[go: up one dir, main page]

CN110011941B - Message forwarding method and device - Google Patents

Message forwarding method and device Download PDF

Info

Publication number
CN110011941B
CN110011941B CN201910202564.6A CN201910202564A CN110011941B CN 110011941 B CN110011941 B CN 110011941B CN 201910202564 A CN201910202564 A CN 201910202564A CN 110011941 B CN110011941 B CN 110011941B
Authority
CN
China
Prior art keywords
interface
service
multicast
data message
mother board
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910202564.6A
Other languages
Chinese (zh)
Other versions
CN110011941A (en
Inventor
王佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Security Technologies Co Ltd
Original Assignee
New H3C Security Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Security Technologies Co Ltd filed Critical New H3C Security Technologies Co Ltd
Priority to CN201910202564.6A priority Critical patent/CN110011941B/en
Publication of CN110011941A publication Critical patent/CN110011941A/en
Application granted granted Critical
Publication of CN110011941B publication Critical patent/CN110011941B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/10Packet switching elements characterised by the switching fabric construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/25Routing or path finding in a switch fabric
    • H04L49/253Routing or path finding in a switch fabric using establishment or release of connections between ports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a message forwarding method and equipment, wherein the method is applied to network equipment, the equipment comprises an interface mother board, at least one service daughter card and at least one interface daughter card, and the service daughter card and the interface daughter card are inserted into the interface mother board; the interface daughter card receives the data message and transmits the data message to the interface mother board; and the interface mother board matches the service identification corresponding to the data message in a preset flow guiding rule and forwards the data message to the service daughter card corresponding to the service identification. The method and the device only send the message to the service daughter card through the interface mother board and do not transmit through the switching network board, so that the transmission path is shortened, the transmission efficiency is improved, and the possibility of packet loss and packet error in the transmission process is reduced. Even if packet loss and packet error occur, the problem port is easy to locate and maintain. The network equipment does not need to pass through a switching network board, does not occupy the bandwidth from the interface motherboard to the switching network board, and is not limited by the bandwidth from the interface motherboard to the switching network board, so that the service flow which can be processed by the network equipment is larger.

Description

Message forwarding method and device
Technical Field
The present application relates to network communication technologies, and in particular, to a method and device for forwarding a packet.
Background
At present, a card-in-card manner is usually adopted in a distributed firewall device, that is, a switch network board is connected with an interface motherboard, and a service daughter card and an interface daughter card are plugged in the interface motherboard. The interface daughter card is used for receiving and sending messages, the switching network board is used for switching the messages to other board cards, and the service daughter card is used for processing the messages.
In the related art, after receiving a message, an interface daughter card sends the message to a switch network board through a connection port between the interface daughter card and an interface mother board and a connection port between the interface mother board and the switch network board in sequence. The switching network board sequentially passes through a connection port between the switching network board and the interface mother board and a connection port between the interface mother board and the service daughter card, the message is forwarded to the service daughter card, and the message is processed by the service daughter card.
In the related art, the message can be finally forwarded to the service daughter card through the switch network board, and the message forwarding path is too long, which increases the probability of packet loss and packet error and reduces the forwarding efficiency. And the bandwidth from the interface motherboard to the switching network board can limit the number of messages that can be processed by the distributed firewall device.
Disclosure of Invention
In order to solve the above problems, the present application provides a method and an apparatus for forwarding a message, where the message forwarding is implemented inside an interface motherboard, the message does not need to be forwarded through a switching network board, a forwarding path is shortened, the forwarding efficiency is high, and the method and the apparatus are not limited by a bandwidth from the interface motherboard to the switching network board. The present application solves the above problems by the following aspects.
In a first aspect, an embodiment of the present application provides a message forwarding method, where the method is applied to a network device, where the network device includes an interface motherboard, at least one service daughter card, and at least one interface daughter card, and both the service daughter card and the interface daughter card are plugged in the interface motherboard, and the method includes:
the interface daughter card receives a data message and transmits the data message to the interface mother board;
the interface motherboard matches the service identifier corresponding to the data message in a preset flow guiding rule;
and the interface mother board forwards the data message to the service daughter card corresponding to the service identifier.
With reference to the first aspect, an embodiment of the present application provides a first possible implementation manner of the first aspect, where the forwarding, by the interface motherboard, the data packet to the service daughter card corresponding to the service identifier includes:
the interface motherboard acquires a corresponding port number from the corresponding relation between the service identifier and the port number according to the service identifier;
and the interface mother board forwards the data message to the service daughter card corresponding to the service identifier from the output port corresponding to the port number.
With reference to the first aspect, an embodiment of the present application provides a second possible implementation manner of the first aspect, where the matching, by the interface motherboard, the service identifier corresponding to the data packet in a preset drainage rule includes:
the interface motherboard performs hash operation on quintuple information included in the data message to obtain a hash value corresponding to the data message;
and the interface motherboard acquires the service identifier corresponding to the data message from the corresponding relation between the service identifier and the message hash value included in the preset flow guiding rule according to the hash value.
In a second aspect, an embodiment of the present application provides a packet forwarding method, where the method is applied to a network device, where the network device includes a service motherboard and a service standby board, the service motherboard includes a first interface motherboard, a main service daughter card and a first interface daughter card that are plugged in the first interface motherboard, the service standby board includes a second interface motherboard, a standby service daughter card and a second interface daughter card that are plugged in the second interface motherboard, and the first interface daughter card is connected to the second interface daughter card through a stacking interface, where the method includes:
the first interface daughter card receives a data message and transmits the data message to the first interface mother board;
when the main service sub card normally operates, the first interface mother board matches a multicast main output port corresponding to the data message in a first flow guiding rule stored by the first interface mother board, and forwards the data message to the main service sub card from the multicast main output port;
when the main service sub card fails, the first interface mother board sends the data message to the second interface sub card through the first interface sub card;
and the second interface mother board receives the data message sent by the second interface daughter card, matches a multicast standby output port corresponding to the data message in a second drainage rule stored by the second interface mother board, and forwards the data message to the standby service daughter card from the multicast standby output port.
With reference to the second aspect, an embodiment of the present application provides a first possible implementation manner of the second aspect, where the first interface motherboard matches, in a first drainage rule stored in the first interface motherboard, a multicast master egress port corresponding to the data packet, and forwards the data packet from the multicast master egress port to the main service daughter card, including:
the first interface mother board determines a multicast main table corresponding to the data message according to the data message and a first drainage rule stored by the first interface mother board;
the first interface mother board obtains a main port number corresponding to the data message from the multicast main table;
and the first interface mother board forwards the data message to the main service daughter card through a multicast main output port corresponding to the main port number.
With reference to the second aspect, an embodiment of the present application provides a second possible implementation manner of the second aspect, where the sending, by the first interface motherboard, the data packet to the second interface daughter card through the first interface daughter card includes:
the first interface mother board modifies the main port number included in the multicast main table stored by the first interface mother board into the identifier of the stacking port;
the first interface mother board determines a multicast main table corresponding to the data message according to the data message and a first drainage rule stored by the first interface mother board;
the first interface mother board obtains the identifier of the stacking port from the multicast master table, and sends the data message and the identifier of the stacking port to the first interface daughter card;
and the first interface sub card sends the data message to the second interface sub card through the stacking port according to the identifier of the stacking port.
With reference to the second aspect, an embodiment of the present application provides a third possible implementation manner of the second aspect, where the matching, by the second interface motherboard, of the second drainage rule stored in the second interface motherboard with the multicast standby output port corresponding to the data packet, and forwarding the data packet from the multicast standby output port to the standby service daughter card includes:
the second interface mother board determines a multicast standby table corresponding to the data message according to the data message and a second drainage rule stored by the second interface mother board;
the second interface mother board obtains the standby port number corresponding to the data message from the multicast standby table;
and the second interface mother board forwards the data message to the standby service daughter card through the multicast standby output port corresponding to the standby port number.
With reference to the second possible implementation manner of the second aspect, an embodiment of the present application provides a fourth possible implementation manner of the second aspect, where the method further includes:
when the main service sub-card returns to normal operation, the first interface mother board modifies the identifier of the stacking port included in the multicast main table into a main port number corresponding to the multicast main output port.
With reference to the second aspect, an embodiment of the present application provides a fifth possible implementation manner of the second aspect, where the service main board further includes a first main control board, the service standby board further includes a second main control board, and the method further includes:
the first main control board distributes a multicast main table and a first flow guiding rule and sends the multicast main table and the first flow guiding rule to the first interface mother board;
and the second main control board distributes a multicast standby list and a second flow guiding rule and sends the multicast standby list and the second flow guiding rule to the second interface mother board.
With reference to the second aspect, an embodiment of the present application provides a sixth possible implementation manner of the second aspect, where the method further includes:
the second interface daughter card receives the data message and transmits the data message to the second interface mother board;
when the standby service daughter card normally operates, the second interface mother board matches a multicast standby output port corresponding to the data message in a second drainage rule stored in the second interface mother board, and forwards the data message to the standby service daughter card from the multicast standby output port;
when the standby service sub-card fails, the second interface mother board sends the data message to the first interface sub-card through the second interface sub-card; the first interface mother board receives the data message sent by the first interface daughter card, matches a multicast main output port corresponding to the data message in a first flow guiding rule stored by the first interface mother board, and forwards the data message to the main service daughter card from the multicast main output port.
In a third aspect, an embodiment of the present application provides a network device, where the network device includes an interface motherboard, at least one service daughter card, and at least one interface daughter card, where the service daughter card and the interface daughter card are both plugged into the interface motherboard, and the network device includes:
the interface daughter card is used for receiving data messages and transmitting the data messages to the interface mother board;
the interface motherboard is used for matching the service identifier corresponding to the data message in a preset flow guiding rule; and forwarding the data message to a service daughter card corresponding to the service identifier.
With reference to the third aspect, an embodiment of the present application provides a first possible implementation manner of the third aspect, where the interface motherboard is configured to obtain, according to the service identifier, a corresponding port number from a correspondence between the service identifier and the port number; and forwarding the data message to a service daughter card corresponding to the service identifier from an output port corresponding to the port number.
In a fourth aspect, an embodiment of the present application provides a network device, where the network device includes a service motherboard and a service standby board, where the service motherboard includes a first interface motherboard, a main service daughter card and a first interface daughter card that are plugged in the first interface motherboard, the service standby board includes a second interface motherboard, a standby service daughter card and a second interface daughter card that are plugged in the second interface motherboard, and the first interface daughter card and the second interface daughter card are connected through a stacking interface, including:
the first interface daughter card is used for receiving a data message and transmitting the data message to the first interface mother board;
the first interface mother board is used for matching a multicast main output port corresponding to the data message in a first drainage rule stored by the first interface mother board when the main service daughter card normally operates, and forwarding the data message to the main service daughter card from the multicast main output port; and the data message is sent to the second interface sub card through the first interface sub card when the main service sub card fails;
the second interface mother board is configured to receive the data packet sent by the second interface daughter card, match a multicast standby output port corresponding to the data packet in a second drainage rule stored in the second interface mother board, and forward the data packet to the standby service daughter card from the multicast standby output port.
With reference to the fourth aspect, an embodiment of the present application provides a first possible implementation manner of the fourth aspect, where the first interface motherboard is configured to determine, according to the data packet and a first drainage rule stored in the first interface motherboard, a multicast master table corresponding to the data packet; acquiring a main port number corresponding to the data message from the multicast main table; and forwarding the data message to the main service sub card through a multicast main output port corresponding to the main port number.
With reference to the fourth aspect, an embodiment of the present application provides a second possible implementation manner of the fourth aspect, where the first interface motherboard is configured to modify a main port number included in a multicast main table stored in the first interface motherboard into an identifier of the stack port; determining a multicast main table corresponding to the data message according to the data message and a first drainage rule stored in the data message; acquiring the identifier of the stacking port from the multicast master table, and sending the data message and the identifier of the stacking port to the first interface sub card;
and the first interface sub card is used for sending the data message to the second interface sub card through the stacking port according to the identifier of the stacking port.
With reference to the second possible implementation manner of the fourth aspect, an embodiment of the present application provides a third possible implementation manner of the fourth aspect, where the second interface motherboard is configured to determine, according to the data packet and a second drainage rule stored in the second interface motherboard, a multicast standby table corresponding to the data packet; acquiring a standby port number corresponding to the data message from the multicast standby table; and forwarding the data message to the standby service daughter card through the multicast standby output port corresponding to the standby port number.
The technical scheme provided in the embodiment of the application at least has the following technical effects or advantages:
the interface daughter card receives the data message and transmits the data message to the interface mother board; the interface mother board forwards the data message to the corresponding service daughter card. The message can be sent to the service daughter card only through the interface mother board without being forwarded by the switching network board, so that the message forwarding path is shortened, the forwarding efficiency is improved, and the possibility of packet loss and packet error in the forwarding process is reduced. Even if packet loss and packet error occur, the problem port is easy to locate, so that the problem port is maintained, and the occurrence of the packet loss and packet error is reduced. The network equipment does not need to pass through the exchange network board, so that the bandwidth from the interface motherboard to the exchange network board is not occupied, and the limitation of the bandwidth from the interface motherboard to the exchange network board is avoided, so that the service flow which can be processed by the network equipment is larger. Furthermore, the network device can be a distributed firewall device, and the distributed firewall device adopting the message forwarding method has high message forwarding efficiency and can process larger service flow.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 shows a schematic structural diagram of a network device provided in an embodiment of the present application;
fig. 2 is a schematic flowchart illustrating a message forwarding method according to an embodiment of the present application;
fig. 3 is a schematic diagram illustrating a forwarding path of a data packet according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of another network device provided in an embodiment of the present application;
fig. 5 is a schematic flowchart illustrating another packet forwarding method according to an embodiment of the present application;
fig. 6 is a schematic diagram illustrating a forwarding path of a data packet when a master service daughter card operates normally according to an embodiment of the present application;
fig. 7 is a schematic diagram illustrating a forwarding path of a data packet when a master service daughter card fails according to an embodiment of the present application;
fig. 8 is a flowchart illustrating another packet forwarding method according to an embodiment of the present application.
Detailed Description
Exemplary embodiments of the present application will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present application are shown in the drawings, it should be understood that the present application may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As shown in fig. 1, the network device includes an interface motherboard, at least one service daughter card, and at least one interface daughter card, and the service daughter card and the interface daughter card are plugged into the interface motherboard. The interface daughter card may be connected to a network, and specifically, the interface daughter card may be connected to a CE (Customer Edge) device and a PE (Provider Edge) device. In the embodiment of the present application, the network device may be a distributed firewall device, and the service daughter card may be a firewall board card accordingly. Only one interface daughter card and two service daughter cards, service daughter cards 1 and 2, are schematically depicted in fig. 1. In addition, as shown in fig. 1, the network device further includes a switch board, and the switch board is connected to the interface motherboard.
Based on the hardware structure of the network device shown in fig. 1, an embodiment of the present application provides a packet forwarding method, which is applied to the network device, and with reference to fig. 2, the method includes:
step 101: the interface daughter card receives the data message and transmits the data message to the interface mother board.
And the interface daughter card receives the data message sent by the CE equipment and transmits the data message to the interface mother board. It should be understood that the interface daughter card may also receive the data packet sent by the PE device, transmit the data packet sent by the PE device to the interface motherboard, and then execute the method shown in the embodiment of the present application to forward the data packet to the CE device.
Step 102: and the interface motherboard matches the service identifier corresponding to the data message in a preset flow guiding rule.
In the embodiment of the present application, each service daughter card included in the network device has its own service identifier, and the service identifier may be a character sequence capable of uniquely identifying the service daughter card, or a user-defined serial number including any combination of numbers, letters, and characters. Before the network equipment leaves the factory, based on the port number corresponding to each port connected with each service daughter card by the interface mother board, the corresponding relation between the service identification of the service daughter card and the port number is prestored on the interface mother board. And based on the services which can be processed by each service daughter card, a flow guiding rule is preset on the interface motherboard, and the flow guiding rule specifies the corresponding relation between the service identification corresponding to each service daughter card and the message hash value. The message hash value can reflect the service of the message.
When the network equipment actually works, after the interface mother board receives the data message transmitted by the interface daughter card, the corresponding service identifier is matched from the preset drainage rule according to the quintuple of the data message. The quintuple information includes a source IP (Internet Protocol Address) Address, a destination IP Address, a source port, a destination port, and a transport layer Protocol corresponding to the data packet.
When matching of the drainage rules is performed according to the data message, the interface motherboard performs hash operation on quintuple information included in the data message to obtain a hash value corresponding to the data message. And acquiring the service identifier corresponding to the data message from the corresponding relation between the service identifier and the message hash value included in the preset flow guiding rule according to the hash value.
Step 103: the interface mother board transmits the data message to the service daughter card corresponding to the service identification.
After the service identifier corresponding to the data message is obtained in the above manner, the interface motherboard obtains the corresponding port number from the pre-stored correspondence between the service identifier and the port number according to the service identifier. And then, the data message is forwarded to the service daughter card corresponding to the service identifier from the output port corresponding to the port number.
Since the connection port between the interface motherboard and the service daughter card is an HG (HiGig, private serial bus) port, the interface motherboard needs to convert the data packet into a multicast packet before forwarding the data packet to the service daughter card. Specifically, the interface motherboard adds protocol information of the HG port to a header of the data packet, where the adding process specifically may be: the protocol information of the HG port comprises a dest module, a dest port and an opcode, wherein the dest module is added to the 3 rd byte position in the message header of the data message, the dest port is added to the 4 th byte position in the message header of the data message, and the opcode is added to the last 3 bits of the 15 th byte position in the message header of the data message. The added data message is a multicast message and can be transmitted through the HG port. The interface mother board transmits the converted multicast message to the service daughter card through a connection port between the interface mother board and the service daughter card, namely an HG port.
And the service daughter card processes the multicast message. After the service sub-card completes the processing of the multicast message, the processed message is forwarded to the interface sub-card through the HG port via the interface mother board, and then transmitted to the PE device by the interface sub-card.
As shown in fig. 3, a schematic diagram of a data packet forwarding path is shown, where a dotted line in fig. 3 visually shows a forwarding path of a data packet in a network device, that is, after a CE device sends a data packet to an interface daughter card, the data packet is transmitted to a service daughter card 1 via an interface mother board, and after processing of the service daughter card 1 is completed, the data packet is transmitted to a PE device via the interface mother board and the interface daughter card.
In the embodiment of the application, the data message received by the interface daughter card can be sent to the corresponding service daughter card only through the connection port between the interface daughter card and the interface mother board and the connection port between the interface mother board and the service daughter card, the data message does not need to be forwarded through the switching network board, the forwarding path of the data message is shortened, and thus the message forwarding efficiency is improved. And the forwarding path of the data message is shortened, the possibility of packet loss and error is greatly reduced in the forwarding process, even if the packet loss and error occurs, the root cause of the problem is easily located, namely, the root cause of the packet loss and error can be located only by checking the connection port between the interface daughter card and the interface mother board and the connection port between the interface mother board and the service daughter card, and the problem port with the problem can be further maintained, so that the occurrence of the packet loss and error is reduced. Meanwhile, the data message is forwarded without passing through the switching network board, so that the bandwidth between the interface motherboard and the switching network board is not occupied, and the data message is forwarded without being limited by the bandwidth between the interface motherboard and the switching network board, so that the service flow which can be processed by the network equipment is larger.
Fig. 4 shows another structure diagram of a network device, where the network device includes a service motherboard and a service standby board, the service motherboard includes a first interface motherboard, a main service daughter card plugged in the first interface motherboard, and a first interface daughter card, the service standby board includes a second interface motherboard, a standby service daughter card plugged in the second interface motherboard, and a second interface daughter card, and the first interface daughter card is connected to the second interface daughter card through a stacking interface. Stacking is used to aggregate more than one device to work as a new device. In this embodiment, the service main board and the service standby board may be regarded as two devices, and the service main board and the service standby board are connected by a stacking technique to form the network device, specifically, the first interface sub card and the second interface sub card are connected by a connecting line by a stacking technique, and a connection port between the connecting line and the first interface sub card and a connection port between the connecting line and the second interface sub card are both the stacking ports.
And the first interface sub card and the second interface sub card are connected with the CE equipment and the PE equipment. The main service sub card and the standby service sub card are used for processing the same service, in the embodiment of the application, the network device may be a distributed firewall device, and accordingly the main service sub card and the standby service sub card are both firewall board cards. In addition, as shown in fig. 4, the service main board further includes a first main control board and a first switch network board, and both the first main control board and the first switch network board are connected to the first interface motherboard. The service standby board also comprises a second main control board and a second exchange network board, and the second main control board and the second exchange network board are both connected with the second interface mother board. The service main board and the service backup board form a service backup group, and the network device may include one or more such service backup groups.
When the backup group is created, the first main control board determines that the first main control board is the main control board on the main equipment side in the backup group according to the first preset role configuration information. The first preset role configuration information is used for indicating that the role of the first main control board is the main role. After determining the role of the first main control board, the first main control board allocates a multicast main table and a first drainage rule for the service main board in the backup group, wherein the multicast main table comprises a main port number corresponding to a multicast main output port, and the first drainage rule is used for associating the data message with the multicast main table. And the second main control board determines that the second main control board is the main control board of the backup equipment side in the backup group according to the second preset role configuration information. The second preset role configuration information is used for indicating the role of the second main control board as a standby role. After determining the role of the second master control board, the second master control board allocates a multicast standby table and a second drainage rule for the service standby board in the backup group, wherein the multicast standby table comprises a standby port number corresponding to a multicast standby port, and the second drainage rule is used for associating the data message with the multicast standby table. The multicast master output port is a connection port between the first interface mother board and the main service daughter card, and the multicast standby output port is a connection port between the second interface mother board and the standby service daughter card.
After the first main control board distributes the multicast main table and the first drainage rule corresponding to the service main board, the first main control board sends the multicast main table and the first drainage rule to the first interface mother board. After the second main control board distributes the multicast standby list and the second drainage rule corresponding to the service standby board, the multicast standby list and the second drainage rule are sent to the second interface mother board. Alternatively, the first main control board may also send an allocation notification to the first interface motherboard. And after receiving the distribution notice, the first interface motherboard sends an acquisition request to the first main control board. And after receiving the acquisition request sent by the first interface mother board, the first main control board sends the multicast main table and the first drainage rule to the first interface mother board. Similarly, the second main control board may also send a distribution notification to the second interface motherboard, and the second interface motherboard sends an acquisition request to the second main control board after receiving the distribution notification. And after receiving the acquisition request sent by the second interface mother board, the second main control board sends the multicast standby list and the second drainage rule to the second interface mother board.
In this embodiment, the first main control board may further allocate a multicast main board and a first drainage rule for the service main board, and allocate a multicast standby board and a second drainage rule for the service standby board. The mode that the first main control board sends the multicast main list and the first drainage rule to the first interface mother board is the same as the mode. For the multicast standby table and the second flow guiding rule, the first main control board firstly sends the multicast standby table and the second flow guiding rule to the first interface daughter card through the first interface mother board. And then the first interface daughter card sends the multicast standby list and the second flow guiding rule to the second interface daughter card through the stacking port on the first interface daughter card and the stacking port on the second interface daughter card, and the second interface daughter card sends the multicast standby list and the second flow guiding rule to the second interface mother board.
And after receiving the multicast main table and the first drainage rule, the first interface motherboard stores the multicast main table and the first drainage rule in a chip of the first interface motherboard. And after receiving the multicast standby list and the second drainage rule, the second interface motherboard stores the multicast standby list and the second drainage rule in a chip of the second interface motherboard.
To facilitate understanding of the above backup group creation process, a specific description is given below by way of example. For example, when creating a backup group, a user first plugs each board according to the structure shown in fig. 4, and records a host port number 0x000010000 corresponding to a multicast host output port where a first interface motherboard is connected to a host service daughter card, and records a backup port number 0x001000010 corresponding to a multicast backup output port where a second interface motherboard is connected to a backup service daughter card. Then the user inputs the above-mentioned main port number 0x000010000 to the first main control board, and inputs the above-mentioned spare port number 0x001000010 to the second main control board. The first main control board allocates a multicast master table and a first drainage rule for the service main board, the multicast master table includes a master port number 0x000010000, and allocates a table identifier 12mc for the multicast master table, the first drainage rule specifies the multicast master table corresponding to data packets from different source IP addresses, and as shown in table 1, the data packets with source IP addresses of 10.10.10.10, 10.0.11.10, etc. all correspond to the multicast master table with table identifier 12 mc. And the first main control board sends the multicast main table and the first drainage rule shown in the table 1 to the first interface mother board. The first interface mother board stores a multicast main table and a first flow guiding rule.
TABLE 1
Figure BDA0001997925140000111
The second main control board allocates a multicast standby table and a second drainage rule to the service standby board, the multicast standby table includes a standby port number 0x001000010, and allocates a table identifier 9mc to the multicast standby table, the second drainage rule specifies a multicast standby table corresponding to data packets from different source IP addresses, and as shown in table 2, data packets with source IP addresses of 10.10.10.10, 10.0.11.10, etc. all correspond to the multicast standby table with the table identifier 9 mc. And the second main control board sends the multicast standby list and the second drainage rule shown in the table 2 to the second interface mother board. The second interface mother board stores a multicast standby list and a second drainage rule.
TABLE 2
Figure BDA0001997925140000121
Based on the hardware structure of the network device shown in fig. 4, an embodiment of the present application provides a message forwarding method, which is applied to the network device, and with reference to fig. 5, the method includes:
step 201: the first interface daughter card receives the data message and transmits the data message to the first interface mother board.
And the first interface daughter card receives the data message sent by the CE equipment and transmits the data message to the first interface mother board. It should be understood that the first interface daughter card may also receive the data packet sent by the PE device, transmit the data packet sent by the PE device to the first interface mother board, and then execute the method shown in the embodiment of the present application to forward the data packet to the CE device.
In the network device, when the first interface sub-card receives the data message, if the main service sub-card operates normally, the data message should be processed by the main service sub-card. However, since the main service sub-card may fail, the data message cannot be processed, and therefore, it is necessary to detect whether the main service sub-card fails.
In one embodiment of the present application, the first interface motherboard may periodically check the main service daughter card to determine whether the main service daughter card has failed. Specifically, the first interface motherboard periodically sends a heartbeat message to the main service daughter card. If the main service sub card operates normally, the main service sub card identifies the heartbeat message after receiving the heartbeat message, and returns a response message corresponding to the heartbeat message to the first interface mother board. And if the main service sub-card fails, the main service sub-card cannot return a response message to the first interface mother board. Therefore, if the first interface motherboard does not receive the response message returned by the main service daughter card after exceeding the preset time, the first interface motherboard determines that the main service daughter card has a fault, and then executes the operation of step 203; if a response message returned by the main service sub-card is received within the preset time length, the first interface mother board determines that the main service sub-card normally operates, and then the operation of step 202 is executed subsequently. The preset time period may be 3 seconds or 5 seconds.
In another embodiment of the present application, the first switch board may further perform periodic detection on the main service sub-card to determine whether the main service sub-card fails. Specifically, the first switch network board periodically sends a heartbeat message to the main service daughter card. If the main service sub-card operates normally, the main service sub-card identifies the heartbeat message after receiving the heartbeat message, and returns a response message corresponding to the heartbeat message to the first switching network board. If the main service sub-card fails, the main service sub-card cannot return a response message to the first exchange network board. Therefore, if the first switch network board does not receive the response message returned by the main service sub-card after exceeding the preset time length, the first switch network board determines that the main service sub-card has a fault and sends an abnormal notification message to the first interface mother board. And if the first switching network board receives a response message returned by the main service sub-card within the preset time length, the first switching network board determines that the main service sub-card normally operates.
The exception notification message is used for indicating that the main service daughter card fails. After receiving the exception notification message, the first interface motherboard determines that the main service daughter card fails, and then performs the operation of step 203. And if the first interface mother board does not receive the abnormal notification message, determining that the main service daughter card normally operates.
After detecting that the current main service sub-card has not failed by the method of any of the embodiments, the data message is forwarded to the main service sub-card through the following operation of step 202, or after detecting that the current main service sub-card has failed, the data message is forwarded to the standby service sub-card through the operation of step 203.
Step 202: when the main service sub card normally operates, the first interface mother board matches the multicast main output port corresponding to the data message in the first flow guiding rule stored by the first interface mother board, and forwards the data message to the main service sub card from the multicast main output port.
The multicast main output port is a port connected between the first interface mother board and the main service daughter card. When the main service sub card operates normally, the first interface mother board needs to forward the data message to the main service sub card for processing. Specifically, the first interface motherboard determines a multicast master table corresponding to the data packet according to the data packet and a first flow guiding rule stored in the first interface motherboard. Namely, the first interface motherboard obtains the source IP address of the data packet from the quintuple of the data packet, and determines the table identifier of the multicast master table corresponding to the data packet from the first drainage rule according to the source IP address. Then, acquiring a main port number corresponding to the data message from a multicast main table corresponding to the table identifier; and forwarding the data message to the main service daughter card through the multicast main output port corresponding to the main port number.
For example, assuming that the source IP address of the data packet received by the first interface motherboard is 10.10.10.10, the table identifier of the multicast master table corresponding to the data packet is determined to be 12mc from the first drainage rule shown in table 1, the master port number 0x000010000 is obtained from the multicast master table corresponding to the table identifier 12mc, and then the data packet is transmitted to the master service daughter card from the multicast master output port corresponding to the master port number 0x 000010000.
In this embodiment of the present application, for all data packets received by the first interface daughter card, the table identifier of the corresponding multicast master table may be determined from the first drainage rule, and then the master port number corresponding to the multicast master output port is obtained from the multicast master table corresponding to the table identifier. After the first interface mother board obtains the main port number corresponding to the data message, the data message is forwarded to the main service daughter card through the multicast main output port corresponding to the main port number. And the main service sub card processes the data message after receiving the data message.
In this embodiment of the present application, since the connection port between the first interface motherboard and the main service daughter card is an HG port, that is, the multicast main output port is an HG port, before the first interface motherboard forwards the data packet to the main service daughter card through the multicast main output port, the first interface motherboard needs to convert the data packet into a multicast packet. Specifically, the first interface motherboard adds protocol information of the HG port to a header of the data packet, and the specific process of adding may be: the protocol information of the HG port comprises a dest module, a dest port and an opcode, the dest module is added to the 3 rd byte position in the message header of the data message, the dest port is added to the 4 th byte position in the message header of the data message, and the opcode is added to the last 3 bits of the 15 th byte position in the message header of the data message. The added data message is a multicast message and can be transmitted through the HG port. The first interface mother board transmits the converted multicast message to the main service daughter card through the multicast main output port.
And the main service sub card processes the multicast message. After the main service sub-card processes the multicast message, a destination IP address is obtained from a five-tuple of the multicast message, the main service sub-card inquires a routing table stored by the main service sub-card according to the destination IP address, a port of the network device, which is in communication connection with destination equipment corresponding to the destination IP address, is determined from the routing table, if the port is a port of the first interface sub-card connected with PE equipment, the processed message is forwarded to the first interface sub-card through the first interface mother board, and then is transmitted to the PE equipment through the first interface sub-card. If the port is a port connected between the second interface sub card and the PE device, the processed message is forwarded to the first interface sub card through the first interface mother board, the first interface sub card sends the message to the second interface sub card through a stacking port on the first interface sub card and a stacking port on the second interface sub card, and then the message is transmitted to the PE device through the second interface sub card. In another example, the destination IP Address may also be replaced with a destination MAC (Media Access Control Address, hardware Address), and the main service daughter card obtains the destination MAC Address from the multicast packet, queries a routing table stored in the main service daughter card according to the destination MAC Address, determines a port of the network device, which is in communication connection with the destination device corresponding to the destination MAC Address, and finally forwards the packet to the destination device from the determined port.
As shown in fig. 6, a schematic diagram of a data packet forwarding path is shown in fig. 6, where a dotted line visually shows a forwarding path of a data packet in a network device when a main service daughter card normally operates, that is, after a CE device sends the data packet to a first interface daughter card, the data packet is transmitted to the main service daughter card through a first interface mother board, after the main service daughter card completes processing, assuming that a routing table is queried according to a destination IP address of the packet, and determining that a port of a communication connection between the network device and a destination device corresponding to the destination IP address is a port between the first interface daughter card and a PE device, the packet is transmitted to the PE device through the first interface mother board and the first interface daughter card.
When the main service sub card operates normally, the data message received by the first interface sub card can be sent to the main service sub card only through the connection port between the first interface sub card and the first interface mother board and the connection port between the first interface mother board and the main service sub card, the data message does not need to be forwarded through the first exchange network board, the forwarding path of the data message is shortened, and the message forwarding efficiency is improved. And the forwarding path of the data message is shortened, the possibility of packet loss and error is greatly reduced in the forwarding process, even if the packet loss and error occurs, the root of the problem is easily located, namely, the root of the problem of the packet loss and error can be located only by checking the connection port between the first interface daughter card and the first interface mother board and the connection port between the first interface mother board and the main service daughter card, and further, the connection port with the problem can be maintained, so that the occurrence of the packet loss and error is reduced. Meanwhile, the data message is forwarded without passing through the first switching network board, so that the bandwidth from the first interface motherboard to the first switching network board is not occupied, and the data message is forwarded without being limited by the bandwidth from the first interface motherboard to the first switching network board, so that the service flow which can be processed by the network equipment is larger.
Step 203: when the main service sub card fails, the first interface mother board sends the data message to the second interface sub card through the first interface sub card, the second interface mother board receives the data message sent by the second interface sub card, the multicast standby output port corresponding to the data message is matched in a second drainage rule stored by the second interface mother board, and the data message is forwarded to the standby service sub card from the multicast standby output port.
When the main service sub card fails, the main service sub card cannot process the data message, and the first interface mother board forwards the data message to the standby service sub card in the current backup group for processing. Specifically, the first interface motherboard modifies the number of the main port included in the multicast main table stored in the first interface motherboard into the identifier of the stacking port, where the identifier of the stacking port includes the identifier of the stacking port on the first interface daughter card and the identifier of the stacking port on the second interface daughter card. The first interface mother board determines a multicast main table corresponding to the data message according to the data message and a first drainage rule stored by the first interface mother board; the first interface mother board obtains the mark of the stacking port from the multicast main table and sends the data message and the mark of the stacking port to the first interface daughter card. And the first interface sub card sends the data message to the second interface sub card through the stacking port on the first interface sub card and the stacking port on the second interface sub card according to the identification of the stacking port. And the second interface daughter card transmits the data message to the second interface mother board. And the second interface mother board receives the data message sent by the second interface daughter card and forwards the data message to the standby service daughter card.
When the first interface mother board determines that the main service daughter card has a fault, the first interface mother board modifies a main port number corresponding to a multicast main output port included in a multicast main table stored by the first interface mother board into an identifier of the stacking port. In this embodiment of the present application, the first interface sub card and the second interface sub card are connected by a connection line through a stacking technique, a port connected between the connection line and the first interface sub card and a port connected between the connection line and the second interface sub card are collectively referred to as a stacking port, and the identifier of the stacking port includes an identifier of a port connected between the connection line and the first interface sub card and an identifier of a port connected between the connection line and the second interface sub card.
After the first interface mother board modifies the multicast master table, when the first interface mother board receives a data message transmitted by the first interface daughter card, a source IP address is obtained from a quintuple of the data message, a table identifier of the corresponding multicast master table is determined from a first drainage rule stored by the first interface mother board according to the source IP address, then an identifier of the stacking port is obtained from the multicast master table corresponding to the table identifier, and the data message and the identifier of the stacking port are sent to the first interface daughter card. And the first interface sub card sends the data message to the second interface sub card through the stacking port on the first interface sub card and the stacking port on the second interface sub card according to the identification of the stacking port. And the second interface daughter card transmits the data message to the second interface mother board.
And after receiving the data message, the second interface motherboard determines a multicast standby table corresponding to the data message according to the data message and a second drainage rule stored by the second interface motherboard. Namely, the second interface motherboard obtains the source IP address of the data packet from the quintuple of the data packet, and determines the table identifier of the multicast standby table corresponding to the data packet from the second drainage rule according to the source IP address. And then, acquiring a standby port number corresponding to the data message from a multicast standby table corresponding to the table identifier, and forwarding the data message to the standby service daughter card through a multicast standby port corresponding to the standby port number.
For example, assuming that the source IP address of the data packet received by the second interface motherboard is 10.10.10.10, it is determined from the second drainage rule shown in table 2 that the table identifier of the multicast standby table corresponding to the data packet is 9mc, the standby port number 0x001000010 is obtained from the multicast standby table corresponding to the table identifier 9mc, and then the data packet is transmitted to the standby service daughter card from the multicast standby port corresponding to the standby port number 0x 001000010.
And the second interface sub card is used for receiving all data messages from the multicast standby port, and acquiring the standby port number corresponding to the multicast standby port from the multicast standby table corresponding to the table identifier. Therefore, after the second interface mother board obtains the standby port number corresponding to the data message, the data message is forwarded to the standby service daughter card through the multicast standby output port corresponding to the standby port number. And the standby service daughter card processes the data message after receiving the data message.
Similarly, the connection port between the second interface motherboard and the service slave card is also an HG port, that is, the multicast standby output port is an HG port, so that the second interface motherboard needs to convert the data packet into a multicast packet before forwarding the data packet to the service slave card through the multicast standby output port. Specifically, the second interface motherboard adds protocol information of the HG port to a header of the data packet, and the adding process may be: the protocol information of the HG port comprises a dest module, a dest port and an opcode, the dest module is added to the 3 rd byte position in the message header of the data message, the dest port is added to the 4 th byte position in the message header of the data message, and the opcode is added to the last 3 bits of the 15 th byte position in the message header of the data message. The added data message is a multicast message and can be transmitted through the HG port. The second interface mother board transmits the converted multicast message to the standby service daughter card through the multicast standby output port.
And the standby service daughter card processes the multicast message. After the multicast message is processed, a destination IP address is obtained from a five-tuple of the multicast message, the standby service daughter card inquires a routing table stored in the standby service daughter card according to the destination IP address, a port of the network device, corresponding to the destination IP address, of communication connection between the destination devices is determined from the routing table, and if the port is a port between the second interface daughter card and the PE device, the processed message is transmitted to the second interface daughter card through the second interface mother board. And transmitting the data to the PE equipment by the second interface sub-card. If the port is a port between the first interface sub card and the PE device, the processed message is forwarded to the second interface sub card through the second interface mother board, and the second interface sub card sends the message to the first interface sub card through a stacking port on the second interface sub card and a stacking port on the first interface sub card and then is transmitted to the PE device through the first interface sub card. In another example, the destination IP address may also be replaced with a destination MAC address, and the standby service daughter card obtains the destination MAC address from the multicast packet, queries a routing table stored in the standby service daughter card according to the destination MAC address, determines a port of the network device, which is in communication connection with the destination device corresponding to the destination MAC address, and finally forwards the packet to the destination device from the determined port.
As shown in fig. 7, a schematic diagram of a data packet forwarding path is shown in fig. 7, where a dotted line visually shows a forwarding path of a data packet in a network device after a failure occurs in a main service daughter card, that is, after a CE device sends the data packet to a first interface daughter card, the first interface daughter card transmits the data packet to a first interface mother board, the first interface mother board sends the data packet to a second interface daughter card through the first interface daughter card, the second interface daughter card forwards the data packet to a second interface mother board, and the second interface mother board transmits the data packet to a standby service daughter card. After the standby service daughter card is processed, assuming that a routing table is queried according to a destination IP address of a message, and a port of communication connection between the network device and a destination device corresponding to the destination IP address is determined to be a port between the first interface daughter card and the PE device, the message is transmitted to the second interface daughter card through the second interface mother board, the second interface daughter card transmits the message to the first interface daughter card through a stacking port on the second interface daughter card and a stacking port on the first interface daughter card, and the first interface daughter card transmits the message to the PE device.
When the main service sub card fails, the first interface mother board sends the data message to the first interface sub card, and the first interface sub card forwards the data message to the second interface sub card through a stacking port on the first interface sub card and a stacking port on the second interface sub card. And the second interface daughter card sends the data message to the standby service daughter card through the second interface mother board. The data message does not need to be forwarded through the second exchange network board, the forwarding path of the data message is shortened, and the message forwarding efficiency is improved. And the forwarding path of the data message is shortened, the possibility of packet loss and error is greatly reduced in the forwarding process, even if the packet loss and error occurs, the root of the problem is easily located, namely, the root of the problem of the packet loss and error can be located only by checking the stacking port, the connection port between the second interface daughter card and the second interface mother board and the connection port between the second interface mother board and the standby service daughter card, and further, the connection port with the problem can be maintained, so that the occurrence of the packet loss and error is reduced. Meanwhile, the data message is forwarded without passing through the second exchange network board, so that the bandwidth from the second interface motherboard to the second exchange network board is not occupied, and the data message is forwarded without being limited by the bandwidth from the second interface motherboard to the second exchange network board, so that the service flow which can be processed by the distributed firewall is larger.
And when the first interface mother board determines that the main service daughter card has a fault, modifying the multicast main table stored by the first interface mother board, and modifying the main port number included in the multicast main table into the identifier of the stacking port. And then, the user can maintain or replace the main service sub-card, so that the main service sub-card can restore to normal work. At this time, the first interface mother board can detect that the main service daughter board is recovered to normal, modify the multicast main table again, and modify the identifier of the stacking port included in the multicast main table into the main port number, so that when the first interface mother board receives the data packet again, the first interface mother board can forward the data packet to the main service daughter board for processing according to the operation of step 202.
When the main service sub card fails, the main service sub card and the standby service sub card change roles, that is, the standby service sub card undertakes the main function of message processing, and at this time, the data message sent by the CE device is finally transmitted to the standby service sub card for processing. And after the main service sub card recovers normal operation for a preset time, the main service sub card and the standby service sub card are subjected to role transformation again, the main function of message processing is recovered and borne by the main service sub card, and at the moment, the data message received by the first interface sub card is transmitted to the main service sub card for processing. Or after the main service sub card recovers to work normally, the main service sub card and the standby service sub card may not perform role transformation, and the standby service sub card undertakes the main function of message processing, and performs role transformation until the standby service sub card fails, and then the main service sub card undertakes the main function of message processing.
In the embodiment of the application, when the main service sub-card operates normally, the data message received by the first interface sub-card is sent to the main service sub-card through the first interface mother board, and the data message does not need to be forwarded through the first switch network board. When the main service sub-card has a fault, the first interface mother board forwards the data message to a second interface sub-card in the service standby board, the second interface sub-card sends the data message to the standby service sub-card through the second interface mother board, and the data message does not need to be forwarded through a second switching network board. The forwarding path of the data message is shortened, the message forwarding efficiency is high, and the possibility of packet loss and packet error is greatly reduced. Because the number of the ports through which the data message passes in the forwarding process is small, even if packet loss and packet error occur, the port with the problem is easy to locate, so that maintenance operation is performed on the port with the problem, and the occurrence of the packet loss and packet error is reduced. And no matter in the service main board or the service standby board, the data message is not forwarded through the switching network board, the bandwidth from the interface mother board to the switching network board is not occupied, and the limitation of the bandwidth from the interface mother board to the switching network board is avoided, so that the service flow which can be processed by the network equipment is larger.
In the network device shown in fig. 4, the service main board and the service standby board may be backup to each other, the second interface daughter card included in the service standby board is also connected to the CE device and the PE device, similar to the processing manner in which the first interface daughter card receives the data packet in the foregoing embodiment, when the service standby board bears the main function of packet processing and the service main board is used as a standby device of the service standby board, as shown in fig. 8, when the second interface daughter card receives the data packet sent by the CE device, the data packet is forwarded by the following operations, which include:
step 301: and the second interface daughter card receives the data message and transmits the data message to the second interface mother board.
And the second interface daughter card receives the data message sent by the CE equipment and transmits the data message to the second interface mother board. It should be understood that the second interface daughter card may also receive the data packet sent by the PE device, transmit the data packet sent by the PE device to the second interface mother board, and then execute the method shown in the embodiment of the present application to forward the data packet to the CE device.
When the second interface sub card receives the data message, if the standby service sub card operates normally, the data message should be processed by the standby service sub card. However, since the slave service daughter card may fail, the data message cannot be processed, and therefore, it is necessary to detect whether the slave service daughter card fails.
Similarly, the second interface motherboard may periodically detect the standby service daughter card, and the second interface motherboard periodically sends a heartbeat message to the standby service daughter card. If the second interface mother board does not receive the response message returned by the standby service daughter card for more than the preset time, the second interface mother board determines that the standby service daughter card fails, and then the operation of the step 303 is executed; if a response message returned by the slave service daughter card is received within the preset time length, the second interface mother board determines that the slave service daughter card normally operates, and then the operation of step 302 is executed subsequently.
In another embodiment of the present application, the second switch network board may also perform periodic detection on the standby service daughter card, and the second switch network board periodically sends a heartbeat message to the standby service daughter card. And if the second switching network board does not receive a response message returned by the standby service daughter card for more than the preset time, the second switching network board determines that the standby service daughter card fails and sends an abnormal notification message to the second interface mother board. And if the second switching network board receives a response message returned by the standby service daughter card within the preset time length, the second switching network board determines that the standby service daughter card normally operates. The exception notification message is used for indicating that the standby service daughter card fails. After receiving the exception notification message, the second interface motherboard determines that the standby service daughter card fails, and then performs the operation of step 203. And if the second interface mother board does not receive the abnormal notification message, determining that the standby service daughter card normally operates.
Step 302: when the standby service daughter card normally operates, the second interface mother board matches the multicast standby output port corresponding to the data message in the second drainage rule stored by the second interface mother board, and forwards the data message to the standby service daughter card from the multicast standby output port.
And the second interface motherboard determines a multicast standby table corresponding to the data message according to the data message and a second drainage rule stored by the second interface motherboard. Namely, the second interface motherboard obtains the source IP address of the data packet from the quintuple of the data packet, and determines the table identifier of the multicast standby table corresponding to the data packet from the second drainage rule according to the source IP address. And then, acquiring a standby port number corresponding to the data message from a multicast standby table corresponding to the table identifier, and forwarding the data message to a standby service daughter card through a multicast main output port corresponding to the standby port number.
Since the connection port between the second interface motherboard and the slave service daughter card is an HG port, that is, the multicast main output port is an HG port, before the second interface motherboard forwards the data packet to the slave service daughter card through the multicast main output port, protocol information of the HG port is also added to the packet header of the data packet, the added data packet is a multicast packet, and the generation process of the multicast packet is described in the foregoing text and is not described herein again. The second interface mother board transmits the converted multicast message to the standby service daughter card through the multicast main output port. After the standby service daughter card finishes processing the multicast message, the processed message is forwarded to the second interface daughter card through the second interface mother board, and then is transmitted to the PE device through the second interface daughter card.
When the standby service daughter card operates normally, the data message received by the second interface daughter card can be sent to the standby service daughter card only through the second interface motherboard, and the data message does not need to be forwarded through the second switching network board, so that the forwarding path of the data message is shortened, and the message forwarding efficiency is improved. And the forwarding path of the data message is shortened, the possibility of packet loss and packet error in the forwarding process is greatly reduced, even if the packet loss and packet error condition occurs, the port with the problem is easy to locate, and further, the port with the problem can be maintained, so that the occurrence of the packet loss and packet error condition is reduced. Because the forwarding does not need to pass through the second exchange network board, the bandwidth between the second interface motherboard and the second exchange network board is not occupied, and the message forwarding is not limited by the bandwidth between the second interface motherboard and the second exchange network board, the service flow which can be processed by the network equipment is larger.
Step 303: when the standby service sub-card fails, the second interface mother board sends the data message to the first interface sub-card through the second interface sub-card, the first interface mother board receives the data message sent by the first interface sub-card, the multicast main output port corresponding to the data message is matched in a first flow guiding rule stored by the first interface mother board, and the data message is forwarded to the main service sub-card from the multicast main output port.
When the standby service daughter card fails, the standby service daughter card cannot process the data message, and the second interface mother board forwards the data message to the main service daughter card in the current backup group for processing. Specifically, the second interface motherboard modifies the standby port number included in the multicast standby table stored in the second interface motherboard into the identifier of the stacking port, and the second interface motherboard determines the multicast standby table corresponding to the data message according to the data message and a second drainage rule stored in the second interface motherboard; and acquiring the identifier of the stacking port from the multicast standby table, and sending the data message and the identifier of the stacking port to the second interface sub card. And the second interface sub card sends the data message to the first interface sub card through the stacking port on the second interface sub card and the stacking port on the first interface sub card according to the identification of the stacking port, and the first interface sub card transmits the data message to the first interface mother board. The first interface mother board forwards the data message to the main service daughter card.
The first interface sub card and the second interface sub card are connected by a connecting line by adopting a stacking technology. The stacking port refers to a port connected between the connecting line and the first interface daughter card and a port connected between the connecting line and the second interface daughter card.
And when the second interface mother board determines that the standby service daughter card has a fault, the second interface mother board modifies the standby port number included in the multicast standby table stored by the second interface mother board into the identifier of the stacking port. The identifier of the stacking port is the identifier of the connection port between the connection line and the first interface daughter card and the identifier of the connection port between the connection line and the second interface daughter card.
After the second interface mother board modifies the multicast standby table, a source IP address is obtained from the quintuple of the data message, a table identifier of the corresponding multicast standby table is determined from a second drainage rule stored in the second interface mother board according to the source IP address, then the identifier of the stacking port is obtained from the multicast standby table corresponding to the table identifier, and the data message and the identifier of the stacking port are sent to the second interface daughter card. And the second interface sub card sends the data message to the first interface sub card through the stacking port on the second interface sub card and the stacking port on the first interface sub card according to the identification of the stacking port. And the first interface daughter card transmits the data message to the first interface mother board.
After the first interface mother board receives the data message, the multicast main table corresponding to the data message is determined according to the data message and a first drainage rule stored by the first interface mother board. Namely, the first interface motherboard obtains the source IP address of the data packet from the quintuple of the data packet, and determines the table identifier of the multicast master table corresponding to the data packet from the first drainage rule according to the source IP address. Then, acquiring a main port number corresponding to the data message from a multicast main table corresponding to the table identifier; and forwarding the data message to the main service daughter card through the multicast main output port corresponding to the main port number.
Similarly, before forwarding the data packet to the main service daughter card through the multicast master output port, the first interface mother board further adds protocol information of the HG port to a packet header of the data packet, where the added data packet is a multicast packet. The first interface mother board transmits the converted multicast message to the main service daughter card through the multicast main output port.
After the multicast message is processed, the main service sub-card acquires a destination IP address from the five-tuple of the multicast message, inquires a routing table stored in the main service sub-card according to the destination IP address, determines a port of communication connection between destination equipment corresponding to the destination IP address on the network equipment from the routing table, and transmits the processed message to the first interface sub-card through the first interface mother board if the port is the port between the first interface sub-card and the PE equipment. And transmitting the data to the PE equipment by the first interface sub-card. If the port is a port between the second interface sub card and the PE device, the processed message is forwarded to the first interface sub card through the first interface mother board, the first interface sub card sends the message to the second interface sub card through a stacking port on the first interface sub card and a stacking port on the second interface sub card, and then the message is transmitted to the PE device through the second interface sub card. In another example, the destination IP address may also be replaced with a destination MAC address, and the host service daughter card obtains the destination MAC address from the multicast packet, queries a routing table stored in the host service daughter card according to the destination MAC address, determines a port of the network device, which is in communication connection with the destination device corresponding to the destination MAC address, and finally forwards the packet to the destination device from the determined port.
And when the second interface mother board determines that the standby service daughter card has a fault, modifying the self-stored multicast standby table, and modifying the standby port number included in the multicast standby table into the identifier of the stacking port. And then the user can maintain or replace the standby service daughter card, so that the standby service daughter card can restore to normal work. At this time, the second interface mother board can detect that the standby service daughter board is recovered to normal, modify the multicast standby table again, and modify the identifier of the stacking port included in the multicast standby table into the standby port number, so that when the second interface mother board receives the data message again, the data message can be forwarded to the standby service daughter board for processing according to the operation of step 302.
When the slave service sub-card fails, the master service sub-card and the slave service sub-card change roles, that is, the master service sub-card undertakes the main function of message processing, and at this time, the data message sent by the CE device is finally transmitted to the master service sub-card for processing. And after the standby service daughter card recovers to work normally for the preset time, the main service daughter card and the standby service daughter card are subjected to role transformation again, the standby service daughter card recovers to bear the main function of message processing, and at the moment, the data message received by the second interface daughter card is transmitted to the standby service daughter card for processing. Or after the sub-card of the standby service recovers to work normally, the main service sub-card and the sub-card of the standby service do not need to change roles, the main function of message processing is undertaken by the main service sub-card, the role change is carried out until the main service sub-card breaks down, and the main function of message processing is undertaken by the sub-card of the standby service.
In the embodiment of the application, when the standby service sub-card operates normally, the data message received by the second interface sub-card is sent to the standby service sub-card through the second interface mother board, and the data message does not need to be forwarded through the second switch network board. When the standby service sub-card fails, the second interface mother board forwards the data message to the first interface sub-card in the service main board, the first interface sub-card sends the data message to the main service sub-card through the first interface mother board, and the data message does not need to be forwarded through the first exchange network board. The forwarding path of the data message is shortened, the message forwarding efficiency is high, and the possibility of packet loss and packet error is greatly reduced. Because the number of the ports through which the data message passes in the forwarding process is small, even if packet loss and packet error occur, the port with the problem is easy to locate, so that maintenance operation is performed on the port with the problem, and the occurrence of the packet loss and packet error is reduced. And no matter in the service main board or the service standby board, the data message is not forwarded through the switching network board, the bandwidth from the interface mother board to the switching network board is not occupied, and the limitation of the bandwidth from the interface mother board to the switching network board is avoided, so that the service flow which can be processed by the network equipment is larger.
It should be noted that:
the algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose devices may be used with the teachings herein. The required structure for constructing such a device will be apparent from the description above. In addition, this application is not directed to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the present application as described herein, and any descriptions of specific languages are provided above to disclose the best modes of the present application.
In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the application may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the application, various features of the application are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the application and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: this application is intended to cover such departures from the present disclosure as come within known or customary practice in the art to which this invention pertains. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this application.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the application and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the present application may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in the creation apparatus of a virtual machine according to embodiments of the present application. The present application may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present application may be stored on a computer readable medium or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the application, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The application may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above description is only for the preferred embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (15)

1. A message forwarding method is applied to network equipment which comprises an interface mother board, at least one service daughter card and at least one interface daughter card, wherein the service daughter card and the interface daughter card are plugged in the interface mother board, and the method is characterized by comprising the following steps:
the interface daughter card receives a data message and transmits the data message to the interface mother board; based on the port numbers corresponding to the ports of the interface mother board and the service daughter cards, pre-storing the corresponding relation between the service identification and the port numbers of the service daughter cards on the interface mother board; the interface motherboard matches the service identification corresponding to the data message in a preset flow guiding rule, the flow guiding rule prescribes the corresponding relation between the service identification corresponding to each service daughter card and the message hash value, and the message hash value is used for reflecting the service to which the data message belongs;
the interface mother board forwards the data message to a service daughter card corresponding to the service identifier;
before the interface mother board forwards the data message to the service daughter card corresponding to the service identifier, protocol information of a private serial bus (HG) port is added to a message header of the data message, and the data message is converted into a multicast message.
2. The method according to claim 1, wherein the forwarding the data packet to the service daughter card corresponding to the service identifier by the interface motherboard comprises:
the interface motherboard acquires a corresponding port number from the corresponding relation between the service identifier and the port number according to the service identifier;
and the interface mother board forwards the data message to the service daughter card corresponding to the service identifier from the output port corresponding to the port number.
3. The method according to claim 1, wherein the interface motherboard matches the service identifier corresponding to the data packet in a preset flow-directing rule, and the method comprises:
the interface motherboard performs hash operation on quintuple information included in the data message to obtain a hash value corresponding to the data message;
and the interface motherboard acquires the service identifier corresponding to the data message from the corresponding relation between the service identifier and the message hash value included in the preset flow guiding rule according to the hash value.
4. A message forwarding method is applied to network equipment, the network equipment comprises a service mainboard and a service standby board, the service mainboard comprises a first interface mother board, a main service daughter card and a first interface daughter card which are plugged on the first interface mother board, the service standby board comprises a second interface mother board, a standby service daughter card and a second interface daughter card which are plugged on the second interface mother board, and the first interface daughter card and the second interface daughter card are connected through a stacking port, and the method is characterized by comprising the following steps:
the first interface daughter card receives a data message and transmits the data message to the first interface mother board;
when the main service sub card normally operates, the first interface mother board matches a multicast main output port corresponding to the data message in a first flow guiding rule stored by the first interface mother board, and forwards the data message to the main service sub card from the multicast main output port; the first drainage rule is used for associating the data message with a multicast master table, and the multicast master table comprises a master port number corresponding to a multicast master output port; the multicast main output port is a connection port between the first interface mother board and the main service daughter card;
the first interface mother board or the first exchange network board periodically detects the main service sub-card to determine whether the main service sub-card has a fault; the service mainboard also comprises a first exchange network board which is connected with the first interface motherboard;
when the main service sub card fails, the first interface mother board sends the data message to the second interface sub card through the first interface sub card;
the second interface mother board receives the data message sent by the second interface daughter card, matches a multicast standby output port corresponding to the data message in a second drainage rule stored by the second interface mother board, and forwards the data message to the standby service daughter card from the multicast standby output port; the second drainage rule is used for associating the data message with a multicast standby table, and the multicast standby table comprises a standby port number corresponding to a multicast standby output port; the multicast standby output port is a connection port between the second interface motherboard and the standby service daughter card.
5. The method according to claim 4, wherein the first interface motherboard matches a multicast main egress port corresponding to the data packet in a first flow guiding rule stored in the first interface motherboard, and forwards the data packet from the multicast main egress port to the main service daughter card, including:
the first interface mother board determines a multicast main table corresponding to the data message according to the data message and a first drainage rule stored by the first interface mother board;
the first interface mother board obtains a main port number corresponding to the data message from the multicast main table;
and the first interface mother board forwards the data message to the main service daughter card through a multicast main output port corresponding to the main port number.
6. The method of claim 4, wherein the first interface motherboard sending the data packet to the second interface daughter card via the first interface daughter card comprises:
the first interface mother board modifies the main port number included in the multicast main table stored by the first interface mother board into the identifier of the stacking port;
the first interface mother board determines a multicast main table corresponding to the data message according to the data message and a first drainage rule stored by the first interface mother board;
the first interface mother board obtains the identifier of the stacking port from the multicast master table, and sends the data message and the identifier of the stacking port to the first interface daughter card;
and the first interface sub card sends the data message to the second interface sub card through the stacking port according to the identifier of the stacking port.
7. The method according to claim 4, wherein the second interface motherboard matches a multicast standby output port corresponding to the data packet in a second drainage rule stored in the second interface motherboard, and forwards the data packet from the multicast standby output port to the standby service daughter card, including:
the second interface mother board determines a multicast standby table corresponding to the data message according to the data message and a second drainage rule stored by the second interface mother board;
the second interface mother board obtains the standby port number corresponding to the data message from the multicast standby table;
and the second interface mother board forwards the data message to the standby service daughter card through the multicast standby output port corresponding to the standby port number.
8. The method of claim 6, further comprising:
when the main service sub-card returns to normal operation, the first interface mother board modifies the identifier of the stacking port included in the multicast main table into a main port number corresponding to the multicast main output port.
9. The method according to any one of claims 4-8, wherein the service main board further comprises a first main control board, the service standby board further comprises a second main control board, and the method further comprises:
the first main control board distributes a multicast main table and a first flow guiding rule and sends the multicast main table and the first flow guiding rule to the first interface mother board;
and the second main control board distributes a multicast standby list and a second flow guiding rule and sends the multicast standby list and the second flow guiding rule to the second interface mother board.
10. The method according to any one of claims 4-8, further comprising:
the second interface daughter card receives the data message and transmits the data message to the second interface mother board;
when the standby service daughter card normally operates, the second interface mother board matches a multicast standby output port corresponding to the data message in a second drainage rule stored in the second interface mother board, and forwards the data message to the standby service daughter card from the multicast standby output port;
when the standby service sub-card fails, the second interface mother board sends the data message to the first interface sub-card through the second interface sub-card; and the first interface mother board receives the data message sent by the first interface daughter card, matches a multicast main output port corresponding to the data message in a first flow guiding rule stored by the first interface mother board, and forwards the data message to the main service daughter card from the multicast main output port.
11. A network device, which comprises an interface mother board, at least one service daughter card and at least one interface daughter card, wherein the service daughter card and the interface daughter card are plugged on the interface mother board, the network device is characterized in that the network device comprises:
the interface daughter card is used for receiving data messages and transmitting the data messages to the interface mother board;
the interface motherboard is used for matching the service identifier corresponding to the data message in a preset flow guiding rule; forwarding the data message to the service sub-cards corresponding to the service identifiers, wherein the corresponding relationship between the service identifiers corresponding to the service sub-cards and the message hash value is specified in the drainage rule, and the message hash value is used for reflecting the service to which the data message belongs; based on the port numbers corresponding to the ports of the interface mother board and the service daughter cards, pre-storing the corresponding relation between the service identification and the port numbers of the service daughter cards on the interface mother board;
the interface motherboard is further configured to add protocol information of a private serial bus HG port to a header of the data packet before forwarding the data packet to the service daughter card corresponding to the service identifier, and convert the data packet into a multicast packet.
12. The device according to claim 11, wherein the interface motherboard is configured to obtain a corresponding port number from a correspondence between a service identifier and a port number according to the service identifier; and forwarding the data message to a service daughter card corresponding to the service identifier from an output port corresponding to the port number.
13. A network device comprises a service mainboard and a service standby board, wherein the service mainboard comprises a first interface mother board, a main service daughter card and a first interface daughter card which are inserted in the first interface mother board, the service standby board comprises a second interface mother board, a standby service daughter card and a second interface daughter card which are inserted in the second interface mother board, and the first interface daughter card is connected with the second interface daughter card through a stacking port, which is characterized by comprising:
the first interface daughter card is used for receiving a data message and transmitting the data message to the first interface mother board;
the first interface mother board is used for matching a multicast main output port corresponding to the data message in a first drainage rule stored by the first interface mother board when the main service daughter card normally operates, and forwarding the data message to the main service daughter card from the multicast main output port; the first drainage rule is used for associating the data message with a multicast master table, and the multicast master table comprises a master port number corresponding to a multicast master output port; the multicast main output port is a connection port between the first interface mother board and the main service daughter card; the first interface mother board or the first exchange network board periodically detects the main service sub-card to determine whether the main service sub-card has a fault; the service mainboard also comprises a first exchange network board which is connected with the first interface motherboard; and the data message is sent to the second interface sub card through the first interface sub card when the main service sub card fails;
the second interface mother board is configured to receive the data packet sent by the second interface daughter card, match a multicast standby output port corresponding to the data packet in a second drainage rule stored in the second interface mother board, and forward the data packet to the standby service daughter card from the multicast standby output port; the second drainage rule is used for associating the data message with a multicast standby table, and the multicast standby table comprises a standby port number corresponding to a multicast standby output port; the multicast standby output port is a connection port between the second interface motherboard and the standby service daughter card.
14. The apparatus according to claim 13, wherein the first interface motherboard is configured to modify a main port number included in a self-stored multicast main table to be an identifier of the stack port; determining a multicast main table corresponding to the data message according to the data message and a first drainage rule stored in the data message; acquiring the identifier of the stacking port from the multicast master table, and sending the data message and the identifier of the stacking port to the first interface sub card;
and the first interface sub card is used for sending the data message to the second interface sub card through the stacking port according to the identifier of the stacking port.
15. The device according to claim 13, wherein the second interface motherboard is configured to determine, according to the data packet and a second drainage rule stored in the second interface motherboard, a multicast standby table corresponding to the data packet; acquiring a standby port number corresponding to the data message from the multicast standby table; and forwarding the data message to the standby service daughter card through the multicast standby output port corresponding to the standby port number.
CN201910202564.6A 2019-03-18 2019-03-18 Message forwarding method and device Active CN110011941B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910202564.6A CN110011941B (en) 2019-03-18 2019-03-18 Message forwarding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910202564.6A CN110011941B (en) 2019-03-18 2019-03-18 Message forwarding method and device

Publications (2)

Publication Number Publication Date
CN110011941A CN110011941A (en) 2019-07-12
CN110011941B true CN110011941B (en) 2022-01-28

Family

ID=67167491

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910202564.6A Active CN110011941B (en) 2019-03-18 2019-03-18 Message forwarding method and device

Country Status (1)

Country Link
CN (1) CN110011941B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110519079B (en) * 2019-08-01 2022-11-25 新华三大数据技术有限公司 Data forwarding method and device, network board, network equipment and storage medium
CN110673995B (en) * 2019-09-24 2023-05-26 杭州迪普科技股份有限公司 Method, device and equipment for testing drainage strategy configuration result
CN113992592B (en) * 2021-10-27 2023-11-17 锐捷网络股份有限公司 Message forwarding method and device, port drainage system and storage medium
CN115065614B (en) * 2022-06-22 2023-10-13 杭州云合智网技术有限公司 Method for identifying multi-activity service connectivity of VPWS

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4464766B2 (en) * 2004-03-03 2010-05-19 株式会社日立製作所 Multicast distribution control device
CN102130817B (en) * 2010-01-20 2013-09-11 杭州华三通信技术有限公司 Method for keeping flows uninterrupted in stacked system and machine frame switch
CN103346950B (en) * 2013-07-29 2016-05-25 北京傲天动联技术股份有限公司 Between a kind of rack wireless controller customer service plate, method and device are shared in load equally
CN103795622B (en) * 2014-01-22 2017-02-15 杭州华三通信技术有限公司 Message forwarding method and device using same

Also Published As

Publication number Publication date
CN110011941A (en) 2019-07-12

Similar Documents

Publication Publication Date Title
CN110011941B (en) Message forwarding method and device
US11329881B2 (en) Method and system for network topology enforcement
US9608841B2 (en) Method for real-time synchronization of ARP record in RSMLT cluster
US9219641B2 (en) Performing failover in a redundancy group
US9413652B2 (en) Systems and methods for path maximum transmission unit discovery
US20070058528A1 (en) Fault-Tolerant Communications In Routed Networks
US9960988B2 (en) Systems and methods for reducing information loss in an aggregated information handling system
CA2810663A1 (en) Network system and network managing method
CN109474495B (en) Tunnel detection method and device
CN106059946B (en) Message forwarding method and device
CN112291116A (en) Link fault detection method and device and network equipment
EP4020905A1 (en) Packet transmission method, device, and system
US20080205376A1 (en) Redundant router having load sharing functionality
US20160205033A1 (en) Pool element status information synchronization method, pool register, and pool element
EP4020904B1 (en) Packet transmission method, device, and system
EP3355520B1 (en) System and method for traffic steering and analysis
CN109218176B (en) Message processing method and device
JP2014143505A (en) Data transfer device and data transfer method
CN105450432A (en) Method for positioning port connection error and associated equipment
US20230308383A1 (en) Message Sending Method, Message Processing Method, Apparatus, and System
CN113872843B (en) Route generation method, route processing method and device
CN107005476B (en) Method and first device for managing data frames in a switched network
CN113973101A (en) Method and device for processing table item information
CN109361781B (en) Message forwarding method, device, server, system and storage medium
CN108418709B (en) Port aggregation method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant