CN107276916B - Switch flow table management method based on protocol non-perception forwarding technology - Google Patents
Switch flow table management method based on protocol non-perception forwarding technology Download PDFInfo
- Publication number
- CN107276916B CN107276916B CN201710481233.1A CN201710481233A CN107276916B CN 107276916 B CN107276916 B CN 107276916B CN 201710481233 A CN201710481233 A CN 201710481233A CN 107276916 B CN107276916 B CN 107276916B
- Authority
- CN
- China
- Prior art keywords
- table entry
- entry
- matched
- data packet
- heat
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/30—Peripheral units, e.g. input or output ports
- H04L49/3009—Header conversion, routing tables or routing tags
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/10—Packet switching elements characterised by the switching fabric construction
Abstract
The invention discloses a switch flow table management method based on a protocol unaware forwarding technology, which comprises the following steps: when a data packet arrives, firstly searching HT, if a matched table entry is searched, stopping searching, and executing corresponding operation on the data packet according to the searched table entry; wherein HT is a flow table generated according to heat; if the matched table entry is not found, the CT is continuously found, if the matched table entry is found and the heat of the corresponding table entry exceeds the threshold value, a new table entry is generated according to the header information of the data packet and the information of the corresponding table entry and is inserted into the HT; wherein, the CT is a flow table issued by the user. The method carries out flow table management based on the heat degree, can greatly accelerate the processing capacity of the switch, and does not influence the processing correctness of the switch.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a switch flow table management method based on a protocol non-sensing forwarding technology.
Background
The traditional network needs to be manually configured with special equipment, the process is complicated, errors are prone to occur, the capacity of network infrastructure cannot be fully utilized, the control and forwarding of traffic are completely dependent on routing equipment, and the weaknesses make the traditional network have great challenges. Software Defined Networking (SDN) is considered as the most promising solution to solve the current Network architecture problem. The core characteristics of the software defined network are as follows: the data plane and the control plane are separated; the forwarding function of the routing equipment is abstract, and the routing protocol can be programmably modified.
OpenFlow is currently the most popular SDN southbound interface protocol, however OpenFlow evolves from version 1.0 to version 1.5 today and the programmability of the network is still limited by the existing fields of the OpenFlow protocol. Therefore, a Protocol unaware Forwarding Protocol (POF) is proposed to solve the above Protocol dependency problem. The POF describes any matching fields and general instruction set of the transport protocol in terms of offset and offset length.
The conventional router adopts a Longest Prefix Match (LPM) rule to forward the data packet, but there are some precise entries in the software defined network, which causes a great resource waste if the LPM is used, and when there are multiple matching domains, if the front field has a mask match and the rear field has no mask match, the LPM is no longer applicable. Also, since the match field may be a mask match, hash matching cannot be used.
At present, an existing SDN software switch adopts a scheme of converting a flow table issued by a controller into an accurate flow table for caching, and accelerating the processing speed of the switch, but the heat of entries is not considered to dynamically adjust the flow table of the switch, which causes the forwarding rate of the switch to depend on the sequence of the flows. Other schemes related to switch flow table management are only theories and are not achieved, and are not applicable to POF switches, and if an entry with higher heat in an OpenFlow protocol Pipeline is moved from a following table to a preceding table, however, the flow tables in the Pipeline have dependency relationships, and cannot greatly improve the performance of the switches, and different flow table matching fields in the POF switches are different, and entries in different tables cannot be moved to the same table.
In summary, the conventional flow table management scheme is not suitable for the POF switch, and the flow table management scheme of the SDN switch does not dynamically adjust the flow table according to the heat of the entry, so that the forwarding rate of the switch depends on the sequence of the flows.
Disclosure of Invention
The invention aims to provide a switch flow table management method based on a protocol non-perception forwarding technology, which carries out flow table management based on heat, can greatly accelerate the processing capacity of a switch, and does not influence the processing correctness of the switch.
The purpose of the invention is realized by the following technical scheme:
a switch flow table management method based on a protocol unaware forwarding technology comprises the following steps:
when a data packet arrives, firstly searching HT, if a matched table entry is searched, stopping searching, and executing corresponding operation on the data packet according to the searched table entry; wherein HT is a flow table generated according to heat;
if the matched table entry is not found, the CT is continuously found, if the matched table entry is found and the heat of the corresponding table entry exceeds the threshold value, a new table entry is generated according to the header information of the data packet and the information of the corresponding table entry and is inserted into the HT; wherein, the CT is a flow table issued by the user.
And detecting whether the heat degree of each table item in the CT exceeds a threshold value η every a period of time T, and if so, setting the Hot-Flag attribute of the corresponding table item to True.
The heat degree of each table entry is obtained by calculating the difference value of the counters before and after the time T; the counter records the number of the data packets matched with each table item;
the threshold η is determined in an adaptive manner, and its initial value is the average value of the heat of all entries in CT, then if HT is not full, the threshold is updated with η ═ min (η, epsilon), if HT is full, the threshold is updated with η ═ epsilon, where epsilon is the heat of the entry closest to 90% of the HT positions.
When items in HT are searched, a Hash matching mode is used; when searching for an entry in the CT, mask matching is used.
The generating of the new entry to be inserted into the HT includes:
if HT is not full, inserting directly;
if HT is full, the new entry replaces no more than the 10% lower of the HT entries.
When a new table entry is generated by a certain table entry in the CT and inserted into the HT, the corresponding table entry is reserved in the CT, and the Hot-Flag attribute of the corresponding table entry is set to False.
The technical scheme provided by the invention has the following advantages that 1) the table entries in the HT are all accurate table entries, hash matching can be adopted, the table entries in the CT have masks which can only be matched according to bits, the searching speed is slow, and the table entries with high heat in the CT are converted into accurate table entries to be stored in the HT, so that the searching speed of a data packet can be accelerated. The entries in the CT are sorted according to the priority, so that corresponding operation can be executed when one entry is matched with a data packet without traversing all the entries, thereby accelerating the processing capacity of the switch. 2) After the precise table entry is established for the table entry in the CT and inserted into the HT, the table entry in the CT is not deleted, because the table entry in the CT may have a mask, and there may be only one precise table entry, and the deletion of the table entry in the CT may cause an error. 3) After a data packet arrives at a switch, HT is searched first, CT is not searched any more after a matched table entry is searched in HT, repeated searching is avoided, after a certain table entry in CT generates a corresponding accurate table entry, the Hot-Flag of the table entry is set to False, and repeated accurate table entries are avoided.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a flowchart of a method for managing a switch flow table based on a protocol unaware forwarding technology according to an embodiment of the present invention;
fig. 2 is a diagram of a switch flow table management architecture based on a protocol unaware forwarding technology according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a dynamic management process of a switch flow table according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart of a method for managing a switch flow table based on a protocol unaware forwarding technology according to an embodiment of the present invention. As shown in fig. 1, it mainly includes the following steps:
and step S1, sorting the items in the CT in advance according to the priority, detecting whether the heat degree of each item in the CT exceeds a threshold value η at intervals of time T, and if so, setting the Hot-Flag attribute of the corresponding item to True.
In the embodiment of the present invention, ct (cold table) is a flow table issued by a user (through a controller), and the table entry of the flow table has attributes such as priority, a counter, Hot-Flag, and the like. The priority attribute refers to the priority when the data packets are matched, that is, when the data packets are matched to a plurality of entries in the switch, the flow table with the highest priority is selected, the counter is used for recording the number of the data packets matched to each entry, and the Hot-Flag is used for marking whether the entries have higher heat.
In the embodiment of the invention, the heat degree of each table entry is obtained by calculating the difference value of a counter before and after time T, a threshold value η is determined in a self-adaptive mode, the initial value is the average value of the heat degrees of all table entries in CT, then, if HT is not full, the threshold value is updated by η ═ min (η, epsilon), if HT is full, the threshold value is updated by η ═ epsilon, wherein epsilon is the heat degree of the table entry closest to 90% of the positions in HT.
Step S2, when the data packet arrives, firstly searching HT, if the matched table entry is searched, then switching to step S3; if no matching entry is found, the process proceeds to step S4.
In the embodiment of the present invention, the ht (hot table) is an accurate flow table generated according to heat; when searching the table entry in the HT, a hash matching mode is used.
And S3, stopping searching, executing corresponding operation on the data packet according to the searched table entry, and then turning to the step S8.
Step S4, continuing to search the CT, and if the matched table entry is found, turning to step S5; if not, the process proceeds to step S8.
In the embodiment of the invention, mask matching is used when the table entry in the CT is searched.
Step S5, if the heat degree of the corresponding table entry exceeds the threshold value, the step S6 is executed; if not, the process proceeds to step S7.
The heat degree of the corresponding table entry in this step exceeds the threshold value, that is, the Hot-Flag attribute of the corresponding table entry is True.
Step S6, generating a new entry to be inserted into HT according to the header information of the packet and the information of the corresponding entry, and then step S7 is performed.
In the embodiment of the invention, the operation of updating HT is involved in inserting a new table entry into HT. Because the entries in the CT are mask matching, one entry may match multiple flows to generate multiple precise entries, and thus the precise entries (i.e. new entries) generated by entries with higher heat in the CT may not be as hot, and therefore, the entries in the HT need to be dynamically adjusted, which is divided into the following two cases: if HT is not full, inserting directly; if HT is full, the new entry replaces no more than the 10% of the entries with lower heat in HT, i.e. the update is performed slowly.
In addition, after a new table entry is generated and inserted into HT by a certain table entry in CT, the corresponding table entry is retained in CT, and the Hot-Flag attribute of the corresponding table entry is set to False, so that the generation of repeated accurate table entries is avoided.
Step S7, processing the data packet according to the searched items in the CT, and then turning to step S8.
Step S8, the packet processing flow ends.
The scheme of the embodiment of the invention mainly has the following advantages:
1) the table entries in the HT are all accurate table entries, hash matching can be adopted, the table entries in the CT have masks which can be matched only according to bits, the searching speed is slow, and the table entries with high heat in the CT are converted into accurate table entries to be stored in the HT, so that the searching speed of a data packet can be increased. The entries in the CT are sorted according to the priority, so that corresponding operation can be executed when one entry is matched with a data packet without traversing all the entries, thereby accelerating the processing capacity of the switch.
2) After the precise table entry is established for the table entry in the CT and inserted into the HT, the table entry in the CT is not deleted, because the table entry in the CT may have a mask, and there may be only one precise table entry, and the deletion of the table entry in the CT may cause an error.
3) After a data packet arrives at a switch, HT is searched first, CT is not searched after a matched table entry is searched in HT, repeated searching is avoided, after a certain table entry in CT generates a corresponding accurate table entry, the Hot-Flag of the table entry is set to False, and repeated accurate table entry is prevented from being generated
In addition, the architecture diagram for implementing the above method can be seen in fig. 2. In fig. 2, the POF switch uses a data Plane Development kit dpdk (data Plane Development kit) to take over a port, so that data is wrapped around a kernel state and is directly processed in a user state, thereby reducing the switching of the kernel state user state and accelerating a packet forwarding process. After a DPDK port receives a data Packet, a data Packet processing module firstly searches HT, if the data Packet matches with an item, a switch executes corresponding operation on the data Packet according to an instruction of the item, otherwise, the data Packet processing module continues to search CT, if the matched item is not found In CT, the data Packet processing module informs a switch control module, the switch control module sends Packet _ In information to a controller, if the matched item is found In CT and the item is high In heat, an accurate item creating module generates an accurate item for the item and inserts the accurate item into HT. The POF protocol stack is responsible for packaging and analyzing POF messages, the database stores configuration information of the switch, and the switch control module controls each module of the switch.
For ease of understanding, the flow table management process is described below in conjunction with a specific example that is based on the architectural implementation shown in fig. 2, which may be both accurate and efficient; the method mainly comprises the following steps:
(1) and sequencing each table item issued by the controller in the CT according to the priority.
(2) And detecting whether the heat degree of each table entry in the CT exceeds a threshold value every a period of time T, and if the heat degree of a certain table entry exceeds the threshold value, setting the Hot-Flag to True.
(3) When the data packet arrives, the data packet processing module first searches HT, stops searching if a matching entry is found, performs a corresponding operation on the data packet according to the found entry, and continues to search CT if no matching entry is found, as shown in the left diagram in fig. 3.
(4) And if the matched table entry is not found In the CT, sending a Packet _ In message to the controller, and ending the data Packet processing flow. If a matching packet is found in the CT, the search is also stopped because the entries in the CT have been sorted by priority.
(5) And judging whether the Hot-Flag of the matched table entry in the CT is True, if so, generating an accurate table entry by an accurate table entry creating module according to the table entry information in the CT and the information of the matched data packet and inserting the accurate table entry into the HT.
(6) And then the same data packet can find the matched table entry in the HT, and the HT adopts Hash matching, so that the processing flow of the data packet can be accelerated.
(7) After the HT is full, if there is a new entry to be inserted into the HT, because we determine whether to generate an accurate entry according to the heat of the entry in the CT, which is masked and may match multiple streams, the heat of the accurate entry generated according to the CT entry is not greater than the heat of the original entry, i.e., we only know the upper limit of the heat of the generated accurate entry and do not know the specific value thereof, we only update the entry with the lower heat of 10% of the HT, and slowly update the HT.
Through the above description of the embodiments, it is clear to those skilled in the art that the above embodiments can be implemented by software, and can also be implemented by software plus a necessary general hardware platform. With this understanding, the technical solutions of the embodiments can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.), and includes several instructions for enabling a computer device (which can be a personal computer, a server, or a network device, etc.) to execute the methods according to the embodiments of the present invention.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (4)
1. A switch flow table management method based on a protocol unaware forwarding technology is characterized by comprising the following steps:
when a data packet arrives, firstly searching HT, if a matched table entry is searched, stopping searching, and executing corresponding operation on the data packet according to the searched table entry; wherein HT is a flow table generated according to heat;
if no matched table entry is found, continuously searching the CT, if the matched table entry is found, and the heat degree of the corresponding table entry exceeds a threshold value, generating a new table entry to be inserted into the HT according to the header information of the data packet and the information of the corresponding table entry, wherein the CT is a flow table issued by a user, the heat degree of each table entry in the CT is obtained by calculating the difference value of a counter before and after the time T, the counter records the number of the data packets matched with each table entry, the threshold value η is determined in a self-adaptive mode, the initial value is the average value of the heat degrees of all the table entries in the CT, then, if the HT is not full, the threshold value is updated by η ═ min (η, epsilon), if the HT is full, the threshold value is updated by η ∈, and the epsilon is the heat degree of the table entry closest to 90% of the HT;
when the table entries in the HT are searched, a Hash matching mode is used; when searching for an entry in the CT, mask matching is used.
2. The switch flow table management method based on the protocol unaware forwarding technology of claim 1,
and detecting whether the heat degree of each table item in the CT exceeds a threshold value η every a period of time T, and if so, setting the Hot-Flag attribute of the corresponding table item to True.
3. The method according to claim 1, wherein the generating of the new entry to be inserted into the HT comprises:
if HT is not full, inserting directly;
if HT is full, the new entry replaces no more than the 10% lower of the HT entries.
4. The switch flow table management method based on the protocol unaware forwarding technology of claim 1,
when a new table entry is generated by a certain table entry in the CT and inserted into the HT, the corresponding table entry is reserved in the CT, and the Hot-Flag attribute of the corresponding table entry is set to False.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710481233.1A CN107276916B (en) | 2017-06-22 | 2017-06-22 | Switch flow table management method based on protocol non-perception forwarding technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710481233.1A CN107276916B (en) | 2017-06-22 | 2017-06-22 | Switch flow table management method based on protocol non-perception forwarding technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107276916A CN107276916A (en) | 2017-10-20 |
| CN107276916B true CN107276916B (en) | 2020-05-12 |
Family
ID=60068219
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710481233.1A Active CN107276916B (en) | 2017-06-22 | 2017-06-22 | Switch flow table management method based on protocol non-perception forwarding technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107276916B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107528743B (en) * | 2017-10-25 | 2019-10-25 | 中国科学技术大学 | A kind of distributed network virtualization system of SDN network |
| CN109347745A (en) * | 2018-09-20 | 2019-02-15 | 郑州云海信息技术有限公司 | A kind of flow table matching process and device based on OpenFlow interchanger |
| CN112838989A (en) * | 2019-11-25 | 2021-05-25 | 中兴通讯股份有限公司 | Data stream management method, network equipment and storage medium |
| CN111125493B (en) * | 2019-12-19 | 2021-11-26 | 中国科学院信息工程研究所 | High-speed data query system and method based on protocol non-perception forwarding |
| CN111050339B (en) * | 2019-12-19 | 2021-01-01 | 中国科学院信息工程研究所 | High-speed data updating system and method based on protocol non-perception forwarding |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104639443A (en) * | 2015-02-16 | 2015-05-20 | 杭州华三通信技术有限公司 | Method and device for rapidly forwarding message |
| CN105357146A (en) * | 2015-10-21 | 2016-02-24 | 北京交通大学 | Saturation attack defending method, device and system of buffer queue in outlet gateway |
| CN105591914A (en) * | 2014-10-21 | 2016-05-18 | 中兴通讯股份有限公司 | Openflow flow table look-up method and device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8964752B2 (en) * | 2013-02-25 | 2015-02-24 | Telefonaktiebolaget L M Ericsson (Publ) | Method and system for flow table lookup parallelization in a software defined networking (SDN) system |
| CN104468381B (en) * | 2014-12-01 | 2017-05-10 | 国家计算机网络与信息安全管理中心 | Implementation method for multi-field rule matching |
-
2017
- 2017-06-22 CN CN201710481233.1A patent/CN107276916B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105591914A (en) * | 2014-10-21 | 2016-05-18 | 中兴通讯股份有限公司 | Openflow flow table look-up method and device |
| CN104639443A (en) * | 2015-02-16 | 2015-05-20 | 杭州华三通信技术有限公司 | Method and device for rapidly forwarding message |
| CN105357146A (en) * | 2015-10-21 | 2016-02-24 | 北京交通大学 | Saturation attack defending method, device and system of buffer queue in outlet gateway |
Non-Patent Citations (1)
| Title |
|---|
| 基于标签的POF网络虚拟化技术研究;李佟等;《计算机应用研究》;20170315;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107276916A (en) | 2017-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107276916B (en) | Switch flow table management method based on protocol non-perception forwarding technology | |
| US9110884B2 (en) | Message publishing and subscribing method and apparatus | |
| US20150131666A1 (en) | Apparatus and method for transmitting packet | |
| US10394784B2 (en) | Technologies for management of lookup tables | |
| CN104184664B (en) | Route forwarding table items generation method and device | |
| WO2017186159A1 (en) | Packet transmission | |
| CN111966284A (en) | OpenFlow large-scale flow table elastic energy-saving and efficient searching framework and method | |
| RU2658889C1 (en) | Openflow tables table search method and device, and also the data media | |
| US20200159775A1 (en) | Network-wide, location-independent object identifiers for high-performance distributed graph databases | |
| CN112565090B (en) | High-speed forwarding method and device | |
| US11500851B2 (en) | System and method for state object data store | |
| US9135833B2 (en) | Process for selecting compressed key bits for collision resolution in hash lookup table | |
| CN107948060A (en) | A kind of new routing table is established and IP method for searching route and device | |
| CN109120454B (en) | QoS flow rate limiting system and method | |
| CN106487769B (en) | Method and device for realizing Access Control List (ACL) | |
| CN103812700A (en) | Message classifying method based on rule information entropy | |
| Li et al. | An improved trie-based name lookup scheme for named data networking | |
| WO2014206208A1 (en) | Data searching method, device, and system | |
| CN104219160B (en) | Generate the method and apparatus of input parameter | |
| CN109754021B (en) | Online packet classification method based on range tuple search | |
| CN107547390B (en) | The method and device of flow table creation and inquiry | |
| CN104486240A (en) | Method and device for classifying data packets | |
| US20230138389A1 (en) | Forwarding table validation | |
| CN114499889B (en) | Method suitable for network processing chip to store oversized conversation | |
| CN116915709B (en) | Load balancing method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |