CN113965518A - Message processing method and device - Google Patents

Message processing method and device Download PDF

Info

Publication number
CN113965518A
CN113965518A CN202011041940.7A CN202011041940A CN113965518A CN 113965518 A CN113965518 A CN 113965518A CN 202011041940 A CN202011041940 A CN 202011041940A CN 113965518 A CN113965518 A CN 113965518A
Authority
CN
China
Prior art keywords
network device
packet
message
hash value
tunnel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011041940.7A
Other languages
Chinese (zh)
Inventor
王辉登
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to PCT/CN2021/087107 priority Critical patent/WO2022001287A1/en
Publication of CN113965518A publication Critical patent/CN113965518A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0078Avoidance of errors by organising the transmitted data in a format specifically designed to deal with errors, e.g. location
    • H04L1/0085Formatting with cells
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS

Abstract

The embodiment of the application discloses a method and equipment for processing a message, when first network equipment determines that a preset condition is met, a second message comprising a hash value and content related to the first message is generated according to the first message, the hash value is obtained by performing hash calculation according to message characteristic information of the first message, and the first network equipment sends the second message to second network equipment. Therefore, the hash value is obtained by calculation based on the inner layer message characteristics of the message, so that the diversity of the message is embodied, and the uniform distribution of the hash value is ensured to a certain extent.

Description

Message processing method and device
The present application claims priority from chinese patent application No. 202010631135.3 entitled "method, apparatus and network system for processing data" filed on month 07, 03 of 2020 and incorporated herein by reference in its entirety.
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and a device for processing a packet.
Background
In the network, through the forwarding of messages between network devices, corresponding service is provided for users. When the network device forwards the packet, the load balancing is usually performed in a hash uniform manner, that is, the hash value of each packet to be forwarded is calculated, and different packets to be forwarded are mapped to the output interface of the network device or the processing unit of the network device based on the hash value.
However, the current hash makes the network device unable to process the packet to be forwarded in a balanced manner in some scenarios, and thus the resource utilization rate is low.
Disclosure of Invention
Based on this, embodiments of the present application provide a method and a device for message processing, so as to improve load balancing efficiency.
In a first aspect, an embodiment of the present application provides a method for processing a packet, in which when a first network device determines that a preset condition is met, the first network device may obtain a hash value of packet feature information of a first packet, and generate a second packet including the hash value and content related to the first packet according to the first packet, so that the first network device may send the second packet carrying the hash value to a second network device. Therefore, the hash value is obtained by calculation based on the inner layer message characteristics of the message, so that the diversity of the message is embodied, and the uniform distribution of the hash value is ensured to a certain extent, so that the hash value is carried in the message to be sent and sent to other network equipment, and the other network equipment can be ensured to realize a better load balancing effect based on the hash value; moreover, one network device performs hash calculation once, and subsequent network devices can perform high-quality load balancing by directly reading the hash value from the message when load balancing requirements exist, so that the calculation resources of each network device are saved, the message forwarding efficiency is improved, and the forwarding performance of the network device can be improved.
In some implementation manners, the preset condition may be that the length of the first packet is greater than a Maximum Transmission Unit (MTU) of the first network device. Then, the content related to the first packet includes the fragmentation packet of the first packet.
As an example, the header of the second packet may be used to carry the hash value.
As another example, the second packet may also include an IP extension header, and an Option field in the IP extension header may be used to carry the hash value. For example, the IP extension header of the second packet includes a Reserved field, which is used to carry the hash value.
Therefore, each fragmented message in the message fragmentation scene comprises the hash value for reserving the diversity of message characteristics, so that the load in the network can be more balanced; moreover, the fragmentation messages of the same message can be shared to the same link or the same processing unit when the hash is uniform, so that the orderly forwarding of the fragmentation messages is realized.
In other implementations, the preset condition may also be that the first network device is a head-end point of the first tunnel. Then the content associated with the first message includes the entire content of the first message.
As an example, the second packet may also include a first tunnel header. For example, if the first tunnel is a GRE tunnel, the second packet is a packet obtained by encapsulating a first generic routing encapsulation protocol (GRE) header on the first packet, where the first GRE header is a first tunnel header in the second packet; if the first tunnel is an internet protocol security (IPSec) tunnel, the second packet is a packet obtained by encapsulating a first IPSec header in the first packet, where the first IPSec header is a first tunnel header in the second packet.
As one example, the hash value may be carried in the first tunnel header. For example, the first tunnel header includes a Reserved field that is used to carry the hash value.
Specifically, the first tunnel may be a Virtual Private Network (VPN) tunnel. The types of VPN tunnels include, but are not limited to, GRE tunnels, IPSec tunnels, Virtual extended Local Area Network (VXLAN) tunnels, two-Layer Tunneling Protocol (L2 TP) tunnels, three-Layer Tunneling Protocol (L2 TPv3) tunnels, Multi-Protocol Label switching (MPLS) tunnels, IPv6 Over IPv4 tunnels, IPv4 Over IPv6 tunnels, and the like.
Therefore, each message in the scene of encapsulating the tunnel comprises the hash value for keeping the diversity of the message characteristics, so that convenience is provided for load balancing when each subsequent network device forwards the second message, and moreover, the hash value of the first message reflects the diversity of the inner layer characteristics of the first message, so that the load balancing effect in the network is guaranteed.
In a second aspect, an embodiment of the present application further provides a method for processing a packet, in the method, when a second network device receives a second packet sent by a first network device, where the second packet includes a hash value and content related to the first packet (that is, all or part of the content of the first packet), and the hash value is calculated by the first network device or another network device based on packet feature information of the first packet; in this way, the second network device can process the second packet based on the hash value.
As an example, if the second network device includes a plurality of processing units, the processing the second packet by the second network device based on the hash value may include: the second network device assigns the second packet to a first processing unit of the second network device based on the hash value, the first processing unit corresponding to the hash value. The Processing Unit may be, for example, a Unit having Processing and forwarding functions, such as a Central Processing Unit (CPU), a Network Processor (NP), or a forwarding chip.
As another example, if the second network device determines that the outgoing interfaces for forwarding the second packet include at least two outgoing interfaces, in this case, the second network device processes the second packet based on the hash value, the method may also include: the second network device forwards the second packet from a first interface of the second network device based on the hash value, the first interface corresponding to the hash value.
In some possible implementations, if the second network device is a head-end point of the second tunnel, the method may further include a process of encapsulating, by the second network device, the second tunnel header on the second packet, and carrying the hash value on the second tunnel header. Specifically, the method of the embodiment of the present application may further include: the second network equipment determines that the second network equipment is the head end point of the second tunnel, and then the hash value is obtained from the second message; then, the second network device packages a second tunnel header corresponding to the second tunnel for the second message to obtain a third message, wherein the second tunnel header of the third message comprises a hash value; therefore, the second network device can send the third packet to the third network device, so that the third network device processes the third packet based on the hash value. Therefore, each tunnel head of the message is always kept to include the hash value, and no matter which layer of tunnel the terminal point is reached first, the hash value can be carried in the current tunnel head of the message, so that a guarantee is provided for realizing a better load balancing effect.
In other possible implementation manners, if the second network device determines that the length of the fragmented second packet is greater than the MTU of the second network device, the method may further include a process of fragmenting, by the second network device, the second packet and carrying the hash value in the fragmented packet of the second packet. Specifically, the embodiment of the present application may further include: the second network equipment determines that the length of the second message is greater than the MTU of the second network equipment, and then the second message is processed into at least 2 fragment messages; then, the second network equipment adds a hash value to each fragment message to obtain at least 2 third messages; therefore, the second network device sends at least 2 third packets to the third network device, and the third network device can process at least 2 third packets based on the hash value. In this way, each fragmented message carries the hash value corresponding to the message characteristic information of the message before fragmentation, so that each fragmented message comprises the hash value for keeping the diversity of the message characteristics, and the load in the network can be more balanced; moreover, the fragmentation messages of the same message can be shared to the same link or the same processing unit when the hash is uniform, so that the orderly forwarding of the fragmentation messages is realized.
In a third aspect, an embodiment of the present application provides a first network device, which includes a transceiver unit and a processing unit. Wherein, the transceiver unit is configured to perform a transceiving operation in the method provided by the first aspect or any one of the possible implementation manners of the first aspect; the processing unit is configured to perform other operations besides the transceiving operation in the method provided by the first aspect or any one of the possible implementations of the first aspect. For example: when the first network device executes the method of the first aspect, the transceiver unit is configured to send a second packet to a second network device; the processing unit is used for generating a second message according to the first message.
In a fourth aspect, an embodiment of the present application further provides a second network device, where the second network device includes a transceiver unit and a processing unit. The transceiver unit is configured to perform a transceiving operation in the method provided by the second aspect or any one of the possible implementation manners of the second aspect; the processing unit is configured to perform other operations besides the transceiving operation in the method provided by the second aspect or any one of the possible implementations of the second aspect. For example: when the second network device executes the method of the second aspect, the transceiver unit is configured to receive a second packet sent by the first network device; and the processing unit is used for processing the second message according to the hash value.
In a fifth aspect, an embodiment of the present application further provides a first network device, where the first network device includes a memory and a processor. Wherein the memory includes computer programs or instructions; a processor in communication with the memory is configured to execute the computer program or instructions to cause the first network device to perform the method provided in the first aspect or any one of the possible implementations of the first aspect.
In some embodiments, the first network device may also not include a memory, and the processor obtains a computer program or an instruction from an external memory or a cloud storage and executes the computer program or the instruction, so that the first network device is configured to perform the method provided in the first aspect or any one of the possible implementation manners of the first aspect.
In a sixth aspect, an embodiment of the present application further provides a second network device, where the second network device includes a memory and a processor. Wherein the memory includes computer programs or instructions; a processor in communication with the memory is configured to execute the computer program or instructions to cause the second network device to perform the method provided by the second aspect or any one of the possible implementations of the second aspect.
In some embodiments, the second network device may also not include a memory, and the processor obtains a computer program or an instruction from an external memory or a cloud storage and executes the computer program or the instruction to make the second network device to perform the method provided in any one of the above second aspects or possible implementation manners of the second aspect.
In a seventh aspect, this application embodiment further provides a computer-readable storage medium, where a computer program or instructions are stored in the computer-readable storage medium, and when the computer program or instructions runs on a computer, the computer is caused to execute the method provided in any one of the above first aspect, the first possible implementation manner, the second aspect, or the second possible implementation manner.
In an eighth aspect, this embodiment of the present application further provides a computer program product, which includes a computer program or computer readable instructions, and when the computer program or the computer readable instructions is executed on a computer, the computer executes the method provided in any one of the foregoing first aspect, first possible implementation manner, second aspect, or second possible implementation manner.
In a ninth aspect, the present application further provides a communication system, where the communication system includes the first network device provided in the third aspect or the fourth aspect, and/or the second network device provided in the fifth aspect or the sixth aspect.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is a schematic diagram of a network system framework involved in an application scenario in an embodiment of the present application;
fig. 2 is a signaling flow diagram of a method 100 for message processing in an embodiment of the present application;
fig. 3a is a schematic diagram of a format of a fragmented message in a message fragmentation scenario in an embodiment of the present application;
fig. 3b is a schematic diagram of another format of a fragmented message in a message fragmentation scenario in the embodiment of the present application;
fig. 4a is a schematic diagram of a format of a second packet in a tunnel encapsulation scenario in the embodiment of the present application;
fig. 4b is a schematic diagram of another second packet format in a tunnel encapsulation scenario in the embodiment of the present application;
fig. 4c is a schematic diagram of a format of another second packet in a tunnel encapsulation scenario in the embodiment of the present application;
fig. 4d is a schematic diagram illustrating a format of another second packet in a tunnel encapsulation scenario in the embodiment of the present application;
fig. 5 is a schematic structural diagram of a first network device 500 according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a second network device 600 according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a first network device 700 according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a second network device 800 according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a first network device 900 according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a second network device 1000 according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of a communication system 1100 according to an embodiment of the present application.
Detailed Description
Load balancing is carried out on the forwarding messages in the network, and the method is an important means for realizing reasonable utilization of resources and ensuring that congestion does not occur. At present, a hash uniform method is usually adopted for load balancing, that is, a packet to be forwarded is distributed to a plurality of output interfaces of a network device or a plurality of processing units of the network device in a balanced manner based on a hash value of the packet to be forwarded. In specific implementation, after each network device receives a message, first obtaining message characteristic information (for example, five tuples of the message, a source Internet Protocol (IP) address, a destination IP address, a source port number, a destination port number and a Protocol number) from the message, and then performing hash calculation on the message characteristic information to obtain a hash value corresponding to the message; thus, if the network device includes a plurality of processing units, the message is sent to a target processing unit corresponding to the hash value among the plurality of processing units; and if the forwarding table determines that the next hop information of the message indicates a plurality of outgoing interfaces, forwarding the message to another network device from a target outgoing interface corresponding to the hash value in the plurality of outgoing interfaces.
In the hash uniform mode, whether the load balance in the network can be effectively ensured depends on the diversity of the message characteristic information according to which the hash calculation is performed. However, in the current hash equalization method, the obtained message characteristic information is often not comprehensive enough, and the diversity of the message cannot be maintained or is not easy to maintain, so that the hash value obtained after hash calculation of the message characteristic information is single and not dispersed enough, and thus load balancing in the network cannot be effectively realized, for example, one part of processing units in the network device are congested while the other part of processing units are idle, for example, one part of interfaces of the network device are congested while the other part of interfaces are idle, and the resource utilization rate in the network is greatly reduced.
For example, for a message fragmentation scenario, one message is divided into a plurality of fragment messages, only one fragment message includes Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) information, and the other fragment messages do not include TCP or UDP information. In order to ensure that a plurality of fragment messages of one message perform the same load balancing operation, the source IP address, the destination IP address and the protocol number which are all included by each fragment message are used as message characteristic information, and the same hash value is obtained by performing hash calculation, so that all the fragment messages of the message are ensured to be distributed to the same processing unit or output interface of the network equipment based on the same hash value. However, the hash calculation is performed based on the triples, which loses the diversity of the packets to some extent, for example: a plurality of packets with different quintuple (i.e., source IP address, destination IP address, source port number, destination port number, and protocol number) but the same triplet (i.e., source IP address, destination IP address, and protocol number) may obtain the same hash value by fragmenting and performing hash calculation on the triplet of the fragmented packets, so that all fragmented packets corresponding to the plurality of packets may be allocated to the same processing unit and the same egress interface in each network device, thereby affecting the effect of load balancing.
For a Virtual Private Network (VPN) scenario, a packet to be forwarded has a packet header corresponding to a VPN tunnel already encapsulated, and when a network device receives a packet including the packet header corresponding to the VPN tunnel, it cannot acquire a quintuple (also referred to as an inner layer quintuple) before the packet is encapsulated in the VPN tunnel, and hash is performed only on the quintuple (also referred to as an outer layer quintuple) embodied in the packet header corresponding to the VPN tunnel encapsulated by the packet. For example: when a message to be forwarded is encapsulated in a generic routing encapsulation protocol (GRE) tunnel, in one case, the network device may obtain a five-tuple of the message based on a GRE header of the message, and perform hash uniformity based on the five-tuple, but lose diversity of inner-layer five-tuple, and have a poor load balancing effect; in another case, the network device may also read the inner quintuple of the packet and perform hash equalization based on the inner quintuple, but reading the inner quintuple of the packet requires calculating the length of the GRE header and accurately stripping the GRE header based on the length of the GRE header to obtain the inner packet, which is complex and time-consuming in process. Another example is: when a message to be forwarded encapsulates an internet protocol security (IPSec) tunnel, an inner layer message is encrypted, and an inner layer quintuple is not carried in an outer layer IPSec header of the message in a plaintext form, so that a network device cannot acquire the message and perform hash equalization based on the inner layer quintuple, and the load balancing effect is poor. Moreover, for many scenes encapsulating the multi-layer VPN tunnel, the inner layer five tuple of the packet to be forwarded is more difficult to obtain or even impossible to obtain. Therefore, the same hash value is obtained for a plurality of packets encapsulating the same VPN tunnel, and thus, the plurality of packets are all allocated to the same processing unit and the same egress interface in each network device through which the VPN tunnel passes, thereby losing the characteristic diversity of the packet inner layer (i.e., the portion before encapsulating the VPN tunnel) and affecting the load balancing effect.
Moreover, in the hash equalization method, each network device that needs to forward the packet performs a hash calculation after receiving the packet, which affects the forwarding rate of the packet, thereby reducing the forwarding performance of the network device.
Based on this, an embodiment of the present application provides a method for processing a packet, where when a packet is about to enter a tunnel or is about to be fragmented, a network device obtains packet feature information (for example, an inner layer quintuple of the packet) of the packet, performs hash calculation based on the packet feature information to obtain a hash value corresponding to the packet, and forwards the hash value and content related to the packet (for example, all content of the packet or part content of the packet) together, so that the network device that receives the packet can perform load balancing operation on the packet based on the hash value in the received content, and since the hash value is obtained based on the inner layer packet feature calculation of the packet, diversity of the packet is reflected, uniform distribution of the hash value is ensured to a certain extent, and a better load balancing effect is achieved; moreover, one network device performs one-time hash calculation, and the subsequent network device reads the hash value from the message when the load balancing requirement exists, so that the load balancing can be performed, the calculation resources of each network device are saved, the message forwarding efficiency is improved, and the forwarding performance of the network device can be improved.
Taking the scenario shown in fig. 1 as an example, the scenario includes network device 101 to network device 104, where network device 101 includes processing unit 11, processing unit 12, interface a1, interface a2, and interface A3, network device 102 includes processing unit 21, interface B1, interface B2, network device 103 includes processing unit 31, interface C1, and interface C2, and network device 104 includes processing unit 41, processing unit 42, processing unit 43, processing unit 44, interface D1, interface D2, and interface D3. Assuming that the network device 101 is a head end point of the GRE tunnel 1, when the processing unit 11 of the network device 101 receives the packet 1 and the packet 2 through the interface a1, it is determined that the network device 101 is the head end point of the tunnel 1, and the processing unit (such as the processor 11 and/or the processor 12) of the network device 101 calculates a hash value 1 corresponding to the packet 1, and encapsulates the GRE header 1 for the packet 1 to obtain a packet 1', where the GRE header 1 carries the hash value 1; and calculating a hash value 2 corresponding to the message 2, and encapsulating the GRE header 2 for the message 2 to obtain a message 2', wherein the GRE header 2 carries the hash value 2. The network device 101 determines that the outgoing interface of the packet 1 is interface a2 according to the hash value 1, forwards the packet 1' from interface a2 to the network device 102, and receives the packet by interface B1 of the network device 102 and sends the packet to the network device 104 through interface B2; similarly, the network device 101 determines that the outgoing interface of the packet 2 is interface A3 according to the hash value 2, and forwards the packet 2' from interface A3 to the network device 103, where the packet is received by interface C1 of the network device 103 and sent to the network device 104 through interface C2. Then, when the interface D1 of the network device 104 receives the packet 1, it may determine to allocate the packet 1 to the processing unit 41 according to the hash value 1 of the packet 1, and the processing unit 41 determines that the outgoing interface of the packet 1' is the interface D2, so as to forward the packet 1 from the interface D2 to a subsequent network device; when the interface D1 of the network device 104 receives the packet 2 ', it may be determined that the packet 2' is allocated to the processing unit 43 according to the hash value 2, and the processing unit 43 determines that the outgoing interface of the packet 2 'is the interface D2 and the interface D3, at this time, the processing unit 43 continues to determine that the outgoing interface for actually forwarding the packet 2 is the interface D3 according to the hash value 2, so as to forward the packet 2' from the interface D3 to a subsequent network device. Therefore, the effective load balance in the network can be realized, the forwarding efficiency is improved, and the network forwarding performance is improved.
In some embodiments, one or more of the Processing units 11, 12, 21, 31, 41, 42, 43, 44 may be a Central Processing Unit (CPU), a Network Processor (NP), or a forwarding chip, which has Processing and forwarding functions, and the specific form is not limited.
In some embodiments, the hash value 1 may be carried in other parts of the packet 1', such as the IP extension header of the packet.
In the embodiments of the present application, the network device and the node refer to the same meanings in the present application, and may be used interchangeably. In the embodiment of the present application, the network device refers to a device having a forwarding function, and may specifically include, but is not limited to, a switch, a router, a firewall, or the like.
The following describes a specific implementation manner of a message processing method in this embodiment in detail by embodiments with reference to the accompanying drawings.
Fig. 2 is a signaling flowchart of a method 100 for message processing in the embodiment of the present application. In one case, the method 100 may be applied to a scenario of packet fragmentation, so as to introduce the embodiment of the present application in an interaction between a first network device that performs packet fragmentation operation and any one network device (referred to as a second network device) behind the first network device; in another case, the method 100 may also be applied to a tunnel encapsulation scenario, and the embodiment of the present application is described as an interaction between a head-end point (also referred to as a first network device) of a first tunnel and any network device (referred to as a second network device) in the first tunnel except the first network device. In a specific implementation, referring to fig. 2, the method 100 may include, for example, the following S101 to S104:
s101, when a preset condition is met, the first network equipment generates a second message according to the first message, wherein the second message comprises a hash value and content related to the first message, and the hash value is obtained by calculation based on message characteristic information of the first message.
The message characteristic information of the first message is information capable of reflecting the diversity of the information of the inner layer of the first message in the first message, and the hash value obtained by performing hash calculation based on the message characteristic information is ensured to be distributed more uniformly, so that a better load balancing effect is realized. For example, the packet characteristic information of the first packet may be an inner five-tuple of the first packet, i.e., a source IP address, a destination IP address, a source port number, a destination port number, and a protocol number of the first packet. The first network device may obtain the message characteristic information of the first message from the IP header of the first message by reading the IP header of the first message.
The preset condition is an indication condition that the network device needs to calculate the hash value corresponding to the packet. Each network device in the network is configured with the preset condition, when receiving the message, the network device judges whether the preset condition is met, and if the preset condition is met, the method 100 is executed to perform load balancing; and if the preset condition is not met, the message is forwarded normally. The preset condition is different according to different scenes.
In some possible implementation manners, for a scenario of a packet fragment, the preset condition may be: the length of the first packet is greater than a Maximum Transmission Unit (MTU) of the first network device. Each network device in the network is provided with an MTU of an interface and is used for limiting the maximum data length sent by the interface, after a message is received, whether the total length of the message is greater than the MTU is judged, if the total length of the message is greater than the MTU, the message is fragmented, the length of each fragmented message after fragmentation is ensured to be smaller than the MTU, and each fragmented message is forwarded; if the total length of the message is not more than MTU, the message can be directly forwarded without fragmenting the message. For example, assuming that the MTU on the first network device is 1500 bytes, the first network device receives the first packet, and if the length of the first packet is 1457 bytes, since 1457 bytes is less than 1500 bytes, the first network device does not process the first packet, and directly forwards the first packet; if the length of the first packet is 4678 bytes, since 4678 bytes is larger than 1500 bytes, the first network device fragments the first packet, for example, at least 4 fragmented packets can be obtained: the system comprises a fragmentation message 1, a fragmentation message 2, a fragmentation message 3 and a fragmentation message 4, wherein the length of each fragmentation message is less than 1500 bytes.
In a specific implementation, S101 may specifically include: s11, when the first network equipment determines that the first message needs to be fragmented, the message characteristic information of the first message is obtained; s12, the first network device calculates a hash value corresponding to the first packet based on the packet characteristic information; s13, the first network device processes the first message into at least 2 fragment messages; s14, the first network device adds a hash value to each fragmented packet to obtain at least 2 second packets. In this case, the second packet includes, in addition to the hash value, a content corresponding to one fragmentation packet of the first packet (i.e., the content related to the first packet referred to in S101).
For S12, the first network device may perform hash calculation on the packet feature information of the first packet according to a preset hash algorithm, so as to obtain a hash value. The preset hash algorithm may be, for example: an exclusive-or algorithm or a Cyclic Redundancy Check (CRC) 16, a CRC32, etc. Since the hash value carried in the second message and used for guiding subsequent load balancing, the number of bits of the hash value needs to match the number of interfaces of the network device, for example: the network device has 8 interfaces and the hash value may be a 3-bit long binary number. Therefore, the network device may preset the preset length of the hash value, and then S12 may include, for example: the first network equipment performs hash calculation on the message characteristic information by adopting a preset hash algorithm to obtain an initial hash value; and obtaining a target hash value with a preset length based on the initial hash value, wherein the target hash value is the hash value carried in the second message in the embodiment of the application. In one case, the network device may intercept a preset length in the initial hash value, and use the intercepted value of the bit as a target hash value; in another case, the first network device may also perform modulo (e.g., xor) processing on the initial hash value to obtain a target hash value with a preset length.
After the first packet is fragmented to obtain a plurality of fragmented packets, the hash value may be carried in an IP extension header of each fragmented packet.
As an example, for an IP packet, a copy flag (C), a type (Class) field, and an Option (english: Option) field may be included in the IP extension header. The hash value may be carried in an Option field in an IP extension header of the fragment packet, for example: the Value of the unoccupied Option field can be newly defined, and the hash Value is carried in the Value (english: Value) field corresponding to the Option field. The unoccupied values of the Option field include 25, 26 and 31.
For example: assuming that the first packet meets the preset condition, the hash value calculated by the first network device based on the packet characteristic information of the first packet is a, and the value 26 with the unoccupied Option field is used to carry the hash value a. The first network device may divide the first packet into N (N is an integer greater than 1) fragmented packets, as shown in fig. 3a, each fragmented packet may include: the IP extension header comprises an IP header, an IP extension header and payload (English), wherein C is 1 in the IP extension header and indicates that the IP extension header is a fragment message copy extension header; class field ═ 0, indicating control; 26, indicating that the corresponding Value field carries the hash Value; the Length field value is used to indicate the Length of the corresponding content of the Option field; the Value field is hash Value a.
As another example, for an IPv6 message, the IP extension header in the fragmentation scenario may include: a Next extension Header (english: Next Header) field, a Reserved (english: Reserved) field, a Fragment Offset (english: Fragment Offset) field, a Reserved (Res) field, and an M-flag and Identification (english: Identification) field. The length of the first Reserved field is an 8-bit field, which is not occupied currently and can be used to carry a hash value.
For example: assuming that the first packet is an IPv6 packet and satisfies a preset condition, the hash value calculated by the first network device based on the packet characteristic information of the first packet is a, and the Reserved field is used to carry the hash value a. The first network device may divide the first packet into N (N is an integer greater than 1) fragmented packets, as shown in fig. 3b, each fragmented packet may include: an IP header, an IP extension header, and a payload (english: payload), wherein the first Reserved field in the IP extension header is equal to the hash value a.
In some embodiments, hash values corresponding to the first packet may be carried in each fragmented packet in other manners, so that diversity of packet characteristics is maintained in a packet fragmentation scenario, and load in a network can be balanced; moreover, the fragmentation messages of the same message can be shared to the same link or the same processing unit when the hash is uniform, so that the orderly forwarding of the fragmentation messages is realized.
In other possible implementations, for a scenario of tunnel encapsulation, the preset condition may be: the first network device is a head-end point of the first tunnel. When a first message reaches a first network device, a first tunnel is not packaged, if the first network device checks a forwarding table and determines that next hop information of a forwarding table item corresponding to the first message indicates that the interface type is the first tunnel, the first network device can determine that the first message is a head end point of the first tunnel, the first message starts to be transmitted from the first network device through the first tunnel, and at the moment, after a first tunnel head corresponding to the first tunnel is packaged on the first message, the packaged message is forwarded; if the first network device checks the forwarding table and determines that the next hop information of the forwarding table entry corresponding to the first message indicates that the interface type is not the first tunnel, the first network device may determine that the first network device is not the head end point of the first tunnel, and at this time, the first message may be directly forwarded without encapsulating the first tunnel for the first message. For example, if the next hop information of the forwarding table entry corresponding to the first packet on the first network device indicates that the interface type is a GRE tunnel, the first network device encapsulates a GRE header for the first packet after the first packet reaches the first network device; for another example, assuming that the next-hop information of the forwarding entry corresponding to the first packet on the first network device indicates that the interface type is an IPSec tunnel, after the first packet arrives at the first network device, the first network device encapsulates an IPSec Header for the first packet, where the IPSec Header may specifically be an Authentication Header (AH) or an Encapsulated Security Payload (ESP).
In some embodiments, S101 may specifically include: s21, when the first network equipment determines that the first network equipment is the head end point of the first tunnel, the first network equipment judges whether the first message comprises the hash value, if yes, S24 is executed, otherwise, S22 is executed; s22, the first network equipment acquires the message characteristic information of the first message; s23, the first network device calculates a hash value corresponding to the first packet based on the packet characteristic information; s24, the first network device generates a second packet based on the first packet and the hash value, where the second packet includes the hash value. In this case, the second packet includes the entire content of the first packet (i.e., the content related to the first packet referred to in S101) in addition to the hash value.
If the first packet has been subjected to packet fragmentation or has been encapsulated with other tunnels before reaching the first network device, the first packet may already include a hash value that represents the diversity of the characteristics of the first packet, and at this time, in order to save the computing resources, when the first network device determines that the first network device is the head end of the first tunnel, the first network device may directly obtain the hash value from the first packet, and generate the second packet based on S24. If the first packet does not carry the hash value, the hash value can be calculated based on S22-S23, and the specific process can be referred to the above-mentioned related description of S12.
In some embodiments, the step of generating, by the first network device, the second packet in S24 includes: the first network device packages a first tunnel header corresponding to the first tunnel for the first packet to obtain a second packet, wherein the packet header in the second packet includes a hash value.
As one example, the header of the second packet carrying the hash value may be a first tunnel header. For example: the hash value may be carried in a Reserved field of the first tunnel header, or may also be carried in a flag (english: Flags) of the first tunnel header, or may also be carried in an extended field in an Optional (english: Optional) field of the first tunnel header.
The first tunnel may be a first VPN tunnel, and may be a first GRE tunnel or a first IPSec tunnel, for example.
For example: assuming that the first tunnel is a GRE tunnel, the first tunnel header is a GRE header. The format of the second packet is shown in fig. 4a or fig. 4b, and includes: an outer IP header, a GRE header, an inner IP header, and a payload. Referring to fig. 4a, the hash value a of the first packet may be carried in Flags of the second packet, that is, Flags is the hash value a. Referring to fig. 4b, the hash value a of the first packet may also be carried in an extension field of the Optional of the second packet, and the position carrying the hash value a is indicated by the value of Flags, i.e., Flags is the position of the Optional, and the Optional field is the hash value a.
Another example is: assuming that the first tunnel is an IPSec tunnel, the first tunnel header is an IPSec header. The format of the second packet is as shown in fig. 4c or fig. 4d, and the hash value a of the first packet may be carried in a Reserved field of an IPSec header in the second packet. As shown in fig. 4c, the second packet corresponds to a tunnel mode of IPSec, and the second packet includes: an outer IP header, an IPSec header, an inner IP header, and a payload. As shown in fig. 4d, the second packet corresponds to the transmission mode of IPSec, and the second packet includes: inner layer IP header, IPSec header, and payload. It should be noted that the IPSec header in fig. 4c and 4d may be AH or ESP, and is not particularly limited in the embodiment of the present application.
As another example, if the first tunnel is in tunnel mode, the first network device further needs to encapsulate an outer IP header outside the first VPN header when encapsulating the first VPN header for the first packet. In order to enable subsequent network devices to conveniently read the hash value in the message forwarding process, the hash value may also be carried in the outer IP header, that is, the message header of the second message carrying the hash value may also be the outer IP header. The specific carrying manner is not limited in this embodiment.
In some embodiments, the types of VPN tunnels include, but are not limited to, GRE tunnels, IPSec tunnels, virtual extensible local area network (VXLAN) tunnels, layer 2tunneling protocol (L2 TP) tunnels, layer 3tunneling protocol version 3 (L2 TPv3) tunnels, multi-protocol label switching (MPLS) tunnels, IPv6 Over IPv4 tunnels, IPv4 Over IPv6 tunnels, and the like. For a specific implementation manner of generating the second packet, reference may be made to the above-mentioned related description taking the GRE tunnel and the IPSec tunnel as an example, and details are not described here any more.
The specific operation of S101 described above may be completed in the processing unit in the first network device.
In some embodiments, the preset condition in S101 includes, but is not limited to, the descriptions in the two possible implementations described above. For example: the first packet is an IP packet that does not need to be fragmented nor encapsulated in a tunnel, and then, the first packet may also be considered to meet a preset condition, and the hash value corresponding to the first packet is carried in the IP extension header of the IP packet to obtain a second packet, so that, in the process of forwarding the second packet, each network device can perform load balancing on the second packet only by reading the hash value in the IP extension header of the second packet, and each network device does not need to perform hash calculation to obtain the hash value corresponding to the first packet, thereby saving packet forwarding time, and effectively improving packet forwarding efficiency on the basis of ensuring load balancing.
Therefore, the first network device carries the hash value corresponding to the first message at a position convenient to read in the newly generated second message, which provides convenience for load balancing when each subsequent network device forwards the second message.
S102, the first network equipment sends the second message to the second network equipment.
S103, the second network equipment receives the second message sent by the first network equipment.
In some embodiments, the first network device may also perform load balancing based on the hash value in the second message. For example: when the first network device determines that a plurality of outgoing interfaces exist based on the forwarding table entry corresponding to the second packet, the first network device determines one outgoing interface from the plurality of outgoing interfaces based on the hash value, so that the second packet is forwarded out from the determined outgoing interface. The specific process is described in the following related description of S104.
For the case of encapsulating a multi-layer tunnel at the first network device, if the first tunnel header is encapsulated for the first packet according to the above S101 to obtain the second packet, the method 100 may further include: s31, if the first network device determines that the first network device is the head end point of the second tunnel, the first network device acquires the hash value from the second message; s34, the first network device encapsulates, for the second packet, a second tunnel header corresponding to the second tunnel, to obtain an updated second packet, where the updated second packet includes a hash value, for example: the second tunnel header includes a hash value. If the second tunnel header is encapsulated for the first packet, that is, the method 100 may further include, before S101: s41, if the first network device determines that the first network device is the head end of the second tunnel, the first network device calculates the hash value corresponding to the first packet based on the packet feature information; s42, the first network device encapsulates the second tunnel header for the first packet to obtain a third packet, where the third packet includes a hash value; at this time, S101 may include, for example: the first network device determines that the first network device is itself the head end of the first tunnel, and then, the first network device obtains the hash value from the third packet, so that the first network device encapsulates the first tunnel header for the third packet to obtain the second packet, where the second packet includes the hash value, for example: the second tunnel header and the first tunnel header include hash values. It should be noted that, multiple layers of tunnels are simultaneously encapsulated on the same network device, the encapsulation sequence of the multiple layers of tunnels is not specifically limited, and the encapsulation sequence does not affect the subsequent load balancing effect.
In the scenario of encapsulating the multi-layer tunnel, the second message sent by the first network device to the second network device is the updated second message, that is, the message transmitted from the output interface after the last processing by the first network device is completed.
It should be noted that, no matter whether the second packet is superimposed through the tunnel or not, the subsequent load balancing effect is not affected as long as the packet header of the second packet sent to the second network device includes the hash value capable of embodying the inner layer feature of the first packet.
And S104, the second network equipment processes the second message based on the hash value in the second message.
The second packet is forwarded from the first network device to a second network device, and the second network device may be directly connected to the first network device or indirectly connected to the first network device through another network device.
In some possible implementation manners, in order to enhance performance in the aspects of forwarding and the like, the second network device may include a plurality of processing units, and then, after receiving the second packet, the second network device may determine, based on the hash value carried in the second packet, a processing unit corresponding to the second packet, and allocate the second packet to the processing unit for processing.
As one example, the second network device may determine the processing unit to process the second packet based directly on the hash value. For example: and distributing the second message to the processing units with the same number and hash value. Assuming that the second network device includes 8 processing units, and the number is 0-7, when the hash value in the second message is 0, the second network device allocates the second message to the processing unit 0; when the hash value in the second packet is 1, the second network device allocates the second packet to the processing unit 1.
As another example, the second network device may preset a corresponding relationship between the hash value and the processing unit, and determine the processing unit that processes the second packet. For example: the second network device may preset a correspondence relationship according to the capabilities of each processing unit. Assuming that the second network device includes 2 processing units, and the capability of the processing unit 0 is stronger than that of the processing unit 1, the preset correspondence relationship of the second network device includes: the correspondence relationship 1 that "hash values 0 to 5 correspond to the processing unit 0", and the correspondence relationship 2 that "hash values 6 and 7 correspond to the processing unit 1", so that, when the hash value in the second message is any one of 0 to 5, the second network device determines that the second message needs to be allocated to the processing unit 0 according to the correspondence relationship 1 and the hash value; when the hash value in the second packet is 6 or 7, the second network device determines that the second packet needs to be allocated to the processing unit 1 according to the correspondence 2 and the hash value.
In some scenarios, for a second network device including multiple processing units, the multiple processing units often perform parallel processing, and after the processing is completed, multiple packets are sent out from the second network device in a unified manner, so that parallel forwarding efficiency is improved. However, if the effect of hash uniformity is not good, the hash values used for guiding the selection of the processing units are not uniformly distributed, for example, for a stream with partial message characteristics lost, if the quintuple is different but the hash values calculated based on the triplet are equal, a problem of non-uniform hash value distribution may occur, which may result in a heavy load on one or some of the processing units, and a light load on other processing units, so that the processing speeds of the processing units are different, and the parallel forwarding efficiency is slow, thereby affecting or losing the advantages of the multiple processing units. However, based on the method provided by the embodiment of the present application, since the hash value capable of embodying the inner layer characteristics of the packet is carried in the packet and forwarded to the network device with multiple processing units, the packet to be forwarded can be relatively and evenly distributed to each processing unit in the network device based on the hash value with even distribution, so that the efficient parallel forwarding function of multiple processing units can be fully and effectively utilized, and efficient forwarding is realized.
In other possible implementation manners, if the processing unit that receives the second packet in the second network device determines that there are multiple outgoing interfaces according to the forwarding table entry corresponding to the second packet, at this time, the second network device determines one outgoing interface from the multiple outgoing interfaces based on the hash value, so as to forward the second packet out of the determined outgoing interface.
As one example, the second network device may determine an egress interface for forwarding the second packet based directly on the hash value. For example: and distributing the second message to an output interface with the same number and hash value. Assuming that the second network device comprises 8 outgoing interfaces and the serial number is 0-7, when the hash value in the second message is 0, the second network device forwards the second message from the outgoing interface 0 to the second network device; and when the hash value in the second message is 1, the second network equipment forwards the second message out of the second network equipment from the outgoing interface 1.
As another example, the second network device may preset a corresponding relationship between the hash value and the outgoing interface, and determine the outgoing interface for forwarding the second packet. For example: the second network device may preset a corresponding relationship according to parameters such as bandwidth of each output interface. Assuming that the second network device includes 2 interfaces, and the bandwidth of interface 0 is 3 times the bandwidth of interface 1, the preset correspondence relationship of the second network device includes: the corresponding relation 1 that "hash values 0-5 correspond to the interface 0", and the corresponding relation 2 that "hash values 6 and 7 correspond to the interface 1", so that when the hash value in the second message is any one of 0-5, the second network device determines that the second message needs to be forwarded from the interface 0 to the second network device according to the corresponding relation 1 and the hash value; when the hash value in the second packet is 6 or 7, the second network device determines that the second packet needs to be forwarded out of the second network device from the interface 1 according to the corresponding relationship 2 and the hash value.
If the second network device determines that the second network device is the head end of the third tunnel, the second network device may obtain the hash value from the second packet, and encapsulate the third tunnel header for the second packet to obtain a fourth packet, where the third tunnel header of the fourth packet includes the hash value. At this time, if the second network device determines that the fourth packet has multiple outgoing interfaces, the second network device may determine to forward the fourth packet out of the outgoing interface of the second network device based on the hash value in the third tunnel header; moreover, after the second network device sends the fourth packet to the third network device, the hash value in the fourth packet may also be used by the third network device to select a processing unit and an output interface, so as to implement corresponding load balancing. For example: the first tunnel may be a GRE tunnel, and the third tunnel may be an IPSec tunnel, so that the fourth packet may be considered to encapsulate the IPSec Over GRE tunnel; another example is: the first tunnel may be an IPSec tunnel, and the third tunnel may be a GRE tunnel, so the fourth packet may be considered to encapsulate a GRE Over IPSec tunnel; for another example: the first tunnel and the second tunnel are both GRE tunnels, and then the fourth packet may be regarded as encapsulating a GRE Over GRE tunnel.
If the second network device is not the endpoint of the first tunnel, S104 may forward the second packet to a subsequent network device of the first tunnel based on the hash value in the second packet. If the second network device is the terminal point of the first tunnel, the second network device can strip the first tunnel header after determining the outgoing interface, so as to obtain a fifth message, and the fifth message is transferred out from the determined outgoing interface.
For the case that the second network device is the end point of the first tunnel, in one case, the second network device may continue forwarding directly in the network without processing the fifth packet. In this case, if the fifth packet does not include other tunnel headers, the subsequent nodes can obtain the inner layer packet feature information of the fifth packet, so that directly forwarding the fifth packet does not affect the effect of load balancing the packets by each subsequent node based on a hash uniform manner. In another case, the second network device may carry the hash value in an IP extension header of the fifth packet, generate a sixth packet, and forward the sixth packet in the network. Under the condition, the load balancing effect in the subsequent forwarding process can be ensured, and the subsequent network equipment does not need to acquire the message characteristic information of the fifth message and calculate the Hash calculation, so that the calculation resources of each network equipment are saved, and the forwarding efficiency of the message is greatly improved.
In some embodiments, if the network device that receives the packet to be forwarded determines that the predetermined condition is not satisfied and the hash value is not carried, the network device may obtain packet feature information of the packet, calculate the hash value based on the packet feature information, and perform load balancing based on the calculated hash value.
It can be seen that, according to the method 100 provided in this embodiment of the present application, when it is determined that a preset condition is satisfied, the network device obtains the packet feature information of the packet, performs hash calculation based on the packet feature information to obtain a hash value corresponding to the packet, and carries the hash value in the packet for subsequent forwarding, so that the network device that receives the packet can perform load balancing operation on the packet based on the hash value carried in the packet, and since the hash value is calculated based on an inner layer five tuple of the packet, the diversity of the packet is reflected, uniform distribution of the hash value is ensured to a certain extent, and a better load balancing effect is achieved; moreover, only one network device is needed to perform hash calculation once, and the subsequent network device only needs to read the hash value from the message when the load balancing requirement exists, so that the calculation resources of each network device are saved, the message forwarding efficiency is improved, and the forwarding performance of the network device can be improved.
In addition, an embodiment of the present application further provides a first network device 500, which is shown in fig. 5. The first network device 500 comprises a processing unit 501 and a transmitting unit 502. The processing unit 501 is configured to perform the processing operation performed by the first network device in the embodiment shown in fig. 2; the sending unit 502 is configured to perform the sending operation performed by the first network device in the embodiment shown in fig. 2. For example: the processing unit 501 may perform the operations in the embodiment of fig. 2: and when the preset condition is met, generating a second message according to the first message. For example: the sending unit 502 may perform the operations in the embodiment of fig. 2: and sending the second message to the second network equipment.
In addition, an embodiment of the present application further provides a second network device 600, which is shown in fig. 6. The second network device 600 comprises a receiving unit 601 and a processing unit 602. The receiving unit 601 is configured to perform a receiving operation performed by the second network device in the embodiment shown in fig. 2; the processing unit 602 is configured to perform the processing operations performed by the second network device in the embodiment shown in fig. 2. For example: the receiving unit 601 may perform the operations in the embodiment of fig. 2: receiving a second message sent by the first network equipment; the processing unit 602 may perform the operations in the embodiment of fig. 2: and processing the second message based on the hash value in the second message.
In addition, the embodiment of the present application further provides a first network device 700, which is shown in fig. 7. The first network device 700 includes a second communication interface 702 and a processor 703. The second communication interface 702 is used to perform the sending operation performed by the first network device in the embodiment shown in fig. 2; the processor 703 is configured to perform the operations other than the receiving operation and the sending operation performed by the first network device in the embodiment shown in fig. 2. For example: the processor 703 may perform the operations in the embodiment of fig. 2: and when the preset condition is met, generating a second message according to the first message. The first network device 700 may further include a first communication interface 701, where the first communication interface 701 is configured to perform the foregoing receiving operation performed by the first network device in the embodiment shown in fig. 2, for example, receive the first packet.
In addition, a second network device 800 is also provided in the embodiments of the present application, and is shown in fig. 8. The second network device 800 comprises a first communication interface 801 and a processor 803. The first communication interface 801 is configured to perform the receiving operation performed by the second network device in the embodiment shown in fig. 2; the processor 803 is configured to perform the operations performed by the second network device in the embodiment shown in fig. 2, except for the receiving operation and the transmitting operation. For example: the processor 803 may perform the operations in the embodiment of fig. 2: and processing the second message according to the hash value in the second message. The second network device 800 may further include a second communication interface 802, where the second communication interface 802 is configured to perform the sending operation performed by the second network device in the foregoing embodiment shown in fig. 2.
In addition, an embodiment of the present application further provides a first network device 900, which is shown in fig. 9. The first network device 900 includes a memory 901 and a processor 902 in communication with the memory 901. Wherein memory 901 comprises computer readable instructions; the processor 902 is configured to execute the computer readable instructions to enable the first network device 900 to perform the method performed by the first network device in the embodiment shown in fig. 2.
In addition, an embodiment of the present application further provides a second network device 1000, which is shown in fig. 10. The second network device 1000 includes a memory 1001 and a processor 1002 in communication with the memory 1001. Wherein memory 1001 includes computer readable instructions; the processor 1002 is configured to execute the computer readable instructions, so that the second network device 1000 performs the method performed by the second network device in the embodiment shown in fig. 2.
In the above embodiments, the processor may be a Central Processing Unit (CPU), a Network Processor (NP), or a combination of a CPU and an NP. The processor may also be an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof. The PLD may be a Complex Programmable Logic Device (CPLD), a field-programmable gate array (FPGA), a General Array Logic (GAL), or any combination thereof. The processor may refer to one processor or may include a plurality of processors. The memory may include a volatile memory (RAM), such as a random-access memory (RAM); the memory may also include a non-volatile memory (ROM), such as a read-only memory (ROM), a flash memory (flash memory), a hard disk (HDD) or a solid-state drive (SSD); the memory may also comprise a combination of memories of the kind described above. The memory may refer to one memory, or may include a plurality of memories. In one embodiment, the memory has stored therein a computer program or instructions comprising a plurality of software modules, such as a sending module, a processing module, and a receiving module. After the processor executes each software module, the processor can perform corresponding operation according to the instruction of each software module. In the present embodiment, the operation performed by one software module actually refers to an operation performed by the processor according to the instruction of the software module. After the processor executes the computer program or the instructions in the memory, all operations that can be executed by each network node in the message processing method can be executed according to the instructions of the computer program or the instructions.
In the above embodiment, the second communication interface 702 of the first network device 700 may be specifically used as the sending unit 502 in the first network device 500, so as to implement data communication from the first network device to the second network device; the first communication interface 701 of the first network device 700 may be specifically used as a receiving unit in the first network device 500, for example, may be used to receive a first packet sent by an upstream network device. Similarly, the first communication interface 801 of the second network device 800 may be specifically used as the receiving unit 601 in the second network device 600, so as to implement data communication from the first network device to the second network device; the second communication interface 802 of the second network device 800 may be specifically used as a sending unit in the second network device 600, so as to implement data communication from the second network device to a downstream network device.
In addition, an embodiment of the present application further provides a communication system 1100, which is shown in fig. 11. The communication system 1100 includes a first network device 1101 and a second network device 1102, where the first network device 1101 may be specifically the first network device 500, the first network device 700, or the first network device 900, and the second network device 1102 may be specifically the second network device 600, the second network device 800, or the second network device 1000.
Furthermore, the present application also provides a computer-readable storage medium, in which a computer program or instructions are stored, and when the computer program or instructions runs on a computer, the computer is caused to execute the method in the embodiment shown in fig. 2.
Furthermore, the present application also provides a computer program product, which includes a computer program or computer readable instructions, when the computer program or the computer readable instructions runs on a computer, the computer is caused to execute the method in the foregoing embodiment shown in fig. 2.
In the names of the "first message", the "first tunnel", and the like mentioned in the application embodiment, the "first" is only used for name identification, and does not represent the first in sequence. The same applies to "second" etc.
As can be seen from the above description of the embodiments, those skilled in the art can clearly understand that all or part of the steps in the above embodiment methods can be implemented by software plus a general hardware platform. Based on such understanding, the technical solution of the present application may be embodied in the form of a software product, which may be stored in a storage medium, such as a read-only memory (ROM)/RAM, a magnetic disk, an optical disk, or the like, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network communication device such as a router) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, system embodiments and device embodiments are substantially similar to method embodiments and are therefore described in a relatively simple manner, where relevant reference may be made to some descriptions of method embodiments. The above-described embodiments of the apparatus and system are merely illustrative, wherein modules described as separate parts may or may not be physically separate, and parts shown as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only a preferred embodiment of the present application and is not intended to limit the scope of the present application. It should be noted that, for a person skilled in the art, several improvements and modifications can be made without departing from the scope of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims (20)

1. A method for processing a packet, comprising:
when a preset condition is met, the first network equipment generates a second message according to the first message, wherein the second message comprises a hash value and content related to the first message, and the hash value is obtained by performing hash calculation on the basis of message characteristic information of the first message;
and the first network equipment sends the second message to second network equipment.
2. The method of claim 1, wherein the predetermined condition is that the length of the first packet is greater than the Maximum Transmission Unit (MTU) of the first network device.
3. The method of claim 2, wherein the content associated with the first packet comprises a fragmented packet of the first packet.
4. The method of claim 3, wherein the header of the second packet includes the hash value.
5. The method of claim 3, wherein the second packet comprises an IP extension header, and wherein an Option Option field in the IP extension header comprises the hash value.
6. The method of claim 5, wherein the IP extension header of the second packet comprises a Reserved field, and wherein the Reserved field comprises the hash value.
7. The method of claim 1, wherein the preset condition is that the first network device is a head-end of a first tunnel.
8. The method of claim 7, wherein the second packet further comprises a first tunnel header.
9. The method of claim 8, wherein the first tunnel header comprises the hash value.
10. The method of claim 9, wherein the first tunnel header comprises a Reserved field, and wherein the Reserved field comprises the hash value.
11. A method according to any of claims 7-10, wherein the first tunnel is a virtual private network, VPN, tunnel.
12. A method for processing a packet, comprising:
the method comprises the steps that a second network device receives a second message sent by a first network device, wherein the second message comprises a hash value and content related to the first message, and the hash value is obtained through calculation based on message characteristic information of the first message;
and the second network equipment processes the second message based on the hash value.
13. The method of claim 12, wherein the second network device processes the second packet based on the hash value, comprising:
and the second network equipment distributes the second message to a first processing unit of the second network equipment based on the hash value, wherein the first processing unit corresponds to the hash value.
14. The method according to claim 12 or 13, wherein the second network device processes the second packet based on the hash value, including:
and the second network equipment forwards the second message from a first interface of the second network equipment based on the hash value, wherein the first interface corresponds to the hash value.
15. The method according to any one of claims 12-14, further comprising:
if the second network device determines that the second network device is a head end point of a second tunnel, the second network device obtains the hash value from the second message;
the second network device packages a second tunnel header corresponding to the second tunnel for the second packet to obtain a third packet, where the second tunnel header of the third packet includes the hash value;
and the second network equipment sends the third message to third network equipment so that the third network equipment processes the third message based on the hash value.
16. The method according to any one of claims 12-14, further comprising:
if the second network device determines that the length of the second message is greater than the Maximum Transmission Unit (MTU) of the second network device, processing the second message into at least 2 fragmented messages;
the second network equipment adds the hash value to each fragment message to obtain at least 2 third messages;
and the second network equipment sends at least 2 third messages to third network equipment, so that the third network equipment processes at least 2 third messages based on the hash value.
17. A network device, comprising:
a memory comprising a computer readable program or instructions;
a processor in communication with the memory, the processor to execute the computer-readable program or instructions to cause the network device to perform the method of any of claims 1-11.
18. A network device, comprising:
a memory comprising a computer readable program or instructions;
a processor in communication with the memory, the processor to execute the computer-readable program or instructions to cause the network device to perform the method of any of claims 12-16.
19. A communication system, characterized in that it comprises a network device according to claim 17 and/or a network device according to claim 18.
20. A computer-readable storage medium, having stored therein program code or instructions, which when run on a computer, cause the computer to perform the method of any of claims 1-11 or the method of any of claims 12-16.
CN202011041940.7A 2020-07-03 2020-09-28 Message processing method and device Pending CN113965518A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/087107 WO2022001287A1 (en) 2020-07-03 2021-04-14 Message processing method and device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010631135 2020-07-03
CN2020106311353 2020-07-03

Publications (1)

Publication Number Publication Date
CN113965518A true CN113965518A (en) 2022-01-21

Family

ID=79460181

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011041940.7A Pending CN113965518A (en) 2020-07-03 2020-09-28 Message processing method and device

Country Status (1)

Country Link
CN (1) CN113965518A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115883469A (en) * 2023-01-04 2023-03-31 苏州浪潮智能科技有限公司 Data flow load balancing method and device, network topology and data center
CN116886621A (en) * 2023-09-07 2023-10-13 珠海星云智联科技有限公司 Message forwarding control method, DPU and related equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115883469A (en) * 2023-01-04 2023-03-31 苏州浪潮智能科技有限公司 Data flow load balancing method and device, network topology and data center
CN116886621A (en) * 2023-09-07 2023-10-13 珠海星云智联科技有限公司 Message forwarding control method, DPU and related equipment
CN116886621B (en) * 2023-09-07 2023-12-19 珠海星云智联科技有限公司 Message forwarding control method, DPU and related equipment

Similar Documents

Publication Publication Date Title
US11792046B2 (en) Method for generating forwarding information, controller, and service forwarding entity
US11115339B2 (en) Network congestion control method, device, and system
KR102555671B1 (en) Packet processing methods, related devices and computer storage media
US10749794B2 (en) Enhanced error signaling and error handling in a network environment with segment routing
US7835285B2 (en) Quality of service, policy enhanced hierarchical disruption tolerant networking system and method
US9923835B1 (en) Computing path maximum transmission unit size
US10601610B2 (en) Tunnel-level fragmentation and reassembly based on tunnel context
US20080159150A1 (en) Method and Apparatus for Preventing IP Datagram Fragmentation and Reassembly
WO2021037216A1 (en) Message transmission method and device, and computer storage medium
US20230102984A1 (en) METHOD AND APPARATUS FOR VERIFYING SRv6 PACKET
US11108699B2 (en) Method, apparatus, and system for implementing rate adjustment at transmit end
US11695858B2 (en) Packet fragmentation control
KR100748698B1 (en) Apparatus and method of packet processing in security communication system
US11621914B2 (en) Maintaining processing core affinity for fragmented packets in network devices
WO2022001287A1 (en) Message processing method and device
TW201737664A (en) Accurate speed limiting method and apparatus for cluster
CN111935009B (en) Data packet routing method, device, equipment, system and storage medium
JP2016508682A (en) Method and arrangement for differentiating VPN traffic across domains by QOS
CN113965518A (en) Message processing method and device
CN112333094A (en) Data transmission processing method and device, network equipment and readable storage medium
EP4274123A1 (en) Packet encapsulation and de-encapsulation method and device, storage medium, and electronic device
CN114268518A (en) Method and system for realizing forwarding acceleration of sdwan data tunnel
US11805071B2 (en) Congestion control processing method, packet forwarding apparatus, and packet receiving apparatus
CN113055268A (en) Method, device, equipment and medium for tunnel traffic load balancing
WO2024041064A1 (en) Quic packet transmission method and related device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination