last instruction is completed.
  • RAM Random Access Memory
  • stepwise modification by parsing the instruction until the last instruction is completed.
  • the embodiments of the present invention are expected to provide a method for processing a data packet, an access network device, and a non-transitory readable storage medium, to implement rapid modification of the data packet.
  • An embodiment of the present invention provides a method for processing a data packet, where the method includes:
  • the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
  • the preset enable modification information includes at least one of the following: a source media access control address (SMAC), a destination media access control address (DMAC, a destination media access control), and a differential service code point.
  • SMAC source media access control address
  • DMAC destination media access control address
  • DSCP Differentiated Services Code Point
  • SIP Source Internet Protocol
  • DIP Destination Internet Protocol
  • TTL Time To Live
  • CHECKSUM the lifetime of the packet
  • the obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction includes:
  • the modification indicator includes at least one of the following types: a replacement indicator, an addition indicator, and a deletion indicator.
  • the method before the modifying the enabled data packet according to the preset modification instruction, the method further includes:
  • the modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information includes:
  • the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  • the modification information includes at least one of the following: VLAN information, PPPoE header information, IPv6 header information, and IPv4 header information.
  • the method further includes:
  • the replacing the first data information with the preset enabling information to obtain an enabling data packet include:
  • the first data information is replaced with the preset enable information to obtain an enabled data packet.
  • the enabled data packet is modified according to the preset modification instruction.
  • the descriptor information is used to describe a structure of the data packet
  • the acquiring the preset enable modification information corresponding to the descriptor information including:
  • An embodiment of the present invention further provides an access network device, where the device includes:
  • a packet descriptor module configured to acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
  • the modification module is configured to search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information to obtain the enable data pack;
  • the instruction modification module is configured to acquire the preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction;
  • a data packet storage module configured to store a data packet sent by the network side
  • the preset information storage module is configured to store the preset enable modification information and the preset modification instruction.
  • the preset enable modification information includes at least one of the following: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL of the data packet, and CHECKSUM.
  • the instruction modification module is specifically configured as:
  • the modification indicator includes at least one of the following types: a replacement indicator, an addition indicator, and a deletion indicator.
  • the instruction modification module is further configured to: before the modification of the enabled data packet according to the preset modification instruction, acquire, according to the descriptor information, the to-be-replaced or to be replaced in the enabled data packet. Deleted second data information.
  • the instruction modification module is specifically configured as:
  • the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  • the modification information includes at least one of the following: VLAN information, PPPoE header information, IPv6 header information, and IPv4 header information.
  • the data packet descriptor module is further configured to: after acquiring descriptor information of the data packet, acquire type information of a network to which the access network device is connected;
  • the modification module is enabled, and the specific configuration is:
  • the first data information is replaced with the preset enable information to obtain an enabled data packet.
  • the instruction modification module is specifically configured as:
  • the enabled data packet is modified according to the preset modification instruction.
  • the descriptor information is configured to describe a structure of the data packet
  • the instruction modification module is specifically configured as:
  • An embodiment of the present invention further provides an access network device, the device comprising: a processor and a memory configured to store an executable program executable on the processor; wherein the processor is configured to run the When the program is executed, the processing method of the data packet described in the embodiment of the present invention is executed.
  • the embodiment of the present invention further provides a non-transitory readable storage medium, where the non-transitory readable storage medium stores an executable program, and the executable program is configured to execute the data packet according to the embodiment of the present invention. Processing method.
  • the embodiment of the present invention provides a data packet processing method, an access network device, and a non-transitory readable storage medium.
  • descriptor information in an Ethernet data packet can be read and read based on The descriptor information respectively obtains the preset enable modification information and the modification instruction, and then enables the modification of the Ethernet data packet according to the obtained enable modification information; in addition, it is enabled according to the obtained modification instruction pair.
  • the modified Ethernet packet is modified by the instruction.
  • the embodiment of the present invention combines the enabling modification method and the enabling modification method, and has the advantages of quick modification speed, simple control, and the like, and avoids excessive instruction and modification caused by simple instruction modification. Complexity and other shortcomings, improve network output performance, etc.; compared with the method of enabling only modification, it has more flexible features, which can meet the new modification requirements in the future.
  • FIG. 1 is a schematic flowchart of an implementation process of a data packet processing method according to an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of a structure of an access network device according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart of enabling modification according to an embodiment of the present disclosure
  • FIG. 5 is a schematic flowchart of an implementation process of a data packet processing method according to an embodiment of the present disclosure
  • FIG. 6 is a schematic structural diagram of a structure of an access network device according to an embodiment of the present invention.
  • FIG. 1 is a schematic flowchart of a method for processing a data packet according to an embodiment of the present invention. As shown in FIG. 1 , the method may include the following steps:
  • Step 101 Acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information.
  • a method for processing a data packet is applied to an access network device, where the access network device may be a router or a Layer 3 switch, or other device having a routing function.
  • the data packet may be an Ethernet data packet.
  • the data packet may be an IPv4 type or IPv6 type Ethernet data packet; it may also be an Ethernet data packet transmitted by an IPv4 type data packet in an IPv6 network, or may also be an IPv6 type data packet in an IPv4 network. Ethernet packets transmitted in.
  • the Ethernet packet transmitted by the IPv4 type packet in the IPv6 network refers to: adding an IPv6 header based on the IPv4 type packet, so that the IPv4 type data is transmitted in the IPv6 network; similarly, The IPv6 type data packet transports the Ethernet data packet in the IPv4 network by adding an IPv4 header to the IPv6 type data packet, so that the IPv6 type data is transmitted in the IPv4 network.
  • the preset enable flag is used to search for data information to be modified in the data packet, as shown in Table 1, where Table 1 is an enable bit name, data to be replaced, and a corresponding storage address description.
  • the preset enable modification information is used to replace data parameters to be modified in the data packet.
  • the descriptor information is used to describe the structure and type of the data packet, including but not limited to: 1) a preamble for indicating synchronization, a frame start character indicating that the next byte is a destination MAC field, and an acceptance of the specified frame.
  • data type such as IPv4 or IPv6
  • the corresponding preset enable modification information is obtained according to the descriptor information;
  • the enable modification information includes but is not limited to: a preset SMAC, a DMAC, DSCP, SIP, DIP, SPORT, DPORT, and the TTL of the packet.
  • a corresponding pre-set DMAC is acquired according to information for indicating the DMAC address of the recipient of the frame;
  • a corresponding pre-set SMAC or the like is acquired according to information for indicating the DMAC address of the recipient of the frame.
  • Step 102 Search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information to obtain an enabled data packet.
  • step 102 completes the enabling modification process.
  • the first data information includes: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL, and CHECKSUM to be modified in the data packet.
  • the above data information is only an example, not exhaustive, including but not Only for the above data information.
  • the modified data packet is obtained, even if the data packet can be obtained. It is noted that before enabling the modification of the data packet, the information of CHECKSUM needs to be calculated, and the original CHECKSUM is replaced with the calculated CHECKSUM to obtain the enabled data packet. The recalculation of CHECKSUM may also be involved in subsequent instruction modification.
  • the information of the SMAC address of the sender looks up the SMAC address to be modified in the data packet, and replaces it with a preset SMAC according to the MAC address to be modified.
  • the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
  • the DMAC address to be modified in the data packet is searched according to the enable bit of the DMAC address, and the MAC address to be modified is replaced with a preset DMAC; enabled according to the SMAC address.
  • the bit searches for the SMAC address to be modified in the data packet, and replaces it with a preset SMAC or the like according to the MAC address to be modified.
  • the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
  • the method further includes: acquiring type information of a network to which the access network device is connected; and replacing the first data information with the Determining the enable information, obtaining the enable data packet, including: when the type information When the first preset rule is met, the first data information is replaced with the preset enabling information, and an enabled data packet is obtained, as shown in FIG. 3 .
  • the type information of the current network includes: an input type of the access network device and a network type of the output end.
  • the network types include: public network and private network, or IPv4 network and IPv6 network.
  • the first preset rule is: the network connected to the input end and the output end of the access network device is the same type of network. If the input end is a private network IP address, and the output end is a public network IP address, the input end is The output is not the same type of network; if the input and output are both public IP addresses, the input and output are the same type of network.
  • the private network IP address includes the following three types: 10.0.0.0 to 10.255.255.255, or 172.16.0.0 to 172.31.255.255, or 192.168.0.0 to 192.168.255.255.255. Judging the network address of the input and output can be used to pave the way for modifying the information in the data packet. It should be noted that the input end and the output end are relative to the user terminal, the port connecting the user terminal is an input end, and the port connected to the Internet side is an output end.
  • the above modifications are merely examples and are not exhaustive, including but not limited to the above modifications.
  • the access network device needs to translate the IP address and MAC address and port number in the data packet sent or received by the private network user terminal. For example, if the private network user receives the data packet sent by the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the private network user terminal; If the user sends a data packet to the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the access network device, so that the private network user can normally access the public network. .
  • the type information of the network connected to the access network device is obtained, and it is determined that the input end and the output end of the access network device are in different network segments, for example, the input end address is 200.176.23.4, and the output end address is 192.168.1.1.
  • the user terminal is a private network client. In this case, if the user terminal receives the data packet, the destination IP address translation, the port translation of the destination IP address, and the DMAC address conversion are performed on the data packet. After the conversion is completed, Forwarding the data packet to the user terminal; if the user terminal sends the data packet, the source IP address translation, the port translation of the source IP address, and the SMAC address conversion are performed on the data packet, and after the conversion is completed, the data packet is forwarded.
  • the input end and the output end of the access network device are in the same network segment. For example, if the input end address is 200.176.23.4 and the output end address is 200.176.23.10, the user terminal is a public network user end, and the access network device is at this time. No need for SMAC, DMAC, SIP, DIP, SPORT and DPORT are modified.
  • Step 103 Acquire a preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction.
  • step (3) completes the instruction modification process.
  • the instruction structure of the preset modification instruction is as shown in Table 2.
  • the modifying the data packet according to the preset modification instruction includes: when the type information meets a second preset rule, according to the preset modification instruction, Enable the packet to be modified.
  • the second preset rule is that the network type connected to the access network device is inconsistent with the data type of the data packet, that is, the network connected to the access network device is IPv4, and the data packet is IPv6 type data.
  • the packet or the network to which the access network device is connected is IPv6, and the data packet is an IPv4 type data packet.
  • the types of data packets are IPv4 type and IPv6 type. If the access network device is in the IPv4 network, and the received data packet is an IPv6 Ethernet data packet, the IPv4 header information needs to be added to the data packet according to a preset modification command, thereby ensuring IPv6.
  • Type of packet can be in IPv4 If the access network device is in the IPv6 network and the received data packet is an IPv4 Ethernet data packet, the data packet needs to be added according to a preset modification command.
  • the IPv6 header information ensures that IPv4 type packets can be transmitted over the IPv6 network.
  • the access network device in the embodiment of the present invention is a device for connecting a private network and a public network in a home, or a school, or an enterprise.
  • the data sent or received by the user is processed and forwarded by the access network device. .
  • user A needs to receive an Ethernet data packet a.
  • the access network device receives the Ethernet data packet a, it checks the corresponding feature parameter in the packet, and then learns that the packet is the Ethernet data packet of user A. Then, the parameters such as the destination MAC, the destination IP, and the NAPT in the packet are modified.
  • the acquiring a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction includes: presetting according to a preset priority Acquiring a preset modification instruction corresponding to the descriptor information in the instruction set; parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction, and the modification indicator corresponding to the modification information; The modification manner corresponding to the modification indicator and the modification information modify the enable data packet.
  • the modification indicator includes at least one of a replacement indicator, an addition indicator, and a deletion indicator.
  • the method before the modifying the data packet according to the preset modification instruction, the method further includes: acquiring, according to the descriptor information, the to-be-replaced or waiting for the enabled data packet. Deleted second data information.
  • Modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information including:
  • the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  • Skip Determine the number of bytes to skip based on the data in the command. For example, Skip 3 skips 6 bytes without any modification.
  • Delete Decrease the number of bytes to be deleted based on the data in the command and discard the data.
  • the method steps of the instruction modification are as follows:
  • Step 401 Read an instruction.
  • the modified Ethernet packet is obtained, the header of the Ethernet packet is extracted, and stored in eight 258-bit registers, and then an instruction is read according to the instruction address.
  • Step 402 Parsing the instruction and reading the data required for the instruction modification.
  • the instruction is parsed, and the data to be modified for the Ethernet packet header required for the instruction modification is read.
  • Step 403 Modify the Ethernet header according to the instruction.
  • delete the packet header For example, delete the packet header, add/delete/replace the VLAN number, add or delete the PPPoE header, add or delete Ds-lite configuration information (such as: add or delete IPv6 header modification information), add or delete, etc.
  • Ds-lite configuration information such as: add or delete IPv6 header modification information
  • add or delete etc.
  • Step 404 Determine the instruction end mark, if it is the last instruction, end the modification; otherwise, continue the operation of step 401.
  • the modification information includes at least one of the following: modification information of a VLAN, modification information of a PPPoE header, modification information of an IPv6 header, and modification information of an IPv4 header.
  • the first embodiment of the present invention further provides an access network device.
  • the device includes: a data packet descriptor module 201, an enable modification module 202, and an instruction repair.
  • the packet descriptor module 201 is configured to acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
  • the modification module 202 is configured to search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information, so as to obtain Data packet
  • the instruction modification module 203 is configured to acquire the preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction;
  • the data packet storage module 204 is configured to store a data packet sent by the network side
  • the preset information storage module 205 is configured to store the preset enable modification information and the preset modification instruction.
  • the instruction modification module 203 is specifically configured to:
  • the instruction modification module 203 is further configured to: after the modification of the enabled data packet according to the preset modification instruction, acquire, in the enable data packet, a to-be-replaced or The second data information to be deleted.
  • the instruction modification module 203 is specifically configured as:
  • the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information deletion enable information corresponding to the third data information in the enabled data packet.
  • the data packet descriptor module 201 is further configured to: after acquiring descriptor information of the data packet, acquire type information of a network to which the access network device is connected;
  • the enabling modification module 202 is specifically configured as follows:
  • the first data information is replaced with the preset enable information to obtain an enabled data packet.
  • the instruction modification module 203 is specifically configured as:
  • the enabled data packet is modified according to the preset modification instruction.
  • the data packet descriptor module 201 acquires corresponding preset enable modification information according to the structure of the data packet.
  • the access network device consisting of the above structure can perform the following methods and steps:
  • the packet descriptor module 201 acquires descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information.
  • a method for processing a data packet is applied to an access network device, where the access network device may be a router or a Layer 3 switch, or other device having a routing function.
  • the data packet may be an Ethernet data packet.
  • the data packet may be an IPv4 type or IPv6 type Ethernet data packet; it may also be an Ethernet data packet transmitted by an IPv4 type data packet in an IPv6 network, or may also be an IPv6 type data packet in an IPv4 network. Ethernet packets transmitted in.
  • the Ethernet packet transmitted by the IPv4 type packet in the IPv6 network refers to: adding an IPv6 header based on the IPv4 type packet, so that the IPv4 type data is transmitted in the IPv6 network; similarly, The IPv6 type data packet transports the Ethernet data packet in the IPv4 network by adding an IPv4 header to the IPv6 type data packet, so that the IPv6 type data is transmitted in the IPv4 network.
  • the packet descriptor module 201 acquires descriptor information stored in the data packet storage module 204, and a preset enable flag corresponding to the descriptor information and stored in the enable register, and stored in the preset.
  • the preset of the information storage module 205 enables the modification information.
  • the preset enable flag is used to search for data information to be modified in the data packet, As shown in Table 1.
  • the preset enable modification information is used to replace data parameters to be modified in the data packet.
  • the descriptor information is used to describe the structure and type of the data packet, including but not limited to: 1) a preamble for indicating synchronization, a frame start character indicating that the next byte is a destination MAC field, and an acceptance of the specified frame.
  • IPv4 or IPv6 used to indicate
  • the data packet descriptor module 201 acquires corresponding preset enable modification information according to the descriptor information; the enable modification information includes but is not limited to: preset The SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, and the TTL of the packet.
  • the packet descriptor module 201 acquires a corresponding pre-set DMAC based on information indicating the DMAC address of the recipient of the frame; the packet descriptor module 201 acquires information based on the DMAC address of the recipient indicating the frame Corresponding pre-set SMAC and so on.
  • the enable modification module 202 searches for the first data information to be modified in the data packet according to the preset enable flag, and replaces the first data information with the preset enable information to obtain Can data packets.
  • the first data information includes: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL, and CHECKSUM to be modified in the data packet.
  • the above data information is merely an example and is not exhaustive, including but not limited to the above data information.
  • the enable modification module 202 searches for the data information that needs to be modified in the data packet according to the preset enable identifier bit, and then finds the found data. After the data information to be modified is replaced with the preset enable information, thereby Get the modified packet, even if it can. It is noted that before enabling the modification of the data packet, the information of CHECKSUM needs to be calculated, and the original CHECKSUM is replaced with the calculated CHECKSUM to obtain the enabled data packet. The recalculation of CHECKSUM may also be involved in subsequent instruction modification.
  • the information of the SMAC address of the sender looks up the SMAC address to be modified in the data packet, and replaces it with a preset SMAC according to the MAC address to be modified.
  • the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
  • the DMAC address to be modified in the data packet is searched according to the enable bit of the DMAC address, and the MAC address to be modified is replaced with a preset DMAC; enabled according to the SMAC address.
  • the bit searches for the SMAC address to be modified in the data packet, and replaces it with a preset SMAC or the like according to the MAC address to be modified.
  • the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
  • the method further includes: acquiring type information of a network to which the access network device is connected; and replacing the first data information with the The preset enable information is obtained, and the enable data packet is obtained, including: when the type information meets the first preset rule, the enable modification module 202 replaces the first data information with the preset enable information, Obtain the enable packet, as shown in Figure 3.
  • the type information of the current network includes: an input type of the access network device and a network type of the output end.
  • the network types include: public network and private network, or IPv4 network and IPv6 network.
  • the first preset rule is: the network connected to the input end and the output end of the access network device is the same type of network. If the input end is a private network IP address, and the output end is a public network IP address, the input end is The output is not the same type of network; if the input and output are both public IP addresses, the input and output are the same type of network.
  • the private network IP address includes the following three types: 10.0.0.0 to 10.255.255.255, or 172.16.0.0 to 172.31.255.255, or 192.168.0.0 to 192.168.255.255.255. Judging the network address of the input and output can be used to pave the way for modifying the information in the data packet. It should be noted that the input end and the output end are relative to the user terminal, the port connecting the user terminal is an input end, and the port connected to the Internet side is an output end.
  • the above modifications are merely examples and are not exhaustive, including but not limited to the above modifications.
  • the access network device needs to translate the IP address and MAC address and port number in the data packet sent or received by the private network user terminal. For example, if the private network user receives the data packet sent by the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the private network user terminal; If the user sends a data packet to the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the access network device, so that the private network user can normally access the public network. .
  • the type information of the network connected to the access network device is obtained, and it is determined that the input end and the output end of the access network device are in different network segments, for example, the input end address is 200.176.23.4, and the output end address is 192.168.1.1.
  • the user terminal is a private network client. In this case, if the user terminal receives the data packet, the destination IP address translation, the port translation of the destination IP address, and the DMAC address conversion are performed on the data packet. After the conversion is completed, Forwarding the data packet to the user terminal; if the user terminal sends the data packet, the source IP address translation, the port translation of the source IP address, and the SMAC address conversion are performed on the data packet, and after the conversion is completed, the data packet is forwarded.
  • the input end and the output end of the access network device are in the same network segment. For example, if the input end address is 200.176.23.4 and the output end address is 200.176.23.10, the user terminal is a public network user end, and the access network device is at this time. There is no need to modify SMAC, DMAC, SIP, DIP, SPORT and DPORT.
  • the instruction modification module 203 acquires a preset modification instruction corresponding to the descriptor information, and modifies the enabled data packet according to the preset modification instruction.
  • step (3) completes the instruction modification process.
  • the instruction structure of the preset modification instruction is as shown in Table 2.
  • the modifying the data packet according to the preset modification instruction includes: when the type information meets the second preset rule, the command modification module 203 is modified according to the preset The instruction modifies the enabled data packet.
  • the second preset rule is that the network type connected to the access network device is inconsistent with the data type of the data packet, that is, the network connected to the access network device is IPv4, and the data packet is IPv6 type data.
  • the packet or the network to which the access network device is connected is IPv6, and the data packet is an IPv4 type data packet.
  • the types of data packets are IPv4 type and IPv6 type. If the access network device is in the IPv4 network, and the received data packet is an IPv6 Ethernet data packet, the command modification module 203 needs to add an IPv4 header information to the data packet according to the preset modification command. Therefore, it is ensured that the IPv6 type data packet can be transmitted in the IPv4 network; or, if the access network device is in the IPv6 network and the received data packet is an IPv4 Ethernet data packet, A modification instruction is set to add an IPv6 header information to the data packet, thereby ensuring that the IPv4 type data packet can be transmitted in the IPv6 network.
  • the command modification module 203 modifies the enabled data packet according to the preset modification instruction.
  • the access network device in the embodiment of the present invention is a device for connecting a private network and a public network in a home, or a school, or an enterprise.
  • the data sent or received by the user is processed and forwarded by the access network device. .
  • user A needs to receive an Ethernet data packet a.
  • the access network device receives the Ethernet data packet a, it checks the corresponding feature parameter in the packet, and then learns that the packet is the Ethernet data packet of user A. Then, the parameters such as the destination MAC, the destination IP, and the NAPT in the packet are modified.
  • the acquiring a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction includes: the instruction modification module 203 is configured according to a preset priority. The level obtains a preset modification instruction corresponding to the descriptor information from the preset instruction set; the instruction modification module 203 parses the obtained preset modification instruction to obtain the preset The modification information carried by the modification instruction and the modification indicator corresponding to the modification information are set; the instruction modification module 203 modifies the enable data packet according to the modification manner corresponding to the modification indicator and the modification information.
  • the modification indicator includes at least one of a replacement indicator, an addition indicator, and a deletion indicator.
  • the method before the modifying the data packet according to the preset modification instruction, the method further includes: the instruction modification module 203 acquiring the enabled data packet according to the descriptor information.
  • the second data information to be replaced or to be deleted.
  • Modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information including:
  • the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  • Skip Determine the number of bytes to skip based on the data in the command. For example, Skip 3 skips 6 bytes without any modification.
  • Delete Determines the number of bytes to be deleted based on the data in the command and discards the data.
  • the method steps of the instruction modification are as follows:
  • Step 401 Read the instruction.
  • the modified Ethernet packet is obtained, the header of the Ethernet packet is extracted, and stored in eight 258-bit registers, and then an instruction is read according to the instruction address.
  • Step 402 Parsing the instruction and reading the data required for the instruction modification.
  • the instruction is parsed, and the data to be modified for the Ethernet packet header required for the instruction modification is read.
  • Step 403 Modify the Ethernet header according to the instruction.
  • delete the packet header For example, delete the packet header, add/delete/replace the VLAN number, add or delete the PPPoE header, add or delete Ds-lite configuration information (such as: add or delete IPv6 header modification information), add or delete, etc.
  • Ds-lite configuration information such as: add or delete IPv6 header modification information
  • add or delete etc.
  • Step 404 Determine the instruction end mark, if it is the last instruction, end the modification; otherwise, continue the operation of step 401.
  • the modification information includes at least one of the following: modification information of a VLAN, modification information of a PPPoE header, modification information of an IPv6 header, and modification information of an IPv4 header.
  • the acquiring a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction includes: the instruction modification module 203 is configured according to a preset priority. And obtaining a preset modification instruction corresponding to the descriptor information from the preset instruction set; parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction, and the modification instruction corresponding to the modification information And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
  • the modification indicator includes at least one of a replacement indicator, an addition indicator, and a deletion indicator.
  • the method steps of the instruction modification are as follows:
  • Step 401 Acquire and complete the modified Ethernet packet header, and store it in eight 258-bit registers, and read an instruction according to the instruction address.
  • Step 402 Parsing the instruction, and reading the data required for the instruction modification.
  • Step 403 Modify the Ethernet header according to the instruction.
  • delete the packet header For example, delete the packet header, add/delete/replace the VLAN number, add or delete the PPPoE header, add or delete Ds-lite configuration information (such as: add or delete IPv6 header modification information), add or delete, etc.
  • Ds-lite configuration information such as: add or delete IPv6 header modification information
  • add or delete etc.
  • Step 404 Determine the instruction end mark, if it is the last instruction, end the modification; otherwise, continue the operation of step 401.
  • the method before the modifying the data packet according to the preset modification instruction, the method further includes: acquiring, according to the descriptor information, the to-be-replaced or waiting for the enabled data packet. Deleted second data information;
  • Modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information including:
  • the instruction modification module 203 replaces the second data information with the modification information corresponding to the replacement indicator;
  • the instruction modification module 203 adds a header composed of the modification information corresponding to the added indicator to the enabled data packet;
  • the instruction modification module 203 deletes data in the second data information according to the modification information corresponding to the deletion indicator.
  • the modification information includes at least one of: modification information for modifying a VLAN, modification information for adding a PPPoE header, modification information for adding or deleting an IPv6 header, and modification information for adding or deleting an IPv4 header. .
  • the access network device provided by the foregoing embodiment performs the modification of the data packet
  • only the division of each of the foregoing program modules is used as an example.
  • the foregoing processing may be allocated to different programs according to requirements.
  • the module is completed, dividing the internal structure of the device into different program modules to complete all or part of the processing described above.
  • the access network device and the data packet processing method embodiment provided by the foregoing embodiments are in the same concept, and the specific implementation process is described in the method embodiment, and details are not described herein again.
  • the solution of the embodiment of the present invention combines the enabling modification method and the enabling modification method, by which the descriptor information in the Ethernet data packet can be read, and the preset enabling modification is respectively obtained based on the read descriptor information. And modifying the instruction, and then modifying the Ethernet packet according to the obtained enable modification information; in addition, modifying the modified Ethernet data packet according to the obtained modification instruction.
  • the solution of the embodiment of the present invention combines the enabling modification method and the enabling modification method, and has the modification speed and control compared with the method of only modifying the instruction. Simple and other advantages, avoiding the shortcomings of excessive instruction modification and complicated modification caused by simple instruction modification, improving network output performance, etc. Compared with the method of enabling only modification, it has more flexible features and can meet the compatibility of the new future. Modification requirements.
  • An embodiment of the present invention provides another method for processing a data packet. As shown in FIG. 5, the method may include the following steps:
  • Step 501 Receive an Ethernet data packet sent by the network side.
  • Step 502 Read an Ethernet packet.
  • the detailed step of enabling the modification module to read the Ethernet packet is to read one packet at a time from the FIFO array of the packet storage module (denoted as DATA_FIFO), and then send the read packet to enable. Modify the module; when reading the packet cutoff identifier (denoted as packet_eop), it stops reading data from the DATA_FIFO.
  • the packet description module also reads the Ethernet packet from the packet storage module in order to obtain the descriptor information of the Ethernet packet.
  • Step 503 Obtain descriptor information of the Ethernet data packet.
  • the corresponding data packet descriptor is read according to the Ethernet data packet, and the data packet descriptor is stored in the first-in first-out array of the descriptor module (referred to as DESC_FIFO).
  • DESC_FIFO the first-in first-out array of the descriptor module
  • Step 504 data flow information, MAC information, VLAN information, QoS information, and the like.
  • Step 505 Acquire modification information corresponding to the descriptor information.
  • the information includes at least one of the following: flow information, MAC information, VLAN information, and QoS information.
  • Step 506 Modify the Ethernet data packet according to the descriptor information and the obtained modification information.
  • the modification module determines the structure of the package.
  • the data stream identifier flow_id is used as the address to index and modify the enable RAM, modify the VLAN RAM, command RAM, etc. Send to the enable modification module for the module to determine the modification operation.
  • Step 507 Obtain the modified Ethernet data packet.
  • the fixed modification module (denoted as pm_modify_fix) completes the MAC modification of the 256-byte header data registered for the module, DSCP/TC, according to the value in the enable register and the descriptors IPv4_flag, IPv6_flag, TCP_flag, UDP_flag, l2_offset, l3_offset information. Modification, SIP/DIP modification, SPORT/DPORT modification, IP_CHECKUM, TCP_CHECKSUM verification information update and TTL modification, and the modified data is sent to the instruction modification module.
  • Step 508 The modified Ethernet data packet is transmitted to the instruction modification module to perform instruction modification.
  • Step 509 Store the instruction, including: modifying the command (denoted as cmd) and modifying the data required by the packet (denoted as cmd_dat).
  • the packet descriptor module module (denoted as pm_desc_ctrl) transmits the read instruction and the modified data to the instruction and modification data read from the instruction storage unit and the data storage unit in the preset information storage module according to the descriptor information.
  • the instruction modification module, the instruction modification module performs VLAN modification on the Ethernet packet, PPPOE addition and deletion, Ds-lite addition and deletion, etc., and sends the final modified data while modifying, until the read instruction includes an end tag, the end instruction is modified, and the remaining Data is directly transmitted.
  • the instruction format and corresponding description are shown in Table 2.
  • Step 510 An instruction corresponding to the descriptor information.
  • Step 511 Modify the modified Ethernet data packet according to the instruction.
  • cmd_addr Read an instruction according to the instruction address (denoted as cmd_addr), parse the instruction, and read the data required by the instruction modification. Perform corresponding packet header jump, delete, VLAN increase/delete/replace, PPPOE add delete, Ds-lite add delete, v6rd add or delete, etc., as shown in Figure 4.
  • the PPPOE addition deletion refers to: adding an IPv6 header to an IPv4 packet so that IPv4 data can be transmitted on the IPv6 network; or, when the transmission is completed, deleting the IPv6 header of the IPv4 packet.
  • the v6rd addition or deletion refers to: adding an IPv4 header to an IPv6 packet so that IPv6 data can be transmitted over the IPv4 network; or, when the transmission is completed, deleting the IPv4 header of the IPv6 packet.
  • the access network device 600 includes a processor 601 and a memory 602 configured to store an executable program executable on the processor.
  • the access network device 600 can be a router, a Layer 3 switch, or other device with routing capabilities.
  • the access network device 600 shown in FIG. 6 includes at least one processor 601 and a memory 602.
  • the various components in the access network device 600 are coupled together by a bus system 603. It will be appreciated that the bus system 603 is configured to enable connection communication between these components.
  • the bus system 603 includes a power bus, a control bus, and a status signal bus in addition to the data bus. However, for clarity of description, various buses are labeled as bus system 603 in FIG.
  • memory 602 can be either volatile memory or non-volatile memory, and can include both volatile and nonvolatile memory.
  • the non-volatile memory may be a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), or an Erasable Programmable Read (EPROM). Only Memory), Electrically Erasable Programmable Read-Only Memory (EEPROM), Ferromagnetic Random Access Memory (FRAM), Flash Memory, Magnetic Surface Memory , CD-ROM, or Compact Disc Read-Only Memory (CD-ROM); the magnetic surface memory can be a disk storage or a tape storage.
  • the volatile memory can be a random access memory (RAM) that acts as an external cache.
  • RAM Random Access Memory
  • SRAM Static Random Access Memory
  • SSRAM Synchronous Static Random Access Memory
  • SSRAM Dynamic Random Access
  • DRAM Dynamic Random Access Memory
  • SDRAM Synchronous Dynamic Random Access Memory
  • DDRSDRAM Double Data Rate Synchronous Dynamic Random Access Memory
  • ESDRAM enhancement Enhanced Synchronous Dynamic Random Access Memory
  • SLDRAM Synchronous Dynamic Random Access Memory
  • DRRAM Direct Memory Bus Random Access Memory
  • Memory 602 in an embodiment of the invention is configured to store various types of data to support operation of access network device 600.
  • Examples of such data include any executable program configured to operate on the access network device 600, such as a store data packet, preset enable modification information, and a preset modification command.
  • a program implementing the method of the embodiment of the present invention is stored in the memory 602.
  • Processor 601 may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the foregoing method may be completed by an integrated logic circuit of hardware in the processor 601 or an instruction in a form of software.
  • the processor 601 described above may be a general purpose processor, a digital signal processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware component, or the like.
  • DSP digital signal processor
  • the processor 601 can implement or perform the various methods, steps, and logic blocks disclosed in the embodiments of the present invention.
  • a general purpose processor can be a microprocessor or any conventional processor or the like.
  • the steps of the method disclosed in the embodiment of the present invention may be directly implemented as a hardware decoding processor, or may be performed by a combination of hardware and software modules in the decoding processor.
  • the software module can be located in a storage medium, which is located in the memory 602.
  • the processor 601 reads the information in the memory 602 and completes the steps of the following methods in combination with its hardware:
  • the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
  • the processor 601 obtains, according to the preset priority, a preset modification instruction corresponding to the descriptor information from the preset instruction set;
  • the processor 601 acquires, according to the descriptor information, second data information to be replaced or to be deleted in the enabled data packet.
  • the processor 601 replaces the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  • the processor 601 acquires type information of a network to which the access network device is connected.
  • the first data information is replaced with the preset enable information to obtain an enabled data packet.
  • the enabled data packet is modified according to the preset modification instruction.
  • the processor 601 modifies the enabled data packet according to the preset modification instruction.
  • the processor 601 obtains corresponding preset enable modification information according to the structure of the data packet.
  • the embodiment of the present invention further provides a non-transitory readable storage medium, such as a memory 602 including an executable program executable by the processor 601 of the access network device 600 to perform the steps described in the foregoing method.
  • the executable readable storage medium may be a ferroelectric memory (FRAM), a read only memory (ROM), a programmable read only memory (PROM), a programmable erasable read only memory (EPROM). , Erasable Programmable Read Only Memory), EEPROM (Electrically Erasable Programmable Read-Only Memory), Flash Memory, Magnetic Surface Memory, or optical disk; or One or any combination of devices, such as mobile phones, computers, tablets Equipment, personal digital assistants, etc.
  • FRAM ferroelectric memory
  • ROM read only memory
  • PROM programmable read only memory
  • EPROM programmable erasable read only memory
  • EEPROM Electrically Erasable Programmable Read-Only Memory
  • Flash Memory Magnetic Surface Memory, or optical disk
  • the embodiment of the invention further provides a non-transitory readable storage medium, on which an executable program is stored, and when the executable program is executed by the processor, the execution is performed:
  • the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
  • the method further includes: acquiring, according to a preset priority, a preset modification instruction corresponding to the descriptor information from a preset instruction set;
  • the method further includes: before the modifying the modified data packet according to the preset modification instruction, acquiring, according to the descriptor information, the to-be-replaced or waiting for the enabled data packet. Deleted second data information.
  • the method further includes: when the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator ;
  • modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
  • the modification indicator is a deletion indicator
  • the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  • the method further includes: acquiring type information of a network to which the access network device is connected;
  • the replacing the first data information with the preset enabling information to obtain an enabled data packet includes:
  • the first data information is replaced with the preset enable information to obtain an enabled data packet.
  • the enabled data packet is modified according to the preset modification instruction.
  • the executable program When executed by the processor, it is further executed to: obtain corresponding preset enable modification information according to the structure of the data packet.
  • the embodiment of the invention discloses a method for processing a data packet, the method comprising: acquiring descriptor information of a data packet, and a preset enable flag bit and a preset enable modification information corresponding to the descriptor information;
  • the preset enable flag bit searches for the first data information to be modified in the data packet, replaces the first data information with the preset enable information, obtains an enable data packet, and obtains the description a preset modification instruction corresponding to the information, and modifying the enabled data packet according to the preset modification instruction.
  • the invention also discloses an access network device and a non-transitory readable storage medium. Through the embodiments of the present invention, rapid modification of data packets can be achieved.

Abstract

Disclosed is a method for processing a data packet. The method comprises: acquiring descriptor information about a data packet, and a pre-set enable flag bit and pre-set enable modification information corresponding to the descriptor information; according to the pre-set enable flag bit, searching for first data information, to be modified, in the data packet, and replacing the first data information with the pre-set enable information so as to obtain an enable data packet; and acquiring a pre-set modification instruction corresponding to the descriptor information, and modifying the enable data packet according to the pre-set modification instruction. Also disclosed in the present invention are an access network device and a non-transient readable storage medium.

Description

一种数据包的处理方法、接入网设备及非暂态可读存储介质Data packet processing method, access network device and non-transitory readable storage medium
相关申请的交叉引用Cross-reference to related applications
本申请基于申请号为201710362029.8、申请日为2017年5月22日的中国专利申请提出,并要求该中国专利申请的优先权,该中国专利申请的内容在此引入本申请作为参考。The present application is based on a Chinese patent application filed on Jan. 22, 2017, the filing date of
技术领域Technical field
本发明涉及通信技术,尤其涉及一种数据包的处理方法、接入网设备及非暂态可读存储介质。The present invention relates to communication technologies, and in particular, to a data packet processing method, an access network device, and a non-transitory readable storage medium.
背景技术Background technique
随着互联网技术的迅猛发展,用户对接入网的流量需求越来越大,如互联网协议电视(IPTV,Internet Protocol Television)、在线直播、高清视频、无线智能设备同时接入等,为了满足用户对高速率的传输需求,因此,上下行传输速率超1000兆比特/秒(Mbps)的设备开始逐步研发和生产。With the rapid development of Internet technology, users have more and more demand for access network traffic, such as Internet Protocol Television (IPTV), online live broadcast, high-definition video, wireless smart devices, etc., in order to meet users. For high-speed transmission requirements, devices with uplink and downlink transmission rates exceeding 1000 megabits per second (Mbps) are beginning to be developed and produced.
对于接入网设备,若要完成数据包的交换和路由功能,则需要对该数据包进行相应的修改,如:媒体访问控制(MAC,Media Access Control)地址转换,虚拟局域网(VLAN,Virtual Local Area Network)增加、删除或修改,三层互联网协议(IP,Internet Protocol)地址和网络端口地址(NAPT,Network Address Port Translation)修改,基于以太网的点对点通讯协议(PPPOE,Point to Point Protocol over Ethernet)配置信息修改、互联网协议第四版本(IPv4,Internet Protocol Version 4)到互联网协议第六版本(IPv6,Internet Protocol Version 6)的轻型双栈(Ds-lite,Double stack-lite)配置信息修改等。 For the access network device, if the packet switching and routing function is to be completed, the data packet needs to be modified accordingly, such as: Media Access Control (MAC, Media Access Control) address translation, virtual local area network (VLAN, Virtual Local) Area Network) Add, delete or modify, Layer 3 Internet Protocol (IP) address and Network Address Port Translation (NAPT), Ethernet-based Point-to-Point Protocol over Ethernet (PPPOE) ) configuration information modification, Internet Protocol Version 4 (IPv4, Internet Protocol Version 4) to Internet Protocol Version 6 (IPv6, Internet Protocol Version 6), light double-stack (Ds-lite, Double stack-lite) configuration information modification, etc. .
目前,常用的数据包处理方法为指令修改,其处理方法是:把指令和修改数据写入随机存取存储器(RAM,Random Access Memory)中,通过解析指令进行逐步修改,直到完成最后一条指令。通过指令修改的方法,由于在数据包修改过程中,需要使用大量的指令来实现数据包的修改,而过多的指令解析会影响设备的性能。At present, the commonly used packet processing method is instruction modification, and the processing method is: writing the instruction and the modified data into a random access memory (RAM, Random Access Memory), and performing stepwise modification by parsing the instruction until the last instruction is completed. Through the instruction modification method, since a large number of instructions are needed to implement data packet modification during the packet modification process, excessive instruction parsing may affect the performance of the device.
发明内容Summary of the invention
有鉴于此,本发明实施例期望提供一种数据包的处理方法、接入网设备及非暂态可读存储介质,实现数据包的快速修改。In view of this, the embodiments of the present invention are expected to provide a method for processing a data packet, an access network device, and a non-transitory readable storage medium, to implement rapid modification of the data packet.
为达到上述目的,本发明实施例的技术方案是这样实现的:To achieve the above objective, the technical solution of the embodiment of the present invention is implemented as follows:
本发明实施例提供了一种数据包的处理方法,所述方法包括:An embodiment of the present invention provides a method for processing a data packet, where the method includes:
获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;Obtaining descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;And the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。Obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction.
上述方案中,所述预设使能修改信息包括以下至少之一:源媒体访问控制地址(SMAC,Source Media Access Control)、目的媒体访问控制地址(DMAC,Destination Media Access Control)、差分服务代码点(DSCP,Differentiated Services Code Point)、源互联网协议地址(SIP,Source Internet Protocol)、目的互联网协议地址(DIP,Destination Internet Protocol)、源端口号(SPORT,Source PORT)、目的端口号(DPORT,Destination PORT)、所述数据包的生存时间(TTL,Time To Live)、校验和(CHECKSUM)。In the foregoing solution, the preset enable modification information includes at least one of the following: a source media access control address (SMAC), a destination media access control address (DMAC, a destination media access control), and a differential service code point. (DSCP, Differentiated Services Code Point), Source Internet Protocol (SIP), Destination Internet Protocol (DIP, Destination Internet Protocol), Source Port Number (SPORT, Source PORT), Destination Port Number (DPORT, Destination) PORT), the lifetime of the packet (TTL, Time To Live), checksum (CHECKSUM).
上述方案中,所述获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改,包括: In the above solution, the obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction, includes:
根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;Acquiring a preset modification instruction corresponding to the descriptor information from a preset instruction set according to a preset priority;
解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
根据所述修改指示符对应的修改方式和所述修改信息,修改所述使能数据包。And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
上述方案中,所述修改指示符包括以下类型至少之一:替换指示符、添加指示符和删除指示符。In the above solution, the modification indicator includes at least one of the following types: a replacement indicator, an addition indicator, and a deletion indicator.
上述方案中,所述根据所述预设修改指令对所述使能数据包进行修改之前,所述方法还包括:In the foregoing solution, before the modifying the enabled data packet according to the preset modification instruction, the method further includes:
根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。And acquiring second data information to be replaced or to be deleted in the enabled data packet according to the descriptor information.
上述方案中,所述根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包,包括:In the foregoing solution, the modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information includes:
当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息,删除所述使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
上述方案中,所述修改信息包括以下至少之一:VLAN信息、PPPoE报头信息、IPv6报头信息、IPv4报头信息。In the above solution, the modification information includes at least one of the following: VLAN information, PPPoE header information, IPv6 header information, and IPv4 header information.
上述方案中,所述获取数据包的描述符信息之后,所述方法还包括:In the above solution, after the obtaining the descriptor information of the data packet, the method further includes:
获取接入网设备所连接的网络的类型信息;Obtaining type information of a network connected to the access network device;
所述将所述第一数据信息替换为所述预设使能信息,获得使能数据包, 包括:The replacing the first data information with the preset enabling information to obtain an enabling data packet, include:
当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet.
所述根据所述预设修改指令对所述使能数据包进行修改,包括:And modifying the enabled data packet according to the preset modification instruction, including:
当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
上述方案中,所述描述符信息用于描述所述数据包的结构;In the above solution, the descriptor information is used to describe a structure of the data packet;
所述获取与所述描述符信息对应的预设使能修改信息,包括:And the acquiring the preset enable modification information corresponding to the descriptor information, including:
根据所述数据包的结构获取对应的预设使能修改信息。Obtaining corresponding preset enable modification information according to the structure of the data packet.
本发明实施例还提供了一种接入网设备,所述设备包括:An embodiment of the present invention further provides an access network device, where the device includes:
数据包描述符模块,配置为获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;a packet descriptor module, configured to acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
使能修改模块,配置为根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;The modification module is configured to search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information to obtain the enable data pack;
指令修改模块,配置为获取与所述描述符信息对应的所述预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改;The instruction modification module is configured to acquire the preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction;
数据包存储模块,配置为存储网络侧发送的数据包;a data packet storage module configured to store a data packet sent by the network side;
预设信息存储模块,配置为存储所述预设使能修改信息和预设修改指令。The preset information storage module is configured to store the preset enable modification information and the preset modification instruction.
上述方案中,所述预设使能修改信息包括以下至少之一:SMAC、DMAC、DSCP、SIP、DIP、SPORT、DPORT、所述数据包的TTL,以及CHECKSUM。In the above solution, the preset enable modification information includes at least one of the following: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL of the data packet, and CHECKSUM.
上述方案中,所述指令修改模块,具体配置为:In the above solution, the instruction modification module is specifically configured as:
根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设 修改指令;Obtaining a preset corresponding to the descriptor information from a preset instruction set according to a preset priority Modify the instruction;
解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
上述方案中,所述修改指示符包括以下类型至少之一:替换指示符、添加指示符和删除指示符。In the above solution, the modification indicator includes at least one of the following types: a replacement indicator, an addition indicator, and a deletion indicator.
上述方案中,所述指令修改模块,还配置为在根据所述预设修改指令对所述使能数据包进行修改之前,根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。In the above solution, the instruction modification module is further configured to: before the modification of the enabled data packet according to the preset modification instruction, acquire, according to the descriptor information, the to-be-replaced or to be replaced in the enabled data packet. Deleted second data information.
上述方案中,所述指令修改模块,具体配置为:In the above solution, the instruction modification module is specifically configured as:
当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息删除使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
上述方案中,所述修改信息包括以下至少之一:VLAN信息、PPPoE报头信息、IPv6报头信息、IPv4报头信息。In the above solution, the modification information includes at least one of the following: VLAN information, PPPoE header information, IPv6 header information, and IPv4 header information.
上述方案中,所述数据包描述符模块,还配置为在获取数据包的描述符信息之后,获取所述接入网设备所连接的网络的类型信息;In the foregoing solution, the data packet descriptor module is further configured to: after acquiring descriptor information of the data packet, acquire type information of a network to which the access network device is connected;
所述使能修改模块,具体配置为:The modification module is enabled, and the specific configuration is:
当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet.
所述指令修改模块,具体配置为: The instruction modification module is specifically configured as:
当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
上述方案中,所述描述符信息配置为描述所述数据包的结构;In the above solution, the descriptor information is configured to describe a structure of the data packet;
所述指令修改模块,具体配置为:The instruction modification module is specifically configured as:
根据所述数据包的结构获取对应的预设使能修改信息。Obtaining corresponding preset enable modification information according to the structure of the data packet.
本发明实施例还提供了一种接入网设备,所述设备包括:处理器和配置为存储能够在处理器上运行的可执行程序的存储器;其中,所述处理器配置为运行所述可执行程序时,执行本发明实施例所述的数据包的处理方法。An embodiment of the present invention further provides an access network device, the device comprising: a processor and a memory configured to store an executable program executable on the processor; wherein the processor is configured to run the When the program is executed, the processing method of the data packet described in the embodiment of the present invention is executed.
本发明实施例还提供了一种非暂态可读存储介质,所述非暂态可读存储介质中存储有可执行程序,所述可执行程序配置为执行本发明实施例所述的数据包的处理方法。The embodiment of the present invention further provides a non-transitory readable storage medium, where the non-transitory readable storage medium stores an executable program, and the executable program is configured to execute the data packet according to the embodiment of the present invention. Processing method.
本发明实施例提供了一种数据包的处理方法、接入网设备及非暂态可读存储介质,通过本发明实施例,可以读取以太网数据包中的描述符信息,并基于读取的描述符信息分别获取预设的使能修改信息和修改指令,然后,根据获取到的使能修改信息对该以太网数据包进行使能修改;此外,还根据获取到的修改指令对使能修改后的以太网数据包进行指令修改。本发明实施例方案结合了使能修改方法和使能修改方法,与只用指令修改的方法相比,具有修改速度快、控制简单等优点,避免了单纯指令修改带来的指令过多、修改复杂等缺点,提高了网络输出性能等;与只用使能修改的方法相比,具有更加灵活的特点,可以满足兼容未来新的修改需求。The embodiment of the present invention provides a data packet processing method, an access network device, and a non-transitory readable storage medium. According to the embodiment of the present invention, descriptor information in an Ethernet data packet can be read and read based on The descriptor information respectively obtains the preset enable modification information and the modification instruction, and then enables the modification of the Ethernet data packet according to the obtained enable modification information; in addition, it is enabled according to the obtained modification instruction pair. The modified Ethernet packet is modified by the instruction. The embodiment of the present invention combines the enabling modification method and the enabling modification method, and has the advantages of quick modification speed, simple control, and the like, and avoids excessive instruction and modification caused by simple instruction modification. Complexity and other shortcomings, improve network output performance, etc.; compared with the method of enabling only modification, it has more flexible features, which can meet the new modification requirements in the future.
附图说明DRAWINGS
图1为本发明实施例提供的一种数据包的处理方法的实现流程示意图;1 is a schematic flowchart of an implementation process of a data packet processing method according to an embodiment of the present invention;
图2为本发明实施例提供的一种接入网设备的组成结构示意图; 2 is a schematic structural diagram of a structure of an access network device according to an embodiment of the present invention;
图3为本发明实施例提供的使能修改的流程示意图;FIG. 3 is a schematic flowchart of enabling modification according to an embodiment of the present disclosure;
图4为本发明实施例提供的指令修改的流程示意图;4 is a schematic flowchart of instruction modification according to an embodiment of the present invention;
图5为本发明实施例提供的一种数据包的处理方法的实现流程示意图;FIG. 5 is a schematic flowchart of an implementation process of a data packet processing method according to an embodiment of the present disclosure;
图6为本发明实施例提供的一种接入网设备的组成结构示意图。FIG. 6 is a schematic structural diagram of a structure of an access network device according to an embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述。The technical solutions in the embodiments of the present invention will be clearly and completely described in the following with reference to the accompanying drawings.
图1为本发明实施例提供的一种数据包的处理方法的实现流程示意图,如图1所示,所述方法可以包括以下步骤:FIG. 1 is a schematic flowchart of a method for processing a data packet according to an embodiment of the present invention. As shown in FIG. 1 , the method may include the following steps:
步骤101:获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息。Step 101: Acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information.
本发明实施例中,数据包的处理方法应用于接入网设备,所述接入网设备可以是路由器或三层交换机,或其它具有路由功能的设备。这里,所述数据包可以是以太网数据包。值得注意的是,该数据包可以是IPv4类型或IPv6类型的以太网数据包;也可以是IPv4类型数据包在IPv6网络中传输的以太网数据包,或者也可以是IPv6类型数据包在IPv4网络中传输的以太网数据包。这里解释一下,IPv4类型数据包在IPv6网络中传输的以太网数据包指的是:在IPv4类型数据包的基础上添加一个IPv6的报头,以便于IPv4类型数据在IPv6网络中传输;同理,IPv6类型数据包在IPv4网络中传输的以太网数据包指的是:在IPv6类型数据包的基础上添加一个IPv4的报头,以便于IPv6类型数据在IPv4网络中传输。In the embodiment of the present invention, a method for processing a data packet is applied to an access network device, where the access network device may be a router or a Layer 3 switch, or other device having a routing function. Here, the data packet may be an Ethernet data packet. It is worth noting that the data packet may be an IPv4 type or IPv6 type Ethernet data packet; it may also be an Ethernet data packet transmitted by an IPv4 type data packet in an IPv6 network, or may also be an IPv6 type data packet in an IPv4 network. Ethernet packets transmitted in. Here, the Ethernet packet transmitted by the IPv4 type packet in the IPv6 network refers to: adding an IPv6 header based on the IPv4 type packet, so that the IPv4 type data is transmitted in the IPv6 network; similarly, The IPv6 type data packet transports the Ethernet data packet in the IPv4 network by adding an IPv4 header to the IPv6 type data packet, so that the IPv6 type data is transmitted in the IPv4 network.
这里,所述预设使能标志位用于查找所述数据包中待修改的数据信息,如表1所示,其中,表1为使能位名称、待替换的数据和相应存储地址说明。。所述预设使能修改信息用于替换数据包中待修改的数据参数。所述描述符信息用于描述所述数据包的结构和类型,包括但不限于:1)用于指明同步的前导码、标明下一个字节为目的MAC字段的帧开始符、指明帧的接受者的DMAC地址、指明帧的发送者的SMAC地址、标识帧的数据字段 长度和指明帧中数据的协议类型的信息;2)用于指明IP协议的版本的数据类型(如IPv4或IPv6)、指明IP数据报首部长度、指明IP数据报总长度、标识IP数据报是否还有分片的标识(flag)、标识标识分组在分片后在原分组中的相对位置的片偏移、指明数据包生成时间、指明该数据报携带的数据为何种协议、计算该数据报的首部CHECKSUM、指明发送方的源IP地址、指明接收方的目的IP地址和区分服务的优先级的DSCP的信息;3)用于标识和区分源端设备的应用进程的SPORT、标识目的端设备的应用进程的DPORT和校验传输控制协议(TCP,Transmission Control Protocol)报头部分和数据部分的正确性的信息等。Here, the preset enable flag is used to search for data information to be modified in the data packet, as shown in Table 1, where Table 1 is an enable bit name, data to be replaced, and a corresponding storage address description. . The preset enable modification information is used to replace data parameters to be modified in the data packet. The descriptor information is used to describe the structure and type of the data packet, including but not limited to: 1) a preamble for indicating synchronization, a frame start character indicating that the next byte is a destination MAC field, and an acceptance of the specified frame. DMAC address, SMAC address of the sender indicating the frame, data field of the identification frame Length and information indicating the protocol type of the data in the frame; 2) data type (such as IPv4 or IPv6) indicating the version of the IP protocol, indicating the length of the IP datagram header, indicating the total length of the IP datagram, identifying whether the IP datagram is There is also a flag of the slice, a slice offset indicating the relative position of the packet in the original packet after fragmentation, indicating the packet generation time, indicating what protocol the data carried by the datagram is, and calculating the datagram. The first CHECKSUM, the source IP address of the sender, the destination IP address of the receiver, and the DSCP information of the priority of the service; 3) the SPORT for identifying and distinguishing the application process of the source device, and the destination device The DPORT of the application process and the information about the correctness of the header part and the data part of the Transmission Control Protocol (TCP).
表1Table 1
Figure PCTCN2017103768-appb-000001
Figure PCTCN2017103768-appb-000001
Figure PCTCN2017103768-appb-000002
Figure PCTCN2017103768-appb-000002
本发明实施例中,在获得所示描述符信息后,根据所述描述符信息获取相应的预设使能修改信息;所述使能修改信息包括但不限于:预先设定的SMAC、DMAC、DSCP、SIP、DIP、SPORT、DPORT,以及所述数据包的TTL。In the embodiment of the present invention, after obtaining the descriptor information, the corresponding preset enable modification information is obtained according to the descriptor information; the enable modification information includes but is not limited to: a preset SMAC, a DMAC, DSCP, SIP, DIP, SPORT, DPORT, and the TTL of the packet.
例如,根据用于指明帧的接受者的DMAC地址的信息获取对应的预先设定的DMAC;根据用于指明帧的接受者的DMAC地址的信息获取对应的预先设定的SMAC等等。For example, a corresponding pre-set DMAC is acquired according to information for indicating the DMAC address of the recipient of the frame; a corresponding pre-set SMAC or the like is acquired according to information for indicating the DMAC address of the recipient of the frame.
步骤102:根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。Step 102: Search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information to obtain an enabled data packet.
这里,步骤102完成的是使能修改过程。所述第一数据信息包括:数据包中待修改的SMAC、DMAC、DSCP、SIP、DIP、SPORT、DPORT、TTL和CHECKSUM等。上述数据信息仅仅是举例,并非穷举,包括但不 仅限于上述数据信息。Here, step 102 completes the enabling modification process. The first data information includes: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL, and CHECKSUM to be modified in the data packet. The above data information is only an example, not exhaustive, including but not Only for the above data information.
本发明实施例中,获取到所述描述符信息和所述预设使能信息后,根据预设使能标识位查找数据包中需要修改的数据信息,然后将查找到的所需修改的数据信息后,将其替换为预设使能信息,从而得到修改后的数据包,即使能数据包。指的注意的是,使能修改所述数据包前,需计算CHECKSUM的信息,使用计算出来的CHECKSUM替换原有CHECKSUM,得到所述使能数据包。在后续的指令修改过程中,也可能涉及CHECKSUM的重新计算。In the embodiment of the present invention, after obtaining the descriptor information and the preset enabling information, searching for the data information that needs to be modified in the data packet according to the preset enabling flag, and then searching for the required modified data. After the information is replaced with the preset enable information, the modified data packet is obtained, even if the data packet can be obtained. It is noted that before enabling the modification of the data packet, the information of CHECKSUM needs to be calculated, and the original CHECKSUM is replaced with the calculated CHECKSUM to obtain the enabled data packet. The recalculation of CHECKSUM may also be involved in subsequent instruction modification.
例如,根据用于指明帧的接受者的DMAC地址的信息查找所述数据包中待修改的DMAC地址,并将所述待修改的MAC地址替换为预先设定的DMAC;根据用于指明帧的发送者的SMAC地址的信息查找所述数据包中待修改的SMAC地址,并根据所述待修改的MAC地址替换为预先设定的SMAC等等。此外,当对需要修改的数据进行修改后,对数据包进行CHECKSUM计算,所示CHECKSUM计算包括:IP_CHECKSUM、TCP_CHECKSUM、UDP_CHECKSUM。For example, searching for a DMAC address to be modified in the data packet according to information indicating a DMAC address of a recipient of the frame, and replacing the MAC address to be modified with a preset DMAC; according to the frame for specifying The information of the SMAC address of the sender looks up the SMAC address to be modified in the data packet, and replaces it with a preset SMAC according to the MAC address to be modified. In addition, when the data to be modified is modified, the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
或者,获取到所述描述符信息和所述预设使能信息后,根据描述符信息获取针对所述数据包中待修改的使能位名称、和/或所述数据包中待修改数据的指针,通过该使能位和/或指针查找数据包中需要修改的数据信息,然后将查找到的所需修改的数据信息后,将其替换为预设使能信息,从而得到修改后的数据包,即使能数据包。Or, after obtaining the descriptor information and the preset enable information, acquiring, according to the descriptor information, an enable bit name to be modified in the data packet, and/or a data to be modified in the data packet. Pointer, through the enable bit and / or pointer to find the data information in the data packet that needs to be modified, and then the found modified data information is replaced with the preset enable information, thereby obtaining the modified data Package, even if it can be a packet.
例如,如表1所示,根据DMAC地址的使能位查找所述数据包中待修改的DMAC地址,并将所述待修改的MAC地址替换为预先设定的DMAC;根据SMAC地址的使能位查找所述数据包中待修改的SMAC地址,并根据所述待修改的MAC地址替换为预先设定的SMAC等等。此外,当对需要修改的数据进行修改后,对数据包进行CHECKSUM计算,所示CHECKSUM计算包括:IP_CHECKSUM、TCP_CHECKSUM、UDP_CHECKSUM。For example, as shown in Table 1, the DMAC address to be modified in the data packet is searched according to the enable bit of the DMAC address, and the MAC address to be modified is replaced with a preset DMAC; enabled according to the SMAC address. The bit searches for the SMAC address to be modified in the data packet, and replaces it with a preset SMAC or the like according to the MAC address to be modified. In addition, when the data to be modified is modified, the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
本发明实施例中,所述获取所述数据包的描述符信息之后,所述方法还包括:获取接入网设备所连接的网络的类型信息;所述将所述第一数据信息替换为所述预设使能信息,获得使能数据包,包括:当所述类型信息 满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包,如图3所示。In the embodiment of the present invention, after the acquiring the descriptor information of the data packet, the method further includes: acquiring type information of a network to which the access network device is connected; and replacing the first data information with the Determining the enable information, obtaining the enable data packet, including: when the type information When the first preset rule is met, the first data information is replaced with the preset enabling information, and an enabled data packet is obtained, as shown in FIG. 3 .
这里,所述当前网络的类型信息包括:接入网设备的输入端和输出端的网络类型。所述网络类型包括:公网和私网,或者IPv4网络和IPv6网络。所述第一预设规则为:接入网设备的输入端和输出端的分别连接的网络为相同类型网络,如输入端为私网IP地址、输出端为公网IP地址时,则输入端和输出端不是同一种类型网络;若输入端和输出端同为公网IP地址时,则输入端和输出端为同一种类型网络。其中,私网IP地址包括以下三种:10.0.0.0至10.255.255.255,或172.16.0.0至172.31.255.255,或192.168.0.0至192.168.255.255。判断输入端和输出端的网络地址,可以为是否修改数据包中的信息做铺垫。值得注意的是,所述输入端和输出端是相对于用户终端而言的,连接用户终端的端口为输入端,连接互联网侧的端口为输出端。上述修改的内容仅仅是举例,并非穷举,包括但不仅限于与上述修改的内容。Here, the type information of the current network includes: an input type of the access network device and a network type of the output end. The network types include: public network and private network, or IPv4 network and IPv6 network. The first preset rule is: the network connected to the input end and the output end of the access network device is the same type of network. If the input end is a private network IP address, and the output end is a public network IP address, the input end is The output is not the same type of network; if the input and output are both public IP addresses, the input and output are the same type of network. The private network IP address includes the following three types: 10.0.0.0 to 10.255.255.255, or 172.16.0.0 to 172.31.255.255, or 192.168.0.0 to 192.168.255.255. Judging the network address of the input and output can be used to pave the way for modifying the information in the data packet. It should be noted that the input end and the output end are relative to the user terminal, the port connecting the user terminal is an input end, and the port connected to the Internet side is an output end. The above modifications are merely examples and are not exhaustive, including but not limited to the above modifications.
例如,私网用户若要上公网,需要接入网设备将私网用户终端发送或接收的数据包中的IP地址和MAC地址和端口号进行相应转换。举例来说,若私网用户接收公网侧发送的数据包,则需要接入网设备将该数据包中的IP地址和MAC地址和端口号替换为私网用户终端的相应信息;若私网用户向公网侧发送数据包,则需要接入网设备将该数据包中的IP地址和MAC地址和端口号替换为接入网设备的相应信息,以实现私网用户能正常的上公共网络。具体地,首先获取接入网设备所连接的网络的类型信息,判断出接入网设备的输入端和输出端处于不同网段,如输入端地址为200.176.23.4,输出端地址为192.168.1.1时,说明用户终端为私网用户端,此时,若用户终端接收数据包,则需要对该数据包进行目的IP地址转换、目的IP地址的端口转换,以及DMAC地址的转换,转换完成后,将该数据包转发到用户终端;若用户终端发送数据包,则需要对该数据包进行源IP地址转换、源IP地址的端口转换,以及SMAC地址的转换,转换完成后,将该数据包转发到网络另外一侧。判断出接入网设备的输入端和输出端处于同一网段,如输入端地址为200.176.23.4,输出端地址为200.176.23.10时,说明用户终端为公网用户端,此时接入网设备不需要对SMAC、DMAC、 SIP、DIP、SPORT和DPORT做修改。For example, if a private network user wants to go to the public network, the access network device needs to translate the IP address and MAC address and port number in the data packet sent or received by the private network user terminal. For example, if the private network user receives the data packet sent by the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the private network user terminal; If the user sends a data packet to the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the access network device, so that the private network user can normally access the public network. . Specifically, first, the type information of the network connected to the access network device is obtained, and it is determined that the input end and the output end of the access network device are in different network segments, for example, the input end address is 200.176.23.4, and the output end address is 192.168.1.1. The user terminal is a private network client. In this case, if the user terminal receives the data packet, the destination IP address translation, the port translation of the destination IP address, and the DMAC address conversion are performed on the data packet. After the conversion is completed, Forwarding the data packet to the user terminal; if the user terminal sends the data packet, the source IP address translation, the port translation of the source IP address, and the SMAC address conversion are performed on the data packet, and after the conversion is completed, the data packet is forwarded. Go to the other side of the network. It is determined that the input end and the output end of the access network device are in the same network segment. For example, if the input end address is 200.176.23.4 and the output end address is 200.176.23.10, the user terminal is a public network user end, and the access network device is at this time. No need for SMAC, DMAC, SIP, DIP, SPORT and DPORT are modified.
步骤103:获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。Step 103: Acquire a preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction.
这里,步骤(3)完成的是指令修改过程。所述预设修改指令的指令结构如表2所示。Here, step (3) completes the instruction modification process. The instruction structure of the preset modification instruction is as shown in Table 2.
表2Table 2
Figure PCTCN2017103768-appb-000003
Figure PCTCN2017103768-appb-000003
本发明实施例中,所述根据所述预设修改指令对所述使能数据包进行修改,包括:当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。In the embodiment of the present invention, the modifying the data packet according to the preset modification instruction includes: when the type information meets a second preset rule, according to the preset modification instruction, Enable the packet to be modified.
这里,所述第二预设规则为:接入网设备所连接的网络类型与所述数据包的数据类型不一致,即接入网设备所连接的网络为IPv4,所述数据包为IPv6类型数据包;或者接入网设备所连接的网络为IPv6,所述数据包为IPv4类型数据包。Here, the second preset rule is that the network type connected to the access network device is inconsistent with the data type of the data packet, that is, the network connected to the access network device is IPv4, and the data packet is IPv6 type data. The packet or the network to which the access network device is connected is IPv6, and the data packet is an IPv4 type data packet.
例如,由于目前网络有IPv4的网络,也有IPv6的网络,数据包的类型有IPv4类型和IPv6类型。若所述接入网设备处于IPv4的网络中,接收到的数据包为IPv6的以太网数据包时,则需要根据预设修改指令,将所述数据包添加一个IPv4的包头信息,从而保证IPv6类型的数据包能够在IPv4 的网络中进行传输;或者,若所述接入网设备处于IPv6的网络中,接收到的数据包为IPv4的以太网数据包时,则需要根据预设修改指令,将所述数据包添加一个IPv6的包头信息,从而保证IPv4类型的数据包能够在IPv6的网络中进行传输。For example, since the current network has an IPv4 network and an IPv6 network, the types of data packets are IPv4 type and IPv6 type. If the access network device is in the IPv4 network, and the received data packet is an IPv6 Ethernet data packet, the IPv4 header information needs to be added to the data packet according to a preset modification command, thereby ensuring IPv6. Type of packet can be in IPv4 If the access network device is in the IPv6 network and the received data packet is an IPv4 Ethernet data packet, the data packet needs to be added according to a preset modification command. The IPv6 header information ensures that IPv4 type packets can be transmitted over the IPv6 network.
或者,所述数据包中的相应特征参数满足预设规则时,根据所述预设修改指令对所述使能数据包进行修改。例如,本发明实施例中的接入网设备为家庭、或学校、或企事业单位中用来连接私网和公网的设备,用户发送或接收的数据均通过该接入网设备进行处理转发。那么,假设用户A需要接收一个以太网数据包a,首先,接入网设备接收到以太网数据包a时,检查该包中的相应特征参数之后,获知该包为用户A的以太网数据包,那么,将该包中的目的MAC、目的IP和NAPT等参数进行修改。Or, when the corresponding feature parameter in the data packet satisfies the preset rule, the enabled data packet is modified according to the preset modification instruction. For example, the access network device in the embodiment of the present invention is a device for connecting a private network and a public network in a home, or a school, or an enterprise. The data sent or received by the user is processed and forwarded by the access network device. . Then, suppose that user A needs to receive an Ethernet data packet a. First, when the access network device receives the Ethernet data packet a, it checks the corresponding feature parameter in the packet, and then learns that the packet is the Ethernet data packet of user A. Then, the parameters such as the destination MAC, the destination IP, and the NAPT in the packet are modified.
本发明实施例中,所述获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改,包括:根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。这里,所述修改指示符包括以下至少之一:替换指示符、添加指示符和删除指示符。In the embodiment of the present invention, the acquiring a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction, includes: presetting according to a preset priority Acquiring a preset modification instruction corresponding to the descriptor information in the instruction set; parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction, and the modification indicator corresponding to the modification information; The modification manner corresponding to the modification indicator and the modification information modify the enable data packet. Here, the modification indicator includes at least one of a replacement indicator, an addition indicator, and a deletion indicator.
本发明实施例中,所述根据所述预设修改指令对所述使能数据包进行修改之前,所述方法还包括:根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。In the embodiment of the present invention, before the modifying the data packet according to the preset modification instruction, the method further includes: acquiring, according to the descriptor information, the to-be-replaced or waiting for the enabled data packet. Deleted second data information.
所述根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包,包括:Modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information, including:
当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息删除所述使能数据包中的第三数据信息对应的信息。 When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
下面列举几个典型指令的数据处理过程:The following is a list of data processing procedures for several typical instructions:
替换(Replace):用命令里的两字节数据替换原始的两字节数据;Replace: replace the original two-byte data with two bytes of data in the command;
添加(Add):直接将命令里的两字节数据以包头的形式添加至数据包;Add: directly add the two bytes of data in the command to the data packet in the form of a header;
跳过(Skip):根据命令里的数据来决定跳过的字节数,如Skip 3就是跳过6个字节不做任何修改;Skip: Determine the number of bytes to skip based on the data in the command. For example, Skip 3 skips 6 bytes without any modification.
删除(Delete):根据命令里的数据决定删除的字节数,将这些数据丢弃。Delete: Decrease the number of bytes to be deleted based on the data in the command and discard the data.
另外还有一些复合指令:如PPPoE、Ds-lite等,这样指令是按顺序完成一系列的添加操作,直接按顺序连续读取修改数据。There are also some compound instructions: such as PPPoE, Ds-lite, etc., so that the instruction completes a series of adding operations in sequence, and directly reads the modified data in order.
例如,如图4所示,指令修改的方法步骤如下所述:For example, as shown in FIG. 4, the method steps of the instruction modification are as follows:
步骤401:读取一条指令。Step 401: Read an instruction.
在读取指令之前,获取到使能修改后的以太网包,提取该以太网包的包头,并存入到8个258bit寄存器中,然后根据指令地址读取一条指令。Before the instruction is read, the modified Ethernet packet is obtained, the header of the Ethernet packet is extracted, and stored in eight 258-bit registers, and then an instruction is read according to the instruction address.
步骤402:解析指令,读取指令修改所需要的数据。Step 402: Parsing the instruction and reading the data required for the instruction modification.
解析指令,读取指令修改所需要的针对以太网数据包包头的待修改数据。The instruction is parsed, and the data to be modified for the Ethernet packet header required for the instruction modification is read.
步骤403:根据指令对以太网包头进行修改。Step 403: Modify the Ethernet header according to the instruction.
例如,删除包头,增加/删除/替换VLAN号,增加或删除PPPoE的包头,增加或删除Ds-lite配置信息(如:添加或删除IPv6报头的修改信息)、增加或删除等修改用于IPv4基础设施的IPv6快速部署6rd的修改信息(如:添加或删除IPv4报头的修改信息)。For example, delete the packet header, add/delete/replace the VLAN number, add or delete the PPPoE header, add or delete Ds-lite configuration information (such as: add or delete IPv6 header modification information), add or delete, etc. Modify for IPv4 basics. The IPv6 of the facility quickly deploys 6rd modification information (such as adding or deleting modification information of the IPv4 header).
步骤404:判断指令结束标记,如果是最后一条指令,结束修改;否则继续步骤401的操作。Step 404: Determine the instruction end mark, if it is the last instruction, end the modification; otherwise, continue the operation of step 401.
这里,所述修改信息包括以下至少之一:VLAN的修改信息、PPPoE报头的修改信息、IPv6报头的修改信息、IPv4报头的修改信息。Here, the modification information includes at least one of the following: modification information of a VLAN, modification information of a PPPoE header, modification information of an IPv6 header, and modification information of an IPv4 header.
为实现上述方法,本发明实施例一还提供了一种接入网设备,如图2所示,所述设备包括:数据包描述符模块201、使能修改模块202、指令修 改模块203、数据包存储模块204和预设信息存储模块205;其中,To implement the foregoing method, the first embodiment of the present invention further provides an access network device. As shown in FIG. 2, the device includes: a data packet descriptor module 201, an enable modification module 202, and an instruction repair. The module 203, the data packet storage module 204, and the preset information storage module 205; wherein
数据包描述符模块201,配置为获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;The packet descriptor module 201 is configured to acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
使能修改模块202,配置为根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;The modification module 202 is configured to search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information, so as to obtain Data packet
指令修改模块203,配置为获取与所述描述符信息对应的所述预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改;The instruction modification module 203 is configured to acquire the preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction;
数据包存储模块204,配置为存储网络侧发送的数据包;The data packet storage module 204 is configured to store a data packet sent by the network side;
预设信息存储模块205,配置为存储所述预设使能修改信息和预设修改指令。The preset information storage module 205 is configured to store the preset enable modification information and the preset modification instruction.
可选的,所述指令修改模块203,具体配置为:Optionally, the instruction modification module 203 is specifically configured to:
根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;Acquiring a preset modification instruction corresponding to the descriptor information from a preset instruction set according to a preset priority;
解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
可选的,所述指令修改模块203,还配置为在根据所述预设修改指令对所述使能数据包进行修改之前,根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。Optionally, the instruction modification module 203 is further configured to: after the modification of the enabled data packet according to the preset modification instruction, acquire, in the enable data packet, a to-be-replaced or The second data information to be deleted.
所述指令修改模块203,具体配置为:The instruction modification module 203 is specifically configured as:
当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修 改信息删除使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, according to the repair corresponding to the deletion indicator The information deletion enable information corresponding to the third data information in the enabled data packet.
所述数据包描述符模块201,还配置为在获取数据包的描述符信息之后,获取所述接入网设备所连接的网络的类型信息;The data packet descriptor module 201 is further configured to: after acquiring descriptor information of the data packet, acquire type information of a network to which the access network device is connected;
所述使能修改模块202,具体配置为:The enabling modification module 202 is specifically configured as follows:
当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet.
所述指令修改模块203,具体配置为:The instruction modification module 203 is specifically configured as:
当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
所述数据包描述符模块201,根据所述数据包的结构获取对应的预设使能修改信息。The data packet descriptor module 201 acquires corresponding preset enable modification information according to the structure of the data packet.
由上述结构组成的接入网设备,可以执行以下方法和步骤:The access network device consisting of the above structure can perform the following methods and steps:
(1)数据包描述符模块201获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息。(1) The packet descriptor module 201 acquires descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information.
本发明实施例中,数据包的处理方法应用于接入网设备,所述接入网设备可以是路由器或三层交换机,或其它具有路由功能的设备。这里,所述数据包可以是以太网数据包。值得注意的是,该数据包可以是IPv4类型或IPv6类型的以太网数据包;也可以是IPv4类型数据包在IPv6网络中传输的以太网数据包,或者也可以是IPv6类型数据包在IPv4网络中传输的以太网数据包。这里解释一下,IPv4类型数据包在IPv6网络中传输的以太网数据包指的是:在IPv4类型数据包的基础上添加一个IPv6的报头,以便于IPv4类型数据在IPv6网络中传输;同理,IPv6类型数据包在IPv4网络中传输的以太网数据包指的是:在IPv6类型数据包的基础上添加一个IPv4的报头,以便于IPv6类型数据在IPv4网络中传输。In the embodiment of the present invention, a method for processing a data packet is applied to an access network device, where the access network device may be a router or a Layer 3 switch, or other device having a routing function. Here, the data packet may be an Ethernet data packet. It is worth noting that the data packet may be an IPv4 type or IPv6 type Ethernet data packet; it may also be an Ethernet data packet transmitted by an IPv4 type data packet in an IPv6 network, or may also be an IPv6 type data packet in an IPv4 network. Ethernet packets transmitted in. Here, the Ethernet packet transmitted by the IPv4 type packet in the IPv6 network refers to: adding an IPv6 header based on the IPv4 type packet, so that the IPv4 type data is transmitted in the IPv6 network; similarly, The IPv6 type data packet transports the Ethernet data packet in the IPv4 network by adding an IPv4 header to the IPv6 type data packet, so that the IPv6 type data is transmitted in the IPv4 network.
具体地,数据包描述符模块201获取存储于数据包存储模块204数据包的描述符信息,以及所述描述符信息对应的且存储于使能寄存器的预设使能标志位和存储于预设信息存储模块205的预设使能修改信息。Specifically, the packet descriptor module 201 acquires descriptor information stored in the data packet storage module 204, and a preset enable flag corresponding to the descriptor information and stored in the enable register, and stored in the preset. The preset of the information storage module 205 enables the modification information.
这里,所述预设使能标志位用于查找所述数据包中待修改的数据信息, 如表1所示。所述预设使能修改信息用于替换数据包中待修改的数据参数。所述描述符信息用于描述所述数据包的结构和类型,包括但不限于:1)用于指明同步的前导码、标明下一个字节为目的MAC字段的帧开始符、指明帧的接受者的DMAC地址、指明帧的发送者的SMAC地址、标识帧的数据字段长度和指明帧中数据的协议类型的信息;2)用于指明IP协议的版本的数据类型(如IPv4或IPv6)、指明IP数据报首部长度、指明IP数据报总长度、标识IP数据报是否还有分片的标识(flag)、标识标识分组在分片后在原分组中的相对位置的片偏移、指明数据包生成时间、指明该数据报携带的数据为何种协议、计算该数据报的首部CHECKSUM、指明发送方的源IP地址、指明接收方的目的IP地址和区分服务的优先级的DSCP的信息;3)用于标识和区分源端设备的应用进程的SPORT、标识目的端设备的应用进程的DPORT和校验TCP报头部分和数据部分的正确性的信息等。Here, the preset enable flag is used to search for data information to be modified in the data packet, As shown in Table 1. The preset enable modification information is used to replace data parameters to be modified in the data packet. The descriptor information is used to describe the structure and type of the data packet, including but not limited to: 1) a preamble for indicating synchronization, a frame start character indicating that the next byte is a destination MAC field, and an acceptance of the specified frame. The DMAC address, the SMAC address of the sender indicating the frame, the data field length of the identification frame, and the protocol type indicating the data in the frame; 2) the data type (such as IPv4 or IPv6) used to indicate the version of the IP protocol, Indicates the length of the IP datagram header, indicates the total length of the IP datagram, identifies the IP datagram whether there is a fragmentation flag, and identifies the slice offset of the relative position of the packet in the original packet after fragmentation, indicating the packet The generation time, the protocol indicating the data carried by the datagram, the first CHECKSUM for calculating the datagram, the source IP address indicating the sender, the destination IP address indicating the recipient, and the DSCP information of the priority of the service; 3) A SPORT for identifying and distinguishing an application process of the source device, a DPORT for identifying an application process of the destination device, and information for verifying the correctness of the TCP header portion and the data portion.
本发明实施例中,在获得所示描述符信息后,数据包描述符模块201根据所述描述符信息获取相应的预设使能修改信息;所述使能修改信息包括但不限于:预先设定的SMAC、DMAC、DSCP、SIP、DIP、SPORT、DPORT,以及所述数据包的TTL。In the embodiment of the present invention, after obtaining the descriptor information, the data packet descriptor module 201 acquires corresponding preset enable modification information according to the descriptor information; the enable modification information includes but is not limited to: preset The SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, and the TTL of the packet.
例如,数据包描述符模块201根据用于指明帧的接受者的DMAC地址的信息获取对应的预先设定的DMAC;数据包描述符模块201根据用于指明帧的接受者的DMAC地址的信息获取对应的预先设定的SMAC等等。For example, the packet descriptor module 201 acquires a corresponding pre-set DMAC based on information indicating the DMAC address of the recipient of the frame; the packet descriptor module 201 acquires information based on the DMAC address of the recipient indicating the frame Corresponding pre-set SMAC and so on.
(2)使能修改模块202根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。(2) The enable modification module 202 searches for the first data information to be modified in the data packet according to the preset enable flag, and replaces the first data information with the preset enable information to obtain Can data packets.
这里,步骤(2)完成的是使能修改过程。所述第一数据信息包括:数据包中待修改的SMAC、DMAC、DSCP、SIP、DIP、SPORT、DPORT、TTL和CHECKSUM等。上述数据信息仅仅是举例,并非穷举,包括但不仅限于上述数据信息。Here, step (2) is done to enable the modification process. The first data information includes: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL, and CHECKSUM to be modified in the data packet. The above data information is merely an example and is not exhaustive, including but not limited to the above data information.
本发明实施例中,获取到所述描述符信息和所述预设使能信息后,使能修改模块202根据预设使能标识位查找数据包中需要修改的数据信息,然后将查找到的所需修改的数据信息后,将其替换为预设使能信息,从而 得到修改后的数据包,即使能数据包。指的注意的是,使能修改所述数据包前,需计算CHECKSUM的信息,使用计算出来的CHECKSUM替换原有CHECKSUM,得到所述使能数据包。在后续的指令修改过程中,也可能涉及CHECKSUM的重新计算。In the embodiment of the present invention, after the descriptor information and the preset enable information are obtained, the enable modification module 202 searches for the data information that needs to be modified in the data packet according to the preset enable identifier bit, and then finds the found data. After the data information to be modified is replaced with the preset enable information, thereby Get the modified packet, even if it can. It is noted that before enabling the modification of the data packet, the information of CHECKSUM needs to be calculated, and the original CHECKSUM is replaced with the calculated CHECKSUM to obtain the enabled data packet. The recalculation of CHECKSUM may also be involved in subsequent instruction modification.
例如,根据用于指明帧的接受者的DMAC地址的信息查找所述数据包中待修改的DMAC地址,并将所述待修改的MAC地址替换为预先设定的DMAC;根据用于指明帧的发送者的SMAC地址的信息查找所述数据包中待修改的SMAC地址,并根据所述待修改的MAC地址替换为预先设定的SMAC等等。此外,当对需要修改的数据进行修改后,对数据包进行CHECKSUM计算,所示CHECKSUM计算包括:IP_CHECKSUM、TCP_CHECKSUM、UDP_CHECKSUM。For example, searching for a DMAC address to be modified in the data packet according to information indicating a DMAC address of a recipient of the frame, and replacing the MAC address to be modified with a preset DMAC; according to the frame for specifying The information of the SMAC address of the sender looks up the SMAC address to be modified in the data packet, and replaces it with a preset SMAC according to the MAC address to be modified. In addition, when the data to be modified is modified, the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
或者,获取到所述描述符信息和所述预设使能信息后,根据描述符信息获取针对所述数据包中待修改的使能位名称、和/或所述数据包中待修改数据的指针,通过该使能位和/或指针查找数据包中需要修改的数据信息,然后将查找到的所需修改的数据信息后,将其替换为预设使能信息,从而得到修改后的数据包,即使能数据包。Or, after obtaining the descriptor information and the preset enable information, acquiring, according to the descriptor information, an enable bit name to be modified in the data packet, and/or a data to be modified in the data packet. Pointer, through the enable bit and / or pointer to find the data information in the data packet that needs to be modified, and then the found modified data information is replaced with the preset enable information, thereby obtaining the modified data Package, even if it can be a packet.
例如,如表1所示,根据DMAC地址的使能位查找所述数据包中待修改的DMAC地址,并将所述待修改的MAC地址替换为预先设定的DMAC;根据SMAC地址的使能位查找所述数据包中待修改的SMAC地址,并根据所述待修改的MAC地址替换为预先设定的SMAC等等。此外,当对需要修改的数据进行修改后,对数据包进行CHECKSUM计算,所示CHECKSUM计算包括:IP_CHECKSUM、TCP_CHECKSUM、UDP_CHECKSUM。For example, as shown in Table 1, the DMAC address to be modified in the data packet is searched according to the enable bit of the DMAC address, and the MAC address to be modified is replaced with a preset DMAC; enabled according to the SMAC address. The bit searches for the SMAC address to be modified in the data packet, and replaces it with a preset SMAC or the like according to the MAC address to be modified. In addition, when the data to be modified is modified, the CHECKSUM calculation is performed on the data packet, and the CHECKSUM calculation shown includes: IP_CHECKSUM, TCP_CHECKSUM, UDP_CHECKSUM.
本发明实施例中,所述获取所述数据包的描述符信息之后,所述方法还包括:获取接入网设备所连接的网络的类型信息;所述将所述第一数据信息替换为所述预设使能信息,获得使能数据包,包括:当所述类型信息满足第一预设规则时,使能修改模块202将所述第一数据信息替换为所述预设使能信息,获得使能数据包,如图3所示。In the embodiment of the present invention, after the acquiring the descriptor information of the data packet, the method further includes: acquiring type information of a network to which the access network device is connected; and replacing the first data information with the The preset enable information is obtained, and the enable data packet is obtained, including: when the type information meets the first preset rule, the enable modification module 202 replaces the first data information with the preset enable information, Obtain the enable packet, as shown in Figure 3.
这里,所述当前网络的类型信息包括:接入网设备的输入端和输出端的网络类型。所述网络类型包括:公网和私网,或者IPv4网络和IPv6网络。 所述第一预设规则为:接入网设备的输入端和输出端的分别连接的网络为相同类型网络,如输入端为私网IP地址、输出端为公网IP地址时,则输入端和输出端不是同一种类型网络;若输入端和输出端同为公网IP地址时,则输入端和输出端为同一种类型网络。其中,私网IP地址包括以下三种:10.0.0.0至10.255.255.255,或172.16.0.0至172.31.255.255,或192.168.0.0至192.168.255.255。判断输入端和输出端的网络地址,可以为是否修改数据包中的信息做铺垫。值得注意的是,所述输入端和输出端是相对于用户终端而言的,连接用户终端的端口为输入端,连接互联网侧的端口为输出端。上述修改的内容仅仅是举例,并非穷举,包括但不仅限于与上述修改的内容。Here, the type information of the current network includes: an input type of the access network device and a network type of the output end. The network types include: public network and private network, or IPv4 network and IPv6 network. The first preset rule is: the network connected to the input end and the output end of the access network device is the same type of network. If the input end is a private network IP address, and the output end is a public network IP address, the input end is The output is not the same type of network; if the input and output are both public IP addresses, the input and output are the same type of network. The private network IP address includes the following three types: 10.0.0.0 to 10.255.255.255, or 172.16.0.0 to 172.31.255.255, or 192.168.0.0 to 192.168.255.255. Judging the network address of the input and output can be used to pave the way for modifying the information in the data packet. It should be noted that the input end and the output end are relative to the user terminal, the port connecting the user terminal is an input end, and the port connected to the Internet side is an output end. The above modifications are merely examples and are not exhaustive, including but not limited to the above modifications.
例如,私网用户若要上公网,需要接入网设备将私网用户终端发送或接收的数据包中的IP地址和MAC地址和端口号进行相应转换。举例来说,若私网用户接收公网侧发送的数据包,则需要接入网设备将该数据包中的IP地址和MAC地址和端口号替换为私网用户终端的相应信息;若私网用户向公网侧发送数据包,则需要接入网设备将该数据包中的IP地址和MAC地址和端口号替换为接入网设备的相应信息,以实现私网用户能正常的上公共网络。具体地,首先获取接入网设备所连接的网络的类型信息,判断出接入网设备的输入端和输出端处于不同网段,如输入端地址为200.176.23.4,输出端地址为192.168.1.1时,说明用户终端为私网用户端,此时,若用户终端接收数据包,则需要对该数据包进行目的IP地址转换、目的IP地址的端口转换,以及DMAC地址的转换,转换完成后,将该数据包转发到用户终端;若用户终端发送数据包,则需要对该数据包进行源IP地址转换、源IP地址的端口转换,以及SMAC地址的转换,转换完成后,将该数据包转发到网络另外一侧。判断出接入网设备的输入端和输出端处于同一网段,如输入端地址为200.176.23.4,输出端地址为200.176.23.10时,说明用户终端为公网用户端,此时接入网设备不需要对SMAC、DMAC、SIP、DIP、SPORT和DPORT做修改。For example, if a private network user wants to go to the public network, the access network device needs to translate the IP address and MAC address and port number in the data packet sent or received by the private network user terminal. For example, if the private network user receives the data packet sent by the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the private network user terminal; If the user sends a data packet to the public network side, the access network device needs to replace the IP address and the MAC address and the port number in the data packet with the corresponding information of the access network device, so that the private network user can normally access the public network. . Specifically, first, the type information of the network connected to the access network device is obtained, and it is determined that the input end and the output end of the access network device are in different network segments, for example, the input end address is 200.176.23.4, and the output end address is 192.168.1.1. The user terminal is a private network client. In this case, if the user terminal receives the data packet, the destination IP address translation, the port translation of the destination IP address, and the DMAC address conversion are performed on the data packet. After the conversion is completed, Forwarding the data packet to the user terminal; if the user terminal sends the data packet, the source IP address translation, the port translation of the source IP address, and the SMAC address conversion are performed on the data packet, and after the conversion is completed, the data packet is forwarded. Go to the other side of the network. It is determined that the input end and the output end of the access network device are in the same network segment. For example, if the input end address is 200.176.23.4 and the output end address is 200.176.23.10, the user terminal is a public network user end, and the access network device is at this time. There is no need to modify SMAC, DMAC, SIP, DIP, SPORT and DPORT.
(3)指令修改模块203获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。 (3) The instruction modification module 203 acquires a preset modification instruction corresponding to the descriptor information, and modifies the enabled data packet according to the preset modification instruction.
这里,步骤(3)完成的是指令修改过程。所述预设修改指令的指令结构如表2所示。Here, step (3) completes the instruction modification process. The instruction structure of the preset modification instruction is as shown in Table 2.
本发明实施例中,所述根据所述预设修改指令对所述使能数据包进行修改,包括:当所述类型信息满足第二预设规则时,指令修改模块203根据所述预设修改指令对所述使能数据包进行修改。In the embodiment of the present invention, the modifying the data packet according to the preset modification instruction includes: when the type information meets the second preset rule, the command modification module 203 is modified according to the preset The instruction modifies the enabled data packet.
这里,所述第二预设规则为:接入网设备所连接的网络类型与所述数据包的数据类型不一致,即接入网设备所连接的网络为IPv4,所述数据包为IPv6类型数据包;或者接入网设备所连接的网络为IPv6,所述数据包为IPv4类型数据包。Here, the second preset rule is that the network type connected to the access network device is inconsistent with the data type of the data packet, that is, the network connected to the access network device is IPv4, and the data packet is IPv6 type data. The packet or the network to which the access network device is connected is IPv6, and the data packet is an IPv4 type data packet.
例如,由于目前网络有IPv4的网络,也有IPv6的网络,数据包的类型有IPv4类型和IPv6类型。若所述接入网设备处于IPv4的网络中,接收到的数据包为IPv6的以太网数据包时,指令修改模块203则需要根据预设修改指令,将所述数据包添加一个IPv4的包头信息,从而保证IPv6类型的数据包能够在IPv4的网络中进行传输;或者,若所述接入网设备处于IPv6的网络中,接收到的数据包为IPv4的以太网数据包时,则需要根据预设修改指令,将所述数据包添加一个IPv6的包头信息,从而保证IPv4类型的数据包能够在IPv6的网络中进行传输。For example, since the current network has an IPv4 network and an IPv6 network, the types of data packets are IPv4 type and IPv6 type. If the access network device is in the IPv4 network, and the received data packet is an IPv6 Ethernet data packet, the command modification module 203 needs to add an IPv4 header information to the data packet according to the preset modification command. Therefore, it is ensured that the IPv6 type data packet can be transmitted in the IPv4 network; or, if the access network device is in the IPv6 network and the received data packet is an IPv4 Ethernet data packet, A modification instruction is set to add an IPv6 header information to the data packet, thereby ensuring that the IPv4 type data packet can be transmitted in the IPv6 network.
或者,所述数据包中的相应特征参数满足预设规则时,指令修改模块203根据所述预设修改指令对所述使能数据包进行修改。例如,本发明实施例中的接入网设备为家庭、或学校、或企事业单位中用来连接私网和公网的设备,用户发送或接收的数据均通过该接入网设备进行处理转发。那么,假设用户A需要接收一个以太网数据包a,首先,接入网设备接收到以太网数据包a时,检查该包中的相应特征参数之后,获知该包为用户A的以太网数据包,那么,将该包中的目的MAC、目的IP和NAPT等参数进行修改。Alternatively, when the corresponding feature parameter in the data packet satisfies the preset rule, the command modification module 203 modifies the enabled data packet according to the preset modification instruction. For example, the access network device in the embodiment of the present invention is a device for connecting a private network and a public network in a home, or a school, or an enterprise. The data sent or received by the user is processed and forwarded by the access network device. . Then, suppose that user A needs to receive an Ethernet data packet a. First, when the access network device receives the Ethernet data packet a, it checks the corresponding feature parameter in the packet, and then learns that the packet is the Ethernet data packet of user A. Then, the parameters such as the destination MAC, the destination IP, and the NAPT in the packet are modified.
本发明实施例中,所述获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改,包括:指令修改模块203根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;指令修改模块203解析获取到的预设修改指令,获得所述预 设修改指令携带的修改信息和所述修改信息对应的修改指示符;指令修改模块203根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。这里,所述修改指示符包括以下至少之一:替换指示符、添加指示符和删除指示符。In the embodiment of the present invention, the acquiring a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction, includes: the instruction modification module 203 is configured according to a preset priority. The level obtains a preset modification instruction corresponding to the descriptor information from the preset instruction set; the instruction modification module 203 parses the obtained preset modification instruction to obtain the preset The modification information carried by the modification instruction and the modification indicator corresponding to the modification information are set; the instruction modification module 203 modifies the enable data packet according to the modification manner corresponding to the modification indicator and the modification information. Here, the modification indicator includes at least one of a replacement indicator, an addition indicator, and a deletion indicator.
本发明实施例中,所述根据所述预设修改指令对所述使能数据包进行修改之前,所述方法还包括:指令修改模块203根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。In the embodiment of the present invention, before the modifying the data packet according to the preset modification instruction, the method further includes: the instruction modification module 203 acquiring the enabled data packet according to the descriptor information. The second data information to be replaced or to be deleted.
所述根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包,包括:Modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information, including:
当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息删除所述使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
下面列举几个典型指令的数据处理过程:The following is a list of data processing procedures for several typical instructions:
Replace:用命令里的两字节数据替换原始的两字节数据;Replace: replace the original two-byte data with two bytes of data in the command;
Add:直接将命令里的两字节数据以包头的形式添加至数据包;Add: directly add the two bytes of data in the command to the data packet in the form of a header;
Skip:根据命令里的数据来决定跳过的字节数,如Skip 3就是跳过6个字节不做任何修改;Skip: Determine the number of bytes to skip based on the data in the command. For example, Skip 3 skips 6 bytes without any modification.
Delete:根据命令里的数据决定删除的字节数,将这些数据丢弃。Delete: Determines the number of bytes to be deleted based on the data in the command and discards the data.
另外还有一些复合指令:如PPPoE、Ds-lite等,这样指令是按顺序完成一系列的添加操作,直接按顺序连续读取修改数据。There are also some compound instructions: such as PPPoE, Ds-lite, etc., so that the instruction completes a series of adding operations in sequence, and directly reads the modified data in order.
例如,如图4所示,指令修改的方法步骤如下所述:For example, as shown in FIG. 4, the method steps of the instruction modification are as follows:
步骤401:读取指令。Step 401: Read the instruction.
在读取指令之前,获取到使能修改后的以太网包,提取该以太网包的包头,并存入到8个258bit寄存器中,然后根据指令地址读取一条指令。 Before the instruction is read, the modified Ethernet packet is obtained, the header of the Ethernet packet is extracted, and stored in eight 258-bit registers, and then an instruction is read according to the instruction address.
步骤402:解析指令,读取指令修改所需要的数据。Step 402: Parsing the instruction and reading the data required for the instruction modification.
解析指令,读取指令修改所需要的针对以太网数据包包头的待修改数据。The instruction is parsed, and the data to be modified for the Ethernet packet header required for the instruction modification is read.
步骤403:根据指令对以太网包头进行修改。Step 403: Modify the Ethernet header according to the instruction.
例如,删除包头,增加/删除/替换VLAN号,增加或删除PPPoE的包头,增加或删除Ds-lite配置信息(如:添加或删除IPv6报头的修改信息)、增加或删除等修改用于IPv4基础设施的IPv6快速部署6rd的修改信息(如:添加或删除IPv4报头的修改信息)。For example, delete the packet header, add/delete/replace the VLAN number, add or delete the PPPoE header, add or delete Ds-lite configuration information (such as: add or delete IPv6 header modification information), add or delete, etc. Modify for IPv4 basics. The IPv6 of the facility quickly deploys 6rd modification information (such as adding or deleting modification information of the IPv4 header).
步骤404:判断指令结束标记,如果是最后一条指令,结束修改;否则继续步骤401的操作。Step 404: Determine the instruction end mark, if it is the last instruction, end the modification; otherwise, continue the operation of step 401.
这里,所述修改信息包括以下至少之一:VLAN的修改信息、PPPoE报头的修改信息、IPv6报头的修改信息、IPv4报头的修改信息。Here, the modification information includes at least one of the following: modification information of a VLAN, modification information of a PPPoE header, modification information of an IPv6 header, and modification information of an IPv4 header.
本发明实施例中,所述获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改,包括:指令修改模块203根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。这里,所述修改指示符包括以下至少之一:替换指示符、添加指示符和删除指示符。In the embodiment of the present invention, the acquiring a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction, includes: the instruction modification module 203 is configured according to a preset priority. And obtaining a preset modification instruction corresponding to the descriptor information from the preset instruction set; parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction, and the modification instruction corresponding to the modification information And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information. Here, the modification indicator includes at least one of a replacement indicator, an addition indicator, and a deletion indicator.
例如,如图4所示,指令修改的方法步骤如下所述:For example, as shown in FIG. 4, the method steps of the instruction modification are as follows:
步骤401:获取完成使能修改后的以太网包头,并存入到8个258bit寄存器中,根据指令地址读取一条指令。Step 401: Acquire and complete the modified Ethernet packet header, and store it in eight 258-bit registers, and read an instruction according to the instruction address.
步骤402:解析指令,读取指令修改需要的数据。Step 402: Parsing the instruction, and reading the data required for the instruction modification.
步骤403:根据指令对以太网包头进行修改。Step 403: Modify the Ethernet header according to the instruction.
例如,删除包头,增加/删除/替换VLAN号,增加或删除PPPoE的包头,增加或删除Ds-lite配置信息(如:添加或删除IPv6报头的修改信息)、增加或删除等修改用于IPv4基础设施的IPv6快速部署6rd的修改信息(如:添加或删除IPv4报头的修改信息)。 For example, delete the packet header, add/delete/replace the VLAN number, add or delete the PPPoE header, add or delete Ds-lite configuration information (such as: add or delete IPv6 header modification information), add or delete, etc. Modify for IPv4 basics. The IPv6 of the facility quickly deploys 6rd modification information (such as adding or deleting modification information of the IPv4 header).
步骤404:判断指令结束标记,如果是最后一条指令,结束修改;否则继续步骤401的操作。Step 404: Determine the instruction end mark, if it is the last instruction, end the modification; otherwise, continue the operation of step 401.
本发明实施例中,所述根据所述预设修改指令对所述使能数据包进行修改之前,所述方法还包括:根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息;In the embodiment of the present invention, before the modifying the data packet according to the preset modification instruction, the method further includes: acquiring, according to the descriptor information, the to-be-replaced or waiting for the enabled data packet. Deleted second data information;
所述根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包,包括:Modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information, including:
当所述修改指示符为替换指示符时,指令修改模块203将所述第二数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, the instruction modification module 203 replaces the second data information with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,指令修改模块203在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, the instruction modification module 203 adds a header composed of the modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,指令修改模块203根据与所述删除指示符对应的修改信息删除所述第二数据信息中的数据。When the modification indicator is a deletion indicator, the instruction modification module 203 deletes data in the second data information according to the modification information corresponding to the deletion indicator.
这里,所述修改信息包括以下至少之一:用于修改VLAN的修改信息、用于添加PPPoE报头的修改信息、用于添加或删除IPv6报头的修改信息、用于添加或删除IPv4报头的修改信息。Here, the modification information includes at least one of: modification information for modifying a VLAN, modification information for adding a PPPoE header, modification information for adding or deleting an IPv6 header, and modification information for adding or deleting an IPv4 header. .
需要说明的是:上述实施例提供的接入网设备在进行数据包的修改时,仅以上述各程序模块的划分进行举例说明,实际应用中,可以根据需要而将上述处理分配由不同的程序模块完成,即将装置的内部结构划分成不同的程序模块,以完成以上描述的全部或者部分处理。另外,上述实施例提供的接入网设备与数据包的处理方法实施例属于同一构思,其具体实现过程详见方法实施例,这里不再赘述。It should be noted that, when the access network device provided by the foregoing embodiment performs the modification of the data packet, only the division of each of the foregoing program modules is used as an example. In an actual application, the foregoing processing may be allocated to different programs according to requirements. The module is completed, dividing the internal structure of the device into different program modules to complete all or part of the processing described above. In addition, the access network device and the data packet processing method embodiment provided by the foregoing embodiments are in the same concept, and the specific implementation process is described in the method embodiment, and details are not described herein again.
本发明实施例方案结合了使能修改方法和使能修改方法,通过该方案,可以读取以太网数据包中的描述符信息,并基于读取的描述符信息分别获取预设的使能修改信息和修改指令,然后,根据获取到的使能修改信息对该以太网数据包进行使能修改;此外,还根据获取到的修改指令对使能修改后的以太网数据包进行指令修改。本发明实施例方案结合了使能修改方法和使能修改方法,与只用指令修改的方法相比,具有修改速度快、控制 简单等优点,避免了单纯指令修改带来的指令过多、修改复杂等缺点,提高了网络输出性能等;与只用使能修改的方法相比,具有更加灵活的特点,可以满足兼容未来新的修改需求。The solution of the embodiment of the present invention combines the enabling modification method and the enabling modification method, by which the descriptor information in the Ethernet data packet can be read, and the preset enabling modification is respectively obtained based on the read descriptor information. And modifying the instruction, and then modifying the Ethernet packet according to the obtained enable modification information; in addition, modifying the modified Ethernet data packet according to the obtained modification instruction. The solution of the embodiment of the present invention combines the enabling modification method and the enabling modification method, and has the modification speed and control compared with the method of only modifying the instruction. Simple and other advantages, avoiding the shortcomings of excessive instruction modification and complicated modification caused by simple instruction modification, improving network output performance, etc. Compared with the method of enabling only modification, it has more flexible features and can meet the compatibility of the new future. Modification requirements.
本发明实施例提供了另一种数据包的处理方法,如图5所示,所述方法可以包括以下步骤:An embodiment of the present invention provides another method for processing a data packet. As shown in FIG. 5, the method may include the following steps:
步骤501:接收网络侧发送的以太网数据包。Step 501: Receive an Ethernet data packet sent by the network side.
步骤502:读取以太网数据包。Step 502: Read an Ethernet packet.
使能修改模块读取以太网数据包的详细步骤为:从数据包存储模块的先进先出阵列(记为DATA_FIFO)一次读取一个数据包,然后,将读取到的数据包送往使能修改模块;当读到数据包截止符标识(记为packet_eop)时,就停止从DATA_FIFO中读数据。数据包描述模块为了获取该以太网数据包的描述符信息,也会从数据包存储模块中读取以太网数据包。The detailed step of enabling the modification module to read the Ethernet packet is to read one packet at a time from the FIFO array of the packet storage module (denoted as DATA_FIFO), and then send the read packet to enable. Modify the module; when reading the packet cutoff identifier (denoted as packet_eop), it stops reading data from the DATA_FIFO. The packet description module also reads the Ethernet packet from the packet storage module in order to obtain the descriptor information of the Ethernet packet.
步骤503:获取以太网数据包的描述符信息。Step 503: Obtain descriptor information of the Ethernet data packet.
数据包描述符模块获取到以太网数据包后,根据该以太网数据包读取相应的数据包描述符,并将该数据包描述符存储于描述符模块的先入先出阵列(记为DESC_FIFO),当DATA_FIFO非空时,对应的描述符已经写入DESC_FIFO。After the data packet descriptor module obtains the Ethernet data packet, the corresponding data packet descriptor is read according to the Ethernet data packet, and the data packet descriptor is stored in the first-in first-out array of the descriptor module (referred to as DESC_FIFO). When the DATA_FIFO is not empty, the corresponding descriptor has been written to the DESC_FIFO.
步骤504:数据流(flow)信息、MAC信息、VLAN信息和QoS信息等。Step 504: data flow information, MAC information, VLAN information, QoS information, and the like.
步骤505:获取描述符信息对应的修改信息。Step 505: Acquire modification information corresponding to the descriptor information.
这些信息至少包括以下之一:flow信息、MAC信息、VLAN信息和QoS信息等。The information includes at least one of the following: flow information, MAC information, VLAN information, and QoS information.
步骤506:根据描述符信息和获取到的修改信息修改以太网数据包。Step 506: Modify the Ethernet data packet according to the descriptor information and the obtained modification information.
将描述符中的二层偏移量(l2_offset)、三层偏移量(l3_offset)、包长(pkt_length,packet length)、包标识(untag_flag)、TCP/UDP等信息送给使能修改模块,供修改模块确定包的结构。同时,以数据流标识flow_id为地址去索引修改使能RAM,修改VLAN RAM,指令RAM等,把这些信息 送往使能修改模块,供该模块确定修改操作。Sending information such as the two-layer offset (l2_offset), the three-layer offset (l3_offset), the packet length (pkt_length, packet length), the packet identifier (untag_flag), and the TCP/UDP in the descriptor to the enable modification module. The modification module determines the structure of the package. At the same time, the data stream identifier flow_id is used as the address to index and modify the enable RAM, modify the VLAN RAM, command RAM, etc. Send to the enable modification module for the module to determine the modification operation.
步骤507:得到使能修改后的以太网数据包。Step 507: Obtain the modified Ethernet data packet.
固定修改模块(记为pm_modify_fix)根据使能寄存器里的值及描述符IPv4_flag,IPv6_flag,TCP_flag、UDP_flag,l2_offset,l3_offset信息,一次完成对该模块寄存的256字节包头数据的MAC修改、DSCP/TC修改、SIP/DIP修改、SPORT/DPORT修改、IP_CHECKUM、TCP_CHECKSUM校验信息更新和TTL修改,并将修改后的数据发往指令修改模块。The fixed modification module (denoted as pm_modify_fix) completes the MAC modification of the 256-byte header data registered for the module, DSCP/TC, according to the value in the enable register and the descriptors IPv4_flag, IPv6_flag, TCP_flag, UDP_flag, l2_offset, l3_offset information. Modification, SIP/DIP modification, SPORT/DPORT modification, IP_CHECKUM, TCP_CHECKSUM verification information update and TTL modification, and the modified data is sent to the instruction modification module.
步骤508:将使能修改后的以太网数据包传输至指令修改模块,以进行指令修改。Step 508: The modified Ethernet data packet is transmitted to the instruction modification module to perform instruction modification.
步骤509:存储指令,包括:修改命令(记为cmd)和包修改所需的数据(记为cmd_dat)。Step 509: Store the instruction, including: modifying the command (denoted as cmd) and modifying the data required by the packet (denoted as cmd_dat).
数据包描述符模块模块(记为pm_desc_ctrl)根据描述符信息,从预设信息存储模块中的指令存储单元和数据存储单元中读取的指令和修改数据,将读取的指令和修改数据传输给指令修改模块,指令修改模块对以太网包进行VLAN修改、PPPOE增加删除,Ds-lite增加删除等,边修改边发送最终修改后的数据,直到读取的指令包含结束标记,结束指令修改,剩余数据直接透传。指令格式及相应描述如表2所示。The packet descriptor module module (denoted as pm_desc_ctrl) transmits the read instruction and the modified data to the instruction and modification data read from the instruction storage unit and the data storage unit in the preset information storage module according to the descriptor information. The instruction modification module, the instruction modification module performs VLAN modification on the Ethernet packet, PPPOE addition and deletion, Ds-lite addition and deletion, etc., and sends the final modified data while modifying, until the read instruction includes an end tag, the end instruction is modified, and the remaining Data is directly transmitted. The instruction format and corresponding description are shown in Table 2.
步骤510:描述符信息对应的指令。Step 510: An instruction corresponding to the descriptor information.
步骤511:根据指令修改使能修改后的以太网数据包。Step 511: Modify the modified Ethernet data packet according to the instruction.
根据指令地址(记为cmd_addr)读取一条指令,解析指令,读取指令修改需要的数据。进行相应包头跳转、删除、VLAN增加/删除/替换、PPPOE增加删除,Ds-lite增加删除、v6rd增加或删除等修改,如图4所示。Read an instruction according to the instruction address (denoted as cmd_addr), parse the instruction, and read the data required by the instruction modification. Perform corresponding packet header jump, delete, VLAN increase/delete/replace, PPPOE add delete, Ds-lite add delete, v6rd add or delete, etc., as shown in Figure 4.
这里,PPPOE增加删除指的是:在IPv4类数据包添加IPv6包头,以使IPv4类数据能在IPv6网络传输;或者,当完成传输后,将IPv4类数据包的IPv6包头删除。v6rd增加或删除指的是:在IPv6类数据包添加IPv4包头,以使IPv6类数据能在IPv4网络传输;或者,当完成传输后,将IPv6类数据包的IPv4包头删除。 Here, the PPPOE addition deletion refers to: adding an IPv6 header to an IPv4 packet so that IPv4 data can be transmitted on the IPv6 network; or, when the transmission is completed, deleting the IPv6 header of the IPv4 packet. The v6rd addition or deletion refers to: adding an IPv4 header to an IPv6 packet so that IPv6 data can be transmitted over the IPv4 network; or, when the transmission is completed, deleting the IPv4 header of the IPv6 packet.
本发明实施例还提供了另一种接入网设备,如图6所示,该接入网设备600包括:处理器601和配置为存储能够在处理器上运行的可执行程序的存储器602。Another embodiment of the present invention further provides an access network device. As shown in FIG. 6, the access network device 600 includes a processor 601 and a memory 602 configured to store an executable program executable on the processor.
接入网设备600可以是路由器、三层交换机,或其它具有路由功能的设备等。图6所示的接入网设备600包括:至少一个处理器601和存储器602。接入网设备600中的各个组件通过总线系统603耦合在一起。可理解,总线系统603配置为实现这些组件之间的连接通信。总线系统603除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图6中将各种总线都标为总线系统603。The access network device 600 can be a router, a Layer 3 switch, or other device with routing capabilities. The access network device 600 shown in FIG. 6 includes at least one processor 601 and a memory 602. The various components in the access network device 600 are coupled together by a bus system 603. It will be appreciated that the bus system 603 is configured to enable connection communication between these components. The bus system 603 includes a power bus, a control bus, and a status signal bus in addition to the data bus. However, for clarity of description, various buses are labeled as bus system 603 in FIG.
可以理解,存储器602可以是易失性存储器或非易失性存储器,也可包括易失性和非易失性存储器两者。其中,非易失性存储器可以是只读存储器(ROM,Read Only Memory)、可编程只读存储器(PROM,Programmable Read-Only Memory)、可擦除可编程只读存储器(EPROM,Erasable Programmable Read-Only Memory)、电可擦除可编程只读存储器(EEPROM,Electrically Erasable Programmable Read-Only Memory)、磁性随机存取存储器(FRAM,ferromagnetic random access memory)、快闪存储器(Flash Memory)、磁表面存储器、光盘、或只读光盘(CD-ROM,Compact Disc Read-Only Memory);磁表面存储器可以是磁盘存储器或磁带存储器。易失性存储器可以是随机存取存储器(RAM,Random Access Memory),其用作外部高速缓存。通过示例性但不是限制性说明,许多形式的RAM可用,例如静态随机存取存储器(SRAM,Static Random Access Memory)、同步静态随机存取存储器(SSRAM,Synchronous Static Random Access Memory)、动态随机存取存储器(DRAM,Dynamic Random Access Memory)、同步动态随机存取存储器(SDRAM,Synchronous Dynamic Random Access Memory)、双倍数据速率同步动态随机存取存储器(DDRSDRAM,Double Data Rate Synchronous Dynamic Random Access Memory)、增强型同步动态随机存取存储器(ESDRAM,Enhanced Synchronous Dynamic Random Access Memory)、同步连接动态随机存取存储器(SLDRAM,SyncLink Dynamic Random Access Memory)、直接内存总线随机存取存储器(DRRAM,Direct Rambus Random Access Memory)。本发明实施例描述的存储器602旨在包 括但不限于这些和任意其它适合类型的存储器。It will be appreciated that memory 602 can be either volatile memory or non-volatile memory, and can include both volatile and nonvolatile memory. The non-volatile memory may be a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), or an Erasable Programmable Read (EPROM). Only Memory), Electrically Erasable Programmable Read-Only Memory (EEPROM), Ferromagnetic Random Access Memory (FRAM), Flash Memory, Magnetic Surface Memory , CD-ROM, or Compact Disc Read-Only Memory (CD-ROM); the magnetic surface memory can be a disk storage or a tape storage. The volatile memory can be a random access memory (RAM) that acts as an external cache. By way of example and not limitation, many forms of RAM are available, such as Static Random Access Memory (SRAM), Synchronous Static Random Access Memory (SSRAM), Dynamic Random Access (SSRAM). DRAM (Dynamic Random Access Memory), Synchronous Dynamic Random Access Memory (SDRAM), Double Data Rate Synchronous Dynamic Random Access Memory (DDRSDRAM), enhancement Enhanced Synchronous Dynamic Random Access Memory (ESDRAM), Synchronous Dynamic Random Access Memory (SLDRAM), Direct Memory Bus Random Access Memory (DRRAM) ). The memory 602 described in the embodiment of the present invention is intended to be packaged. These are not limited to these and any other suitable types of memory.
本发明实施例中的存储器602配置为存储各种类型的数据以支持接入网设备600的操作。这些数据的示例包括:配置为在接入网设备600上操作的任何可执行程序,如存储数据包、预设使能修改信息和预设修改指令。实现本发明实施例方法的程序存储在存储器602。 Memory 602 in an embodiment of the invention is configured to store various types of data to support operation of access network device 600. Examples of such data include any executable program configured to operate on the access network device 600, such as a store data packet, preset enable modification information, and a preset modification command. A program implementing the method of the embodiment of the present invention is stored in the memory 602.
上述本发明实施例揭示的方法可以应用于处理器601中,或者由处理器601实现。处理器601可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器601中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器601可以是通用处理器、数字信号处理器(DSP,Digital Signal Processor),或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。处理器601可以实现或者执行本发明实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合本发明实施例所公开的方法的步骤,可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于存储介质中,该存储介质位于存储器602,处理器601读取存储器602中的信息,结合其硬件完成以下方法的步骤:The method disclosed in the foregoing embodiments of the present invention may be applied to the processor 601 or implemented by the processor 601. Processor 601 may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the foregoing method may be completed by an integrated logic circuit of hardware in the processor 601 or an instruction in a form of software. The processor 601 described above may be a general purpose processor, a digital signal processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware component, or the like. The processor 601 can implement or perform the various methods, steps, and logic blocks disclosed in the embodiments of the present invention. A general purpose processor can be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiment of the present invention may be directly implemented as a hardware decoding processor, or may be performed by a combination of hardware and software modules in the decoding processor. The software module can be located in a storage medium, which is located in the memory 602. The processor 601 reads the information in the memory 602 and completes the steps of the following methods in combination with its hardware:
获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;Obtaining descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;And the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。Obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction.
可选的,处理器601根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;Optionally, the processor 601 obtains, according to the preset priority, a preset modification instruction corresponding to the descriptor information from the preset instruction set;
解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数 据包。Modifying the number of enable according to the modification manner corresponding to the modification indicator and the modification information According to the package.
可选的,处理器601根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。Optionally, the processor 601 acquires, according to the descriptor information, second data information to be replaced or to be deleted in the enabled data packet.
可选的,处理器601当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;Optionally, when the modification indicator is a replacement indicator, the processor 601 replaces the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息删除所述使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
可选的,处理器601获取接入网设备所连接的网络的类型信息;Optionally, the processor 601 acquires type information of a network to which the access network device is connected.
当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet.
所述根据所述预设修改指令对所述使能数据包进行修改,包括:And modifying the enabled data packet according to the preset modification instruction, including:
当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
可选的,当所述类型信息满足第二预设规则时,处理器601根据所述预设修改指令对所述使能数据包进行修改。Optionally, when the type information meets the second preset rule, the processor 601 modifies the enabled data packet according to the preset modification instruction.
可选的,处理器601根据所述数据包的结构获取对应的预设使能修改信息。Optionally, the processor 601 obtains corresponding preset enable modification information according to the structure of the data packet.
本发明实施例还提供了一种非暂态可读存储介质,例如包括可执行程序的存储器602,上述可执行程序可由接入网设备600的处理器601执行,以完成前述方法所述步骤。可执行可读存储介质可以是铁电存储器(FRAM)、只读存储器(ROM,Read Only Memory)、可编程只读存储器(PROM,Programmable Read Only Memory)、可编程可擦除只读存储器(EPROM,Erasable Programmable Read Only Memory)、电可擦可编程只读存储器(EEPROM,Electrically Erasable Programmable Read-Only Memory)、闪速存储器(Flash Memory)、磁表面存储器、或光盘等存储器;也可以是包括上述存储器之一或任意组合的各种设备,如移动电话、计算机、平板 设备、个人数字助理等。The embodiment of the present invention further provides a non-transitory readable storage medium, such as a memory 602 including an executable program executable by the processor 601 of the access network device 600 to perform the steps described in the foregoing method. The executable readable storage medium may be a ferroelectric memory (FRAM), a read only memory (ROM), a programmable read only memory (PROM), a programmable erasable read only memory (EPROM). , Erasable Programmable Read Only Memory), EEPROM (Electrically Erasable Programmable Read-Only Memory), Flash Memory, Magnetic Surface Memory, or optical disk; or One or any combination of devices, such as mobile phones, computers, tablets Equipment, personal digital assistants, etc.
本发明实施例还提供一种非暂态可读存储介质,其上存储有可执行程序,可执行程序被处理器运行时,执行:The embodiment of the invention further provides a non-transitory readable storage medium, on which an executable program is stored, and when the executable program is executed by the processor, the execution is performed:
获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;Obtaining descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;And the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。Obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction.
该可执行程序被处理器运行时,还执行:根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;When the executable program is executed by the processor, the method further includes: acquiring, according to a preset priority, a preset modification instruction corresponding to the descriptor information from a preset instruction set;
解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
该可执行程序被处理器运行时,还执行:在根据所述预设修改指令对所述使能数据包进行修改之前,根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。When the executable program is executed by the processor, the method further includes: before the modifying the modified data packet according to the preset modification instruction, acquiring, according to the descriptor information, the to-be-replaced or waiting for the enabled data packet. Deleted second data information.
该可执行程序被处理器运行时,还执行:当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the executable program is executed by the processor, the method further includes: when the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator ;
当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息删除所述使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
该可执行程序被处理器运行时,还执行:获取接入网设备所连接的网络的类型信息; When the executable program is executed by the processor, the method further includes: acquiring type information of a network to which the access network device is connected;
所述将所述第一数据信息替换为所述预设使能信息,获得使能数据包,包括:The replacing the first data information with the preset enabling information to obtain an enabled data packet includes:
当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet.
所述根据所述预设修改指令对所述使能数据包进行修改,包括:And modifying the enabled data packet according to the preset modification instruction, including:
当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
该可执行程序被处理器运行时,还执行:根据所述数据包的结构获取对应的预设使能修改信息When the executable program is executed by the processor, it is further executed to: obtain corresponding preset enable modification information according to the structure of the data packet.
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。凡在本发明的精神和范围之内所作的任何修改、等同替换和改进等,均包含在本发明的保护范围之内。The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and scope of the present invention are included in the scope of the present invention.
工业实用性Industrial applicability
本发明实施例公开了一种数据包的处理方法,所述方法包括:获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。本发明还同时公开了一种接入网设备和非暂态可读存储介质。通过本发明实施例,能够实现数据包的快速修改。 The embodiment of the invention discloses a method for processing a data packet, the method comprising: acquiring descriptor information of a data packet, and a preset enable flag bit and a preset enable modification information corresponding to the descriptor information; The preset enable flag bit searches for the first data information to be modified in the data packet, replaces the first data information with the preset enable information, obtains an enable data packet, and obtains the description a preset modification instruction corresponding to the information, and modifying the enabled data packet according to the preset modification instruction. The invention also discloses an access network device and a non-transitory readable storage medium. Through the embodiments of the present invention, rapid modification of data packets can be achieved.

Claims (21)

  1. 一种数据包的处理方法,所述方法包括:A method of processing a data packet, the method comprising:
    获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;Obtaining descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
    根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;And the first data information to be modified in the data packet is searched according to the preset enable flag, and the first data information is replaced with the preset enable information to obtain an enable data packet.
    获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改。Obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction.
  2. 根据权利要求1所述的方法,其中,所述预设使能修改信息包括以下至少之一:源媒体访问控制地址SMAC、目的媒体访问控制地址DMAC、差分服务代码点DSCP、源互联网协议地址SIP、目的互联网协议地址DIP、源端口号SPORT、目的端口号DPORT、所述数据包的生存时间TTL和校验和CHECKSUM。The method according to claim 1, wherein the preset enable modification information comprises at least one of: a source media access control address SMAC, a destination media access control address DMAC, a differential service code point DSCP, a source internet protocol address SIP The destination internet protocol address DIP, the source port number SPORT, the destination port number DPORT, the lifetime TTL of the data packet, and the checksum CHECKSUM.
  3. 根据权利要求1所述的方法,其中,所述获取与所述描述符信息对应的预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改,包括:The method of claim 1, wherein the obtaining a preset modification instruction corresponding to the descriptor information, and modifying the enabled data packet according to the preset modification instruction comprises:
    根据预设优先级,从预设指令集合中获取与所述描述符信息对应的预设修改指令;Obtaining, according to a preset priority, a preset modification instruction corresponding to the descriptor information from a preset instruction set;
    解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
    根据所述修改指示符对应的修改方式和所述修改信息,修改所述使能数据包。And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
  4. 根据权利要求3所述的方法,其中,所述修改指示符包括以下类型至少之一:替换指示符、添加指示符和删除指示符。The method of claim 3, wherein the modification indicator comprises at least one of the following types: a replacement indicator, an addition indicator, and a deletion indicator.
  5. 根据权利要求4所述的方法,其中,所述根据所述预设修改指令对 所述使能数据包进行修改之前,所述方法还包括:The method according to claim 4, wherein said pair according to said preset modification instruction Before the enabling the data packet to be modified, the method further includes:
    根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。And acquiring second data information to be replaced or to be deleted in the enabled data packet according to the descriptor information.
  6. 根据权利要求4所述的方法,其中,所述根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包,包括:The method according to claim 4, wherein the modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information comprises:
    当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
    当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
    当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息,删除所述使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  7. 根据权利要求3所述的方法,其中,所述修改信息包括以下至少之一:虚拟局域网VLAN信息、以太网的点对点通讯协议PPPoE报头信息、互联网协议第六版本IPv6报头信息和互联网协议第四版本IPv4报头信息。The method according to claim 3, wherein the modification information comprises at least one of: virtual local area network VLAN information, Ethernet peer-to-peer communication protocol PPPoE header information, Internet Protocol version 6 IPv6 header information, and Internet Protocol version 4 IPv4 header information.
  8. 根据权利要求1至7任一项所述的方法,其中,所述获取数据包的描述符信息之后,所述方法还包括:The method according to any one of claims 1 to 7, wherein after the obtaining the descriptor information of the data packet, the method further comprises:
    获取接入网设备所连接的网络的类型信息;Obtaining type information of a network connected to the access network device;
    所述将所述第一数据信息替换为所述预设使能信息,获得使能数据包,包括:The replacing the first data information with the preset enabling information to obtain an enabled data packet includes:
    当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包。When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet.
  9. 所述根据所述预设修改指令对所述使能数据包进行修改,包括:And modifying the enabled data packet according to the preset modification instruction, including:
    当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
  10. 根据权利要求1所述的方法,其中,所述描述符信息用于描述所 述数据包的结构;The method of claim 1 wherein said descriptor information is used to describe a location The structure of the data packet;
    所述获取与所述描述符信息对应的预设使能修改信息,包括:And the acquiring the preset enable modification information corresponding to the descriptor information, including:
    根据所述数据包的结构获取对应的预设使能修改信息。Obtaining corresponding preset enable modification information according to the structure of the data packet.
  11. 一种接入网设备,所述设备包括:An access network device, the device comprising:
    数据包描述符模块,配置为获取数据包的描述符信息,以及所述描述符信息对应的预设使能标志位和预设使能修改信息;a packet descriptor module, configured to acquire descriptor information of the data packet, and preset enable flag bits and preset enable modification information corresponding to the descriptor information;
    使能修改模块,配置为根据所述预设使能标志位查找所述数据包中待修改的第一数据信息,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;The modification module is configured to search for the first data information to be modified in the data packet according to the preset enable flag, and replace the first data information with the preset enable information to obtain the enable data pack;
    指令修改模块,配置为获取与所述描述符信息对应的所述预设修改指令,并根据所述预设修改指令对所述使能数据包进行修改;The instruction modification module is configured to acquire the preset modification instruction corresponding to the descriptor information, and modify the enabled data packet according to the preset modification instruction;
    数据包存储模块,配置为存储网络侧发送的数据包;a data packet storage module configured to store a data packet sent by the network side;
    预设信息存储模块,配置为存储所述预设使能修改信息和预设修改指令。The preset information storage module is configured to store the preset enable modification information and the preset modification instruction.
  12. 根据权利要求11所述的设备,其中,所述预设使能修改信息包括以下至少之一:SMAC、DMAC、DSCP、SIP、DIP、SPORT、DPORT、所述数据包的TTL,以及CHECKSUM。The apparatus of claim 11, wherein the preset enable modification information comprises at least one of: SMAC, DMAC, DSCP, SIP, DIP, SPORT, DPORT, TTL of the data packet, and CHECKSUM.
  13. 根据权利要求11所述的设备,其中,所述指令修改模块,具体配置为:The device according to claim 11, wherein the instruction modification module is specifically configured to:
    根据预设优先级从预设指令集合中获取与所述描述符信息对应的预设修改指令;Acquiring a preset modification instruction corresponding to the descriptor information from a preset instruction set according to a preset priority;
    解析获取到的预设修改指令,获得所述预设修改指令携带的修改信息和所述修改信息对应的修改指示符;Parsing the obtained preset modification instruction, obtaining the modification information carried by the preset modification instruction and the modification indicator corresponding to the modification information;
    根据所述修改指示符对应的修改方式和所述修改信息修改所述使能数据包。 And modifying the enabled data packet according to the modification manner corresponding to the modification indicator and the modification information.
  14. 根据权利要求12所述的设备,其中,所述修改指示符包括以下类型至少之一:替换指示符、添加指示符和删除指示符。The device of claim 12, wherein the modification indicator comprises at least one of the following types: a replacement indicator, an addition indicator, and a deletion indicator.
  15. 根据权利要求13所述的设备,其中,The apparatus according to claim 13, wherein
    所述指令修改模块,还配置为在根据所述预设修改指令对所述使能数据包进行修改之前,根据所述描述符信息获取所述使能数据包中待替换或待删除的第二数据信息。The instruction modification module is further configured to: before the modification of the enabled data packet according to the preset modification instruction, acquire, according to the descriptor information, a second to be replaced or to be deleted in the enabled data packet. Data information.
  16. 根据权利要求13所述的设备,其中,所述指令修改模块,具体配置为:The device according to claim 13, wherein the instruction modification module is specifically configured to:
    当所述修改指示符为替换指示符时,将所述使能数据包中的第三数据信息替换为与所述替换指示符对应的修改信息;When the modification indicator is a replacement indicator, replacing the third data information in the enabled data packet with the modification information corresponding to the replacement indicator;
    当所述修改指示符为添加指示符时,在所述使能数据包添加由与所述添加指示符对应的修改信息组成的包头;When the modification indicator is an add indicator, adding a header composed of modification information corresponding to the added indicator to the enabled data packet;
    当所述修改指示符为删除指示符时,根据与所述删除指示符对应的修改信息删除使能数据包中的第三数据信息对应的信息。When the modification indicator is a deletion indicator, the information corresponding to the third data information in the enabled data packet is deleted according to the modification information corresponding to the deletion indicator.
  17. 根据权利要求12所述的设备,其中,所述修改信息包括以下至少之一:VLAN信息、PPPoE报头信息、IPv6报头信息、IPv4报头信息。The apparatus according to claim 12, wherein the modification information comprises at least one of the following: VLAN information, PPPoE header information, IPv6 header information, and IPv4 header information.
  18. 根据权利要求11至16任一项所述的设备,其中,The apparatus according to any one of claims 11 to 16, wherein
    所述数据包描述符模块,还配置为在获取数据包的描述符信息之后,获取所述接入网设备所连接的网络的类型信息;The data packet descriptor module is further configured to: after acquiring descriptor information of the data packet, acquire type information of a network to which the access network device is connected;
    所述使能修改模块,具体配置为:The modification module is enabled, and the specific configuration is:
    当所述类型信息满足第一预设规则时,将所述第一数据信息替换为所述预设使能信息,获得使能数据包;When the type information meets the first preset rule, the first data information is replaced with the preset enable information to obtain an enabled data packet;
    所述指令修改模块,具体配置为:The instruction modification module is specifically configured as:
    当所述类型信息满足第二预设规则时,根据所述预设修改指令对所述使能数据包进行修改。 When the type information meets the second preset rule, the enabled data packet is modified according to the preset modification instruction.
  19. 根据权利要求11所述的设备,其中,所述描述符信息用于描述所述数据包的结构;The apparatus according to claim 11, wherein said descriptor information is used to describe a structure of said data packet;
    所述指令修改模块,具体配置为:The instruction modification module is specifically configured as:
    根据所述数据包的结构获取对应的预设使能修改信息。Obtaining corresponding preset enable modification information according to the structure of the data packet.
  20. 一种接入网设备,包括:处理器和配置为存储能够在处理器上运行的非暂态程序的存储器;其中,所述处理器配置为运行所述非暂态程序时,执行权利要求1至10任一项所述的数据包的处理方法。An access network device comprising: a processor and a memory configured to store a non-transitory program capable of running on a processor; wherein the processor is configured to execute claim 1 when the non-transitory program is executed A method of processing a data packet as described in any one of ten.
  21. 一种非暂态可读存储介质,其上存储有可执行程序,所述可执行程序被处理器执行时实现权利要求1至10任一项所述的数据包的处理方法。 A non-transitory readable storage medium having stored thereon an executable program, the executable program being executed by a processor to implement the data packet processing method according to any one of claims 1 to 10.
PCT/CN2017/103768 2017-05-22 2017-09-27 Method for processing data packet, and access network device and non-transient readable storage medium WO2018214359A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710362029.8A CN108933756B (en) 2017-05-22 2017-05-22 Data packet processing method, access network equipment and computer readable storage medium
CN201710362029.8 2017-05-22

Publications (1)

Publication Number Publication Date
WO2018214359A1 true WO2018214359A1 (en) 2018-11-29

Family

ID=64396139

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/103768 WO2018214359A1 (en) 2017-05-22 2017-09-27 Method for processing data packet, and access network device and non-transient readable storage medium

Country Status (2)

Country Link
CN (1) CN108933756B (en)
WO (1) WO2018214359A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111782140A (en) * 2020-06-18 2020-10-16 杭州安恒信息技术股份有限公司 Network data packet storage method and device, computer equipment and storage medium
CN113239001A (en) * 2021-05-21 2021-08-10 珠海金山网络游戏科技有限公司 Data storage method and device
CN114650445A (en) * 2020-12-17 2022-06-21 深圳Tcl新技术有限公司 Filtering method of TLV (type-length-value) data packet, storage medium and terminal equipment

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111382110A (en) * 2018-12-29 2020-07-07 上海寒武纪信息科技有限公司 Receiving device, neural network processor chip, combination device, and electronic apparatus
CN111382117A (en) * 2018-12-29 2020-07-07 上海寒武纪信息科技有限公司 Transmission device, neural network processor chip, combination device, and electronic apparatus
CN113765728B (en) * 2020-06-04 2023-07-14 深信服科技股份有限公司 Network detection method, device, equipment and storage medium
CN114553559B (en) * 2022-02-25 2023-05-23 北京华云安信息技术有限公司 Method and device for modifying protocol data in router and readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095545A (en) * 2013-01-04 2013-05-08 杭州华三通信技术有限公司 Message transmitting method and switching device based on bridge protocol data unit tunnel
CN104660511A (en) * 2015-01-16 2015-05-27 杭州华三通信技术有限公司 Transmission method and equipment for multicast message in SDN network
US9282164B2 (en) * 2013-03-15 2016-03-08 Cisco Technology, Inc. Application hints for network action

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8526350B2 (en) * 2008-05-23 2013-09-03 Qualcomm Incorporated Systems and methods for carrying broadcast services over a mobile broadcast network
CN101425955B (en) * 2008-12-05 2011-05-11 中兴通讯股份有限公司 Method for adding packet outer layer label by switch
CN103780481B (en) * 2012-10-18 2017-10-27 中兴通讯股份有限公司 The method and device of message modification and forwarding in a kind of data communication network
CN103685032B (en) * 2013-12-09 2017-06-23 福建星网锐捷网络有限公司 Message forwarding method and network address translation services device
US20150172252A1 (en) * 2013-12-18 2015-06-18 Cisco Technology, Inc. Visual representation of complex network address translation rules
CN105791128B (en) * 2016-01-28 2018-12-14 东南大学 A kind of IP packet receiving handling method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095545A (en) * 2013-01-04 2013-05-08 杭州华三通信技术有限公司 Message transmitting method and switching device based on bridge protocol data unit tunnel
US9282164B2 (en) * 2013-03-15 2016-03-08 Cisco Technology, Inc. Application hints for network action
CN104660511A (en) * 2015-01-16 2015-05-27 杭州华三通信技术有限公司 Transmission method and equipment for multicast message in SDN network

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111782140A (en) * 2020-06-18 2020-10-16 杭州安恒信息技术股份有限公司 Network data packet storage method and device, computer equipment and storage medium
CN114650445A (en) * 2020-12-17 2022-06-21 深圳Tcl新技术有限公司 Filtering method of TLV (type-length-value) data packet, storage medium and terminal equipment
CN114650445B (en) * 2020-12-17 2023-08-01 深圳Tcl新技术有限公司 TLV data packet filtering method, storage medium and terminal equipment
CN113239001A (en) * 2021-05-21 2021-08-10 珠海金山网络游戏科技有限公司 Data storage method and device

Also Published As

Publication number Publication date
CN108933756B (en) 2020-06-30
CN108933756A (en) 2018-12-04

Similar Documents

Publication Publication Date Title
WO2018214359A1 (en) Method for processing data packet, and access network device and non-transient readable storage medium
WO2022078509A1 (en) Method and apparatus for encapsulating extension header of ipv6 packet
EP2958280B1 (en) Routing based on the content of packets
US10237130B2 (en) Method for processing VxLAN data units
WO2017124693A1 (en) Method and device for message decapsulation and data writing
US8140709B2 (en) Two stage internet protocol header compression
EP2903218A1 (en) Method and device for modifying and forwarding message in data communication network
WO2017133647A1 (en) Packet processing method, traffic classifier, and service function instance
WO2021047310A1 (en) Ipv6 packet processing method and apparatus
CA2786429A1 (en) Communication control system and communication control method
US20090135833A1 (en) Ingress node and egress node with improved packet transfer rate on multi-protocol label switching (MPLS) network, and method of improving packet transfer rate in MPLS network system
WO2019170083A1 (en) Message processing method, controller, and forwarding device
US20210021513A1 (en) Network interworking with no cross-domain state
US20230247118A1 (en) Method for Processing Packet and Apparatus
WO2021043232A1 (en) Method by which host network performance requirements may be programmed, device and system
TW201101751A (en) Apparatuses and methods for processing packet fragments and computer-readable mediums thereof
WO2021088629A1 (en) Detnet data packet processing method and apparatus
CN112511988A (en) Message forwarding method, device, system, network device and storage medium
US8934489B2 (en) Routing device and method for processing network packet thereof
WO2022116850A1 (en) Method and device for identifying private network user, service system, and storage medium
TW201603537A (en) A method of representing a generic format header using continuous bytes and an apparatus thereof
TW201611548A (en) A method of using a unique packet identifier to identify structure of a packet and an apparatus thereof
TW201603542A (en) Method of splitting a packet into individual layers for modification and intelligently stitching layers back together after modigication and an apparatus thereof
WO2023116355A1 (en) Communication method and apparatus, and related devices and storage medium
WO2008141591A1 (en) A method and a device for qos guarantee of network datagrams transported in different networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17911273

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17911273

Country of ref document: EP

Kind code of ref document: A1