WO2024067336A1 - 报文处理方法、可编程网卡设备、物理服务器及存储介质 - Google Patents

报文处理方法、可编程网卡设备、物理服务器及存储介质 Download PDF

Info

Publication number
WO2024067336A1
WO2024067336A1 PCT/CN2023/120288 CN2023120288W WO2024067336A1 WO 2024067336 A1 WO2024067336 A1 WO 2024067336A1 CN 2023120288 W CN2023120288 W CN 2023120288W WO 2024067336 A1 WO2024067336 A1 WO 2024067336A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
message
parsing
target message
virtual switch
Prior art date
Application number
PCT/CN2023/120288
Other languages
English (en)
French (fr)
Inventor
吕怡龙
Original Assignee
杭州阿里云飞天信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 杭州阿里云飞天信息技术有限公司 filed Critical 杭州阿里云飞天信息技术有限公司
Publication of WO2024067336A1 publication Critical patent/WO2024067336A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/25Routing or path finding in a switch fabric
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Definitions

  • the present application relates to the technical field of cloud computing, and in particular to a message processing method, a programmable network card device, a physical server and a storage medium.
  • Multiple aspects of the present application provide a message processing method, a programmable network card device, a physical server and a storage medium, which are used to improve forwarding performance while adapting to flexible and changeable application requirements.
  • the embodiment of the present application provides a physical server, comprising: a physical machine and a programmable network card device, wherein a virtual machine is deployed on the physical machine, and a virtual switch for forwarding data between different virtual machines is deployed on the programmable network card device;
  • the programmable network card device includes a message parsing acceleration module and a hardware message queue implemented based on programmable hardware; the message parsing acceleration module is used to receive a target message that needs to be forwarded through the virtual switch, parse the header information of the target message, and obtain metadata information of the target message; write the target message and the metadata information into the hardware message queue for the virtual switch to read;
  • the virtual switch runs on the processor of the programmable network card device, and is used to read the target message and the metadata information from the hardware message queue, and obtain the target message according to the metadata information.
  • Information to be matched ; matching is performed in a forwarding flow table according to the information to be matched, and forwarding processing is performed on the target message according to the flow table entry in the match.
  • the embodiment of the present application provides a programmable network card device, on which a virtual switch for forwarding data between different virtual machines is deployed, and the programmable network card device includes: a processor, and a message parsing acceleration module and a hardware message queue implemented based on programmable hardware;
  • the message parsing acceleration module is used to receive a target message that needs to be forwarded by the virtual switch, parse the header information of the target message, and obtain metadata information of the target message; write the target message and the metadata information into the hardware message queue for the virtual switch to read;
  • the virtual switch runs on the processor, and is used to read the target message and the metadata information from the hardware message queue, and obtain the information to be matched of the target message according to the metadata information; match in the forwarding flow table according to the information to be matched, and forward the target message according to the flow table entry in the match.
  • the embodiment of the present application also provides a message processing method, which is applied to a message parsing acceleration module implemented based on programmable hardware on a programmable network card device, wherein a virtual switch is deployed on the programmable network card device, and further includes a hardware message queue implemented based on programmable hardware, and the method includes:
  • An embodiment of the present application also provides a message processing method, which is applied to a virtual switch on a programmable network card device, wherein the programmable network card device also includes a message parsing acceleration module and a hardware message queue implemented based on programmable hardware, and the method includes: reading a target message written by the message parsing acceleration module and metadata information of the target message from the hardware message queue, wherein the metadata information is obtained by parsing the header information of the target message by the message parsing acceleration module; obtaining information to be matched of the target message according to the metadata information, and matching in a forwarding flow table according to the information to be matched; and forwarding processing of the target message according to the flow table entry in the match.
  • the embodiment of the present application also provides a computer-readable storage medium storing a computer program.
  • the processor implements the steps of the message processing method provided in the embodiment of the present application and executable by the virtual switch.
  • An embodiment of the present application also provides a computer program product, including a computer program/instruction.
  • the processor implements the steps of any message processing method provided in the embodiment of the present application.
  • a software virtual switch is deployed on a programmable network card device, and a message parsing acceleration module and a hardware message queue are implemented on the programmable network card device to provide message parsing services for the virtual switch. Based on this, the message that needs to be forwarded by the virtual switch first passes through the message parsing acceleration module, and then the message parsing acceleration module is used to process the message.
  • the message parsing acceleration module parses the message header information, obtains the message metadata information, and writes the message and its metadata information into the hardware message queue; in this way, the virtual switch can directly read the message and its metadata information from the hardware message queue, obtain the message information to be matched based on the metadata information, match it in the forwarding flow table based on the information to be matched, and forward the message according to the flow table entry in the match.
  • the virtual switch does not need to perform the parsing operation of the message header information, but parses the message header information through hardware and provides the parsing result to the virtual switch, which can greatly save the message parsing overhead of the virtual switch and achieve a higher message forwarding performance.
  • all operations except the message header information parsing are completed by the virtual switch in software form, which can adapt to flexible and changeable application requirements and ensure the rapid iteration and evolution of application requirements.
  • FIG1 is a schematic diagram of the structure of a physical server provided by an exemplary embodiment of the present application.
  • 2a-2c are schematic diagrams of message structures and parsing states provided by exemplary embodiments of the present application.
  • FIG3 is a schematic diagram of a fast and slow path process of a physical server performing message forwarding provided by an exemplary embodiment of the present application
  • FIG4 is a schematic diagram of the structure of a programmable network card device provided by an exemplary embodiment of the present application.
  • FIG5 is a flow chart of a message processing method provided by an exemplary embodiment of the present application.
  • FIG6 is a flow chart of another message processing method provided by an exemplary embodiment of the present application.
  • FIG. 7 is a schematic diagram of the structure of a message processing device provided in an exemplary embodiment of the present application.
  • a software-based virtual switch is deployed on the programmable network card device, and on the other hand, a message parsing acceleration module and a hardware message queue are implemented on the programmable network card device based on programmable hardware.
  • the message that needs to be forwarded by the virtual switch first passes through the message parsing acceleration module, which parses the header information of the message and provides the parsing result to the virtual switch, which can greatly save the message parsing overhead of the virtual switch and achieve a higher message forwarding performance.
  • all operations except the parsing of the message header information are completed by the software-based virtual switch, which can adapt to flexible and changeable application requirements and ensure the rapid iteration and evolution of application requirements.
  • FIG1 is a schematic diagram of a physical server structure provided by an exemplary embodiment of the present application. Used in a cloud network system, implemented as an infrastructure in the cloud network system.
  • the physical server includes: a physical machine 10, on which at least one virtual machine 101 is deployed, each virtual machine 101 having a virtual network card 101a and an upper layer application 101b, the virtual network card 101a is a network card simulated by the virtual machine 101 to which it belongs in software or hardware through virtualization technology, and the virtual network card 101a serves as a network interface of the virtual machine 101 to which it belongs, and is used to connect the virtual machine 101 to the network and provide data transmission services for the upper layer application 101b on the virtual machine 101 to which it belongs.
  • a virtual switch in order to realize data forwarding between different virtual machines 101, a virtual switch needs to be deployed on the physical machine, and the virtual switch is responsible for data forwarding between different virtual machines 101 on the same physical machine 10 and between different virtual machines 101 on different physical machines 10. For example, when virtual machine E1 and virtual machine E2 on the same physical machine perform data transmission, virtual machine E1 first transmits data to the virtual switch through its virtual network card, and the virtual switch forwards the data to virtual machine E2 through the virtual network card of virtual machine E2.
  • virtual machine F transmits data to the virtual switch on the physical machine to which it belongs through its virtual network card
  • the virtual switch transmits data to the physical network card of the physical machine to which it belongs
  • the physical network card transmits data to the physical network card of the physical machine to which virtual machine G belongs
  • the physical network card transmits data to the virtual switch of the physical machine to which virtual machine G belongs
  • the virtual switch transmits data to virtual machine G through the virtual network card of virtual machine G.
  • the physical server of the embodiment of the present application also includes a programmable network card device 20.
  • the programmable network card device 20 can be implemented as a pluggable structure and plugged into the physical machine 10.
  • the pluggable method has the advantages of flexible use and strong scalability, but is not limited to this.
  • the programmable network card device 20 can also be directly integrated into the physical machine 10.
  • the programmable network card device 20 has a network card function and can be used as a physical network card of the physical machine 10, responsible for forwarding network traffic on the physical machine 10.
  • the programmable network card device 20 consists of two parts, one part is the processor (CPU) and the corresponding operating system (OS), which can be responsible for carrying some software functions running on the physical machine, such as network management and configuration, and data processing that does not require high performance; the other part is the programmable hardware part, which can be responsible for the accelerated processing of various software functions on the physical machine 10, and supports hardware offload of various software functions.
  • CPU processor
  • OS operating system
  • some operations that need to be performed by the CPU on the physical machine 10 such as packet encapsulation/decapsulation, network address translation (NAT), speed limit, and Really Simple Syndication (RSS) can be offloaded to the programmable network card device 20 to be implemented in hardware, thereby reducing the burden on the physical machine CPU.
  • packet encapsulation/decapsulation network address translation (NAT), speed limit, and Really Simple Syndication (RSS)
  • NAT network address translation
  • RSS Really Simple Syndication
  • the programmable network card device 20 may be a smart network card (SmartNiC) or a data processing unit (DPU), and there is no limitation on this.
  • the programmable hardware on the programmable network card device 20 may be any programmable hardware device such as an application specific integrated circuit (ASIC), a system on chip (SOC), a field programmable gate array (FPGA) or a complex programmable logic device (CPLD).
  • ASIC application specific integrated circuit
  • SOC system on chip
  • FPGA field programmable gate array
  • CPLD complex programmable logic device
  • the virtual switch can be offloaded from the physical machine 10 to the programmable network card device 20.
  • software can be used on the programmable network card device 20.
  • the virtual switch 201 is implemented in a software-based manner, that is, a virtual switch in software form is deployed on the programmable network card device 20.
  • the virtual switch in software form needs to run on the CPU of the programmable network card device 20, that is, the processor (CPU) on the programmable network card device 20 runs the program code corresponding to the virtual switch to implement the data forwarding function of the virtual switch.
  • the following describes the process of data transmission of the upper layer application 101b on the virtual machine 101 through the virtual switch 201 in different situations.
  • the following describes the data transmission process of the upper layer application A1 by taking the virtual machine A0 including the upper layer application A1 and the virtual network card A2, the physical machine where the virtual machine A0 is located including the programmable network card device A3, and the programmable network card device A3 having a virtual switch A4 as an example.
  • Data forwarding scenario C1 The upper-layer application A1 receives a message from the upper-layer application B1 on other physical machines, processes the message to a certain extent, and then forwards the processed message.
  • the physical network card on the programmable network card device A3 receives the message sent by the upper-layer application B1 on other physical machines, and provides the message to the virtual switch A4.
  • the virtual switch A4 provides the message to the virtual network card A2 of the virtual machine A0 based on the forwarding flow table, and the virtual network card A2 provides the message to the upper-layer application A1 on the virtual machine A0.
  • the upper-layer application A1 processes the message to a certain extent, it provides the processed message to the virtual network card A2.
  • the virtual network card A2 provides the processed message to the virtual switch A4.
  • the virtual switch A4 provides the processed message to the physical network card on the programmable network card device A3 based on the forwarding flow table, and the physical network card on the programmable network card device A3 provides the processed message to the upper-layer application B1 through network transmission.
  • Data transmission scenario C2 The upper-layer application A1 generates a message and needs to send the message to the upper-layer application on other virtual machines on the same physical machine or the upper-layer application on other physical machines.
  • the upper-layer application A1 provides the generated message to the virtual network card A2, and the virtual network card A2 provides the message to the virtual switch A4.
  • the virtual switch A4 provides the message to the virtual network card of the other virtual machine based on the forwarding flow table, and the virtual network card of the other virtual machine provides the message to the upper-layer application on the other virtual machine; in the case where the upper-layer application instructs to send the message to the upper-layer application on other physical machines, the virtual switch A4 provides the message to the physical network card on the programmable network card device A3 based on the forwarding flow table, and the physical network card on the programmable network card device A3 provides the message to the physical network card of other physical machines, so that the physical network card of other physical machines can provide the received message to the upper-layer application of other physical machines.
  • the upper-layer application A1 receives messages sent from upper-layer applications on other virtual machines. Specifically, if the virtual machine where the upper-layer application A1 is located and other virtual machines are located on the same physical machine, the virtual switch A4 receives the messages sent from the upper-layer applications on other virtual machines, and provides the messages to the virtual network card A2 based on the forwarding flow table, and the virtual network card A2 provides the received messages to the upper-layer application A1, so that the upper-layer application A1 processes the received messages.
  • the physical network card on the programmable network card device A3 receives the messages sent from the upper-layer applications on other physical machines, and provides the messages to the virtual switch A4, and the virtual switch A4 provides the messages to the virtual network card A2 based on the forwarding flow table, and the virtual network card A2 provides the received messages to the upper-layer application A1, so that the upper-layer application A1 processes the received messages.
  • the virtual switch is implemented in software and performs packet forwarding based on the forwarding flow table.
  • the forwarding flow table contains multiple flow table entries, each of which corresponds to a data flow.
  • the flow table entry mainly includes two parts: match information and action information.
  • the match information is the action information.
  • the corresponding key information mainly includes information that can uniquely identify the data flow, such as a five-tuple of a message: source/destination IP address, source/destination port number, protocol type, or a three-tuple or seven-tuple of a message.
  • the action information includes the execution action on the message, such as encapsulation/decapsulation, forwarding, rate limiting, etc.
  • the virtual switch needs to rely on the CPU of the programmable network card device to parse the message to obtain the information to be matched of the message, match the information to be matched in the matching information in the forwarding flow table, and process the message according to the action information in the matching flow table item.
  • the whole process depends on the CPU resources of the programmable network card device and is affected by the CPU performance, which will restrict the message forwarding performance.
  • the hardware unloading for the virtual switch can be implemented on the programmable network card device 20, that is, a switch acceleration module based on programmable hardware is implemented on the programmable network card device 20, and the switch acceleration module provides data forwarding acceleration services for the virtual switch 201.
  • the forwarding flow table used by the virtual switch 201 is configured in advance in the switch acceleration module, so that in the process of sending and receiving messages, any message that needs to be forwarded by the virtual switch first reaches the switch acceleration module, and the switch acceleration module parses the message to obtain the information to be matched of the message, matches the matching information in the forwarding flow table according to the information to be matched, and forwards the message according to the matching flow table items, and finally the hardware replaces the software form of the virtual switch 201 to forward the message.
  • the message does not need to be sent to the virtual switch 201 for software processing, which can improve the message forwarding speed; moreover, the switch acceleration module performs message forwarding processing, which can reduce the participation of the virtual switch 201, and further reduce the CPU resources of the programmable network card device 20 occupied by running the virtual switch 201, which is conducive to improving the performance of the programmable network card device.
  • a message parsing acceleration module 202 and a hardware message queue 203 are implemented in the programmable hardware part of the programmable network card device 20, instead of a switch acceleration module, and a virtual switch 201 in software form is run on the processor of the programmable network card device 20.
  • the programmable hardware on the programmable network card device 20 can be FPGA, CPLD, ASIC or SOC, etc.
  • the message parsing acceleration module 202 and the hardware message queue 203 are implemented in a manner such as FPGA, CPLD, ASIC or SOC.
  • the hardware message queue 203 can be a ring queue (ring), but is not limited thereto.
  • the hardware message queue can be one or more, which is not limited thereto.
  • a hardware message queue is taken as an example for illustration. Among them, the process of accelerating the virtual switch 201 in software form based on the message parsing acceleration module 202 and the hardware message queue 203 is as follows:
  • the messages that need to be forwarded through the virtual switch 201 are called target messages.
  • the target message 1 can be a message sent from an upper layer application in any virtual machine on the physical machine 10, or a message from a programmable network card.
  • the physical network card on the device receives the message from the upper layer application on other physical machines 10 from the physical network.
  • the message parsing acceleration module 202 receives the target message that needs to be forwarded by the virtual switch 201, and parses the header information of the target message as shown in 2 in FIG1 to obtain the metadata information of the target message; as shown in 3 in FIG1, the target message and the metadata information are written into the hardware message queue 203 for reading by the virtual switch 201.
  • the metadata information mainly includes some information obtained by parsing the header information of the target message, which is information that helps the virtual switch 201 to quickly obtain the information to be matched of the target message.
  • the information to be matched of the target message can be a five-tuple, a three-tuple, a seven-tuple, etc. of the message, corresponding to the type of matching information in the forwarding flow table, and can be determined according to the needs of the upper-layer application.
  • the virtual switch 201 runs on the CPU of the programmable network card device 20, and as shown in 4 in FIG1, the target message and metadata information can be read from the hardware message queue 203.
  • the action performed by the virtual switch 201 is the action performed by the CPU of the programmable network card device running the virtual switch 201.
  • the hardware message queue 203 can generate an interrupt signal, and the CPU reads the target message and metadata information from the hardware message queue 203 according to the interrupt signal generated by the hardware message queue 203.
  • the CPU can periodically poll the hardware message queue 203, and when it is found that there are new target messages and metadata information in the hardware message queue 203, the target message and metadata information are read from the hardware message queue 203.
  • the virtual switch 201 After reading the target message and metadata information from the hardware message queue 203, the virtual switch 201 obtains the to-be-matched information of the target message according to the metadata information, and matches in the forwarding flow table according to the to-be-matched information; and as shown in 6 of FIG. 1 , forwarding processing is performed on the target message according to the flow table entry in the match.
  • the forwarding processing of the target message includes forwarding the target message to the physical network, or forwarding the target message to the upper layer application in any virtual machine on the physical machine 10.
  • the two parts that have a greater impact on the forwarding performance are: one part is the parsing of the message header information, and the other part is the execution of the processing actions in the flow table items.
  • the execution of the processing actions in the flow table items often changes with the rapid iteration and evolution of the upper-layer applications. Therefore, in this embodiment, the complete forwarding logic is no longer implemented in hardware like the switch acceleration module. Instead, the message parsing acceleration module 202 and the hardware message queue 203 assist the virtual switch 201 in parsing the message header information and provide the parsing results to the virtual switch 201.
  • the purpose of improving the forwarding performance of the virtual switch 201 is achieved.
  • all other operations are completed by the software virtual switch 201, which can adapt to flexible and changeable application requirements and ensure the rapid iteration and evolution of application requirements.
  • the message parsing acceleration module 202 since the message parsing acceleration module 202 only needs to complete the parsing of the message header information and does not need to match the forwarding flow table, it is different from the implementation method of the switch acceleration module. There is no need to send the forwarding flow table to the message parsing acceleration module 202, that is, there is no need to maintain the forwarding flow table on the hardware, but only on the software level.
  • the implementation method of the message parsing acceleration module 202 parsing the header information of the target message is not limited, and the following two implementation methods may be adopted but are not limited to:
  • Implementation A1 Pre-analysis.
  • the message parsing acceleration module 202 can pre-parse the header information of the target message to obtain multiple The position offset of each protocol field; and the metadata information is generated according to the position offset of each of the multiple protocol fields in the header information.
  • Pre-parsing refers to the parsing process of parsing the header information of the target message to obtain the position offset of each of the multiple protocol fields in the header information.
  • the metadata information at least includes the position offset of each of the multiple protocol fields contained in the header information of the target message.
  • the target message arrives at the programmable network card device, it is first sent to the message parsing acceleration module 202, and the message parsing acceleration module 202 pre-parses the header information of the target message in a hardware manner, obtains the position offset (offset) of each protocol field from the outside to the inside in the message header information, and saves the position offset of each protocol field.
  • the position offset of each protocol field describes the starting position of each protocol field in the message header information.
  • the position offset can be the number of bytes relative to the first byte of the message header.
  • the message parsing acceleration module 202 can pre-parse the header information of various types of messages and obtain the position offset of each protocol field contained in the header information. The following examples are given:
  • the message transmission does not adopt the tunnel protocol, and the header information of such a message only contains a single-layer protocol field, for example, the message header information is a second-layer L2 protocol field, a third-layer L3 protocol field, and a fourth-layer L4 protocol field from the outside to the inside.
  • the message header information is a second-layer L2 protocol field, a third-layer L3 protocol field, and a fourth-layer L4 protocol field from the outside to the inside.
  • the message header information is a second-layer L2 protocol field, a third-layer L3 protocol field, and a fourth-layer L4 protocol field from the outside to the inside.
  • FIG2a a message structure of a single-layer protocol field is shown.
  • the L2 protocol field mainly refers to the MAC field
  • the L3 protocol field mainly refers to the IP field
  • the IP field can be an IPV4 field or an IPV6 field
  • the L4 protocol field refers to a TCP field or a UDP field.
  • the message parsing acceleration module 202 pre-parses the header information of such a message, and can obtain the position offset of the L2 protocol field and the protocol type of the L2 layer (such as MAC), the position offset of the L3 protocol field and the protocol type of the L3 layer (such as IP), the position offset of the L4 protocol field and the protocol type of the L4 layer (such as TCP or UDP), etc. as metadata information.
  • the metadata information includes not only the position offset of each protocol field, but also the protocol type of each protocol field, and the protocol type information is used to distinguish who the corresponding protocol field is.
  • the message transmission adopts a tunnel protocol, with tunnel encapsulation as the demarcation point.
  • the header information of such a message contains a double-layer protocol field, for example, an outer layer protocol field and an inner layer protocol field.
  • the tunnel protocol can be but is not limited to: vlan or vxlan.
  • the outer layer protocol field includes, from the outside to the inside, an outer layer L2 protocol field, an outer layer L3 protocol field, an outer layer L4 protocol field, and an outer layer tunnel protocol field; accordingly, the inner layer protocol field includes, from the outside to the inside, an inner layer L2 protocol field, an inner layer L3 protocol field, an inner layer L4 protocol field, and an inner layer tunnel protocol field.
  • the outer layer protocol field includes, from the outside to the inside, an outer layer L2 protocol field, an outer layer L3 protocol field, and an outer layer L4 protocol field, and the outer layer tunnel protocol field is embedded in the outer layer L2 protocol field;
  • the inner layer protocol field includes, from the outside to the inside, an inner layer L2 protocol field, an inner layer L3 protocol field, and an inner layer L4 protocol field, and the inner layer tunnel protocol field is embedded in the inner layer L2 protocol field.
  • the header information of this message includes, from the outside to the inside, the outer layer L2 protocol field, the outer layer L3 protocol field, the outer layer L4 protocol field, the outer layer tunnel protocol header, the inner layer L2 protocol field, the inner layer L3 protocol field, the inner layer L4 protocol field, and the inner layer tunnel protocol header.
  • the outer or inner layer L2 protocol field refers to the MAC field
  • the outer or inner layer L3 protocol field refers to the IP field
  • the outer or inner layer L2 protocol field refers to the MAC field.
  • the L4 protocol field refers to a TCP or UDP field
  • the outer or inner tunnel protocol header may be a vlan or vxlan protocol.
  • the message parsing acceleration module 202 pre-parses the header information of such a message, and can obtain the position offset of the outer L2 protocol field and the protocol type of the outer L2 (such as MAC), the position offset of the outer L3 protocol field and the protocol type of the outer L3 (such as IP), the position offset of the outer L4 protocol field and the protocol type of the outer L4 (such as TCP or UDP), the position offset of the outer tunnel protocol header and the protocol type of the outer tunnel protocol header (such as vlan or vxlan), and the position offset of the inner L2 protocol field and the protocol type of the inner L2 (such as MAC), the position offset of the inner L3 protocol field and the protocol type of the inner L3 (such as IP), the position offset of the inner L4 protocol field and the protocol type of the inner L4 (such as TCP
  • this is another message structure with a double-layer protocol field.
  • the header information of this message includes, from the outside to the inside, an outer L2 protocol field, an outer L3 protocol field, an outer L4 protocol field, an inner L2 protocol field, an inner L3 protocol field, and an inner L4 protocol field, wherein the outer tunnel protocol field is embedded in the outer L2 protocol field, and the inner tunnel protocol field is embedded in the inner L2 protocol field.
  • the message parsing acceleration module 202 pre-parses the header information of such a message, and can obtain the position offset of the outer layer L2 protocol field, the position offset of the outer layer tunnel protocol header and the protocol type (such as vlan or vxlan), the protocol type of the outer layer L2 (such as MAC), the position offset of the outer layer L3 protocol field and the protocol type of the outer layer L3 (such as IP), the position offset of the outer layer L4 protocol field and the protocol type of the outer layer L4 (such as TCP or UDP), and the position offset of the inner layer L2 protocol field, the position offset of the inner layer tunnel protocol header and the protocol type (such as vlan or vxlan), and the protocol type of the inner layer L2 (such as MAC), the position offset of the inner layer L3 protocol field and the protocol type of the inner layer L3 (such as IP), the position offset of the inner layer L4 protocol field and the protocol type of the inner layer L4 (such as TCP or UDP), etc
  • the message parsing acceleration module 202 After obtaining the metadata information of the target message, the message parsing acceleration module 202 writes the target message and the metadata information into the hardware message queue 203 for reading by the virtual switch 201.
  • the virtual switch 201 reads the target message and the metadata information from the hardware message queue 203, and obtains the value of each protocol field corresponding to the specified protocol type from the header information of the target message according to the position offset of each of the multiple protocol fields included in the metadata information, as the information to be matched.
  • the specified protocol type can be determined according to the needs of the upper layer application. For example, it can be one or a combination of L3 protocol type (such as IP protocol), L4 protocol type (such as TCP or UDP protocol), L2 protocol type (such as MAC protocol), and tunnel protocol type (such as vlan or vxlan). Depending on the specified protocol type, the implementation of the information to be matched will be different.
  • L3 protocol type such as IP protocol
  • L4 protocol type such as TCP or UDP protocol
  • L2 protocol type such as MAC protocol
  • tunnel protocol type such as vlan or vxlan
  • the information to be matched and the matching information in the forwarding flow table are specifically implemented as a six-tuple (source IP, destination IP, L4 protocol type, source port, destination port, VNI), where VNI is a virtual network identifier (Vxlan Network Identifier), which represents the vlan or vxlan network.
  • VNI is a virtual network identifier (Vxlan Network Identifier), which represents the vlan or vxlan network.
  • the specified protocol type is the L4 protocol type in the message structure shown in FIG. 2a
  • the information to be matched and the matching information in the forwarding flow table are specifically implemented as a five-tuple (source IP, destination IP, L4 protocol type, source port, destination port).
  • the virtual switch 201 matches the information to be matched in the forwarding flow table, specifically, matches the information to be matched with the matching information in each flow table item in the forwarding flow table; if the flow table item is matched, the target message is forwarded according to the action information in the matching flow table item.
  • the situation of matching the flow table item is regarded as a fastpath mode, which includes the message parsing process of the message parsing acceleration module 202, the process of the virtual switch 201 matching the forwarding flow table, and the process of forwarding the message according to the matching flow table item.
  • the virtual switch 201 forwards the target message according to the to-be-matched information of the target message and the processing flow of the first message, specifically including: matching in the routing table, ACL table and speed limit table in turn according to the to-be-matched information of the target message, finally obtaining the routing information, ACL policy and speed limit policy in the target message match, and forwarding the target message according to the matching routing information, ACL policy and speed limit policy.
  • the situation of not matching any flow table item is regarded as the first slowpath mode, which includes: the message parsing process of the message parsing acceleration module 202, the process of the virtual switch 201 matching the routing table, ACL table and speed limit table, and the process of forwarding the message according to the matching routing information, ACL policy and speed limit policy, etc.
  • the virtual switch 201 can also generate a flow table item corresponding to the data flow to which the target message belongs, according to the information to be matched of the target message and the relevant information matched by the information to be matched in the processing flow of the first message, and add the flow table item to the forwarding flow table.
  • the relevant information matched by the information to be matched in the processing flow of the first message includes but is not limited to: routing information, ACL policy and speed limit policy in the matching of the information to be matched of the target message.
  • the information to be matched of the target message can be used as the matching information in the flow table item corresponding to the data flow to which the target message belongs, and the routing information, ACL policy and speed limit policy in the matching of the information to be matched of the target message can be used as the action information in the flow table item corresponding to the data flow to which the target message belongs.
  • the message parsing acceleration module 202 only parses the position offsets of the multiple protocol fields contained in the message header information, and the extraction of the information to be matched and the matching and action execution of the forwarding flow table are all the responsibility of the virtual switch 201 in software form, which can flexibly respond to the iteration and evolution of any upper-layer application.
  • the matching information and/or action required by the upper-layer application changes, the matching information and/or action information in the forwarding flow table can be flexibly adjusted.
  • the virtual switch 201 can change the extracted information to be matched and adjust the matching logic and action execution logic as needed, and the pre-parsing process of the underlying hardware of the virtual switch 201 is completely unaffected by the iteration and evolution of the upper-layer application.
  • the forwarding performance of the virtual switch 201 can be greatly improved.
  • Implementation A2 Keyword parsing method.
  • the message parsing acceleration module 202 can perform keyword parsing on the header information of the target message to obtain the values of each protocol field corresponding to the specified protocol type in the header information; and generate metadata information based on the values of each protocol field corresponding to the specified protocol type in the header information.
  • keyword parsing refers to the parsing process of parsing the header information of the target message to obtain the values of each protocol field corresponding to the specified protocol type in the header information.
  • the metadata information includes at least the values of each protocol field corresponding to the specified protocol type contained in the header information of the target message, that is, the information to be matched of the target message.
  • the message parsing acceleration module 202 needs to pre-store the specified protocol type required by the upper layer application. On this basis, when the target message arrives at the programmable network card device, it is first sent to the message parsing acceleration module 202, and the message parsing acceleration module 202 performs keyword parsing on the header information of the target message in a hardware manner to obtain the value of each protocol field corresponding to the specified protocol type in the message header information.
  • the message parsing acceleration module 202 first pre-parses the header information of the target message, obtains the position offset (offset) and protocol type information of each protocol field from the outside to the inside in the message header information, and saves the position offset and protocol type information of each protocol field; then, the position offset of the protocol field belonging to the specified protocol type is determined therefrom, and the value of each protocol field belonging to the specified protocol type is extracted from the header information of the target message according to the position offset of the protocol field belonging to the specified protocol type, as the metadata information of the target message.
  • the message parsing acceleration module 202 gradually parses the header information of the target message from the outside to the inside, and determines whether the protocol field belongs to the specified protocol type each time a protocol field is parsed, until a protocol field belonging to the specified protocol type is parsed, and the values of these protocol fields are used as metadata information of the target message.
  • the specified protocol type may be determined according to the requirements of the upper layer application, for example, it may be one or a combination of L3 protocol type (such as IP protocol), L4 protocol type (such as TCP or UDP protocol), L2 protocol type (such as MAC protocol), and tunnel protocol type (such as vlan or vxlan).
  • L3 protocol type such as IP protocol
  • L4 protocol type such as TCP or UDP protocol
  • L2 protocol type such as MAC protocol
  • tunnel protocol type such as vlan or vxlan.
  • the values of the protocol fields corresponding to the specified protocol type may be different. For example, if the specified protocol type is the L4 protocol type in the message structure shown in FIG. 2b or FIG.
  • the values of the protocol fields corresponding to the specified protocol type are specifically implemented as a six-tuple (source IP, destination IP, L4 protocol type, source port, destination port, VNI), where VNI is a virtual network identifier (Vxlan Network Identifier), representing a broadcast domain in a vlan or vxlan network.
  • VNI is a virtual network identifier (Vxlan Network Identifier), representing a broadcast domain in a vlan or vxlan network.
  • the specified protocol type is the L4 protocol type in the message structure shown in FIG. 2a
  • the values of the protocol fields corresponding to the specified protocol type are specifically implemented as a five-tuple (source IP, destination IP, L4 protocol type, source port, destination port).
  • the message parsing acceleration module 202 After obtaining the metadata information of the target message, the message parsing acceleration module 202 writes the target message and the metadata information into the hardware message queue 203 for reading by the virtual switch 201.
  • the virtual switch 201 reads the target message and the metadata information from the hardware message queue 203, obtains the value of each protocol field corresponding to the specified protocol type in the metadata information, and directly uses it as the information to be matched.
  • the virtual switch 201 matches the information to be matched in the forwarding flow table, specifically, matches the information to be matched with the matching information in each flow table item in the forwarding flow table; if the flow table item is matched, the target message is forwarded according to the action information in the matching flow table item.
  • the matching flow table item is regarded as a fastpath mode, which includes a message parsing acceleration mode.
  • the message parsing process of block 202 is the process of the virtual switch 201 matching the forwarding flow table and forwarding the message according to the matching flow table entry.
  • the virtual switch 201 forwards the target message according to the to-be-matched information of the target message and the processing flow of the first message, specifically including: matching the routing table, ACL table and speed limit table in turn according to the to-be-matched information of the target message, finally obtaining the routing information, ACL policy and speed limit policy in the target message match, and forwarding the target message according to the matching routing information, ACL policy and speed limit policy.
  • the situation of not matching any flow table item is regarded as the first slowpath mode, which includes: the message parsing process of the message parsing acceleration module 202, the process of the virtual switch 201 matching the routing table, ACL table and speed limit table, and the process of forwarding the message according to the matching routing information, ACL policy and speed limit policy, etc.
  • the virtual switch 201 can also generate a flow table item corresponding to the data flow to which the target message belongs, according to the information to be matched of the target message and the relevant information matched by the information to be matched in the processing flow of the first message, and add the flow table item to the forwarding flow table.
  • the relevant information matched by the information to be matched in the processing flow of the first message includes but is not limited to: routing information, ACL policy and speed limit policy in the matching of the information to be matched of the target message.
  • the information to be matched of the target message can be used as the matching information in the flow table item corresponding to the data flow to which the target message belongs, and the routing information, ACL policy and speed limit policy in the matching of the information to be matched of the target message can be used as the action information in the flow table item corresponding to the data flow to which the target message belongs.
  • the message parsing acceleration module 202 can obtain the information to be matched from the message header information as metadata information according to the specified protocol type, and the matching and action execution of the forwarding flow table based on the information to be matched are the responsibility of the virtual switch 201 in software form, which can flexibly respond to some upper-layer applications that have iterative and evolutionary requirements for message processing actions.
  • the action information in the forwarding flow table can be flexibly adjusted.
  • the virtual switch 201 can adjust the action execution logic as needed, and the keyword parsing process of the underlying hardware of the virtual switch 201 is not affected by the iteration and evolution of the upper-layer applications.
  • the forwarding performance of the virtual switch 201 can be greatly improved.
  • the message parsing acceleration module 202 is also used to: generate additional parsing information according to the parsing result of the header information of the target message, and use the additional parsing information as part of the metadata information.
  • the parsing result of the header information of the target message specifically refers to the position offset of each of the multiple protocol fields in the header information of the target message, and can further include the protocol type information of each protocol field, as shown in Figures 2a-2c.
  • the parsing result of the header information of the target message specifically refers to the value of each protocol field corresponding to the specified protocol type in the header information of the target message, that is, the information to be matched.
  • the parsed additional information may include but is not limited to: indicating whether the target message supports At least one of the first identification information of hardware parsing, the second identification information indicating whether the parsing result is wrong when the target message supports hardware parsing, and the protocol feature information of the target message obtained by parsing when the parsing result is not wrong.
  • the target message can be parsed by the message parsing acceleration module 202, it means that the target message supports hardware parsing, and the value of the first identification information can be a first value, such as 1; if the target message cannot be parsed by the message parsing acceleration module 202, it means that the target message does not support hardware parsing, and the value of the first identification information can be a second value, such as 0.
  • the values of the first value and the second value are not limited, and 1 and 0 are only examples.
  • the first identification information is represented by unit8_t parse_enable.
  • the second identification information can be a third value, such as 1; if the message parsing acceleration module 202 reports an error during the process of parsing the target message, indicating that the parsing result is wrong, then the second identification information can be a fourth value, such as 0.
  • the third value and the fourth value are not limited, and 1 and 0 are only examples.
  • the second identification information is represented by parse_error.
  • the protocol characteristic information of the target message obtained by parsing can also be used as additional parsing information.
  • the protocol characteristic information of the target message mainly refers to whether the target message is a double-layer message in the logical network (overlay).
  • a double-layer message refers to a message that supports inner and outer double-layer protocols, such as the messages shown in Figures 2b and 2c. If the header information of the target message contains inner and outer double-layer protocol fields, the value of the protocol characteristic information is 1. If the header information of the target message contains a layer of protocol fields, the value of the protocol characteristic information is 0. In Figures 2a-2c, the protocol characteristic information is represented by outer_vlaid.
  • the parsing result of the header information of the target message and the parsing additional information generated according to the parsing result are written as metadata information into the hardware message queue 203.
  • the parsing additional information also includes a reserved field, namely parse_reserv, for adding more parsing additional information later.
  • the virtual switch 201 first determines whether the target message supports hardware parsing according to the additional parsing information in the metadata information, whether the parsing structure is wrong when hardware parsing is supported, and further determines whether the target message is a double-layer message containing inner and outer double-layer protocol fields when the parsing result is not wrong.
  • the virtual switch 201 can read the target message and metadata information from the hardware message queue 203 according to whether the target message is a double-layer message containing inner and outer double-layer protocol fields; thereafter, the above-mentioned implementation method A1 or A2 is adopted to obtain the information to be matched of the target message according to the metadata information; matching is performed in the forwarding flow table according to the information to be matched, and the target message is forwarded according to the flow table entry in the match.
  • the virtual switch 201 needs to perform keyword parsing on the header information of the target message, obtain the value of each protocol field corresponding to the specified protocol type in the header information as the information to be matched; match in the forwarding flow table according to the information to be matched, and forward the target message according to the flow table entry in the match.
  • the virtual switch 201 needs to parse the header information of the target message in software.
  • the virtual switch 201 After the virtual switch 201 performs keyword parsing on the header information of the target message to obtain the information to be matched, it matches in the forwarding flow table according to the information to be matched; if the flow table item is matched, the target message is forwarded according to the action information in the matching flow table item.
  • the virtual switch 201 forwards the target message according to the information to be matched of the target message and the processing flow of the first message, specifically including: matching in the routing table, ACL table and speed limit table in turn according to the information to be matched of the target message, and finally obtaining the routing information, ACL policy and speed limit policy in the target message match, and forwarding the target message according to the routing information, ACL policy and speed limit policy in the match.
  • the virtual switch 201 can also generate a flow table item corresponding to the data flow to which the target message belongs according to the information to be matched of the target message and the relevant information matched by the information to be matched in the processing flow of the first message, and add the flow table item to the forwarding flow table. In this way, subsequent messages in the data flow can be processed through the fastpath mode, which helps to improve the message forwarding speed.
  • the message processing flow when the target message does not support hardware parsing or the target message supports hardware parsing but the parsing result is erroneous can be called the second slow path (lowpath) mode, which includes: the message parsing process of the message parsing acceleration module 202, the process of the virtual switch 201 re-parsing the message in software, the process of matching the forwarding flow table and forwarding the message according to the matching flow table items, and the process of matching the routing table, ACL table and speed limit table when the flow table items are not matched, and the process of forwarding the message according to the matching routing information, ACL policy and speed limit policy, etc.
  • the second slow path (lowpath) mode includes: the message parsing process of the message parsing acceleration module 202, the process of the virtual switch 201 re-parsing the message in software, the process of matching the forwarding flow table and forwarding the message according to the matching flow table items, and the process of matching the routing table, ACL table and speed limit table when the flow table items are
  • a message parsing acceleration module 202, a hardware message queue 203 and a virtual switch 201 are implemented on the programmable network card device 20.
  • the programmable network card device 20 also includes a physical network card of a physical machine implemented based on programmable hardware, as shown in Figure 1.
  • FIG. 1 On this basis, different scenarios of message transmission by a physical server are exemplarily described as follows:
  • the upper layer application in virtual machine K generates a first message and needs to send the first message to virtual machine J. After virtual machine J processes the first message, it needs to forward the processed first message to virtual machine H.
  • virtual machine K sends the first message to the message parsing acceleration module 202 on the same physical server through its virtual network card; the message parsing acceleration module 202 parses the header information of the first message to obtain metadata information, and writes the first message and metadata information into the hardware message pair sequence; the virtual switch 201 reads the first message and metadata information from the hardware message pair sequence, and adopts the above-mentioned implementation method A1 or A2 to obtain the information to be matched according to the metadata information, and matches in the local forwarding flow table according to the information to be matched, and in the case of a flow table entry corresponding to virtual machine J in the match, sends the first message to virtual machine J via the virtual network card of virtual machine J.
  • virtual machine K sends the first message to the message parsing acceleration module 202 on the physical server to which it belongs through its virtual network card; the message parsing acceleration module 202 parses the header information of the first message to obtain metadata information, and writes the first message and metadata information into the hardware message pair array; the virtual switch 201 on the physical server to which virtual machine K belongs reads the first message and metadata information from the hardware message pair array, adopts the above-mentioned implementation method A1 or A2 to obtain the information to be matched according to the metadata information, matches in the local forwarding flow table according to the information to be matched, and in the case of the flow table entry corresponding to the physical server to which virtual machine J belongs in the match, sends the first message to the physical network card of the physical server to which virtual machine K belongs, and the physical network card provides the first message to the physical network card of the physical server to which virtual machine J belongs through network transmission, and the physical network card provides the first message to the message parsing acceleration module 202
  • the message parsing acceleration module 202 of the physical server to which the virtual machine J belongs will receive the first message, and the message parsing acceleration module 202 will parse the header information of the first message to obtain metadata information, and write the first message and the metadata information into the hardware message pair sequence;
  • the virtual switch 201 on the physical server to which the virtual machine J belongs reads the first message and the metadata information from the hardware message pair sequence, and adopts the above-mentioned implementation method A1 or A2 to obtain the information to be matched according to the metadata information, and matches in the local forwarding flow table according to the information to be matched, and when the flow table entry corresponding to the virtual machine J is matched, the first message is provided to the virtual machine J via the virtual network card of the virtual machine J.
  • virtual machine J After receiving the first message, virtual machine J processes the first message to obtain a processed first message, and sends the processed first message to virtual machine H.
  • the process of virtual machine J sending the processed first message to virtual machine H is the same as or similar to the process of virtual machine J receiving the first message sent by virtual machine K, and is also divided into two cases: virtual machine J and virtual machine H are located in the same physical server and in different physical servers, which will not be described in detail here.
  • the physical server also includes: a memory, a communication component, a power supply component and other components, which are not shown in Figure 1.
  • the memory is used to store computer programs and can be configured to store various other data to support operations on the physical server. Examples of such data include instructions for any application or method operating on the physical server.
  • the memory can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic storage, flash memory, magnetic disk or optical disk.
  • SRAM static random access memory
  • EEPROM electrically erasable programmable read-only memory
  • EPROM erasable programmable read-only memory
  • PROM programmable read-only memory
  • ROM read-only memory
  • magnetic storage flash memory
  • flash memory magnetic disk or optical disk.
  • the communication component is configured to facilitate wired or wireless communication between the device where the communication component is located and other devices.
  • the device where the communication component is located can access a wireless network based on a communication standard, such as WiFi, 2G, 3G, 4G/LTE, 5G and other mobile communication networks, or a combination thereof.
  • the communication component receives a broadcast signal or broadcast-related information from an external broadcast management system via a broadcast channel.
  • the communication component also includes a near field communication (NFC) module to facilitate short-range communication.
  • the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology and other technologies.
  • RFID radio frequency identification
  • IrDA infrared data association
  • UWB ultra-wideband
  • Bluetooth Bluetooth
  • the power supply assembly provides power to various components of the device where the power supply assembly is located.
  • the power supply assembly can include the power management system A system, one or more power supplies, and other components associated with generating, managing, and distributing electrical power to the device in which the power supply components are located.
  • an embodiment of the present application also provides a programmable network card device.
  • a virtual switch 201 for forwarding data between different virtual machines is deployed on the programmable network card device 20.
  • the programmable network card device includes: a processor, and a message parsing acceleration module 202 and a hardware message queue 203 implemented based on programmable hardware.
  • the message parsing acceleration module 202 is used to receive the target message that needs to be forwarded through the virtual switch 201, parse the header information of the target message, and obtain the metadata information of the target message; write the target message and metadata information into the hardware message queue 203 for the virtual switch 201 to read.
  • the virtual switch 201 runs on the processor and is used to read the target message and metadata information from the hardware message queue 203, obtain the to-be-matched information of the target message according to the metadata information; match in the forwarding flow table according to the to-be-matched information, and forward the target message according to the flow table entry in the match.
  • the message parsing acceleration module 202 is specifically used to: pre-parse the header information of the target message to obtain the position offsets of the multiple protocol fields in the header information; generate metadata information according to the position offsets of the multiple protocol fields in the header information.
  • the virtual switch 201 is specifically used to: obtain the values of the protocol fields corresponding to the specified protocol type from the header information of the target message according to the position offsets of the multiple protocol fields in the metadata information as the information to be matched.
  • the message parsing acceleration module 202 is specifically used to: perform keyword parsing on the header information of the target message to obtain the value of each protocol field corresponding to the specified protocol type in the header information; generate metadata information according to the value of each protocol field corresponding to the specified protocol type in the header information. Accordingly, the virtual switch 201 is specifically used to: obtain the value of each protocol field corresponding to the specified protocol type in the metadata information as the information to be matched.
  • the message parsing acceleration module 202 is further used to: generate additional parsing information according to the parsing result of the header information of the target message, and use the additional parsing information as part of the metadata information.
  • the additional parsing information includes at least one of first identification information indicating whether the target message supports hardware parsing, second identification information indicating whether the parsing result is wrong when the target message supports hardware parsing, and protocol feature information of the target message obtained by parsing.
  • the virtual switch 201 is also used to: perform keyword parsing on the header information of the target message, and obtain the value of each protocol field corresponding to the specified protocol type in the header information as the information to be matched; match in the forwarding flow table according to the information to be matched, and forward the target message according to the flow table entry in the match.
  • the virtual switch 201 is also used to: when no flow table entry is matched, forward the target message according to the processing flow of the first message based on the information to be matched; generate a flow table entry corresponding to the data flow to which the target message belongs based on the information to be matched and the relevant information matched by the information to be matched in the processing flow of the first message, and add the flow table entry to the forwarding flow table.
  • the programmable network card device can deploy a virtual switch in software form, and includes a message parsing acceleration module and a hardware message queue implemented based on programmable hardware; the message that needs to be forwarded through the virtual switch first passes through the message parsing acceleration module, and the message parsing acceleration module parses the header information of the message and provides the parsing result to the virtual switch, which can greatly save the message parsing overhead of the virtual switch and achieve higher message forwarding performance.
  • all operations except the parsing of the message header information are completed by the virtual switch in software form, which can adapt to flexible and changeable application requirements and ensure the rapid iteration and evolution of application requirements.
  • FIG5 is a flow chart of a message processing method provided by an exemplary embodiment of the present application; the message processing method is applied to a physical server, the physical server includes a physical machine and a programmable network card device, a virtual machine is deployed on the physical machine, a virtual switch is deployed on the programmable network card device, and the programmable network card device includes a message parsing acceleration module and a hardware message queue based on programmable hardware implementation, and the virtual switch is used to forward data between different virtual machines.
  • the programmable network card device includes a message parsing acceleration module and a hardware message queue based on programmable hardware implementation, and the virtual switch is used to forward data between different virtual machines.
  • parsing the header information of the target message to obtain metadata information of the target message includes: pre-parsing the header information of the target message to obtain the position offsets of each of the multiple protocol fields in the header information; and generating metadata information of the target message according to the position offsets of each of the multiple protocol fields in the header information.
  • the metadata information of the target message includes the position offsets of each of the multiple protocol fields in the header information.
  • parsing the header information of the target message to obtain metadata information of the target message includes: performing keyword parsing on the header information of the target message to obtain values of each protocol field corresponding to the specified protocol type in the header information; and generating metadata information of the target message according to the values of each protocol field corresponding to the specified protocol type in the header information.
  • the metadata information of the target message includes the values of each protocol field corresponding to the specified protocol type in the header information, such as a quintuple, a triplet, etc.
  • the position offsets of the respective protocol fields in the header information, or the values of the respective protocol fields corresponding to the specified protocol type in the header information are all parsing results obtained by parsing the header information of the target message.
  • additional parsing information can also be generated based on the parsing results of the header information of the target message, and the additional parsing information can be used as part of the metadata information.
  • the additional parsing information includes first identification information indicating whether the target message supports hardware parsing, second identification information indicating whether the parsing result is an error if the target message supports hardware parsing, and protocol feature information of the target message obtained by parsing. At least one of .
  • FIG6 is a flowchart of another message processing method provided by an exemplary embodiment of the present application; the message processing method is applied to a physical server, the physical server includes a physical machine and a programmable network card device, a virtual machine is deployed on the physical machine, a virtual switch is deployed on the programmable network card device, and the programmable network card device includes a message parsing acceleration module and a hardware message queue based on programmable hardware, and the virtual switch is used to forward data between different virtual machines.
  • the programmable network card device includes a message parsing acceleration module and a hardware message queue based on programmable hardware, and the virtual switch is used to forward data between different virtual machines.
  • the method provided in this embodiment is specifically described from the perspective of a virtual switch deployed on a programmable network card device of a physical server, and the virtual switch can run on the CPU of the programmable network card device, as shown in FIG6, and the method includes:
  • the metadata information of the target message includes the position offsets of the multiple protocol fields in the header information. Based on this, obtaining the information to be matched of the target message according to the metadata information includes: obtaining the values of the protocol fields corresponding to the specified protocol type from the header information of the target message according to the position offsets of the multiple protocol fields in the metadata information as the information to be matched.
  • the metadata information of the target message includes the value of each protocol field corresponding to the specified protocol type in the header information. Based on this, obtaining the information to be matched of the target message according to the metadata information includes: obtaining the value of each protocol field corresponding to the specified protocol type in the metadata information as the information to be matched.
  • the metadata information of the target message further includes: additional parsing information.
  • the additional parsing information is generated based on the parsing result of the header information of the target message, and includes at least one of first identification information indicating whether the target message supports hardware parsing, second identification information indicating whether the parsing result is wrong if the target message supports hardware parsing, and protocol feature information of the target message obtained by parsing.
  • the virtual switch can also determine whether the target message supports hardware parsing based on the additional parsing information included in the metadata information of the target message, whether the parsing structure is wrong if it supports hardware parsing, and further determine whether the target message is a double-layer message containing inner and outer double-layer protocol fields if the parsing result is not wrong.
  • the method further includes: performing keyword parsing on the header information of the target message to obtain the value of each protocol field corresponding to the specified protocol type in the header information as information to be matched; matching in the forwarding flow table according to the information to be matched, and forwarding the target message according to the flow table entry in the match.
  • the method further comprises: in the case of not matching any flow table entry, forwarding the target message according to the processing flow of the first message according to the information to be matched;
  • the information and the related information matched by the information to be matched in the forwarding process are used to generate a flow table entry corresponding to the data flow to which the target message belongs, and the flow table entry is added to the forwarding flow table.
  • the message processing method provided in the above-mentioned embodiment of the present application cooperates with the message parsing acceleration module and the hardware message queue implemented based on programmable hardware on the virtual switch and the programmable network card device; the message that needs to be forwarded through the virtual switch first passes through the message parsing acceleration module, and the message parsing acceleration module parses the header information of the message and provides the parsing result to the virtual switch, which can greatly save the message parsing overhead of the virtual switch and achieve higher message forwarding performance.
  • all operations except the parsing of the message header information are completed by the virtual switch in software form, which can adapt to flexible and changeable application requirements and ensure the rapid iteration and evolution of application requirements.
  • the schematic diagram of the structure of a message processing device provided by the exemplary embodiment of the present application. As shown in FIG7 , the message processing device can be implemented in a virtual switch, including:
  • a reading module 71 used to read the target message and metadata information of the target message written by the message parsing acceleration module from the hardware message queue, wherein the metadata information is obtained by parsing the header information of the target message by the message parsing acceleration module;
  • a matching module 72 configured to obtain information to be matched of the target message according to the metadata information, and perform matching in the forwarding flow table according to the information to be matched;
  • the forwarding module 73 is used to forward the target message according to the flow table entry matched by the matching module.
  • an embodiment of the present application further provides a computer-readable storage medium storing a computer program.
  • the processor When the computer program is executed by a processor, the processor is enabled to implement each step in the method shown in FIG. 6 .
  • an embodiment of the present application further provides a computer program product that stores a computer program, including a computer program/instruction.
  • the processor is enabled to implement each step in the method shown in FIG. 6 .
  • the embodiments of the present application may be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment in combination with software and hardware. Moreover, the present application may adopt the form of a computer program product implemented in one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) that contain computer-usable program code.
  • a computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • each flow chart and/or block diagram can be implemented by computer program instructions.
  • These computer program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, an embedded processor or other programmable data processing device to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing device generate a device for implementing the functions specified in one or more processes in the flowchart and/or one or more blocks in the block diagram.
  • These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing device to work in a specific manner, so that the instructions stored in the computer-readable memory produce a manufactured product including an instruction device that implements the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.
  • These computer program instructions may also be loaded onto a computer or other programmable data processing device so that a series of operational steps are executed on the computer or other programmable device to produce a computer-implemented process, whereby the instructions executed on the computer or other programmable device provide steps for implementing the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.
  • a computing device includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • the memory may include non-permanent storage in a computer-readable medium, random access memory (RAM) and/or non-volatile memory in the form of read-only memory (ROM) or flash memory (flash RAM).
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer readable media include permanent and non-permanent, removable and non-removable media that can be implemented by any method or technology to store information.
  • Information can be computer readable instructions, data structures, program modules or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, compact disk read-only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media that can be used to store information that can be accessed by a computing device.
  • computer readable media does not include temporary computer readable media (transitory media), such as modulated data signals and carrier waves.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本申请实施例提供一种报文处理方法、可编程网卡设备、物理服务器及存储介质。在本申请实施例中,在可编程网卡设备上部署软件形态的虚拟交换机,并在可编程网卡设备上基于可编程硬件实现为虚拟交换机提供报文解析服务的报文解析加速模块和硬件报文队列。需要经虚拟交换机转发的报文,首先经过报文解析加速模块,由报文解析加速模块对报文的头部信息进行解析并将解析结果提供给虚拟交换机,可以大大节省虚拟交换机的报文解析开销,达到较高的报文转发性能,与此同时,除报文头部信息解析之外的其它操作均由软件形态的虚拟交换机完成,能够适应灵活多变的应用需求,保证应用需求的快速迭代和演进。

Description

报文处理方法、可编程网卡设备、物理服务器及存储介质
本申请要求于2022年09月26日提交中国专利局、申请号为202211177345.5、申请名称为“报文处理方法、可编程网卡设备、物理服务器及存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及云计算技术领域,尤其涉及一种报文处理方法、可编程网卡设备、物理服务器及存储介质。
背景技术
摩尔定律放缓使得通用中央处理器(Central Processing Unit,CPU)性能增长的边际成本迅速上升。为了应对网络带宽从主流10G朝着25G、40G、100G、200G甚至400G发展,云厂商开始采用硬件加速方案,将网络虚拟化的处理卸载到智能网卡,而其中最典型的就是将虚拟交换机(vswitch)卸载到智能网卡上。
这样,无论是从智能网卡所属主机(host)侧发出的报文还是从物理网络上接收的报文,会先经过智能网卡的硬件部分进行流表项的匹配;如果报文命中了硬件上的流表项,则直接由硬件部分对报文进行转发处理,实现对vswitch的硬件加速,提高转发性能。
基于云网络的应用需求具有快速迭代和演进的特点,这样就需要智能网卡的硬件逻辑具有较强的灵活性,快速适应应用需求的迭代和演进。然而,硬件通常无法满足类似的灵活性,如果硬件逻辑采用ASIC实现是不能再修改的,即使采用FPGA也受限于开发周期和硬件资源,无法支持灵活多变的应用需求。
发明内容
本申请的多个方面提供一种报文处理方法、可编程网卡设备、物理服务器及存储介质,用以在提高转发性能的同时,适应灵活多变的应用需求。
本申请实施例提供一种物理服务器,包括:物理机和可编程网卡设备,所述物理机上部署有虚拟机,所述可编程网卡设备上部署有用于在不同虚拟机之间进行数据转发的虚拟交换机;
其中,所述可编程网卡设备包括基于可编程硬件实现的报文解析加速模块和硬件报文队列;所述报文解析加速模块,用于接收需要经所述虚拟交换机转发的目标报文,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息;将所述目标报文和所述元数据信息写入所述硬件报文队列中,以供所述虚拟交换机读取;
所述虚拟交换机运行在所述可编程网卡设备的处理器上,用于从所述硬件报文队列中读取所述目标报文和所述元数据信息,根据所述元数据信息获取所述目标报文的 待匹配信息;根据所述待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对所述目标报文进行转发处理。
本申请实施例提供一种可编程网卡设备,所述可编程网卡设备上部署有用于在不同虚拟机之间进行数据转发的虚拟交换机,所述可编程网卡设备包括:处理器,以及基于可编程硬件实现的报文解析加速模块和硬件报文队列;
所述报文解析加速模块,用于接收需要经所述虚拟交换机转发的目标报文,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息;将所述目标报文和所述元数据信息写入所述硬件报文队列中,以供所述虚拟交换机读取;
所述虚拟交换机运行在所述处理器上,用于从所述硬件报文队列中读取所述目标报文和所述元数据信息,根据所述元数据信息获取所述目标报文的待匹配信息;根据所述待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对所述目标报文进行转发处理。
本申请实施例还提供一种报文处理方法,应用于可编程网卡设备上基于可编程硬件实现的报文解析加速模块,所述可编程网卡设备上部署有虚拟交换机,且还包括基于可编程硬件实现的硬件报文队列,所述方法包括:
接收需要经所述虚拟交换机转发的目标报文;对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息;将所述目标报文和所述元数据信息写入所述硬件报文队列中,以供所述虚拟交换机根据所述元数据信息获取所述目标报文的待匹配信息并根据转发流表中被所述待匹配信息匹配中的流表项对所述目标报文进行转发处理。
本申请实施例还提供一种报文处理方法,应用于可编程网卡设备上的虚拟交换机,所述可编程网卡设备还包括基于可编程硬件实现的报文解析加速模块和硬件报文队列,所述方法包括:从所述硬件报文队列中读取由所述报文解析加速模块写入的目标报文和所述目标报文的元数据信息,所述元数据信息是所述报文解析加速模块对所述目标报文的头部信息进行解析得到的;根据所述元数据信息获取所述目标报文的待匹配信息,并根据所述待匹配信息在转发流表中进行匹配;根据匹配中的流表项对所述目标报文进行转发处理。
本申请实施例还提供一种存储有计算机程序的计算机可读存储介质,当计算机程序被处理器执行时,致使处理器实现本申请实施例提供的可由虚拟交换机执行的报文处理方法中的步骤。
本申请实施例还提供一种计算机程序产品,包括计算机程序/指令,当计算机程序/指令被处理器执行时,致使处理器实现本申请实施例提供的任一报文处理方法中的步骤。
在本申请实施例中,在可编程网卡设备上部署软件形态的虚拟交换机,并在可编程网卡设备上基于可编程硬件实现为虚拟交换机提供报文解析服务的报文解析加速模块和硬件报文队列。基于此,需要经虚拟交换机转发的报文,首先经过报文解析加速模块,由报 文解析加速模块对报文的头部信息进行解析,得到报文的元数据信息,将报文及其元数据信息写入硬件报文队列中;这样,虚拟交换机可直接从硬件报文队列中读取报文及其元数据信息,根据元数据信息获取报文的待匹配信息,基于待匹配信息在转发流表中进行匹配,根据匹配中的流表项对报文进行转发处理。在该过程中,虚拟交换机不需要执行报文头部信息的解析操作,而是通过硬件进行报文头部信息的解析并将解析结果提供给虚拟交换机,可以大大节省虚拟交换机的报文解析开销,达到较高的报文转发性能,与此同时,除报文头部信息解析之外的其它操作均由软件形态的虚拟交换机完成,能够适应灵活多变的应用需求,保证应用需求的快速迭代和演进。
附图说明
此处所说明的附图用来提供对本申请的进一步理解,构成本申请的一部分,本申请的示意性实施例及其说明用于解释本申请,并不构成对本申请的不当限定。在附图中:
图1为本申请示例性实施例提供的一种物理服务器的结构示意图;
图2a-图2c为本申请示例性实施例提供的报文结构及其解析状态示意图;
图3为本申请示例性实施例提供的一种物理服务器进行报文转发的快慢路径流程示意图;
图4为本申请示例性实施例提供的一种可编程网卡设备的结构示意图;
图5为本申请示例性实施例提供的一种报文处理方法的流程示意图;
图6为本申请示例性实施例提供的另一种报文处理方法的流程示意图;
图7为本申请示例性实施例提供的一种报文处理装置的结构示意图。
具体实施方式
为使本申请的目的、技术方案和优点更加清楚,下面将结合本申请具体实施例及相应的附图对本申请技术方案进行清楚、完整地描述。显然,所描述的实施例仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
现有虚拟交换机的硬件加速方案无法适应应用需求的迭代和演进,灵活性较差。针对该技术问题,在本申请实施例中,在可编程网卡设备上一方面部署软件形态的虚拟交换机,一方面在可编程网卡设备上基于可编程硬件实现报文解析加速模块和硬件报文队列。需要经虚拟交换机转发的报文,首先经过报文解析加速模块,由报文解析加速模块对报文的头部信息进行解析并将解析结果提供给虚拟交换机,可以大大节省虚拟交换机的报文解析开销,达到较高的报文转发性能,与此同时,除报文头部信息解析之外的其它操作均由软件形态的虚拟交换机完成,能够适应灵活多变的应用需求,保证应用需求的快速迭代和演进。
以下结合附图,详细说明本申请各实施例提供的技术方案。
图1为本申请示例性实施例提供的一种物理服务器的结构示意图。该物理服务器可应 用于云网络系统中,作为云网络系统中的基础设施实现。如图1所示,该物理服务器包括:物理机10,物理机10上部署有至少一个虚拟机101,每个虚拟机101具有虚拟网卡101a和上层应用101b,虚拟网卡101a是其所属虚拟机101通过虚拟化技术以软件方式或硬件方式模拟出的网卡,该虚拟网卡101a作为其所属虚拟机101的网络接口,用于将其所属虚拟机101接入网络并为其所属虚拟机101上的上层应用101b提供数据传输服务。
在本实施例中,为了实现不同虚拟机101之间的数据转发,物理机上需要部署虚拟交换机,由该虚拟交换机负责在同一物理机10上的不同虚拟机101之间以及不同物理机10上的不同虚拟机101之间进行数据转发。例如,同一物理机上的虚拟机E1与虚拟机E2进行数据传输时,虚拟机E1通过其虚拟网卡先将数据传输给虚拟交换机,虚拟交换机经虚拟机E2的虚拟网卡将数据转发至虚拟机E2。又例如,不同物理机上的虚拟机F和虚拟机G之间进行数据传输,虚拟机F通过其虚拟网卡将数据传输给其所属物理机上的虚拟交换机,该虚拟交换机将数据传输给其所属物理机的物理网卡,该物理网卡将数据传输至虚拟机G所属物理机的物理网卡,该物理网卡将数据传输给虚拟机G所属物理机的虚拟交换机,由该虚拟交换机经虚拟机G的虚拟网卡将数据传输给虚拟机G。
除上述物理机10之外,本申请实施例的物理服务器还包括可编程网卡设备20。可编程网卡设备20可以实现为可插拔结构,插接在物理机10上,可插拔方式具有使用灵活、可拓展性强等优势,但并不限于此。例如,可编程网卡设备20也可以直接集成在物理机10上。可编程网卡设备20具有网卡功能,可作为物理机10的物理网卡,负责物理机10上网络流量的转发。
除此之外,物理机10的部分功能还可以卸载到可编程网卡设备20上。可编程网卡设备20由两部分组成,一部分是处理器(CPU)以及对应的操作系统(OS),这部分可负责承载物理机上运行的部分软件功能,例如网络管理和配置以及不需要高性能的数据处理等;另一部分是可编程的硬件部分,这部分可以负责物理机10上各种软件功能的加速处理,支持各种软件功能的硬件卸载(offload),例如可以将物理机10上需要由CPU执行的一些操作,如报文的封装/解封装,网络地址转换(Network Address Translation、NAT),限速,简易信息聚合(Really Simple Syndication,RSS)等卸载到可编程网卡设备20上以硬件方式实现,从而减轻物理机CPU的负担。
可选地,在实现形态上,可编程网卡设备20可以是智能网卡(SmartNiC)或数据处理器(Data Processing Unit,DPU),对此不做限定。另外,可编程网卡设备20上的可编程硬件可以是专用集成电路(Application Specific Integrated Circuit,ASIC)、系统级芯片(System on Chip,SOC)、现场可编程逻辑门阵列(Field Programmable Gate Array,FPGA)或复杂可编程逻辑器件(Complex Programmable logic device,CPLD)等任何支持可编程的硬件器件。
在本申请实施例中,借助于可编程网卡设备20这一资源,可将虚拟交换机从物理机10上卸载到可编程网卡设备20上实现。如图1所示,在可编程网卡设备20上可采用软件 方式实现虚拟交换机201,即在可编程网卡设备20上部署有软件形态的虚拟交换机。软件形态的虚拟交换机需要运行在可编程网卡设备20的CPU上,即可由可编程网卡设备20上的处理器(CPU)运行虚拟交换机对应的程序代码实现虚拟交换机的数据转发功能。
下面分情况对虚拟机101上的上层应用101b通过虚拟交换机201进行数据传输的过程进行说明。下面以虚拟机A0包括上层应用A1和虚拟网卡A2,虚拟机A0所在的物理机包括可编程网卡设备A3,可编程网卡设备A3上实现有虚拟交换机A4为例,对上层应用A1的数据传输过程进行说明。
数据转发场景C1:上层应用A1接收来自其它物理机上的上层应用B1的报文,对报文进行一定处理后再将处理后的报文转发出去。具体地,可编程网卡设备A3上的物理网卡接收其它物理机上的上层应用B1发送的报文,并将报文提供给虚拟交换机A4,虚拟交换机A4基于转发流表将报文提供给虚拟机A0的虚拟网卡A2,由虚拟网卡A2将报文提供给虚拟机A0上的上层应用A1。上层应用A1对报文进行一定的处理后,将处理后的报文提供给虚拟网卡A2,虚拟网卡A2将处理后的报文提供给虚拟交换机A4,虚拟交换机A4基于转发流表将处理后的报文提供给可编程网卡设备A3上的物理网卡,由可编程网卡设备A3上的物理网卡通过网络传输将处理后的报文提供给上层应用B1。
数据发送场景C2:上层应用A1产生报文,需要将报文发送给同台物理机上其它虚拟机上的上层应用或其它物理机上的上层应用。上层应用A1将产生的报文提供给虚拟网卡A2,虚拟网卡A2将报文提供给虚拟交换机A4。在上层应用A1指示将报文发送给同台物理机上其它虚拟机上的上层应用的情况下,虚拟交换机A4基于转发流表将报文提供给其它虚拟机的虚拟网卡,由其它虚拟机的虚拟网卡将该报文提供给其它虚拟机上的上层应用;在上层应用指示将报文发送给其它物理机上的上层应用的情况下,虚拟交换机A4基于转发流表将报文提供给可编程网卡设备A3上的物理网卡,由可编程网卡设备A3上的物理网卡将报文提供给其它物理机的物理网卡,以供其它物理机的物理网卡将接收到的报文提供给其它物理机的上层应用。
数据接收场景C3:上层应用A1接收其它虚拟机上的上层应用发送过来的报文。具体地,若上层应用A1所在虚拟机和其它虚拟机位于同一物理机上,则虚拟交换机A4接收其它虚拟机上的上层应用发送过来的报文,并基于转发流表将报文提供给虚拟网卡A2,由虚拟网卡A2将接收到的报文提供给上层应用A1,以供上层应用A1对接收到的报文进行处理。或者,若上层应用A1所在虚拟机和其它虚拟机位于不同物理机上,则可编程网卡设备A3上的物理网卡接收其它物理机上的上层应用发送过来的报文,并将报文提供给虚拟交换机A4,虚拟交换机A4基于转发流表将报文提供给虚拟网卡A2,由虚拟网卡A2将接收到的报文提供给上层应用A1,以供上层应用A1对接收到的报文进行处理。
在上述列举的三种应用场景中,虚拟交换机采用软件方式实现,且基于转发流表进行报文转发处理。其中,转发流表中包含多个流表项,每个流表项对应一条数据流,流表项中主要包括匹配(match)信息和动作(action)信息两部分,其中match信息是动作信息 对应的关键字(key)信息,主要包括能够唯一标识数据流的信息,例如可以是报文五元组:源/目的IP地址、源/目的端口号、协议类型,当然,也可以是报文三元组、七元组等。action信息包括对报文的执行动作,如封装/解封装、转发、限速等。
虚拟交换机在报文转发过程中,需要依赖可编程网卡设备的CPU对报文进行解析得到报文的待匹配信息,将待匹配信息在转发流表中的匹配信息中进行匹配,根据匹配中的流表项中的动作信息对报文进行处理,整个过程依赖可编程网卡设备的CPU资源,受CPU性能的影响,会制约报文转发性能。为了提高虚拟交换机的报文转发性能,基于可编程网卡设备20的硬件卸载功能,可以在可编程网卡设备20上实现针对虚拟交换机的硬件卸载,即在可编程网卡设备20上实现基于可编程硬件实现的交换机加速模块,由交换机加速模块为虚拟交换机201提供数据转发加速服务。
具体地,预先将虚拟交换机201使用的转发流表配置到交换机加速模块中,这样,在报文收发过程中,任何需要虚拟交换机进行转发的报文先行到达交换机加速模块,由交换机加速模块对报文进行解析得到报文的待匹配信息,根据待匹配信息在转发流表中的匹配信息中进行匹配,并根据匹配中的流表项进行报文转发,最终由硬件代替软件形态的虚拟交换机201进行报文转发。在匹配中的流表项的情况下,报文无需再上送至虚拟交换机201进行软件处理,可提高报文转发速度;而且,由交换机加速模块进行报文转发处理,可减少虚拟交换机201的参与,进而可减少运行虚拟交换机201所占用的可编程网卡设备20的CPU资源,有利于提高可编程网卡设备的性能。
但是,由于基于云网络的上层应用具有快速迭代和演进的特点,经常需要变更流表项中的匹配信息和/或流表项中的动作信息,这样就要求交换机加速模块具有很强的灵活性,能够根据上层应用的迭代和演进适应性的变更硬件流表项中的匹配信息和/或流表项中的动作信息,然而基于可编程硬件实现的交换机加速模块无法满足类似的灵活性。为此,在本申请下述实施例中提供一种新的基于硬件辅助解析报文为软件形态的虚拟交换机实现加速的报文处理方案。
如图1所示,在可编程网卡设备20的可编程硬件部分实现有报文解析加速模块202和硬件报文队列203,而不再是交换机加速模块,且在可编程网卡设备20的处理器上运行有软件形态的虚拟交换机201。可编程网卡设备20上的可编程硬件可以是FPGA、CPLD、ASIC或SOC等,则采用FPGA、CPLD、ASIC或SOC等方式实现报文解析加速模块202和硬件报文队列203。可选地,硬件报文队列203可以是环形队列(ring),但不限于此。另外,硬件报文队列可以是一个或多个,对此也不做限定,在图1中,以一个硬件报文队列为例进行图示。其中,基于报文解析加速模块202和硬件报文队列203为软件形态的虚拟交换机201加速的过程如下所示:
凡是需要经过虚拟交换机201转发的报文首先到达报文解析加速模块202,为了便于描述和区分,将需要经过虚拟交换机201转发的报文称为目标报文。如图1中,①所示目标报文可以是从物理机10上任何虚拟机中的上层应用发出的报文,也可以是可编程网卡 设备上的物理网卡从物理网络上接收到的来自其它物理机10上的上层应用的报文。
报文解析加速模块202接收需要经虚拟交换机201转发的目标报文,如图1中②所示对目标报文的头部信息进行解析,得到目标报文的元数据信息;如图1中③所示将目标报文和元数据信息写入硬件报文队列203中,以供虚拟交换机201读取。其中,元数据信息主要包括对目标报文的头部信息进行解析得到的一些信息,是有助于虚拟交换机201快速获取目标报文的待匹配信息的信息。目标报文的待匹配信息可以是报文的五元组、三元组、七元组等信息,与转发流表中的匹配信息的类型对应,具体可视上层应用的需求而定。
虚拟交换机201运行在可编程网卡设备20的CPU上,如图1中④所示可从硬件报文队列203中读取目标报文和元数据信息。需要说明的是,虚拟交换机201执行的动作,也就是可编程网卡设备的CPU运行虚拟交换机201所执行的动作。可选地,在报文解析加速模块202向硬件报文队列203写入目标报文和元数据信息的情况下,硬件报文队列203可以产生中断信号,CPU根据硬件报文队列203产生的中断信号去硬件报文队列203中读取目标报文和元数据信息。或者,可选地,CPU可以定期轮询硬件报文队列203,在发现硬件报文队列203中有新的目标报文和元数据信息的情况下,从硬件报文队列203中读取目标报文和元数据信息。
如图1中⑤所示,在从硬件报文队列203中读取目标报文和元数据信息之后,虚拟交换机201根据元数据信息获取目标报文的待匹配信息,根据待匹配信息在转发流表中进行匹配;并如图1中⑥所示,根据匹配中的流表项对目标报文进行转发处理。对目标报文的转发处理包括将目标报文转发至物理网络上,或者将目标报文转发至物理机10上任何虚拟机中的上层应用。
其中,对软件虚拟交换机201转发的性能而言,对转发性能影响较大的主要包括两部分,一部分是报文头部信息的解析,一部分是流表项中处理动作的执行,然而流表项中处理动作的执行经常会随着上层应用的快速迭代和演进发生变化,因此,在本实施例中,不再向交换机加速模块那样采用硬件方式实现完整的转发逻辑,而是通过报文解析加速模块202和硬件报文队列203辅助虚拟交换机201进行报文头部信息的解析并将解析结果提供给虚拟交换机201,通过减小报文头部信息解析的开销达到提升虚拟交换机201转发性能的目的,与此同时,除报文头部信息解析之外的其它操作均由软件形态的虚拟交换机201完成,能够适应灵活多变的应用需求,保证应用需求的快速迭代和演进。
在此说明,由于报文解析加速模块202仅需完成报文头部信息的解析,无需进行转发流表的匹配,所以不同于交换机加速模块的实现方式,无需向报文解析加速模块202下发转发流表,即不需要在硬件上维护转发流表,而仅需在软件层面维护转发流表。
在本申请各实施例中,并不限定报文解析加速模块202对目标报文的头部信息进行解析的实现方式,可以采用但不限于以下实现两种方式:
实现方式A1:预解析方式。在该实现方式中,报文解析加速模块202在接收到目标报文之后,可以对目标报文的头部信息进行预解析,得到头部信息中包含的多个 协议字段各自的位置偏移;根据头部信息中多个协议字段各自的位置偏移,生成元数据信息。其中,预解析是指对目标报文的头部信息进行解析,从中得到头部信息中多个协议字段各自的位置偏移的解析过程。在该实施例中,元数据信息至少包括目标报文的头部信息中包含的多个协议字段各自的位置偏移。
具体地,在目标报文到达可编程网卡设备时先送入报文解析加速模块202,由报文解析加速模块202以硬件方式对目标报文的头部信息进行预解析,获取报文头部信息中从外到内的每个协议字段的位置偏移(offset),并保存各协议字段的位置偏移。各协议字段的位置偏移描述了各协议字段在报文头部信息中的起始位置。可选地,该位置偏移可以是相对于报文头部首字节的字节数。
需要说明的是,不同类型的报文,其头部信息中包含的协议字段会有所不同,本申请实施例对此不做限定,报文解析加速模块202能够对各种类型的报文的头部信息进行预解析并得到头部信息中包含的各协议字段的位置偏移。下面举例说明:
在一些应用场景中,报文传输未采用隧道协议,这种报文的头部信息中只包含单层的协议字段,例如报文头部信息从外到内依次是二层L2协议字段、三层L3协议字段和四层L4协议字段。如图2a所示为一种单层协议字段的报文结构,在图2a中,L2协议字段主要是指MAC字段;L3协议字段主要是指IP字段,该IP字段可以是IPV4字段或IPV6字段;L4协议字段是指TCP字段或UDP字段。进一步,如图2a所示,报文解析加速模块202对这种报文的头部信息进行预解析,可以得到L2协议字段的位置偏移以及L2层的协议类型(如MAC),L3协议字段的位置偏移以及L3层的协议类型(如IP),L4协议字段的位置偏移以及L4层的协议类型(如TCP或UDP)等作为元数据信息。也就是说,元数据信息不仅包括各协议字段的位置偏移,还包括各协议字段的协议类型,协议类型信息用于区分对应的协议字段是谁。
在另一些应用场景中,报文传输采用隧道协议,以隧道封装为分界点,这种报文的头部信息中包含双层协议字段,例如包括外层协议字段和内层协议字段。可选地,隧道协议可以是但不限于:vlan或vxlan。在一些场景中,外层协议字段从外到内依次包括外层L2协议字段、外层L3协议字段、外层L4协议字段和外层隧道协议字段;相应地,内层协议字段从外到内依次包括内层L2协议字段、内层L3协议字段、内层L4协议字段和内层隧道协议字段。在另一些场景中,外层协议字段从外到内依次包括外层L2协议字段、外层L3协议字段和外层L4协议字段,外层隧道协议字段内嵌在外层L2协议字段中实现;相应地,内层协议字段从外到内依次包括内层L2协议字段、内层L3协议字段和内层L4协议字段,内层隧道协议字段内嵌在内层L2协议字段中实现。
如图2b所示为一种双层协议字段的报文结构,在图2b中,该种报文的头部信息从外到内依次包含外层L2协议字段、外层L3协议字段、外层L4协议字段、外层隧道协议头、内层L2协议字段、内层L3协议字段、内层L4协议字段以及内层隧道协议头。其中,外层或内层L2协议字段是指MAC字段,外层或内层L3协议字段是指IP字段,外层或内层 L4协议字段是指TCP或UDP字段,外层或内层隧道协议头可以是vlan或vxlan协议。进一步,如图2b所示,报文解析加速模块202对这种报文的头部信息进行预解析,可以得到外层L2协议字段的位置偏移以及外层L2的协议类型(如MAC),外层L3协议字段的位置偏移以及外层L3的协议类型(如IP),外层L4协议字段的位置偏移以及外层L4的协议类型(如TCP或UDP),外层隧道协议头的位置偏移以及外层隧道协议头的协议类型(如vlan或vxlan),以及内层L2协议字段的位置偏移以及内层L2的协议类型(如MAC),内层L3协议字段的位置偏移以及内层L3的协议类型(如IP),内层L4协议字段的位置偏移以及内层L4的协议类型(如TCP或UDP),内层隧道协议头的位置偏移以及内层隧道协议头的协议类型(如vlan或vxlan)等作为元数据信息。也就是说,元数据信息不仅包括各协议字段的位置偏移,还包括各协议字段的协议类型,协议类型信息用于区分对应的协议字段是谁。
如图2c所示为另一种双层协议字段的报文结构,在图2c中,该种报文的头部信息从外到内依次包含外层L2协议字段、外层L3协议字段、外层L4协议字段、内层L2协议字段、内层L3协议字段、内层L4协议字段,其中,外层隧道协议字段内嵌在外层L2协议字段中实现,内层隧道协议字段内嵌在内层L2协议字段中实现。进一步,如图2c所示,报文解析加速模块202对这种报文的头部信息进行预解析,可以得到外层L2协议字段的位置偏移、外层隧道协议头的位置偏移以及协议类型(如vlan或vxlan)、外层L2的协议类型(如MAC),外层L3协议字段的位置偏移以及外层L3的协议类型(如IP),外层L4协议字段的位置偏移以及外层L4的协议类型(如TCP或UDP),以及内层L2协议字段的位置偏移、内层隧道协议头的位置偏移以及协议类型(如vlan或vxlan)、以及内层L2的协议类型(如MAC),内层L3协议字段的位置偏移以及内层L3的协议类型(如IP),内层L4协议字段的位置偏移以及内层L4的协议类型(如TCP或UDP)等作为元数据信息。也就是说,元数据信息不仅包括各协议字段的位置偏移,还包括各协议字段的协议类型,协议类型信息用于区分对应的协议字段是谁。
在得到目标报文的元数据信息之后,报文解析加速模块202将目标报文和元数据信息写入硬件报文队列203中,以供虚拟交换机201读取。在实现方式A1中,虚拟交换机201从硬件报文队列203中读取目标报文和元数据信息,根据元数据信息中包含的多个协议字段各自的位置偏移,从目标报文的头部信息中获取与指定协议类型对应的各协议字段的值,作为待匹配信息。
指定协议类型可以根据上层应用的需求而定,例如可以是L3协议类型(如IP协议)、L4协议类型(如TCP或UDP协议)、L2协议类型(如MAC协议)、隧道协议类型(如vlan或vxlan)中的一种或组合。根据指定协议类型的不同,待匹配信息的实现会有所不同,例如,如果指定协议类型是图2b或图2c所示报文结构中的L4协议类型,则待匹配信息以及转发流表中的匹配信息具体实现为六元组(源IP,目的IP,L4协议类型,源端口,目的端口,VNI),VNI是虚拟网络标识(Vxlan Network Identifier),代表vlan或vxlan网 络中的一个广播域。又例如,如果指定协议类型是图2a所示报文结构中的L4协议类型,则待匹配信息以及转发流表中的匹配信息具体实现为五元组(源IP,目的IP,L4协议类型,源端口,目的端口)。
在得到待匹配信息之后,虚拟交换机201将待匹配信息在转发流表中进行匹配,具体是指,将待匹配信息与转发流表中各流表项中的匹配信息进行匹配;若匹配中流表项,则根据匹配中的流表项中的动作信息对目标报文进行转发处理。在本实施例中,将匹配中流表项的情况看做是一种快速路径(fastpath)模式,该模式包括报文解析加速模块202的报文解析过程,虚拟交换机201匹配转发流表的过程以及根据匹配中的流表项进行报文转发的过程。
进一步可选地,若未匹配中任何流表项,说明目标报文可能是某个数据流的首个报文,则虚拟交换机201根据目标报文的待匹配信息,按照首个报文的处理流程对目标报文进行转发处理,具体包括:根据目标报文的待匹配信息依次在路由表、ACL表以及限速表中进行匹配的过程,最终得到目标报文匹配中的路由信息、ACL策略和限速策略,并根据匹配中的路由信息、ACL策略和限速策略对目标报文进行转发处理。在本实施例中,将未匹配中任何流表项的情况看做是第一种慢速路径(slowpath)模式,该模式包括:报文解析加速模块202的报文解析过程,虚拟交换机201匹配路由表、ACL表以及限速表的过程,以及根据匹配中的路由信息、ACL策略和限速策略进行报文转发的过程等。
进一步可选地,虚拟交换机201还可以根据目标报文的待匹配信息以及在首个报文的处理流程中被所述待匹配信息匹配中的相关信息,生成目标报文所属数据流对应的流表项,将该流表项添加至转发流表中。这样,对于该数据流中的后续报文就可以通过快速路径(fastpath)模式进行处理了,有助于提高报文转发速度。其中,在首个报文的处理流程中被所述待匹配信息匹配中的相关信息包括但不限于:根据目标报文的待匹配信息匹配中的路由信息、ACL策略和限速策略等。目标报文的待匹配信息可作为目标报文所属数据流对应的流表项中的匹配信息,根据目标报文的待匹配信息匹配中的路由信息、ACL策略和限速策略等作为目标报文所属数据流对应的流表项中的动作信息。
在此说明,在上述实现方式A1的预解析过程中,报文解析加速模块202仅解析报文头部信息中包含的多个协议字段各自的位置偏移,待匹配信息的提取以及转发流表的匹配和动作执行均由软件形态的虚拟交换机201负责,能够灵活应对任何上层应用的迭代和演进,在上层应用要求的匹配信息和/或动作发生变化时,转发流表中的匹配信息和/或动作信息可以灵活调整,相应地,虚拟交换机201可按需更改所提取的待匹配信息并调整匹配逻辑和动作执行逻辑,而虚拟交换机201的底层硬件的预解析过程完全不受上层应用的迭代和演进的影响,通过硬件辅助虚拟交换机201进行报文头部信息的解析,可极大提升虚拟交换机201转发性能的目的。
实现方式A2:关键字解析方式。在该实现方式中,报文解析加速模块202在接收到目标报文之后,可以对目标报文的头部信息进行关键字解析,得到头部信息中与指定协议类型对应的各协议字段的值;根据头部信息中与指定协议类型对应的各协议字段的值,生成元数据信息。其中,关键字解析是指对目标报文的头部信息进行解析,从中得到头部信息中与指定协议类型对应的各协议字段的值的解析过程。在该实施例中,元数据信息至少包括目标报文的头部信息中包含与指定协议类型对应的各协议字段的值,也就是目标报文的待匹配信息。
具体地,报文解析加速模块202需要预先存储上层应用要求的指定协议类型,在此基础上,在目标报文到达可编程网卡设备时先送入报文解析加速模块202,由报文解析加速模块202以硬件方式对目标报文的头部信息进行关键字解析,获取报文头部信息中与指定协议类型对应的各协议字段的值。可选地,报文解析加速模块202首先对目标报文的头部信息进行预解析,得到报文头部信息中从外到内的每个协议字段的位置偏移(offset)和协议类型信息,并保存各协议字段的位置偏移和协议类型信息;之后,从中确定属于指定协议类型的协议字段位置偏移,根据属于指定协议类型的协议字段位置偏移从目标报文的头部信息中提取属于指定协议类型的各协议字段的值,作为目标报文的元数据信息。或者,可选地,报文解析加速模块202对目标报文的头部信息从外到内逐步进行解析,每解析出一个协议字段,就判断该协议字段是否属于指定协议类型,直到解析出属于指定协议类型的协议字段为止,将这些协议字段的值作为目标报文的元数据信息。
指定协议类型可以根据上层应用的需求而定,例如可以是L3协议类型(如IP协议)、L4协议类型(如TCP或UDP协议)、L2协议类型(如MAC协议)、隧道协议类型(如vlan或vxlan)中的一种或组合。根据指定协议类型的不同,与指定协议类型对应的各协议字段的值会有所不同,例如,如果指定协议类型是图2b或图2c所示报文结构中的L4协议类型,则与指定协议类型对应的各协议字段的值具体实现为六元组(源IP,目的IP,L4协议类型,源端口,目的端口,VNI),VNI是虚拟网络标识(Vxlan Network Identifier),代表vlan或vxlan网络中的一个广播域。又例如,如果指定协议类型是图2a所示报文结构中的L4协议类型,则与指定协议类型对应的各协议字段的值具体实现为五元组(源IP,目的IP,L4协议类型,源端口,目的端口)。
在得到目标报文的元数据信息之后,报文解析加速模块202将目标报文和元数据信息写入硬件报文队列203中,以供虚拟交换机201读取。在实现方式A2中,虚拟交换机201从硬件报文队列203中读取目标报文和元数据信息,获取所述元数据信息中与指定协议类型对应的各协议字段的值,直接作为待匹配信息。
在得到待匹配信息之后,虚拟交换机201将待匹配信息在转发流表中进行匹配,具体是指,将待匹配信息与转发流表中各流表项中的匹配信息进行匹配;若匹配中流表项,则根据匹配中的流表项中的动作信息对目标报文进行转发处理。在本实施例中,如图3所示,将匹配中流表项的情况看做是一种快速路径(fastpath)模式,该模式包括报文解析加速模 块202的报文解析过程,虚拟交换机201匹配转发流表的过程以及根据匹配中的流表项进行报文转发的过程。
进一步可选地,若未匹配中任何流表项,说明目标报文可能是某个数据流的首个报文,则虚拟交换机201根据目标报文的待匹配信息,按照首个报文的处理流程对目标报文进行转发处理,具体包括:根据目标报文的待匹配信息依次在路由表、ACL表以及限速表中进行匹配的过程,最终得到目标报文匹配中的路由信息、ACL策略和限速策略,并根据匹配中的路由信息、ACL策略和限速策略对目标报文进行转发处理。在本实施例中,如图3所示,将未匹配中任何流表项的情况看做是第一种慢速路径(slowpath)模式,该模式包括:报文解析加速模块202的报文解析过程,虚拟交换机201匹配路由表、ACL表以及限速表的过程,以及根据匹配中的路由信息、ACL策略和限速策略进行报文转发的过程等。
进一步可选地,虚拟交换机201还可以根据目标报文的待匹配信息以及在首个报文的处理流程中被所述待匹配信息匹配中的相关信息,生成目标报文所属数据流对应的流表项,将该流表项添加至转发流表中。这样,对于该数据流中的后续报文就可以通过快速路径(fastpath)模式进行处理了,有助于提高报文转发速度。其中,在首个报文的处理流程中被所述待匹配信息匹配中的相关信息包括但不限于:根据目标报文的待匹配信息匹配中的路由信息、ACL策略和限速策略等。目标报文的待匹配信息可作为目标报文所属数据流对应的流表项中的匹配信息,根据目标报文的待匹配信息匹配中的路由信息、ACL策略和限速策略等作为目标报文所属数据流对应的流表项中的动作信息。
在此说明,在上述实现方式A2的关键字解析过程中,报文解析加速模块202可以根据指定协议类型从报文头部信息中获取待匹配信息作为元数据信息,而基于待匹配信息的转发流表的匹配和动作执行由软件形态的虚拟交换机201负责,能够灵活应对一些对报文处理动作具有迭代和演进需求的上层应用,在上层应用要求的报文处理动作发生变化时,转发流表中的动作信息可以灵活调整,相应地,虚拟交换机201可按需调整动作执行逻辑,而虚拟交换机201的底层硬件的关键字解析过程不受上层应用的迭代和演进的影响,通过硬件辅助虚拟交换机201进行报文头部信息的解析,可极大提升虚拟交换机201转发性能的目的。
无论是在上述实现方式A1中还是在上述实现方式A2中,报文解析加速模块202还用于:根据对目标报文的头部信息的解析结果,生成解析附加信息,并将解析附加信息作为元数据信息中的部分信息。在上述实现方式A1中,对目标报文的头部信息的解析结果具体是指目标报文的头部信息中多个协议字段各自的位置偏移,进一步还可以包括各协议字段的协议类型信息,如图2a-图2c中所示。在上述实现方式A2中,对目标报文的头部信息的解析结果具体是指目标报文的头部信息中与指定协议类型对应的各协议字段的值,即待匹配信息。
无论是哪种实现方式,解析附加信息可以包括但不限于:表示目标报文是否支持 硬件解析的第一标识信息、在目标报文支持硬件解析的情况下表示该解析结果是否出错的第二标识信息、在解析结果未出错情况下解析得到的目标报文的协议特征信息中的至少一种。
如果目标报文能够被报文解析加速模块202解析,说明目标报文支持硬件解析,则第一标识信息的取值可以是第一值,例如1;如果目标报文不能够被报文解析加速模块202解析,说明目标报文不支持硬件解析,则第一标识信息的取值可以是第二值,例如0。其中,第一值、第二值的取值不做限定,1和0仅为示例。在图2a-图2c中,第一标识信息使用unit8_t parse_enable进行表示。
在目标报文支持硬件解析的情况下,如果报文解析加速模块202对目标报文进行解析的过程中未报错,说明该解析结果未出错,则第二标识信息可以是第三值,例如1;如果报文解析加速模块202对目标报文进行解析的过程中报错,说明该解析结果出错,则第二标识信息可以是第四值,例如0。其中,第三值、第四值的取值不做限定,1和0仅为示例。在图2a-图2c中,第二标识信息使用parse_error进行表示。
在解析结果未出错的情况下,还可以将解析得到的目标报文的协议特征信息作为解析附加信息。在本实施例中,目标报文的协议特征信息主要是指目标报文是否是逻辑网络(overlay)中的双层报文。双层报文是指支持内外双层协议的报文,如图2b和图2c所示的报文。如果目标报文的头部信息中包含内外双层协议字段,则该协议特征信息的取值为1,如果目标报文的头部信息中包含一层协议字段,则该协议特征信息的取值为0。在图2a-图2c中,该协议特征信息使用outer_vlaid进行表示。
对报文解析加速模块202来说,会将对目标报文的头部信息的解析结果以及根据解析结果生成的解析附加信息一起作为元数据信息,写入硬件报文队列203中。进一步可选地,如图2a-图2c所示,解析附加信息除了包含unit8_t parse_enable、parse_error和outer_vlaid字段之外,还包括一个保留字段,即parse_reserv,用于对后续增加更多解析附加信息。
基于上述解析附加信息,虚拟交换机201首先根据元数据信息中的解析附加信息,确定目标报文是否支持硬件解析,在支持硬件解析的情况下解析结构是否出错,以及在解析结果未出错的情况下进一步确定目标报文是否是包含内外双层协议字段的双层报文。
其中,在根据解析附加信息确定目标报文支持硬件解析且在支持硬件解析的情况下解析结果未出错的情况下,虚拟交换机201可以根据目标报文是否是包含内外双层协议字段的双层报文的信息,从硬件报文队列203中读取目标报文和元数据信息;之后,采用上述实现方式A1或A2的方式,根据元数据信息获取目标报文的待匹配信息;根据待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对所述目标报文进行转发处理。
进一步可选地,在根据解析附加信息确定目标报文不支持硬件解析或者目标报文 支持硬件解析但解析结果出错的情况下,虚拟交换机201需要对目标报文的头部信息进行关键字解析,得到头部信息中与指定协议类型对应的各协议字段的值作为待匹配信息;根据待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对目标报文进行转发处理。换句话说,在硬件无法对目标报文的头部信息进行解析,或者解析错误的情况下,需要由虚拟交换机201以软件方式对目标报文的头部信息进行解析。
进一步,虚拟交换机201对目标报文的头部信息进行关键字解析得到待匹配信息之后,根据待匹配信息在转发流表中进行匹配;若匹配中流表项,则根据匹配中的流表项中的动作信息对目标报文进行转发处理。若未匹配中任何流表项,说明目标报文可能是某个数据流的首个报文,则虚拟交换机201根据目标报文的待匹配信息,按照首个报文的处理流程对目标报文进行转发处理,具体包括:根据目标报文的待匹配信息依次在路由表、ACL表以及限速表中进行匹配的过程,最终得到目标报文匹配中的路由信息、ACL策略和限速策略,并根据匹配中的路由信息、ACL策略和限速策略对目标报文进行转发处理。进一步可选地,虚拟交换机201还可以根据目标报文的待匹配信息以及在首个报文的处理流程中被所述待匹配信息匹配中的相关信息,生成目标报文所属数据流对应的流表项,将该流表项添加至转发流表中。这样,对于该数据流中的后续报文就可以通过快速路径(fastpath)模式进行处理了,有助于提高报文转发速度。
在本实施例中,如图3所示,可将目标报文不支持硬件解析或者目标报文支持硬件解析但解析结果出错情况下的报文处理流程称为第二种慢速路径(lowpath)模式,该模式包括:报文解析加速模块202的报文解析过程,虚拟交换机201重新以软件方式进行报文解析的过程,匹配转发流表、根据匹配中的流表项进行报文转发的过程,以及未匹配中流表项时匹配路由表、ACL表以及限速表的过程,根据匹配中的路由信息、ACL策略和限速策略进行报文转发的过程等。
在本申请上述或下述实施例中,在可编程网卡设备20上实现有报文解析加速模块202、硬件报文队列203以及虚拟交换机201,可选地,可编程网卡设备20上还包括基于可编程硬件实现的物理机的物理网卡,如图1所示。在此基础上,对物理服务器进行报文传输的不同场景进行示例性的说明,如下:
虚拟机K中的上层应用产生第一报文需要向虚拟机J发送第一报文,虚拟机J对第一报文进行处理后,需要将处理后的第一报文转发给虚拟机H。
若虚拟机J与虚拟机K位于同一物理服务器,则虚拟机K通过其虚拟网卡将第一报文发送给同一物理服务器上的报文解析加速模块202;由报文解析加速模块202对第一报文进行头部信息的解析,得到元数据信息,将第一报文和元数据信息写入硬件报文对列中;虚拟交换机201从硬件报文对列中读取第一报文和元数据信息,采用上述实现方式A1或A2根据元数据信息获取待匹配信息,根据待匹配信息在本地转发流表中进行匹配,在匹配中与虚拟机J对应的流表项的情况下,将第一报文经虚拟机J的虚拟网卡发送给虚拟机J。
若虚拟机J与虚拟机K位于不同物理服务器上,则虚拟机K通过其虚拟网卡将第一报文发送给其所属物理服务器上的报文解析加速模块202;由报文解析加速模块202对第一报文进行头部信息的解析,得到元数据信息,将第一报文和元数据信息写入硬件报文对列中;虚拟机K所属物理服务器上的虚拟交换机201从硬件报文对列中读取第一报文和元数据信息,采用上述实现方式A1或A2根据元数据信息获取待匹配信息,根据待匹配信息在本地转发流表中进行匹配,在匹配中与虚拟机J所属物理服务器对应的流表项的情况下,将第一报文发送给虚拟机K所属物理服务器的物理网卡,由该物理网卡通过网络传输将第一报文提供给虚拟机J所属物理服务器的物理网卡,该物理网卡将第一报文提供给虚拟机J所属物理服务器的报文解析加速模块202。进一步,虚拟机J所属物理服务器的报文解析加速模块202会接收到第一报文,由报文解析加速模块202对第一报文进行头部信息的解析,得到元数据信息,将第一报文和元数据信息写入硬件报文对列中;虚拟机J所属物理服务器上的虚拟交换机201从硬件报文对列中读取第一报文和元数据信息,采用上述实现方式A1或A2根据元数据信息获取待匹配信息,根据待匹配信息在本地转发流表中进行匹配,并在匹配中与虚拟机J对应的流表项的情况下,经虚拟机J的虚拟网卡将第一报文提供给虚拟机J。
虚拟机J接收到第一报文之后,对第一报文进行处理,得到处理后的第一报文,并将处理后的第一报文发送给虚拟机H。其中,虚拟机J向虚拟机H发送处理后的第一报文的过程与虚拟机J接收虚拟机K发送的第一报文的过程相同或相似,也分为虚拟机J与虚拟机H位于同一物理服务器和位于不同物理服务器两种情况,在此不做赘述。
在本申请各实施例中,物理服务器除了包含上述组件之外,还包括:存储器、通信组件、电源组件等其它组件,并未在图1中示出。其中,存储器用于存储计算机程序,并可被配置为存储其它各种数据以支持在物理服务器上的操作。这些数据的示例包括用于在物理服务器上操作的任何应用程序或方法的指令。
其中,存储器可以由任何类型的易失性或非易失性存储设备或者它们的组合实现,如静态随机存取存储器(SRAM),电可擦除可编程只读存储器(EEPROM),可擦除可编程只读存储器(EPROM),可编程只读存储器(PROM),只读存储器(ROM),磁存储器,快闪存储器,磁盘或光盘。
通信组件被配置为便于通信组件所在设备和其他设备之间有线或无线方式的通信。通信组件所在设备可以接入基于通信标准的无线网络,如WiFi,2G、3G、4G/LTE、5G等移动通信网络,或它们的组合。在一个示例性实施例中,通信组件经由广播信道接收来自外部广播管理系统的广播信号或广播相关信息。在一个示例性实施例中,所述通信组件还包括近场通信(NFC)模块,以促进短程通信。例如,在NFC模块可基于射频识别(RFID)技术,红外数据协会(IrDA)技术,超宽带(UWB)技术,蓝牙(BT)技术和其他技术来实现。
电源组件,为电源组件所在设备的各种组件提供电力。电源组件可以包括电源管理系 统,一个或多个电源,及其他与为电源组件所在设备生成、管理和分配电力相关联的组件。
除了上述物理服务器,本申请实施例还提供一种可编程网卡设备,如图4所示,可编程网卡设备20上部署有用于在不同虚拟机之间进行数据转发的虚拟交换机201,可编程网卡设备包括:处理器,以及基于可编程硬件实现的报文解析加速模块202和硬件报文队列203。
其中,报文解析加速模块202,用于接收需要经虚拟交换机201转发的目标报文,对目标报文的头部信息进行解析,得到目标报文的元数据信息;将目标报文和元数据信息写入硬件报文队列203中,以供虚拟交换机201读取。
虚拟交换机201运行在处理器上,用于从硬件报文队列203中读取目标报文和元数据信息,根据元数据信息获取目标报文的待匹配信息;根据待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对目标报文进行转发处理。
在一可选实施例中,报文解析加速模块202具体用于:对目标报文的头部信息进行预解析,得到头部信息中多个协议字段各自的位置偏移;根据头部信息中多个协议字段各自的位置偏移,生成元数据信息。相应地,虚拟交换机201具体用于:根据元数据信息中多个协议字段各自的位置偏移,从目标报文的头部信息中获取与指定协议类型对应的各协议字段的值,作为待匹配信息。
在一可选实施例中,报文解析加速模块202具体用于:对目标报文的头部信息进行关键字解析,得到头部信息中与指定协议类型对应的各协议字段的值;根据头部信息中与指定协议类型对应的各协议字段的值,生成元数据信息。相应地,虚拟交换机201具体用于:获取元数据信息中与指定协议类型对应的各协议字段的值,作为待匹配信息。
在一可选实施例中,报文解析加速模块202还用于:根据对目标报文的头部信息的解析结果,生成解析附加信息,并将解析附加信息作为元数据信息中的部分信息。其中,解析附加信息包括表示目标报文是否支持硬件解析的第一标识信息、在目标报文支持硬件解析的情况下表示解析结果是否出错的第二标识信息、解析得到的目标报文的协议特征信息中的至少一种。
在一可选实施例中,在目标报文不支持硬件解析或解析结果出错的情况下,虚拟交换机201还用于:对目标报文的头部信息进行关键字解析,得到头部信息中与指定协议类型对应的各协议字段的值作为待匹配信息;根据待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对目标报文进行转发处理。
在一可选实施例中,虚拟交换机201还用于:在未匹配中任何流表项的情况下,根据待匹配信息,按照首个报文的处理流程对目标报文进行转发处理;根据待匹配信息以及在首个报文的处理流程中被待匹配信息匹配中的相关信息,生成目标报文所属数据流对应的流表项,将流表项添加至转发流表中。
本申请实施例提供的可编程网卡设备,可以部署软件形态的虚拟交换机,并且包括基于可编程硬件实现的报文解析加速模块和硬件报文队列;需要经虚拟交换机转发的报文,首先经过报文解析加速模块,由报文解析加速模块对报文的头部信息进行解析并将解析结果提供给虚拟交换机,可以大大节省虚拟交换机的报文解析开销,达到较高的报文转发性能,与此同时,除报文头部信息解析之外的其它操作均由软件形态的虚拟交换机完成,能够适应灵活多变的应用需求,保证应用需求的快速迭代和演进。
图5为本申请示例性实施例提供的一种报文处理方法的流程示意图;该报文处理方法,应用于物理服务器,物理服务器包括物理机和可编程网卡设备,物理机上部署有虚拟机,可编程网卡设备上部署有虚拟交换机,且可编程网卡设备包括基于可编程硬件实现的报文解析加速模块和硬件报文队列,虚拟交换机用于在不同虚拟机之间进行数据转发,关于物理服务器中各组件的详细介绍可参见前述实施例,在此不再赘述。本实施例提供的方法具体是从物理服务器的可编程网卡设备上的报文解析加速模块的角度进行的描述,如图5所示,该方法包括:
501、接收需要经虚拟交换机转发的目标报文;
502、对目标报文的头部信息进行解析,得到目标报文的元数据信息;
503、将目标报文和元数据信息写入硬件报文队列中,以供虚拟交换机根据元数据信息获取目标报文的待匹配信息并根据转发流表中被该待匹配信息匹配中的流表项对目标报文进行转发处理。
在一可选实施例中,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息,包括:对目标报文的头部信息进行预解析,得到头部信息中多个协议字段各自的位置偏移;根据头部信息中多个协议字段各自的位置偏移,生成目标报文的元数据信息。在该可选实施例中,目标报文的元数据信息包括头部信息中多个协议字段各自的位置偏移。
在另一可选实施例中,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息,包括:对目标报文的头部信息进行关键字解析,得到头部信息中与指定协议类型对应的各协议字段的值;根据头部信息中与指定协议类型对应的各协议字段的值,生成目标报文的元数据信息。在该可选实施例中,目标报文的元数据信息包括头部信息中与指定协议类型对应的各协议字段的值,例如五元组、三元组等。
在上述可选实施例中,头部信息中多个协议字段各自的位置偏移,或者头部信息中与指定协议类型对应的各协议字段的值,都是对目标报文的头部信息进行解析得到的解析结果。在一些可选实施例中,除了根据对目标报文的头部信息的解析结果生成目标报文的元数据信息之外,还可以根据对目标报文的头部信息的解析结果,生成解析附加信息,并将解析附加信息作为元数据信息中的部分信息。可选地,解析附加信息包括表示目标报文是否支持硬件解析的第一标识信息、在目标报文支持硬件解析的情况下表示解析结果是否出错的第二标识信息、解析得到的目标报文的协议特征信息 中的至少一种。
图6为本申请示例性实施例提供的另一种报文处理方法的流程示意图;该报文处理方法,应用于物理服务器,物理服务器包括物理机和可编程网卡设备,物理机上部署有虚拟机,可编程网卡设备上部署有虚拟交换机,且可编程网卡设备包括基于可编程硬件实现的报文解析加速模块和硬件报文队列,虚拟交换机用于在不同虚拟机之间进行数据转发,关于物理服务器中各组件的详细介绍可参见前述实施例,在此不再赘述。本实施例提供的方法具体是从物理服务器的可编程网卡设备上部署的虚拟交换机的角度进行的描述,该虚拟交换机可在可编程网卡设备的CPU运行,如图6所示,该方法包括:
601、从硬件报文队列中读取由报文解析加速模块写入的目标报文和目标报文的元数据信息,所述元数据信息是报文解析加速模块对目标报文的头部信息进行解析得到的;
602、根据所述元数据信息获取目标报文的待匹配信息,并根据待匹配信息在转发流表中进行匹配;
603、根据匹配中的流表项对目标报文进行转发处理。
在一可选实施例中,目标报文的元数据信息包括头部信息中多个协议字段各自的位置偏移。基于此,根据所述元数据信息获取目标报文的待匹配信息,包括:根据所述元数据信息中多个协议字段各自的位置偏移,从目标报文的头部信息中获取与指定协议类型对应的各协议字段的值,作为待匹配信息。
在另一可选实施例中,目标报文的元数据信息包括头部信息中与指定协议类型对应的各协议字段的值。基于此,根据所述元数据信息获取目标报文的待匹配信息,包括:获取所述元数据信息中与指定协议类型对应的各协议字段的值,作为待匹配信息。
在一可选实施例中,目标报文的元数据信息还包括:解析附加信息。可选地,解析附加信息是根据对目标报文的头部信息的解析结果生成的,包括表示目标报文是否支持硬件解析的第一标识信息、在目标报文支持硬件解析的情况下表示解析结果是否出错的第二标识信息、解析得到的目标报文的协议特征信息中的至少一种。
虚拟交换机还可以根据目标报文的元数据信息中包括的解析附加信息,确定目标报文是否支持硬件解析,在支持硬件解析的情况下解析结构是否出错,以及在解析结果未出错的情况下进一步确定目标报文是否是包含内外双层协议字段的双层报文。
在目标报文不支持硬件解析的情况下或者目标报文支持硬件解析但解析结果出错的情况下,所述方法还包括:对所述目标报文的头部信息进行关键字解析,得到头部信息中与指定协议类型对应的各协议字段的值作为待匹配信息;根据待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对目标报文进行转发处理。
进一步可选地,所述方法还包括:在未匹配中任何流表项的情况下,根据所述待匹配信息,按照首个报文的处理流程对所述目标报文进行转发处理;根据所述待匹配 信息以及转发处理过程中被所述待匹配信息匹配中的相关信息,生成所述目标报文所属数据流对应的流表项,将所述流表项添加至转发流表中。
本申请上述实施例提供的报文处理方法,虚拟交换机与可编程网卡设备上基于可编程硬件实现的报文解析加速模块和硬件报文队列相互配合;需要经虚拟交换机转发的报文,首先经过报文解析加速模块,由报文解析加速模块对报文的头部信息进行解析并将解析结果提供给虚拟交换机,可以大大节省虚拟交换机的报文解析开销,达到较高的报文转发性能,与此同时,除报文头部信息解析之外的其它操作均由软件形态的虚拟交换机完成,能够适应灵活多变的应用需求,保证应用需求的快速迭代和演进。
需要说明的是,在上述实施例及附图中的描述的一些流程中,包含了按照特定顺序出现的多个操作,但是应该清楚了解,这些操作可以不按照其在本文中出现的顺序来执行或并行执行,操作的序号如501、502等,仅仅是用于区分开各个不同的操作,序号本身不代表任何的执行顺序。另外,这些流程可以包括更多或更少的操作,并且这些操作可以按顺序执行或并行执行。需要说明的是,本文中的“第一”、“第二”等描述,是用于区分不同的消息、设备、模块等,不代表先后顺序,也不限定“第一”和“第二”是不同的类型。
本申请示例性实施例提供的一种报文处理装置的结构示意图。如图7所示,该报文处理装置可位于虚拟交换机中实现,包括:
读取模块71,用于从硬件报文队列中读取由报文解析加速模块写入的目标报文和目标报文的元数据信息,所述元数据信息是报文解析加速模块对目标报文的头部信息进行解析得到的;
匹配模块72,用于根据所述元数据信息获取目标报文的待匹配信息,并根据待匹配信息在转发流表中进行匹配;
转发模块73,用于根据匹配模块匹配中的流表项对目标报文进行转发处理。
图6所示方法实施例涉及的各步骤的所有相关内容均可以援引到对应的功能描述中,在此不再赘述。
相应地,本申请实施例还提供一种存储有计算机程序的计算机可读存储介质,当计算机程序被处理器执行时,致使处理器能够实现图6所示方法中的各步骤。
相应地,本申请实施例还提供一种存储有计算机程序产品,包括计算机程序/指令,当计算机程序/指令被处理器执行时,致使处理器能够实现图6所示方法中的各步骤。
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流 程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。
以上所述仅为本申请的实施例而已,并不用于限制本申请。对于本领域技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本申请的权利要求范围之内。

Claims (17)

  1. 一种物理服务器,其特征在于,包括:物理机和可编程网卡设备,所述物理机上部署有虚拟机,所述可编程网卡设备上部署有用于在不同虚拟机之间进行数据转发的虚拟交换机;
    其中,所述可编程网卡设备包括基于可编程硬件实现的报文解析加速模块和硬件报文队列;所述报文解析加速模块,用于接收需要经所述虚拟交换机转发的目标报文,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息;将所述目标报文和所述元数据信息写入所述硬件报文队列中,以供所述虚拟交换机读取;
    所述虚拟交换机运行在所述可编程网卡设备的处理器上,用于从所述硬件报文队列中读取所述目标报文和所述元数据信息,根据所述元数据信息获取所述目标报文的待匹配信息;根据所述待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对所述目标报文进行转发处理。
  2. 根据权利要求1所述的物理服务器,其特征在于,所述报文解析加速模块具体用于:
    对所述目标报文的头部信息进行预解析,得到所述头部信息中多个协议字段各自的位置偏移;
    根据所述头部信息中多个协议字段各自的位置偏移,生成所述元数据信息。
  3. 根据权利要求2所述的物理服务器,其特征在于,所述虚拟交换机具体用于:
    根据所述元数据信息中多个协议字段各自的位置偏移,从所述目标报文的头部信息中获取与指定协议类型对应的各协议字段的值,作为所述待匹配信息。
  4. 根据权利要求1所述的物理服务器,其特征在于,所述报文解析加速模块具体用于:
    对所述目标报文的头部信息进行关键字解析,得到所述头部信息中与指定协议类型对应的各协议字段的值;根据所述头部信息中与指定协议类型对应的各协议字段的值,生成所述元数据信息;
    所述虚拟交换机具体用于:获取所述元数据信息中与指定协议类型对应的各协议字段的值,作为所述待匹配信息。
  5. 根据权利要求1-4任一项所述的物理服务器,其特征在于,所述报文解析加速模块还用于:
    根据对所述目标报文的头部信息的解析结果,生成解析附加信息,并将所述解析附加信息作为所述元数据信息中的部分信息;
    所述解析附加信息包括表示所述目标报文是否支持硬件解析的第一标识信息、在所述目标报文支持硬件解析的情况下表示所述解析结果是否出错的第二标识信息、解析得到的所述目标报文的协议特征信息中的至少一种。
  6. 根据权利要求5所述的物理服务器,其特征在于,在所述目标报文不支持硬件解析或所述解析结果出错的情况下,虚拟交换机还用于:
    对所述目标报文的头部信息进行关键字解析,得到所述头部信息中与指定协议类 型对应的各协议字段的值作为待匹配信息;
    根据所述待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对所述目标报文进行转发处理。
  7. 一种可编程网卡设备,其特征在于,所述可编程网卡设备上部署有用于在不同虚拟机之间进行数据转发的虚拟交换机,所述可编程网卡设备包括:处理器,以及基于可编程硬件实现的报文解析加速模块和硬件报文队列;
    所述报文解析加速模块,用于接收需要经所述虚拟交换机转发的目标报文,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息;将所述目标报文和所述元数据信息写入所述硬件报文队列中,以供所述虚拟交换机读取;
    所述虚拟交换机运行在所述处理器上,用于从所述硬件报文队列中读取所述目标报文和所述元数据信息,根据所述元数据信息获取所述目标报文的待匹配信息;根据所述待匹配信息在转发流表中进行匹配,并根据匹配中的流表项对所述目标报文进行转发处理。
  8. 根据权利要求7所述的设备,其特征在于,所述报文解析加速模块具体用于:
    对所述目标报文的头部信息进行预解析,得到所述头部信息中多个协议字段各自的位置偏移;
    根据所述头部信息中多个协议字段各自的位置偏移,生成所述元数据信息。
  9. 根据权利要求8所述的设备,其特征在于,所述虚拟交换机具体用于:
    根据所述元数据信息中多个协议字段各自的位置偏移,从所述目标报文的头部信息中获取与指定协议类型对应的各协议字段的值,作为所述待匹配信息。
  10. 根据权利要求7所述的设备,其特征在于,所述报文解析加速模块具体用于:
    对所述目标报文的头部信息进行关键字解析,得到所述头部信息中与指定协议类型对应的各协议字段的值;根据所述头部信息中与指定协议类型对应的各协议字段的值,生成所述元数据信息;
    所述虚拟交换机具体用于:获取所述元数据信息中与指定协议类型对应的各协议字段的值,作为所述待匹配信息。
  11. 一种报文处理方法,其特征在于,应用于可编程网卡设备上基于可编程硬件实现的报文解析加速模块,所述可编程网卡设备上部署有虚拟交换机,且还包括基于可编程硬件实现的硬件报文队列,所述方法包括:
    接收需要经所述虚拟交换机转发的目标报文;
    对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息;
    将所述目标报文和所述元数据信息写入所述硬件报文队列中,以供所述虚拟交换机根据所述元数据信息获取所述目标报文的待匹配信息并根据转发流表中被所述待匹配信息匹配中的流表项对所述目标报文进行转发处理。
  12. 根据权利要求11所述的方法,其特征在于,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息,包括:
    对所述目标报文的头部信息进行预解析,得到所述头部信息中多个协议字段各自 的位置偏移;
    根据所述头部信息中多个协议字段各自的位置偏移,生成所述元数据信息。
  13. 根据权利要求11所述的方法,其特征在于,对所述目标报文的头部信息进行解析,得到所述目标报文的元数据信息,包括:
    对所述目标报文的头部信息进行关键字解析,得到所述头部信息中与指定协议类型对应的各协议字段的值;
    根据所述头部信息中与指定协议类型对应的各协议字段的值,生成所述元数据信息。
  14. 根据权利要求11-13任一项所述的方法,其特征在于,还包括:
    根据对所述目标报文的头部信息的解析结果,生成解析附加信息,并将所述解析附加信息作为所述元数据信息中的部分信息;
    所述解析附加信息包括表示所述目标报文是否支持硬件解析的第一标识信息、在所述目标报文支持硬件解析的情况下表示所述解析结果是否出错的第二标识信息、解析得到的所述目标报文的协议特征信息中的至少一种。
  15. 一种报文处理方法,其特征在于,应用于可编程网卡设备上的虚拟交换机,所述可编程网卡设备还包括基于可编程硬件实现的报文解析加速模块和硬件报文队列,所述方法包括:
    从所述硬件报文队列中读取由所述报文解析加速模块写入的目标报文和所述目标报文的元数据信息,所述元数据信息是所述报文解析加速模块对所述目标报文的头部信息进行解析得到的;
    根据所述元数据信息获取所述目标报文的待匹配信息,并根据所述待匹配信息在转发流表中进行匹配;
    根据匹配中的流表项对所述目标报文进行转发处理。
  16. 根据权利要求15所述的方法,其特征在于,根据所述元数据信息获取所述目标报文的待匹配信息,包括:
    根据所述元数据信息中多个协议字段各自的位置偏移,从所述目标报文的头部信息中获取与指定协议类型对应的各协议字段的值,作为所述待匹配信息;
    或者
    获取所述元数据信息中与指定协议类型对应的各协议字段的值,作为所述待匹配信息。
  17. 一种存储有计算机程序的计算机可读存储介质,其特征在于,当所述计算机程序被处理器执行时,致使所述处理器实现权利要求15-16任一项所述方法中的步骤。
PCT/CN2023/120288 2022-09-26 2023-09-21 报文处理方法、可编程网卡设备、物理服务器及存储介质 WO2024067336A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202211177345.5 2022-09-26
CN202211177345.5A CN115766620A (zh) 2022-09-26 2022-09-26 报文处理方法、可编程网卡设备、物理服务器及存储介质

Publications (1)

Publication Number Publication Date
WO2024067336A1 true WO2024067336A1 (zh) 2024-04-04

Family

ID=85350251

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/120288 WO2024067336A1 (zh) 2022-09-26 2023-09-21 报文处理方法、可编程网卡设备、物理服务器及存储介质

Country Status (2)

Country Link
CN (1) CN115766620A (zh)
WO (1) WO2024067336A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118473935A (zh) * 2024-07-09 2024-08-09 济南浪潮数据技术有限公司 一种虚拟机网络加速方法、系统、电子设备及存储介质
CN118473835A (zh) * 2024-07-15 2024-08-09 河南嵩山实验室产业研究院有限公司洛阳分公司 基于fpga的动态可重构系统的网络安全架构及实现方法

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115766620A (zh) * 2022-09-26 2023-03-07 阿里巴巴(中国)有限公司 报文处理方法、可编程网卡设备、物理服务器及存储介质
CN116800486B (zh) * 2023-06-13 2024-06-07 中科驭数(北京)科技有限公司 云网络通信方法及系统
CN116760795B (zh) * 2023-08-15 2023-12-08 中移(苏州)软件技术有限公司 网络地址转换nat网关设备、报文处理方法和装置
CN116962220A (zh) * 2023-09-05 2023-10-27 之江实验室 一种全维可定义智信网络装置
CN117240947B (zh) * 2023-11-15 2024-02-02 无锡沐创集成电路设计有限公司 一种报文处理方法、装置及介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200021532A1 (en) * 2018-07-10 2020-01-16 Cisco Technology, Inc. Automatic rate limiting based on explicit network congestion notification in smart network interface card
CN113746749A (zh) * 2020-05-29 2021-12-03 阿里巴巴集团控股有限公司 网络连接设备
CN113821310A (zh) * 2021-11-19 2021-12-21 阿里云计算有限公司 数据处理方法、可编程网卡设备、物理服务器及存储介质
CN114363256A (zh) * 2020-09-28 2022-04-15 华为云计算技术有限公司 基于网卡的报文解析方法以及相关装置
CN115766620A (zh) * 2022-09-26 2023-03-07 阿里巴巴(中国)有限公司 报文处理方法、可编程网卡设备、物理服务器及存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200021532A1 (en) * 2018-07-10 2020-01-16 Cisco Technology, Inc. Automatic rate limiting based on explicit network congestion notification in smart network interface card
CN113746749A (zh) * 2020-05-29 2021-12-03 阿里巴巴集团控股有限公司 网络连接设备
CN114363256A (zh) * 2020-09-28 2022-04-15 华为云计算技术有限公司 基于网卡的报文解析方法以及相关装置
CN113821310A (zh) * 2021-11-19 2021-12-21 阿里云计算有限公司 数据处理方法、可编程网卡设备、物理服务器及存储介质
CN115766620A (zh) * 2022-09-26 2023-03-07 阿里巴巴(中国)有限公司 报文处理方法、可编程网卡设备、物理服务器及存储介质

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
WANG YUWEI: "High Performance Load Balancing Mechanism for Network Function Virtualization", JOURNAL OF COMPUTER RESEARCH AND DEVELOPMENT, vol. 55, no. 4, 15 April 2018 (2018-04-15), pages 689 - 703, XP093151962 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118473935A (zh) * 2024-07-09 2024-08-09 济南浪潮数据技术有限公司 一种虚拟机网络加速方法、系统、电子设备及存储介质
CN118473835A (zh) * 2024-07-15 2024-08-09 河南嵩山实验室产业研究院有限公司洛阳分公司 基于fpga的动态可重构系统的网络安全架构及实现方法

Also Published As

Publication number Publication date
CN115766620A (zh) 2023-03-07

Similar Documents

Publication Publication Date Title
WO2024067336A1 (zh) 报文处理方法、可编程网卡设备、物理服务器及存储介质
WO2023087938A1 (zh) 数据处理方法、可编程网卡设备、物理服务器及存储介质
US9882808B2 (en) Packet processing method and apparatus
CN113326228B (zh) 基于远程直接数据存储的报文转发方法、装置及设备
CN105612719B (zh) 使用封装头部中的元数据的高级网络虚拟化
US9019837B2 (en) Packet modification to facilitate use of network tags
US10419361B2 (en) Interworking between physical network and virtual network
US20220255772A1 (en) Packet sending method, apparatus, and system
WO2016062169A1 (zh) 一种报文传输方法及装置
CN107770072B (zh) 一种发送和接收报文的方法和设备
EP3813318B1 (en) Packet transmission method, communication device, and system
CN107070719B (zh) 一种设备管理方法和装置
CN116860488A (zh) 一种进程通信方法和相关装置
WO2024141093A1 (zh) Nfv接入方法、设备、系统及存储介质
US9898069B1 (en) Power reduction methods for variable sized tables
US12003417B2 (en) Communication method and apparatus
CN115801498A (zh) 一种车载以太网网关系统、运行方法
CN115834472A (zh) 一种报文处理方法、转发策略获取方法及装置
US10917502B2 (en) Method for using metadata in internet protocol packets
CN113746802B (zh) 网络功能虚拟化中的方法以及本地状态和远程状态全存储的vnf装置
EP3989498B1 (en) Method and network processor for sending network message
CN116668375B (zh) 一种报文分流方法、装置、网络设备及存储介质
CN113114565B (zh) 数据报文转发方法及装置、存储介质及电子设备
WO2023216622A1 (zh) 报文处理方法、设备、系统及计算机可读存储介质
CN117336234A (zh) 一种数据传输方法、装置、电子设备及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23870568

Country of ref document: EP

Kind code of ref document: A1