CN113395334A - Service function chain online updating method, system and equipment - Google Patents
Service function chain online updating method, system and equipment Download PDFInfo
- Publication number
- CN113395334A CN113395334A CN202110602599.6A CN202110602599A CN113395334A CN 113395334 A CN113395334 A CN 113395334A CN 202110602599 A CN202110602599 A CN 202110602599A CN 113395334 A CN113395334 A CN 113395334A
- Authority
- CN
- China
- Prior art keywords
- service function
- function chain
- sub
- flow table
- table data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method, a system and equipment for updating a service function chain on line, wherein the method comprises the following steps: if the current service function chain identification number is not the empty identification number, judging whether the new service function chain identification number is consistent with the current service function chain identification number or not; if the current flow table data set is inconsistent with the current service function chain identification number, searching the current flow table data set bound with the current service function chain identification number, deleting the searched current flow table data set from the configuration file, and judging whether a service function chain corresponding to the new service function chain identification number exists in the pre-configured available service function chain set or not; and if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and replacing the current service function chain identification number with the new service function chain identification number, thereby realizing the online update of the service function chain.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a service function chain online updating method, system and device.
Background
According to the sequence set by the Service logic, the network traffic is called a Service function Chain (Service function Chain) through a scenario of devices (mainly referring to security devices such as a firewall, load balancing, third-party security devices, and the like) with Service functions. The data messages are processed through different paths in the network equipment, diversification of service function chains is realized, and safe, various and stable network services are finally provided for users. When a service chain of a conventional network is changed and expanded, the network topology needs to be changed, and the configuration of network equipment needs to be performed again.
The service function chain and the network topology are closely coupled and complex to deploy, and the change of the network topology formed by the traditional network equipment is high in implementation cost.
In order to solve the above problems, people are always seeking an ideal technical solution.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a method, a system and equipment for updating a service function chain on line.
In order to achieve the purpose, the invention adopts the technical scheme that:
the first aspect of the present invention provides an online service function chain updating method, which includes the following steps:
receiving a switching instruction carrying a new service function chain identification number, responding to the switching instruction, searching a current service function chain identification number, and judging whether the current service function chain identification number is an empty identification number;
if the current service function chain identification number is an empty identification number, judging whether a service function chain corresponding to the new service function chain identification number exists in a pre-configured available service function chain set or not; if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and setting the current service function chain identification number as the new service function chain identification number;
if the current service function chain identification number is not the empty identification number, judging whether the new service function chain identification number is consistent with the current service function chain identification number or not; if the current flow table data set is inconsistent with the current service function chain identification number, searching the current flow table data set bound with the current service function chain identification number, deleting the searched current flow table data set from the configuration file, and judging whether a service function chain corresponding to the new service function chain identification number exists in the pre-configured available service function chain set or not; and if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and replacing the current service function chain identification number with the new service function chain identification number.
The second aspect OF the present invention provides an online updating system for a service function chain, which includes a service function chain management component, an SDN controller, an SDN switch, an OF switch, and service function units, where each service function unit is deployed in a virtual machine, and the virtual machines with the service function units deployed are mounted in different OF switches in a distributed manner;
the service function chain management component is in communication interconnection with a northbound interface of the SDN controller, is used for the step of the service function chain online updating method, obtains a new flow table data set, and transmits the new flow table data set to the SDN controller;
the SDN controller is respectively in communication interconnection with the SDN switch and each OF switch and is used for analyzing a new flow table data set, acquiring sub-flow table data and issuing the sub-flow table data to the corresponding switch;
and the SDN switch is respectively communicated and interconnected with each OF switch and used for guiding the forwarding OF data flow based on the new service function chain and updating the service function chain on line.
A third aspect of the present invention provides a service function chain online update device, which includes a memory, a processor, and a service function chain online update program stored on the memory and executable on the processor, wherein the service function chain online update program, when executed by the processor, implements the steps of the service function chain online update method as described above.
Compared with the prior art, the invention has prominent substantive characteristics and remarkable progress, particularly:
1) the invention provides a service function chain online updating method, a system and equipment, wherein a network topology formed by an OpenFlow switch and an SDN controller is used, and a flow table is modified to change network equipment through which flow passes, so that an online updating path is realized, and the switching efficiency of the service function chain is greatly improved;
the SDN mode and the application of NFV (Network Functions Virtualization) also make Network control of the data center more flexible and extensible.
Drawings
FIG. 1 is a flow chart of a service function chain online update method of the present invention;
FIG. 2 is a flow chart of the present invention for constructing a backup substream table data set;
FIG. 3 is a flow chart of the present invention for constructing a new flow table data set;
FIG. 4 is a schematic diagram of the service function chain online update system of the present invention;
FIG. 5 is an application effect diagram of the service function chain online update system of the present invention;
FIG. 6 is a first flowchart of the service function chain scheduling of the present invention;
FIG. 7 is a second flowchart of the service function chain scheduling of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail by the following embodiments.
Example 1
Fig. 1 shows a specific embodiment of a service function chain online updating method, which includes the following steps:
receiving a switching instruction carrying a new service function chain identification number, responding to the switching instruction, searching a current service function chain identification number, and judging whether the current service function chain identification number is an empty identification number;
if the current service function chain identification number is an empty identification number, judging whether a service function chain corresponding to the new service function chain identification number exists in a pre-configured available service function chain set or not; if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and setting the current service function chain identification number as the new service function chain identification number;
if the current service function chain identification number is not the empty identification number, judging whether the new service function chain identification number is consistent with the current service function chain identification number or not; if the current flow table data set is inconsistent with the current service function chain identification number, searching the current flow table data set bound with the current service function chain identification number, deleting the searched current flow table data set from the configuration file, and judging whether a service function chain corresponding to the new service function chain identification number exists in the pre-configured available service function chain set or not; and if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and replacing the current service function chain identification number with the new service function chain identification number.
It should be noted that the time required for the service function chain to update online is crucial to the diversification of the service function chain. When the service path scheduling is performed by using the service function chain online updating method, if the identification number of a new service function chain is sfc _2, firstly, inquiring currently-applied path information from a configuration record, if the identification number of the current service function chain is sfc _1, firstly, sending a flow table deleting message to an SDN controller, deleting a current flow table data set in a configuration file, namely all flow table data sfc _1{ flow _ i, fow _ j, …, fow _ k } related to sfc _1 (1 is equal to or less than i, j, k is equal to or less than n, i is equal to j ≠ k), then sending a flow table adding message to the SDN controller, issuing a new flow table data set in the configuration file, namely flow table data sfc _2{ flow _ i, fow _ j, …, fow _ k } (1 is equal to or less than i, j, k is equal to or less than n, i is equal to j ≠ k), and updating a currently-used path record; if the current service chain-free flow use record in the configuration record flows through, directly issuing a flow table set corresponding to sfc _2 to the SDN controller, and updating the current path ID record, thereby dynamically and quickly arranging and deploying the safety function service chain according to the user safety requirement.
It can be understood that the service function chain online update effect is shown in fig. 5, and the system is configured with two alternative service paths sfc1 and sfc 2. The path sfc1 passes through the service function units SF1 and SF 3; the path sfc2 passes through the service function units SFn1 and SFn2, and the flow of the access system is controlled by switching the path to pass through different service function units, so that the data flow sequentially passes through each virtual security device according to the security requirement of the user, the purpose of filtering the data flow is achieved, and the dynamic control of the network flow is realized.
It should be noted that, by pre-configuring the available service function chain set, some common service function chains are pre-stored according to the common security requirements of the user, so as to improve the online updating efficiency of the service function chains.
Considering the diversity of the users' security requirements, a method of generating a new service function chain is also configured:
if the service function chain corresponding to the new service function chain identification number does not exist in the pre-configured available service function chain set, generating a message for adding the new service function chain;
responding to the message of adding the new service function chain, and generating a new flow table data set;
generating a newly added service function chain identification number, and binding the newly added service function chain identification number with the newly added flow table data set; and issuing the newly added flow table data set, and setting the current service function chain identification number as the newly added service function chain identification number.
Example 2
It should be noted that, when the service function chain is long, the paths may be segmented and divided into sub-path sets, and each sub-path is sequentially configured and stored by the client to construct a standby sub-flow table data set. As shown in fig. 2, one embodiment of constructing a set of standby sub-flow table data is performed before provisioning a set of available service function chains:
determining whether a sub-path generation message is acquired;
responding to the sub-path generation message, generating a sub-service function chain ID, determining service function identifications associated with the sub-service function chain, and judging whether the number of the service function identifications associated with the sub-service function chain exceeds one;
if the number of the service function identifications associated with the sub-service function chain is one, generating a sub-flow table data set of the sub-service function chain, binding the sub-flow table data set and the corresponding sub-service function chain ID to be used as a first type of sub-service function chain, and storing the first type of sub-service function chain into a standby sub-flow table data set;
if the number OF the service function identifiers associated with the sub-service function chain exceeds one, determining that the service function units in the sub-service function chain are adjacent service function units, and determining whether the adjacent service function units are mounted on the same OF switch; if yes, calculating the total number of the sub-path flow table entries according to the total number of the service function units in the sub-service function chain; otherwise, the total number of the service function units in the sub-service function chain and the total number of the sub-path flow entries of the first dynamic value counter are calculated; the first dynamic value changes along with the number of the adjacent service function units and the deployment position;
and generating a sub-flow table data set OF the sub-service function chain according to the total number OF the sub-path flow table entries, the priority OF the service function unit, the flow table required by the flow input side and the flow table required by the output side OF the virtual machine where the service function unit is located, and the flow table required by the input side and the flow table required by the output side OF the OF switch which mounts the corresponding service function unit, binding the sub-flow table data set and the corresponding sub-service function chain ID together to be used as a second type OF sub-service function chain, and storing the second type OF sub-service function chain into a standby sub-flow table data set.
It can be understood that some service functions selected by the user are received, and the sub-flow table data set required for guiding the flow forwarding is automatically calculated to form a sub-service function chain. In the subsequent adding, deleting and switching operation process, the efficiency of the online updating of the service function chain can be improved and the flexibility of the online updating function of the service function chain is enhanced by multiplexing the commonly used sub-paths.
Further, before generating the standby sub-stream table data set, the following steps are also performed:
generating an SF data structure corresponding to each service function unit, wherein the SF data structure is SF _ m { name, switch _ id, port _ switch, port _ SF, port _ left and port _ right }, m is more than or equal to 1 and less than or equal to n, and n represents the maximum service function number supported by the system;
wherein sf _ m represents a service function identifier, name represents a service function name, switch _ id represents an OF switch serial number OF a corresponding service function unit, port _ switch represents a traffic input side port id and an output side port id OF an SDN switch, port _ sf represents an input side port id and an output side port id OF an OF switch on which the service function unit is mounted, port _ left represents a traffic input side port id OF the service function unit, and port _ right represents a traffic output side port id OF the service function unit.
It should be noted that, according to port name detection, an SF data structure corresponding to each service function unit is pre-constructed, and a service function identifier of each service function unit is stored in association with a port id required for constructing a flow table entry, so as to prepare for constructing a newly added flow table data set or regenerating a sub-flow table data set.
Therefore, when generating the sub-flow table data set of the sub-service function chain according to the preset sub-path flow table data set generation rule, it is necessary to: the flow table required by the flow input side and the flow table required by the output side OF the virtual machine where the service function unit is located, and the flow table required by the input side and the flow table required by the output side OF the OF switch which mounts the corresponding service function unit can be obtained from the SF data structure corresponding to the service function unit, so that the construction time OF newly adding a flow table data set and a sub-flow table data set is shortened, and the online updating time OF a service function chain is shortened.
This embodiment provides a specific implementation manner for constructing an available service function chain set, and when the available service function chain set is preconfigured, the following steps are performed:
calling a sub-flow table data set corresponding to the first type of sub-service function chain and/or the second type of sub-service function chain from the standby sub-flow table data set to form a flow table data set;
generating a series of service function chain identification numbers, and binding each service function chain identification number with a corresponding flow table data set to serve as an available service function chain;
based on the generated available service function chains, a set of available service function chains is generated.
In one embodiment, the service function chain identification number of a certain service path is SFC _ m, and the set of available service function chains is SFC { SFC _1, SFC _2, …, SFC _ m } (1 ≦ m ≦ q, q represents the maximum SFC number supported by the system), which constitutes a service function chain that can be directly invoked; and generating and storing forwarding rules of a plurality of paths according to different input parameters, and directly selecting a corresponding service function chain identification number and switching a flow forwarding link by one key when a service function chain path needs to be scheduled and switched.
After receiving SF name and quintuple information contained in a certain available service function chain input by a user, searching a corresponding SF _ m structural body according to the SF name, combining port information in SF _ m and input quintuple information to accurately generate a matching and forwarding rule of a message, namely, a flow entry set flow _ m { flow _ adv { [ mflow _ in ], [ flow _ in ], [ mflow _ out ], flow _ out }, flow _ ret { [ mflow _ in ], [ flow _ in ], [ mflow _ out ], flow _ out } } (1. ltoreq. m.ltoreq.n), flow _ adv and flow _ ret respectively represent flow tables required for forward and reverse forwarding, mflow _ in and mflow _ out respectively represent flow tables required for forwarding in the input and output directions of Switch0, flow _ in and flow _ out represent flow tables controlling flow input and output forwarding in an SDN Switch mounted by a service functional unit, and [ ] represents a flow table optionally generated according to conditions.
As shown in fig. 5, two paths, SFC1 and SFC2, each path includes multiple SFs, which are specifically divided into several cases: in the flow direction from left to right, if there is an adjacent SF in an SF, whether the adjacent SF is mounted on the same switch is distinguished, and the specific flow entry number of the generated structure flow _ m is determined, or vice versa. And finally, generating a flow table data set SFC _ m { flow _ i, fow _ j, …, fow _ k } (i is more than or equal to 1, j, k is more than or equal to n, i is not equal to j is not equal to k, m is more than or equal to 1 and less than or equal to q, and q represents the maximum SFC number supported by the system) according to the sequence of the SFCs in the configured service function chain SFC.
After the flow table data set is generated, sending an http message to the SDN controller, sending an OpenFlow message to the switch by the SDN controller, finally sending the generated flow table items to the switch identified by SF _ m, guiding the flow to be forwarded between SFs, and storing all flow table items SFC _ m generated by the SFC path to a configuration file.
This embodiment also provides a specific implementation manner for constructing a newly added flow table data set, and when generating the newly added flow table data set, the following steps are performed:
determining a service function identifier associated with a new service function chain, and judging whether a first type of reusable sub-service function chain or a second type of reusable sub-service function chain exists in the standby sub-flow table data set according to the service function identifier;
if the reusable first type of sub-service function chain or the second type of sub-service function chain exists, calling a sub-flow table data set corresponding to the reusable first type of sub-service function chain or the second type of sub-service function chain, and generating a sub-flow table data set of the rest part;
if the first type of reusable sub-service function chain or the second type of reusable sub-service function chain does not exist, executing the following steps:
judging whether an adjacent service function unit exists in the new service function chain or not according to the arrangement sequence of the service function identification associated with the new service function chain;
if the adjacent service function units do not exist, calculating the total number of the newly added flow entries according to the total number of the service function units;
if the adjacent service function units exist, judging whether the adjacent service function units are not mounted on the same OF switch, if so, calculating the total number OF newly added flow table items according to the total number OF the service function units; otherwise, calculating the total number of the new flow-adding table entries according to the total number of the service function units and the second dynamic value; the second dynamic value changes along with the number of the adjacent service function units and the deployment position;
generating a newly added flow table data set according to the total number of the newly added flow table items, the priority of the service function unit and an SF data structure corresponding to the service function unit;
and generating a newly added flow table data set based on the multiplexed sub flow table data set and the regenerated sub flow table data set.
For example, the multiplexed substream table data set is sfc _11{ flow _ i, …, fow _ j }, the regenerated substream table data set sfc _12{ fow _ j, …, fow _ k }, sfc _11 and sfc _12 are combined into sfc _1{ flow _ i, fow _ j, …, fow _ k }.
It should be noted that, as shown in fig. 3, according to a preset new flow table data set generation rule, according to an SF (service function unit) sequence input by a user, an ID of a switch, port information, and the like are automatically retrieved, and a new flow table data set is constructed, so as to achieve the purpose of automatic path calculation.
Example 3
The present embodiment differs from the above embodiments in that: the service function chain online updating method further comprises the following steps: counting the use probability of each service function unit;
if the use probability of a certain service function unit exceeds a first scheduling threshold value and the standby sub-flow table data set does not have a sub-service function chain only containing the service function unit, the sub-flow table data set of the service function unit and the corresponding sub-service function chain ID are newly added, the newly added sub-flow table data set and the sub-service function chain ID are bound together to serve as a newly added first type of sub-service function chain, and the newly added first type of sub-service function chain is stored in the standby sub-flow table data set.
Further, the service function chain online updating method further includes:
counting the combined probability of each service function unit and other service function units;
and if the combined probability of some service function units exceeds a second scheduling threshold value and the standby sub-flow table data set does not have a sub-service function chain only comprising the service function units, adding the sub-flow table data set of the service function units and the corresponding sub-service function chain ID, binding the newly added sub-flow table data set and the sub-service function chain ID to serve as a newly added second type of sub-service function chain, and storing the newly added second type of sub-service function chain in the standby sub-flow table data set.
By the method, the standby sub-flow table data set is continuously and automatically updated, so that the available service function chains in the pre-configured available service function chain set are enriched, the generation of new service function chains is accurate, the service function chains corresponding to the new service function chain identification numbers do not exist in the pre-configured available service function chain set, and the construction time of the newly added flow table data set can be effectively shortened.
Example 4
Based on the service function chain online updating method in the foregoing embodiment, this embodiment provides a specific implementation manner of a service function chain online updating system, as shown in fig. 4:
the service function chain online updating system comprises a service function chain management component, an SDN (Software Defined Network) controller, an SDN switch, an OF (OpenFlow) switch and service function units, wherein each service function unit is deployed in a virtual machine, and the virtual machines with the service function units are mounted on different OF switches in a distributed mode;
the service function chain management component is in communication interconnection with a northbound interface of the SDN controller, and is configured to execute the steps of the service function chain online updating method in the above embodiment, obtain a new flow table data set, and transmit the new flow table data set to the SDN controller;
the SDN controller is respectively in communication interconnection with the SDN switch and each OF switch and is used for analyzing a new flow table data set, acquiring sub-flow table data and issuing the sub-flow table data to the corresponding switch;
and the SDN switch is respectively communicated and interconnected with each OF switch and used for guiding the forwarding OF data flow based on the new service function chain and updating the service function chain on line.
In order to improve the system performance, the service function unit adopts a distributed deployment mode, SF is mounted on a Switch _1-Switch _ n in a distributed mode, and the network traffic access uses a Switch _0 port to realize the filtering of traffic by a service function chain; service function units (SF) (such as a firewall, load balancing, third-party security equipment and the like) are deployed in each virtual machine, and the virtual machines are mounted and accessed to different OF switches, so that light deployment OF SF (service function) is realized.
It can be understood that, the service function chain management component uses http mode to communicate with the northbound interface OF the SDN controller, globally monitors the resource state OF the whole network through the northbound interface, and performs unified scheduling on resources, remotely controls the OF switch cluster, performs control OF adding, deleting, querying and path switching on the flow table and the service function path OF the OF switch, and solves the problem OF service function chain scheduling, as shown in fig. 6 and 7:
when the client side deletes the configuration, if a certain flow table entry is deleted, the flow table entry deleting message is directly sent to the controller, and the feedback message of the controller is received; if a certain service function chain sfc _ m is deleted, reading the stored path information sfc _ m [ flow _1, flow _2, …, flow _ nm ], sequentially deleting the flow table entry data in the sfc1 path, and receiving a feedback processing result; if certain path configuration is not needed later, the saved path data is directly emptied;
during query configuration, the client sends a query message to the controller middleware according to input parameters (such as a device ID, a flow table ID, and a service function chain identification number), receives a read analysis feedback message, displays contents of a flow table item currently configured in the OpenFlow switch, contents of a service function chain identification number and the like currently applied and displays a current state of the system.
The service function chain management component also detects the port information of Switch through the SDN controller and constructs an SF data structure corresponding to each service function unit; pre-configuring an available service function chain set in a CLI client mode; receiving input parameters (information OF switch ID, priority, message quintuple, output port and the like) in a command line CLI mode, automatically generating a flow table set OF a new service function chain for guiding flow forwarding according to a service function sequence selected by a user, and issuing the flow table set to each switch.
The SDN controller is used as a middleware and comprises a northbound interface and a southbound interface, and the northbound interface and the service function chain management component establish http protocol communication and receive and send messages; the southbound interface and the SDN switch communicate by using an OpenFlow protocol, configuration data OF a service function chain management assembly is sent to the switch, interfaces (information such as ID, interface, MAC and IP) and network topology information OF virtual machine equipment where the OF switch and the service function unit SF are located are obtained based on an LLDP protocol and an ARP protocol, and current equipment information, flow table information and network topology state in a system are displayed by using a front-end page OF the controller, so that the problem OF visualization OF the network global operation condition is solved.
The SDN switch uses an OF (OpenFlow) switch to be responsible for fast forwarding of network traffic, forwarding decisions depend on a flow table, and the SDN controller uses an OpenFlow protocol to manage the switch flow table and monitor the state of equipment. The switch works under the control of a remote SDN controller, and the related device state and control instructions need to be communicated through a southbound interface of the SDN controller, so that centralized unified management is realized.
The flow of the access system is forwarded on a data plane according to a path defined by the flow table in the system under the guidance of a flow table item configured by the service function chain management component, and sequentially flows through the selected service function unit to filter the data flow; and finally forwarding the data out of the system after being processed by the deployed functions of the service function units. From the input and output ports of the system, the system does not modify the message content, thereby ensuring transparent data transmission.
It should be noted that, because the network device, NFV, and host operating system have very limited support for NSH, NSH needs to maintain state on all service devices of each service chain, which greatly reduces system efficiency; the NSH carries service chain path information, and the guidance of traffic between different service functional units also needs to be realized through other tunneling mechanisms (for example, VxLAN, GRE, and the like), which affects forwarding efficiency. Therefore, the forwarding path in the service function chain online updating system realizes the forwarding of the data flow based on the OpenFlow flow table form, and does not need to add a Network Service Header (NSH) to the message, so that the service function chain online updating system has the advantage of forwarding rate compared with the service function chain form realized by the NSH.
When the configuration and switching of the SFC are realized in the SDN scene, the system can diagnose the fault by inquiring the current flow table state information and the message statistical condition in the service function unit.
Example 5
The embodiment provides a service function chain online updating device, which includes a memory, a processor and a service function chain online updating program stored in the memory and executable on the processor, and when executed by the processor, the service function chain online updating program implements the steps of the service function chain online updating method in the above embodiment.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the above-described modules is only one logical functional division, and other divisions may be realized in practice, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated module may be stored in a computer-readable storage medium if it is implemented in the form of a software functional unit and sold or used as a separate product. Based on such understanding, all or part of the flow in the method of the embodiments described above may be implemented by a computer program, which may be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. The computer program includes computer program code, and the computer program code may be in a source code form, an object code form, an executable file or some intermediate form.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention and not to limit it; although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art will understand that: modifications to the specific embodiments of the invention or equivalent substitutions for parts of the technical features may be made; without departing from the spirit of the present invention, it is intended to cover all aspects of the invention as defined by the appended claims.
Claims (10)
1. A service function chain online updating method is characterized by comprising the following steps:
receiving a switching instruction carrying a new service function chain identification number, responding to the switching instruction, searching a current service function chain identification number, and judging whether the current service function chain identification number is an empty identification number;
if the current service function chain identification number is an empty identification number, judging whether a service function chain corresponding to the new service function chain identification number exists in a pre-configured available service function chain set or not; if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and setting the current service function chain identification number as the new service function chain identification number;
if the current service function chain identification number is not the empty identification number, judging whether the new service function chain identification number is consistent with the current service function chain identification number or not; if the current flow table data set is inconsistent with the current service function chain identification number, searching the current flow table data set bound with the current service function chain identification number, deleting the searched current flow table data set from the configuration file, and judging whether a service function chain corresponding to the new service function chain identification number exists in the pre-configured available service function chain set or not; and if the service function chain identification number exists, acquiring a new flow table data set bound with the new service function chain identification number, issuing the new flow table data set, and replacing the current service function chain identification number with the new service function chain identification number.
2. The method according to claim 1, wherein if there is no service function chain corresponding to the new service function chain identification number in the pre-configured set of available service function chains, generating a message for adding the new service function chain;
responding to the message of adding the new service function chain, and generating a new flow table data set;
generating a newly added service function chain identification number, and binding the newly added service function chain identification number with the newly added flow table data set;
and issuing the newly added flow table data set, and setting the current service function chain identification number as the newly added service function chain identification number.
3. The service function chain online update method according to claim 2, wherein before provisioning the set of available service function chains, performing:
determining whether a sub-path generation message is acquired;
responding to the sub-path generation message, generating a sub-service function chain ID, determining service function identifications associated with the sub-service function chain, and judging whether the number of the service function identifications associated with the sub-service function chain exceeds one;
if the number of the service function identifications associated with the sub-service function chain is one, generating a sub-flow table data set of the sub-service function chain, binding the sub-flow table data set and the corresponding sub-service function chain ID to be used as a first type of sub-service function chain, and storing the first type of sub-service function chain into a standby sub-flow table data set;
if the number OF the service function identifiers associated with the sub-service function chain exceeds one, determining that the service function units in the sub-service function chain are adjacent service function units, and determining whether the adjacent service function units are mounted on the same OF switch; if yes, calculating the total number of the sub-path flow table entries according to the total number of the service function units in the sub-service function chain; otherwise, the total number of the service function units in the sub-service function chain and the total number of the sub-path flow entries of the first dynamic value counter are calculated; the first dynamic value changes along with the number of the adjacent service function units and the deployment position;
and generating a sub-flow table data set OF the sub-service function chain according to the total number OF the sub-path flow table entries, the priority OF the service function unit, the flow table required by the flow input side and the flow table required by the output side OF the virtual machine where the service function unit is located, and the flow table required by the input side and the flow table required by the output side OF the OF switch which mounts the corresponding service function unit, binding the sub-flow table data set and the corresponding sub-service function chain ID together to be used as a second type OF sub-service function chain, and storing the second type OF sub-service function chain into a standby sub-flow table data set.
4. The method for on-line updating of service function chain according to claim 3, further performing, before generating the set of standby sub-flow table data:
generating an SF data structure corresponding to each service function unit, wherein the SF data structure is SF _ m { name, switch _ id, port _ switch, port _ SF, port _ left and port _ right }, m is more than or equal to 1 and less than or equal to n, and n represents the maximum service function number supported by the system;
wherein sf _ m represents a service function identifier, name represents a service function name, switch _ id represents an OF switch serial number OF a corresponding service function unit, port _ switch represents a traffic input side port id and an output side port id OF an SDN switch, port _ sf represents an input side port id and an output side port id OF an OF switch on which the service function unit is mounted, port _ left represents a traffic input side port id OF the service function unit, and port _ right represents a traffic output side port id OF the service function unit.
5. The service function chain online update method of claim 3, further comprising:
counting the use probability of each service function unit;
if the use probability of a certain service function unit exceeds a first scheduling threshold value and the standby sub-flow table data set does not have a sub-service function chain only containing the service function unit, the sub-flow table data set of the service function unit and the corresponding sub-service function chain ID are newly added, the newly added sub-flow table data set and the sub-service function chain ID are bound together to serve as a newly added first type of sub-service function chain, and the newly added first type of sub-service function chain is stored in the standby sub-flow table data set.
6. The service function chain online update method of claim 3, further comprising:
counting the combined probability of each service function unit and other service function units;
and if the combined probability of some service function units exceeds a second scheduling threshold value and the standby sub-flow table data set does not have a sub-service function chain only comprising the service function units, adding the sub-flow table data set of the service function units and the corresponding sub-service function chain ID, binding the newly added sub-flow table data set and the sub-service function chain ID to serve as a newly added second type of sub-service function chain, and storing the newly added second type of sub-service function chain in the standby sub-flow table data set.
7. The method for on-line updating of service function chains according to claim 3, wherein when pre-configuring the set of available service function chains, performing:
calling a sub-flow table data set corresponding to the first type of sub-service function chain and/or the second type of sub-service function chain from the standby sub-flow table data set to form a flow table data set;
generating a series of service function chain identification numbers, and binding each service function chain identification number with a corresponding flow table data set to serve as an available service function chain;
based on the generated available service function chains, a set of available service function chains is generated.
8. The service function chain online updating method according to claim 4, wherein when generating the new flow table data set, performing:
determining a service function identifier associated with a new service function chain, and judging whether a first type of reusable sub-service function chain or a second type of reusable sub-service function chain exists in the standby sub-flow table data set according to the service function identifier;
if the reusable first type of sub-service function chain or the second type of sub-service function chain exists, calling a sub-flow table data set corresponding to the reusable first type of sub-service function chain or the second type of sub-service function chain, and generating a sub-flow table data set of the rest part;
if the first type of reusable sub-service function chain or the second type of reusable sub-service function chain does not exist, executing the following steps:
judging whether an adjacent service function unit exists in the new service function chain or not according to the arrangement sequence of the service function identification associated with the new service function chain;
if the adjacent service function units do not exist, calculating the total number of the newly added flow entries according to the total number of the service function units;
if the adjacent service function units exist, judging whether the adjacent service function units are not mounted on the same OF switch, if so, calculating the total number OF newly added flow table items according to the total number OF the service function units; otherwise, calculating the total number of the new flow-adding table entries according to the total number of the service function units and the second dynamic value; the second dynamic value changes along with the number of the adjacent service function units and the deployment position;
generating a newly added flow table data set according to the total number of the newly added flow table items, the priority of the service function unit and an SF data structure corresponding to the service function unit;
and generating a newly added flow table data set based on the multiplexed sub flow table data set and the regenerated sub flow table data set.
9. A service function chain online updating system is characterized in that: the system comprises a service function chain management assembly, an SDN controller, an SDN switch, an OF switch and service function units, wherein each service function unit is deployed in a virtual machine, and the virtual machines with the service function units are mounted on different OF switches in a distributed mode;
the service function chain management component, communicatively interconnected with a northbound interface of the SDN controller, configured to perform the steps of the service function chain online update method of any of claims 1 to 8, obtain a new flow table data set, and transmit the new flow table data set to the SDN controller;
the SDN controller is respectively in communication interconnection with the SDN switch and each OF switch and is used for analyzing a new flow table data set, acquiring sub-flow table data and issuing the sub-flow table data to the corresponding switch;
and the SDN switch is respectively communicated and interconnected with each OF switch and used for guiding the forwarding OF data flow based on the new service function chain and updating the service function chain on line.
10. A service function chain online update device comprising a memory, a processor and a service function chain online update program stored on the memory and executable on the processor, the service function chain online update program when executed by the processor implementing the steps of the service function chain online update method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110602599.6A CN113395334B (en) | 2021-05-31 | 2021-05-31 | Service function chain online updating method, system and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110602599.6A CN113395334B (en) | 2021-05-31 | 2021-05-31 | Service function chain online updating method, system and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113395334A true CN113395334A (en) | 2021-09-14 |
| CN113395334B CN113395334B (en) | 2022-12-13 |
Family
ID=77619564
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110602599.6A Active CN113395334B (en) | 2021-05-31 | 2021-05-31 | Service function chain online updating method, system and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113395334B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115550214A (en) * | 2022-08-17 | 2022-12-30 | 青岛海尔科技有限公司 | Task monitoring method and device, storage medium and electronic device |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170250903A1 (en) * | 2014-09-23 | 2017-08-31 | Nokia Solutions And Networks Oy | Control of communication using service function chaining |
| CN107276798A (en) * | 2017-06-12 | 2017-10-20 | 郑州云海信息技术有限公司 | A kind of implementation method and device for virtualizing network service function chain |
| CN107666412A (en) * | 2017-11-20 | 2018-02-06 | 电子科技大学 | The virtual network function dispositions method of service function chain |
| CN108429685A (en) * | 2018-04-28 | 2018-08-21 | 电子科技大学 | A kind of service function chain method for searching based on Segment routing technology |
| CN109565465A (en) * | 2016-08-05 | 2019-04-02 | 华为技术有限公司 | Business forwarding in virtual network based on service |
| CN109842528A (en) * | 2019-03-19 | 2019-06-04 | 西安交通大学 | A kind of dispositions method of the service function chain based on SDN and NFV |
| CN110213369A (en) * | 2019-06-03 | 2019-09-06 | 电子科技大学 | A kind of service function chain autopatch system and its method of combination |
| CN110545228A (en) * | 2019-07-26 | 2019-12-06 | 北京邮电大学 | service function chain request processing method and system |
| CN111654386A (en) * | 2020-01-15 | 2020-09-11 | 许继集团有限公司 | Method and system for establishing service function chain |
| CN112083933A (en) * | 2020-08-27 | 2020-12-15 | 重庆大学 | Service function chain deployment method based on reinforcement learning |
-
2021
- 2021-05-31 CN CN202110602599.6A patent/CN113395334B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170250903A1 (en) * | 2014-09-23 | 2017-08-31 | Nokia Solutions And Networks Oy | Control of communication using service function chaining |
| CN109565465A (en) * | 2016-08-05 | 2019-04-02 | 华为技术有限公司 | Business forwarding in virtual network based on service |
| CN107276798A (en) * | 2017-06-12 | 2017-10-20 | 郑州云海信息技术有限公司 | A kind of implementation method and device for virtualizing network service function chain |
| CN107666412A (en) * | 2017-11-20 | 2018-02-06 | 电子科技大学 | The virtual network function dispositions method of service function chain |
| CN108429685A (en) * | 2018-04-28 | 2018-08-21 | 电子科技大学 | A kind of service function chain method for searching based on Segment routing technology |
| CN109842528A (en) * | 2019-03-19 | 2019-06-04 | 西安交通大学 | A kind of dispositions method of the service function chain based on SDN and NFV |
| CN110213369A (en) * | 2019-06-03 | 2019-09-06 | 电子科技大学 | A kind of service function chain autopatch system and its method of combination |
| CN110545228A (en) * | 2019-07-26 | 2019-12-06 | 北京邮电大学 | service function chain request processing method and system |
| CN111654386A (en) * | 2020-01-15 | 2020-09-11 | 许继集团有限公司 | Method and system for establishing service function chain |
| CN112083933A (en) * | 2020-08-27 | 2020-12-15 | 重庆大学 | Service function chain deployment method based on reinforcement learning |
Non-Patent Citations (2)
| Title |
|---|
| RAFAEL ANTON EICHELBERGER;TIAGO FERRETO;SEBASTIEN TANDEL;PEDR: "SFC Path Tracer: A troubleshooting tool for Service Function Chaining", 《 2017 IFIP/IEEE SYMPOSIUM ON INTEGRATED NETWORK AND SERVICE MANAGEMENT (IM)》 * |
| 刘艺: "面向SDN网络的安全服务链映射与调整方法研究", 《中国优秀博士学位论文全文数据库》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115550214A (en) * | 2022-08-17 | 2022-12-30 | 青岛海尔科技有限公司 | Task monitoring method and device, storage medium and electronic device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113395334B (en) | 2022-12-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9667492B2 (en) | Methods and apparatus for selecting a master virtual processor within a switch fabric element | |
| US9876685B2 (en) | Hybrid control/data plane for packet brokering orchestration | |
| US20190044888A1 (en) | Methods and apparatus for providing services in a distributed switch | |
| US20150350023A1 (en) | Data center network architecture | |
| US7330467B2 (en) | System and method for centralized, intelligent proxy driver for a switch fabric | |
| EP2774329B1 (en) | Data center network architecture | |
| US8462636B2 (en) | Systems and methods for communication of management traffic over link aggregation group interface for a network element with distributed architecture | |
| US20130242804A1 (en) | Path calculation method | |
| CN103763367A (en) | Method and system for designing distributed virtual network in cloud calculating data center | |
| US9008080B1 (en) | Systems and methods for controlling switches to monitor network traffic | |
| CN104702522A (en) | Performance-based routing in software-defined network (sdn) | |
| CN109743259B (en) | Network traffic scheduling method and device | |
| US9049148B1 (en) | Dynamic forwarding plane reconfiguration in a network device | |
| CN112166579B (en) | Multi-server architecture cluster providing virtualized network functionality | |
| CN111147372B (en) | Downlink message sending and forwarding method and device | |
| US20140036726A1 (en) | Network, data forwarding node, communication method, and program | |
| CN108965134B (en) | Message forwarding method and device | |
| Eissa et al. | Software defined networking | |
| CN108989204B (en) | Link state determination method and device | |
| CN113395334B (en) | Service function chain online updating method, system and equipment | |
| US20160277251A1 (en) | Communication system, virtual network management apparatus, communication node, communication method, and program | |
| CN112865999B (en) | Information processing method and related equipment | |
| CN113965470A (en) | Aviation information network experiment simulation system | |
| CN113316769B (en) | Method for event priority in network function virtualization based on rule feedback | |
| Λάζαρης | Design and implementation of an analytics application in software defined networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |