CN109144673A - A kind of NFV quick development method - Google Patents
A kind of NFV quick development method Download PDFInfo
- Publication number
- CN109144673A CN109144673A CN201811091835.7A CN201811091835A CN109144673A CN 109144673 A CN109144673 A CN 109144673A CN 201811091835 A CN201811091835 A CN 201811091835A CN 109144673 A CN109144673 A CN 109144673A
- Authority
- CN
- China
- Prior art keywords
- data packet
- data
- packet
- nfv
- quick development
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45562—Creating, deleting, cloning virtual machine instances
Abstract
The invention discloses a kind of NFV quick development methods, specifically includes the following steps: S1, byte stream process: receiving the data packet that extraneous transmission comes first, and received data packet is quickly packaged, S2, data packet processing: data packet received in S1 is subjected to data IP address, format and size by the resolve packet module in data packet handling system and is parsed, technical field of software development is related to.The NFV quick development method, including exploitation environment and library, we are abstracted the data package operation in network, including byte stream operation, package operation, state operation etc., by the way that these operations are abstracted, construct our library, the NFV function that user can go construction complicated by our these abstract operations, using reference counter and intelligent pointer technology, it is fast to execute speed, using the packet encapsulation of Unique type, reduces data packet copy, execution efficiency is high, it is possible to provide flexible Development Framework and API.
Description
Technical field
The present invention relates to technical field of software development, specially a kind of NFV quick development method.
Background technique
Currently, large-scale mainstream network operator has used network function to virtualize (Network Function
Virtualization, NFV) mode, with the software realization run in virtual machine (Virtual Machine, VM) or container
Carry out hardware device in alternative networks, has the advantage that deployment new function only needs change software using NFV technology, to simplify
Service deployment;Software need to be only write in general-purpose platform, thus Speeding up development speed;By integrating multiple nets on a single machine
Network function (Network Function, NF) reduces cost, however, the service deployment efficiency of large scale network service function but pole
It is low, and the conventional method that this is primarily due to construct and run NF is poor to the matching of carrier network, therefore, planned network
Service function deployment need to meet the needs of carrier network: in performance, lower packetization delay and higher network throughput;
In efficiency, multiple NFs can be integrated by flexible deployment on single machine, and handle the ability of the data packet from multiple tenants, together
When be capable of providing the function and Fault Isolation of business.
The present invention shortens the development cycle in exploitation, and difficulty is reduced in maintenance, while providing for NF safe
Isolation mech isolation test.
Summary of the invention
(1) the technical issues of solving
In view of the deficiencies of the prior art, the present invention provides a kind of NFV quick development methods, solve existing exploitation week
The problem of phase is long, and maintenance difficulties are high, and security isolation mechanism cannot be provided for NF.
(2) technical solution
In order to achieve the above object, the present invention is achieved by the following technical programs: a kind of NFV quick development method, tool
Body the following steps are included:
S1, byte stream process: the data packet that extraneous transmission comes is received first, and received data packet is quickly beaten
Packet;
S2, data packet processing: data packet received in S1 is passed through into the resolve packet module in data packet handling system
Carry out data IP address, format and size are parsed, then the data packet of parsing be transformed by data transformation module be
The Format Type of self-identifying in uniting, and be filtered the not routine data after parsing by data filtering module;
S3, control flow are abstract: the data parsed in S2 being combined, the operation such as transmission or merging at random, come
The conditional branching of paired data stream is handled;
S4, condition managing: it is isolated and wraps the data flow obtained by the way of isolation to S3 using memory and carry out at branch's isolation
Reason provides memory isolation technology when using RUST advanced security language as operation, and uses LLVM as runtime environment, comes real
Now memory isolation, while packet copy bring performance influence is eliminated using the Unique type that RUST is provided, to realize packet
Isolation;
After S5, event scheduling: the above S1 to S4 complete a data packet processing, week can be completed by time scheduling system
Phase property or timing scheduling operation.
Preferably, the data packet handling system in the step S2 include resolve packet module, data transformation module and
Data filtering module.
Preferably, the Unique type in the step S4 is data contention in order to prevent, does not allow two threads simultaneously
Identical data are accessed, may make the attribute can be in compiling by static authentication, so that expense will not be brought to when running.
Preferably, the calling in the step S5 between NF is identified, it can be ensured that transmission NF is forwarded in data packet
The access right to data packet will be lost after going out, so that it is guaranteed that the accessible data packet of only one NF.
Preferably, data packet processing is abstract in the step S3 uses lazy tupe, i.e., only treatment process needs
When the data of data packet, data packet abstract component can just be calculated data packet.
(3) beneficial effect
The present invention provides a kind of NFV quick development methods.Have compared with prior art following the utility model has the advantages that the NFV
Quick development method, by specifically includes the following steps: S1, byte stream process: receive first extraneous transmission come data packet,
And be quickly packaged received data packet, data packet received in S1 S2, data packet processing: is passed through into data packet processing system
Resolve packet module in system carries out data IP address, format and size and is parsed, and S3, control flow are abstract: will be in S2
The data parsed are combined, transmission or merging etc. operate at random, have come the conditional branching processing of paired data stream, S4, shape
State management: branch's isolation processing is carried out to the data flow that S3 is obtained in such a way that isolation is isolated and is wrapped to memory, using RUST high
Level security language uses LLVM as runtime environment to provide memory isolation technology when operation, to realize that memory is isolated,
After S5, event scheduling: the above S1 to S4 complete the processing of data packet, can by time scheduling system come execution cycle property or
The scheduling operation of timing, the development approach include exploitation environment and library, we are abstracted the data package operation in network,
Including byte stream operation, package operation, state operation etc., by being abstracted these operations, our library, Yong Huke are constructed
With the NFV function that these abstract operations by us go construction complicated, realizes through RUST high-level language, grasped without pointer
Make, checks array access boundary, do not allow to access NULL object, ensure different type transform security, thus realize storage isolation,
When data packet is isolated, only a NF is allowed to operate a data packet, different from the garbage reclamation of Java, using reference count
Device and intelligent pointer technology, execution speed is fast, using the packet encapsulation of Unique type, reduces data packet copy, executes effect
Rate height, it is possible to provide flexible Development Framework and API reduce overlapping development, accelerate NF development progress, meanwhile, dispose flexible, peace
Entirely, quickly, it can be achieved that deployment new function only needs change software, to simplify service deployment, it is only necessary to write in general-purpose platform soft
Part, thus Speeding up development speed;Cost, planned network service function are reduced by integrating multiple network functions on a single machine
Deployment need to meet the needs of carrier network: in performance, lower packetization delay and higher network throughput;In efficiency
On, multiple NFs can be integrated by flexible deployment on single machine, and handle the ability of the data packet from multiple tenants, while can
The function and Fault Isolation of offer business reduce difficulty, together to substantially reduce the development cycle in exploitation in maintenance
When safe isolation mech isolation test is provided for NF.
Specific embodiment
The technical scheme in the embodiments of the invention will be clearly and completely described below, it is clear that described implementation
Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common
Technical staff's every other embodiment obtained without making creative work belongs to the model that the present invention protects
It encloses.
The embodiment of the present invention provides a kind of technical solution: a kind of NFV quick development method, specifically includes the following steps:
S1, byte stream process: the data packet that extraneous transmission comes is received first, and received data packet is quickly beaten
Packet;
S2, data packet processing: data packet received in S1 is passed through into the resolve packet module in data packet handling system
Carry out data IP address, format and size are parsed, then the data packet of parsing be transformed by data transformation module be
The Format Type of self-identifying in uniting, and be filtered the not routine data after parsing by data filtering module;
S3, control flow are abstract: the data parsed in S2 being combined, the operation such as transmission or merging at random, come
The conditional branching of paired data stream is handled;
S4, condition managing: it is isolated and wraps the data flow obtained by the way of isolation to S3 using memory and carry out at branch's isolation
Reason provides memory isolation technology when using RUST advanced security language as operation, and uses LLVM as runtime environment, comes real
Now memory isolation, while packet copy bring performance influence is eliminated using the Unique type that RUST is provided, to realize packet
Isolation;
After S5, event scheduling: the above S1 to S4 complete a data packet processing, week can be completed by time scheduling system
Phase property or timing scheduling operation.
In the present invention, the data packet handling system in step S2 includes resolve packet module, data transformation module sum number
According to filtering module.
In the present invention, the Unique type in step S4 is data contention in order to prevent, does not allow two threads while visiting
It asks identical data, may make the attribute that can bring expense to will not give when operation in compiling by static authentication, in order to
Across core access data are avoided, cache invalidation and lock operation bring performance cost is caused, devises state abstraction, be software memory
Isolation provides vital four guarantees: they do not allow pointer operation;They check the boundary of array access, therefore anti-
Only as buffer overflow and caused by spuious memory access;They do not allow to access null object, to prevent using journey
Sequence should segregate memory using undefined behavior access;They ensure that all types conversion is all safe, and lead to
Intelligent pointer is crossed to complete Heap Allocation and garbage reclamation, the disadvantage in other safe high-level language performances of very good solution, NFV
Not only memory is needed to be isolated, NFV must also retain the semanteme of physical network, after packet is sent out such as NF, cannot again to wrap into
Row modification, this is referred to as packet isolation.Usually this realization be by being copied and being completed using packet when NF directly transmit packet, but
It is that this copy can bring expense to performance, so that it is guaranteed that the accessible data packet of only one NF, is based on this mechanism, guarantees
Data packet is successfully isolated, therefore does not need any data packet copy, and still, some NF may be needed after forwarding data packet
The content of data packet is accessed, in this case, NF oneself is responsible for replicating these data packets.
In the present invention, the calling in step S5 between NF is identified, it can be ensured that transmission NF is transferred in data packet
The access right to data packet will be lost after going, so that it is guaranteed that the accessible data packet of only one NF.
Data packet processing is abstract in the present invention, in step S3 uses lazy tupe, i.e., only treatment process needs to count
According to packet data when, data packet abstract component can just calculate data packet, can be with structure using these basic abstract components
Complicated NF is made, such as NF needs to complete following function: to each the network packet received, IP TTL being subtracted one, work as TTL
Discarding when being zero, to realize the function, NF obtains the IP head of network packet first with parsing abstract component parsing network packet, so
Ttl field is obtained from IP by changing abstract component afterwards, TTL is subtracted one, finally by filtering abstract component in IP
The packet that TTL is zero is filtered, for example, the parsing node in NFs does not execute any calculating, until transformation, filter, combination or
Similar node is just calculated when needing to handle data packet, secondly, the processing of image height performance data packet is the same, abstract component is once located
Batch of data packet is managed, and each abstract component realizes batch processing to improve traditional performance to the maximum extent.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding
And modification, the scope of the present invention is defined by the appended.
Claims (5)
1. a kind of NFV quick development method, it is characterised in that: specifically includes the following steps:
S1, byte stream process: the data packet that extraneous transmission comes is received first, and received data packet is quickly packaged;
S2, data packet processing: data packet received in S1 is carried out by the resolve packet module in data packet handling system
Data IP address, format and size are parsed, and then the data packet of parsing is transformed into system by data transformation module
The Format Type of self-identifying, and be filtered the not routine data after parsing by data filtering module;
S3, control flow are abstract: the data parsed in S2 the operation such as being combined to, send or merge at random, to complete pair
The conditional branching of data flow is handled;
S4, condition managing: branch's isolation processing is carried out to the data flow that S3 is obtained in such a way that isolation is isolated and is wrapped to memory, is adopted
With RUST advanced security language to provide memory isolation technology when operation, and use LLVM as runtime environment, in realizing
Deposit isolation, while eliminating packet copy bring performance using the Unique type that RUST is provided to influence, thus realize packet every
From;
It, can be by time scheduling system come execution cycle property after S5, event scheduling: the above S1 to S4 complete a data packet processing
Or timing scheduling operation.
2. a kind of NFV quick development method according to claim 1, it is characterised in that: the data packet in the step S2
Processing system includes resolve packet module, data transformation module and data filtering module.
3. a kind of NFV quick development method according to claim 1, it is characterised in that: the Unique in the step S4
Type is data contention in order to prevent, does not allow two threads while accessing identical data, may make the attribute that can compile
By static authentication when translating, so that expense will not be brought to when running.
4. a kind of NFV quick development method according to claim 1, it is characterised in that: in the step S5 between NF
Calling is identified, it can be ensured that access right to data packet will be lost after data packet forwards by sending NF, thus really
Protect the accessible data packet of only one NF.
5. a kind of NFV quick development method according to claim 1, it is characterised in that: in the step S3 at data packet
Reason is abstract to use lazy tupe, i.e., when only treatment process needs the data of data packet, data packet abstract component just can be right
Data packet is calculated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811091835.7A CN109144673A (en) | 2018-09-21 | 2018-09-21 | A kind of NFV quick development method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811091835.7A CN109144673A (en) | 2018-09-21 | 2018-09-21 | A kind of NFV quick development method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109144673A true CN109144673A (en) | 2019-01-04 |
Family
ID=64814986
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811091835.7A Pending CN109144673A (en) | 2018-09-21 | 2018-09-21 | A kind of NFV quick development method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109144673A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110324260A (en) * | 2019-06-21 | 2019-10-11 | 北京邮电大学 | A kind of network function virtualization intelligent dispatching method based on flow identification |
| CN110995769A (en) * | 2020-02-27 | 2020-04-10 | 上海飞旗网络技术股份有限公司 | Deep data packet detection method and device and readable storage medium |
| CN115150483A (en) * | 2022-05-17 | 2022-10-04 | 浙江木链物联网科技有限公司 | Network data packet analysis method, system and readable storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107463339A (en) * | 2017-08-17 | 2017-12-12 | 郑州云海信息技术有限公司 | A kind of NAS storage system |
-
2018
- 2018-09-21 CN CN201811091835.7A patent/CN109144673A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107463339A (en) * | 2017-08-17 | 2017-12-12 | 郑州云海信息技术有限公司 | A kind of NAS storage system |
Non-Patent Citations (1)
| Title |
|---|
| AUROJIT PANDA等: ""NetBricks: Taking the V out of NFV"", 《PROCEEDINGS OF THE 12TH USENIX CONFERENCE ON OPERATING SYSTEMS DESIGN AND IMPLEMENTATION》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110324260A (en) * | 2019-06-21 | 2019-10-11 | 北京邮电大学 | A kind of network function virtualization intelligent dispatching method based on flow identification |
| US11411865B2 (en) | 2019-06-21 | 2022-08-09 | Beijing University Of Posts And Telecommunications | Network resource scheduling method, apparatus, electronic device and storage medium |
| CN110995769A (en) * | 2020-02-27 | 2020-04-10 | 上海飞旗网络技术股份有限公司 | Deep data packet detection method and device and readable storage medium |
| CN110995769B (en) * | 2020-02-27 | 2020-06-05 | 上海飞旗网络技术股份有限公司 | Deep data packet detection method and device |
| CN115150483A (en) * | 2022-05-17 | 2022-10-04 | 浙江木链物联网科技有限公司 | Network data packet analysis method, system and readable storage medium |
| CN115150483B (en) * | 2022-05-17 | 2023-08-29 | 浙江木链物联网科技有限公司 | Network data packet analysis method, system and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Chen et al. | Computation and communication efficient graph processing with distributed immutable view | |
| CN102331923B (en) | Multi-core and multi-threading processor-based functional macropipeline implementing method | |
| US8863096B1 (en) | Parallel symbolic execution on cluster of commodity hardware | |
| US7849441B2 (en) | Method for specifying stateful, transaction-oriented systems for flexible mapping to structurally configurable, in-memory processing semiconductor device | |
| CN109144673A (en) | A kind of NFV quick development method | |
| US20030182376A1 (en) | Distributed processing multi-processor computer | |
| US11620215B2 (en) | Multi-threaded pause-less replicating garbage collection | |
| CN102638487B (en) | Large-scale telemetric seismic instrument high-performance data transmission method | |
| WO2014110702A1 (en) | Cooperative concurrent message bus, driving member assembly model and member disassembly method | |
| CN103218176A (en) | Data processing method and device | |
| Valvåg et al. | Cogset: a high performance MapReduce engine | |
| US11023277B2 (en) | Scheduling of tasks in a multiprocessor device | |
| Desell et al. | Salsa lite: A hash-based actor runtime for efficient local concurrency | |
| US9038075B2 (en) | Batch execution of system calls in an operating system | |
| Schwan et al. | “Topologies”—distributed objects on multicomputers | |
| CN112395056A (en) | Embedded asymmetric real-time system and electric power secondary equipment | |
| Akram et al. | Understanding and improving the cost of scaling distributed event processing | |
| Roth et al. | A SystemC modeling and simulation methodology for fast and accurate parallel MPSoC simulation | |
| Giorgi et al. | Modeling multi-board communication in the axiom cyber-physical system | |
| Plauth et al. | Improving the accessibility of NUMA‐aware C++ application development based on the PGASUS framework | |
| CN101299758B (en) | Well-regulated group system for cosmically processing event as well as processing method | |
| Cheng et al. | Ops: Optimized shuffle management system for apache spark | |
| Newton et al. | Intel concurrent collections for haskell | |
| WO2014110701A1 (en) | Independent active member and functional active member assembly module and member disassembly method | |
| Roth et al. | A framework for exploration of parallel SystemC simulation on the single-chip cloud computer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190104 |