CN113709892B - Pseudo-two-layer transmission method and system based on SD-WAN network - Google Patents

Pseudo-two-layer transmission method and system based on SD-WAN network Download PDF

Info

Publication number
CN113709892B
CN113709892B CN202111060315.1A CN202111060315A CN113709892B CN 113709892 B CN113709892 B CN 113709892B CN 202111060315 A CN202111060315 A CN 202111060315A CN 113709892 B CN113709892 B CN 113709892B
Authority
CN
China
Prior art keywords
data
transmission
sub
receiving end
pseudo
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111060315.1A
Other languages
Chinese (zh)
Other versions
CN113709892A (en
Inventor
杨海滨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Hulianxianfeng Technology Co ltd
Original Assignee
Shenzhen Hulianxianfeng Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Hulianxianfeng Technology Co ltd filed Critical Shenzhen Hulianxianfeng Technology Co ltd
Priority to CN202111060315.1A priority Critical patent/CN113709892B/en
Publication of CN113709892A publication Critical patent/CN113709892A/en
Application granted granted Critical
Publication of CN113709892B publication Critical patent/CN113709892B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/50Allocation or scheduling criteria for wireless resources
    • H04W72/56Allocation or scheduling criteria for wireless resources based on priority criteria
    • H04W72/566Allocation or scheduling criteria for wireless resources based on priority criteria of the information or information source or recipient
    • H04W72/569Allocation or scheduling criteria for wireless resources based on priority criteria of the information or information source or recipient of the traffic information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity

Abstract

The invention provides a pseudo-two-layer transmission method and system based on an SD-WAN (secure digital-wide area network), which are characterized in that transmission data of a transmitting end in the SD-WAN are collected, a pseudo-two-layer transmission line between a receiving end and an output end is constructed based on the transmission data, the transmission data of the transmitting end is sent to the receiving end based on the pseudo-two-layer transmission channel and combined with VLAN transparent transmission, and different services are isolated in flow through the combination of the SD-WAN and the VLAN transparent transmission, so that higher safety requirements are achieved.

Description

Pseudo-two-layer transmission method and system based on SD-WAN network
Technical Field
The invention relates to the field of data transmission, in particular to a pseudo-two-layer transmission method and system based on an SD-WAN network.
Background
With the continuous development of software-defined network (SoftwareDefinedNetwork, SDN) technology, the application scene is gradually changed from data centers and the like to wide area networks, more and more network providers begin to research how to apply SDN technology to wide area networks, the software-defined wide area networks (SoftwareDefinedWideAreaNetwork, SD-WAN) become research hotspots, the existing networking can only be realized through a three-layer routing mode, and the aimed transmission traffic is single, so that traffic isolation among different applications cannot be realized.
And two layers of transmission are adopted in an SD-WAN mode, VLAN transparent transmission is supported, and traffic among different services is isolated, so that higher safety requirements are achieved.
Disclosure of Invention
The invention provides a pseudo-two-layer transmission method based on an SD-WAN network, which comprises the following steps:
step 1, collecting transmission data of a transmitting end in an SD-WAN network;
Step 2, based on the transmission data, a pseudo-two-layer transmission line between the receiving end and the output end is constructed;
And step 3, transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two-layer transmission line and combining VLAN transparent transmission.
Preferably, the transmitting data includes: the system comprises a TCP message and a data body, wherein the TCP message comprises an address of a sending end, an address of a receiving end and a priority of the data body.
Preferably, step 1, collecting transmission data of a transmitting end in an SD-WAN network includes:
when the sending end transmits data, a connection request is sent to the SD-WAN network, after the SD-WAN network receives the connection request, a receipt message is sent to the sending end, if the sending end receives the receipt message, the sending end indicates that the transmission paths of the sending end and the SD-WAN network are normal, the data is transmitted to the SD-WAN network, and if the receipt message is not received within a time threshold of the sending end, transmission fault alarm is carried out.
Preferably, step 2, based on the transmission data, a pseudo-two-layer transmission line between the receiving end and the output end is constructed; comprising the following steps:
Determining a transmitting end and a receiving end which need to carry out data transmission in an SD-WAN network;
Respectively acquiring the transmission domain authority of each WAN port of a transmitting end and the transmission domain authority of each WAN port of a receiving end;
judging whether the transmitting end and the receiving end have the same transmission domain authority;
if so, a pseudo-two-layer transmission line is established between WAN ports with the same transmission domain authority in the sending end and the receiving end.
Preferably, the pseudo-two-layer transmission method supports a VLAN transmission function, and the transmitting end carries out VLAN marking on the transmission data when transmitting the transmission data.
Preferably, step 2, based on the transmission data, constructs a pseudo-two-layer transmission channel between the receiving end and the output end, including;
The method comprises the steps of obtaining an address of a sending end and an address of a receiving end based on transmission data, and respectively obtaining a transmission grade of the sending end and a transmission grade of the receiving end based on the address of the sending end and the address of the receiving end;
Determining a service type between a sending end and a receiving end based on the transmission grade of the sending end and the transmission grade of the receiving end, and obtaining a service priority of the service type between the sending end and the receiving end based on a preset corresponding table;
Analyzing the priority of the data body to obtain the sending bandwidth and the demand bandwidth of the data body, and evaluating the transmission data based on the sending bandwidth and the demand bandwidth of the data body and the service priority to obtain the importance score of the transmission data;
the sub-channel can be used based on the importance scoring mark of the transmission data, a plurality of sub-transmission lines can be obtained based on the sub-channel, saturation detection is carried out on each sub-channel, sub-channel saturation corresponding to each sub-channel is obtained, sub-line saturation corresponding to each sub-transmission line is obtained, and the sub-transmission line with the minimum sub-line saturation is set as the optimal quasi-two-layer transmission line, so that the transmission data is transmitted.
Preferably, the sub transmission line with the minimum saturation of the sub line is set as the best-fit two-layer transmission line, and the process of transmitting the transmission data further comprises:
judging whether a sending end and a receiving end in the most preferable two-layer transmission line belong to the same local area network or not:
if the sending end and the receiving end do not belong to the same local area network, detecting a public network between the sending end and the receiving end to obtain a public network quality score, and if the public network quality score meets a preset quality score threshold, using the public network to transmit data;
if the public network quality score does not meet the preset quality score threshold, accessing a 5G network for data transmission.
Preferably, step 3, based on the pseudo-two-layer transmission channel and combined with VLAN transparent transmission, is a process of transmitting transmission data from a transmitting end to a receiving end, and further includes:
Classifying the transmission data based on the importance scores of the transmission data, marking the transmission data as important data if the importance scores of the transmission data are larger than a preset value, and marking the transmission data as common data if the importance scores of the transmission data are not larger than the preset value;
performing length detection on important data to obtain the data length of the important data, performing fixed block division on the important data if the data length is larger than a preset value to obtain a plurality of sub-data blocks and positions corresponding to each sub-data block, detecting each sub-data block based on a preset sliding window to obtain a sub-characteristic value corresponding to the sub-data block, and judging whether the sub-data block is a high-frequency data block based on the sub-characteristic value;
If the sub data block is a high frequency data block, repeatedly detecting a sub characteristic value corresponding to the sub data block in a preset buffer area to obtain a repeated value corresponding to the sub data block, if the repeated value corresponding to the sub data block is larger than the preset repeated value, indicating that the sub data block is a repeated data block, obtaining an index of the repeated data block in the preset buffer area, and replacing the corresponding sub data block based on the index to transmit;
if the repeated value corresponding to the sub data block is not greater than the preset repeated value, circularly calculating the mapping value of each sub byte in the sub data block based on a preset mapping function, obtaining a sub mapping set corresponding to the sub data segment, determining the sub arrangement sequence of the sub data segment based on the sub mapping set, marking the sub data segment based on the sub arrangement sequence, obtaining the cache sequence of the sub data segment, compressing the sub data segment based on the sub arrangement sequence, and caching the compressed sub data segment in a cache region;
And if the sub data block is not the high frequency data block, transmitting the corresponding sub data block.
Preferably, step 3, based on the pseudo-two-layer transmission channel and combined with VLAN transparent transmission, further includes:
Performing end point detection on the address of the transmitting end and the address of the receiving end to obtain a plurality of sub-connection information, obtaining a plurality of sub-optimal two-layer transmission line paths, constructing a plurality of sub-virtual network cards based on the sub-connection information, and correspondingly binding the sub-virtual network cards with the sub-optimal two-layer transmission line paths based on the sub-connection information;
The sub-virtual network card processes transmission data transmitted in a corresponding sub-optimal two-layer transmission line, and comprises the following steps:
carrying out message identification on the transmission data, determining a receiving end of the transmission data, carrying out consistency detection on the receiving end of the sub-optimal two-layer transmission line and the receiving end of the transmission data, and if the receiving ends are inconsistent, forwarding the transmission data;
If the transmission data are consistent, carrying out unpacking treatment on the transmission data according to a preset data processing strategy, so as to obtain unpacked transmission data, and extracting the unpacked transmission data to obtain inner layer data in the transmission data;
Based on the sub-virtual network card and a preset key corresponding table, a sub-key corresponding to the sub-virtual network card is obtained, a fixed-length check code is generated based on the sub-key, the inner layer data and the check code are combined to obtain combined data, a plurality of sub-vectors are generated based on the check code, the plurality of sub-vectors are converted into a matrix based on a preset algorithm to obtain a target matrix, the combined data is decrypted based on the target matrix to obtain decrypted inner layer data, the decrypted inner layer data is marked with a traffic stamp based on the sub-virtual network card to obtain sub-marked data, and the sub-marked data is transmitted to a receiving end.
The invention provides a pseudo-two-layer transmission system based on an SD-WAN network, which comprises the following steps:
the acquisition module acquires transmission data of a transmitting end in the SD-WAN network;
the processing module is used for constructing a pseudo-two-layer transmission channel between the receiving end and the output end based on the transmission data;
And the transmission module is used for transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two-layer transmission channel and combining VLAN transparent transmission.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
The technical scheme of the invention is further described in detail through the drawings and the embodiments.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
fig. 1 is a flowchart of a method for retransmitting multilink data according to an embodiment of the present invention;
Fig. 2 is a flowchart of another method for retransmitting multi-link data according to an embodiment of the present invention;
fig. 3 is a block diagram of a multi-link data retransmission system according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.
Example 1
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), which is shown in figure 1 and comprises the following steps:
step 1, collecting transmission data of a transmitting end in an SD-WAN network;
Step 2, based on the transmission data, a pseudo-two-layer transmission line between the receiving end and the output end is constructed;
And step 3, transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two-layer transmission line and combining VLAN transparent transmission.
In this embodiment, the transmitting end is a terminal in the SD-WAN network, and is configured to transmit transmission data.
In this embodiment, the transmission channel is a transmission channel for transmitting data, and different transmission channels are selected to transmit the transmission data according to the importance scores of the transmission data.
The beneficial effect of above-mentioned scheme is: and the SD-WAN mode adopts two layers of transmission and combines VLAN transparent transmission to isolate the flow among different services, thereby achieving higher security requirements.
Example 2
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), which is characterized in that the transmission data comprises the following steps: the system comprises a TCP message and a data body, wherein the TCP message comprises an address of a sending end, an address of a receiving end and a priority of the data body.
Example 3
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), as shown in fig. 1, step 1, collecting transmission data of a transmitting end in the SD-WAN, comprising the following steps:
when the sending end transmits data, a connection request is sent to the SD-WAN network, after the SD-WAN network receives the connection request, a receipt message is sent to the sending end, if the sending end receives the receipt message, the sending end indicates that the transmission paths of the sending end and the SD-WAN network are normal, the data is transmitted to the SD-WAN network, and if the receipt message is not received within a time threshold of the sending end, transmission fault alarm is carried out.
The beneficial effect of above-mentioned scheme is: when data is transmitted, a connection request is sent to the SD-WAN network, whether the transmission path is normal or not is judged, and an alarm is given when the transmission path fails, so that the connectivity of the transmission path is ensured, and the higher transmission requirement is achieved.
Example 4
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), as shown in fig. 2, step 2, based on transmission data, a pseudo-two-layer transmission line between a receiving end and an output end is constructed; comprising the following steps:
Step 2.1, determining a transmitting end and a receiving end which need to carry out data transmission in an SD-WAN network;
Respectively acquiring the transmission domain authority of each WAN port of a transmitting end and the transmission domain authority of each WAN port of a receiving end;
Step 2.2, judging whether the transmitting end and the receiving end have the same transmission domain authority;
if so, a pseudo-two-layer transmission line is established between WAN ports with the same transmission domain authority in the sending end and the receiving end.
In this embodiment, the WAN port is a data transmission port of each transmitting end and each receiving end, each data transmission port has a corresponding authority, and if the transmitting end and the receiving end have the same transmission domain authority, a transmission channel is established between the WAN ports having the same transmission domain information in the transmitting end and the receiving end.
The beneficial effect of above-mentioned scheme is: and if the sending end and the receiving end have the same transmission domain authority, a transmission channel is established between WAN ports with the same transmission domain information in the sending end and the receiving end, so that different services are isolated in flow, and higher safety requirements are achieved.
Example 5
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), which supports VLAN (virtual local area network) transmission function, and a transmitting end carries out VLAN marking on transmission data when transmitting the transmission data.
Example 6
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), as shown in figure 1, step 2, based on transmission data, constructing a pseudo-two-layer transmission channel between a receiving end and an output end, comprising the following steps of;
The method comprises the steps of obtaining an address of a sending end and an address of a receiving end based on transmission data, and respectively obtaining a transmission grade of the sending end and a transmission grade of the receiving end based on the address of the sending end and the address of the receiving end;
Determining a service type between a sending end and a receiving end based on the transmission grade of the sending end and the transmission grade of the receiving end, and obtaining a service priority of the service type between the sending end and the receiving end based on a preset corresponding table;
Analyzing the priority of the data body to obtain the sending bandwidth and the demand bandwidth of the data body, and evaluating the transmission data based on the sending bandwidth and the demand bandwidth of the data body and the service priority to obtain the importance score of the transmission data;
the sub-channel can be used based on the importance scoring mark of the transmission data, a plurality of sub-transmission lines can be obtained based on the sub-channel, saturation detection is carried out on each sub-channel, sub-channel saturation corresponding to each sub-channel is obtained, sub-line saturation corresponding to each sub-transmission line is obtained, and the sub-transmission line with the minimum sub-line saturation is set as the optimal quasi-two-layer transmission line, so that the transmission data is transmitted.
In this embodiment, the transmission level is the level of the transmitting end and the receiving end of the transmission data in the SD-WAN network, for example, the transmitting end is a department manager, the receiving end is a total manager, the level of the transmitting end is 3, the level of the receiving end is 4, the service type is a department report, and the service priority is 3.5.
In this embodiment, the transmission bandwidth is the rate at which the transmitting end transmits data, and when the priority is higher, the required transmission bandwidth is larger.
In this embodiment, the required bandwidth is the rate at which the receiving end receives data, and the higher the priority, the greater the required bandwidth.
In this embodiment, the importance score is a comprehensive score of the transmission data according to the transmission bandwidth and the required bandwidth of the data body and the service priority, which indicates the importance of the transmission data.
In this embodiment, the saturation of the sub-channels is the saturation of the data in each sub-channel, and the larger the saturation, the more data is transmitted in the sub-channel, and the slower the transmission speed.
The beneficial effect of above-mentioned scheme is: based on the address of the transmitting end and the address of the receiving end, the service type between the transmitting end and the receiving end is determined, the priority of the data body is analyzed, the importance score of the transmission data is obtained, the usable sub-channels are marked according to the importance score, and the sub-channels with the minimum saturation are selected for transmission in the usable sub-channels, so that the traffic among different services is isolated, the higher safety requirement is achieved, and the data transmission efficiency is improved.
Example 7
The embodiment of the invention provides a quasi-two-layer transmission method based on an SD-WAN network, which sets a sub-transmission line with minimum saturation of a sub-line as an optimal quasi-two-layer transmission line, and further comprises the following steps:
judging whether a sending end and a receiving end in the most preferable two-layer transmission line belong to the same local area network or not:
if the sending end and the receiving end do not belong to the same local area network, detecting a public network between the sending end and the receiving end to obtain a public network quality score, and if the public network quality score meets a preset quality score threshold, using the public network to transmit data;
if the public network quality score does not meet the preset quality score threshold, accessing a 5G network for data transmission.
In this embodiment, the public network quality is divided into connectivity of a connection network between the sending end and the receiving end, and if the network connectivity does not meet the quality threshold, the connection network is accessed to the 5G network for data transmission.
The beneficial effect of above-mentioned scheme is: judging whether the sending end and the receiving end are in the same local area network, if not, detecting a public network between the sending end and the receiving end, if the quality of the public network meets a preset quality threshold, using the public network to transmit data, and if the quality of the public network does not meet the preset quality threshold, accessing a 5G network to transmit data, thereby improving the transmission efficiency of the data transmission.
Example 8
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), which is shown in fig. 1, and is characterized in that step 3, in the process of transmitting transmission data of a transmitting end to a receiving end based on the pseudo-two-layer transmission channel and combined with VLAN (virtual local area network) transparent transmission, the method further comprises the following steps:
Classifying the transmission data based on the importance scores of the transmission data, marking the transmission data as important data if the importance scores of the transmission data are larger than a preset value, and marking the transmission data as common data if the importance scores of the transmission data are not larger than the preset value;
performing length detection on important data to obtain the data length of the important data, performing fixed block division on the important data if the data length is larger than a preset value to obtain a plurality of sub-data blocks and positions corresponding to each sub-data block, detecting each sub-data block based on a preset sliding window to obtain a sub-characteristic value corresponding to the sub-data block, and judging whether the sub-data block is a high-frequency data block based on the sub-characteristic value;
If the sub data block is a high frequency data block, repeatedly detecting a sub characteristic value corresponding to the sub data block in a preset buffer area to obtain a repeated value corresponding to the sub data block, if the repeated value corresponding to the sub data block is larger than the preset repeated value, indicating that the sub data block is a repeated data block, obtaining an index of the repeated data block in the preset buffer area, and replacing the corresponding sub data block based on the index to transmit;
if the repeated value corresponding to the sub data block is not greater than the preset repeated value, circularly calculating the mapping value of each sub byte in the sub data block based on a preset mapping function, obtaining a sub mapping set corresponding to the sub data segment, determining the sub arrangement sequence of the sub data segment based on the sub mapping set, marking the sub data segment based on the sub arrangement sequence, obtaining the cache sequence of the sub data segment, compressing the sub data segment based on the sub arrangement sequence, and caching the compressed sub data segment in a cache region;
And if the sub data block is not the high frequency data block, transmitting the corresponding sub data block.
In this embodiment, the fixed block processing is to segment the important data to obtain a plurality of segments of data, and position-marking is performed on each segment of data, so as to obtain the position corresponding to the sub-data block.
In this embodiment, the preset sliding window is a window with a length of 4kb, and the sub-data block is intercepted based on the preset sliding window, so that the sub-data block is divided into a plurality of data with a length of 4kb, and MD5 characteristic value detection is performed to obtain an MD5 characteristic value.
In this embodiment, the high-frequency data block is a sub-data block with a sub-MD 5 characteristic value greater than a preset value.
In this embodiment, the repeatability detection is to find whether there is a high-frequency data block in the buffer area, if there is a high-frequency data block in the buffer area, send the index value instead of the sub-data block, and if there is no high-frequency data block in the buffer area, buffer the high-frequency data block.
The beneficial effect of above-mentioned scheme is: the transmission data is classified based on the importance scores of the transmission data, the classification results are used for detecting, whether the buffer area has sub-data blocks or not is judged, if yes, index values of corresponding repeated data blocks in the buffer area replace the sub-data blocks to be transmitted, the transmission efficiency is improved, and the transmission workload is reduced.
Example 9
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN network, which comprises the following steps of calculating the transmission bandwidth of transmission data according to the following formula:
wherein D q is a transmission bandwidth of the transmission data, N P is a number of packets in the transmission data, N e is a number of missing bytes in the transmission data, N b is a total number of bytes of the transmission data, N t is a number of bytes of a transmission data TCP packet, t q is a transmission data reception completion time, and t q is a transmission data reception start time;
by the formula The transmission bandwidth of the transmission data can be obtained, for example, when N t=2bt,NP=1,Ne=1bt,Nb=10bt,tq=16s,tm =15.5 s, D q =0.48 Mbps, and the importance score of the transmission data is calculated according to the following formula:
Wherein h is the importance score of the transmission data, D x is the receiving bandwidth of the transmission data, s is the number of effective receiving ends, m is the number of all the transmission receiving ends capable of receiving the transmission data, i is the service priority level of the data information, and s < m.
By the formulaThe importance scores of the transmission data can be obtained, for example, D q=0.48Mbps,Dx =0.48 mbps, s=2, m=4, i=2, h=0.25, and the corresponding transmission channel is selected for data transmission based on the importance scores of the transmission data.
The beneficial effect of above-mentioned scheme is: the transmission bandwidth of the transmission data is obtained through calculation, the importance scores corresponding to the transmission data are obtained through calculation based on the transmission bandwidth, and the corresponding channels are selected to carry out data transmission according to the importance scores of the transmission data, so that the transmission method can carry out differentiated flow transmission control on the businesses with different priorities, and the dynamic bandwidth adaptation according to the business flow in the exchange layer is realized.
Example 10
The embodiment of the invention provides a pseudo-two-layer transmission method based on an SD-WAN (secure digital-wide area network), as shown in fig. 1, step 3, a process of transmitting transmission data of a transmitting end to a receiving end based on the pseudo-two-layer transmission channel and combining VLAN transparent transmission, further comprises:
Performing end point detection on the address of the transmitting end and the address of the receiving end to obtain a plurality of sub-connection information, obtaining a plurality of sub-optimal two-layer transmission line paths, constructing a plurality of sub-virtual network cards based on the sub-connection information, and correspondingly binding the sub-virtual network cards with the sub-optimal two-layer transmission line paths based on the sub-connection information;
The sub-virtual network card processes transmission data transmitted in a corresponding sub-optimal two-layer transmission line, and comprises the following steps:
carrying out message identification on the transmission data, determining a receiving end of the transmission data, carrying out consistency detection on the receiving end of the sub-optimal two-layer transmission line and the receiving end of the transmission data, and if the receiving ends are inconsistent, forwarding the transmission data;
If the transmission data are consistent, carrying out unpacking treatment on the transmission data according to a preset data processing strategy, so as to obtain unpacked transmission data, and extracting the unpacked transmission data to obtain inner layer data in the transmission data;
Based on the sub-virtual network card and a preset key corresponding table, a sub-key corresponding to the sub-virtual network card is obtained, a fixed-length check code is generated based on the sub-key, the inner layer data and the check code are combined to obtain combined data, a plurality of sub-vectors are generated based on the check code, the plurality of sub-vectors are converted into a matrix based on a preset algorithm to obtain a target matrix, the combined data is decrypted based on the target matrix to obtain decrypted inner layer data, the decrypted inner layer data is marked with a traffic stamp based on the sub-virtual network card to obtain sub-marked data, and the sub-marked data is transmitted to a receiving end.
In this embodiment, the sub virtual network card is a data filtering port, and is configured to transmit transmission data in which a receiving end of the transmission line is consistent with a receiving end of the transmission data, and forward inconsistent transmission data.
In this embodiment, the preset data processing policy is an osi data decapsulation algorithm.
In this embodiment, the inner layer data is a data body composed of an outer layer package and inner layer data, and the inner layer data is a carrier of actual data.
In this embodiment, the check code is a check code obtained by performing cassen conversion on the subkey and expanding the subkey into a section of data code.
In this embodiment, the sub-vector is a vector obtained by vector-converting each byte in the check code by a select function.
In this embodiment, the preset algorithm is matlab algorithm, and all the sub-vectors are converted into a matrix to obtain the target matrix.
In this embodiment, the decapsulation processing is to decapsulate the outer layer information of the transmission data based on a preset data processing policy, so as to obtain the inner layer data.
In this embodiment, the subkey is a key corresponding to the subvirtual network card in a preset key correspondence table, and the subkey decrypts the inner layer data, marks the decrypted inner layer data, and further transmits the inner layer data.
The beneficial effect of above-mentioned scheme is: a plurality of sub virtual network cards are constructed based on the sub connection information, the transmission data is processed based on the sub virtual network cards, the transmission data is decrypted and the pass-through stamp is marked, the correct transmission of the data transmission is ensured, and the traffic among different services is isolated, so that the higher safety requirement is achieved.
Example 11
The embodiment of the invention provides a pseudo-two-layer transmission system based on an SD-WAN (secure digital-wide area network), which is shown in fig. 3 and comprises the following steps:
the acquisition module acquires transmission data of a transmitting end in the SD-WAN network;
the processing module is used for constructing a pseudo-two-layer transmission channel between the receiving end and the output end based on the transmission data;
the transmission module is used for transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two-layer transmission channel and combining VLAN transparent transmission
The beneficial effects of the above scheme have been described in example 1.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (9)

1. A pseudo-two layer transmission method based on an SD-WAN network, comprising:
step 1, collecting transmission data of a transmitting end in an SD-WAN network;
Step 2, based on the transmission data, a pseudo-two-layer transmission line between a receiving end and a transmitting end is constructed;
Step 3, based on the pseudo-two-layer transmission line and combining VLAN transparent transmission, transmitting the transmission data of the transmitting end to the receiving end;
Step 2, based on the transmission data, a pseudo-two-layer transmission line between a receiving end and a transmitting end is constructed, comprising:
Determining a transmitting end and a receiving end which need to carry out data transmission in an SD-WAN network;
Respectively acquiring the transmission domain authority of each WAN port of a transmitting end and the transmission domain authority of each WAN port of a receiving end;
judging whether the transmitting end and the receiving end have the same transmission domain authority;
if so, a pseudo-two-layer transmission line is established between WAN ports with the same transmission domain authority in the sending end and the receiving end.
2. The method for pseudo-two layer transmission based on SD-WAN network of claim 1, wherein said transmitting data comprises: the system comprises a TCP message and a data body, wherein the TCP message comprises an address of a sending end, an address of a receiving end and a priority of the data body.
3. The method for pseudo-two layer transmission based on SD-WAN network as claimed in claim 1, wherein step 1, collecting transmission data of a transmitting end in SD-WAN network, comprises:
when the sending end transmits data, a connection request is sent to the SD-WAN network, after the SD-WAN network receives the connection request, a receipt message is sent to the sending end, if the sending end receives the receipt message, the sending end indicates that the transmission paths of the sending end and the SD-WAN network are normal, the data is transmitted to the SD-WAN network, and if the receipt message is not received within a time threshold of the sending end, transmission fault alarm is carried out.
4. The pseudo-two layer transmission method based on the SD-WAN network according to claim 1, wherein the pseudo-two layer transmission method supports VLAN transmission function, and the transmitting end performs VLAN marking on the transmission data when transmitting the transmission data.
5. The method for pseudo-two layer transmission based on SD-WAN network according to claim 1, wherein step 2, based on the transmission data, constructs a pseudo-two layer transmission line between the receiving end and the transmitting end, comprising:
The method comprises the steps of obtaining an address of a sending end and an address of a receiving end based on transmission data, and respectively obtaining a transmission grade of the sending end and a transmission grade of the receiving end based on the address of the sending end and the address of the receiving end;
Determining a service type between a sending end and a receiving end based on the transmission grade of the sending end and the transmission grade of the receiving end, and obtaining a service priority of the service type between the sending end and the receiving end based on a preset corresponding table;
Analyzing the priority of the data body to obtain the sending bandwidth and the demand bandwidth of the data body, and evaluating the transmission data based on the sending bandwidth and the demand bandwidth of the data body and the service priority to obtain the importance score of the transmission data;
the sub-channel can be used based on the importance scoring mark of the transmission data, a plurality of sub-transmission lines can be obtained based on the sub-channel, saturation detection is carried out on each sub-channel, sub-channel saturation corresponding to each sub-channel is obtained, sub-line saturation corresponding to each sub-transmission line is obtained, and the sub-transmission line with the minimum sub-line saturation is set as the optimal quasi-two-layer transmission line, so that the transmission data is transmitted.
6. The method for pseudo-two layer transmission based on SD-WAN network according to claim 5, wherein the sub-transmission line with minimum saturation of sub-lines is set as the most preferable two layer transmission line, and further comprising, in the process of transmitting the transmission data:
judging whether a sending end and a receiving end in the most preferable two-layer transmission line belong to the same local area network or not:
if the sending end and the receiving end do not belong to the same local area network, detecting a public network between the sending end and the receiving end to obtain a public network quality score, and if the public network quality score meets a preset quality score threshold, using the public network to transmit data;
if the public network quality score does not meet the preset quality score threshold, accessing a 5G network for data transmission.
7. The method for pseudo-two layer transmission based on SD-WAN network according to claim 1, wherein step 3, in the process of transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two layer transmission line in combination with VLAN transparent transmission, further comprises:
Classifying the transmission data based on the importance scores of the transmission data, marking the transmission data as important data if the importance scores of the transmission data are larger than a preset value, and marking the transmission data as common data if the importance scores of the transmission data are not larger than the preset value;
performing length detection on important data to obtain the data length of the important data, performing fixed block division on the important data if the data length is larger than a preset value to obtain a plurality of sub-data blocks and positions corresponding to each sub-data block, detecting each sub-data block based on a preset sliding window to obtain a sub-characteristic value corresponding to the sub-data block, and judging whether the sub-data block is a high-frequency data block based on the sub-characteristic value;
If the sub data block is a high frequency data block, repeatedly detecting a sub characteristic value corresponding to the sub data block in a preset buffer area to obtain a repeated value corresponding to the sub data block, if the repeated value corresponding to the sub data block is larger than the preset repeated value, indicating that the sub data block is a repeated data block, obtaining an index of the repeated data block in the preset buffer area, and replacing the corresponding sub data block based on the index to transmit;
if the repeated value corresponding to the sub data block is not greater than the preset repeated value, circularly calculating the mapping value of each sub byte in the sub data block based on a preset mapping function, obtaining a sub mapping set corresponding to the sub data segment, determining the sub arrangement sequence of the sub data segment based on the sub mapping set, marking the sub data segment based on the sub arrangement sequence, obtaining the cache sequence of the sub data segment, compressing the sub data segment based on the sub arrangement sequence, and caching the compressed sub data segment in a cache region;
And if the sub data block is not the high frequency data block, transmitting the corresponding sub data block.
8. The method for pseudo-two layer transmission based on SD-WAN network according to claim 1, wherein step 3, in the process of transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two layer transmission line in combination with VLAN transparent transmission, further comprises:
Performing end point detection on the address of the transmitting end and the address of the receiving end to obtain a plurality of sub-connection information, obtaining a plurality of sub-optimal two-layer transmission lines, constructing a plurality of sub-virtual network cards based on the sub-connection information, and correspondingly binding the sub-virtual network cards with the sub-optimal two-layer transmission lines based on the sub-connection information;
The sub-virtual network card processes transmission data transmitted in a corresponding sub-optimal two-layer transmission line, and comprises the following steps:
Carrying out message identification on the transmission data, determining a receiving end of the transmission data, carrying out consistency detection on the receiving end of the sub-optimal two-layer transmission line and the receiving end of the transmission data, and if the receiving ends are inconsistent, forwarding the transmission data;
If the transmission data are consistent, carrying out unpacking treatment on the transmission data according to a preset data processing strategy, so as to obtain unpacked transmission data, and extracting the unpacked transmission data to obtain inner layer data in the transmission data;
Based on the sub-virtual network card and a preset key corresponding table, a sub-key corresponding to the sub-virtual network card is obtained, a fixed-length check code is generated based on the sub-key, the inner layer data and the check code are combined to obtain combined data, a plurality of sub-vectors are generated based on the check code, the plurality of sub-vectors are converted into a matrix based on a preset algorithm to obtain a target matrix, the combined data is decrypted based on the target matrix to obtain decrypted inner layer data, the decrypted inner layer data is marked with a traffic stamp based on the sub-virtual network card to obtain sub-marked data, and the sub-marked data is transmitted to a receiving end.
9. A pseudo-two layer transmission system based on an SD-WAN network, comprising:
the acquisition module acquires transmission data of a transmitting end in the SD-WAN network;
The processing module is used for constructing a pseudo-two-layer transmission line between the receiving end and the transmitting end based on the transmission data;
the transmission module is used for transmitting the transmission data of the transmitting end to the receiving end based on the pseudo-two-layer transmission line and combining VLAN transmission;
Based on the transmission data, a pseudo-two-layer transmission line between a receiving end and a transmitting end is constructed, comprising:
Determining a transmitting end and a receiving end which need to carry out data transmission in an SD-WAN network;
Respectively acquiring the transmission domain authority of each WAN port of a transmitting end and the transmission domain authority of each WAN port of a receiving end;
judging whether the transmitting end and the receiving end have the same transmission domain authority;
if so, a pseudo-two-layer transmission line is established between WAN ports with the same transmission domain authority in the sending end and the receiving end.
CN202111060315.1A 2021-09-10 2021-09-10 Pseudo-two-layer transmission method and system based on SD-WAN network Active CN113709892B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111060315.1A CN113709892B (en) 2021-09-10 2021-09-10 Pseudo-two-layer transmission method and system based on SD-WAN network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111060315.1A CN113709892B (en) 2021-09-10 2021-09-10 Pseudo-two-layer transmission method and system based on SD-WAN network

Publications (2)

Publication Number Publication Date
CN113709892A CN113709892A (en) 2021-11-26
CN113709892B true CN113709892B (en) 2024-04-30

Family

ID=78660024

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111060315.1A Active CN113709892B (en) 2021-09-10 2021-09-10 Pseudo-two-layer transmission method and system based on SD-WAN network

Country Status (1)

Country Link
CN (1) CN113709892B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114500265A (en) * 2021-12-09 2022-05-13 北京连山科技股份有限公司 Automatic dial-up networking method and device for private network
CN114257546A (en) * 2021-12-15 2022-03-29 兰州大学 Pseudo-two-layer transmission method based on SD-WAN (secure digital-Wide area network)
CN114584521A (en) * 2022-01-17 2022-06-03 兰州大学 Pseudo-two-layer transmission method based on SD-WAN (secure digital-Wide area network)
CN115987794B (en) * 2023-03-17 2023-05-12 深圳互联先锋科技有限公司 Intelligent shunting method based on SD-WAN

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110601983A (en) * 2019-10-15 2019-12-20 南京信息职业技术学院 Method and system for forwarding routing without sensing source of protocol
CN111245715A (en) * 2019-12-31 2020-06-05 亚信科技(中国)有限公司 Message transmission method and system
CN111800399A (en) * 2020-06-24 2020-10-20 北京青云科技股份有限公司 Information transmission method, device, equipment and storage medium
CN112333078A (en) * 2021-01-06 2021-02-05 杭州网银互联科技股份有限公司 Method and system for constructing SD-WAN data forwarding plane
CN112543124A (en) * 2020-12-22 2021-03-23 中国联合网络通信集团有限公司 Private line configuration method and private line system
CN113169930A (en) * 2018-11-30 2021-07-23 思科技术公司 End-to-end identity aware routing across multiple administrative domains

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10932322B2 (en) * 2018-02-23 2021-02-23 Cisco Technology, Inc. Policy mapping methods and apparatus for use in interconnecting software-defined wide area network (SD-WAN) fabrics with mobile networks for communications with UEs

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113169930A (en) * 2018-11-30 2021-07-23 思科技术公司 End-to-end identity aware routing across multiple administrative domains
CN110601983A (en) * 2019-10-15 2019-12-20 南京信息职业技术学院 Method and system for forwarding routing without sensing source of protocol
CN111245715A (en) * 2019-12-31 2020-06-05 亚信科技(中国)有限公司 Message transmission method and system
CN111800399A (en) * 2020-06-24 2020-10-20 北京青云科技股份有限公司 Information transmission method, device, equipment and storage medium
CN112543124A (en) * 2020-12-22 2021-03-23 中国联合网络通信集团有限公司 Private line configuration method and private line system
CN112333078A (en) * 2021-01-06 2021-02-05 杭州网银互联科技股份有限公司 Method and system for constructing SD-WAN data forwarding plane

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SD_WAN技术分析及其在医疗***中的应用研究;林俊发;;广东通信技术;20200315(第03期);57-60 *
林俊发 ; .SD_WAN技术分析及其在医疗***中的应用研究.广东通信技术.2020,(第03期),57-60. *

Also Published As

Publication number Publication date
CN113709892A (en) 2021-11-26

Similar Documents

Publication Publication Date Title
CN113709892B (en) Pseudo-two-layer transmission method and system based on SD-WAN network
KR100631271B1 (en) Data transmission method using packet aggregation
US10433206B2 (en) Method for processing radio protocol in mobile telecommunications system and transmitter of mobile telecommunications
US9030996B2 (en) Layer 2 processing and creation of protocol data units for wireless communications
US7583735B2 (en) Methods and systems for handling underflow and overflow in a software defined radio
US8787369B2 (en) Apparatus for transmitting MAC PDU with a fragmentation and packing extended header and method thereof
US20070053354A1 (en) Method and system for securing wireless transmission of an aggregated frame
US8005115B2 (en) Method of transferring a data block in a wireless communication system
KR101495913B1 (en) Method for transmitting and receiving control data in mobile telecommunications system and transmitter and receiver of mobile telecommunications
CN101657981B (en) Method and apparatus for transmitting and receiving packet data unit in mobile communication system
CN114257546A (en) Pseudo-two-layer transmission method based on SD-WAN (secure digital-Wide area network)
CN114584521A (en) Pseudo-two-layer transmission method based on SD-WAN (secure digital-Wide area network)
KR100631270B1 (en) Data transmission apparatus using packet aggregation
CN102164114B (en) Processing method for medium access control layer protocol data unit and machine terminal
KR20060096968A (en) Data transmission method using packet aggregation
US20080012739A1 (en) Data transmission device, data reception device, and data communication method
KR20080097683A (en) Rlc data transmitting/receiving method and apparatus in a mobile communication system
KR20100090836A (en) Data transmission apparatus and method using packet aggregation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant