WO2023093786A1 - 一种引流的方法、设备及系统 - Google Patents
一种引流的方法、设备及系统 Download PDFInfo
- Publication number
- WO2023093786A1 WO2023093786A1 PCT/CN2022/133915 CN2022133915W WO2023093786A1 WO 2023093786 A1 WO2023093786 A1 WO 2023093786A1 CN 2022133915 W CN2022133915 W CN 2022133915W WO 2023093786 A1 WO2023093786 A1 WO 2023093786A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- network device
- diversion
- item
- information
- action
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 91
- 230000009471 action Effects 0.000 claims abstract description 230
- 238000012545 processing Methods 0.000 claims description 45
- 238000004891 communication Methods 0.000 claims description 24
- 230000015654 memory Effects 0.000 description 33
- 230000006870 function Effects 0.000 description 32
- 238000010586 diagram Methods 0.000 description 14
- 230000008569 process Effects 0.000 description 13
- 238000005516 engineering process Methods 0.000 description 10
- 239000004744 fabric Substances 0.000 description 10
- 238000013461 design Methods 0.000 description 7
- 238000007726 management method Methods 0.000 description 7
- 238000011161 development Methods 0.000 description 3
- 230000006855 networking Effects 0.000 description 3
- 230000003190 augmentative effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 230000008676 import Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000001356 surgical procedure Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2441—Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
- H04L45/04—Interdomain routing, e.g. hierarchical routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/30—Routing of multiclass traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/34—Source routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/50—Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
Definitions
- the present application relates to the technical field of communication, and in particular to a drainage method, device and system.
- IPv4 Internet Protocol version 4
- IPv4 technology is simple, easy to implement, and has good interoperability.
- IPv4 technology is the problem of scalability.
- IP Internet Protocol
- IPv6 replaces IPv4 mainly to solve the problem of IPv4 address exhaustion, and IPv6 also has many improvements over IPv4 in other aspects.
- compatibility issue is the important lesson in the development of IPv6 technology.
- Segment Routing over Internet Protocol version 6 (SRv6) based on the sixth version of the Internet Protocol (SRv6) is compatible with IPv6 routing and forwarding, and takes into account the advantages of Multiprotocol Label Switching (Multiprotocol Label Switching, MPLS) forwarding , which ensures that SRv6 can evolve smoothly from the IPv6 network.
- MPLS Multiprotocol Label Switching
- Network slicing is an on-demand networking method. Specifically, network slicing is a virtual network separated from a physical network. In the same physical network, multiple network slices can be separated. Logical isolation can be achieved between network slices and network slices to adapt to various types of applications.
- Flow specification (Flow Specification, Flowspec) is a mechanism for issuing and transmitting flow matching rules and flow forwarding policies to network devices, and can execute specified flow actions for data packets that meet the matching rules.
- Flowspec information can be sent and delivered by means of control messages based on Border Gateway Protocol (BGP), and this implementation is also called BGP Flowspec.
- Border Gateway Protocol BGP
- BGP Flowspec Through BGP Flowspec, you can centrally configure and manage matching rules and traffic actions, and quickly apply matching rules and traffic actions to network devices.
- This application provides a method, device and system for traffic steering, so that, based on the control message, the matching rules and forwarding strategies are issued, and the data packets matching the traffic steering items are steered (steer) to the corresponding traffic steering items according to the traffic steering action items network slices.
- a drainage method includes that the first network device generates a control message, and the control message includes a traffic diversion matching item and a traffic diversion action item.
- the first network device sends the control message to the second network device, and the control message is used to instruct the second network device to guide the data packet matching the diversion matching item to the network according to the diversion action item slice.
- the first network device for example, a controller or network management device or server or route reflector (route reflector, RR)
- sends a control message to the second network device for example, a router or switch
- the traffic diversion matching item and the traffic diversion action item trigger the second network device to guide the data packet matching the traffic diversion matching item to the network slice according to the traffic diversion action item, so as to realize the traffic diversion of the data packet based on the network slice.
- a drainage method includes that the second network device receives a control message sent by the first network device, and the control message includes a traffic diversion matching item and a traffic diversion action item. And, the second network device receives the data packet. Then, the second network device guides the data packet matching the diversion match item to a network slice according to the diversion action item.
- the second network device guides the data packet matching the diversion matching item to the network slice according to the diversion action item based on the control message issued by the first network device, thereby realizing network-based Slices divert data packets.
- the second network device guides the data packet matching the diversion matching item to a network slice according to the diversion action item, including: the second network The device determines a forwarding entry according to the control message, where the forwarding entry includes the traffic diversion matching item and the traffic diversion action item.
- the second network device guides the data packet matching the diversion match item to a network slice according to the diversion action item, including: the second The network device determines, according to the traffic diversion matching item, that the data packet matches the traffic diversion matching item; the second network device determines a forwarding action according to the traffic diversion action item, and the forwarding action includes an outbound interface and/or a next hop ; The second network device forwards the data packet according to the forwarding action.
- the method before the second network device forwards the data packet according to the forwarding action, the method further includes: the second network device Add the slice information in the text.
- the traffic diversion action item includes slice information, and the slice information is used to indicate the network slice.
- the slice information includes a slice identifier and/or a segment list.
- the traffic diversion matching item is used to match information in the data packet.
- control message is a BGP update message
- BGP update message includes BGP routing information
- the BGP routing information is used to carry the diversion matching item and the Drainage action items.
- the BGP routing information is BGP flowspec information.
- the BGP flowspec information includes routing attributes and network layer reachability information (network layer reachability information, NLRI), wherein the diversion action item is carried in the In the routing attribute, or, the diversion action item is carried in the NLRI.
- network layer reachability information network layer reachability information
- the traffic diversion action item further includes a traffic diversion action type, and the traffic diversion action type is used to indicate that the traffic diversion action is to divert traffic to a network slice.
- the traffic diversion matching item is carried in the NLRI.
- control message is a Network Configuration Protocol (Network Configuration Protocol, NETCONF) message
- NETCONF message includes an event-condition-action (event-condition-action, ECA ) information, wherein the action in the ECA information is used to carry the traffic diversion action item, and the condition in the ECA information is used to carry the traffic diversion matching item.
- ECA event-condition-action
- the diversion matching item includes at least one of the following information: source Internet protocol IP address, destination IP address, source port number, destination port number, protocol number , flow label and priority.
- a first network device in a third aspect, has a function of implementing the behavior of the first network device in the above method.
- the functions may be implemented based on hardware, or corresponding software may be implemented based on hardware.
- the hardware or software includes one or more modules corresponding to the above functions.
- the structure of the first network device includes a processor and an interface, and the processor is configured to support the first network device to perform corresponding functions in the foregoing method.
- the interface is used to support communication between the first network device and another network device, and receive information or instructions involved in the above method from the other network device.
- the interface is also used to support communication between the first network device and the user equipment.
- the first network device may further include a memory, which is used to be coupled with the processor, and stores necessary program instructions and data of the first network device.
- the first network device includes: a processor, a transmitter, a receiver, a random access memory, a read only memory, and a bus.
- the processor is respectively coupled to the transmitter, the receiver, the random access memory and the read-only memory through the bus.
- the basic input/output system solidified in the read-only memory or the bootloader boot system in the embedded system is started to guide the first network device into a normal operation state. After the first network device enters the normal running state, run the application program and the action system in the random access memory, so that the processor executes the method in the first aspect or any possible implementation manner of the first aspect.
- a first network device includes: a main control board and an interface board, and may further include a switching fabric board.
- the first network device is configured to execute the method in the first aspect or any possible implementation manner of the first aspect.
- the first network device includes a module for executing the method in the first aspect or any possible implementation manner of the first aspect.
- a first network device includes a controller and a first forwarding sub-device.
- the first forwarding sub-device includes: an interface board, and may further include a switching fabric board.
- the first forwarding sub-device is configured to perform the function of the interface board in the fourth aspect, and further, may also perform the function of the switching fabric board in the fourth aspect.
- the controller includes a receiver, a processor, a transmitter, a random access memory, a read only memory and a bus. Wherein, the processor is respectively coupled to the receiver, the transmitter, the random access memory and the read-only memory through the bus.
- the basic input/output system solidified in the read-only memory or the bootloader boot system in the embedded system is started to guide the controller into a normal operation state.
- the application program and the action system are run in the random access memory, so that the processor executes the functions of the main control board in the fourth aspect.
- a computer storage medium which is used to store the programs, codes or instructions used by the above-mentioned first network device.
- the processor or hardware device executes these programs, codes or instructions, it can complete the above-mentioned first aspect.
- a function or step of the first network device is provided, which is used to store the programs, codes or instructions used by the above-mentioned first network device.
- a second network device has a function of implementing the behavior of the second network device in the above method.
- the functions may be implemented based on hardware, or corresponding software may be implemented based on hardware.
- the hardware or software includes one or more modules corresponding to the above functions.
- the structure of the second network device includes a processor and an interface, and the processor is configured to support the second network device to perform corresponding functions in the foregoing method.
- the interface is used to support communication between the second network device and the first network device, send information or instructions involved in the above method to the first network device, or receive information or instructions involved in the above method sent by the first network device. information or instructions.
- the second network device may further include a memory, which is used to be coupled with the processor, and stores necessary program instructions and data of the second network device.
- the second network device includes: a processor, a transmitter, a receiver, a random access memory, a read only memory, and a bus.
- the processor is respectively coupled to the transmitter, the receiver, the random access memory and the read-only memory through the bus.
- the basic input/output system solidified in the read-only memory or the bootloader boot system in the embedded system is started to guide the second network device into a normal operation state. After the second network device enters the normal running state, run the application program and the action system in the random access memory, so that the processor executes the method in the second aspect or any possible implementation manner of the second aspect.
- a second network device in an eighth aspect, includes: a main control board and an interface board, and may further include a switching fabric board.
- the second network device is configured to execute the second aspect or the method in any possible implementation manner of the second aspect.
- the second network device includes a module for executing the second aspect or the method in any possible implementation manner of the second aspect.
- a ninth aspect provides a second network device, where the second network device includes a controller and a second forwarding sub-device.
- the second forwarding sub-device includes: an interface board, and may further include a switching fabric board.
- the second forwarding sub-device is configured to perform the function of the interface board in the eighth aspect, and further, may also perform the function of the switching fabric board in the eighth aspect.
- the controller includes a receiver, a processor, a transmitter, a random access memory, a read only memory and a bus. Wherein, the processor is respectively coupled to the receiver, the transmitter, the random access memory and the read-only memory through the bus.
- the basic input/output system solidified in the read-only memory or the bootloader boot system in the embedded system is started to guide the controller into a normal operation state.
- the application program and the action system are run in the random access memory, so that the processor executes the functions of the main control board in the eighth aspect.
- a computer storage medium which is used to store the programs, codes or instructions used by the above-mentioned second network device.
- the processor or hardware device executes these programs, codes or instructions, the above-mentioned second aspect can be completed.
- a function or step of a second network device is provided, which is used to store the programs, codes or instructions used by the above-mentioned second network device.
- an integrated circuit in an eleventh aspect, includes a control circuit and an interface circuit, and the integrated circuit can complete the functions or steps of the first network device in the first aspect above.
- an integrated circuit in a twelfth aspect, includes a control circuit and an interface circuit, and the integrated circuit can complete the functions or steps of the second network device in the second aspect above.
- a thirteenth aspect provides a network system, the network system includes a first network device and a second network device, the first network device is the first network in the aforementioned third aspect or the fourth aspect or the fifth aspect A device, the second network device is the second network device in the seventh aspect, the eighth aspect, or the ninth aspect.
- the first network device can send the matching rule and forwarding strategy for diverting traffic to the network slice to the second network device through a control message; correspondingly, after receiving the control message, the second network device, According to the diversion action item, the data packet matching the diversion matching item is directed to the corresponding network slice, so as to realize the diversion of the data packet based on the network slice.
- FIG. 1 is a schematic structural diagram of a communication network according to an embodiment of the present application.
- Fig. 2 is a flow chart of a drainage method according to an embodiment of the present application.
- FIG. 3 is a schematic structural diagram of a first network device according to an embodiment of the present application.
- FIG. 4 is a schematic diagram of a hardware structure of a first network device according to an embodiment of the present application.
- FIG. 5 is a schematic diagram of a hardware structure of another first network device according to an embodiment of the present application.
- FIG. 6 is a schematic structural diagram of a second network device according to an embodiment of the present application.
- FIG. 7 is a schematic diagram of a hardware structure of a second network device according to an embodiment of the present application.
- FIG. 8 is a schematic diagram of a hardware structure of another second network device according to an embodiment of the present application.
- FIG. 1 is a schematic structural diagram of a communication network according to an embodiment of the present application.
- the communication network includes a control device.
- the communication network also includes a plurality of network devices, such as R0, R1, R2, R3, R4 and R5.
- the communication network may be, for example, an IP network.
- the control device communicates with R0, R1, R2, R3, R4 and R5, R0, R1, R2, R3 and R5 communicate in sequence, and R4 communicates with R1 and R3 respectively.
- the communication network shown in FIG. 1 may include multiple network slices, for example, network slice 1 , network slice 2 and network slice 3 .
- network slice 1 (as shown by "dotted line” in Figure 1), R0, R1, R2, R3 and R5 communicate in sequence, and R4 communicates with R1 and R3 respectively.
- the entry node of network slice 1 is R0, and the exit node is R5.
- network slice 2 (as shown by the “dashed line” in Figure 1), R0, R1, R2, R3 and R5 communicate in sequence, and R4 communicates with R1 and R3 respectively.
- the entry node of network slice 2 is R0, and the exit node is R5.
- network slice 3 (shown as "thick solid line” in Figure 1), R0, R1, R4, R3 and R5 communicate in sequence.
- the entry node of network slice 3 is R0, and the exit node is R5. It should be noted that the above-described paths related to network slicing are examples.
- the forwarding node between the entry node and the exit node can be determined according to the resource reservation policy.
- the control device determines the topology or path of the network slice according to the resource reservation policy, and triggers network devices on the topology or path to reserve resources.
- control device sends the resource information of the network slice to the network devices in the network (for example, the traffic information of the service that needs to be carried by the network slice), and the network devices in the network adaptively allocate resources according to the resource information and the slice identifier, In this way, hop-by-hop network devices independently allocate network slice resources, and the forwarding path in the network slice is also determined accordingly.
- the control device is shown communicating with R0, R1, R2, R3, R4 and R5 in order to transfer control messages.
- the control device may be a controller or a network management device or a server or a route reflector (route reflector, RR).
- route reflector route reflector, RR
- the function of the control device may be implemented in a certain network device in the communication network.
- the function of the control device is implemented on R1; and for another example, the function of the control device is implemented on network devices other than network slice 1, network slice 2, and network slice 3.
- R0, R1, R2, R3, R4, and R5 may be routers or switches, respectively, or devices with forwarding functions such as servers or terminal devices.
- the switch may be a layer-3 switch.
- the roles of R0, R1, R2, R3, R4 and R5 in the network may be provider edge (provider edge, PE) devices.
- R0 is the entry node of the network slice, and R0 can also be called the source node or edge node of the network slice
- R5 is the exit node of the network slice, and R5 can also be called the destination node or edge of the network slice node.
- R0 may be connected to at least one first customer edge (CE) device, and the first CE device is used to transmit data packets to R0.
- CE customer edge
- R5 may be connected to at least one second CE device, and the second CE device receives the data packet transmitted by R5.
- the first CE device and the second CE device can be connected to user equipment respectively.
- the user equipment may be called terminal equipment, mobile station (Mobile Station, MS), mobile terminal (Mobile Terminal, MT) or terminal, etc.
- User equipment is a device that provides voice and/or data connectivity to a user, or a chip disposed within the device.
- the user equipment may be a handheld device with a wireless connection function, a vehicle-mounted device, and the like.
- the user equipment can be a mobile phone, a desktop computer, a tablet computer, a notebook computer, a handheld computer, a mobile Internet device (Mobile Internet Device, MID), a wearable device, a virtual reality (Virtual Reality, VR) device, an augmented reality (Augmented Reality, AR) ) equipment, wireless terminals or wired terminals in Industrial Control, wireless terminals in Self Driving, wireless terminals in Remote Medical Surgery, wireless terminals in Smart Grid Terminals, wireless terminals in Transportation Safety, wireless terminals in Smart City, wireless terminals in Smart Home, or home gateway devices that support 5G access (5G ⁇ Residential Gateway, 5G ⁇ RG) etc.
- the user equipment may also be a computer or a server in the enterprise network.
- the communication links among R0, R1, R2, R3, R4 and R5 are physical communication links.
- the physical communication link may be a cable or an optical fiber or a wireless link.
- the ports where R0, R1, R2, R3, R4 and R5 are connected to communication links may be physical ports.
- the control device can send control messages to R0, R1, R2, R3, R4 and R5.
- the control message may include flow specification (Flow Specification, Flowspec) information.
- the control message includes matching items and action items.
- R0, R1, R2, R3, R4 and R5 obtain the matching item and action item after receiving the control message. Then, R0, R1, R2, R3, R4 and R5 judge whether the matching item is satisfied, and, if the matching item is satisfied, execute the action indicated by the action item.
- the control message may be a Border Gateway Protocol (Border Gateway Protocol, BGP) update (update) message. Therefore, the way of delivering Flowspec information based on BGP can be called BGP Flowspec.
- Border Gateway Protocol Border Gateway Protocol
- BGP Border Gateway Protocol
- BGP Flowspec can be used for policy matching when forwarding IPv4 data packets, and can also be used for policy matching when forwarding IPv6 data packets.
- BGP Flowspec please refer to the relevant descriptions in Request For Comments (RFC) 8955 and RFC 8956 of the Internet Engineering Task Force (IETF).
- the operation of introducing network slices to data packets is not supported. That is to say, after receiving the data packet, the network device cannot direct the data packet to the network slice if the matching item matches.
- the control device may send a control message to the ingress node R0 of the network slice.
- the control message includes a traffic diversion match item and a traffic diversion action item, and the control message is used to instruct R0 to guide the data packet matching the traffic diversion match item to the network slice according to the traffic diversion action item, for example, to introduce the data packet into In network slicing.
- R0 determines a forwarding entry according to the control message, and the forwarding entry includes the traffic diversion matching item and the traffic diversion action item.
- R0 can receive a data packet, for example, R0 receives a data packet from a CE device. Then, R0 determines according to the traffic diversion matching item that the data packet matches the traffic diversion matching item; and, R0 directs the data packet to the network slice according to the traffic diversion action item. For example, R0 determines a forwarding action according to the diversion action item, and the forwarding action includes an outbound interface and/or a next hop. Specifically, the data packets may be introduced into corresponding network slices by carrying slice information in the traffic diversion action item.
- the control message is a BGP update message
- the BGP update message includes BGP routing information
- the BGP routing information is used to carry the traffic diversion matching item and the traffic diversion action item.
- the BGP routing information is BGP flowspec information
- the BGP flowspec information is used to carry the diversion matching item and the diversion action item.
- the control message is a network configuration protocol (Network Configuration Protocol, NETCONF) message
- the NETCONF message includes event-condition-action (event-condition-action, ECA) information, wherein, The action in the ECA information is used to carry the traffic diversion action item, and the condition in the ECA information is used to carry the traffic diversion matching item. Therefore, through the above implementation, based on the control message delivery matching rule and forwarding strategy, the data packets matching the diversion matching item are steered (steered) to the corresponding network slice according to the diversion action item.
- FIG. 2 is a flowchart of a drainage method according to an embodiment of the present application.
- the method shown in FIG. 2 can be applied to the network structure shown in FIG. 1 .
- the first network device in FIG. 2 may be equivalent to the control device in FIG. 1
- the second network device in FIG. 2 may be equivalent to R0 in FIG. 1 .
- the interaction between the first network device and the second network device in FIG. 2 is described. It should be understood that the communication link between the first network device and the second network device can include other network devices.
- the method includes:
- the first network device generates a control message, the control message includes a traffic diversion match item and a traffic diversion action item, and the control message is used to instruct the second network device to match the traffic diversion match according to the traffic diversion action item
- the datagram of the item is directed to the network slice.
- the control message includes the traffic diversion matching item and the traffic diversion action item.
- the traffic diversion matching item is a matching strategy or a matching rule determined by the first network device. Therefore, the traffic diversion matching item may include at least one piece of matching information. For example, at least one of the following information can be used as matching information in the diversion matching item: source IP address, destination IP address, source port number, destination port number, protocol number, flow label and priority.
- source IP address refers to the source IP address included in the packet header of the data packet, for example, the IP address of the sending device of the data packet.
- the destination IP address refers to the destination IP address included in the header of the data packet, for example, the IP address of the receiving device of the data packet.
- the source port number refers to the source port number included in the packet header of the data packet, for example, the port identifier for sending the data packet.
- the destination port number refers to the destination port number included in the packet header of the data packet, for example, the port identifier for receiving the data packet.
- the protocol number refers to the protocol number included in the packet header of the data packet, for example, the protocol identifier followed by the data packet.
- the flow label refers to the flow label included in the packet header of the data packet, for example, the flow label indicates the data flow described in the data packet.
- the priority refers to the priority included in the header of the data packet, such as the service priority.
- the second network device after the second network device receives the control message, it can obtain information of the same type as the matching information from the transmitted data message, for example, it can obtain and match information from the header of the transmitted data message. Information of the same information type, and use the corresponding information in the packet header to compare with the matching information.
- the matching information in traffic diversion matching item 1 includes ⁇ destination IP address: 100.100.100.1/24, source IP address: 99.99.99.1/24>.
- the traffic diversion action item is a processing action for data packets determined by the first network device. That is to say, when the second network device determines that the data packet matches the diversion matching item, the diversion action item is valid, and correspondingly, the second network device will process the diversion action item according to the action indicated by the diversion action item. datagram.
- the traffic diversion action item includes slice information, and the slice information is used to indicate network slices. In this way, when the second network device determines that the data packet matches the traffic diversion matching item, it directs the data packet to the network slice according to slice information in the traffic diversion action item, Therefore, the network slice transmits the data packet.
- the slice information includes a slice identifier.
- the slice identifier has a value of 100, which is used to indicate network slice 1 in FIG. 1 .
- the slice information includes a segment list (segment list), and the segment list includes multiple segment identifiers (segment identifier, SID). Therefore, the segment list can also be referred to as a segment identification list.
- the slice information includes a slice identifier and a segment list.
- the value of the slice identifier is 200
- the segment list is ⁇ A, B, C, D, E, F> used to indicate network slice 2 in FIG. 1 .
- the value of the slice identifier is 200 used to indicate the network slice 2
- the segment list is ⁇ A, B, C, D, E, F> used to indicate a displayed path in the network slice 2.
- the SID in the segment list is only valid in the network slice that needs to be indicated, and is used to indicate the corresponding network slice, such as the aforementioned segment
- the list is ⁇ A3,B3,C3,D3,E3>.
- the control message may be a BGP update message.
- the BGP update message includes BGP routing information, and the BGP routing information is used to carry the traffic diversion matching item and the traffic diversion action item.
- the BGP routing information is BGP flowspec information. Therefore, the traffic diversion matching item and the traffic diversion action item may be implemented based on the Flowspec technology, that is, the traffic diversion matching item and the traffic diversion action item may be considered to be implemented based on the BGP Flowspec technology.
- the BGP update message includes BGP flowspec information, and the BGP flowspec information includes the diversion matching item and the diversion action item.
- the BGP flowspec information includes network layer reachability information (network layer reachability information, NLRI).
- the NLRI is used to carry the drainage matching item.
- the NLRI includes a Multi-Protocol Reachable NLRI (Multi-Protocol Reachable NLRI, MP_REACH_NLRI) attribute
- the MP_REACH_NLRI attribute includes an address family identifier (address family identifier, AFI) field and an NLRI field.
- AFI address family identifier
- the value of the AFI field is used to indicate that the information carried by the NLRI is BGP flowspec information.
- the NLRI field may be used to carry the traffic diversion matching item.
- the NLRI may also be used to carry the traffic diversion action item, specifically, the NLRI field may be used to carry the traffic diversion action item.
- the BGP flowspec information also includes routing attributes, and the routing attributes can be used to carry the diversion action item.
- the traffic diversion action item may be carried in the extended community attribute field or the wide community attribute field of the BGP update message as a new BGP extended community (Extended Community) attribute or wide community (Wide Community) attribute.
- the extended community attribute and the wide community attribute belong to routing attributes, that is, the extended community attribute field or the wide community attribute field carrying the diversion action item may be one of BGP routing attribute information.
- the traffic diversion action item can be implemented in the following format:
- the lengths of the type (Type) and the sub-type (Sub-type) are 1 byte respectively, and are used to indicate the type of the above-mentioned extended community attribute.
- type (Type) and subtype (Sub-type) are used to indicate that the above-mentioned extended community attribute is a BGP diversion community attribute.
- the flag (Flags) has a length of 1 byte and is used for reservation or to indicate other functions.
- the length of the traffic steering action type (Traffic steering action type) is 1 byte, and is used to indicate that the traffic steering action is to divert traffic to a network slice, that is, the traffic steering action type is used to indicate that the type of the traffic steering action item is a network slice.
- the slice information has a length of 4 bytes and is used to indicate network slices.
- the traffic diversion action item can also be implemented in the following format:
- the lengths of the type (Type) and the sub-type (Sub-type) are 1 byte respectively, and are used to indicate the type of the above-mentioned extended community attribute.
- type (Type) and subtype (Sub-type) are used to indicate that the above-mentioned extended community attribute is a BGP diversion community attribute for network slices.
- the flag (Flags) has a length of 2 bytes and is used for reservation or to indicate other functions.
- the slice information has a length of 4 bytes and is used to indicate network slices. After acquiring the foregoing information, the network device may determine to direct the data packet to the network slice indicated by the slice information according to the slice information.
- the traffic diversion action item can be implemented in the following format:
- the lengths of the attribute flag (Attribute flag) and the attribute type (Attribute type) are 1 byte respectively, and are used to indicate the type of the above routing attribute.
- the attribute flag (Attribute flag) and attribute type (Attribute type) are used to indicate that the above routing attribute is a BGP diversion routing attribute.
- the Length (Length) field has a length of 1 byte or 2 bytes, and is used to indicate the length of the above routing attribute.
- the flag (Flags) has a length of 1 byte and is used for reservation or to indicate other functions.
- the slice information has a length of 4 bytes and is used to indicate network slices. After acquiring the foregoing information, the network device may determine to direct the data packet to the network slice indicated by the slice information according to the slice information.
- the BGP routing information can also be implemented using other BGP routing information except the BGP flowspec information, for example, a new BGP routing information is defined to implement the above solution.
- the traffic diversion matching item and the traffic diversion action item may be implemented based on NETCONF technology.
- the control message may be a NETCONF message.
- the NETCONF message includes ECA information, wherein the event in the ECA information is used to indicate "received data packet", the action in the ECA information is used to carry the diversion action item, and the condition in the ECA information Used to carry the drainage matching item.
- the network device determines that the received data packet needs to be matched according to the events in the ECA information; then, the network device determines whether the data packet meets the matching condition according to the conditions in the ECA, and, If the matching condition is met, the network device directs the data packet to the network slice indicated by the slice information according to the action in the ECA.
- the first network device sends the control message to the second network device.
- the second network device receives the control message sent by the first network device.
- the traffic diversion matching item and the traffic diversion action item may be implemented based on Flowspec technology.
- the control message may be a BGP update message.
- the BGP update message includes BGP flowspec information
- the BGP flowspec information includes the diversion matching item and the diversion action item.
- the traffic diversion matching item and the traffic diversion action item may also be implemented based on NETCONF technology.
- the control message may be a NETCONF message.
- the NETCONF message includes ECA information
- the ECA information includes the traffic diversion matching item and the traffic diversion action item.
- the first network device may be an independently deployed control device (such as the control device shown in FIG. 1 ), for example, the control device may be a controller or a network management device or a server or an RR.
- the first network device may also be a network device in network slice 1, network slice 2 or network slice 3 (R1 as shown in FIG. 1 ), or the first network device may also be network slice 1, A network device other than the network slice 2 and the network slice 3 (for example, the ingress node of the network slice 4), in this way, the first network device is a forwarding device with a control device function.
- the second network device receives the data packet.
- the second network device is R0.
- R0 may be connected to at least one CE device, for example, R0 is connected to the first CE device (the third network device in FIG. 1 ).
- the first CE device sends the data packet to R0.
- the data packet may carry at least one of the following information: source IP address, destination IP address, source port number, destination port number, protocol number, flow label and priority.
- R0 receives the data packet sent by the first CE device.
- the R0 is an entry node of network slice 1, network slice 2 or network slice 3.
- the second network device directs the data packet matching the traffic diversion matching item to a network slice according to the traffic diversion action item.
- R0 after receiving the control message, R0 acquires the traffic diversion matching item and the traffic diversion action item from the control message. Moreover, after receiving the data packet, R0 determines whether to introduce the data packet into the network slice. According to Figure 1, R0 is the entry node of network slice 1, network slice 2 and network slice 3. Therefore, R0 determines whether to import the data packet into the network slice, and then determines which network slice (network slice 1, network slice 2 or network slice 3) the data packet needs to import into.
- R0 acquires the information in the data packet, and R0 determines whether the information in the data packet matches the information in the traffic diversion matching item.
- the destination IP address in the data message is 100.100.100.1/24 and the source IP address is 99.99.99.1/24; the information in the diversion matching item includes ⁇ destination IP address: 100.100.100.1/24, source IP address: 99.99.99.1/24>, therefore, R0 determines that the data packet matches the traffic diversion matching item.
- the priority level carried by the data packet is 1 (assuming that the smaller the value of the priority level, the higher the priority level); the information in the diversion matching item includes ⁇ priority level "higher than" 3 >, therefore, R0 may determine that the priority level carried in the data packet is higher than 3, and thus, R0 determines that the data packet matches the traffic diversion matching item.
- one or more matching conditions may be included in the diversion matching item.
- the traffic diversion action item in the control message takes effect.
- R0 directs the data packet matching the diversion matching item to the network slice according to the diversion action item.
- the slice information included in the traffic diversion action item is the slice identifier 100 of the network slice 1 .
- R0 guides the data packet to network slice 1 according to the slice identifier 100 of network slice 1 .
- the slice information included in the traffic diversion action item is the segment list ⁇ A3, B3, C3, D3, E3> of the network slice 3 .
- R0 guides the data packet to network slice 3 according to the segment list ⁇ A3, B3, C3, D3, E3> of network slice 3.
- the slice information included in the traffic diversion action item is the slice identifier 200 of the network slice 2 and the segment list ⁇ A, B, C, D, E, F> identifying the path.
- R0 directs the data packet to a displayed path in the network slice 2 according to the slice identifier 200 of the network slice 2 and the segment list ⁇ A, B, C, D, E, F>.
- the second network device determines a forwarding entry according to the control message, where the forwarding entry includes the traffic diversion matching item and the traffic diversion action item.
- R0 after receiving the control message, R0 generates the forwarding entry according to the control message. Therefore, the forwarding entry includes the traffic diversion matching item and the traffic diversion action item. R0 may save the forwarding entry in the forwarding table. With reference to the foregoing, R0 may guide the data packet matching the diversion matching item to the network slice according to the diversion action item based on the forwarding entry.
- the forwarding entry may include a forwarding action, and the forwarding action includes an outbound interface and/or a next hop.
- the forwarding action is determined by R0 according to the diversion action item. Specifically, R0 may determine a forwarding path according to the traffic diversion action item, and then R0 determines the forwarding action according to the forwarding path.
- the diversion matching item of R0 determines that the data packet matches the diversion matching item; then, R0 determines the outgoing interface and/or next hop of the data packet according to the diversion action item; and, R0 determines the data packet according to the The outbound interface and/or the next hop of the data message forwards the data message. Therefore, it is realized that R0 guides the data packet to the network slice.
- R0 determines that the data packet matches the traffic diversion matching item; then, according to the forwarding action in the forwarding entry, R0 determines the egress of the corresponding network slice 1 on R0. interface 1; furthermore, R0 sends the data message from outbound interface 1, and the data message enters network slice 1.
- the second network device adds the slice information to the data packet.
- R0 is the entry node of the network slice.
- R0 can introduce the data packet into the network slice according to the diversion matching item and the diversion action item, such as network slice 1. Therefore, the data packet can be forwarded along the forwarding path of the network slice 1 .
- R0 can add the slice information of network slice 1 to the data packet, such as the slice identifier 100 of network slice 1, so as to obtain the added slice identifier 100 update datagrams.
- R0 introduces the updated data packet (carrying the slice identifier 100) into network slice 1 according to the diversion action item, that is, sends the updated data packet to R1 along the forwarding path of network slice 1.
- R1 may not perform traffic diversion according to the traffic diversion matching item and the traffic diversion action item.
- Subsequent nodes on the network slice 1 may also perform forwarding according to the implementation manner of R1.
- the first network device can send the matching rules and forwarding policies for diverting traffic to the network slice to the second network device through a control message; correspondingly, after receiving the control message, the second network device , according to the diversion action item, guide the data packet matching the diversion matching item to the corresponding network slice.
- FIG. 3 is a schematic structural diagram of a first network device 1000 according to an embodiment of the present application.
- the first network device 1000 shown in FIG. 3 may execute corresponding steps performed by the first network device in the method of the foregoing embodiments.
- the first network device 1000 is deployed in a communication network, and the communication network further includes a second network device.
- the first network device 1000 may be a control device, and the control device may be a controller or a network management device or a server or an RR.
- the first network device 1000 includes a processing unit 1004 and a sending unit 1006 .
- the processing unit 1004 is configured to generate a control message, where the control message includes a traffic diversion matching item and a traffic diversion action item;
- the sending unit 1006 is configured to send the control message to the second network device, where the control message is used to instruct the second network device to guide the data packets matching the diversion match item according to the traffic diversion action item to network slices.
- the traffic diversion action item includes slice information, and the slice information is used to indicate the network slice.
- the slice information includes a slice identifier and/or a segment list.
- the diversion matching item is used to match information in the data packet.
- control message is a BGP update message
- BGP update message includes BGP routing information
- the BGP routing information is used to carry the traffic diversion matching item and the traffic diversion action item.
- the BGP routing information is BGP flowspec information.
- the BGP flowspec information includes routing attributes and NLRI, wherein the traffic diversion action item is carried in the routing attribute, or the traffic diversion action item is carried in the NLRI.
- the diversion action item further includes a diversion action type, and the diversion action type is used to indicate that the diversion action is to divert traffic to a network slice.
- the diversion matching item is carried in the NLRI.
- control message is a NETCONF message
- NETCONF message includes ECA information, wherein the action in the ECA information is used to carry the diversion action item, and the condition in the ECA information is used to carry the Drain matches.
- the traffic diversion matching item includes at least one of the following information: source Internet protocol IP address, destination IP address, source port number, destination port number, protocol number, flow label and priority.
- the first network device 1000 shown in FIG. 3 may execute corresponding steps performed by the first network device in the method of the foregoing embodiments.
- the control message sent by the first network device to the second network device carries a traffic diversion match item and a traffic diversion action item, thereby instructing the second network device to guide the data packets matching the traffic diversion match item according to the traffic diversion action item to network slices.
- FIG. 4 is a schematic diagram of a hardware structure of a first network device 1100 according to an embodiment of the present application.
- the first network device 1100 shown in FIG. 4 may execute corresponding steps performed by the first network device in the method of the foregoing embodiments.
- the first network device 1100 includes a processor 1101 , a memory 1102 , an interface 1103 and a bus 1104 .
- the interface 1103 can be implemented in a wireless or wired manner.
- the aforementioned processor 1101 , memory 1102 and interface 1103 are connected through a bus 1104 .
- the interface 1103 may specifically include a transmitter and a receiver for sending and receiving information between the first network device and the second network device in the foregoing embodiments.
- the interface 1103 is configured to support sending a control message to the second network device.
- the interface 1103 is used to support the process S102 in FIG. 2 .
- the processor 1101 is configured to execute the processing performed by the first network device in the foregoing embodiments.
- the processor 1101 is configured to execute an action of generating the control message; and/or other processes for the technology described herein.
- the processor 1101 is used to support the process S101 in FIG. 2 .
- Memory 1102 used for storing programs, codes or instructions, for example, storing action system 11021 and application program 11022, when the processor or hardware device executes these programs, codes or instructions, the processing related to the first network device in the method embodiment can be completed process.
- the memory 1102 may include a read-only memory (Read-only Memory, ROM) and a random access memory (Random Access Memory, RAM).
- the ROM includes a basic input/output system (Basic Input/Output System, BIOS) or an embedded system
- the RAM includes an application program and an action system.
- the first network device 1100 When the first network device 1100 needs to be run, boot the system through the BIOS solidified in the ROM or the bootloader in the embedded system, and guide the first network device 1100 into a normal operation state. After the first network device 1100 enters the normal running state, the application program and the action system in the RAM are run, thereby completing the processing procedures related to the first network device in the method embodiment.
- FIG. 4 only shows a simplified design of the first network device 1100 .
- the first network device may include any number of interfaces, processors or memories.
- FIG. 5 is a schematic diagram of a hardware structure of another first network device 1200 according to an embodiment of the present application.
- the first network device 1200 shown in FIG. 5 may execute corresponding steps performed by the first network device in the method of the foregoing embodiments.
- the first network device 1200 includes: a main control board 1210 , an interface board 1230 , a switching fabric board 1220 and an interface board 1240 .
- the main control board 1210, the interface boards 1230 and 1240, and the switching fabric board 1220 are connected to the system backplane through the system bus to realize intercommunication.
- the main control board 1210 is used to complete functions such as system management, equipment maintenance, and protocol processing.
- the SFU 1220 is used to implement data exchange between interface boards (interface boards are also called line cards or service boards).
- the interface boards 1230 and 1240 are used to provide various service interfaces (for example, POS interface, GE interface, ATM interface, etc.), and realize data packet forwarding.
- the first network device 2200 is a controller or a network management device or a server or an RR.
- the interface board 1230 may include a central processing unit 1231 , a forwarding entry storage 1234 , a physical interface card 1233 and a network processor 1232 .
- the central processing unit 1231 is used for controlling and managing the interface board and communicating with the central processing unit on the main control board.
- the forwarding entry storage 1234 is used for storing forwarding entries.
- the physical interface card 1233 is used to receive and send traffic.
- the network storage 1232 is configured to control the physical interface card 1233 to send and receive traffic according to the forwarding entry.
- the physical interface card 1233 is configured to send the control message to the second network device.
- the central processing unit 1231 is configured to control the network processor 1232 to send the control message to the second network device via the physical interface card 1233 .
- the central processor 1211 generates the control message, the central processor 1211 sends the control message to the central processor 1231, and the central processor 1231 controls the The network processor 1232 sends the control message to the second network device via the physical interface card 1233 .
- the central processor 1211 sends control information to the central processor 1231, the central processor 1231 generates the control message, and the central processor 1231 controls the network according to the information in the control message
- the processor 1232 sends the control message to the second network device via the physical interface card 1233 .
- the actions on the interface board 1240 in the embodiment of the present invention are consistent with the actions of the interface board 1230 , and for the sake of brevity, details are not repeated here.
- the first network device 1200 in this embodiment may correspond to the functions and/or various steps implemented in the foregoing method embodiments, and details are not repeated here.
- main control boards there may be one or more main control boards, and when there are multiple main control boards, the main main control board and the standby main control board may be included.
- the first network device may have at least one SFU, through which data exchange between multiple interface boards is realized, and large-capacity data exchange and processing capabilities are provided. Therefore, the data access and processing capabilities of the first network device in the distributed architecture are greater than those in the centralized architecture. Which architecture to use depends on the specific networking deployment scenario, and there is no limitation here.
- an embodiment of the present application provides a computer storage medium for storing computer software instructions used by the above-mentioned first network device, which includes the program designed for executing the above-mentioned method embodiment.
- FIG. 6 is a schematic structural diagram of a second network device 2000 according to an embodiment of the present application.
- the second network device 2000 shown in FIG. 6 may execute corresponding steps performed by the second network device in the method of the foregoing embodiments.
- the second network device is deployed in a communication network, and the communication network further includes the first network device.
- the second network device 2000 includes a receiving unit 2002 and a processing unit 2004 .
- the receiving unit 2002 is configured to receive a control message sent by the first network device, where the control message includes a traffic diversion matching item and a traffic diversion action item;
- the receiving unit 2002 is also used to receive data packets
- the processing unit 2004 is configured to direct, according to the traffic diversion action item, the data packet matching the traffic diversion matching item to a network slice.
- the traffic diversion action item includes slice information, and the slice information is used to indicate the network slice.
- the slice information includes a slice identifier and/or a segment list.
- the diversion matching item is used to match information in the data packet.
- control message is a BGP update message
- BGP update message includes BGP routing information
- the BGP routing information is used to carry the traffic diversion matching item and the traffic diversion action item.
- the BGP routing information includes BGP flowspec information for the BGP update message.
- the BGP flowspec information includes routing attributes and NLRI, wherein the traffic diversion action item is carried in the routing attribute, or the traffic diversion action item is carried in the NLRI.
- the traffic diversion action item further includes a reference action type, and the reference action type is used to indicate that the traffic diversion action is to divert traffic to a network slice.
- the diversion matching item is carried in the NLRI.
- control message is a NETCONF message
- NETCONF message includes ECA information, wherein the action in the ECA information is used to carry the diversion action item, and the condition in the ECA information is used to carry the Drain matches.
- the processing unit 2004 directs the data packet matching the diversion matching item to the network slice according to the diversion action item, and the processing unit 2004 is specifically configured to: determine according to the control message A forwarding entry, where the forwarding entry includes the traffic diversion matching item and the traffic diversion action item.
- the processing unit 2004 directs the data packet matching the traffic diversion matching item to the network slice according to the traffic diversion action item, and the processing unit 2004 is specifically configured to: according to the traffic diversion matching item Determine that the data packet matches the traffic diversion matching item; determine a forwarding action according to the traffic diversion action item, where the forwarding action includes an outbound interface and/or a next hop; and forward the data packet according to the forwarding action.
- the processing unit 2004 is further configured to: add the slice information to the data packet.
- the traffic diversion matching item includes at least one of the following information: source Internet protocol IP address, destination IP address, source port number, destination port number, protocol number, flow label and priority.
- the second network device 2000 shown in FIG. 6 may execute corresponding steps performed by the second network device in the method of the foregoing embodiments.
- the second network device receives a control message sent by the first network device, where the control message includes a traffic diversion match item and a traffic diversion action item. Then, the second network device serving as the receiving end device may direct the data packet matching the traffic diversion match item to the network slice according to the traffic diversion action item.
- FIG. 7 is a schematic diagram of a hardware structure of a second network device 2100 according to an embodiment of the present application.
- the second network device 2100 shown in FIG. 7 may execute corresponding steps performed by the second network device in the method of the foregoing embodiments.
- the second network device 2100 includes a processor 2101 , a memory 2102 , an interface 2103 and a bus 2104 .
- the interface 2103 can be implemented in a wireless or wired manner.
- the aforementioned processor 2101 , memory 2102 and interface 2103 are connected through a bus 2104 .
- the interface 2103 may specifically include a transmitter and a receiver, which are used for sending and receiving information or data between the second network device and the first network device in the above embodiment; or for sending and receiving information or data between the second network device and the first network device in the above embodiment Send and receive information or data between the three network devices.
- the interface 2103 is configured to support receiving a control message sent by the first network device, or configured to support receiving a data packet sent by the third network device.
- the interface 2103 is used to support the processes S103 and S105 in FIG. 2 .
- the processor 2101 is configured to execute the processing performed by the second network device in the foregoing embodiments.
- the processor 2101 is configured to obtain a traffic diversion matching item and a traffic diversion action item in the control message, and guide the data packet matching the traffic diversion matching item to a network slice according to the traffic diversion action item; and and/or other processes for the techniques described herein.
- the processor 2101 is used to support the process S105 in FIG. 2 .
- the memory 2102 includes an action system 21021 and an application program 21022 for storing programs, codes or instructions. When the processor or hardware device executes these programs, codes or instructions, the processing process involving the second network device in the method embodiment can be completed.
- the memory 2102 may include a read-only memory (Read-only Memory, ROM) and a random access memory (Random Access Memory, RAM).
- the ROM includes a basic input/output system (Basic Input/Output System, BIOS) or an embedded system;
- the RAM includes an application program and an action system.
- BIOS Basic Input/Output System
- the second network device 2100 boot the system through the BIOS solidified in the ROM or the bootloader in the embedded system, and guide the second network device 2100 into a normal operation state.
- the application program and the action system in the RAM are run, thereby completing the processing process related to the second network device in the method embodiment.
- FIG. 7 only shows a simplified design of the second network device 2100 .
- the second network device may include any number of interfaces, processors or memories.
- FIG. 8 is a schematic diagram of a hardware structure of another second network device 2200 according to an embodiment of the present application.
- the second network device 2200 shown in FIG. 8 may execute corresponding steps performed by the second network device in the method of the foregoing embodiments.
- the second network device 2200 includes: a main control board 2210 , an interface board 2230 , a switching fabric board 2220 and an interface board 2240 .
- the main control board 2210, the interface boards 2230 and 2240, and the switching fabric board 2220 are connected to the system backplane through the system bus to realize intercommunication.
- the main control board 2210 is used to complete functions such as system management, equipment maintenance, and protocol processing.
- the SFU 2220 is used to implement data exchange between interface boards (interface boards are also called line cards or service boards).
- the interface boards 2230 and 2240 are used to provide various service interfaces (for example, POS interface, GE interface, ATM interface, etc.), and realize data packet forwarding.
- the second network device 2200 is a forwarding device.
- the interface board 2230 may include a central processing unit 2231 , a forwarding entry storage 2234 , a physical interface card 2233 and a network processor 2232 .
- the central processing unit 2231 is used for controlling and managing the interface board and communicating with the central processing unit 2211 on the main control board 2210 .
- the forwarding entry storage 2234 is used for storing forwarding entries.
- the physical interface card 2233 is used to receive and send traffic.
- the network storage 2232 is configured to control the physical interface card 2233 to send and receive traffic according to the forwarding entry.
- the physical interface card 2233 is configured to receive the control message sent by the first network device.
- the physical interface card 2233 is also used to forward data packets.
- the physical interface card 2233 After receiving the control message, the physical interface card 2233 sends the control message to the central processing unit 2231, and the central processing unit 2231 determines according to the information in the header of the control message that the control message needs to be executed by the control message.
- the central processor 2231 processes, and correspondingly, the central processor 2231 processes the control message.
- the physical interface card 2233 sends the control message to the central processor 2231, and the central processor 2231 determines the control message according to the information in the header of the control message.
- the message needs to be processed by the central processor 2211, and the central processor 2231 sends the control message to the central processor 2211, and the central processor 2211 processes the control message.
- the central processor 2231 is also used to control the network processor 2232 to obtain forwarding entries in the forwarding entry storage 2234 , and the central processor 2231 is also used to control the network storage 2232 to complete receiving and sending traffic via the physical interface card 2233 .
- the actions on the interface board 2240 in the embodiment of the present invention are consistent with the actions of the interface board 2230 , and for the sake of brevity, details are not repeated here.
- the second network device 2200 in this embodiment may correspond to the functions and/or various steps implemented in the foregoing method embodiments, and details are not repeated here.
- main control boards there may be one or more main control boards, and when there are multiple main control boards, the main main control board and the standby main control board may be included.
- interface boards There may be one or more interface boards, and the stronger the data processing capability of the second network device, the more interface boards it provides.
- SFU There may be no SFU, or there may be one or more SFUs. When there are multiple SFUs, they can jointly implement load sharing and redundant backup. Under the centralized forwarding architecture, the second network device may not need a switching network board, and the interface board is responsible for processing service data of the entire system.
- the second network device may have at least one SFU, through which data exchange between multiple interface boards is realized, and large-capacity data exchange and processing capabilities are provided. Therefore, the data access and processing capabilities of the second network device in the distributed architecture are greater than those in the centralized architecture. Which architecture to use depends on the specific networking deployment scenario, and there is no limitation here.
- an embodiment of the present application provides a computer storage medium for storing computer software instructions used by the above-mentioned second network device, which includes the program designed for executing the above-mentioned method embodiment.
- the embodiment of the present application also includes a network system, the network system includes a first network device and a second network device, the first network device is the first network device in the aforementioned Figure 3 or Figure 4 or Figure 5, so The second network device is the second network device in the foregoing FIG. 6 or FIG. 7 or FIG. 8 .
- the steps of the methods or algorithms described in connection with the disclosure of this application can be implemented in the form of hardware, or can be implemented in the form of a processor executing software instructions.
- the software instructions can be composed of corresponding software modules, and the software modules can be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, mobile hard disk, CD-ROM or any other form of storage known in the art medium.
- An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium.
- the storage medium may also be a component of the processor.
- the processor and storage medium can be located in the ASIC. Additionally, the ASIC may be located in the user equipment.
- the processor and the storage medium may also exist in the user equipment as discrete components.
- Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another.
- a storage media may be any available media that can be accessed by a general purpose or special purpose computer.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
一种引流的方法、设备及系统。方法包括第一网络设备(1000,1100,1200)生成控制消息(S101)和向第二网络设备(2000,2100,2200)发送控制消息(S102),控制消息包括引流匹配项和引流动作项;第二网络设备(2000,2100,2200)获取控制消息(S103)和接收数据报文(S104),并且,根据引流动作项将匹配引流匹配项的数据报文引导至网络切片(S105),实现基于网络切片对数据报文的引流。
Description
本申请要求于2022年02月28日提交中国国家知识产权局、申请号为202210188613.7、发明名称为“一种引流的方法、设备及系统”的中国专利申请的优先权和于2021年11月25日提交中国国家知识产权局、申请号为202111413611.5、发明名称为“一种处理报文的方法、设备及系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及通信技术领域,尤其涉及一种引流的方法、设备及系统。
第四版互联网协议(Internet Protocol version 4,IPv4)是目前广泛部署的互联网协议。IPv4技术简单、易于实现、互操作性好。但是,IPv4技术发展的一个重要教训是可扩展性问题,设计之初没有想到会有这么多的设备接入互联网协议(Internet Protocol,IP)网络,由此触发了第六版互联网协议(Internet Protocol version 6,IPv6)技术的发展。IPv6取代IPv4主要是为了解决IPv4地址枯竭问题,同时IPv6也在其他方面对于IPv4有许多改进。然而,IPv6技术发展的一个重要教训是可兼容性问题。当时的设想比较简单,32比特的地址空间不够,就把它扩展成128比特,但是128比特的IPv6地址跟32比特的IPV4地址是没有办法兼容的,这样就需要全网的升级支持IPv6,由此导致部署应用的困难。从这个角度看,基于第六版互联网协议的段路由(Segment Routing over Internet Protocol version 6,SRv6)是可以兼容IPv6路由转发的,并且兼顾了多协议标记交换(Multiprotocol Label Switching,MPLS)转发的优点,这就保证了SRv6可以从IPv6网络平滑地演进。
网络切片是一种按需组网的方式,具体的,网络切片是在物理网络中分离出的、虚拟的网络。在同一个物理网络中,可以分离出多个网络切片。网络切片与网络切片之间可以实现逻辑隔离,以适配各种各样类型的应用。
流规格(Flow Specification,Flowspec)是一种向网络设备下发和传递流匹配规则和流转发策略的机制,可以对符合匹配规则的数据报文执行指定的流量动作。典型的,Flowspec信息可以借助于基于边界网关协议(Border Gateway Protocol,BGP)的控制消息实现下发和传递,这种实现方式也被成为BGP Flowspec。通过BGP Flowspec,可以实现集中配置和管理匹配规则以及流量动作,并快速地将匹配规则和流量动作应用到网络设备中。
然而,在通信网络场景中,根据现有的Flowspec实现方式,无法实现基于网络切片对数据报文的引流。
发明内容
本申请提供了一种引流(traffic steering)的方法、设备及系统,从而,基于控制 消息下发匹配规则和转发策略,根据引流动作项将匹配引流匹配项的数据报文引导(steer)至相应的网络切片。
第一方面,提供了一种引流的方法。所述方法包括第一网络设备生成控制消息,所述控制消息包括引流匹配项和引流动作项。所述第一网络设备向第二网络设备发送所述控制消息,所述控制消息用于指示所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片。
基于本申请提供的方案,第一网络设备(例如,控制器或者网络管理设备或者服务器或者路由反射器(route reflector,RR))通过控制消息向第二网络设备(例如,路由器或者交换机)下发引流匹配项和引流动作项,触发所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片,从而实现基于网络切片对数据报文的引流。
第二方面,提供了一种引流的方法。所述方法包括第二网络设备接收第一网络设备发送控制消息,所述控制消息包括引流匹配项和引流动作项。并且,所述第二网络设备接收数据报文。然后,所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
基于本申请提供的方案,第二网络设备基于第一网络设备下发的控制消息,根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片,从而实现基于网络切片对数据报文的引流。
在第二方面的一种可能的实现方式中,所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片,包括:所述第二网络设备根据所述控制消息确定转发表项,所述转发表项包括所述引流匹配项和所述引流动作项。
在第二方面的又一种可能的实现方式中,所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片,包括:所述第二网络设备根据所述引流匹配项确定所述数据报文匹配所述引流匹配项;所述第二网络设备根据所述引流动作项确定转发动作,所述转发动作包括出接口和/或下一跳;所述第二网络设备根据所述转发动作转发所述数据报文。
在第二方面的再一种可能的实现方式中,所述第二网络设备根据所述转发动作转发所述数据报文之前,所述方法还包括:所述第二网络设备在所述数据报文中添加所述切片信息。
在上述第一方面或第二方面中,可选的,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
在上述第一方面或第二方面中,可选的,所述切片信息包括切片标识和/或段列表。
在上述第一方面或第二方面中,可选的,所述引流匹配项用于对所述数据报文中的信息进行匹配。
在上述第一方面或第二方面中,可选的,所述控制消息是BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
在上述第一方面或第二方面中,可选的,所述BGP路由信息为BGP flowspec信息。
在上述第一方面或第二方面中,可选的,所述BGP flowspec信息包括路由属性和网 络层可达信息(network layer reachability information,NLRI),其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
在上述第一方面或第二方面中,可选的,所述引流动作项还包括引流动作类型,所述引流动作类型用于指示引流动作是引流到网络切片。
在上述第一方面或第二方面中,可选的,所述引流匹配项被携带在所述NLRI中。
在上述第一方面或第二方面中,可选的,所述控制消息是网络配置协议(Network Configuration Protocol,NETCONF)消息,所述NETCONF消息包括事件-条件-动作(event-condition-action,ECA)信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
在上述第一方面或第二方面中,可选的,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
第三方面,提供了一种第一网络设备,第一网络设备具有实现上述方法中第一网络设备行为的功能。所述功能可以基于硬件实现,也可以基于硬件执行相应的软件实现。所述硬件或软件包括一个或多个与上述功能相对应的模块。
在一个可能的设计中,第一网络设备的结构中包括处理器和接口,所述处理器被配置为支持第一网络设备执行上述方法中相应的功能。所述接口用于支持第一网络设备与另一网络设备之间的通信,从所述另一网络设备接收上述方法中所涉及的信息或者指令。所述接口还用于支持第一网络设备与用户设备之间的通信。所述第一网络设备还可以包括存储器,所述存储器用于与处理器耦合,其保存第一网络设备必要的程序指令和数据。
在另一个可能的设计中,所述第一网络设备包括:处理器、发送器、接收器、随机存取存储器、只读存储器以及总线。其中,处理器通过总线分别耦接发送器、接收器、随机存取存储器以及只读存储器。其中,当需要运行第一网络设备时,通过固化在只读存储器中的基本输入/输出系统或者嵌入式系统中的bootloader引导系统进行启动,引导第一网络设备进入正常运行状态。在第一网络设备进入正常运行状态后,在随机存取存储器中运行应用程序和动作系统,使得该处理器执行第一方面或第一方面的任意可能的实现方式中的方法。
第四方面,提供一种第一网络设备,所述第一网络设备包括:主控板和接口板,进一步,还可以包括交换网板。所述第一网络设备用于执行第一方面或第一方面的任意可能的实现方式中的方法。具体地,所述第一网络设备包括用于执行第一方面或第一方面的任意可能的实现方式中的方法的模块。
第五方面,提供一种第一网络设备,所述第一网络设备包括控制器和第一转发子设备。所述第一转发子设备包括:接口板,进一步,还可以包括交换网板。所述第一转发子设备用于执行第四方面中的接口板的功能,进一步,还可以执行第四方面中交换网板的功能。所述控制器包括接收器、处理器、发送器、随机存取存储器、只读存储器以及总线。其中,处理器通过总线分别耦接接收器、发送器、随机存取存储器以及只读存储器。其中,当需要运行控制器时,通过固化在只读存储器中的基本输入/输出系统或者嵌入式系统中的bootloader引导系统进行启动,引导控制器进入正常运行状态。在控制器进入正常运行状 态后,在随机存取存储器中运行应用程序和动作系统,使得该处理器执行第四方面中主控板的功能。
第六方面,提供了一种计算机存储介质,用于储存为上述第一网络设备所用的程序、代码或指令,当处理器或硬件设备执行这些程序、代码或指令时可以完成上述第一方面中第一网络设备的功能或步骤。
第七方面,提供了一种第二网络设备,所述第二网络设备具有实现上述方法中第二网络设备行为的功能。所述功能可以基于硬件实现,也可以基于硬件执行相应的软件实现。所述硬件或软件包括一个或多个与上述功能相对应的模块。
在一个可能的设计中,第二网络设备的结构中包括处理器和接口,所述处理器被配置为支持第二网络设备执行上述方法中相应的功能。所述接口用于支持第二网络设备与第一网络设备之间的通信,向第一网络设备发送上述方法中所涉及的信息或者指令,或者接收第一网络设备发送的上述方法中所涉及的信息或者指令。所述第二网络设备还可以包括存储器,所述存储器用于与处理器耦合,其保存第二网络设备必要的程序指令和数据。
在另一个可能的设计中,所述第二网络设备包括:处理器、发送器、接收器、随机存取存储器、只读存储器以及总线。其中,处理器通过总线分别耦接发送器、接收器、随机存取存储器以及只读存储器。其中,当需要运行第二网络设备时,通过固化在只读存储器中的基本输入/输出系统或者嵌入式系统中的bootloader引导系统进行启动,引导第二网络设备进入正常运行状态。在第二网络设备进入正常运行状态后,在随机存取存储器中运行应用程序和动作系统,使得该处理器执行第二方面或第二方面的任意可能的实现方式中的方法。
第八方面,提供一种第二网络设备,所述第二网络设备包括:主控板和接口板,进一步,还可以包括交换网板。所述第二网络设备用于执行第二方面或第二方面的任意可能的实现方式中的方法。具体地,所述第二网络设备包括用于执行第二方面或第二方面的任意可能的实现方式中的方法的模块。
第九方面,提供一种第二网络设备,所述第二网络设备包括控制器和第二转发子设备。所述第二转发子设备包括:接口板,进一步,还可以包括交换网板。所述第二转发子设备用于执行第八方面中的接口板的功能,进一步,还可以执行第八方面中交换网板的功能。所述控制器包括接收器、处理器、发送器、随机存取存储器、只读存储器以及总线。其中,处理器通过总线分别耦接接收器、发送器、随机存取存储器以及只读存储器。其中,当需要运行控制器时,通过固化在只读存储器中的基本输入/输出系统或者嵌入式系统中的bootloader引导系统进行启动,引导控制器进入正常运行状态。在控制器进入正常运行状态后,在随机存取存储器中运行应用程序和动作系统,使得该处理器执行第八方面中主控板的功能。
第十方面,提供了一种计算机存储介质,用于储存为上述第二网络设备所用的程序、代码或指令,当处理器或硬件设备执行这些程序、代码或指令时可以完成上述第二方面中第二网络设备的功能或步骤。
第十一方面,提供一种集成电路,该集成电路包括控制电路和接口电路,所述集成电路可以完成上述第一方面中第一网络设备的功能或步骤。
第十二方面,提供一种集成电路,该集成电路包括控制电路和接口电路,所述集成电路可以完成上述第二方面中第二网络设备的功能或步骤。
第十三方面,提供一种网络系统,所述网络系统包括第一网络设备和第二网络设备,所述第一网络设备为前述第三方面或第四方面或第五方面中的第一网络设备,所述第二网络设备为前述第七方面或第八方面或第九方面中的第二网络设备。
通过上述方案,第一网络设备可以将向网络切片进行引流的匹配规则和转发策略,通过控制消息发送给第二网络设备;相应的,所述第二网络设备在接收到所述控制消息后,根据引流动作项将匹配引流匹配项的数据报文引导至相应的网络切片,从而实现基于网络切片对数据报文的引流。
图1为本申请实施例的一种通信网络结构示意图;
图2为本申请实施例的一种引流的方法流程图;
图3为本申请实施例的第一网络设备的结构示意图;
图4为本申请实施例的第一网络设备的硬件结构示意图;
图5为本申请实施例的另一种第一网络设备的硬件结构示意图;
图6为本申请实施例的第二网络设备的结构示意图;
图7为本申请实施例的第二网络设备的硬件结构示意图;
图8为本申请实施例的另一种第二网络设备的硬件结构示意图。
下面通过具体实施例,详细说明本申请的技术方案。
图1为本申请实施例的一种通信网络结构示意图。所述通信网络包括控制设备。所述通信网络还包括多个网络设备,例如R0,R1,R2,R3,R4和R5。所述通信网络例如可以是IP网络。如图1所示,控制设备与R0,R1,R2,R3,R4和R5通信,R0,R1,R2,R3和R5依次通信,R4与R1和R3分别通信。另外,图1所示的通信网络可以包括多个网络切片,例如,网络切片1,网络切片2和网络切片3。其中,在网络切片1中(如图1中“点线(dotted line)”所示),R0,R1,R2,R3和R5依次通信,R4与R1和R3分别通信。网络切片1的入口节点是R0,出口节点是R5。在网络切片2中(如图1中“虚线(dashed line)”所示),R0,R1,R2,R3和R5依次通信,R4与R1和R3分别通信。网络切片2的入口节点是R0,出口节点是R5。在网络切片3中(如图1中“粗实线(thick solid line)”所示),R0,R1,R4,R3和R5依次通信。网络切片3的入口节点是R0,出口节点是R5。需要说明的是,上述描述的关于网络切片的路径是例举。在实际业务场景中,网络切片的入口节点(源节点)和出口节点(目的节点)在确定后,入口节点和出口节点之间的转发节点是可以根据资源预留策略确定的。例如,控制设备根据资源预留策略确定网络切片的拓扑或路径,并且触发该拓扑或路径上的网络设备预留资源。又例如,控制设备向网络内的网络设备下发网络切片的资源信息(例如需要通过该网络切片承载的业务的流量信),网络中的网络设备根据资源信息和切片标识自适应的分配资源,如此这样,逐跳网络设备均 自主的分配网络切片的资源,网络切片中的转发路径也随之确定。
在图1中,示出了控制设备与R0,R1,R2,R3,R4和R5通信,以便传递控制消息。控制设备可以是控制器或者网络管理设备或者服务器或者路由反射器(route reflector,RR)。另外,在实际业务场景中,可以不部署独立的硬件实体的控制设备,而是,在通信网络中的某台网络设备中实现控制设备的功能。例如,在R1上实现控制设备的功能;又例如,在网络切片1、网络切片2和网络切片3以外的网络设备上实现控制设备的功能。
在图1中,R0,R1,R2,R3,R4和R5分别可以是路由器或交换机,还可以是服务器或者终端设备等具有转发功能的设备。其中,交换机可以是三层交换机。R0,R1,R2,R3,R4和R5在网络中的角色可以是运营商边缘(provider edge,PE)设备。如图1所示,R0是网络切片的入口节点,也可以将R0称为网络切片的源节点或者边缘节点;R5是网络切片的出口节点,也可以将R5称为网络切片的目的节点或者边缘节点。其中,R0可以连接至少一台第一用户边缘(customer edge,CE)设备,第一CE设备用于向R0传输数据报文。R5可以连接至少一台第二CE设备,第二CE设备接收R5传输的数据报文。第一CE设备和第二CE设备分别可以连接用户设备。用户设备可以被称为终端设备、移动台(Mobile Station,MS)、移动终端(Mobile Terminal,MT)或终端等。用户设备是一种向用户提供语音和/或数据连通性的设备,或,设置于该设备内的芯片。例如,用户设备可以是具有无线连接功能的手持式设备、车载设备等。用户设备可以为手机、台式电脑、平板电脑、笔记本电脑、掌上电脑、移动互联网设备(Mobile Internet Device,MID)、可穿戴设备、虚拟现实(Virtual Reality,VR)设备、增强现实(Augmented Reality,AR)设备、工业控制(Industrial Control)中的无线终端或有线终端、无人驾驶(Self Driving)中的无线终端、远程手术(Remote Medical Surgery)中的无线终端、智能电网(Smart Grid)中的无线终端、运输安全(Transportation Safety)中的无线终端、智慧城市(Smart City)中的无线终端、智慧家庭(Smart Home)中的无线终端或支持5G接入的家庭网关设备(5G→Residential Gateway,5G→RG)等。另外,用户设备也可以是企业网络中的计算机或服务器。在一种可能的实现方式中,R0,R1,R2,R3,R4和R5之间的通信链路是物理通信链路。所述物理通信链路可以是电缆或者光纤或者无线链路。R0,R1,R2,R3,R4和R5与通信链路连接的端口可以是物理端口。
如图1所示,控制设备可以向R0,R1,R2,R3,R4和R5发送控制消息。所述控制消息可以包括流规格(Flow Specification,Flowspec)信息。所述控制消息包括匹配项和动作项。R0,R1,R2,R3,R4和R5接收到所述控制消息后,获取所述匹配项和动作项。然后,R0,R1,R2,R3,R4和R5判断是否满足匹配项,并且,在满足匹配项的情况下,执行动作项指示的动作。在一种可能的实现方式中,所述控制消息可以是边界网关协议(Border Gateway Protocol,BGP)更新(update)消息。从而,基于BGP实现Flowspec信息下发的实现方式,可以被称为BGP Flowspec。另外,BGP Flowspec可以用于IPv4数据报文转发时的策略匹配,也可以用于IPv6数据报文转发时的策略匹配。BGP Flowspec的相关实现可以参见Internet工程任务组(Internet Engineering Task Force,IETF)请求注解(Request For Comments,RFC)8955和RFC 8956中的相关描述。
然而,在现有Flowspec实现中,不支持对数据报文引入网络切片的操作。也就是说, 网络设备在接收到数据报文后,无法在匹配项匹配的情况下,将所述数据报文引导至网络切片中。
针对上述问题,本申请提出了相应解决方案。如图1所示,控制设备可以向网络切片的入口节点R0发送控制消息。所述控制消息包括引流匹配项和引流动作项,所述控制消息用于指示R0根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片,例如,将数据报文引入网络切片中。
R0接收到所述控制消息后,根据所述控制消息确定转发表项,所述转发表项包括所述引流匹配项和所述引流动作项。R0可以接收数据报文,例如,R0从CE设备接收数据报文。然后,R0根据所述引流匹配项确定所述数据报文匹配所述引流匹配项;并且,R0根据所述引流动作项将所述数据报文引导至网络切片。例如,R0根据所述引流动作项确定转发动作,所述转发动作包括出接口和/或下一跳。具体的,可以通过所述引流动作项携带切片信息实现将数据报文引入对应的网络切片中。在一种可能的实现方式中,所述控制消息是BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。具体的,所述BGP路由信息是BGP flowspec信息,所述BGP flowspec信息用于携带所述引流匹配项和所述引流动作项。在另一种可能的实现方式中,所述控制消息是网络配置协议(Network Configuration Protocol,NETCONF)消息,所述NETCONF消息包括事件-条件-动作(event-condition-action,ECA)信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。因此,通过上述实现方式,基于控制消息下发匹配规则和转发策略,根据引流动作项将匹配引流匹配项的数据报文引导(steer)至相应的网络切片。
图2为本申请实施例的一种引流的方法流程图。图2所示的方法可以应用在图1所示的网络结构中。其中,图2中的第一网络设备可以相当于图1中的控制设备,图2中的第二网络设备可以相当于图1中的R0。在本申请实施方式中,针对图2中的第一网络设备和第二网络设备之间的交互进行说明,应当理解,所述第一网络设备和所述第二网络设备之间的通信链路上可以包括其他的网络设备。具体地,所述方法包括:
S101、所述第一网络设备生成控制消息,所述控制消息包括引流匹配项和引流动作项,所述控制消息用于指示所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片。
所述控制消息包括所述引流匹配项和所述引流动作项。所述引流匹配项是所述第一网络设备确定的匹配策略或者匹配规则。因此,所述引流匹配项可以包括至少一个匹配信息。举例说明,以下至少一种信息可以作为所述引流匹配项中的匹配信息:源IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。其中,源IP地址是指数据报文的报文头中包括的源IP地址,例如数据报文的发送设备的IP地址。目的IP地址是指数据报文的报文头中包括的目的IP地址,例如数据报文的接收设备的IP地址。源端口号是指数据报文的报文头中包括的源端口号,例如发送数据报文的端口标识。目的端口号是指数据报文的报文头中包括的目的端口号,例如接收数据报文的端口标识。协议号是指数据报文的报文头中包括的协议号,例如数据报文遵循的协议标识。流标签是指数据报文的报文头中包括的流标签,例如,流标签指示数据报文所述的数据流。优先级是指数据报文的报 文头中包括的优先级,例如业务优先级。因此,第二网络设备在接收到控制报文后,可以从传输的数据报文中获取与匹配信息类型相同的信息,例如,可以从传输的所述数据报文的报文头中获取与匹配信息类型相同的信息,并使用报文头中的相应信息与匹配信息进行比较。例如,引流匹配项1中的匹配信息包括<目的IP地址:100.100.100.1/24,源IP地址:99.99.99.1/24>。所述第二网络设备接收到数据报文1后,从数据报文1的报文头中获取目的IP地址和源IP地址。如果所述数据报文1的目的IP地址=100.100.100.1/24,且数据报文1的源IP地址=99.99.99.1/24,所述第二网络设备可以确定所述数据报文1匹配所述引流匹配项1。
所述引流动作项所述第一网络设备确定的、对数据报文的处理动作。也就是说,当第二网络设备确定数据报文匹配所述引流匹配项的情况下,所述引流动作项有效,相应的,所述第二网络设备将按照引流动作项指示的动作处理所述数据报文。所述引流动作项包括切片信息,所述切片信息用于指示网络切片。如此这样,所述第二网络设备在确定所述数据报文匹配所述引流匹配项的情况下,根据所述引流动作项中的切片信息将所述数据报文引导至所述网络切片中,从而,所述网络切片传输所述数据报文。在一种可能的实现方式中,切片信息包括切片标识。例如,切片标识的值为100,用于指示图1中的网络切片1。在另一种可能的实现方式中,切片信息包括段列表(segment list),所述段列表包括多个段标识(segment identifier,SID)。因此,段列表也可以被称为段标识列表。段列表可以被认为是与切片相关联的段标识列表。例如,如图1所示,R0的SID=A3,R1的SID=B3,R4的SID=C3,R3的SID=D3和R5的SID=E3。则段列表为<A3,B3,C3,D3,E3>用于指示图1中的网络切片3。在又一种可能的实现方式中,切片信息包括切片标识和段列表。例如,切片标识的值为200,并且段列表为<A,B,C,D,E,F>用于指示图1中的网络切片2。其中,切片标识的值为200用于指示网络切片2,段列表为<A,B,C,D,E,F>用于指示网络切片2中的一条显示的路径。需要说明的是,当切片信息包括段列表,而不包括切片标识的情况下,段列表中的SID只在所需要指示的网络切片内有效,且用于指示对应的网络切片,例如前述的段列表为<A3,B3,C3,D3,E3>。
在一种可能的实现方式中,所述控制消息可以是BGP更新消息。所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。具体的,所述BGP路由信息是BGP flowspec信息。因此,所述引流匹配项和所述引流动作项可以基于Flowspec技术实现,也就是说,所述引流匹配项和所述引流动作项可以被认为是基于BGP Flowspec技术实现。具体的,所述BGP更新消息包括BGP flowspec信息,所述BGP flowspec信息包括所述引流匹配项和所述引流动作项。
举例说明,所述BGP flowspec信息包括网络层可达信息(network layer reachability information,NLRI)。所述NLRI用于携带所述引流匹配项。具体的,所述NLRI包括多协议扩展可达NLRI(Multi-Protocol Reachable NLRI,MP_REACH_NLRI)属性,所述MP_REACH_NLRI属性包括地址族标识(address family identifier,AFI)字段和NLRI字段。所述AFI字段的取值用于指示所述NLRI携带的信息是BGP flowspec信息。所述NLRI字段可以用于携带所述引流匹配项。类似的实现方式,所述NLRI还可以用于携带所述引流动作项,具体的,所述NLRI字段可以用于携带所述引流动作项。
举例说明,所述BGP flowspec信息还包括路由属性,所述路由属性可以用于携带所述引流动作项。例如,所述引流动作项可以作为新的BGP的扩展团体(Extended Community)属性或宽团体(Wide Community)属性,被携带在BGP更新消息的扩展团体属性字段或宽团体属性字段中。其中,扩展团体属性和宽团体属性属于路由属性,即携带所述引流动作项的扩展团体属性字段或宽团体属性字段可以是BGP路由属性信息中的一种。
可选的,扩展团体属性用于携带所述引流动作项的情况下,所述引流动作项可以按照下述格式实现:
在上述信息格式实现中,类型(Type)和子类型(Sub-type)的长度分别为1字节,用于指示上述扩展团体属性的类型。例如,类型(Type)和子类型(Sub-type)用于指示上述扩展团体属性是BGP引流团体属性。标志(Flags)的长度为1字节,用于预留或者用于指示其他功能。引流动作类型(Traffic steering action type)的长度为1字节,用于指示引流动作是引流到网络切片,也就是说,所述引流动作类型用于指示所述引流动作项的类型是网络切片。所述切片信息的长度为4字节,用于指示网络切片。网络设备在获取上述信息后,根据所述引流动作类型确定引流动作项指示的引流动作是将数据报文引导至网络切片。然后,所述网络设备可以根据所述切片信息,确定将所述数据报文引导至所述切片信息指示的网络切片。
可选的,扩展团体属性用于携带所述引流动作项的情况下,所述引流动作项还可以按照下述格式实现:
类型(Type) |
子类型(Sub-type) |
标志(Flags) |
切片信息 |
在上述信息格式实现中,类型(Type)和子类型(Sub-type)的长度分别为1字节,用于指示上述扩展团体属性的类型。例如,类型(Type)和子类型(Sub-type)用于指示上述扩展团体属性是针对网路切片的BGP引流团体属性。标志(Flags)的长度为2字节,用于预留或者用于指示其他功能。所述切片信息的长度为4字节,用于指示网络切片。网络设备在获取上述信息后,可以根据所述切片信息,确定将所述数据报文引导至所述切片信息指示的网络切片。
可选的,新的路由属性用于携带所述引流动作项的情况下,所述引流动作项可以按照下述格式实现:
属性标志(Attribute flag) |
属性类型(Attribute type) |
长度(Length) |
标志(Flags) |
切片信息 |
在上述信息格式实现中,属性标志(Attribute flag)和属性类型(Attribute type)的长度分别为1字节,用于指示上述路由属性的类型。例如,属性标志(Attribute flag)和属性类型(Attribute type)用于指示上述路由属性是BGP引流路由属性。长度(Length)字段的长度为1字节或2字节,用于指示上述路由属性的长度。标志(Flags)的长度为1字节,用于预留或者用于指示其他功能。所述切片信息的长度为4字节,用于指示网络切片。网络设备在获取上述信息后,可以根据所述切片信息,确定将所述数据报文引导至所述切片信息指示的网络切片。
需要说明的是,在本申请实施方式中,所述BGP路由信息还可以使用除BGP flowspec信息以外的其他的BGP路由信息实现,例如,新定义一种BGP路由信息,用于实现上述方案。
在另一种可能的实现方式中,所述引流匹配项和所述引流动作项可以基于NETCONF技术实现。所述控制消息可以是NETCONF消息。所述NETCONF消息包括ECA信息,其中,所述ECA信息中事件用于指示“接收到数据报文”,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。网络设备在获取上述信息后,根据ECA信息中的事件确定需要对接收到的数据报文进行匹配;然后,所述网络设备根据所述ECA中的条件确定数据报文是否符合匹配条件,并且,在符合匹配条件的情况下,所述网络设备根据所述ECA中的动作将所述数据报文引导至所述切片信息指示的网络切片。
S102、所述第一网络设备向所述第二网络设备发送所述控制消息。
S103、所述第二网络设备接收所述第一网络设备发送所述控制消息。
根据前述,所述引流匹配项和所述引流动作项可以基于Flowspec技术实现。所述控制消息可以是BGP更新消息。如此这样,所述BGP更新消息包括BGP flowspec信息,所述BGP flowspec信息包括所述引流匹配项和所述引流动作项。
根据前述,所述引流匹配项和所述引流动作项还可以基于NETCONF技术实现。所述控制消息可以是NETCONF消息。如此这样,所述NETCONF消息包括ECA信息,所述ECA信息包括所述引流匹配项和所述引流动作项。
所述第一网络设备可以是独立部署的控制设备(如图1中所示的控制设备),例如,控制设备可以是控制器或者网络管理设备或者服务器或者RR。所述第一网络设备也可以是网络切片1、网络切片2或网络切片3中的网络设备(如图1中所示的R1),或者,所述第一网络设备也可以是网络切片1、网络切片2和网络切片3以外的网络设备(例如,网络切片4的入口节点),如此这样,所述第一网络设备是一台具有控制设备功能的转发设备。
S104、所述第二网络设备接收数据报文。
举例说明,如图1所示,所述第二网络设备是R0。R0可以连接至少一台CE设备,例如R0连接第一CE设备(图1中的第三网络设备)。所述第一CE设备向R0发送所述数据报文。所述数据报文中可以携带以下信息中的至少一种信息:源IP地址、目的IP地址、 源端口号、目的端口号、协议号、流标签和优先级。R0接收所述第一CE设备发送的所述数据报文。所述R0是网络切片1、网络切片2或网络切片3的入口节点。
S105、所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
举例说明,如图1所示,R0接收到控制消息后,从控制消息中获取所述引流匹配项和所述引流动作项。并且,R0在接收到数据报文后,确定是否要将所述数据报文引入到网络切片中。根据图1,R0是网络切片1、网络切片2和网络切片3的入口节点。因此,R0确定是否要将所述数据报文引入到网络切片中,进而,确定需要将所述数据报文引入到哪个网络切片(网络切片1、网络切片2或网络切片3)。
具体的,R0获取所述数据报文中的信息,并且,R0确定所述数据报文中的信息是否匹配所述引流匹配项中的信息。例如,所述数据报文中的目的IP地址为100.100.100.1/24和源IP地址为99.99.99.1/24;所述引流匹配项中的信息包括<目的IP地址:100.100.100.1/24,源IP地址:99.99.99.1/24>,从而,R0确定所述数据报文匹配所述引流匹配项。又例如,所述数据报文携带的优先级等级为1(假设优先级等级的值越小,优先级等级越高);所述引流匹配项中的信息包括<优先级等级“高于”3>,因此,R0可以确定所述数据报文中携带的优先级等级高于3,从而,R0确定所述数据报文匹配所述引流匹配项。可选的,所述引流匹配项中包括的匹配条件可以为1个,也可以为多个。
R0在确定所述数据报文匹配所述引流匹配项的情况下,所述控制消息中的所述引流动作项生效。R0根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。例如,所述引流动作项中包括的切片信息是网络切片1的切片标识100。R0根据网络切片1的切片标识100将所述数据报文引导至网络切片1。又例如,所述引流动作项中包括的切片信息是网络切片3的段列表<A3,B3,C3,D3,E3>。R0根据网络切片3的段列表<A3,B3,C3,D3,E3>将所述数据报文引导至网络切片3。又例如,述引流动作项中包括的切片信息是网络切片2的切片标识200和标识路径的段列表<A,B,C,D,E,F>。R0根据网络切片2的切片标识200和段列表<A,B,C,D,E,F>将所述数据报文引导至网络切片2中的一条显示的路径。
在一种可能的实现方式中,所述第二网络设备根据所述控制消息确定转发表项,所述转发表项包括所述引流匹配项和所述引流动作项。
举例说明,如图1所示,R0在接收到所述控制消息后,根据所述控制消息生成所述转发表项。从而,转发表项包括所述引流匹配项和所述引流动作项。R0可以将所述,转发表项保存在转发表中。结合前述,R0可以基于所述转发表项,根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
可选的,所述转发表项可以包括转发动作,所述转发动作包括出接口和/或下一跳。其中,转发动作是R0根据所述引流动作项确定得到的。具体的,R0可以根据所述引流动作项确定转发路径,然后,R0根据所述转发路径确定所述转发动作。如此这样,R0所述引流匹配项确定数据报文匹配所述引流匹配项;然后,R0根据所述引流动作项确定所述数据报文的出接口和/或下一跳;并且,R0根据所述数据报文的出接口和/或下一跳转发所述数据报文。从而,实现R0将所述数据报文引导至网络切片。例如,R0在接收到所述数据报 文后,确定所述数据报文匹配所述引流匹配项;然后,R0根据所述转发表项中的转发动作,确定R0上的对应网络切片1的出接口1;进而,R0从出接口1发出所述数据报文,所述数据报文进入网络切片1。
在一种可能的实现方式中,所述第二网络设备在所述数据报文中添加所述切片信息。
举例说明,根据前述,R0是网络切片的入口节点,R0在接收到所述控制消息后,根据所述引流匹配项和所述引流动作项可以将所述数据报文引入网络切片,例如网络切片1。因此,所述数据报文可以沿着网络切片1的转发路径进行转发。R0在向网络切片1的下一跳发送所述数据报文之前,R0可以在所述数据报文中添加网络切片1的切片信息,例如网络切片1的切片标识100,从而获得添加了切片标识100的更新的数据报文。然后,R0根据所述引流动作项将更新的数据报文(携带切片标识100)引入网络切片1,也就是说,沿着网络切片1的转发路径,将更新的数据报文发送到R1。这样,R1在获得更新的数据报文后,可以根据更新的数据报文中的切片标识100转发数据报文。R1可以无需按照所述引流匹配项和所述引流动作项进行引流。所述网络切片1上的后续节点也可以按照R1的实现方式进行转发。
通过上述实现方式,第一网络设备可以将向网络切片进行引流的匹配规则和转发策略,通过控制消息发送给第二网络设备;相应的,所述第二网络设备在接收到所述控制消息后,根据引流动作项将匹配引流匹配项的数据报文引导至相应的网络切片。
图3为本申请实施例的第一网络设备1000的结构示意图。图3所示的第一网络设备1000可以执行上述实施例的方法中第一网络设备执行的相应步骤。所述第一网络设备1000被部署在通信网络中,所述通信网络还包括第二网络设备。其中,所述第一网络设备1000可以是控制设备,控制设备可以是控制器或者网络管理设备或者服务器或者RR。如图3所示,所述第一网络设备1000包括处理单元1004和发送单元1006。
所述处理单元1004,用于生成控制消息,所述控制消息包括引流匹配项和引流动作项;
所述发送单元1006,用于向第二网络设备发送所述控制消息,所述控制消息用于指示所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片。
可选的,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
可选的,所述切片信息包括切片标识和/或段列表。
可选的,所述引流匹配项用于对所述数据报文中的信息进行匹配。
可选的,所述控制消息是BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
可选的,所述BGP路由信息为BGP flowspec信息。
可选的,所述BGP flowspec信息包括路由属性和NLRI,其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
可选的,所述引流动作项还包括引流动作类型,所述引流动作类型用于指示引流动作是引流到网络切片。
可选的,所述引流匹配项被携带在所述NLRI中。
可选的,所述控制消息是NETCONF消息,所述NETCONF消息包括ECA信息,其 中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
可选的,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
图3所示的第一网络设备1000可以执行上述实施例的方法中第一网络设备执行的相应步骤。第一网络设备向第二网络设备发送的控制消息中携带有引流匹配项和引流动作项,从而指示所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片。
图4为本申请实施例的第一网络设备1100的硬件结构示意图。图4所示的第一网络设备1100可以执行上述实施例的方法中第一网络设备执行的相应步骤。
如图4所示,所述第一网络设备1100包括处理器1101、存储器1102、接口1103和总线1104。其中接口1103可以通过无线或有线的方式实现。上述处理器1101、存储器1102和接口1103通过总线1104连接。
所述接口1103具体可以包括发送器和接收器,用于第一网络设备与上述实施例中的第二网络设备之间收发信息。例如,所述接口1103用于支持向所述第二网络设备发送控制消息。作为举例,所述接口1103用于支持图2中的过程S102。所述处理器1101用于执行上述实施例中由第一网络设备进行的处理。例如,所述处理器1101用于执行生成所述控制消息的动作;和/或用于本文所描述的技术的其他过程。作为举例,所述处理器1101用于支持图2中的过程S101。存储器1102,用于存储程序、代码或指令,例如,存储动作系统11021和应用程序11022,当处理器或硬件设备执行这些程序、代码或指令时可以完成方法实施例中涉及第一网络设备的处理过程。可选地,所述存储器1102可以包括只读存储器(Read-only Memory,ROM)和随机存取存储器(Random Access Memory,RAM)。其中,所述ROM包括基本输入/输出系统(Basic Input/Output System,BIOS)或嵌入式系统;所述RAM包括应用程序和动作系统。当需要运行第一网络设备1100时,通过固化在ROM中的BIOS或者嵌入式系统中的bootloader引导系统进行启动,引导第一网络设备1100进入正常运行状态。在第一网络设备1100进入正常运行状态后,运行在RAM中的应用程序和动作系统,从而,完成方法实施例中涉及第一网络设备的处理过程。
可以理解的是,图4仅仅示出了第一网络设备1100的简化设计。在实际应用中,第一网络设备可以包含任意数量的接口,处理器或者存储器。
图5为本申请实施例的另一种第一网络设备1200的硬件结构示意图。图5所示的第一网络设备1200可以执行上述实施例的方法中第一网络设备执行的相应步骤。
如图5所述,第一网络设备1200包括:主控板1210、接口板1230、交换网板1220和接口板1240。主控板1210、接口板1230和1240,以及交换网板1220之间通过系统总线与系统背板相连实现互通。其中,主控板1210用于完成系统管理、设备维护、协议处理等功能。交换网板1220用于完成各接口板(接口板也称为线卡或业务板)之间的数据交换。接口板1230和1240用于提供各种业务接口(例如,POS接口、GE接口、ATM接口等),并实现数据包的转发。在一种可能的实现中,第一网络设备2200是控制器或者网络管理设备或者服务器或者RR。
接口板1230可以包括中央处理器1231、转发表项存储器1234、物理接口卡1233和网络处理器1232。其中,中央处理器1231用于对接口板进行控制管理并与主控板上的中央处理器进行通信。转发表项存储器1234用于保存转发表项。物理接口卡1233用于完成流量的接收和发送。网络存储器1232用于根据所述转发表项控制物理接口卡1233收发流量。
具体地,物理接口卡1233用于用于向所述第二网络设备发送所述控制消息。具体的,中央处理器1231用于控制网络处理器1232经由物理接口卡1233向所述第二网络设备发送所述控制消息。
可选的,中央处理器1211生成所述控制消息,所述中央处理器1211将所述控制消息发送给所述中央处理器1231,所述中央处理器1231根据所述控制消息中的信息,控制网络处理器1232经由物理接口卡1233向所述第二网络设备发送所述控制消息。
可选的,中央处理器1211向所述中央处理器1231发送控制信息,所述中央处理器1231生成所述控制消息,并且,所述中央处理器1231根据所述控制消息中的信息,控制网络处理器1232经由物理接口卡1233向所述第二网络设备发送所述控制消息。
应理解,本发明实施例中接口板1240上的动作与所述接口板1230的动作一致,为了简洁,不再赘述。应理解,本实施例的第一网络设备1200可对应于上述方法实施例所具有的功能和/或所实施的各种步骤,在此不再赘述。
此外,需要说明的是,主控板可能有一块或多块,有多块的时候可以包括主用主控板和备用主控板。接口板可能有一块或多块,第一网络设备的数据处理能力越强,提供的接口板越多。接口板上的物理接口卡也可以有一块或多块。交换网板可能没有,也可能有一块或多块,有多块的时候可以共同实现负荷分担冗余备份。在集中式转发架构下,第一网络设备可以不需要交换网板,接口板承担整个系统的业务数据的处理功能。在分布式转发架构下,第一网络设备可以有至少一块交换网板,通过交换网板实现多块接口板之间的数据交换,提供大容量的数据交换和处理能力。所以,分布式架构的第一网络设备的数据接入和处理能力要大于集中式架构的设备。具体采用哪种架构,取决于具体地组网部署场景,此处不做任何限定。
另外,本申请实施例提供了一种计算机存储介质,用于储存为上述第一网络设备所用的计算机软件指令,其包含用于执行上述方法实施例所设计的程序。
图6为本申请实施例的第二网络设备2000的结构示意图。图6所示的第二网络设备2000可以执行上述实施例的方法中第二网络设备执行的相应步骤。所述第二网络设备被部署在通信网络中,所述通信网络还包括第一网络设备。如图6所示,所述第二网络设备2000包括接收单元2002和处理单元2004。
所述接收单元2002,用于接收第一网络设备发送控制消息,所述控制消息包括引流匹配项和引流动作项;
所述接收单元2002还用于接收数据报文;
所述处理单元2004,用于根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
可选的,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
可选的,所述切片信息包括切片标识和/或段列表。
可选的,所述引流匹配项用于对所述数据报文中的信息进行匹配。
可选的,所述控制消息是BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
可选的,所述BGP路由信息为所述BGP更新消息包括BGP flowspec信息。
可选的,所述BGP flowspec信息包括路由属性和NLRI,其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
可选的,所述引流动作项还包括引用动作类型,所述引用动作类型用于指示引流动作是引流到网络切片。
可选的,所述引流匹配项被携带在所述NLRI中。
可选的,所述控制消息是NETCONF消息,所述NETCONF消息包括ECA信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
可选的,在所述处理单元2004根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片中,所述处理单元2004具体用于:根据所述控制消息确定转发表项,所述转发表项包括所述引流匹配项和所述引流动作项。
可选的,在所述处理单元2004根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片中,所述处理单元2004具体用于:根据所述引流匹配项确定所述数据报文匹配所述引流匹配项;根据所述引流动作项确定转发动作,所述转发动作包括出接口和/或下一跳;根据所述转发动作转发所述数据报文。
可选的,在所述处理单元2004根据所述转发动作转发所述数据报文之前,所述处理单元2004还用于:在所述数据报文中添加所述切片信息。
可选的,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
图6所示的第二网络设备2000可以执行上述实施例的方法中第二网络设备执行的相应步骤。所述第二网络设备接收第一网络设备发送的控制消息,所述控制消息包括引流匹配项和引流动作项。然后,作为接收端设备的第二网络设备可以根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
图7为本申请实施例的第二网络设备2100的硬件结构示意图。图7所示的第二网络设备2100可以执行上述实施例的方法中第二网络设备执行的相应步骤。
如图7所示,所述第二网络设备2100包括处理器2101、存储器2102、接口2103和总线2104。其中接口2103可以通过无线或有线的方式实现。上述处理器2101、存储器2102和接口2103通过总线2104连接。
所述接口2103具体可以包括发送器和接收器,用于第二网络设备与上述实施例中的第一网络设备之间收发信息或数据;或者用于第二网络设备与上述实施例中的第三网络设备之间收发信息或数据。例如,所述接口2103用于支持接收所述第一网络设备发送的控制消息,或者,用于支持接收所述第三网络设备发送的数据报文。作为举例,所述接口2103用于支持图2中的过程S103和S105。所述处理器2101用于执行上述实施例中由第二网络设备进行的处理。例如,所述处理器2101用于获取所述控制消息中的引流匹配项和引流动作 项、以及根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片;和/或用于本文所描述的技术的其他过程。作为举例,所述处理器2101用于支持图2中的过程S105。存储器2102包括动作系统21021和应用程序21022,用于存储程序、代码或指令,当处理器或硬件设备执行这些程序、代码或指令时可以完成方法实施例中涉及第二网络设备的处理过程。可选地,所述存储器2102可以包括只读存储器(Read-only Memory,ROM)和随机存取存储器(Random Access Memory,RAM)。其中,所述ROM包括基本输入/输出系统(Basic Input/Output System,BIOS)或嵌入式系统;所述RAM包括应用程序和动作系统。当需要运行第二网络设备2100时,通过固化在ROM中的BIOS或者嵌入式系统中的bootloader引导系统进行启动,引导第二网络设备2100进入正常运行状态。在第二网络设备2100进入正常运行状态后,运行在RAM中的应用程序和动作系统,从而,完成方法实施例中涉及第二网络设备的处理过程。
可以理解的是,图7仅仅示出了第二网络设备2100的简化设计。在实际应用中,第二网络设备可以包含任意数量的接口,处理器或者存储器。
图8为本申请实施例的另一种第二网络设备2200的硬件结构示意图。图8所示的第二网络设备2200可以执行上述实施例的方法中第二网络设备执行的相应步骤。
如图8所述,第二网络设备2200包括:主控板2210、接口板2230、交换网板2220和接口板2240。主控板2210、接口板2230和2240,以及交换网板2220之间通过系统总线与系统背板相连实现互通。其中,主控板2210用于完成系统管理、设备维护、协议处理等功能。交换网板2220用于完成各接口板(接口板也称为线卡或业务板)之间的数据交换。接口板2230和2240用于提供各种业务接口(例如,POS接口、GE接口、ATM接口等),并实现数据包的转发。在一种可能的实现中,第二网络设备2200是转发设备。
接口板2230可以包括中央处理器2231、转发表项存储器2234、物理接口卡2233和网络处理器2232。其中,中央处理器2231用于对接口板进行控制管理并与主控板2210上的中央处理器2211进行通信。转发表项存储器2234用于保存转发表项。物理接口卡2233用于完成流量的接收和发送。网络存储器2232用于根据所述转发表项控制物理接口卡2233收发流量。
具体地,物理接口卡2233用于接收所述第一网络设备发送的控制消息。物理接口卡2233还用于转发数据报文。
物理接口卡2233接收到所述控制消息后,将所述控制消息发送到中央处理器2231,所述中央处理器2231根据所述控制消息的报文头中的信息确定所述控制消息需要由所述中央处理器2231处理,相应的,中央处理器2231处理所述控制消息。
可选地,物理接口卡2233接收到所述控制消息后,将所述控制消息发送到中央处理器2231,所述中央处理器2231根据所述控制消息的报文头中的信息确定所述控制消息需要由中央处理器2211处理,所述中央处理器2231将所述控制消息上送到中央处理器2211,所述中央处理器2211处理所述控制消息。
中央处理器2231还用于控制网络处理器2232获取转发表项存储器2234中的转发表项,并且,中央处理器2231还用于控制网络存储器2232经由物理接口卡2233完成流量的接收和发送。
应理解,本发明实施例中接口板2240上的动作与所述接口板2230的动作一致,为了简洁,不再赘述。应理解,本实施例的第二网络设备2200可对应于上述方法实施例所具有的功能和/或所实施的各种步骤,在此不再赘述。
此外,需要说明的是,主控板可能有一块或多块,有多块的时候可以包括主用主控板和备用主控板。接口板可能有一块或多块,第二网络设备的数据处理能力越强,提供的接口板越多。接口板上的物理接口卡也可以有一块或多块。交换网板可能没有,也可能有一块或多块,有多块的时候可以共同实现负荷分担冗余备份。在集中式转发架构下,第二网络设备可以不需要交换网板,接口板承担整个系统的业务数据的处理功能。在分布式转发架构下,第二网络设备可以有至少一块交换网板,通过交换网板实现多块接口板之间的数据交换,提供大容量的数据交换和处理能力。所以,分布式架构的第二网络设备的数据接入和处理能力要大于集中式架构的设备。具体采用哪种架构,取决于具体地组网部署场景,此处不做任何限定。
另外,本申请实施例提供了一种计算机存储介质,用于储存为上述第二网络设备所用的计算机软件指令,其包含用于执行上述方法实施例所设计的程序。
本申请实施例还包括一种网络系统,所述网络系统包括第一网络设备和第二网络设备,所述第一网络设备为前述图3或图4或图5中的第一网络设备,所述第二网络设备为前述图6或图7或图8中的第二网络设备。
结合本申请公开内容所描述的方法或者算法的步骤可以硬件的方式来实现,也可以是由处理器执行软件指令的方式来实现。软件指令可以由相应的软件模块组成,软件模块可以被存放于RAM存储器、闪存、ROM存储器、EPROM存储器、EEPROM存储器、寄存器、硬盘、移动硬盘、CD-ROM或者本领域熟知的任何其它形式的存储介质中。一种示例性的存储介质耦合至处理器,从而使处理器能够从该存储介质读取信息,且可向该存储介质写入信息。当然,存储介质也可以是处理器的组成部分。处理器和存储介质可以位于ASIC中。另外,该ASIC可以位于用户设备中。当然,处理器和存储介质也可以作为分立组件存在于用户设备中。
本领域技术人员应该可以意识到,在上述一个或多个示例中,本申请所描述的功能可以用硬件或者用硬件和软件的组合来实现。当使用硬件和软件的组合实现时,可以将这些软件存储在计算机可读介质中或者作为计算机可读介质上的一个或多个指令或代码进行传输。计算机可读介质包括计算机存储介质和通信介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何介质。存储介质可以是通用或专用计算机能够存取的任何可用介质。
以上所述的具体实施方式,对本申请的目的、技术方案和有益效果进行了进一步详细说明。所应理解的是,以上所述仅为本申请的具体实施方式而已。
Claims (51)
- 一种引流的方法,其特征在于,所述方法包括:第一网络设备生成控制消息,所述控制消息包括引流匹配项和引流动作项;所述第一网络设备向第二网络设备发送所述控制消息,所述控制消息用于指示所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片。
- 如权利要求1所述的方法,其特征在于,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
- 如权利要求2所述的方法,其特征在于,所述切片信息包括切片标识和/或段列表。
- 如权利要求1-3中任一项所述的方法,其特征在于,所述引流匹配项用于对所述数据报文中的信息进行匹配。
- 如权利要求1-4中任一项所述的方法,其特征在于,所述控制消息是边界网关协议BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
- 如权利要求5所述的方法,其特征在于,所述BGP路由信息为边界网关协议流规则BGP flowspec信息。
- 如权利要求6所述的方法,其特征在于,所述BGP flowspec信息包括路由属性和网络层可达性信息NLRI,其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
- 如权利要求1-7中任一项所述的方法,其特征在于,所述引流动作项还包括引流动作类型,所述引流动作类型用于指示引流动作是引流到网络切片。
- 如权利要求7所述的方法,其特征在于,所述引流匹配项被携带在所述NLRI中。
- 如权利要求1-4中任一项所述的方法,其特征在于,所述控制消息是网络配置协议NETCONF消息,所述NETCONF消息包括事件-条件-动作ECA信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
- 如权利要求1-10中任一项所述的方法,其特征在于,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
- 一种引流的方法,其特征在于,所述方法包括:第二网络设备接收第一网络设备发送的控制消息,所述控制消息包括引流匹配项和引流动作项;所述第二网络设备接收数据报文;所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
- 如权利要求12所述的方法,其特征在于,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
- 如权利要求13所述的方法,其特征在于,所述切片信息包括切片标识和/或段列表。
- 如权利要求12-14中任一项所述的方法,其特征在于,所述引流匹配项用于对所述数据报文中的信息进行匹配。
- 如权利要求12-15中任一项所述的方法,其特征在于,所述控制消息是边界网关协议BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
- 如权利要求16所述的方法,其特征在于,所述BGP路由信息为所述BGP更新消息包括边界网关协议流规则BGP flowspec信息。
- 如权利要求17所述的方法,其特征在于,所述BGP flowspec信息包括路由属性和网络层可达性信息NLRI,其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
- 如权利要求12-18中任一项所述的方法,其特征在于,所述引流动作项还包括引流动作类型,所述引流动作类型用于指示引流动作是引流到网络切片。
- 如权利要求17所述的方法,其特征在于,所述引流匹配项被携带在所述NLRI中。
- 如权利要求12-15中任一项所述的方法,其特征在于,所述控制消息是网络配置协议NETCONF消息,所述NETCONF消息包括事件-条件-动作ECA信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
- 如权利要求12-21中任一项所述的方法,其特征在于,所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片,包括:所述第二网络设备根据所述控制消息确定转发表项,所述转发表项包括所述引流匹配项和所述引流动作项。
- 如权利要求12-22中任一项所述的方法,其特征在于,所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片,包括:所述第二网络设备根据所述引流匹配项确定所述数据报文匹配所述引流匹配项;所述第二网络设备根据所述引流动作项确定转发动作,所述转发动作包括出接口和/或下一跳;所述第二网络设备根据所述转发动作转发所述数据报文。
- 如权利要求23所述的方法,其特征在于,所述第二网络设备根据所述转发动作转发所述数据报文之前,所述方法还包括:所述第二网络设备在所述数据报文中添加所述切片信息。
- 如权利要求12-24中任一项所述的方法,其特征在于,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
- 一种第一网络设备,其特征在于,所述第一网络设备包括:处理单元,用于生成控制消息,所述控制消息包括引流匹配项和引流动作项;发送单元,用于向第二网络设备发送所述控制消息,所述控制消息用于指示所述第二网络设备根据所述引流动作项将匹配所述引流匹配项的数据报文引导至网络切片。
- 如权利要求26所述的第一网络设备,其特征在于,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
- 如权利要求27所述的第一网络设备,其特征在于,所述切片信息包括切片标识和/或段列表。
- 如权利要求26-28中任一项所述的第一网络设备,其特征在于,所述引流匹配项用于对所述数据报文中的信息进行匹配。
- 如权利要求26-29中任一项所述的第一网络设备,其特征在于,所述控制消息是边界网关协议BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
- 如权利要求30所述的第一网络设备,其特征在于,所述BGP路由信息为边界网关协议流规则BGP flowspec信息。
- 如权利要求31所述的第一网络设备,其特征在于,所述BGP flowspec信息包括路由属性和网络层可达性信息NLRI,其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
- 如权利要求26-32中任一项所述的第一网络设备,其特征在于,所述引流动作项还包括引流动作类型,所述引流动作类型用于指示引流动作是引流到网络切片。
- 如权利要求32所述的第一网络设备,其特征在于,所述引流匹配项被携带在所述NLRI中。
- 如权利要求26-29中任一项所述的第一网络设备,其特征在于,所述控制消息是网络配置协议NETCONF消息,所述NETCONF消息包括事件-条件-动作ECA信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
- 如权利要求26-35中任一项所述的第一网络设备,其特征在于,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
- 一种第二网络设备,其特征在于,所述第二网络设备包括:接收单元,用于接收第一网络设备发送控制消息,所述控制消息包括引流匹 配项和引流动作项;所述接收单元还用于接收数据报文;处理单元,用于根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片。
- 如权利要求37所述的第二网络设备,其特征在于,所述引流动作项包括切片信息,所述切片信息用于指示所述网络切片。
- 如权利要求38所述的第二网络设备,其特征在于,所述切片信息包括切片标识和/或段列表。
- 如权利要求37-39中任一项所述的第二网络设备,其特征在于,所述引流匹配项用于对所述数据报文中的信息进行匹配。
- 如权利要求37-40中任一项所述的第二网络设备,其特征在于,所述控制消息是边界网关协议BGP更新消息,所述BGP更新消息包括BGP路由信息,所述BGP路由信息用于携带所述引流匹配项和所述引流动作项。
- 如权利要求41所述的第二网络设备,其特征在于,所述BGP路由信息为所述BGP更新消息包括边界网关协议流规则BGP flowspec信息。
- 如权利要求42所述的第二网络设备,其特征在于,所述BGP flowspec信息包括路由属性和网络层可达性信息NLRI,其中,所述引流动作项被携带在所述路由属性中,或者,所述引流动作项被携带在所述NLRI中。
- 如权利要求37-43中任一项所述的第二网络设备,其特征在于,所述引流动作项还包括引流动作类型,所述引流动作类型用于指示引流动作是引流到网络切片。
- 如权利要求43所述的第二网络设备,其特征在于,所述引流匹配项被携带在所述NLRI中。
- 如权利要求37-40中任一项所述的第二网络设备,其特征在于,所述控制消息是网络配置协议NETCONF消息,所述NETCONF消息包括事件-条件-动作ECA信息,其中,所述ECA信息中的动作用于携带所述引流动作项,所述ECA信息中的条件用于携带所述引流匹配项。
- 如权利要求37-46中任一项所述的第二网络设备,其特征在于,在所述处理单元根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片中,所述处理单元具体用于:根据所述控制消息确定转发表项,所述转发表项包括所述引流匹配项和所述引流动作项。
- 如权利要求37-47中任一项所述的第二网络设备,其特征在于,在所述处理单元根据所述引流动作项将匹配所述引流匹配项的所述数据报文引导至网络切片中,所述处理单元具体用于:根据所述引流匹配项确定所述数据报文匹配所述引流匹配项;根据所述引流动作项确定转发动作,所述转发动作包括出接口和/或下一跳;根据所述转发动作转发所述数据报文。
- 如权利要求48所述的第二网络设备,其特征在于,在所述处理单元根据所述转发动作转发所述数据报文之前,所述处理单元还用于:在所述数据报文中添加所述切片信息。
- 如权利要求37-49中任一项所述的第二网络设备,其特征在于,所述引流匹配项包括下列信息中的至少一种信息:源互联网协议IP地址、目的IP地址、源端口号、目的端口号、协议号、流标签和优先级。
- 一种通信网络系统,其特征在于,所述通信网络系统包括第一网络设备和第二网络设备,所述第一网络设备为权利要求26-36中任一项所述的第一网络设备,所述第二网络设备为权利要求37-50中任一项所述的第二网络设备。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP22897869.8A EP4429185A1 (en) | 2021-11-25 | 2022-11-24 | Traffic diversion method, device and system |
US18/672,493 US20240314082A1 (en) | 2021-11-25 | 2024-05-23 | Traffic steering method, device, and system |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111413611.5 | 2021-11-25 | ||
CN202111413611 | 2021-11-25 | ||
CN202210188613.7A CN116170363A (zh) | 2021-11-25 | 2022-02-28 | 一种引流的方法、设备及系统 |
CN202210188613.7 | 2022-02-28 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/672,493 Continuation US20240314082A1 (en) | 2021-11-25 | 2024-05-23 | Traffic steering method, device, and system |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2023093786A1 true WO2023093786A1 (zh) | 2023-06-01 |
Family
ID=86416989
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2022/133915 WO2023093786A1 (zh) | 2021-11-25 | 2022-11-24 | 一种引流的方法、设备及系统 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20240314082A1 (zh) |
EP (1) | EP4429185A1 (zh) |
CN (1) | CN116170363A (zh) |
WO (1) | WO2023093786A1 (zh) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110535766A (zh) * | 2018-05-25 | 2019-12-03 | 华为技术有限公司 | 一种生成路由的方法和设备 |
CN110912796A (zh) * | 2018-09-15 | 2020-03-24 | 华为技术有限公司 | 一种通信方法、设备和系统 |
JP2020053719A (ja) * | 2018-09-21 | 2020-04-02 | 株式会社Nttドコモ | ユーザ装置及びネットワークノード |
CN112511329A (zh) * | 2020-06-12 | 2021-03-16 | 中兴通讯股份有限公司 | 信息通告方法及设备、可读介质 |
CN112532445A (zh) * | 2020-11-26 | 2021-03-19 | 国网江苏省电力有限公司信息通信分公司 | 一种用于无虚拟化能力的网络设备的网络切片方法及其系统、存储介质 |
CN113411258A (zh) * | 2021-06-07 | 2021-09-17 | 新华三技术有限公司 | 报文处理方法及装置 |
-
2022
- 2022-02-28 CN CN202210188613.7A patent/CN116170363A/zh active Pending
- 2022-11-24 EP EP22897869.8A patent/EP4429185A1/en active Pending
- 2022-11-24 WO PCT/CN2022/133915 patent/WO2023093786A1/zh active Application Filing
-
2024
- 2024-05-23 US US18/672,493 patent/US20240314082A1/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110535766A (zh) * | 2018-05-25 | 2019-12-03 | 华为技术有限公司 | 一种生成路由的方法和设备 |
CN110912796A (zh) * | 2018-09-15 | 2020-03-24 | 华为技术有限公司 | 一种通信方法、设备和系统 |
JP2020053719A (ja) * | 2018-09-21 | 2020-04-02 | 株式会社Nttドコモ | ユーザ装置及びネットワークノード |
CN112511329A (zh) * | 2020-06-12 | 2021-03-16 | 中兴通讯股份有限公司 | 信息通告方法及设备、可读介质 |
CN112532445A (zh) * | 2020-11-26 | 2021-03-19 | 国网江苏省电力有限公司信息通信分公司 | 一种用于无虚拟化能力的网络设备的网络切片方法及其系统、存储介质 |
CN113411258A (zh) * | 2021-06-07 | 2021-09-17 | 新华三技术有限公司 | 报文处理方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
EP4429185A1 (en) | 2024-09-11 |
CN116170363A (zh) | 2023-05-26 |
US20240314082A1 (en) | 2024-09-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021063232A1 (zh) | 建立bier转发表项的方法、装置和系统 | |
CN108574616B (zh) | 一种处理路由的方法、设备及系统 | |
WO2020001393A1 (zh) | 发送网络性能参数、计算网络性能的方法和网络节点 | |
CN107078966B (zh) | 用于指配接收器标识符和自动确定树属性的方法和装置 | |
JP5621778B2 (ja) | コンテンツベーススイッチシステム、及びコンテンツベーススイッチ方法 | |
EP3787243B1 (en) | Data packet processing method and apparatus, storage medium, and electronic device | |
WO2019091088A1 (zh) | 一种vxlan的配置方法、设备及系统 | |
EP4024807A1 (en) | Message sending method and apparatus | |
EP4030703A1 (en) | Routing control method and apparatus | |
CN114422415B (zh) | 在分段路由中的出口节点处理流 | |
WO2023061061A1 (zh) | 报文处理方法、线卡、设备及存储介质 | |
WO2021093463A1 (zh) | 报文转发的方法、第一网络设备以及第一设备组 | |
WO2022117018A1 (zh) | 报文传输的方法和装置 | |
CN104471538A (zh) | 一种数据流处理方法、设备和系统 | |
WO2023093786A1 (zh) | 一种引流的方法、设备及系统 | |
WO2014101192A1 (zh) | 网络设备以及处理报文方法 | |
CN117097818A (zh) | 一种报文处理的方法及相关设备 | |
US10728137B1 (en) | Protocol independent multicast (“PIM”) fault tolerant designated router (“DR”) election | |
WO2022068389A1 (zh) | 一种基于用户组的报文转发方法、设备及系统 | |
CN108259292B (zh) | 建立隧道的方法及装置 | |
EP3163812B1 (en) | Method and apparatus for cross-layer path establishment | |
CN114363252A (zh) | 一种基于用户组的报文转发方法、设备及系统 | |
CN118282940A (zh) | 寻路方法、报文传输方法、设备及介质 | |
CN117459453A (zh) | 数据传输方法、运营商边缘设备、计算机可读介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22897869 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2022897869 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2022897869 Country of ref document: EP Effective date: 20240603 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |