CN112217670A - Network device and message processing method thereof - Google Patents

Network device and message processing method thereof Download PDF

Info

Publication number
CN112217670A
CN112217670A CN202011055677.7A CN202011055677A CN112217670A CN 112217670 A CN112217670 A CN 112217670A CN 202011055677 A CN202011055677 A CN 202011055677A CN 112217670 A CN112217670 A CN 112217670A
Authority
CN
China
Prior art keywords
cpu
snmp
slave
address
slave cpu
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011055677.7A
Other languages
Chinese (zh)
Inventor
王小军
薛兆井
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Armyfly Technology Co Ltd
Original Assignee
Beijing Armyfly Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Armyfly Technology Co Ltd filed Critical Beijing Armyfly Technology Co Ltd
Priority to CN202011055677.7A priority Critical patent/CN112217670A/en
Publication of CN112217670A publication Critical patent/CN112217670A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/66Layer 2 routing, e.g. in Ethernet based MAN's
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/356Switches specially adapted for specific applications for storage area networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The embodiment of the invention discloses network equipment and a message processing method of the network equipment. The network device includes: the system comprises a main CPU, a two-layer switch and at least one slave CPU; wherein the master CPU is connected with the at least one slave CPU through the two-layer switch; the main CPU is used for realizing the main service of the network equipment; each slave CPU is used for realizing one or more auxiliary services of the network equipment; the two-layer switch is used for realizing the communication of the SNMP messages among the CPUs. The technical scheme reduces the workload of the main CPU and the processing amount of the SNMP message, and makes the network equipment CPU more convenient to maintain.

Description

Network device and message processing method thereof
Technical Field
The embodiment of the invention relates to the technical field of network communication, in particular to network equipment and a message processing method of the network equipment.
Background
SNMP (Simple network Management Protocol) is an application layer Protocol of a TCP/IP (Transmission Control Protocol/Internet Protocol) Protocol cluster, works on a UDP (User Datagram Protocol) port 161, and is specially designed for IP network Management, such as a network device server, a workstation, a router, a switch, a HUB, and the like. Using SNMP, a management workstation can remotely manage all network devices supporting this protocol, including monitoring network status, modifying network device configuration, receiving network event alerts, etc. Therefore, support of the SNMP protocol is a basic requirement for network equipment vendors at present.
In a conventional implementation manner, all network nodes of the device, such as basic RFC1213, RFC1215, etc., are implemented on a main CPU on the network device, and each manufacturer may create a private node of its own device under its own enterprise number node for extended management. Because the Management node of the SNMP depends on the related hardware device to a large extent, and the software on the main CPU implements these MIB (Management Information Base) nodes according to the device characteristics, the MIB implementation of the device is closely related to the main CPU.
Fig. 1 shows a structure diagram of a network security device, which employs 2 CPUs, wherein a main CPU is connected to a service module, such as a security chip and a switching chip, collects information of some secondary sensors, such as voltage and temperature, from the CPUs, and sends the collected information to the main CPU through a UART (Universal Asynchronous Receiver/Transmitter) communication mode or other communication modes, and the main CPU is also an MIB realization CPU of an SNMP, so that a security MIB, a switching MIB, and a sensor MIB can be realized. Fig. 2 also shows a structure diagram of a network security device, in which a slave CPU is removed, and information collection of all sensors is implemented on the master CPU to realize centralized management.
However, the two network device implementations described above each have advantages and disadvantages: the network security device shown in fig. 1 disperses the sensors to each slave CPU for collection, which can reduce the complexity of the interface of the master CPU, but in the SNMP access scenario, the master CPU not only needs to process the SNMP message pointing to itself, but also needs to process the SNMP message pointing to the slave CPU, and the SNMP message throughput is large; as shown in fig. 2, the network security device collects all sensor information in the main CPU, which avoids the SNMP messaging problem in the SNMP access scenario, but increases the interface complexity and workload of the main CPU.
Disclosure of Invention
The embodiment of the invention provides a network device and a message processing method thereof, which are used for reducing the workload of a main CPU, the processing amount of an SNMP message and the maintenance complexity of the CPU of the network device at the same time in an SNMP access scene.
In a first aspect, an embodiment of the present invention provides a network device, including: the system comprises a main CPU, a two-layer switch and at least one slave CPU; wherein the content of the first and second substances,
the main CPU is connected with the at least one slave CPU through the two-layer switch;
the main CPU is used for realizing the main service of the network equipment;
each slave CPU is used for realizing one or more auxiliary services of the network equipment;
the two-layer switch is used for realizing the communication of the SNMP messages among the CPUs.
In a second aspect, an embodiment of the present invention further provides a method for processing a packet by a network device, where the method is applied to the network device according to the first aspect, and includes:
after receiving an SNMP target message through a main CPU, when an access node is determined to be a slave CPU through the main CPU, forwarding the SNMP target message to the slave CPU through a two-layer switch;
after the slave CPU processes the SNMP target message, the SNMP response message is returned to the master CPU through the two-layer switch;
and sending the SNMP response message to a management network through an external management network port by the main CPU.
In the embodiment of the invention, the network equipment comprises a main CPU for realizing the main service of the network equipment, a two-layer switch and at least one slave CPU for realizing the auxiliary service, and in an SNMP access scene, an SNMP message can be transmitted between the main CPU and the slave CPU through the two-layer switch. In the technical scheme, the equipment management information is modularized and dispersed through the slave CPU, the interface complexity and the workload of the master CPU are reduced, and the performance of the master CPU is improved. Meanwhile, due to the fact that the CPUs are connected through the two-layer switch, each CPU is responsible for part of information independently, and independent maintenance of each CPU is facilitated.
Drawings
Fig. 1 is a schematic structural diagram of a network security device in the prior art;
fig. 2 is a schematic structural diagram of a network security device in the prior art;
fig. 3 is a schematic structural diagram of a network device in a first embodiment of the present invention;
fig. 4 is a MIB node tree diagram of a network device in a first embodiment of the present invention;
fig. 5 is a flowchart of a message processing method of a network device in the second embodiment of the present invention;
fig. 6 is a flowchart of a message processing method of a network device in the second embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the operations (or steps) as a sequential process, many of the operations can be performed in parallel, concurrently or simultaneously. In addition, the order of the operations may be re-arranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
Example one
Fig. 3 is a schematic structural diagram of a network device according to an embodiment of the present invention. The network device, which may be, for example, a network security device, may be adapted for use in an SNMP access scenario. As shown in fig. 3, the network device 1 provided in the present embodiment includes: a master CPU 10, a layer two switch 20, and at least one slave CPU 30 (three slave CPUs are illustrated in fig. 3 as an example); the master CPU 10 is connected to at least one slave CPU 30 through the two-layer switch 20.
The main CPU 10 is used to implement the main service of the network device 1, and for example, the main CPU may be a switching chip connected to the switching chip through PCIE (Peripheral Component Interconnect Express) for implementing the main service of the network device.
Each slave CPU 30 is configured to implement one or more auxiliary services of the network device 1, such as a security processing function, a sensor information collection function, and the like. As shown in fig. 3, the master CPU 10 is connected to three slave CPUs 30 through the two-layer switch 20, wherein one slave CPU 30 is connected to the secure chip through PCIE for implementing the secure processing function, one slave CPU 30 is connected to the sensor through an I2C (Inter-Integrated Circuit) bus for implementing the acquisition function of the sensor information, and illustratively, the other slave CPU 30 is connected to other chips or devices for implementing corresponding other functions.
The slave CPU included in the network device provided in this embodiment may also be a single chip.
The two-layer switch 20 is used for realizing the communication of the SNMP message among the CPUs. For example, the main CPU may forward the received SNMP message to the CPU through the two-layer switch, and only needs to modify the source IP address, the source MAC (Media Access Control) address, the destination IP address, and the destination MAC address of the received SNMP message correspondingly.
After receiving the SNMP target message pointing to the network equipment, the main CPU can directly return local SNMP node information if determining that the access node of the SNMP target message is the self-access node, and if determining that the access node of the SNMP target message is a certain slave CPU, the main CPU forwards the SNMP target message to the slave CPU through a two-layer switch, and if determining that the access node of the SNMP target message does not belong to the network equipment where the access node of the SNMP target message is located, the main CPU can directly feed back SNMP error message prompt information.
In the embodiment of the invention, the network equipment comprises a main CPU for realizing the main service of the network equipment, a two-layer switch and at least one slave CPU for realizing the auxiliary service, and in an SNMP access scene, an SNMP message can be transmitted between the main CPU and the slave CPU through the two-layer switch.
The difference between the prior art and the technical scheme of the present application is that, in the network device shown in fig. 1, after receiving an SNMP target packet directed to the network device, a main CPU parses the SNMP target packet, determines whether information required in response to the SNMP target packet needs to be acquired by itself (the main CPU) or by a slave CPU, if the information is required to be acquired by itself, the main CPU generates an SNMP response packet according to the information acquired by itself and transmits the SNMP response packet to a management network, and if the information is required to be acquired by the slave CPU, the main CPU transmits a related instruction to the slave CPU through a Uart communication mode or other communication modes and receives acquisition information fed back by the slave CPU, and then generates an SNMP response packet according to the acquisition information fed back by the slave CPU through the Uart communication mode or other communication modes and transmits the SNMP response packet to the management network.
In the technical scheme, the device management information is modularized and decentralized through the slave CPU, the interface complexity and the workload of the master CPU are reduced, the performance of the master CPU is improved, the master CPU can transmit the SNMP message to the slave CPU based on the two-layer switch, so that the slave CPU processes the SNMP message pointing to the slave CPU, the master CPU only needs to analyze and respond to the SNMP message pointing to the slave CPU, and does not need to analyze the SNMP message pointing to the slave CPU and assemble the SNMP response message according to the feedback information of the slave CPU, the processing amount of the SNMP message of the master CPU is reduced, and the performance of the master CPU is improved. Meanwhile, in view of the fact that a plurality of CPUs (including a main CPU and a slave CPU) are connected through a two-layer switch, each CPU is independently responsible for part of information, and is more convenient to independently maintain each CPU, if a certain CPU or an operating system on a certain CPU needs to be replaced, other CPUs do not need to be changed, and the replaced CPU is directly developed, so that the adaptability of the network equipment to the CPU and the CPU operating system is improved, and particularly in a scene that the CPU and the CPU operating system are frequently replaced in the military industry.
Specifically, when the master CPU determines that the access node of the SNMP target packet is a slave CPU, the master CPU modifies the destination IP address and the destination MAC address of the SNMP target packet into the IP address and the MAC address of the slave CPU, modifies the source IP address and the source MAC address of the SNMP target packet into the IP address and the MAC address of the master CPU, and then forwards the modified SNMP target packet to the slave CPU through the two-layer switch.
After the slave CPU processes the received SNMP target message, the SNMP response message is returned to the master CPU through the two-layer switch. At this time, the source IP address and the source MAC address of the SNMP response packet are the IP address and the MAC address of the slave CPU, and the destination IP address and the destination MAC address of the SNMP response packet are the IP address and the MAC address of the master CPU.
And after receiving the SNMP response message sent by the slave CPU, the master CPU sends the SNMP response message to the management network through the external management network interface. Before sending the SNMP response message to a management network through an external management network interface, the main CPU modifies a source IP address and a source MAC address of the SNMP response message to an original destination IP address and an original destination MAC address of the received SNMP target message, that is, modifies the source IP address and the source MAC address of the SNMP response message to an IP address and an MAC address of the network device where the SNMP response message is located, and modifies the destination IP address and the destination MAC address of the SNMP response message to the original source IP address and the original source MAC address of the received SNMP target message, that is, modifies the destination IP address and the destination MAC address of the SNMP response message to the IP address and the MAC address of the network device sending the SNMP target message.
In the technical scheme, the SNMP message is transparently processed, so that each CPU directly processes the SNMP message. Each slave CPU directly faces the UDP 161 port when processing the SNMP message, so that it is not known for each slave CPU whether the SNMP message is forwarded from the external network or the master CPU, which is beneficial to standardizing the SNMP module.
Alternatively, as shown in fig. 3, the slave CPU 30 includes a configuration pin 31, and the configuration pin 31 is used to determine an identity number (ID number) of the slave CPU 30. The ID number of the slave CPU can be set by setting the configuration pin on the slave CPU, for example, the configuration pin of the slave CPU that implements the security function is set so that the value of the configuration pin is 4, that is, the ID number of the slave CPU is 4.
Optionally, the identity number of the slave CPU is used to determine an OID (Object Identifier) implemented by the MIB node, and may specifically be used to determine a last number of the OID implemented by the MIB node corresponding to the slave CPU, where a plurality of previous numbers (which may be preset) of the OID are the same. For example, if the ID number of the slave CPU that implements the security function is 4, the last data of the OID implemented by the MIB node corresponding to the slave CPU is 4.
In an example, it is assumed that the network device provided in the embodiment of the present application includes a master CPU and three slave CPUs connected through a two-layer switch, where the three slave CPUs are divided into a slave CPU that implements sensor information acquisition, a slave CPU that implements a security function, and a slave CPU that implements other functions. The MIB node tree of the network device may be as shown in fig. 4, where four MIB nodes, namely, kylandgene, kylandProducts, kylandtracks, and kylandgateways, respectively correspond to a slave CPU and a master CPU that implement sensor information acquisition, a slave CPU that implements other functions, and a slave CPU that implements a security function, and the OIDs that each MIB node correspondingly implements may be as shown in the following table.
TABLE 1
MIB node name OID
kylandAgent 1.3.6.1.4.1.26067.1
kylandProducts 1.3.6.1.4.1.26067.2
kylandTraps 1.3.6.1.4.1.26067.3
kylandAgates 1.3.6.1.4.1.26067.4
If the ID number of the CPU can indicate the last data of the OID implemented by the MIB node corresponding to the CPU, the ID number of the slave CPU that implements sensor information acquisition is 1, the ID number of the master CPU is 2, the ID number of the slave CPU that implements other functions is 3, and the ID number of the slave CPU that implements the security function is 4.
Optionally, the identity number of the slave CPU is used to determine the IP address and the MAC address of the slave CPU in the internal system of the network device, and specifically, may be used to determine the last number of the IP address and the last number of the MAC address of the slave CPU in the internal system of the network device, where the first numbers (which may be preset) of the IP address of the slave CPU in the internal system of the network device are all the same, and the first numbers (which may be preset) of the MAC address are also all the same. For example, if the ID number of the slave CPU implementing the security function is 4, the last number of the IP address and the MAC address of the slave CPU in the internal system of the network device is 4, for example, the MAC address registered by the slave CPU in the internal system of the network device is 00-00-00-00-00-04, and the corresponding IP address is 192.168.0.4.
Referring to table 1, if the ID number of the CPU can indicate the IP address and the last number of the MAC address of the CPU in the internal system of the network device, the MAC address registered in the internal system of the network device by the slave CPU for implementing sensor information acquisition is 00-00-00-00-00-01, the corresponding IP address is 192.168.0.1, the MAC address registered in the internal system of the network device by the master CPU is 00-00-00-00-00-02, the corresponding IP address is 192.168.0.2, the MAC address registered in the internal system of the network device by the slave CPU for implementing other functions is 00-00-00-04, the corresponding IP address is 192.168.0.4, the MAC address registered in the internal system of the network device by the slave CPU for implementing security function is 00-00-00-04, the corresponding IP address is 192.168.0.4.
Optionally, when the network device is started, each slave CPU registers its ID number with the master CPU, and the master CPU determines, according to the ID number of each slave CPU, the OID implemented by the MIB node corresponding to each CPU, and may further determine an OID table supported by the entire network device, where the OID table supported by the network device may be as shown in table 1.
Further, after each slave CPU registers its ID number with the master CPU, the IP address and MAC address of each slave CPU in the network device internal system may also be determined according to the ID number of each slave CPU.
Further, after the main CPU receives an SNMP target message directed to the network device, the main CPU may query the OID table supported by the network device according to the target OID carried in the SNMP message, and directly return an SNMP error message prompt message if the target OID does not exist in the OID table supported by the network device; if the target OID exists in an OID table supported by the network equipment, firstly, judging whether the target OID is the OID realized by the MIB node corresponding to the target OID or not, if so, directly returning local SNMP node information, otherwise, determining that the access node is a slave CPU corresponding to the target OID, namely the slave CPU corresponding to the MIB node corresponding to the target OID, and further forwarding the SNMP target message to the slave CPU through a two-layer switch.
The main CPU firstly determines the IP address and MAC address of the slave CPU in the internal system of the network equipment according to the ID number of the slave CPU, then modifies the target IP address and the target MAC address of the SNMP target message into the IP address and MAC address of the slave CPU, modifies the source IP address and the source MAC address of the SNMP target message into the IP address and MAC address of the slave CPU, and then sends the modified SNMP target message to the two-layer switch, the CPU can receive the corresponding SNMP target message, and the SNMP response message can be sent back to the main CPU through the two-layer switch after the processing is finished. Furthermore, after receiving the SNMP response message sent by the slave CPU, the master CPU modifies the source IP address, the source MAC address, the destination IP address and the destination MAC address of the SNMP response message and sends the modified SNMP response message to the management network through the external management network interface.
In the technical scheme, the network equipment adopts a multi-CPU architecture to realize SNMP, the equipment management information is modularized and decentralized from the MIB node level, each slave CPU is independently responsible for part of information, the workload of a master CPU is greatly reduced, each CPU is convenient to maintain, and each slave CPU reports the OID of the MIB node under the enterprise number to the master CPU in a registration mode, so that the master CPU can forward corresponding messages based on a two-layer switch after receiving SMNP messages. In addition, since each slave CPU is realized by registering with the master CPU, which may also be referred to as a customized MIB node, which functions need to be realized is to weld the corresponding CPU in the network device, and the CPU and its operating system can be flexibly changed, thereby improving the flexibility of network device customization.
Example two
Fig. 5 is a flowchart of a message processing method of a network device according to a second embodiment of the present invention. The embodiment is applicable to the SNMP access scenario, and the method can be executed by the network device provided by the embodiment of the invention.
As shown in fig. 5, the method for processing a packet by a network device in this embodiment is applied to the network device in any embodiment of the present invention, and specifically includes:
s210, after the SNMP target message is received by the main CPU, when the access node is determined to be the slave CPU by the main CPU, the SNMP target message is forwarded to the slave CPU through the two-layer switch.
The main CPU is used to implement the main service of the network device, and may be, for example, a switching chip that is connected to the main CPU through PCIE and is used to implement the main service of the network device.
Each slave CPU is configured to implement one or more auxiliary services of the network device, such as a security processing function, a sensor information collection function, and the like.
S220, after the SNMP target message is processed by the slave CPU, the SNMP response message is returned to the master CPU through the two-layer switch.
And S230, sending the SNMP response message to the management network through the external management network port by the main CPU.
In the technical scheme, the equipment management information is modularized and dispersed through the slave CPU, the interface complexity and the workload of the master CPU are reduced, and the performance of the master CPU is improved. Meanwhile, in view of the fact that a plurality of CPUs (including a main CPU and a slave CPU) are connected through a two-layer switch, each CPU is independently responsible for part of information, and is more convenient to independently maintain each CPU, if a certain CPU or an operating system on a certain CPU needs to be replaced, other CPUs do not need to be changed, and the replaced CPU is directly developed, so that the adaptability of the network equipment to the CPU and the CPU operating system is improved, and particularly in a scene that the CPU and the CPU operating system are frequently replaced in the military industry.
Optionally, the slave CPU includes a configuration pin, and the configuration pin is used for determining the ID number of the slave CPU. The ID number of the slave CPU can be set by setting the configuration pin on the slave CPU, for example, the configuration pin of the slave CPU that implements the security function is set so that the value of the configuration pin is 4, that is, the ID number of the slave CPU is 4.
Optionally, the identity number of the slave CPU is used to determine the OID implemented by the MIB node, and may specifically be used to determine the last number of the OID implemented by the MIB node corresponding to the slave CPU, where a plurality of previous numbers (which may be preset) of the OIDs are the same. For example, if the ID number of the slave CPU that implements the security function is 4, the last data of the OID implemented by the MIB node corresponding to the slave CPU is 4.
Further, the message processing method further includes: when the network equipment is started, registering respective identity numbers to the main CPU through each slave CPU; and determining the OID table supported by the network equipment through the master CPU according to the identity number of each slave CPU.
In the above technical solution, each slave CPU reports the OID of the MIB node under the enterprise number to the master CPU by means of registration, so that the master CPU can forward the corresponding packet based on the two-layer switch after receiving the SMNP packet. In addition, since each slave CPU is realized by registering with the master CPU, which may also be referred to as a customized MIB node, which functions need to be realized is to weld the corresponding CPU in the network device, and the CPU and its operating system can be flexibly changed, thereby improving the flexibility of network device customization.
Optionally, the identity number of the slave CPU is used to determine the IP address and the MAC address of the slave CPU in the internal system of the network device, and specifically, may be used to determine the last number of the IP address and the last number of the MAC address of the slave CPU in the internal system of the network device, where the first numbers (which may be preset) of the IP address of the slave CPU in the internal system of the network device are all the same, and the first numbers (which may be preset) of the MAC address are also all the same. For example, if the ID number of the slave CPU implementing the security function is 4, the last number of the IP address and the MAC address of the slave CPU in the internal system of the network device is 4, for example, the MAC address registered by the slave CPU in the internal system of the network device is 00-00-00-00-00-04, and the corresponding IP address is 192.168.0.4.
Further, after each slave CPU registers its own identity number with the master CPU, the method for processing a message further includes: and determining the IP address and the MAC address of each slave CPU in the internal system of the network equipment by the master CPU according to the identity number of each slave CPU.
In an optional implementation, determining, by the master CPU, that the access node is a slave CPU may include:
inquiring an OID table supported by the network equipment through the main CPU according to the target OID carried in the SNMP target message; and if the main CPU determines that the target OID exists in the OID table and the access node is not the main CPU, determining that the access node is a slave CPU corresponding to the target OID.
Further, when the master CPU determines that the access node is the slave CPU, forwarding the SNMP target packet to the slave CPU through the two-layer switch may include:
when the access node is determined to be the slave CPU through the master CPU, modifying the target IP address and the target MAC address of the SNMP target message into the IP address and the MAC address of the slave CPU, and modifying the source IP address and the source MAC address of the SNMP target message into the IP address and the MAC address of the CPU;
and forwarding the modified SNMP target message to the slave CPU through the two-layer switch by the master CPU.
Further, sending the SNMP response message to the management network through the external management network interface by the main CPU may include:
modifying the source IP address and the source MAC address of the SNMP response message into the original destination IP address and destination MAC address in the received SNMP target message through the main CPU;
modifying the target IP address and the target MAC address of the SNMP response message into the original source IP address and source MAC address in the received SNMP target message through the main CPU;
and sending the modified SNMP response message to a management network through an external management network port by the main CPU.
In the technical scheme, the SNMP message is transparently processed, so that each CPU directly processes the SNMP message. Each slave CPU directly faces the UDP 161 port when processing the SNMP message, so that it is not known for each slave CPU whether the SNMP message is forwarded from the external network or the master CPU, which is beneficial to standardizing the SNMP module.
Fig. 6 is a flowchart of a message processing method of a network device according to a second embodiment of the present invention. As shown in fig. 6, the method for processing a packet by a network device in this embodiment specifically includes:
s310, the main CPU receives the SNMP target message pointing to the network equipment and inquires the OID table supported by the network equipment according to the target OID carried in the SNMP target message.
When the network equipment is started, each slave CPU registers the ID number of the slave CPU with the master CPU. The ID of the slave CPU is used to determine the OID implemented by the MIB node, and specifically may be used to determine the last number of the OID implemented by the MIB node corresponding to the slave CPU, where the first numbers (which may be preset) of the OIDs are all the same.
And the main CPU determines the OID realized by the MIB node corresponding to each CPU according to the ID number of each slave CPU, and further determines an OID table supported by the whole network equipment.
And S320, the main CPU judges whether the target OID exists in the OID table, if so, S330 is executed, and if not, S390 is executed.
S330, the main CPU judges whether the MIB node realizing the target OID corresponds to the main CPU, if so, S340 is executed, and if not, S350 is executed.
S340, the main CPU processes the SNMP target message and sends the generated SNMP response message to the management network through the external management network port.
S350, the main CPU determines a target slave CPU corresponding to the MIB node realizing the target OID, and determines the IP address and the MAC address of the target slave CPU in the internal system of the network equipment according to the ID number registered by the target slave CPU.
The identity number of the slave CPU is used to determine the IP address and the MAC address of the slave CPU in the internal system of the network device, and specifically may be used to determine the last number of the IP address and the last number of the MAC address of the slave CPU in the internal system of the network device, where the first numbers (which may be preset) of the IP address of the slave CPU in the internal system of the network device are all the same, and the first numbers (which may be preset) of the MAC address are also all the same.
S360, the main CPU modifies the target IP address and the target MAC address of the SNMP target message into the IP address and the MAC address of the target slave CPU, modifies the source IP address and the source MAC address of the SNMP target message into the IP address and the MAC address of the main CPU, and sends the modified SNMP target message through the two-layer switch.
S370, the target receives the SNMP target message from the CPU, generates an SNMP response message after the processing is finished, and sends the SNMP response message back to the main CPU through the two-layer switch.
S380, the main CPU receives the SNMP response message, modifies the source IP address and the source MAC address of the SNMP response message into the IP address and the MAC address of the network equipment, modifies the target IP address and the target MAC address of the SNMP response message into the IP address and the MAC address of the network equipment sending the SNMP target message, and sends the modified SNMP response message to the management network through the external management network interface.
And S390, the main CPU directly returns the prompt information of the SNMP error message.
For the details of the present embodiment, please refer to the foregoing embodiments, which are not repeated herein.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A network device, comprising: the system comprises a main Central Processing Unit (CPU), a two-layer switch and at least one slave CPU; wherein the content of the first and second substances,
the main CPU is connected with the at least one slave CPU through the two-layer switch;
the main CPU is used for realizing the main service of the network equipment;
each slave CPU is used for realizing one or more auxiliary services of the network equipment;
the two-layer switch is used for realizing the communication of the SNMP messages among the CPUs.
2. The network device of claim 1, wherein the slave CPU includes a configuration pin for determining an identity number of the slave CPU.
3. The network device of claim 2, wherein the identity number of the slave CPU is used to determine an object identifier OID implemented by a management information base node corresponding to the slave CPU.
4. The network device of claim 2, wherein the identity number of the slave CPU is used to determine an Internet Protocol (IP) address and a Media Access Control (MAC) address of the slave CPU in the network device internal system.
5. A message processing method of a network device, applied to the network device according to any one of claims 1 to 4, comprising:
after receiving an SNMP target message through a main CPU, when an access node is determined to be a slave CPU through the main CPU, forwarding the SNMP target message to the slave CPU through a two-layer switch;
after the slave CPU processes the SNMP target message, the SNMP response message is returned to the master CPU through the two-layer switch;
and sending the SNMP response message to a management network through an external management network port by the main CPU.
6. The method of claim 5, further comprising:
when the network equipment is started, registering respective identity numbers to the main CPU through each slave CPU;
and determining the OID table supported by the network equipment by the master CPU according to the identity number of each slave CPU.
7. The method of claim 6, further comprising, after registering a respective identity number with the master CPU via each of the slave CPUs:
and determining the IP address and the MAC address of each slave CPU in the internal system of the network equipment by the master CPU according to the identity number of each slave CPU.
8. The method of claim 6, wherein determining, by the master CPU, that an access node is a slave CPU comprises:
inquiring an OID table supported by the network equipment through the main CPU according to the target OID carried in the SNMP target message;
and if the target OID is determined to exist in the OID table by the main CPU and the access node is not the main CPU, determining the access node as a slave CPU corresponding to the target OID.
9. The method of claim 7, wherein forwarding, by the master CPU, the SNMP target message to the slave CPU through a two-layer switch upon determining that an access node is a slave CPU comprises:
when the access node is determined to be the slave CPU through the master CPU, modifying the target IP address and the target MAC address of the SNMP target message into the IP address and the MAC address of the slave CPU, and modifying the source IP address and the source MAC address of the SNMP target message into the IP address and the MAC address of the master CPU;
and forwarding the modified SNMP target message to the slave CPU through the two-layer switch by the master CPU.
10. The method of claim 9, wherein sending the SNMP response message to a management network via an external management network port via the main CPU comprises:
modifying the source IP address and the source MAC address of the SNMP response message into the original destination IP address and destination MAC address in the received SNMP target message through the main CPU;
modifying the target IP address and the target MAC address of the SNMP response message into the original source IP address and source MAC address in the received SNMP target message through the main CPU;
and sending the modified SNMP response message to a management network through an external management network port by the main CPU.
CN202011055677.7A 2020-09-29 2020-09-29 Network device and message processing method thereof Pending CN112217670A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011055677.7A CN112217670A (en) 2020-09-29 2020-09-29 Network device and message processing method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011055677.7A CN112217670A (en) 2020-09-29 2020-09-29 Network device and message processing method thereof

Publications (1)

Publication Number Publication Date
CN112217670A true CN112217670A (en) 2021-01-12

Family

ID=74052403

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011055677.7A Pending CN112217670A (en) 2020-09-29 2020-09-29 Network device and message processing method thereof

Country Status (1)

Country Link
CN (1) CN112217670A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1414735A (en) * 2002-04-02 2003-04-30 华为技术有限公司 Data upgrading method of two-layer exchange equipment
CN101119208A (en) * 2007-08-28 2008-02-06 福建星网锐捷网络有限公司 Switchboard, service processing board and switching board
CN101719877A (en) * 2010-01-15 2010-06-02 福建星网锐捷网络有限公司 Message forwarding device, network equipment and method
WO2016183926A1 (en) * 2015-05-18 2016-11-24 中兴通讯股份有限公司 Carrier-grade network address translation method and device
CN107196820A (en) * 2017-05-24 2017-09-22 上海海斯科网络科技有限公司 A kind of switch performance method of testing, apparatus and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1414735A (en) * 2002-04-02 2003-04-30 华为技术有限公司 Data upgrading method of two-layer exchange equipment
CN1161924C (en) * 2002-04-02 2004-08-11 华为技术有限公司 Data upgrading method of two-layer exchange equipment
CN101119208A (en) * 2007-08-28 2008-02-06 福建星网锐捷网络有限公司 Switchboard, service processing board and switching board
CN101719877A (en) * 2010-01-15 2010-06-02 福建星网锐捷网络有限公司 Message forwarding device, network equipment and method
WO2016183926A1 (en) * 2015-05-18 2016-11-24 中兴通讯股份有限公司 Carrier-grade network address translation method and device
CN107196820A (en) * 2017-05-24 2017-09-22 上海海斯科网络科技有限公司 A kind of switch performance method of testing, apparatus and system

Similar Documents

Publication Publication Date Title
CN111130901B (en) Device management method, device, communication device and storage medium
US7024476B1 (en) Directory-enabled device management
US6981034B2 (en) Decentralized management architecture for a modular communication system
KR100935782B1 (en) System, method, and computer program product for centralized management of an infiniband distributed system area network
EP2947907B1 (en) Startup configuration method in base station, base station and server
US7684421B2 (en) Information routing in a distributed environment
US7275104B1 (en) Web-services-based data logging system including multiple data logging service types
WO2006005790A1 (en) System, network entities and computer programs for configuration management of a dynamic host configuration protocol framework
CN101848107B (en) SNMP (Simple Network Management Protocol) network element and communication method of SNMP network element and proprietary protocol network element
WO2003047167A2 (en) Method, system and agent for connecting event consumers to event producers in a distributed event management system
WO2018090386A1 (en) Method, device and system for processing abnormities of nf modules
US20050220109A1 (en) Routing table synchronization method, network apparatus, and routing table synchronization program
WO2015131757A1 (en) Channel between software defined networking device and controller
JP2019525604A (en) Network function NF management method and NF management apparatus
US11805011B2 (en) Bulk discovery of devices behind a network address translation device
CN112968965B (en) Metadata service method, server and storage medium for NFV network node
CN110995829A (en) Instance calling method and device and computer storage medium
TWI740210B (en) Method for terminal device management and server
US20210075716A1 (en) Automatic routing configuration between hosts and network layer devices
CN112217670A (en) Network device and message processing method thereof
US20050120099A1 (en) Configuration management device for a self-configurable network equipment of a communication network provided with equipment configuration parameter consistency analysis module
CN111294358B (en) Message processing method and device
EP1780942A1 (en) Method for automatically discovering a bus system in a multipoint transport network, multipoint transport network and network node
Christensen et al. Scalable network approach for the space plug-and-play architecture
US20210320852A1 (en) Software-definable network service configuration method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210112