CN111104458B - Distributed data exchange system and method based on RK3399Pro - Google Patents
Distributed data exchange system and method based on RK3399Pro Download PDFInfo
- Publication number
- CN111104458B CN111104458B CN201911100289.3A CN201911100289A CN111104458B CN 111104458 B CN111104458 B CN 111104458B CN 201911100289 A CN201911100289 A CN 201911100289A CN 111104458 B CN111104458 B CN 111104458B
- Authority
- CN
- China
- Prior art keywords
- data exchange
- network
- server
- distributed
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000002955 isolation Methods 0.000 claims abstract description 39
- 238000012545 processing Methods 0.000 claims abstract description 32
- 230000002093 peripheral effect Effects 0.000 claims abstract description 12
- 230000005540 biological transmission Effects 0.000 claims description 14
- 238000013461 design Methods 0.000 claims description 14
- 230000008569 process Effects 0.000 claims description 7
- 238000001914 filtration Methods 0.000 claims description 6
- 239000007787 solid Substances 0.000 claims description 4
- 230000010354 integration Effects 0.000 description 6
- 238000012550 audit Methods 0.000 description 4
- 230000004888 barrier function Effects 0.000 description 3
- 230000002457 bidirectional effect Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000008054 signal transmission Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 206010033799 Paralysis Diseases 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 230000001133 acceleration Effects 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 230000017525 heat dissipation Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001629 suppression Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a distributed data exchange system and an exchange method based on RK3399Pro, wherein the distributed data exchange system comprises a data exchange front-end server connected with an external network server and an isolation network gate, the data exchange front-end server comprises a processing unit, the processing unit comprises a distributed processing module, a distributed slot module and a switch module, the distributed processing module comprises a plurality of core modules, each core module comprises an AI processor RK3399Pro and a peripheral circuit connected with the AI processor RK3399Pro, the distributed slot module comprises a plurality of slot units, each core module is connected with one slot unit, the switch module is connected with the isolation network gate and the external network server, the switch module comprises a switch main board and a network controller connected with the switch main board, the network controller is used for data exchange scheduling and data acquisition management, and the switch main board is connected with the plurality of slot units. The invention has the advantages of excellent performance, stable operation, safe data, easy expansion, high cost performance and the like.
Description
Technical Field
The invention belongs to the technical field of data exchange equipment, and particularly relates to a distributed data exchange system and method based on RK3399 Pro.
Background
In recent years, along with the acceleration of the situation of network security threat, the problem of core data security needs to be solved in the construction of a network information security system, and security measures such as separation of an internal network and an external network, isolation of the internet from an internal network and the like are considered in the network construction of enterprises and public institutions at present. This also drives the need for an intranet and extranet data exchange device into the fast-evolving phase. With the advancement of informatization construction, enterprises and institutions gradually go deep in digital transformation, and continuous large-scale internal and external network data exchange is required more and more frequently, for example: e-government, police, office, production, research and development, security monitoring, and the like. This requires high performance data exchange rates and extremely high reliability for the intranet and extranet data exchange products.
As shown in fig. 1, the data exchange system is composed of a data exchange front-end server 1, an isolation gatekeeper 3, a data exchange rear-end server 5, etc., and the network exchange device in the prior art adopts a CPU with an X86 architecture and communicates based on a TCP/IP protocol, which generally exposes the following drawbacks in application:
1. problems of Transmission efficiency
When the network transmission flow is higher, especially the flow reaching several giga or even tens of megamega, and under the condition of a large amount of concurrent service flows, the more the data quantity to be processed in unit time is, the higher the CPU resource consumption of the TCP/IP protocol stack is, the extremely high CPU load can appear on the server system, and the efficiency of reading and writing data of the server is greatly reduced. The high concurrency of a large number of soft interrupts also reduces the system processing speed and affects the working efficiency. At present, in order to improve the efficiency of data exchange, a common method mainly improves the hardware performance of a system, adopts a higher-performance multi-core server and network equipment, but the cost is to carry out certain improvement on the system, and the cost is very huge for some large-scale systems.
2. Data security issues
The development time of the X86 architecture is long, the market share is high, devices based on the architecture are well known in the industry, and comprise systems, interfaces, storage and the like, so that data is relatively easier to be infected by viruses, illegally copied and the like.
3. Poor scalability
The upgrade of the equipment can only be carried out on the quantity or performance of the memory and the hard disk, the CPU can only be used for upgrading the same series of products, the upgrade of the processor system on quantity can not be conveniently carried out, and the expandability of the overall performance is limited.
4. The cost and the power consumption are relatively large
Because the data flow of the access of the internal and external networks is relatively large in the application, and the parallel access quantity for establishing the link is also large, the requirements on the main frequency and the number of threads of the CPU are relatively high, and the CPU needs a high-performance server CPU, such as: intel's to strong series processor, but its price is relatively high, several times that of an ARM processor. To increase the processing power of data exchange, the price of the product will increase by a multiple with double CPU or increased equipment. Meanwhile, the operation of the Intel processor is also required to be independently added with a memory, a hard disk, a display card, CPU heat dissipation, a high-power supply and the like, and the cost of the devices is high compared with that of the devices.
In addition, the CPU of the X86 architecture emphasizes the thought of performance and speed, so that the power consumption of the CPU is relatively large, the power consumption of the internal and external network data exchange equipment matched with one CPU is hundreds of watts, and the volumes of the CPU and the equipment are relatively large.
Disclosure of Invention
The invention aims to solve the problems and provide a distributed data exchange system based on RK3399 Pro;
it is another object of the present invention to provide a distributed data exchange method based on RK3399Pro, which aims at the above problems.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
the utility model provides a distributed data exchange system based on RK3399Pro, includes the front-end server of data exchange, the front-end server of data exchange is connected in outer network server and isolation gatekeeper, isolation gatekeeper is connected in intranet unit, the front-end server of data exchange includes processing unit, processing unit includes distributed processing module, distributed slot module and switch module, distributed processing module includes a plurality of core modules of mutual distributed design, each core module includes AI treater RK3399Pro and connect in AI treater RK3399 Pro's peripheral circuit, distributed slot module includes a plurality of slot units of mutual distributed design, each core module all is connected in one slot unit, switch module connects in isolation gatekeeper and outer network server, and switch module includes the switch mainboard and the network controller who connects in the switch mainboard, the network controller is used for data exchange dispatch, the switch mainboard is connected in a plurality of slot units in order to connect in a plurality of core modules.
In the distributed data exchange system based on RK3399Pro, the peripheral circuit comprises a CPU memory, an NPU memory, a solid state disk interface, a debug port, a Type-c interface, a reset button, a power button and a power system which are connected with the AI processor RK3399 Pro.
In the distributed data exchange system based on RK3399Pro, the peripheral circuit further includes a golden finger interface, the AI processor RK3399Pro is connected to the golden finger interface, and the socket unit includes a PCIE socket for plugging in the golden finger interface.
In the above-mentioned distributed data exchange system based on RK3399Pro, the distributed slot module includes a power interface and a front panel interface connected to each slot unit, and the power interface is a band-ring power interface with a power ring interface, so as to output the power ring to the newly extended slot unit through the power ring interface.
In the above distributed data exchange system based on RK3399Pro, the slot unit includes a network transformer, a power fool-proof and filtering circuit and an LED indicator connected to the PCIE socket, the network transformer is connected with a gigabit network port, the switch module has a plurality of gigabit network ports connected to the switch motherboard, and the gigabit network ports of the slot unit are connected to the gigabit network ports of the switch motherboard one-to-one so as to connect the slot unit to the switch motherboard.
In the distributed data exchange system based on RK3399Pro, one of the core modules connected to the switch motherboard is configured as the network controller; the switch module comprises two megalight ports which are respectively connected to a switch main board, and the switch main board is respectively connected to an isolation gateway and an external network server through the two megalight ports.
In the above distributed data exchange system based on RK3399Pro, the intranet unit includes a data exchange post server and an intranet server which are connected with each other, the isolation gatekeeper is connected to the data exchange post server, and the data exchange post server also includes the processing unit.
In the distributed data exchange system based on RK3399Pro, the external network server comprises an external network data server and an external network file server; the intranet server comprises an intranet data server and an intranet file server;
the data exchange front-end server is connected with the external network server, the data exchange rear-end server is connected with the internal network server, the isolation gatekeeper is connected with the data exchange front-end server and the data exchange rear-end server through network cards, and the transmission protocol is TCP/IP protocol.
A distributed data exchange method based on RK3399Pro is based on the distributed hardware architecture to realize different data exchange modes according to working requirements, and the data exchange modes comprise a proxy mode and an acquisition mode.
In the above distributed data exchange method based on RK3399Pro, the proxy mode comprises the following steps:
agent mode: the method comprises the steps of receiving a network data packet of an external network server, identifying the service type of the network data packet by a network controller, forwarding the network data packet to a designated core module through a switch main board according to a preset rule, processing the received network data packet by the core module, sending the network data packet to an isolation gateway through the switch main board, and sending the network data packet to an internal network server by the isolation gateway to realize data exchange;
the acquisition mode comprises the following steps:
acquisition mode: connecting an external network server, opening a channel from a core module to the external network server by a network controller, reading network data packets by a system, converting target IP and source IP of the network data packets meeting the requirements according to preset rules, and forwarding the network data packets to a designated core module through a switch main board; the core module processes the received network data packet and sends the network data packet to the isolation gateway through the switch main board, and the isolation gateway sends the network data packet to the intranet server to realize data exchange.
The invention has the advantages that: the equipment has the advantages of excellent performance, stable operation, safe data, easy expansion, high cost performance and the like; the ARM-based high-performance low-power-consumption AI processor RK3399Pro is adopted to replace an X86 architecture-based processor in the traditional internal and external network data exchange equipment, and a distributed design method is combined, so that the multi-CPU core module 14 replaces the original single CPU or double CPU main boards, and the characteristics of high performance, low power consumption, high integration, high cost performance and the like of the RK3399Pro are fully exerted, so that the data exchange efficiency of the internal and external network data exchange equipment is greatly improved; the adopted distributed structure has small volume due to the high integration of the AI processor module, and compared with the traditional internal and external network data exchange equipment, the processor with the same equipment distributed design has stronger expandability, and the processing performance is improved by several times to tens times, so that the comprehensive performance of the equipment is greatly improved, but the cost is not increased, but is lower than the original cost.
Drawings
FIG. 1 is a block diagram of a prior art X86-based data exchange system;
FIG. 2 is a block diagram of a data exchange system based on RK3399Pro distributed architecture according to the present invention;
FIG. 3 is a diagram of the hardware architecture of the RK3399Pro based distributed data exchange system of the present invention;
FIG. 4 is a flow chart of the steps of the proxy mode in the method of the present invention;
fig. 5 is a flow chart of the steps of the acquisition mode in the method of the present invention.
Reference numerals: exchanging the front-end server 1; a distributed processing module 11; a distributed slot module 12; a switch module 13; a core module 14; a network controller 15; a switch main board 16; an extranet server 2; an isolation barrier 3; an intranet server 4; and a data exchange post server 5.
Detailed Description
The invention will be described in further detail with reference to the drawings and the detailed description.
The embodiment discloses a distributed data exchange system and an exchange method based on RK3399Pro, wherein RK3399Pro is an ARM-based AI processor which is derived from a core, and the ARM-based AI processor is an AI processor which integrates CPU, GPU, VPU, NPU, PCI-EX4 interfaces and the like into a whole and has high performance and low power consumption. The CPU consists of 64-bit dual-core Cortex-A72 and four-core Cortex-A53 based on ARM, the main frequency is up to 1.8GHz, and the performance reaches the level of a server processor. The Core0-Core3 is a small Core, the Core4-Core5 is a large Core, and certain operations of the CPU can be manually bound on the large Core during design, so that the speed of general operation is improved. For general operation, the CPU of RK3399Pro solidifies some specific operations such as GPU, VPU, NPU in the chip circuit, thus greatly improving the operation speed and reducing the power consumption and the cost. And supporting android, linux and other systems.
Specifically, as shown in fig. 2, the distributed data exchange system based on RK3399Pro of the present embodiment includes a data exchange front-end server 1, where the data exchange front-end server 1 is connected to an external network server 2 and an isolation gateway 3, and the isolation gateway 3 is connected to an internal network unit. The intranet unit comprises a data exchange post-server 5 and an intranet server 4 which are connected with each other, the isolation gatekeeper 3 is connected to the data exchange post-server 5, the data exchange post-server 5 also comprises the processing unit, and a switch main board 16 of the processing unit in the data exchange post-server 5 is connected to the isolation gatekeeper 3 and the intranet server 4.
Specifically, the external network server 2 includes an external network data server and an external network file server; the intranet server 4 comprises an intranet data server and an intranet file server.
Further, here, the data exchange front-end server 1 and the external network server 2, the data exchange rear-end server 5 and the internal network server 4, and the isolation gatekeeper 3 are all connected with the data exchange front-end server 1 and the data exchange rear-end server 5 through network cards, and the transmission protocol is TCP/IP protocol. The isolation gatekeeper 3 mainly adopts an ASIC network control chip or FPGA to carry out single and bidirectional transmission control on data. By configuring the two channels on the isolation barrier 3 to be configured for unidirectional transmission or bidirectional transmission, for example, as unidirectional transmission from an external network to an internal network, unidirectional transmission from an internal network to an external network, or bidirectional transmission between internal and external networks.
In particular, as shown in fig. 3, the data exchange front-end server 1 includes a processing unit including a distributed processing module 11, a distributed slot module 12, and a switch module 13.
The distributed processing module 11 comprises a plurality of core modules 14 to 6 which are distributed with each other, and each core module 14 comprises an AI processor RK3399Pro and peripheral circuits connected with the AI processor RK3399 Pro. Specifically, the peripheral circuit comprises a CPU memory, an NPU memory, a solid state disk interface, a debugging port, a Type-c interface, a reset button, a power system, a golden finger interface and the like which are connected with the AI processor RK3399 Pro.
1.1 wherein the CPU memory comprises two LPDDR3 respectively connected to the AI processor RK3399Pro, the NPU memory is one LPDDR3 connected to the AI processor RK3399Pro, the LPDDR3 is one type of DDR SDRAM, compared with the prior DDR3, the CPU memory has the characteristics of low power consumption and small volume, and is very suitable for being used in distributed processing equipment.
The memory 1.2 is an eMMC Nand Flash memory, the eMMC is an embedded memory, the eMMC is used for storing an operating system code in the design, the eMMC integrates a controller in the package thereof, provides a standard interface and manages the memory, can effectively simplify the design of the product memory, accelerates the development speed of the product, and is also very suitable for being used in the distributed internal and external network data exchange device of the embodiment.
1.3 solid state disk interface is M.2 interface, M.2 interface is new generation host interface standard to replace original mSATA interface. The M.2 is far superior to mSATA in both smaller and smaller specification and size and higher transmission performance, and the CPU in the design supports the M.2PCIEX4 interface, so that the device is suitable for high-speed data storage.
1.4 debugging port is UART debugging port, mainly used for system debugging, for example: system configuration, network configuration, etc.;
and the 1.5Type-c interface is used for copying in and copying out system data, burning system codes, upgrading and other operations.
1.6 reset button for the core module 14 reset operation.
1.7 power button, core module 14 is designed to power on self-starting, also can carry out core module 14 shutdown, start operation through this power button.
1.8 power supply system, which converts the input DC12V power to the power required by the various circuits of the core module 14.
The 1.9 golden finger can be a PCIEX8 golden finger interface, and is inserted with a PCIE socket of the slot unit to realize the transmission of signals such as power supply, network, LED indicator light signals, reset and the like, and the configuration of the transverse and longitudinal distribution modules can be carried out according to different data traffic scenes so as to meet different requirements.
Accordingly, the distributed slot module 12 includes a plurality of slot units (1), (2), (3), (4), (5), (6) distributed among each other, and a power interface and a front panel interface connected to each slot unit, and each core module 14 is connected to one slot unit.
Specifically, each slot unit comprises a PCIE socket, a network transformer, a power fool-proof and filtering circuit and an LED indicator lamp, wherein the network transformer, the power fool-proof and filtering circuit and the LED indicator lamp are connected to the PCIE socket, and the network transformer is connected with a gigabit network port.
2.1PCIE socket and PCIEX8 golden finger are inserted to realize the transmission of signals such as power, network, LED pilot lamp signal, reset. The configuration of the transverse and longitudinal distribution modules can be carried out according to different data traffic scenes so as to meet different requirements. The invention can be expanded from 1 CPU module to 32 or more modules, which is equivalent to that a plurality of or even tens of CPU processing systems in one device are working, thereby greatly improving the data exchange efficiency.
2.2 network transformer and gigabit net gape, realize sending into network transformer gigabit network differential signal through ESD antistatic protection circuit, carry out differential mode signal transmission, electrical isolation, impedance match, waveform repair, signal clutter suppression after, external connection through RJ45 interface.
2.3LED pilot lamp mainly used core module 14 power supply, system operation etc. instruct.
2.4 the power fool-proofing and filtering circuit performs polarity reverse connection prevention protection, overcurrent protection, overvoltage protection and power filtering on the input DC12V power supply. Ensuring correct polarity and quality of the power supply.
2.5 device front panel interface, mainly connect the signals of power indication, system operation indication, reset, etc. of each slot unit corresponding to the core module 14 to the device front panel.
And 2.6, the power supply interface is used for connecting the output interface of the switch power supply and providing power for each slot position module and the front panel of the slot. In addition, the power interface of the present embodiment is a band-loop power interface with a band-loop interface, so as to output the power loop to a newly extended slot unit through the power loop interface, for example: if a slot unit is to be expanded in the device to increase the performance of the data exchange process, the power supply of the newly expanded slot unit can be connected through the power supply loop interface of the previous slot unit.
Correspondingly, the switch module 13 includes a switch motherboard 16, a network controller 15 connected to the switch motherboard 16, a plurality of gigabit ports and two gigabit ports, the network controller 15 is used for data exchange scheduling, the gigabit ports of the slot units are connected to the gigabit ports of the switch motherboard 16 one to one so as to connect the slot units to the switch motherboard 16, and then the switch motherboard 16 is connected to the plurality of core modules 14 through the gigabit ports to realize expansion of the core modules 14, and the switch module 13 is connected to the isolation gatekeeper 3 and the external network server 2 through the two gigabit ports respectively.
The network controller 15 adopts an ARM or X86 motherboard, and mainly realizes the proxy or collection scheduling function in the data exchange process, and is divided into a plurality of modes, such as a proxy mode and a collection mode, during working. The network controller 15 is connected with the front-end servers such as data and files through a multi-megaoptical port, passively receives or actively collects data, dispatches network data packets to the core module 14 through the switch main board 16 according to rules, and the core module 14 can perform security audit or does not process the data and directly uploads the data to the isolation gatekeeper 3 through the switch main board 16.
Preferably, one of the core modules 14 connected to the switch motherboard 16 is configured as the network controller 15; at this time, the network controller 15 is connected to the switch board 16 through a slot unit and gigabit network, and the switch board 16 is connected to the isolation gatekeeper 3 and the external network server 2 through two gigabit ports, respectively.
In addition, the switch module 13 further includes a device front panel, a device power supply, and the like, which are connected to the switch motherboard 16, and the device front panel is mainly used for indicating the operation and network conditions of each core module 14, the conditions of each port of the switch motherboard 16, and the start and reset control of each device module.
The embodiment adopts distributed multi-data exchange mode software to carry out different data exchange modes according to working requirements, and the data exchange modes comprise a proxy mode and an acquisition mode. The network controller 15 in the system distributes network data packets to the corresponding core modules 14 via the switch board 16 according to the data switching rules. Then, a large number of distributed core modules 14 are used for completing the tasks of receiving, processing, uploading and the like so as to solve the bottleneck of high consumption of the single CPU of the original system and greatly improve the data exchange efficiency of the single system. The hardware aspect adopts a plurality of ARM-based high-performance low-power AI processors RK3399Pro to replace processors based on X86 architecture in the traditional internal and external network data exchange system, and combines the distributed design and the software implementation method, thereby greatly improving the data exchange efficiency of the internal and external network data exchange system.
As shown in fig. 4, the proxy mode includes the following methods:
agent mode: the system receives network data packets of an external network data server through a megalight port, a network controller 15 identifies the service type of the network data packets, then forwards the network data packets to a designated core module 14 through a switch main board 16 according to preset rules, the core module 14 analyzes and processes the received network data packets, such as security audit and the like, and sends the received network data packets to an isolation gateway 3 through the switch main board 16, and the isolation gateway 3 adopts special hardware isolation and private protocol transmission and then sends the network data packets to an intranet server 4 to realize data exchange.
As shown in fig. 5, the acquisition mode includes the following methods:
acquisition mode: the system is connected with an external network file server through a multi-megaoptical port, a network controller 15 opens a channel from a core module 14 to the external network file server, reads network data packets, converts the network data packets meeting the requirements according to preset rules into target IP and source IP, and forwards the network data packets to a designated core module 14 through a switch main board 16; the core module 14 analyzes and processes the received network data packet such as security audit and the like, and sends the network data packet to the isolation gatekeeper 3 through the switch main board 16, and the isolation gatekeeper 3 adopts special hardware isolation and private protocol transmission and then sends the network data packet to the intranet file server to realize data exchange.
The invention combines the distributed multi-data exchange mode software implementation method, the core module 14, the distributed slot module 12, the network controller 15 and the switch main board 16 by adopting the distributed multi-data exchange mode software implementation method and combining the idea of a new hardware technical architecture. The method fully utilizes the characteristics of high efficiency, flexible expansibility and multiple modes of the distributed multi-data exchange mode method, combines the characteristics of high performance, low power consumption, high integration, high cost performance, minimized fault influence and the like of a new hardware architecture, and effectively improves the overall performance of single-system data exchange processing.
The distributed multi-data exchange mode software implementation method of the invention realizes the data exchange function through the network controller 15, the switch main board 16, the core module 14 and the like, and can flexibly realize various working modes such as a proxy mode and an acquisition mode. Not only can realize a plurality of data exchange methods, but also improves the data exchange efficiency.
The AI processor RK3399Pro adopted by the invention is a 6-core 64-bit processor based on ARM, the main frequency is as high as 1.8GHz, and the comprehensive performance of the AI processor is close to the CPU of the server under the condition of relatively fixed work tasks. However, the volume, the power consumption and the peripheral cost are much lower than those of the traditional X86CPU, and only one or two CPUs are carried on one main board in the traditional standard server. Such as: may be distributed in 8, 16, 24 or more modules. The comprehensive performance of the equipment is greatly improved, but the cost is not increased, and particularly, the number of middle and small paths is rather lower than the original cost.
The invention organically combines the distributed multi-data exchange mode software implementation method, the RK3399Pro core module 14, the slot unit, the network controller 15 and the switch by adopting the distributed multi-data exchange mode software implementation method and combining the idea of a new hardware technical architecture. The method fully utilizes the characteristics of high efficiency, flexible expansibility and multiple modes of the distributed multi-data exchange mode method, combines the characteristics of high performance, low power consumption, high integration, high cost performance, minimized fault influence and the like of a new hardware architecture, and effectively improves the overall performance of single-system data exchange processing.
The system has the advantages in various aspects compared with the prior art:
in the aspect of working environment, the RK3399Pro adopted by the invention has lower power consumption, is not easily influenced by environment, particularly environmental temperature, and is better than the prior traditional scheme in the aspects of long-time working stability and easy maintenance.
In the aspect of fault influence, the distributed structure adopted by the invention is particularly suitable for the environment with multiple tasks and concurrency such as data exchange, audit and the like, and when in operation, the distributed core module 14 can simultaneously perform the work of a plurality of data exchange links, and can realize a plurality of different data exchange modes by combining with a software implementation method. The operation of the whole equipment is not affected in case of failure of a module in the system operation. However, in the traditional data exchange single-CPU or double-CPU equipment, a standby machine needs to be started once a certain CPU fails, otherwise, the internal and external network data exchange equipment is paralyzed or the performance is greatly reduced.
The data security, the CPU module adopts a highly integrated mode, the system and the data are stored in Flash, and the external part cannot directly copy the internal data. The traditional equipment system and data generally exist in a hard disk, and the difficulty of illegal copying is reduced due to the universal interface.
In the aspect of single-equipment performance expansion, the distributed structure adopted by the invention has small volume due to the high integration of the AI processor module, and compared with the traditional large-data internal and external network data exchange equipment, the distributed-design internal and external network data exchange equipment has stronger expandability under the condition of the same capacity chassis, and the traditional data exchange equipment can only upgrade processing performance by the methods of upgrading the same series of CPU, increasing memory and the like, but has limited upgrade space. The invention adopts a high-integration distributed design, so that the single-device expansion capability is very strong, such as: can be extended from 1 CPU module to 32 or more modules, and the processing performance will be several times to tens of times higher.
The ARM processor has the cost which is a fraction of that of the X86 architecture server processor in terms of cost and power consumption, and the peripheral cost and the main board cost of the ARM processor are far lower than those of the X86 processor. In addition, the power consumption is always a special feature of the ARM processor, and the power consumption of a few watts is much lower than that of an X86 processor of seventy-eight watts.
By using the methods in the system, the data exchange rate, data safety, stability, integration level, performance expansion capability, cost performance, easy maintenance and the like of a single system are all improved.
The specific embodiments described herein are offered by way of example only to illustrate the spirit of the invention. Those skilled in the art may make various modifications or additions to the described embodiments or substitutions in a similar manner without departing from the spirit of the invention or exceeding the scope of the invention as defined in the accompanying claims, the connection of the invention being either direct or indirect.
Although the switching front-end server 1 is used more herein; a distributed processing module 11; a distributed slot module 12; a switch module 13; a core module 14; a network controller 15; a switch main board 16; an extranet server 2; an isolation barrier 3; an intranet server 4; the term data exchange post server 5 etc. does not exclude the possibility of using other terms. These terms are used merely for convenience in describing and explaining the nature of the invention; they are to be interpreted as any additional limitation that is not inconsistent with the spirit of the present invention.
Claims (9)
1. A distributed data exchange system based on RK3399Pro, comprising a data exchange front-end server (1), the data exchange front-end server (1) being connected to an external network server (2) and an isolated network gate (3), the isolated network gate (3) being connected to an internal network unit, characterized in that the data exchange front-end server (1) comprises a processing unit comprising a distributed processing module (11), a distributed slot module (12) and a switch module (13), the distributed processing module (11) comprising a plurality of core modules (14) of distributed design with respect to each other, each core module (14) comprising an AI processor RK3399Pro and peripheral circuits connected to the AI processor RK3399Pro, the distributed slot module (12) comprising a plurality of slot units of distributed design with respect to each other, each core module (14) being connected to one slot unit, the switch module (13) being connected to the isolated network gate (3) and the external network server (2), and the switch module (13) comprising a plurality of core modules (14) of distributed design with respect to each other, each core module (14) comprising a plurality of peripheral circuits connected to the switch module (16) and a plurality of host board modules (16) for controlling the network (15);
-wherein a core module (14) connected to a switch motherboard (16) is configured as the network controller (15);
the switch module (13) comprises two megalight ports which are respectively connected with the switch main board (16), and the switch main board (16) is respectively connected with the isolation gateway (3) and the external network server (2) through the two megalight ports.
2. The RK3399 Pro-based distributed data exchange system of claim 1, wherein the peripheral circuitry comprises CPU memory, NPU memory, solid state disk interface, debug port, type-c interface, reset button, power button, and power system connected to the AI processor RK3399 Pro.
3. The RK3399 Pro-based distributed data exchange system of claim 2 wherein the peripheral circuitry further comprises a golden finger interface to which the AI processor RK3399Pro is connected, each socket unit comprising a PCIE socket for plugging in the golden finger interface.
4. The RK3399 Pro-based distributed data exchange system of claim 3 wherein the distributed slot modules (12) include power interfaces and front panel interfaces connected to each slot unit, and the power interfaces are looped power interfaces with power looped interfaces to output power looped connections to newly expanded slot units through the power looped interfaces.
5. The RK3399 Pro-based distributed data switching system of claim 4 wherein the slot units comprise a network transformer, a power fool-proof and filtering circuit and LED indicator lights connected to the PCIE jack, the network transformer connected with a gigabit port, the switch module (13) having a plurality of gigabit ports connected to the switch motherboard (16), the gigabit ports of the slot units connected one-to-one to the gigabit ports of the switch motherboard (16) to connect the slot units to the switch motherboard (16).
6. The RK3399 Pro-based distributed data exchange system according to any one of claims 1-5, wherein the intranet unit comprises an inter-connected data exchange post server (5) and intranet server (4), wherein the isolating gatekeeper (3) is connected to the data exchange post server (5), and wherein the data exchange post server (5) also comprises the processing unit.
7. The RK3399 Pro-based distributed data exchange system of claim 6, wherein the extranet server (2) comprises an extranet data server and an extranet file server; the intranet server (4) comprises an intranet data server and an intranet file server;
the data exchange front-end server (1) is connected with the external network server (2), the data exchange rear-end server (5) is connected with the internal network server (4), the isolation gatekeeper (3) is connected with the data exchange front-end server (1) and the data exchange rear-end server (5) through network cards, and the transmission protocol is TCP/IP protocol.
8. A distributed data exchange method based on RK3399Pro, wherein different data exchange modes are implemented according to working requirements based on the distributed data exchange system according to any one of claims 1 to 7, and the data exchange modes include a proxy mode and an acquisition mode.
9. The RK3399 Pro-based distributed data exchange method of claim 8, wherein said proxy mode comprises the following methods:
agent mode: the method comprises the steps of receiving a network data packet of an external network server (2), identifying the service type of the network data packet by a network controller (15), forwarding the network data packet to a designated core module (14) through a switch main board (16) according to a preset rule, processing the received network data packet by the core module (14), sending the network data packet to an isolation gateway (3) through the switch main board (16), and sending the network data packet to an intranet server (4) by the isolation gateway (3) to realize data exchange;
the acquisition mode comprises the following steps:
acquisition mode: connecting an external network server (2), opening a channel from a core module (14) to the external network server (2) by a network controller (15), reading network data packets by a system, converting target IP and source IP of the network data packets meeting the requirements according to preset rules, and forwarding the network data packets to a designated core module (14) through a switch main board (16); the core module (14) processes the received network data packet and sends the network data packet to the isolation gateway (3) through the switch main board (16), and the isolation gateway (3) sends the network data packet to the intranet server (4) to realize data exchange.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911100289.3A CN111104458B (en) | 2019-11-12 | 2019-11-12 | Distributed data exchange system and method based on RK3399Pro |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911100289.3A CN111104458B (en) | 2019-11-12 | 2019-11-12 | Distributed data exchange system and method based on RK3399Pro |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111104458A CN111104458A (en) | 2020-05-05 |
| CN111104458B true CN111104458B (en) | 2024-04-05 |
Family
ID=70420637
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911100289.3A Active CN111104458B (en) | 2019-11-12 | 2019-11-12 | Distributed data exchange system and method based on RK3399Pro |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111104458B (en) |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| IL115967A0 (en) * | 1995-11-12 | 1996-01-31 | Phonet Communication Ltd | Network based distributed pbx system |
| CA2293920A1 (en) * | 1999-12-31 | 2001-06-30 | Nortel Networks Corporation | Global distributed switch |
| CN2638341Y (en) * | 2003-07-14 | 2004-09-01 | 北京京泰网络科技有限公司 | Jingtai safety isolation and information exchange network gate |
| CN2785015Y (en) * | 2005-02-03 | 2006-05-31 | 张职亮 | Network safe system based on NC system |
| CN104486336A (en) * | 2014-12-12 | 2015-04-01 | 冶金自动化研究设计院 | Device for safely isolating and exchanging industrial control networks |
| CN104767752A (en) * | 2015-04-07 | 2015-07-08 | 西安汇景倬元信息技术有限公司 | Distributed network isolating system and method |
| CN205304860U (en) * | 2016-01-13 | 2016-06-08 | 北京安信极联信息科技有限公司 | Safe data interchange machine system that uses |
| CN205510103U (en) * | 2015-11-03 | 2016-08-24 | 深圳市华傲数据技术有限公司 | E -government affair system secure network architecture |
| CN207198901U (en) * | 2017-08-04 | 2018-04-06 | 王宝红 | Science and technology item data distribution formula management system based on tertiary-structure network |
| CN207424873U (en) * | 2017-11-22 | 2018-05-29 | 湖南新云网科技有限公司 | network physical isolation computer and system |
| CN108234523A (en) * | 2018-03-08 | 2018-06-29 | 江苏省广播电视总台 | A kind of multi-level intranet and extranet data interaction system applied to TV station |
| RU2684476C1 (en) * | 2018-07-05 | 2019-04-09 | Общество с ограниченной ответственностью "ИНСАЙТ - Менеджмент" | ENERGY CONSUMPTION GLOBAL CONTROL CENTER BASED ON IoT TECHNOLOGY |
| CN208924334U (en) * | 2018-06-22 | 2019-05-31 | 维库(厦门)信息技术有限公司 | A kind of deep learning visual sensor based on AI processing unit |
| CN109936532A (en) * | 2017-12-17 | 2019-06-25 | 陕西合度电子信息科技有限公司 | A kind of data bus transmission security protection system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10855766B2 (en) * | 2017-09-28 | 2020-12-01 | Intel Corporation | Networking switch with object storage system intelligence |
-
2019
- 2019-11-12 CN CN201911100289.3A patent/CN111104458B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| IL115967A0 (en) * | 1995-11-12 | 1996-01-31 | Phonet Communication Ltd | Network based distributed pbx system |
| CA2293920A1 (en) * | 1999-12-31 | 2001-06-30 | Nortel Networks Corporation | Global distributed switch |
| CN2638341Y (en) * | 2003-07-14 | 2004-09-01 | 北京京泰网络科技有限公司 | Jingtai safety isolation and information exchange network gate |
| CN2785015Y (en) * | 2005-02-03 | 2006-05-31 | 张职亮 | Network safe system based on NC system |
| CN104486336A (en) * | 2014-12-12 | 2015-04-01 | 冶金自动化研究设计院 | Device for safely isolating and exchanging industrial control networks |
| CN104767752A (en) * | 2015-04-07 | 2015-07-08 | 西安汇景倬元信息技术有限公司 | Distributed network isolating system and method |
| CN205510103U (en) * | 2015-11-03 | 2016-08-24 | 深圳市华傲数据技术有限公司 | E -government affair system secure network architecture |
| CN205304860U (en) * | 2016-01-13 | 2016-06-08 | 北京安信极联信息科技有限公司 | Safe data interchange machine system that uses |
| CN207198901U (en) * | 2017-08-04 | 2018-04-06 | 王宝红 | Science and technology item data distribution formula management system based on tertiary-structure network |
| CN207424873U (en) * | 2017-11-22 | 2018-05-29 | 湖南新云网科技有限公司 | network physical isolation computer and system |
| CN109936532A (en) * | 2017-12-17 | 2019-06-25 | 陕西合度电子信息科技有限公司 | A kind of data bus transmission security protection system |
| CN108234523A (en) * | 2018-03-08 | 2018-06-29 | 江苏省广播电视总台 | A kind of multi-level intranet and extranet data interaction system applied to TV station |
| CN208924334U (en) * | 2018-06-22 | 2019-05-31 | 维库(厦门)信息技术有限公司 | A kind of deep learning visual sensor based on AI processing unit |
| RU2684476C1 (en) * | 2018-07-05 | 2019-04-09 | Общество с ограниченной ответственностью "ИНСАЙТ - Менеджмент" | ENERGY CONSUMPTION GLOBAL CONTROL CENTER BASED ON IoT TECHNOLOGY |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111104458A (en) | 2020-05-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101502610B1 (en) | 50 Gb/s ETHERNET USING SERIALIZER/DESERIALIZER LANES | |
| DE112017005002T5 (en) | CONNECTING PHYSICAL LAYER INTERFACE ADAPTER | |
| US11372787B2 (en) | Unified address space for multiple links | |
| US9558148B2 (en) | Method to optimize network data flows within a constrained system | |
| US20140188996A1 (en) | Raw fabric interface for server system with virtualized interfaces | |
| CN106462114A (en) | Power handling in a scalable storage system | |
| US20100312942A1 (en) | Redundant and Fault Tolerant control of an I/O Enclosure by Multiple Hosts | |
| CN108388532A (en) | The AI operations that configurable hardware calculates power accelerate board and its processing method, server | |
| DE112013003248T5 (en) | Controlling a physical connection from a first protocol using an extended functional structure of a second protocol | |
| CN108345555B (en) | Interface bridge circuit based on high-speed serial communication and method thereof | |
| US9100348B2 (en) | Managing sideband routers in on-die system fabric | |
| CN104123194A (en) | Communication structure and method for kernel mode and user mode | |
| DE112017004963T5 (en) | TENSION-MODULATED CONTROL LANE | |
| WO2018209513A1 (en) | Hard drive operation method and hard drive manager | |
| JP2013084266A (en) | Server and serial interface switching circuit thereof | |
| CN105763488A (en) | Data center gathering core switcher and backboard thereof | |
| CN111104458B (en) | Distributed data exchange system and method based on RK3399Pro | |
| CN210693958U (en) | Distributed data exchange equipment based on RK3399Pro | |
| CN104933001A (en) | Double-controller data communication method based on RapidIO technology | |
| CN110855581A (en) | Domestic exchange blade device suitable for VPX framework 40G and SRIO multiplexing | |
| Otani et al. | Peach: A multicore communication system on chip with PCI Express | |
| WO2018099241A1 (en) | Disk array controller, and data processing method and device thereof | |
| CN104951374A (en) | Multi-kernel processing device based on multiple operating systems | |
| Boyang | Research and Implementation of XDMA High Speed Data Transmission IP Core Based on PCI Express and FPGA | |
| CN115237830A (en) | VPX management control arbitration device and method based on Loongson 2K |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |