[go: up one dir, main page]

CN104348716B - A kind of message processing method and equipment - Google Patents

A kind of message processing method and equipment Download PDF

Info

Publication number
CN104348716B
CN104348716B CN201310315236.XA CN201310315236A CN104348716B CN 104348716 B CN104348716 B CN 104348716B CN 201310315236 A CN201310315236 A CN 201310315236A CN 104348716 B CN104348716 B CN 104348716B
Authority
CN
China
Prior art keywords
flow table
message
classification
matching
data transfer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310315236.XA
Other languages
Chinese (zh)
Other versions
CN104348716A (en
Inventor
易仁杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN201310315236.XA priority Critical patent/CN104348716B/en
Publication of CN104348716A publication Critical patent/CN104348716A/en
Application granted granted Critical
Publication of CN104348716B publication Critical patent/CN104348716B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of message processing method, applied to including in control device and the network of data transfer equipment based on OpenFlow agreements, this method includes:Data transfer equipment receives message;Data transfer equipment parses to the header of the message, obtains protocol information corresponding to the data field of the message carrying;Data transfer equipment determines that flow table corresponding to the message is classified according to the corresponding relation between protocol information and the flow table classification pre-established;Data transfer equipment searches the flow table item of matching in the classification of identified flow table, and the message is handled.The invention also discloses a kind of data transfer equipment.Flow table matching efficiency can be improved using the present invention.

Description

A kind of message processing method and equipment
Technical field
The present invention relates to network communication technology field, more particularly to a kind of message processing method and equipment.
Background technology
Openflow interchangers separate the message forwarding in conventional switch and forwarding strategy, using special one Platform control device(controller)It is connected by netting twine with interchanger.So originally with the message on a switch device Forwarding capability(Hardware chip is realized)With message forwarding strategy(Various software protocols)Just it has been separated into different hardware devices On.Basic Openflow networks include:The network controller of chain of command and the Openflow interchangers of forwarding surface, are referred to as respectively For control device and data transfer equipment.The method of forwarding data packets in Openflow networks is to carry out data using flow table Message forwards, and is specially:Control device by the Openflow protocol integrated test systems data transfer equipment of standardization and issue flow table to Data transfer equipment;Data transfer equipment receives and preserves flow table;When data transfer equipment receives the data message that network sends Afterwards, whether have the flow table item of matching, if so, then according to the action forwarding data packets in flow table item if checking in flow table;If no The flow table item of matching is found, then the header of data message is encapsulated as into Packet-in message issues control by escape way Control equipment, by control device come decision-making corelation behaviour.
In the prior art, the storage of flow table is very chaotic, when message carries out matching flow table, it is necessary to all flow table data Matched, influence the efficiency of forwarding.For a huge flow table data, after each message enters data transfer equipment, root All flow table items are traveled through according to priority ranking.If flow table data are too huge, the efficiency of algorithm will reduce very much.
The content of the invention
It is an object of the invention to provide a kind of message processing method and equipment, it is possible to increase flow table matching efficiency.
For achieving the above object, the invention provides a kind of message processing method, applied to including based on In the control device of OpenFlow agreements and the network of data transfer equipment, this method includes:
Data transfer equipment receives message;
Data transfer equipment parses to the header of the message, obtains the data field pair of the message carrying The protocol information answered;
Data transfer equipment determines the report according to the corresponding relation between protocol information and the flow table classification pre-established Flow table corresponding to text is classified;
Data transfer equipment searches the flow table item of matching in the classification of identified flow table, and the message is handled.
For achieving the above object, present invention also offers a kind of data transfer equipment, applied to including based on In the control device of OpenFlow agreements and the network of data transfer equipment;The equipment includes:
Receiving unit, for receiving message;
Resolution unit, for being parsed to the header of the message, obtain the data field of the message carrying Corresponding protocol information;
Corresponding relation determining unit, the corresponding relation between the protocol information pre-established for basis and flow table classification, Determine that flow table corresponding to the message is classified;
Matching unit, for searching the flow table item of matching in the classification of identified flow table, the message is handled.
In summary, data transfer equipment of the embodiment of the present invention receives message;Data transfer equipment is to the message Header is parsed, and obtains protocol information corresponding to the data field of the message carrying;Data transfer equipment is according to pre- Corresponding relation between protocol information and the flow table classification first established, determines that flow table corresponding to the message is classified;Data forwarding Equipment searches the flow table item of matching in the classification of identified flow table, and the message is handled.Due to being controlled in the present invention When equipment issues flow table, flow table is classified, when message matches flow table, it is not necessary to traveled through as prior art Matching, flow table matching directly is carried out in the classification of corresponding flow table, so substantially increasing flow table matching efficiency, optimizes flow table The mechanism such as generation, matching and management.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of message processing method of the embodiment of the present invention.
Fig. 2 is the schematic diagram that the present invention returns to flow table classification value according to the flow chart of Openflow protocol analysis messages.
Fig. 3 is multilevel flow table schematic diagram of the embodiment of the present invention.
Fig. 4 is the structural representation for the data transfer equipment for being applied to the above method in the specific embodiment of the invention.
Embodiment
For the objects, technical solutions and advantages of the present invention are more clearly understood, develop simultaneously embodiment referring to the drawings, right Scheme of the present invention is described in further detail.
The present invention core concept be:It is different to the packet parsing result of different agreement type for Openflow agreements, Matched flow table classification is devised, using the policy control ability of control device, by sorted multiple flow table issuances To data transfer equipment, when data transfer equipment carries out flow table matching to message, the result obtained according to packet parsing returns to stream Table sort value, matching flow table item is searched in the classification of corresponding flow table.Due to when control device issues flow table in the present invention, Flow table is classified, when message matches flow table, it is not necessary to traversal matching is carried out as prior art, is directly flowed accordingly Flow table matching is carried out in table sort, so substantially increasing flow table matching efficiency, optimizes the machines such as flow table generation, matching and management System.
The embodiments of the invention provide a kind of message processing method, applied to including control device and data transfer equipment In Openflow networks;Its schematic flow sheet is as shown in figure 1, this method includes:
Step 11, data transfer equipment receive message;
Step 12, data transfer equipment parse to the header of the message, obtain the number of the message carrying According to protocol information corresponding to field;
Wherein, when being parsed to header, frame type field in the Ethernet stem of the message and/or IP agreement field in IP stems, determine protocol information corresponding to the data field of the message carrying.
Protocol information specifically includes:Frame type field is ARP protocol;Frame type field is outside ARP protocol and IP agreement Other agreements;Non- IP fragmentation message and IP agreement field are UDP or Transmission Control Protocol;Non- IP fragmentation message and IP agreement field is ICMP agreements;Non- IP fragmentation message and IP agreement field are other agreements outside UDP, Transmission Control Protocol or ICMP agreements;Fragment message And IP agreement field is UDP, Transmission Control Protocol or ICMP agreements.
Step 13, data transfer equipment according to pre-establish protocol information and flow table classification between corresponding relation, really Flow table classification corresponding to the fixed message;
Step 14, data transfer equipment search the flow table item of matching in the classification of identified flow table, and the message is entered Row processing.
For the clear explanation present invention, embodiment is set forth below the above method is described in detail.Fig. 2 is basis of the present invention The flow chart of Openflow protocol analysis messages returns to the schematic diagram of flow table classification value.Wherein, Openflow protocol analysis message Process with it is existing identical.
The method that data transfer equipment is parsed to header according to Openflow agreements and returns to flow table classification value Including:
Step 21, parsing inbound port, source MAC and target MAC (Media Access Control) address and frame type field(Ethernet Type);
Step 22, judge whether frame type field is 0x8100, if it is, performing step 23, parsing virtual local area Net(VLAN)The information such as mark;
Step 24, judge whether frame type field is 0x0806, if it is, being address resolution protocol(ARP)Message, hold Row step 25, purpose IP and source IP are parsed, return to flow table classification value 01000, carry out flow table matching;If not, perform step 26;
Step 26, judge whether frame type field is 0x0800, if it is not, then being the Ethernet protocol report except ARP, IP Text, flow table classification value 10000 is returned to, carry out flow table matching;
If it is, being IP messages, perform step 27, parse purpose IP and source IP and service type(ToS)Field; Further perform step 28, judge whether it is IP fragmentation, if IP fragmentation, then return flow table classification value 00010 or 00011, carry out flow table matching;
Specifically, if transmission control protocol/UDP/internet control message protocol(TCP/UDP/ ICMP)Fragment message, then 00010 is returned to, if the fragment message of other IP protocol types, then return to 00011;
If not IP fragmentation, perform step 29, determine whether IP agreement field(IP Protocol)Whether be 6 or 17, it is if it is UDP/TCP messages, performs step 30, parses source port number and destination slogan, return to flow table classification value 00000, carry out flow table matching;
If not IP fragmentation, and IP agreement field is not 6 or 17, then performs step 31, determines whether IP agreement word Whether section is 1, if it is, being icmp packet, performs step 32, parses source port number and destination slogan, return to flow table Classification value 00001, carry out flow table matching;
If not IP fragmentation, and IP agreement field is not 1,6 or 17, then is the IP layer messages except TCP/UDP/ICMP, Flow table classification value 00011 is returned, carries out flow table matching.
Therefore, the result obtained according to the flow of above-mentioned analytic message, returning to flow table classification value has 6, so by flow table It is divided into 6 classes, one of above-mentioned 6 return values is corresponded to per a kind of flow table, stream is carried in the flow_class fields of each flow table Table sort value, every a kind of flow table is made a distinction.
It is to be based on existing Openflow agreements why according to the result of above-mentioned analytic message 6 kinds of flow table classification values of return It is different to the packet parsing result of different agreement type and design.The embodiment of the present invention passes through 5 bits(bit)To distinguish difference The message of protocol type is as shown in table 1.
Table 1
According to network communication protocol specification, message encapsulation include ethernet layer, Internet and transport layer etc., with 00 represent with The upper-layer protocol netted very much is IP agreement;Represent that the upper-layer protocol of Ethernet is ARP protocol with 01;With 10 upper stratas for representing Ethernet Agreement is except the layer protocol of other of IP and ARP three;All Ethernet protocols are represented with 11, i.e., two layers are all three layers of Ethernet Agreement;Represent that the upper-layer protocol of IP agreement is UDP/TCP agreements with 000;With 001 represent IP agreement upper-layer protocol be ICMP association View;With 010 fragment message for representing UDP/TCP/ICMP agreements;The upper-layer protocol of IP agreement is represented with 011 to remove ICMP/UDP/ TCP other four layer protocols;100 represent all IP layer protocols, i.e., three layers all four layer protocols for IP agreement.By by table 1 In Ethernet protocol flag bit and network layer protocol flag bit combine, just obtained above-mentioned 6 kinds of flow table classification values: 00000th, 00001,00010,00011,01000 and 10000.Pass through combination, still further it can be seen that, flow table classification value 00100 be present With 11000, both flow tables classification, higher level's flow table as above-mentioned 6 kinds of flow tables is described in detail again later.First by this 8 The sorting technique of kind flow table, is introduced in table 2.
Table 2
One flow table includes multiple flow table items, and each flow table item includes occurrence and action item.From table 2 it can be seen that root It is different with the content of action item according to the occurrence that the flow table item of the flow table of different types of protocol classification is included.That is, During the control device generation flow table of the present invention, illegal flow table is just excluded, according to different agreement, flow table is generated according to pre-defined rule.
In summary, control device generates flow table according to following rule:
For the message that frame type field is IP agreement, it could generate and IP agreement field and IP in flow table occurrence be present The flow table of the action of modification source IP address and/or purpose IP address be present in tos field, action item;
For the message that frame type field is IP agreement or ARP protocol, could generate in flow table occurrence with source IP being present Location and/or the flow table of purpose IP address field;
It is IP agreement for frame type field, and IP agreement field is the non-fragment message of TCP/UDP agreements, could be generated The flow table of modification source port number and/or destination slogan in action item be present;
It is IP agreement for frame type field, and IP agreement field is the non-fragment message of TCP/UDP/ICMP agreements, The flow table that source port number and/or destination slogan in flow table occurrence be present can be generated.
For example, the message that data transfer equipment receives is ARP messages, by parsing, the analysis result of acquisition is into end Slogan(Input_port)A, source and destination MAC Address(B1 and b2), frame type field(e_type)c(0x0806), source and mesh IP address(D1 and d2).It is noted herein that the parsing of message is carried out according to existing Openflow agreements, by It is three layer protocol messages being carried on Ethernet protocol in ARP messages, so the parsing to ARP messages only proceeds to Ethernet This layer, IP layers will not be resolved to, that is to say, that source port number and destination slogan will not be parsed.
Because the protocol type for parsing outgoing packet is ARP messages, i.e. frame type field is 0x0806, so the flow table returned Classification value is 01000, is classified so so as to find the flow table that corresponding flow table 01000, flow_class of classification fields are 01000 Define this kind of flow table:
Ethernet type are only capable of that for 0x0806, occurrence IP proto, IP ToS, source can not be included in occurrence Mouth and destination interface.Modification is not included in action item(modify)Source IP address, purpose IP address, IP ToS, source port and mesh Port.
After finding flow table classification, and then find matching flow table item, it is assumed that occurrence is Input_port=a, src_ Mac=b1, dst_mac=b2, e_type=c, src_ip=d1, dst_ip=d2 because in action item can not possibly as prior art that Sample, because flow table stores chaotic, appearance modification source port number and destination slogan, so after matching above-mentioned flow table item, can be suitable Profit is forwarded according to action item.Therefore, as prior art, there would not be the field of host-host protocol in action item (Source port number and destination slogan), cause data transfer equipment can not handle the forwarding of this message.
Further, the higher level's flow table for each flow table classification that data transfer equipment also receiving control apparatus issues and the higher level The information that flow table corresponding to flow table is classified, and the higher level's flow table received is stored in corresponding higher level's flow table classification.
Then all flow tables that data transfer equipment issues control device are pre-set according to depth-first matching principle Level relation between flow table classification, establishes multilevel flow table, and the matching depth of next stage flow table is higher than the matching of upper level flow table Depth;When not finding matching flow table item in the classification of corresponding flow table, matching flow table item is searched in upper level flow table, directly To when matching flow table item, or flow table item is not matched yet in most upper level flow table, the message up sending received is controlled Equipment is handled.Here, it is more than second table sort in the flow table occurrence of first-class table sort, and includes the second flow table During all flow table occurrences of classification, first-class table sort is subordinate's flow table of second table sort, and second table sort is For higher level's flow table of first-class table sort.
The classification of 00100 and 11000 the two flow tables is that control device actively issues, as the classification of above-mentioned 6 kinds of flow tables Higher level's flow table.The classification of above-mentioned 6 kinds of flow tables is triggered by message, that is, the message for first entering into data transfer equipment is not found During with flow table item, by the message up sending control device, control device parses to message, then issues with respective streams table sort The flow table of value.
Multilevel flow table schematic diagram is as shown in Figure 3.00000th, 00001,00010 and 00011 be 00100 next stage flow table, 00100 is 11000 next stage flow table;Simultaneously 01000 and 10000 be all 11000 next stage flow table.
Because being established between multilevel flow table according to depth-first matching principle, institute's one level below flow table is compared to upper level stream The content that table, occurrence and action item include is more, that is to say, that and as the flow table of minimum one-level, it must be most long matching, It is most thin to match granularity.So, after data transfer equipment receives message, message is parsed according to Openflow agreements, and According to the result after parsing, the flow table classification of corresponding minimum one-level is found, is not found when in the classification of corresponding flow table When matching flow table item, matching flow table item is searched in upper level flow table, until matching flow table item;If in most upper level flow table In do not match flow table item, then the message up sending control device received is handled.
Embodiment one:
The frame type field of IPv6 protocol massages is 0x86DD, IP proto be 41, IPv6 messages after parsing, return Value be 10000, search the flow table item of matching in the classification of corresponding flow table.
Because in flow table classification corresponding to 10000, the occurrence frame type field of each flow table item is only capable of to remove Other of 0x0806 and 0x0800 Ethernet protocol number.Assuming that in flow table classification corresponding to 10000, frame class is not present in occurrence Type-word section is 0x86DD fields, and data transfer equipment can not just find the flow table item of matching in corresponding flow table classification 10000. And then data transfer equipment points to 10000 upper level flow table classification 11000.Why using 11000 as 10000 upper level Flow table, be because 11000 matching granularity it is more relatively crude, corresponding to 11000 flow table classification in, the matching of each flow table item Item does not include frame type field field, source IP address, purpose IP address, IP proto, IP ToS, source port and destination interface. Modify source IP address, purpose IP address, IP ToS, source port and destination interface are not included in action item.Due to frame type Field and IP agreement field are all not construed as limiting, so matching relatively small number of item can realizes forwarding.
Moreover, in flow table classification corresponding to 11000, occurrence includes source MAC and target MAC (Media Access Control) address, action item Include forwarding or dropping packets action etc..So 11000 flow tables that control device is issued are classified, the access of corresponding Ethernet Control list(ACL)Or service quality(QoS)Regulation and control.That is, in the case where data transfer equipment receives control device Corresponding to the higher level's flow table and higher level's flow table of each flow table classification of hair during the information of flow table classification, higher level's flow table is sentenced It is disconnected, when in subordinate's flow table classification of higher level's flow table classification there is the flow table occurrence with higher level's flow table to match, and with this The unmatched flow table of flow table action item of higher level's flow table, then delete subordinate's flow table.
For example, the first situation:Assuming that in flow table classification corresponding to 10000, occurrence is in the absence of frame type field 0x86DD fields, data transfer equipment can not just find the flow table item of matching in corresponding flow table classification 10000, when IPv6 is reported Text matches flow table corresponding to 11000 and classified, and then the flow table item of matching is searched in the classification of 11000 flow tables, is matching source After MAC Address and target MAC (Media Access Control) address, forwarding or the action of dropping packets are performed.
Second of situation:Assuming that in flow table classification corresponding to 10000, source MAC src_mac=c1 of occurrence, mesh MAC Address dst_mac=c2, action item for abandon;Simultaneously in flow table classification corresponding to 11000, the source MAC of occurrence Location src_mac=c1, target MAC (Media Access Control) address dst_mac=c2, action item are forwarding.Then data transfer equipment is receiving 11000 pairs During the flow table answered, flow table corresponding to 10000 will be deleted.IPv6 messages will directly match flow table corresponding to 11000 point Class, and then the flow table item of matching is searched in the classification of 11000 flow tables, after source MAC and target MAC (Media Access Control) address is matched, hold The action that row E-Packets, so as to realize the ACL of Ethernet or QoS regulation and control.
Embodiment two
The frame type field of ICMP protocol massages is 0x0800, and IP proto are 1, and icmp packet returns after parsing Value be 00001, search the flow table item of matching in the classification of corresponding flow table.
If not finding the flow table item of matching, and then 00001 upper level flow table classification 00100 is pointed to, at 00100 pair The flow table item of matching is searched in the flow table classification answered.
If again without the flow table item for finding matching, and then pointing to 00100 upper level flow table classification 11000, The flow table item of matching is searched in flow table classification corresponding to 11000.
If still not finding the flow table item of matching, will be handled control device is sent on icmp packet.
Moreover, corresponding to 00100 flow table classification in, occurrence does not include IP Proto fields, comprising source IP address with Purpose IP address, action item include forwarding or dropping packets action etc..So 00100 flow table that control device is issued point Class, the ACL or QoS of corresponding IP layers regulation and control.That is, receive each stream that control device issues in data transfer equipment During the information that flow table corresponding to higher level's flow table of table sort and higher level's flow table is classified, higher level's flow table is judged, when this In the subordinate flow table classification of higher level's flow table classification there is the flow table occurrence with higher level's flow table to match, and with higher level's flow table The unmatched flow table of flow table action item, then delete subordinate's flow table.
For example, the first situation:Data transfer equipment can not find the flow table of matching in corresponding flow table classification 00001 , classify when icmp packet matches flow table corresponding to 00100, and then the flow table item of matching is searched in the classification of 00100 flow table, After source IP address and purpose IP address is matched, forwarding or the action of dropping packets are performed.
Second of situation:Assuming that in flow table classification corresponding to 00001, the frame type field of occurrence is 0x0800, source IP address src_ip=p1, purpose IP address dst_ip=p2, action item are forwarding;Simultaneously in flow table classification corresponding to 00100, The frame type field of occurrence is 0x0800, source IP address src_ip=p1, purpose IP address dst_ip=p2, and action item is to lose Abandon.Then data transfer equipment will delete flow table corresponding to 00001 when receiving flow table corresponding to 00100.Icmp packet Flow table will directly be matched corresponding to 00100 to classify, and then the flow table item of matching is searched in the classification of 00100 flow table, After being fitted on source IP address and purpose IP address, the action of dropping packets is performed, so as to realize the ACL of IP layers or QoS regulation and control.
It should be noted that the embodiment of the present invention flow table classification, be based on existing Openflow agreements, when When the flow of Openflow protocol analysis messages changes, flow table classification also changes therewith.Existing Openflow agreements pair Ipv6 messages are not parse source IP and purpose IP, if Openflow agreements are subsequently expanded, source is carried out to IPv6 agreements IP and purpose IP parsing, then, the method according to the invention can carries out source IP and purpose IP parsing in IPv6 agreements Afterwards, a flow table classification value is returned.Because Ethernet protocol of embodiment of the present invention flag bit represents four kinds of situations with 2bit, if After adding the analysis result for IPv6 agreements, it is necessary to increase Ethernet protocol flag bit, it is this to meet to add Analysis result, that is to say, that Ethernet flag bit can be made a distinction with 3bit or more bits.In the same way, except this hair Bright specific implementation exception, can increase Ethernet protocol flag bit or IP layer protocol flag bits, thus can be In the case of Openflow protocol extensions, matching and the operating function of more multi-field are completed.
Message processing method of the present invention, following benefit can be brought:
First, flow table matching efficiency is improved;
2nd, the flow table database that data transfer equipment preserves is more orderly;
3rd, flow table classification can be flexibly updated according to the extension of Openflow agreements.
Based on same inventive concept, the present invention also proposes a kind of data transfer equipment, applied to including based on In the control device of OpenFlow agreements and the network of data transfer equipment;Referring to Fig. 4, Fig. 4 is in the specific embodiment of the invention Structural representation applied to the data transfer equipment of the above method.The data transfer equipment includes:
Receiving unit 401, for receiving message;
Resolution unit 402, for being parsed to the header of the message, obtain the data word of the message carrying Protocol information corresponding to section;
Corresponding relation determining unit 403, for the corresponding pass between being classified according to the protocol information pre-established with flow table System, determine that flow table corresponding to the message is classified;
Matching unit 404, for searching the flow table item of matching in the classification of identified flow table, at the message Reason.
The equipment also establishes unit 405 including multilevel flow table;
The multilevel flow table establishes unit, for pre-setting the level relation between flow table classification, wherein, next stage stream The matching depth of table sort is more than the matching depth of upper level flow table classification;
The matching unit 404, for when corresponding to the message flow table classification in do not find matching flow table item when, Matching flow table item is further searched in upper level flow table, until flow table item is matched, or in most upper level flow table not yet When matching flow table item, the message up sending control device received is handled.
The receiving unit 401, it is additionally operable to receiving control apparatus and generates and issue the flow table and the stream for the message The information of flow table classification belonging to table, and the flow table received is stored in corresponding flow table classification.
The receiving unit 401, it is additionally operable to higher level's flow table and the higher level of each flow table classification that receiving control apparatus issues The information that flow table corresponding to flow table is classified, and the higher level's flow table received is stored in corresponding higher level's flow table classification;
The equipment also includes judging control unit 406, for judging higher level's flow table, when higher level's flow table point In subordinate's flow table classification of class there is the flow table occurrence with higher level's flow table to match, and acted with the flow table of higher level's flow table The unmatched flow table of item, then delete subordinate's flow table.
In summary, in the specific embodiment of the invention, control device is triggered by message and issues flow table classification, the flow table point Class is different to the packet parsing result of different agreement type according to Openflow agreements and design, and such message passes through data After forwarding unit, the message of respective classes is parsed, returns to corresponding flow table classification value, this value and flow_class in flow table Value in field is corresponding, can thus improve flow table recall precision, it is not necessary to traversal matching is carried out as prior art. Further, control device also actively issues higher level's flow table of sorted multiple flow tables, and the matching depth of next stage flow table is high In the matching depth of upper level flow table;When not finding matching flow table item in the classification of corresponding flow table, in upper level flow table It is middle to search matching flow table item, until matching flow table item.By the management of multilevel flow table, the flow table for preserving data transfer equipment Database is more orderly.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention.It is all Within the spirit and principles in the present invention, any modification, equivalent substitution and improvements made etc., the protection of the present invention should be included in Within the scope of.

Claims (9)

  1. A kind of 1. message processing method, applied to including control device and the net of data transfer equipment based on OpenFlow agreements In network, it is characterised in that this method includes:
    Data transfer equipment receives message;
    Data transfer equipment parses to the header of the message, corresponding to the data field for obtaining the message carrying Protocol information;
    Data transfer equipment determines the message pair according to the corresponding relation between protocol information and the flow table classification pre-established The flow table classification answered;
    Data transfer equipment searches the flow table item of matching in the classification of identified flow table, and the message is handled;
    This method further comprises:
    The level relation between flow table classification is pre-set, wherein, the matching depth of next stage flow table classification is more than upper level stream The matching depth of table sort;
    When not finding matching flow table item in flow table classification corresponding to the message, further searched in upper level flow table Flow table item is matched, when matching flow table item, or flow table item is not matched yet in most upper level flow table, by what is received Message up sending control device is handled.
  2. 2. the method as described in claim 1, it is characterised in that after by the message up sending control device, methods described is also Including:
    Data transfer equipment receiving control apparatus is generated and issued for the flow table belonging to the flow table and the flow table of the message point The information of class, and the flow table received is stored in corresponding flow table classification.
  3. 3. method as claimed in claim 2, it is characterised in that
    The higher level's flow table and higher level's flow table for each flow table classification that the data transfer equipment also receiving control apparatus issues are corresponding Flow table classification information, and by the higher level's flow table received be stored in corresponding in the classification of higher level flow table;
    The data transfer equipment judges higher level's flow table have when in subordinate's flow table classification of higher level's flow table classification Match with the flow table occurrence of higher level's flow table, and with the unmatched flow table of flow table action item of higher level's flow table, then delete Subordinate's flow table.
  4. 4. the method as described in claim 1, it is characterised in that the data transfer equipment further according to the message with The IP agreement field in frame type field and/or IP stems too in net stem, determine the data field pair of the message carrying The protocol information answered.
  5. 5. method as claimed in claim 4, it is characterised in that the protocol information specifically includes:Frame type field is assisted for ARP View;Frame type field is other agreements outside ARP protocol and IP agreement;Non- IP fragmentation message and IP agreement field are UDP or TCP Agreement;Non- IP fragmentation message and IP agreement field are ICMP agreements;Non- IP fragmentation message and IP agreement field are UDP, Transmission Control Protocol Or other agreements outside ICMP agreements;Fragment message and IP agreement field are UDP, Transmission Control Protocol or ICMP agreements.
  6. 6. method as claimed in claim 5, it is characterised in that the data transfer equipment further receives the control device According to the flow table of following rule generation:
    For the message that frame type field is IP agreement, it could generate and IP agreement field and IP ToS words in flow table occurrence be present The flow table of the action of modification source IP address and/or purpose IP address be present in section, action item;
    For the message that frame type field is IP agreement or ARP protocol, could generate exist in flow table occurrence source IP address with/ Or the flow table of purpose IP address field;
    It is IP agreement for frame type field, and IP agreement field is the non-fragment message of TCP/UDP agreements, could generation action The flow table of modification source port number and/or destination slogan in be present;
    It is IP agreement for frame type field, and IP agreement field is the non-fragment message of TCP/UDP/ICMP agreements, Cai Nengsheng The flow table of source port number and/or destination slogan into flow table occurrence be present.
  7. A kind of 7. data transfer equipment, applied to including control device and the net of data transfer equipment based on OpenFlow agreements In network;The equipment includes:
    Receiving unit, for receiving message;
    Resolution unit, for being parsed to the header of the message, the data field for obtaining the message carrying is corresponding Protocol information;
    Corresponding relation determining unit, for the corresponding relation between being classified according to the protocol information and flow table that pre-establish, it is determined that Flow table corresponding to the message is classified;
    Matching unit, for searching the flow table item of matching in the classification of identified flow table, the message is handled;
    The equipment also establishes unit including multilevel flow table;
    The multilevel flow table establishes unit, for pre-setting the level relation between flow table classification, wherein, next stage flow table point The matching depth of class is more than the matching depth of upper level flow table classification;
    The matching unit, for when corresponding to the message flow table classification in do not find matching flow table item when, further Matching flow table item is searched in upper level flow table, until matching flow table item, or is not matched yet in most upper level flow table During flow table item, the message up sending control device received is handled.
  8. 8. equipment as claimed in claim 7, it is characterised in that the receiving unit, be additionally operable to receiving control apparatus generation simultaneously The information of the flow table classification belonging to the flow table and the flow table for the message is issued, and the flow table received is stored in correspondingly Flow table classification in.
  9. 9. equipment as claimed in claim 8, it is characterised in that the receiving unit, be additionally operable to what receiving control apparatus issued The information of flow table classification corresponding to the higher level's flow table and higher level's flow table of each flow table classification, and the higher level's flow table received is preserved In the classification of corresponding higher level's flow table;
    The equipment also includes judging control unit, for judging higher level's flow table, when under higher level's flow table classification Have in level flow table classification and match with the flow table occurrence of higher level's flow table, and with the flow table action item of higher level's flow table not The flow table matched somebody with somebody, then delete subordinate's flow table.
CN201310315236.XA 2013-07-23 2013-07-23 A kind of message processing method and equipment Active CN104348716B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310315236.XA CN104348716B (en) 2013-07-23 2013-07-23 A kind of message processing method and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310315236.XA CN104348716B (en) 2013-07-23 2013-07-23 A kind of message processing method and equipment

Publications (2)

Publication Number Publication Date
CN104348716A CN104348716A (en) 2015-02-11
CN104348716B true CN104348716B (en) 2018-03-23

Family

ID=52503568

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310315236.XA Active CN104348716B (en) 2013-07-23 2013-07-23 A kind of message processing method and equipment

Country Status (1)

Country Link
CN (1) CN104348716B (en)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107431658A (en) * 2015-03-24 2017-12-01 日本电气株式会社 Communication system, control device, control method and program
CN104821923A (en) * 2015-05-15 2015-08-05 杭州华三通信技术有限公司 Method and device for transmitting upper-supply controller protocol message in SDN network
CN106453144B (en) * 2015-08-10 2020-01-31 华为技术有限公司 Message processing method and device in software defined network
CN107210973B (en) * 2015-08-12 2020-09-29 华为技术有限公司 Message processing method, device and system
CN105515995B (en) * 2015-12-01 2018-09-21 华为技术有限公司 Message processing method and device
CN105553851A (en) * 2015-12-10 2016-05-04 中国电子科技集团公司第三十二研究所 SDN-based network processor microcode and flow table implementation device and method
CN107124362B (en) * 2016-02-24 2019-12-20 中移(苏州)软件技术有限公司 Flow table storage optimization method and device based on sub-flow table segmentation
CN105959222A (en) * 2016-04-25 2016-09-21 上海斐讯数据通信技术有限公司 Message forwarding method, route nodes, and software defined network
CN107666429B (en) * 2016-07-29 2020-12-18 平安科技(深圳)有限公司 Switch logic deployment method and terminal in Overlay network
CN106357535A (en) * 2016-08-29 2017-01-25 广州西麦科技股份有限公司 Issuing method, system and controller of SDN flow table
CN107070693B (en) * 2017-01-12 2019-10-11 烽火通信科技股份有限公司 The method and device of rapid configuration POTN business based on OpenFlow flow table
CN107147578B (en) * 2017-03-27 2021-01-15 联想(北京)有限公司 Information processing method and electronic equipment
CN109428792B (en) * 2017-08-29 2021-12-14 中兴通讯股份有限公司 Method, device and equipment for user broadband access processing
CN109672594B (en) * 2017-10-13 2021-12-03 中国电信股份有限公司 IPoE message processing method and device and broadband remote access server
CN108055202B (en) * 2017-12-07 2020-11-20 锐捷网络股份有限公司 Message processing equipment and method
CN113542125B (en) 2018-03-31 2022-11-25 华为技术有限公司 Method and device for forwarding message based on integrated flow table
CN109005120B (en) * 2018-10-31 2020-11-06 新华三技术有限公司 Message processing method and network equipment
CN111182085B (en) * 2018-11-12 2022-06-28 中移(杭州)信息技术有限公司 Method, system, device and storage medium for controlling message forwarding based on multi-level flow table
CN109600318B (en) * 2018-11-29 2022-07-12 新华三技术有限公司合肥分公司 Method for monitoring application program in SDN and SDN controller
CN110852391A (en) * 2019-11-13 2020-02-28 中国人民解放军91977部队 Ethernet message classification method and device based on multiple classifiers
CN111131320B (en) * 2019-12-31 2022-06-14 奇安信科技集团股份有限公司 Asset identification method, device, system and medium
CN111353018B (en) * 2020-02-24 2023-11-10 杭州迪普信息技术有限公司 Data processing method and device based on deep packet inspection and network equipment
CN113765857B (en) * 2020-06-04 2022-10-25 华为技术有限公司 Message forwarding method, device, device and storage medium
CN112491710B (en) * 2020-11-09 2023-06-23 锐捷网络股份有限公司 Message forwarding method and device based on Openflow
CN112511438B (en) * 2020-11-19 2022-12-13 锐捷网络股份有限公司 Method and device for forwarding message by using flow table and computer equipment
CN112787847A (en) * 2020-12-24 2021-05-11 凌云天博光电科技股份有限公司 Method and device for rapidly processing large number of Trap based on network management system EPON
CN114390120B (en) * 2022-01-04 2023-06-09 烽火通信科技股份有限公司 Method and device for processing protocol frames
CN114356418B (en) * 2022-03-10 2022-08-05 之江实验室 A smart meter controller and control method
CN116055586B (en) * 2022-08-15 2023-09-01 荣耀终端有限公司 Fragment message matching method, router and storage medium
CN116684358B (en) * 2023-07-31 2023-12-12 之江实验室 Flow table management system and method for programmable network element equipment
CN117354398A (en) * 2023-10-13 2024-01-05 南京鼎华智能系统有限公司 Communication message identification system and communication message identification method
CN117768400A (en) * 2023-11-29 2024-03-26 中科驭数(北京)科技有限公司 Message classification method, system, device, special data processor and storage medium
CN117439953B (en) * 2023-12-20 2024-03-26 珠海星云智联科技有限公司 Equivalent cost multi-path selection system, method, equipment, cluster and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102685006A (en) * 2012-05-03 2012-09-19 中兴通讯股份有限公司 Method and device for forwarding data messages
CN102769576A (en) * 2012-08-17 2012-11-07 北京傲天动联技术有限公司 Flow table self learning method, message transferring method and switch board
CN102957603A (en) * 2012-11-09 2013-03-06 盛科网络(苏州)有限公司 Multilevel flow table-based Openflow message forwarding method and system
WO2013059991A1 (en) * 2011-10-25 2013-05-02 华为技术有限公司 Data message processing method and system, message forwarding device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100459574C (en) * 2005-09-19 2009-02-04 北京大学 Network flow classifying, state tracking and message processing device and method
US8804747B2 (en) * 2010-09-23 2014-08-12 Cisco Technology, Inc. Network interface controller for virtual and distributed services

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013059991A1 (en) * 2011-10-25 2013-05-02 华为技术有限公司 Data message processing method and system, message forwarding device
CN102685006A (en) * 2012-05-03 2012-09-19 中兴通讯股份有限公司 Method and device for forwarding data messages
CN102769576A (en) * 2012-08-17 2012-11-07 北京傲天动联技术有限公司 Flow table self learning method, message transferring method and switch board
CN102957603A (en) * 2012-11-09 2013-03-06 盛科网络(苏州)有限公司 Multilevel flow table-based Openflow message forwarding method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《OpenFlow Switch Specification》;Openflow Consortium;《OpenFlow Switch Specification Version 1.1.0 Implemented》;20110228;第4.3-4.4节、figure3-4、table3-4 *

Also Published As

Publication number Publication date
CN104348716A (en) 2015-02-11

Similar Documents

Publication Publication Date Title
CN104348716B (en) A kind of message processing method and equipment
CN101247308B (en) Tunnel packet processing method for implementing IPv6 traversing IPv4 based on network processor
US7289498B2 (en) Classifying and distributing traffic at a network node
CN104580027B (en) A kind of OpenFlow message forwarding methods and equipment
US10069764B2 (en) Ruled-based network traffic interception and distribution scheme
US8767757B1 (en) Packet forwarding system and method using patricia trie configured hardware
CN104243315B (en) Device and method for uniquely enumerating the path in analytic tree
US10778721B1 (en) Hash-based ACL lookup offload
CN104320304B (en) A kind of core network user flow application recognition methods of the multimode fusion easily extended
US10708272B1 (en) Optimized hash-based ACL lookup offload
CN104579940B (en) Search the method and device of accesses control list
US9313131B2 (en) Hardware implemented ethernet multiple tuple filter system and method
CN102577273B (en) Iterative parsing and classification
US20130294449A1 (en) Efficient application recognition in network traffic
US20210051114A1 (en) Timestamp-based packet switching using a trie data structure
CN101645851B (en) Recombination method for IP fragment messages and device thereof
CN105429879B (en) Flow entry querying method, equipment and system
CN102014065A (en) Method for analyzing packet headers, header analysis preprocessing device and network processor
CN1972240A (en) Fast package filter processing method and its apparatus
CN105515995B (en) Message processing method and device
US11552887B2 (en) System and method of processing packet classification with range sets
US10205658B1 (en) Reducing size of policy databases using bidirectional rules
CN105025029B (en) OLT device dynamic ACL generation method and data package processing method
CN111950000A (en) Access access control method and device
CN104753726B (en) A kind of Audit control method and system of serial data stream

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Applicant after: Xinhua three Technology Co., Ltd.

Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base

Applicant before: Huasan Communication Technology Co., Ltd.

GR01 Patent grant
GR01 Patent grant