WO2023005018A1 - Packet forwarding method and network device - Google Patents

Packet forwarding method and network device Download PDF

Info

Publication number
WO2023005018A1
WO2023005018A1 PCT/CN2021/126561 CN2021126561W WO2023005018A1 WO 2023005018 A1 WO2023005018 A1 WO 2023005018A1 CN 2021126561 W CN2021126561 W CN 2021126561W WO 2023005018 A1 WO2023005018 A1 WO 2023005018A1
Authority
WO
WIPO (PCT)
Prior art keywords
path
network device
sid
message
packet
Prior art date
Application number
PCT/CN2021/126561
Other languages
French (fr)
Chinese (zh)
Inventor
平善明
方晟
薛奇
李春成
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023005018A1 publication Critical patent/WO2023005018A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/24Multipath
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Definitions

  • the present application relates to the communication field, and in particular to a message forwarding method and network equipment.
  • the specific type of SID is the SID of the endpoint replication binding END.DB type.
  • a new type of SID (SID of the END.DB type) is defined.
  • forwarding the second packet according to the path information corresponding to the second path may include: the first network device encapsulates the second SRH in the second packet, and the second SRH includes the path of the second path Information (for example, the path information includes the address of the traffic processing device), the first network device forwards the second message according to the second SRH, so that the second message is forwarded to the traffic processing device, and data mirroring is realized.
  • the first packet is an SRv6 packet.
  • a transceiver module configured to receive the first message
  • the specific type of SID is the SID of the endpoint END type, and the type of the flavor of the additional behavior of the SID is a connection type or a branch type.
  • the transceiver module is further configured to forward the second message according to the path information corresponding to the second path.
  • FIG. 3 is a schematic diagram of the SID format
  • Step 601 the first network device receives a first packet.
  • SID A is the SID of network device A, such as 1:1::1;
  • SID B is the SID of network device B, such as 1:2::1;
  • SID C is the SID of node C, such as 1:3:: 1.
  • the SID of network device C, the SID of network device D, and the SID of traffic processing device E are END type SIDs, which are abbreviated as "SID C", "SID D", and "SIDE" in this application.
  • the first network device checks the destination address in the first packet, and determines whether the destination address in the first packet is the SID of the current node. For example, network device B checks the destination address in the basic header in the message header of "message P" to determine whether the destination address is SID B. If network device B determines that the destination address of "message P" is SID B, then Execute the following step 603, if the network device B determines that the destination address of the "message P" is not SID B, then execute other steps.
  • the first network device copies the first packet according to the SID.
  • the network device B checks the destination address in the first message, and when the network device B determines that the destination address is SID B, the network device B obtains the second message according to the first message.
  • the second path includes at least one address, and the at least one address includes the address of the traffic processing device E.
  • the path information of the second path includes: the address of network device D (such as SID D) and the address of traffic processing device E, for example, ⁇ SID D, SIDE E>, wherein, SID D, SIDE E are both END type SID.
  • the second path only includes the address of the traffic processing device E. If the traffic processing device E supports the SRv6 technology, the address of the traffic processing device E is "the SID of the traffic processing device" (eg, "SIDE"). If the traffic processing device does not support SRv6 technology, the address of the traffic processing device is the IPv6 address of the traffic processing device (for example, marked as "E IPv6 ").
  • the copied message (same as the first message) includes a basic header, SRH (referred to as "the first SRH") and a payload (payload).
  • the segment list included in the first SRH is: ⁇ SID A, SID B.BD, SID C>
  • network device B encapsulates a new SRH behind the basic header of the copied message (for example, it is marked as "the second SRH ”)
  • the second SRH includes the path information of the second path.
  • the "second SRH” includes ⁇ SID D, SIDE E>, that is, the network device B encapsulates the copied message and the second SRH to obtain the second message.
  • the second packet includes a basic header, a first SRH, a second SRH and a payload.
  • network device B re-encapsulates a new packet header (referred to as "the second packet header") on the outer layer of the copied packet.
  • the message header in the copied message is called "the first message header”.
  • the first message header includes the first basic header, the first SRH and the payload
  • the second message header includes the second basic header, the second SRH and the payload.
  • the first basic header includes a source address (such as SID A) and a destination address (such as SID B.DB), and the first SRH includes a segment list: ⁇ SID A, SID B.BD, SID C>.
  • END.DB type a new type of SID (denoted as "END.DB type") is defined, and the END.DB type of SID is used to instruct the network device to perform the operation of copying the message and forwarding the second message according to the specified path.
  • the SID of the END.DB type is associated with the path information of the second path, and the first network device can copy the first packet according to the instruction of the SID of the END.DB type, and forward the second packet to the traffic processing device according to the second path, In this way, data traffic mirroring is realized.
  • Network device B decapsulates the packet P according to the SID of END.DT6 type, and obtains the inner layer IPv6DA (such as the destination address of device F), and network device B queries the private network routing table corresponding to the END.DT6 to obtain the first path path information, the first path is the path used to reach the device F.
  • IPv6DA such as the destination address of device F
  • the processing module 1102 is further configured to obtain a second message according to the first message in response to determining that the destination address of the first message is the SID of the first network device, and the payload of the second message is the same as the net load of the first message. the same charge;
  • an embodiment of the present application provides a network device, which can be used to implement the method performed by the first network device in the above method embodiment.
  • a network device which can be used to implement the method performed by the first network device in the above method embodiment.
  • the embodiment of the present application also provides a computer program product, the computer program product includes computer program code, and when the computer program code is executed by the computer, the computer implements the method performed by the first network device in the above method embodiment .

Abstract

Embodiments of the present application disclose a packet forwarding method and a network device, for use in providing a packet traffic mirroring method. The method in the embodiments of the present application comprises: a first network device receiving a first packet, wherein the first packet is a packet to be forwarded on a first path, and when it is determined that the destination address of the first packet is a segment identifier (SID) of the network device, the first network device obtaining a second packet according to the first packet; then forwarding the first packet by means of the first path; and forwarding the second packet by means of a second path, until the second packet is forwarded to a traffic processing device. Thus, the packet on the first path is mirrored by the first network device, and packet mirroring by using the path as granularity is implemented.

Description

一种报文转发的方法及网络设备Method and network device for message forwarding
本申请要求于2021年7月30日提交中国专利局、申请号为202110875153.0、申请名称为“一种报文转发的方法及网络设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application with the application number 202110875153.0 and the application title "A Method and Network Equipment for Message Forwarding" submitted to the China Patent Office on July 30, 2021, the entire contents of which are incorporated by reference in In this application.
技术领域technical field
本申请涉及通信领域,尤其涉及一种报文转发的方法及网络设备。The present application relates to the communication field, and in particular to a message forwarding method and network equipment.
背景技术Background technique
流量镜像是指在网络设备将数据流量进行复制后,将复制后的数据流量发送到流量处理设备的过程,以通过流量处理设备对流量进行分析和检测。Traffic mirroring refers to the process of sending the copied data traffic to the traffic processing device after the network device copies the data traffic, so that the traffic can be analyzed and detected by the traffic processing device.
当前,网络设备使用端口镜像的方式来实现流量镜像。例如,请参阅图1,网络设备B和流量处理设备E连接,网络设备B接收来自网络设备A的报文流量,如果对经由网络设备B到网络设备C的数据流量进行镜像,那么需要将网络设备B的镜像端口上发送的所有数据流量都发送至流量处理设备E,从而实现流量镜像。Currently, network devices use port mirroring to implement traffic mirroring. For example, please refer to Figure 1. Network device B is connected to traffic processing device E. Network device B receives packet traffic from network device A. If the data traffic from network device B to network device C is mirrored, the network All data traffic sent on the mirroring port of device B is sent to traffic processing device E, thereby realizing traffic mirroring.
当前方法中,是从端口的粒度来实现流量镜像,数据流量镜像的粒度较粗。In the current method, traffic mirroring is implemented at the granularity of ports, and the granularity of data traffic mirroring is relatively coarse.
发明内容Contents of the invention
本申请实施例提供了一种报文转发的方法及网络设备,该方法应用于一种通信***,该通信***包括多个网络设备及流量处理设备,多个网络设备用于转发报文,多个网络设备包括第一网络设备,第一网络设备用于将在第一路径上进行转发的数据镜像到流量处理设备,从而提供一种数据流量镜像的方法,以适应不同的报文分析需求。The embodiment of the present application provides a message forwarding method and a network device, the method is applied to a communication system, the communication system includes a plurality of network devices and flow processing devices, the plurality of network devices are used to forward messages, and multiple The first network device includes a first network device, and the first network device is configured to mirror the data forwarded on the first path to the traffic processing device, so as to provide a data traffic mirroring method to meet different packet analysis requirements.
第一方面,本申请实施例提供了一种报文转发的方法,应用于第一网络设备,该方法可以包括:首先,接收第一报文;然后,检查第一报文的目的地址,确定第一报文的目的地址为网络设备的段标识SID;再后,响应于确定第一报文的目的地址为第一网络设备的SID,根据第一报文得到第二报文,其中,第二报文的净荷与第一报文的净荷相同;最后,通过第一路径正常转发第一报文,并通过第二路径转发第二报文,直到第二报文被转发到流量处理设备。本申请实施例中,当第一报文中的目的地址是本节点(第一网络设备)的SID时,第一网络节点根据第一报文得到第二报文,第一报文是第一路径上的转发报文,第一网络设备通过第二路径转发第二报文,实现在第一网络设备将第一路径上的报文镜像到流量处理设备。In the first aspect, the embodiment of the present application provides a method for message forwarding, which is applied to the first network device. The method may include: first, receiving the first message; then, checking the destination address of the first message to determine The destination address of the first message is the segment identifier SID of the network device; then, in response to determining that the destination address of the first message is the SID of the first network device, the second message is obtained according to the first message, wherein, the first message The payload of the second message is the same as that of the first message; finally, forward the first message normally through the first path, and forward the second message through the second path until the second message is forwarded to the traffic processing equipment. In the embodiment of the present application, when the destination address in the first message is the SID of the node (the first network device), the first network node obtains the second message according to the first message, and the first message is the first For forwarding packets on the path, the first network device forwards the second packet through the second path, so that the first network device mirrors the packet on the first path to the traffic processing device.
在一种可选的实现方式中,SID为特定类型的SID,特定类型的SID用于指示第一网络设备复制第一报文,并将第二报文通过第二路径转发到流量处理设备。本实施例中,第一网络设备根据特定类型的SID执行复制第一报文并在第二路径上转发第二报文的操作,从而第一网络设备能够根据第一报文得到用于镜像到流量处理设备的第二报文。In an optional implementation manner, the SID is a specific type of SID, and the specific type of SID is used to instruct the first network device to copy the first packet and forward the second packet to the traffic processing device through the second path. In this embodiment, the first network device performs the operation of copying the first message and forwarding the second message on the second path according to a specific type of SID, so that the first network device can obtain the The second packet of the traffic processing device.
在一种可选的实现方式中,特定类型的SID为端点复制绑定END.DB类型的SID。本实施例中,定义一种新类型的SID(END.DB类型的SID),当第一网络设备确定第一报文的目的地址为END.DB类型的SID,第一网络设备根据END.DB类型的SID执行复制第一 报文的操作,从而第一网络设备能够根据第一报文得到用于镜像到流量处理设备的第二报文,以将第二报文转发至流量处理设备。In an optional implementation manner, the specific type of SID is the SID of the endpoint replication binding END.DB type. In this embodiment, a new type of SID (SID of the END.DB type) is defined. When the first network device determines that the destination address of the first message is the SID of the END.DB type, the first network device according to the END.DB The type of SID executes the operation of duplicating the first packet, so that the first network device can obtain the second packet for mirroring to the traffic processing device according to the first packet, so as to forward the second packet to the traffic processing device.
在一种可选的实现方式中,特定类型的SID为端点END类型的SID,SID的附加行为flavor的类型为连接类型或分支类型。本实施例中,定义一种新型的flavor,当第一网络设备确定第一报文的目的地址为端点END类型的SID,且该SID的flavor的类型为特定类型时,执行复制第一报文的操作,该特定类型可以为连接(couple)类型或分支(branch)类型。第一网络设备根据SID的flavor的类型执行复制第一报文的操作,从而第一网络设备能够根据第一报文得到用于镜像到流量处理设备的第二报文,以将第二报文转发至流量处理设备。In an optional implementation manner, the specific type of SID is the SID of the endpoint END type, and the type of the flavor of the additional behavior of the SID is a connection type or a branch type. In this embodiment, a new type of flavor is defined. When the first network device determines that the destination address of the first message is the SID of the endpoint END type, and the type of the flavor of the SID is a specific type, copy the first message The operation of the specific type can be a connection (couple) type or a branch (branch) type. The first network device performs the operation of duplicating the first packet according to the type of flavor of the SID, so that the first network device can obtain the second packet for mirroring to the traffic processing device according to the first packet, so as to copy the second packet forwarded to the traffic processing device.
在一种可选的实现方式中,所述方法还包括:第一网络设备获得对应第二路径的路径信息,然后,第一网络设备可以根据对应第二路径的路径信息转发第二报文。In an optional implementation manner, the method further includes: the first network device obtains path information corresponding to the second path, and then, the first network device may forward the second packet according to the path information corresponding to the second path.
在一种可选的实现方式中,获得对应第二路径的路径信息可以包括:第一网络设备可以根据END.DB类型的SID和关联关系获得第二转发路径的路径信息,其中,该关联关系包括该SID和第二路径的路径信息的对应关系。本实施例中,定义了一种新型的END.DB类型的SID,END.DB类型的SID关联第二路径的路径信息,提供了一种根据END.DB类型的SID确定用于到达流量处理设备的第二路径的路径信息的实现方式。In an optional implementation manner, obtaining the path information corresponding to the second path may include: the first network device may obtain the path information of the second forwarding path according to the SID of the END.DB type and the association relationship, wherein the association relationship It includes the correspondence between the SID and the path information of the second path. In this embodiment, a new type of SID of type END.DB is defined. The SID of type END.DB is associated with the path information of the second path, and a method for determining the SID used to reach the traffic processing device according to the SID of type END.DB is provided. The implementation method of the path information of the second path.
在一种可选的实现方式中,第一报文包含有第一分段路由头SRH,获得对应第二路径的路径信息可以包括:根据第一SRH获得第二路径的路径信息。本实施例中,可以通过第一报文中的第一SRH获取第二路径的路径信息,从而实现第一网络设备可以通过第二路径转发第二报文。In an optional implementation manner, the first packet includes a first segment routing header SRH, and obtaining the path information corresponding to the second path may include: obtaining the path information of the second path according to the first SRH. In this embodiment, the path information of the second path can be acquired through the first SRH in the first packet, so that the first network device can forward the second packet through the second path.
在一种可选的实现方式中,第一SRH中包含第二路径的路径信息,根据第一SRH获得第二路径的路径信息可以包括:对第一SRH中的剩余段SL的字段值执行减1的操作,确定第二路径的路径信息。In an optional implementation manner, the first SRH includes the path information of the second path, and obtaining the path information of the second path according to the first SRH may include: subtracting the field value of the remaining segment SL in the first SRH The operation of 1 is to determine the path information of the second path.
在一种可选的实现方式中,根据对应第二路径的路径信息转发第二报文可以包括:第一网络设备在第二报文中封装第二SRH,第二SRH包含第二路径的路径信息(如路径信息包括流量处理设备的地址),第一网络设备根据第二SRH转发第二报文,以使第二报文转发至流量处理设备,实现数据镜像。In an optional implementation manner, forwarding the second packet according to the path information corresponding to the second path may include: the first network device encapsulates the second SRH in the second packet, and the second SRH includes the path of the second path Information (for example, the path information includes the address of the traffic processing device), the first network device forwards the second message according to the second SRH, so that the second message is forwarded to the traffic processing device, and data mirroring is realized.
在一种可选的实现方式中,根据对应第二路径的路径信息转发第二报文可以具体包括:第一网络设备获得第二报文的目的地的IPv6地址,第二报文中封装IPv6报文头,IPv6报文头的目的地址为第二报文的目的地的IPv6地址,根据目的地的IPv6地址转发第二报文。本实施例中,若流量处理设备不支持SRv6技术,流量处理设备的地址可以为流量处理设备的IPv6地址,第一网络设备根据目的地的IPv6地址转发第二报文。In an optional implementation manner, forwarding the second message according to the path information corresponding to the second path may specifically include: the first network device obtains the IPv6 address of the destination of the second message, and encapsulating the IPv6 address in the second message The packet header, where the destination address of the IPv6 packet header is the IPv6 address of the destination of the second packet, and the second packet is forwarded according to the IPv6 address of the destination. In this embodiment, if the traffic processing device does not support SRv6 technology, the address of the traffic processing device may be the IPv6 address of the traffic processing device, and the first network device forwards the second message according to the IPv6 address of the destination.
在一种可选的实现方式中,第二路径的路径信息包括至少一个地址,至少一个地址包括流量处理设备的地址;或者,第二路径的路径信息与一个绑定段标识BSID对应;或者,第二路径用END.X类型的SID指示。In an optional implementation manner, the path information of the second path includes at least one address, and the at least one address includes an address of a traffic processing device; or, the path information of the second path corresponds to a binding segment identifier BSID; or, The second path is indicated with a SID of type END.X.
在一种可选的实现方式中,第一报文为SRv6报文。In an optional implementation manner, the first packet is an SRv6 packet.
在一种可选的实现方式中,方法还包括:获取第一路径的路径信息,通过第一路径转 发第一报文可以具体包括:第一网络设备根据第一路径的路径信息转发第一报文,如第一路径的路径信息可以至少包括第一网络设备的下一跳网络设备的地址。In an optional implementation manner, the method further includes: acquiring path information of the first path, and forwarding the first packet through the first path may specifically include: forwarding the first packet by the first network device according to the path information of the first path For example, the path information of the first path may at least include the address of the next-hop network device of the first network device.
在一种可选的实现方式中,获取第一路径的路径信息可以具体包括:第一网络设备对第一SRH中的SL字段值执行减x的操作,确定第一路径的路径信息;其中,x为大于或者等于2的整数,第二路径的路径信息包括(x-1)个地址。本实施例中,第一SRH中包括segment list,在segment list中,第一网络设备的地址与第二第一网络设备的地址之间间隔(x-1)个地址。其中,第二网络设备为第一路径上的下一跳第一网络设备。例如,若segment list为(SID C,SID E,SID B.Branch,SID A,SL=2),例如第一网络设备为一网络设备B、第二网络设备为网络设备C,网络设备B和网络设备C之间间隔一个地址,该一个地址为流量处理设备E的地址,则x=2。即在这种情况下,对SRH中的segment left字段值执行减2的操作,第一网络设备确定第一路径的路径信息(如SID C)。In an optional implementation manner, obtaining the path information of the first path may specifically include: the first network device performs an operation of subtracting x from the value of the SL field in the first SRH to determine the path information of the first path; wherein, x is an integer greater than or equal to 2, and the path information of the second path includes (x-1) addresses. In this embodiment, the first SRH includes a segment list, and in the segment list, there are (x-1) addresses between the address of the first network device and the address of the second first network device. Wherein, the second network device is the next-hop first network device on the first path. For example, if the segment list is (SID C, SID E, SID B.Branch, SID A, SL=2), for example, the first network device is a network device B, the second network device is a network device C, network devices B and There is an address between the network devices C, and the address is the address of the traffic processing device E, then x=2. That is, in this case, the segment left field value in the SRH is decremented by 2, and the first network device determines the path information (such as SID C) of the first path.
在一种可选的实现方式中,所述方法还包括:若第一网络设备到流量处理设备的路径发生故障,则删除第二报文。本实施例中,为了避免由于中间节点保护机制,第一转发节点将第二报文转发到第一路径上的下一跳转发节点,从而使下一跳转发节点收到两份报文(第一报文和第二报文),当第一转发节点到流量处理设备的路径故障时,第一转发节点删除第二报文。In an optional implementation manner, the method further includes: if a path from the first network device to the traffic processing device fails, deleting the second packet. In this embodiment, in order to avoid the protection mechanism of the intermediate node, the first forwarding node forwards the second message to the next-hop forwarding node on the first path, so that the next-hop forwarding node receives two copies of the message (the first packet and the second packet), when the path from the first forwarding node to the traffic processing device fails, the first forwarding node deletes the second packet.
在一种可选的实现方式中,第二路径的路径信息可以有多种表示方式,第二路径的路径信息包括至少一个地址,该至少一个地址包括流量处理设备的地址;或者,第二路径的路径信息用绑定段标识BSID来指示;或者,第二路径的路径信息用END.X类型的SID指示到达流量处理设备的路径。In an optional implementation manner, the path information of the second path may be expressed in multiple ways, and the path information of the second path includes at least one address, and the at least one address includes the address of the traffic processing device; or, the second path The path information of the second path is indicated by the binding segment identifier BSID; or, the path information of the second path is indicated by the SID of type END.X to indicate the path to the traffic processing device.
第二方面,本申请实施例提供了一种网络设备,包括:In a second aspect, the embodiment of the present application provides a network device, including:
收发模块,用于接收第一报文;a transceiver module, configured to receive the first message;
处理模块,用于确定第一报文的目的地址为网络设备的段标识SID;A processing module, configured to determine that the destination address of the first message is the segment identifier SID of the network device;
处理模块,还用于响应于确定第一报文的目的地址为网络设备的SID,根据第一报文得到第二报文,第二报文的净荷与第一报文的净荷相同;The processing module is further configured to obtain a second message according to the first message in response to determining that the destination address of the first message is the SID of the network device, and the payload of the second message is the same as the payload of the first message;
收发模块,用于通过第一路径转发第一报文;A transceiver module, configured to forward the first message through the first path;
收发模块,还用于通过第二路径转发第二报文。The transceiver module is further configured to forward the second message through the second path.
在一种可选的实现方式中,SID为特定类型的SID,特定类型的SID用于指示网络设备复制第一报文,并将第二报文通过第二路径转发到流量处理设备。In an optional implementation manner, the SID is a specific type of SID, and the specific type of SID is used to instruct the network device to copy the first packet and forward the second packet to the traffic processing device through the second path.
在一种可选的实现方式中,特定类型的SID为端点复制绑定END.DB类型的SID。In an optional implementation manner, the specific type of SID is the SID of the endpoint replication binding END.DB type.
在一种可选的实现方式中,特定类型的SID为端点END类型的SID,SID的附加行为flavor的类型为连接类型或分支类型。In an optional implementation manner, the specific type of SID is the SID of the endpoint END type, and the type of the flavor of the additional behavior of the SID is a connection type or a branch type.
在一种可选的实现方式中,处理模块,还用于获得对应第二路径的路径信息;In an optional implementation manner, the processing module is further configured to obtain path information corresponding to the second path;
收发模块,还用于根据对应第二路径的路径信息转发第二报文。The transceiver module is further configured to forward the second message according to the path information corresponding to the second path.
在一种可选的实现方式中,处理模块,还用于根据SID和关联关系获得第二转发路径的路径信息,关联关系包括SID和第二转发路径的路径信息的对应关系。In an optional implementation manner, the processing module is further configured to obtain path information of the second forwarding path according to the SID and the association relationship, where the association relationship includes a correspondence between the SID and the path information of the second forwarding path.
在一种可选的实现方式中,第一报文含有第一分段路由头SRH;In an optional implementation, the first packet contains a first segment routing header SRH;
处理模块,还用于根据第一SRH获得第二路径的路径信息。The processing module is further configured to obtain path information of the second path according to the first SRH.
在一种可选的实现方式中,第一SRH中包含第二路径的路径信息;In an optional implementation manner, the first SRH includes path information of the second path;
处理模块,还用于对第一SRH中的剩余段SL的字段值执行减1的操作,确定第二路径的路径信息。The processing module is further configured to subtract 1 from the field value of the remaining segment SL in the first SRH to determine the path information of the second path.
在一种可选的实现方式中,处理模块,还用于在第二报文中封装第二SRH,第二SRH包含第二路径的路径信息;In an optional implementation manner, the processing module is further configured to encapsulate a second SRH in the second packet, and the second SRH includes path information of the second path;
收发模块,还用于根据第二SRH转发第二报文。The transceiver module is further configured to forward the second message according to the second SRH.
在一种可选的实现方式中,处理模块,还用于获得第二报文的目的地的IPv6地址,第二报文中封装IPv6报文头,IPv6报文头的目的地址为第二报文的目的地的IPv6地址;In an optional implementation, the processing module is also used to obtain the IPv6 address of the destination of the second packet, the IPv6 packet header is encapsulated in the second packet, and the destination address of the IPv6 packet header is the second packet The IPv6 address of the destination of the text;
收发模块,还用于根据目的地的IPv6地址转发第二报文。The transceiver module is further configured to forward the second packet according to the IPv6 address of the destination.
在一种可选的实现方式中,第二路径的路径信息包括至少一个地址,至少一个地址包括流量处理设备的地址;或者,第二路径的路径信息与一个绑定段标识BSID对应;或者,第二路径用END.X类型的SID指示。In an optional implementation manner, the path information of the second path includes at least one address, and the at least one address includes an address of a traffic processing device; or, the path information of the second path corresponds to a binding segment identifier BSID; or, The second path is indicated with a SID of type END.X.
在一种可选的实现方式中,第一报文为SRv6报文。In an optional implementation manner, the first packet is an SRv6 packet.
在一种可选的实现方式中,处理模块,还用于获取第一路径的路径信息;In an optional implementation manner, the processing module is further configured to obtain path information of the first path;
收发模块,还用于根据第一路径的路径信息转发第一报文。The transceiver module is further configured to forward the first message according to the path information of the first path.
在一种可选的实现方式中,处理模块,还用于对第一SRH中的SL字段值执行减x的操作,确定第一路径的路径信息;其中,x为大于或者等于2的整数,第二路径的路径信息包括(x-1)个地址。In an optional implementation manner, the processing module is further configured to subtract x from the SL field value in the first SRH to determine the path information of the first path; where x is an integer greater than or equal to 2, The path information of the second path includes (x-1) addresses.
在一种可选的实现方式中,处理模块,还用于当网络设备到流量处理设备的路径发生故障时,则删除第二报文。In an optional implementation manner, the processing module is further configured to delete the second packet when a path from the network device to the traffic processing device fails.
第三方面,本申请实施例提供了一种网络设备,包括:包括处理器,处理器与至少一个存储器耦合,处理器用于读取至少一个存储器所存储的计算机程序,使得网络设备执行如上述第一方面中任一项所述的方法。In the third aspect, the embodiment of the present application provides a network device, including: including a processor, the processor is coupled with at least one memory, and the processor is used to read the computer program stored in the at least one memory, so that the network device executes the above-mentioned first The method of any one of the aspects.
第四方面,本申请实施例提供了一种计算机程序产品,计算机程序产品中包括计算机程序代码,当计算机程序代码被计算机执行时,使得计算机实现上述如上述第一方面中任一项所述的方法。In the fourth aspect, the embodiment of the present application provides a computer program product, the computer program product includes computer program code, when the computer program code is executed by the computer, the computer realizes the above-mentioned any one of the above-mentioned first aspect. method.
第五方面,本申请实施例提供了一种计算机可读存储介质,用于储存计算机程序或指令,计算机程序或指令被执行时使得计算机执行如上述第一方面中任一项所述的方法。In the fifth aspect, the embodiment of the present application provides a computer-readable storage medium for storing computer programs or instructions. When the computer programs or instructions are executed, the computer executes the method described in any one of the above-mentioned first aspects.
第六方面,本申请实施例提供了一种通信***,包括第一网络设备和流量处理设备;第一网络设备用于执行上述第一方面任一项所述的方法,流量处理设备用于接收第二报文。In the sixth aspect, the embodiment of the present application provides a communication system, including a first network device and a traffic processing device; the first network device is used to execute the method described in any one of the above first aspects, and the traffic processing device is used to receive second message.
附图说明Description of drawings
图1为一种通信***的场景示意图;FIG. 1 is a schematic diagram of a scenario of a communication system;
图2为IPv6 SR的报文封装格式的示意图;Fig. 2 is the schematic diagram of the packet encapsulation format of IPv6 SR;
图3为SID格式的示意图;FIG. 3 is a schematic diagram of the SID format;
图4为END.X类型的SID表示的路径的示意图;FIG. 4 is a schematic diagram of a path represented by a SID of type END.X;
图5为本申请实施例中一种通信***的场景示意;FIG. 5 is a schematic diagram of a scenario of a communication system in an embodiment of the present application;
图6为本申请实施例中一种报文转发的方法的一个实施例的步骤流程示意图;FIG. 6 is a schematic flowchart of steps in an embodiment of a method for message forwarding in an embodiment of the present application;
图7A和图7B为本申请实施例中第二报文的两种封装格式的一个示例的结构示意图;7A and 7B are schematic structural diagrams of an example of two encapsulation formats of the second message in the embodiment of the present application;
图8为本申请实施例中第二报文的一个示例的结构示意图;FIG. 8 is a schematic structural diagram of an example of a second message in the embodiment of the present application;
图9为本申请实施例中第二报文的另一个示例的结构示意图;FIG. 9 is a schematic structural diagram of another example of the second message in the embodiment of the present application;
图10为本申请实施例中另一种通信***的场景示意图;FIG. 10 is a schematic diagram of a scenario of another communication system in an embodiment of the present application;
图11为本申请实施例中一种网络设备的一个实施例的结构示意图;FIG. 11 is a schematic structural diagram of an embodiment of a network device in the embodiment of the present application;
图12为本申请实施例中一种网络设备的领一个实施例的结构示意图。FIG. 12 is a schematic structural diagram of an embodiment of a network device in the embodiment of the present application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行描述。本申请实施例的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. The terms "first" and "second" in the description and claims of the embodiments of the present application and the above drawings are used to distinguish similar objects, but not necessarily used to describe a specific sequence or sequence.
为了方便理解本申请,首先对本申请实施例中涉及的词语进行示例性说明。In order to facilitate the understanding of the present application, the words involved in the embodiments of the present application are firstly described as examples.
SRv6技术,是基于源路由理念而设计的在网络上转发互联网协议第6版(internet protocol version 6,IPv6)数据的一种协议。SRv6通过在IPv6报文中***一个分段路由头(segment routing header,SRH)(SRH也称为“扩展头”),从而在SRH中压入一个显式的IPv6地址栈,通过转发节点不断的更新目的地址和偏移地址栈的操作来完成对数据的逐跳转发。SRv6 technology is a protocol designed based on the concept of source routing to forward Internet protocol version 6 (internet protocol version 6, IPv6) data on the network. SRv6 inserts a segment routing header (segment routing header, SRH) (SRH is also called "extended header") in the IPv6 message, thereby pushing an explicit IPv6 address stack into the SRH, and continuously The operation of updating the destination address and the offset address stack completes the hop-by-hop forwarding of data.
段(Segment),Segment是IPv6地址形式,通常也可以称为段标识(segment identifier,SID),段列表(segment list)也称为“SID list”。segment list为SRH中地址栈的表示形式,segment list用于指示数据的转发路径。Segment (Segment), Segment is an IPv6 address form, usually also called a segment identifier (segment identifier, SID), and a segment list (segment list) is also called a "SID list". The segment list is the representation of the address stack in the SRH, and the segment list is used to indicate the forwarding path of the data.
SRv6 Policy,在SRv6技术基础上发展的一种新的隧道引流技术。SRv6 Policy对应的路径表示为指定路径的段列表(segment list),或称为SID列表(SID List)。每个SID列表是从源节点到目的节点端到端的路径,并指示网络中的转发节点遵循指定的路径。SID列表由源节点添加到报文中,通信***中的其余转发节点执行SID列表中嵌入的指令。SRv6 Policy is a new tunnel drainage technology developed on the basis of SRv6 technology. The path corresponding to the SRv6 Policy is expressed as a segment list (segment list) of the specified path, or called a SID list (SID List). Each SID list is an end-to-end path from a source node to a destination node, and instructs forwarding nodes in the network to follow the specified path. The SID list is added to the message by the source node, and other forwarding nodes in the communication system execute the instructions embedded in the SID list.
IPv6段路由(segment routing,SR)的报文封装格式为:在原始报文前面添加新的IPv6基本头和SRH。请参阅图2所示,IPv6基本头中包括源地址(source address,SA)和目的地址(destination address,DA)。SRH主要包括以下几个字段。The packet encapsulation format of IPv6 segment routing (segment routing, SR) is: add new IPv6 basic header and SRH in front of the original packet. Please refer to FIG. 2, the IPv6 basic header includes a source address (source address, SA) and a destination address (destination address, DA). SRH mainly includes the following fields.
下一个报头(next header)字段:8bits,用来标识下一个报文头的类型。Next header (next header) field: 8bits, used to identify the type of the next header.
扩展头长度(hdr ext len)字段:8bits,表示以8个字节为单位的SRH的长度。Extended header length (hdr ext len) field: 8bits, indicating the length of the SRH in units of 8 bytes.
路由类型(routing type)字段:8bits,取值为4,表示携带的是SRH。Routing type (routing type) field: 8bits, the value is 4, indicating that it carries SRH.
剩余段(segments left,SL)字段:8bits,用于指示当前活跃的segment,即用于指示报文将要传输的下一跳。SL字段的初始取值为“n-1”(n表示SRH中SID的数目),通常情况下,报文每经过一个节点,SL字段值减1。The remaining segment (segments left, SL) field: 8bits, used to indicate the currently active segment, that is, used to indicate the next hop where the message will be transmitted. The initial value of the SL field is "n-1" (n represents the number of SIDs in the SRH). Normally, the value of the SL field is decremented by 1 each time a message passes through a node.
段列表(segment list)字段:也称为“SID列表”。段列表中的SID按照路径上节点从远到近的顺序进行排列,即segment list[0]表示路径的最后一个SID,segment list[1]表示路径的倒数第二个SID,以此类推。Segment list (segment list) field: also known as "SID list". The SIDs in the segment list are arranged in the order of the nodes on the path from far to near, that is, segment list[0] represents the last SID of the path, segment list[1] represents the penultimate SID of the path, and so on.
segment list字段和segments left字段共同决定基本头中的目的地址。以下举例子说明。The segment list field and the segments left field jointly determine the destination address in the basic header. The following example illustrates.
SID列表为segment list[0]到segment list[n-1]。其中,[*]用于表示节点的编号(或者也 称为“下标”),n表示路径中转发节点的数量。源节点在压路径标签的时,会压入多个标签,即压入报文在传输过程中需要经过的节点。比如,路径包括n个节点(如节点A,节点B,节点C等),第一个压入到目的地址中的是segment list[n-1](例如,segment list[2])对应的转发节点A的地址。最后一个压入到目的地址中的是segment list[0]的地址。例如,segment list可以如下所示。The SID list is segment list[0] to segment list[n-1]. Among them, [*] is used to indicate the number of the node (or also called "subscript"), and n indicates the number of forwarding nodes in the path. When the source node pushes the path label, it will push multiple labels, that is, push the nodes that the message needs to pass through during transmission. For example, the path includes n nodes (such as node A, node B, node C, etc.), and the first one pushed into the destination address is the forwarding corresponding to segment list[n-1] (for example, segment list[2]) Address of node A. The last thing pushed into the destination address is the address of segment list[0]. For example, a segment list can be as shown below.
segment list[0]=SID C;segment list[0] = SID C;
segment list[1]=SID B;segment list[1] = SID B;
segment list[2]=SID A。segment list[2] = SID A.
segment list还可以表示为<segment list[2],segment list[1],segment list[0]>的形式,或还可以表示为(segment list[0],segment list[1],segment list[2])形式。其中,“<>”和“()”符号之间的区别为:对于<segment list[2],segment list[1],segment list[0]>,segment list中SID被压入目的地址的顺序是从左至右,即“<>”中最左边的segment list[2]是第一个需要被处理的,最右边的segment list[0]是最后一个需要被处理的。对于(segment list[0],segment list[1],segment list[2]),segment list中SID被压入目的地址的顺序是从右至左,即“()”最右边的segment list[2]是第一个需要被处理的,最左边的segment list[0]是最后一个需要被处理的。The segment list can also be expressed in the form of <segment list[2],segment list[1],segment list[0]>, or it can also be expressed as (segment list[0],segment list[1],segment list[2 ])form. Among them, the difference between the "<>" and "()" symbols is: for <segment list[2],segment list[1],segment list[0]>, the order in which SIDs in the segment list are pushed into the destination address It is from left to right, that is, the leftmost segment list[2] in "<>" is the first to be processed, and the rightmost segment list[0] is the last to be processed. For (segment list[0],segment list[1],segment list[2]), the order in which SIDs in the segment list are pushed into the destination address is from right to left, that is, the rightmost segment list[2 of "()" ] is the first to be processed, and the leftmost segment list[0] is the last to be processed.
SID,请参阅图3所示,SID包括定位(locator)字段和功能(function)字段。其中,locator具有定位(或路由)功能,一般要在SR域内唯一。function部分是标识绑定到本节点的操作指令,如果本节点收到一个SID,先判断locator部分,如果该locator是本节点发布的,那需要处理本节点绑定的操作指令。随着指令的类型不同,SID的类型也是不相同的,不同类型的SID具有不同的功能。下述几种不同的类型的SID对应的操作指令也称为“END”指令。For the SID, refer to FIG. 3 . The SID includes a locator field and a function field. Among them, the locator has a positioning (or routing) function, and generally must be unique within the SR domain. The function part is to identify the operation instructions bound to the node. If the node receives a SID, it first judges the locator part. If the locator is issued by the node, it needs to process the operation instructions bound to the node. With the different types of instructions, the types of SIDs are also different, and different types of SIDs have different functions. The operation instructions corresponding to the following different types of SIDs are also called "END" instructions.
示例性的,下面介绍几种不同类型的SID。Exemplarily, several different types of SIDs are introduced below.
End SID,End SID表示Endpoint SID,用于标识网络中的某个目的节点。End SID, End SID means Endpoint SID, which is used to identify a certain destination node in the network.
End.X SID,请参阅图4所示,End.X SID表示三层交叉连接的Endpoint SID,用于标识网络中的某条链路,例如,链路A::2,链路A::1,链路A::3。End.X SID, please refer to Figure 4. End.X SID represents the Endpoint SID of the Layer 3 cross-connect, which is used to identify a link in the network, for example, link A::2, link A:: 1, link A::3.
End.DT4 SID,用于标识网络中的互联网协议第4版(internet protocol version 4,IPv4)虚拟专用网络(virtual private network,VPN)实例,End.DT4类型的SID对应的指令(或称为转发动作)是解封装报文,并且查找IPv4 VPN实例路由表转发。End.DT4 SID is used to identify Internet protocol version 4 (internet protocol version 4, IPv4) virtual private network (virtual private network, VPN) instances in the network, and the instruction corresponding to the End.DT4 type SID (or called forwarding Action) is to decapsulate the packet, and look up the routing table of the IPv4 VPN instance for forwarding.
End.DT6 SID,用于标识网络中的某个IPv6 VPN实例。End.DT6类型的SID对应的指令是解封装报文,并且查找IPv6 VPN实例路由表转发。End.DT6 SID, used to identify an IPv6 VPN instance in the network. The instruction corresponding to the SID of type End.DT6 is to decapsulate the packet, and search the routing table of the IPv6 VPN instance for forwarding.
本地(local)SID,每个节点维护一个local SID表,local SID表用于记录本节点生成的SID,以及与SID绑定的操作指令和转发信息。Local (local) SID, each node maintains a local SID table, and the local SID table is used to record the SID generated by the node, as well as the operation instructions and forwarding information bound to the SID.
按照节点的所执行的功能,SRv6通信***中的节点可以分为三种角色,源节点、中转节点和Endpoint节点。同一个节点可以是不同的角色,比如节点在某个SRv6路径里可能是源节点,在其他SRv6路径里可能就是中转节点或者Endpoint节点。According to the functions performed by the nodes, the nodes in the SRv6 communication system can be divided into three roles, namely source node, transit node and Endpoint node. The same node can have different roles. For example, a node may be a source node in a certain SRv6 path, and may be a transit node or an Endpoint node in other SRv6 paths.
源节点:负责在IPv6报文的IPv6头中***SRH,或者,在报文外层加上IPv6头并***SRH。该节点将报文流引入SRH中segment list定义的SRv6路径。Source node: responsible for inserting the SRH into the IPv6 header of the IPv6 message, or adding an IPv6 header to the outer layer of the message and inserting the SRH. This node introduces the packet flow into the SRv6 path defined by the segment list in the SRH.
中转节点:在报文的SRv6路径上,不参与SRv6处理,只执行普通的IPv6报文转发。中转节点可以是支持SRv6的节点,也可以是不支持SRv6的节点。Transit node: On the SRv6 path of the message, it does not participate in SRv6 processing, and only performs ordinary IPv6 message forwarding. The transit node can be a node that supports SRv6, or a node that does not support SRv6.
Endpoint节点:对接收到的SRv6报文进行SRv6相关处理。接收到的SRv6报文的IPv6目的地址是Endpoint节点上配置的SRv6 SID,该节点需要按SRv6 SID的指令进行处理,并更新SRH。Endpoint node: performs SRv6-related processing on received SRv6 packets. The IPv6 destination address of the received SRv6 message is the SRv6 SID configured on the Endpoint node, and the node needs to process according to the instructions of the SRv6 SID and update the SRH.
附加行为(flavors),除了endpoint节点行为和中转节点行为之外,为了增强End系列指令而定义的附加行为。Additional behaviors (flavors), in addition to endpoint node behaviors and transit node behaviors, additional behaviors defined to enhance the End series of instructions.
本申请实施例提供了一种报文转发的方法,该方法基于SRv6技术,以路径粒度将数据流量从一个网络设备镜像到流量处理设备,以使流量处理设备对流量进行分析等操作。该方法应用于一种通信***,请参阅图5所示,图5为通信***的场景示意图。通信***包括多个网络设备501(或简称为“节点”)和流量处理设备502,流量处理设备502可以和多个网络设备501中的一个网络设备连接。其中,网络设备501可以是路由器或交换机等转发设备。流量处理设备可以是路由器、交换机、服务器,个人计算机(Personal Computer,PC)等可以实现流量分析功能的设备,或者,该流量处理设备也可以是流量分析的专用设备,具体的并不限定。示例性的,多个网络设备例如可以是网络设备A、网络设备B、网络设备C和网络设备D。其中,网络设备A、网络设备B和网络设备C依次通信连接,网络设备D与网络设备B连接,流量处理设备E与网络设备D通信连接,应理解,图5中通信***的架构仅是为了方便说明而举的例子,并不造成对本申请中各网络设备间的连接关系的限定。示例性的,网络设备A可以为源节点,网络设备B和网络设备C均可以为endpoint节点。网络设备D可以为中转节点,或者,网络设备D也可以为endpoint节点。The embodiment of the present application provides a packet forwarding method. The method is based on SRv6 technology and mirrors data traffic from a network device to a traffic processing device at a path granularity, so that the traffic processing device can perform operations such as analysis on the traffic. The method is applied to a communication system, as shown in FIG. 5 , which is a schematic diagram of a scenario of the communication system. The communication system includes a plurality of network devices 501 (or "nodes" for short) and a traffic processing device 502, and the traffic processing device 502 may be connected to one network device in the plurality of network devices 501. Wherein, the network device 501 may be a forwarding device such as a router or a switch. The traffic processing device may be a router, a switch, a server, a personal computer (Personal Computer, PC) and other devices capable of realizing the traffic analysis function, or the traffic processing device may also be a dedicated device for traffic analysis, which is not specifically limited. Exemplarily, the multiple network devices may be network device A, network device B, network device C, and network device D, for example. Among them, network device A, network device B, and network device C are sequentially connected by communication, network device D is connected to network device B, and traffic processing device E is connected to network device D by communication. It should be understood that the architecture of the communication system in Figure 5 is only for The examples given for the convenience of description do not limit the connection relationship between network devices in this application. Exemplarily, network device A may be a source node, and both network device B and network device C may be endpoint nodes. The network device D may be a transit node, or the network device D may also be an endpoint node.
请参阅图6所示,本申请实施例提供了一种报文转发的方法,该报文转发的方法应用于第一网络设备,第一网络设备可以是通信***中的任意一个网络设备,该网络设备为endpoint节点。Please refer to FIG. 6, the embodiment of the present application provides a message forwarding method, the message forwarding method is applied to the first network device, the first network device can be any network device in the communication system, the The network device is an endpoint node.
步骤601、第一网络设备接收第一报文。 Step 601, the first network device receives a first packet.
第一网络设备从上一跳网络设备接收第一报文,第一报文为在第一路径上进行转发的报文,第一路径中包括所述第一网络设备。请再次参阅图5所示,例如,第一路径对应SRv6policy(可以记为“SRv6policy-1”)的源节点(或称为头节点)是网络设备A,网络设备A上配置有第一路径的路径信息,第一路径经过网络设备A、网络设备B和网络设备C。第一网络设备以网络设备B为例进行说明。第一路径的路径信息可以用段列表来表示。例如,第一路径的段列表为<SIDA,SID B,SID C>。其中,SID A为网络设备A的SID,如1:1::1;SID B为网络设备B的SID,如1:2::1;SID C为节点C的SID,如1:3::1。本申请实施例中,网络设备C的SID、网络设备D的SID、流量处理设备E的SID为END类型的SID,本申请中简写为“SID C”、“SID D”、“SID E”。The first network device receives the first packet from the last-hop network device, the first packet is a packet forwarded on the first path, and the first path includes the first network device. Please refer to Figure 5 again. For example, the source node (or head node) of the first path corresponding to SRv6policy (which can be recorded as "SRv6policy-1") is network device A, and the first path is configured on network device A. For path information, the first path passes through network device A, network device B, and network device C. The first network device uses network device B as an example for description. The path information of the first path may be represented by a segment list. For example, the segment list for the first path is <SIDA, SID B, SID C>. Among them, SID A is the SID of network device A, such as 1:1::1; SID B is the SID of network device B, such as 1:2::1; SID C is the SID of node C, such as 1:3:: 1. In the embodiment of this application, the SID of network device C, the SID of network device D, and the SID of traffic processing device E are END type SIDs, which are abbreviated as "SID C", "SID D", and "SIDE" in this application.
示例性的,当网络设备A接收到第一报文(如记为“报文P”)时,第一报文的报文头包括基本头和扩展头(SRH)。基本头中包含源地址(SA)和目的地址。例如,目的地址为SID B。SRH中包括段列表(segment list)。网络设备A向网络设备B发送第一报文,即网络设备B从网络设备A接收第一报文。网络设备B需要将第一报文复制一份转发给流量 处理设备(也简称为“节点E”),以便于流量处理设备对流量进行分析。需要说明的是,本申请实施例中,为了区分“按照第一路径进行转发的报文”和“镜像到流量处理设备的报文”,将按照第一路径进行转发的报文称为“第一报文”,将镜像到流量处理设备的报文称为“第二报文”。Exemplarily, when network device A receives the first packet (for example, denoted as "packet P"), the packet header of the first packet includes a basic header and an extended header (SRH). The basic header contains source address (SA) and destination address. For example, the destination address is SID B. The SRH includes a segment list (segment list). Network device A sends the first packet to network device B, that is, network device B receives the first packet from network device A. Network device B needs to copy a copy of the first packet and forward it to the traffic processing device (also referred to as "node E"), so that the traffic processing device can analyze the traffic. It should be noted that, in this embodiment of the application, in order to distinguish between "a packet forwarded according to the first path" and "a packet mirrored to a traffic processing device", the packet forwarded according to the first path is referred to as "the first path". A packet", and the packet mirrored to the traffic processing device is called a "second packet".
步骤602、第一网络设备确定所述第一报文的目的地址为所述第一网络设备的SID。 Step 602, the first network device determines that the destination address of the first packet is the SID of the first network device.
示例性的,第一网络设备检查第一报文中的目的地址,判定第一报文中的目的地址是否为本节点的SID。例如,网络设备B检查“报文P”的报文头中的基本头中的目的地址,判定目的地址是否为SID B,若网络设备B确定“报文P”的目的地址是SID B,则执行下述步骤603,若网络设备B确定“报文P”的目的地址不是SID B,则执行其他步骤。Exemplarily, the first network device checks the destination address in the first packet, and determines whether the destination address in the first packet is the SID of the current node. For example, network device B checks the destination address in the basic header in the message header of "message P" to determine whether the destination address is SID B. If network device B determines that the destination address of "message P" is SID B, then Execute the following step 603, if the network device B determines that the destination address of the "message P" is not SID B, then execute other steps.
步骤603、第一网络设备响应于确定第一报文的目的地址为第一网络设备的SID,根据所述第一报文得到第二报文,其中,第二报文的净荷与第一报文的净荷相同。Step 603: In response to determining that the destination address of the first message is the SID of the first network device, the first network device obtains a second message according to the first message, wherein the payload of the second message is the same as that of the first The payloads of the packets are the same.
当第一报文的目的地址是第一网络设备的SID时,第一网络设备根据SID复制第一报文。示例性的,网络设备B检查第一报文中的目的地址,当网络设备B确定该目的地址是SID B时,网络设备B根据第一报文得到第二报文。When the destination address of the first packet is the SID of the first network device, the first network device copies the first packet according to the SID. Exemplarily, the network device B checks the destination address in the first message, and when the network device B determines that the destination address is SID B, the network device B obtains the second message according to the first message.
可选地,第一网络设备的SID为特定类型的SID,特定类型的SID用于指示第一网络设备复制第一报文,并将根据第一报文得到的第二报文通过所述第二路径转发到流量处理设备。示例性的,特定类型的SID可以通过如下两种方式来实现。Optionally, the SID of the first network device is a specific type of SID, and the specific type of SID is used to instruct the first network device to copy the first message, and pass the second message obtained according to the first message through the first The second path is forwarded to the traffic processing device. Exemplarily, a specific type of SID can be implemented in the following two ways.
第一种实现方式,特定类型的SID为定义的一种新类型的SID,即该新类型的SID用于使endpoint节点执行复制第一报文,并按第二路径转发第二报文的操作,该类型可以称为“端点复制绑定类型”,记为“END.DB(duplicate and binding)”类型。其中,第二路径是指用于到达流量处理设备的路径。In the first implementation, the specific type of SID is a new type of SID defined, that is, the new type of SID is used to make the endpoint node perform the operation of copying the first message and forwarding the second message according to the second path , this type can be called "endpoint replication binding type", and is recorded as "END.DB(duplicate and binding)" type. Wherein, the second path refers to a path used to reach the traffic processing device.
第二种实现方式,特定类型的SID为端点END类型的SID,该SID的flavor是一种新类型的flavor,该新类型的flavor用于使endpoint节点执行复制报文,并按第二路径转发该报文的操作。该新类型的flavor可以称为“连接(couple)类型”或“分支(branch)类型”。In the second implementation mode, the specific type of SID is the SID of the endpoint END type, and the flavor of the SID is a new type of flavor. The new type of flavor is used to make the endpoint node execute the copy message and forward it according to the second path The operation of the message. This new type of flavor may be called "couple type" or "branch type".
可选地,第一网络设备获取第二路径的路径信息。针对上述两种实现方式,对第一网络设备获取第二路径的路径信息进行示例性说明。Optionally, the first network device acquires path information of the second path. With regard to the above two implementation manners, an example is given for the acquisition of the path information of the second path by the first network device.
在上述第一种实现方式中,END.DB类型的SID关联第二路径的路径信息,即在第一网络设备中预先配置了该SID与第二路径的对应关系。本申请实施例中,为了方便描述,将网络设备B的END.DB类型的SID称为“B.DB”,即B.DB与第二路径具有关联关系(或对应关系,或映射关系)。网络设备B根据B.DB及B.DB与第二路径的关联关系确定第二路径的路径信息。In the above first implementation manner, the SID of type END.DB is associated with the path information of the second path, that is, the correspondence between the SID and the second path is pre-configured in the first network device. In the embodiment of the present application, for the convenience of description, the SID of the END.DB type of the network device B is referred to as "B.DB", that is, B.DB has an association relationship (or a corresponding relationship, or a mapping relationship) with the second path. The network device B determines the path information of the second path according to B.DB and the association relationship between B.DB and the second path.
在上述第二种实现方式中,第一报文的报文头中含有第一SRH,第一SRH中包含第二路径的路径信息。第一网络设备(如网络设备B)对第一SRH中的剩余段SL的字段值执行减1的操作,确定第二路径的路径信息。例如,第一SRH中的segment list为:<SA,SID B.Branch,SID E,SID C>,其中,SID B.Branch表示网络设备B的SID的Flavor为Branch。即从网络设备B开始,出现了分支路径,第一路径为:网络设备A→网络设备B→网络设备C,分支路径(即为第二路径)为:网络设备B→流量处理设备E。网络设备B对SL的 字段值执行减1的操作,确定第二路径的路径信息为SID E(流量处理设备的地址)。In the second implementation manner above, the header of the first packet contains the first SRH, and the first SRH contains path information of the second path. The first network device (such as network device B) subtracts 1 from the field value of the remaining segment SL in the first SRH to determine the path information of the second path. For example, the segment list in the first SRH is: <SA, SID B.Branch, SID E, SID C>, wherein, SID B.Branch indicates that the Flavor of the SID of network device B is Branch. That is, starting from network device B, a branch path appears. The first path is: network device A→network device B→network device C, and the branch path (that is, the second path) is: network device B→traffic processing device E. The network device B performs the operation of subtracting 1 to the field value of SL, and determines that the path information of the second path is SIDE (the address of the traffic processing device).
示例性的,上述第二路径的路径信息表示方式可以有以下几种情况。Exemplarily, the path information representation manner of the above-mentioned second path may have the following situations.
第一种情况,第二路径包括至少一个地址,该至少一个地址包括流量处理设备E的地址。例如,第二路径的路径信息包括:网络设备D的地址(如SID D)和流量处理设备E的地址,例如,<SID D,SID E>,其中,SID D,SID E均是END类型的SID。再如,第二路径只包括流量处理设备E的地址。若流量处理设备E支持SRv6技术,则流量处理设备E的地址为“流量处理设备的SID”(如记为“SID E”)。若流量处理设备不支持SRv6技术,则流量处理设备的地址为流量处理设备的IPv6地址(如记为“E IPv6”)。 In the first case, the second path includes at least one address, and the at least one address includes the address of the traffic processing device E. For example, the path information of the second path includes: the address of network device D (such as SID D) and the address of traffic processing device E, for example, <SID D, SIDE E>, wherein, SID D, SIDE E are both END type SID. For another example, the second path only includes the address of the traffic processing device E. If the traffic processing device E supports the SRv6 technology, the address of the traffic processing device E is "the SID of the traffic processing device" (eg, "SIDE"). If the traffic processing device does not support SRv6 technology, the address of the traffic processing device is the IPv6 address of the traffic processing device (for example, marked as "E IPv6 ").
第二种情况,第二路径用绑定段标识BSID(binding SID)来指示。In the second case, the second path is indicated by a binding segment identifier BSID (binding SID).
定义一个新的SRv6 Policy,该新的SRv6 Policy对应第二路径(如记为“SRv6 Policy-2”),SRv6 Policy-2用BSID来指示,SRv6 Policy-2包括BSID和segment list(或称为“SID list”),如果报文的目的地址为BSID,则网络设备B将流量引导到该BSID所属的SRv6 Policy-2上。segment list携带到达流量处理设备E需要经过的节点。Define a new SRv6 Policy, the new SRv6 Policy corresponds to the second path (such as "SRv6 Policy-2"), SRv6 Policy-2 is indicated by BSID, SRv6 Policy-2 includes BSID and segment list (or called "SID list"), if the destination address of the packet is BSID, then network device B will direct the traffic to the SRv6 Policy-2 to which the BSID belongs. The segment list carries the nodes that need to pass through to reach the traffic processing device E.
第三种情况,第二路径的路径信息用END.X类型的SID指示。例如,<D到E的END.X SID>(即END.X SID对应“节点D到节点E的链路”)。In the third case, the path information of the second path is indicated by a SID of type END.X. For example, <END.X SID from D to E> (that is, the END.X SID corresponds to "the link from node D to node E").
可选地,第一网络设备获取第一路径的路径信息。针对上述两种实现方式,对第一网络设备获取第一路径的路径信息进行示例性说明。Optionally, the first network device acquires path information of the first path. With regard to the above two implementation manners, an example is given for the acquisition of the path information of the first path by the first network device.
在上述第一种实现方式中,网络设备B对第一SRH的SL字段值执行减1的操作,确定第一路径的路径信息。例如,第一SRH中的段列表为<SIDA,SID B,SID C>,网络设备B对SL字段值执行减1的操作,确定第一路径的路径信息为SID C。In the above first implementation manner, the network device B performs an operation of subtracting 1 from the value of the SL field of the first SRH to determine the path information of the first path. For example, the segment list in the first SRH is <SIDA, SID B, SID C>, and the network device B performs a decrement operation on the value of the SL field to determine that the path information of the first path is SID C.
在上述第二种实现方式中,第一报文中包括第一SRH,第一网络设备对第一SRH中的SL字段值执行减x的操作,确定第一路径的路径信息。其中,x为大于或者等于2的整数,第二路径的路径信息包括(x-1)个地址。举例说明,网络设备B对报文P中第一SRH的SL字段值执行减x的操作。在segment list中,第一网络设备的地址与第二网络设备的地址之间间隔(x-1)个地址。其中,第二网络设备为第一路径上的下一跳网络设备。例如,若segment list为(SID C,SID E,SID B.Branch,SID A,SL=2),即第一网络设备为网络设备B、第二网络设备为网络设备C。网络设备B和网络设备C之间间隔1个地址,该1个地址为流量处理设备E的地址,则x=2。即在这种情况下,对第一SRH中的segment left字段值执行减2的操作,即第一路径的路径信息为SID C。再如,若segment list为(SID C,SID E,SID D,SID B.Branch,SID A),即第一网络设备(网络设备B)和第二网络设备(网络设备C)之间间隔2个地址,该2个地址包括网络设备D的地址和流量处理设备E的地址,则x=3。即在这种情况下,对报文P中的第一SRH的SL字段值执行减3的操作,即第一路径的路径信息包括SID C。In the above second implementation manner, the first packet includes the first SRH, and the first network device subtracts x from the value of the SL field in the first SRH to determine the path information of the first path. Wherein, x is an integer greater than or equal to 2, and the path information of the second path includes (x-1) addresses. For example, the network device B subtracts x from the value of the SL field of the first SRH in the packet P. In the segment list, (x-1) addresses are separated between the address of the first network device and the address of the second network device. Wherein, the second network device is a next-hop network device on the first path. For example, if the segment list is (SID C, SID E, SID B.Branch, SID A, SL=2), that is, the first network device is network device B, and the second network device is network device C. There is one address between the network device B and the network device C, and the one address is the address of the traffic processing device E, then x=2. That is, in this case, the segment left field value in the first SRH is decremented by 2, that is, the path information of the first path is SID C. For another example, if the segment list is (SID C, SID E, SID D, SID B.Branch, SID A), the interval between the first network device (network device B) and the second network device (network device C) is 2 address, the two addresses include the address of the network device D and the address of the traffic processing device E, then x=3. That is, in this case, the SL field value of the first SRH in the packet P is decremented by 3, that is, the path information of the first path includes SID C.
步骤604、第一网络设备通过第二路径转发第二报文,并通过第一路径转发第一报文。 Step 604, the first network device forwards the second packet through the second path, and forwards the first packet through the first path.
在上述第一种实现方式中,END.DB类型的SID关联第二路径的路径信息,网络设备B在第二报文中封装第二SRH,第二SRH包含第二路径的路径信息,根据第二SRH转发第二报文。即网络设备B可以直接封装第二路径的路径信息和第一报文的复制报文,得到 第二报文。封装的方式如下述方式A和方式B。In the first implementation above, the SID of type END.DB is associated with the path information of the second path, the network device B encapsulates the second SRH in the second packet, and the second SRH contains the path information of the second path, according to the The second SRH forwards the second packet. That is, network device B can directly encapsulate the path information of the second path and the copied packet of the first packet to obtain the second packet. The way of encapsulation is as following way A and way B.
方式A、请参阅图7A所示,复制报文(与第一报文相同)中包括基本头、SRH(记为“第一SRH”)和净荷(payload)。例如,第一SRH中包括的segment list为:<SID A,SID B.BD,SID C>,网络设备B在复制报文的基本头的后面封装一个新的SRH(如记为“第二SRH”),第二SRH中包括第二路径的路径信息。例如,“第二SRH”包括<SID D,SID E>,即网络设备B封装复制报文和第二SRH,得到第二报文。第二报文包括基本头、第一SRH、第二SRH和净荷。Mode A, please refer to FIG. 7A , the copied message (same as the first message) includes a basic header, SRH (referred to as "the first SRH") and a payload (payload). For example, the segment list included in the first SRH is: <SID A, SID B.BD, SID C>, and network device B encapsulates a new SRH behind the basic header of the copied message (for example, it is marked as "the second SRH ”), the second SRH includes the path information of the second path. For example, the "second SRH" includes <SID D, SIDE E>, that is, the network device B encapsulates the copied message and the second SRH to obtain the second message. The second packet includes a basic header, a first SRH, a second SRH and a payload.
方式B、请参阅图7B所示,网络设备B在复制报文的外层再重新封装一个新的报文头(记为“第二报文头”)。为了区分新的报文头和复制报文中的报文头,将复制报文中的报文头称为“第一报文头”。第一报文头中包括第一基本头、第一SRH和净荷,第二报文头中包括第二基本头、第二SRH和净荷。第一基本头中包括源地址(如SID A)和目的地址(如SID B.DB),第一SRH中包括segment list:<SID A,SID B.BD,SID C>。第二基本头包括目的地址(如SID D),第一SRH中包括segment list:<SID D,SID E>。第二报文包括第一报文头、第二报文头和净荷。上述方式A中和方式B中,第二报文的净荷与第一报文的净荷相同。Mode B, as shown in FIG. 7B , network device B re-encapsulates a new packet header (referred to as "the second packet header") on the outer layer of the copied packet. In order to distinguish the new message header from the message header in the copied message, the message header in the copied message is called "the first message header". The first message header includes the first basic header, the first SRH and the payload, and the second message header includes the second basic header, the second SRH and the payload. The first basic header includes a source address (such as SID A) and a destination address (such as SID B.DB), and the first SRH includes a segment list: <SID A, SID B.BD, SID C>. The second basic header includes a destination address (such as SID D), and the first SRH includes a segment list: <SID D, SID E>. The second packet includes a first packet header, a second packet header and a payload. In the foregoing manner A and manner B, the payload of the second packet is the same as the payload of the first packet.
在上述第二种实现方式中,第一报文中的segment list中包含有第一路径的路径信息和第二路径的路径信息。第一网络设备(如网络设备B)需要确定segment list中的第二路径的路径信息。可以理解的是,segment list中指示了两个分支路径,两个分支路径即第一路径和第二路径。网络设备B根据SID的分支类型(branch)的附加行为执行将复制报文的SRH中SL字段值减1的操作,从而在segment list中确定第二路径的路径信息。示例性的,在该种实现方式中,请参阅图8所示,复制报文包括基本头和扩展头(第一SRH),第一SRH中包括segment list,segment list指示了两个分支路径。其中,一个分支是第一路径,即第一报文的转发路径,另一个分支是第二路径,即第二报文的转发路径。其中,第二路径的路径信息可以用流量处理设备E的地址来表示,如SID E。或者,该第二路径的路径信息也可以用END.X类型的SID来表示,例如,END.X对应的从节点D到节点E的路径。示例性的,segment list为<SID A,SID B.Branch,SID E,SID C>。其中,第一路径为:网络设备A→网络设备B→网络设备C。分支路径(第二路径)为网络设备B→网络设备E。也就是说,从网络设备B开始,出现了分支路径,一条路径到达网络设备C,一条路径到达流量处理设备E。网络设备B对复制报文中第一SRH中的SL字段值执行减1的操作,即获取到达流量处理设备的路径信息(流量处理设备的地址),然后将流量处理设备的地址(如SID E)压入到复制报文的基本头中的目的地址字段,得到第二报文,从而根据对应第二路径的路径信息转发第二报文,直到第二报文被转发到流量处理设备。In the above second implementation manner, the segment list in the first packet includes path information of the first path and path information of the second path. The first network device (such as network device B) needs to determine the path information of the second path in the segment list. It can be understood that two branch paths are indicated in the segment list, and the two branch paths are the first path and the second path. The network device B performs the operation of decrementing the value of the SL field in the SRH of the copied message by 1 according to the additional behavior of the branch type (branch) of the SID, thereby determining the path information of the second path in the segment list. Exemplarily, in this implementation, please refer to FIG. 8, the copied message includes a basic header and an extended header (the first SRH), and the first SRH includes a segment list, and the segment list indicates two branch paths. Wherein, one branch is the first path, that is, the forwarding path of the first packet, and the other branch is the second path, that is, the forwarding path of the second packet. Wherein, the path information of the second path may be represented by the address of the traffic processing device E, such as SIDE. Alternatively, the path information of the second path may also be represented by a SID of type END.X, for example, the path from node D to node E corresponding to END.X. Exemplarily, the segment list is <SID A, SID B.Branch, SID E, SID C>. Wherein, the first path is: network device A→network device B→network device C. The branch path (second path) is network device B→network device E. That is to say, starting from network device B, branch paths appear, one path reaches network device C, and the other path reaches traffic processing device E. Network device B subtracts 1 from the value of the SL field in the first SRH in the copied message, that is, obtains the path information (the address of the traffic processing device) to the traffic processing device, and then adds the address of the traffic processing device (such as SIDE ) into the destination address field in the basic header of the copied message to obtain the second message, and forward the second message according to the path information corresponding to the second path until the second message is forwarded to the traffic processing device.
针对在上述第一种实现方式和第二种实现方式,第二路径的路径信息包括至少以下三种情况:For the above first and second implementations, the path information of the second path includes at least the following three situations:
情况1,第二路径的路径信息包括多个节点的地址。例如,第二路径的路径信息包括SID D和SID E。示例性的,网络设备D为endpoint节点,网络设备B将网络设备D的地址压入到目的地址字段。网络设备B向网络设备D发送第二报文A,网络设备D收到第二 报文A后,再将流量处理设备E的地址压入到目的地址字段,得到第二报文B,网络设备D将第二报文B转发至流量处理设备。其中,第二报文A和第二报文B仅目的地址不同。In case 1, the path information of the second path includes addresses of multiple nodes. For example, the path information of the second path includes SID D and SIDE E. Exemplarily, network device D is an endpoint node, and network device B pushes the address of network device D into the destination address field. Network device B sends the second message A to network device D. After receiving the second message A, network device D presses the address of the traffic processing device E into the destination address field to obtain the second message B. The network device D forwards the second packet B to the traffic processing device. Wherein, only the destination address of the second message A and the second message B are different.
情况2,第二路径的路径信息只包括流量处理设备的地址。网络设备D为中转节点,网络设备D接收到第二报文后,检查目的地址,确定目的地址为流量处理设备E的地址。网络设备D查询路由表,并根据流量处理设备的地址向流量处理设备发送第二报文。In case 2, the path information of the second path only includes the address of the traffic processing device. The network device D is a transit node, and after receiving the second packet, the network device D checks the destination address, and determines that the destination address is the address of the traffic processing device E. The network device D queries the routing table, and sends the second packet to the traffic processing device according to the address of the traffic processing device.
情况3,第二路径为END.X对应的节点D到节点E的路径。网络设备B将网络设备D的地址复制到目的地址字段,得到第二报文。网络设备B向网络设备D发送第二报文。当网络设备D确定目的地址是本节点的地址,并确定本节点的SID为END.X类型的SID时,END.X类型的SID指示从网络设备D到流量处理设备E的路径,网络设备D根据END.X类型的SID将第二报文转发给流量处理设备。In case 3, the second path is the path from node D to node E corresponding to END.X. Network device B copies the address of network device D into the destination address field to obtain the second packet. Network device B sends the second packet to network device D. When the network device D determines that the destination address is the address of the node, and determines that the SID of the node is the SID of the END.X type, the SID of the END.X type indicates the path from the network device D to the traffic processing device E, and the network device D The second packet is forwarded to the traffic processing device according to the SID of the END.X type.
第一网络设备通过第二路径转发第二报文的同时,第一网络设备通过第一路径转发第一报文。第一网络设备根据第一路径的路径信息转发所述第一报文。例如,网络设备B向网络设备C转发第一报文。需要说明的是,第一网络设备转发第二报文和第一网络设备转发第一报文的时序并不限定。When the first network device forwards the second packet through the second path, the first network device forwards the first packet through the first path. The first network device forwards the first packet according to the path information of the first path. For example, network device B forwards the first packet to network device C. It should be noted that the timing of the first network device forwarding the second packet and the first network device forwarding the first packet is not limited.
本申请实施例中,第一网络设备接收到第一报文,当第一网络设备确定第一报文中的目的地址是本节点的SID时,第一网络设备根据该SID执行复制第一报文的操作,第一网络设备根据第一报文得到第二报文,然后通过第一路径转发第一报文。通过第二路径转发第二报文,直到第二报文被转发到流量处理设备,从而实现在第一网络设备对第一路径上的转发的报文进行镜像。本申请实施例中,被镜像的第一报文是第一路径上的转发报文,基于SRv6技术,第一网络设备将第一路径上的报文镜像到流量处理设备,实现以路径为粒度对报文进行镜像,提供了一种细粒度的报文流量镜像方式。并且,传统的端口镜像方法需要第一网络设备和流量处理设备直连,而本申请实施中并不限定第一网络设备和流量处理设备的连接方式,第一网络设备可以和流量处理设备直连,或者,第一网络设备可以和流量处理设备非直连,第一网络设备和流量处理设备的连接方式更灵活。In this embodiment of the present application, the first network device receives the first message, and when the first network device determines that the destination address in the first message is the SID of the node, the first network device performs copying of the first message according to the SID. In the operation of the file, the first network device obtains the second message according to the first message, and then forwards the first message through the first path. The second packet is forwarded through the second path until the second packet is forwarded to the flow processing device, so that the first network device mirrors the forwarded packet on the first path. In the embodiment of the present application, the first packet to be mirrored is a forwarded packet on the first path. Based on SRv6 technology, the first network device mirrors the packet on the first path to the traffic processing device, realizing the granularity of the path Mirroring packets provides a fine-grained packet traffic mirroring method. Moreover, the traditional port mirroring method requires direct connection between the first network device and the traffic processing device, but the implementation of this application does not limit the connection mode between the first network device and the traffic processing device, and the first network device can be directly connected to the traffic processing device , or, the first network device may not be directly connected to the traffic processing device, and the connection mode between the first network device and the traffic processing device is more flexible.
下面针对上述第一种实现方式的技术方案和第二种实现方式的技术方案分别进行示例性说明。The technical solution of the above first implementation manner and the technical solution of the second implementation manner are respectively described as examples below.
(一)、在第一个应用场景中,针对上述第一种实现方式中的技术方案进行示例性说明。第一种实现方式:定义一种新类型的SID,即END.DB,END.DB类型的SID用于指示网络设备执行复制第一报文并按第二路径转发第二报文的操作。(1) In the first application scenario, an exemplary description is given for the technical solution in the above-mentioned first implementation manner. The first implementation method: define a new type of SID, namely END.DB, and the END.DB type of SID is used to instruct the network device to perform the operation of copying the first packet and forwarding the second packet according to the second path.
S20、网络设备A配置第一报文(如报文P)的第一路径的segment list为:<SID A,SID B.DB,SID C>。S20. Network device A configures the segment list of the first path of the first packet (such as packet P) as: <SID A, SID B.DB, SID C>.
S21、网络设备A向网络设备B发送报文P(第一报文)。相应的,网络设备B从网络设备A接收报文P。S21. Network device A sends a packet P (first packet) to network device B. Correspondingly, network device B receives packet P from network device A.
再次参阅图7A和图7B所示,该报文P的结构简化表示为(SA,SID B.DB)(SID C,SID B.DB,SID A,SL=1)。其中,(SA,SID B.DB)为基本头中的源地址和目的地址,(SID C,SID B.DB,SID A)对应报文头中SRH中的segment list,SL的字段值为1。Referring to Fig. 7A and Fig. 7B again, the structure of the message P is simplified as (SA, SID B.DB)(SID C, SID B.DB, SID A, SL=1). Among them, (SA, SID B.DB) is the source address and destination address in the basic header, (SID C, SID B.DB, SID A) corresponds to the segment list in SRH in the packet header, and the field value of SL is 1 .
S22、网络设备B确定报文P中的目的地址是本网络设备B的END.DB类型的SID。S22. The network device B determines that the destination address in the packet P is the SID of the END.DB type of the network device B.
S23、网络设备B响应于确定所述第一报文的目的地址为所述第一网络设备的SID,网络设备B根据END.DB类型SID执行复制报文P的操作,得到报文P的复制报文(如记为“报文P1”),并查询本地SID表,确定该END.DB类型SID关联的第二路径的路径信息。S23. In response to determining that the destination address of the first message is the SID of the first network device, the network device B executes the operation of copying the message P according to the END.DB type SID, and obtains a copy of the message P message (for example, denoted as "message P1"), and query the local SID table to determine the path information of the second path associated with the END.DB type SID.
当流量处理设备支持SRv6技术时,该第二路径的路径信息可以为:<SID D,SID E>。当流量处理设备不支持SRv6技术时,该第二路径的路径信息可以为一个IPv6地址(即流量处理设备的地址),或者,该第二路径的路径信息为:网络设备D到流量处理设备E的路径的END.X。When the traffic processing device supports SRv6 technology, the path information of the second path may be: <SID D, SIDE E>. When the traffic processing device does not support the SRv6 technology, the path information of the second path may be an IPv6 address (that is, the address of the traffic processing device), or the path information of the second path is: network device D to traffic processing device E END.X of the path.
S24、网络设备B分别对报文P和报文P1进行处理。S24. The network device B processes the packet P and the packet P1 respectively.
1、网络设备B对报文P进行处理:网络设备B对报文P中SRH的SL字段值执行减1的操作后,SL=0,即将SID C复制到目的地址字段,得到报文P'。例如,报文P'的结构表示为:(SA,SID C)(SID C,SID B.DB,SID A,SL=0)。1. The network device B processes the message P: after the network device B subtracts 1 from the value of the SL field of the SRH in the message P, SL=0, that is, the SID C is copied to the destination address field, and the message P' is obtained . For example, the structure of the message P' is expressed as: (SA, SID C)(SID C, SID B.DB, SID A, SL=0).
2、网络设备B对报文P1进行处理:网络设备B封装第二路径的路径信息和报文P1,得到报文P1'。2. The network device B processes the packet P1: the network device B encapsulates the path information of the second path and the packet P1 to obtain the packet P1'.
示例一,当流量处理设备支持SRv6技术时,网络设备B封装第二路径的路径信息<SID D,SID E>和报文P1(复制报文),得到报文P1'(第二报文)。具体的封装方式请参阅上述图6对应的实施例中步骤604的方式A和方式B中的说明,此处不赘述。网络设备B将第二路径的路径信息中的最后一个SID(即SID D)复制到目的地址字段,得到报文P1'。例如,报文P1'的结构表示为:(SA,SID D)(SID E,SID D,SL=1)(SID C,SID B.DB,SID A,SL=1)。Example 1, when the traffic processing device supports SRv6 technology, network device B encapsulates the path information <SID D, SIDE E> of the second path and packet P1 (copy packet), and obtains packet P1' (second packet) . For the specific encapsulation methods, please refer to the descriptions in the method A and method B of step 604 in the above embodiment corresponding to FIG. 6 , which will not be repeated here. The network device B copies the last SID (that is, SID D) in the path information of the second path to the destination address field to obtain the packet P1'. For example, the structure of the message P1' is expressed as: (SA, SID D) (SID E, SID D, SL=1) (SID C, SID B.DB, SID A, SL=1).
示例二,当流量处理设备不支持SRv6技术时,第二路径的路径信息为流量处理设备E的IPv6地址(如记为“E IPv6”),或者,第二路径的路径信息为END.X对应的网络设备D到流量处理设备E的路径(如记为“D→E”)。网络设备B直接将第二路径对应的地址复制到目的地址字段,例如,报文P1"的结构表示为:(SA,E IPv6)(SID C,SID B.DB,SID A,SL=1),或,(SA,END.X SID D→E)(SID C,SID B.DB,SID A,SL=1)。 Example 2, when the traffic processing device does not support SRv6 technology, the path information of the second path is the IPv6 address of the traffic processing device E (for example, marked as "E IPv6 "), or the path information of the second path is corresponding to END.X The path from network device D to traffic processing device E (for example, denoted as "D→E"). Network device B directly copies the address corresponding to the second path to the destination address field, for example, the structure of the message P1" is expressed as: (SA,E IPv6 )(SID C,SID B.DB,SID A,SL=1) , or, (SA,END.X SID D→E)(SID C, SID B.DB, SID A, SL=1).
S25、网络设备B通过第一路径转发报文P,且网络设备B通过第二路径转发报文P1'。S25. The network device B forwards the packet P through the first path, and the network device B forwards the packet P1' through the second path.
1、网络设备B向网络设备C发送报文P。网络设备B根据第一路径的路径信息转发报文P。1. Network device B sends a packet P to network device C. The network device B forwards the packet P according to the path information of the first path.
2、网络设备B向网络设备D发送报文P1'。网络设备B根据第二路径的路径信息向网络设备D发送报文P1',直到第二报文被转发到流量处理设备E。例如,网络设备D接收到报文P1',将流量处理设备的地址压入目的地址字段,得到报文P1"。进一步的,网络设备D向流量处理设备E转发将报文P1",实现在网络设备B将报文镜像到流量处理设备E。其中,报文P1"的结构为:(SA,SID E)(SID E,SID D,SL=0)(SID C,SID B.DB,SID A,SL=1),其中,(SA,SID E)对应源地址和目的地址;(SID E,SID D,SL=0)对应新***的SRH(第二SRH);(SID C,SID B.DB,SID A,SL=1)对应报文P1中原始的SRH(第一SRH)。2. The network device B sends the packet P1' to the network device D. The network device B sends the packet P1' to the network device D according to the path information of the second path, until the second packet is forwarded to the traffic processing device E. For example, the network device D receives the packet P1', presses the address of the traffic processing device into the destination address field, and obtains the packet P1". Further, the network device D forwards the packet P1" to the traffic processing device E. Network device B mirrors packets to traffic processing device E. Among them, the structure of the message P1" is: (SA, SID E) (SID E, SID D, SL=0) (SID C, SID B.DB, SID A, SL=1), where (SA, SID E) Corresponding source address and destination address; (SID E, SID D, SL=0) corresponding to the newly inserted SRH (second SRH); (SID C, SID B.DB, SID A, SL=1) corresponding to the message The original SRH in P1 (first SRH).
本实施例中,定义一种新类型的SID(记为“END.DB类型”),END.DB类型的SID用于指示网络设备执行复制报文并按照指定路径转发第二报文的操作。END.DB类型的SID关联第二路径的路径信息,第一网络设备能够根据END.DB类型的SID的指令复制第一报 文,并将第二报文按照第二路径转发至流量处理设备,从而实现数据流量镜像。In this embodiment, a new type of SID (denoted as "END.DB type") is defined, and the END.DB type of SID is used to instruct the network device to perform the operation of copying the message and forwarding the second message according to the specified path. The SID of the END.DB type is associated with the path information of the second path, and the first network device can copy the first packet according to the instruction of the SID of the END.DB type, and forward the second packet to the traffic processing device according to the second path, In this way, data traffic mirroring is realized.
可选地,当达到流量处理设备的路径出现故障时,为了避免由于中间节点保护机制的保护,使得第二报文转发到第二网络设备,第二网络设备为第一路径上第一网络设备的下一跳网络设备(如,第二网络设备为网络设备C),而使得网络设备C接收到两份报文,一份是第一报文,一份第二报文。本实施例中,不使用中间节点保护机制,或者,当第二路径出现故障时,第一网络设备直接删除第二报文。Optionally, when the path to the traffic processing device fails, in order to avoid the protection of the intermediate node protection mechanism, the second message is forwarded to the second network device, and the second network device is the first network device on the first path The next-hop network device (for example, the second network device is network device C), so that network device C receives two packets, one is the first packet and the other is the second packet. In this embodiment, no intermediate node protection mechanism is used, or, when the second path fails, the first network device directly deletes the second message.
例如,若报文P1"(第二报文)的结构表示为:(SA,E IPv6)(SID C,SID B.DB,SID A,SL=1),如果使用中间节点保护机制,当网络设备D发生故障时,报文P1"可能在网络设备B上被执行中间节点保护的操作,导致网络设备B对报文P1"中SRH中的SL字段值执行减1操作,从而将网络设备C的地址复制到目的地址字段,最后,网络设备B将报文P1"转发到网络设备C,从而导致网络设备C接收到两份报文。本实施例中,网络设备B根据报文P1"中的目的地址查询路由表,确定下一跳为网络设备C,当网络设备B检测到网络设备C发生故障后,网络设备B可以直接删除该报文P1",从而避免网络设备C接收到两份报文。 For example, if the structure of the message P1" (the second message) is expressed as: (SA, E IPv6 ) (SID C, SID B.DB, SID A, SL=1), if the intermediate node protection mechanism is used, when the network When device D fails, packet P1" may be protected by an intermediate node on network device B, causing network device B to subtract 1 from the value of the SL field in SRH in packet P1", thereby reducing network device C The address is copied to the destination address field, and finally, network device B forwards the message P1" to network device C, which causes network device C to receive two copies of the message. In this embodiment, network device B queries the routing table according to the destination address in the message P1", and determines that the next hop is network device C. When network device B detects that network device C fails, network device B can directly delete the packet P1", thereby preventing network device C from receiving two packets.
(二)、在第二个应用场景中,针对上述第二种实现方式中的技术方案进行示例性说明。本实施例中,定义一种新类型的flavor,该flavor的类型为Branch(或couple)类型,Branch(或couple)类型的flavor用于指示第一网络设备对第一报文执行复制操作,分别对复制后的复制报文中的SL字段值执行减1的操作,并对第一报文中的SL字段值执行减x的操作。其中,x为大于或者等于2的整数,在第一报文的segment list中,第一网络设备的地址与第二网络设备的地址之间间隔(x-1)个地址。其中,第二网络设备为第一路径上的第一网络设备的下一跳网络设备。(2) In the second application scenario, an exemplary description is given for the technical solution in the above-mentioned second implementation manner. In this embodiment, a new type of flavor is defined, the type of the flavor is Branch (or couple) type, and the flavor of Branch (or couple) type is used to instruct the first network device to perform a copy operation on the first message, respectively The operation of subtracting 1 is performed on the value of the SL field in the duplicated message, and the operation of subtracting x is performed on the value of the SL field in the first message. Wherein, x is an integer greater than or equal to 2, and in the segment list of the first message, there are (x-1) addresses between the address of the first network device and the address of the second network device. Wherein, the second network device is a next-hop network device of the first network device on the first path.
S30、网络设备A配置第一报文(如报文P)的segment list。例如,segment list为:<SA,SID B.Branch,SID E,SID C>。其中,SID B.Branch表示网络设备B的SID的Flavor为Branch。即从网络设备B开始,出现了分支路径,第一路径为:网络设备A→网络设备B→网络设备C,分支路径(即为第二路径)为:网络设备B→流量处理设备E。S30. Network device A configures the segment list of the first packet (such as packet P). For example, the segment list is: <SA,SID B.Branch,SID E,SID C>. Among them, SID B.Branch indicates that the Flavor of the SID of network device B is Branch. That is, starting from network device B, a branch path appears. The first path is: network device A→network device B→network device C, and the branch path (that is, the second path) is: network device B→traffic processing device E.
S31、网络设备A向网络设备B转发第一报文,相应的,网络设备B从网络设备A接收第一报文(如报文P)。S31. Network device A forwards the first packet to network device B. Correspondingly, network device B receives the first packet (such as packet P) from network device A.
请参阅图9所示,示例性的,报文P的结构简化表示为:(SA,SID B.Branch)(SID C,SID E,SID B.Branch,SID A,SL=2),其中,(SA,SID B.Branch)对应源地址和目的地址,(SID C,SID E,SID B.Branch,SID A)对应SID list,“SL=2”指示报文将要传输的下一跳为网络设备B。Please refer to FIG. 9, for example, the simplified structure of message P is expressed as: (SA, SID B.Branch)(SID C, SID E, SID B.Branch, SID A, SL=2), where, (SA, SID B.Branch) corresponds to the source address and destination address, (SID C, SID E, SID B.Branch, SID A) corresponds to the SID list, "SL=2" indicates that the next hop of the message to be transmitted is the network Device B.
S32、网络设备B确定第一报文中的目的地址是本节点的SID。S32. The network device B determines that the destination address in the first packet is the SID of the current node.
S33、网络设备B响应于确定所述第一报文的目的地址为所述第一网络设备的SID,且该SID的flavor的类型为Branch,网络设备B执行Branch对应的指令,复制报文P,得到报文P1。S33. Network device B responds to determining that the destination address of the first message is the SID of the first network device, and the flavor type of the SID is Branch, and network device B executes an instruction corresponding to Branch to copy message P , get the packet P1.
S34、网络设备B根据SID的flavor分别对报文P和报文P1进行处理。S34. The network device B processes the packet P and the packet P1 respectively according to the flavor of the SID.
1、对报文P进行处理。获取第一路径的路径信息。1. Process the packet P. Obtain path information of the first path.
网络设备B对报文P中SRH的SL字段值执行减x的操作。其中,x为大于或者等于2的整数(预置值),在segment list中,第一网络设备的地址与第二网络设备的地址之间间隔(x-1)个地址。其中,第二网络设备为第一路径上第一网络设备的下一跳网络设备。例如,若segment list为(SID C,SID E,SID B.Branch,SID A,SL=2),即第一网络设备为网络设备B、第二网络设备为网络设备C,“第一网络设备的地址(如SID B.Branch)”和“第二网络设备的地址(如SID C)”之间间隔一个地址,该一个地址为流量处理设备E的地址,则x=2。即在这种情况下,对SRH中的segment left字段值执行减2的操作。本实施例中,segment list以(SID C,SID E,SID B.Branch,SID A)为例进行说明。网络设备B对报文P中的SL字段值执行减2的操作后,SL=0,即下一跳为网络设备C,网络设备B将SID C复制到目的地址字段,得到报文P',报文P'的结构简化表示为:(SA,SID C)(SID C,SID E,SID B.Branch,SID A,SL=0)。例如,第一路径的路径信息包括目的地址SID C和segment list。The network device B subtracts x from the SL field value of the SRH in the packet P. Wherein, x is an integer (preset value) greater than or equal to 2, and in the segment list, there is an interval of (x-1) addresses between the address of the first network device and the address of the second network device. Wherein, the second network device is a next-hop network device of the first network device on the first path. For example, if the segment list is (SID C, SID E, SID B.Branch, SID A, SL=2), that is, the first network device is network device B, and the second network device is network device C, "the first network device An address is spaced between the address of the second network device (such as SID B.Branch)" and "the address of the second network device (such as SID C), and this address is the address of the traffic processing device E, then x=2. That is, in this case, the value of the segment left field in the SRH is subtracted by 2. In this embodiment, the segment list is described by taking (SID C, SID E, SID B.Branch, SID A) as an example. After the network device B subtracts 2 from the value of the SL field in the message P, SL=0, that is, the next hop is the network device C, and the network device B copies the SID C to the destination address field to obtain the message P', The simplified structure of the message P' is expressed as: (SA, SID C)(SID C, SID E, SID B.Branch, SID A, SL=0). For example, the path information of the first path includes a destination address SID C and a segment list.
2、对报文P1进行处理,以获取第二路径的路径信息。2. Process the packet P1 to obtain path information of the second path.
网络设备B对报文P1中SRH的SL字段值执行减1的操作。若segment list为(SID C,SID E,SID B.Branch,SID A,SL=2),对segment left字段值执行减1的操作后,SL=1,即下一跳为流量处理设备E,网络设备B将SID E复制到目的地址字段,报文P1'的结构简化表示为:(SA,SID E)(SID C,SID E,SID B.Branch,SID A,SL=0)。例如,第二路径的路径信息包括目的地址SID E和segment list。Network device B subtracts 1 from the value of the SL field of the SRH in the packet P1. If the segment list is (SID C, SID E, SID B.Branch, SID A, SL=2), after subtracting 1 from the value of the segment left field, SL=1, that is, the next hop is the traffic processing device E, Network device B copies SIDE to the destination address field, and the simplified structure of message P1' is expressed as: (SA, SIDE)(SID C, SID E, SID B.Branch, SID A, SL=0). For example, the path information of the second path includes a destination address SIDE and a segment list.
S35、网络设备B向网络设备C发送报文P',且网络设备B向流量处理设备E发送报文P1'。S35. The network device B sends the packet P' to the network device C, and the network device B sends the packet P1' to the traffic processing device E.
本实施例中,第一网络设备接收第一报文,第一报文中的segment list中已经配置有第二路径(即用于到达流量处理设备E的路径)的路径信息和第一路径的路径信息。本实施例中,当每一网络设备确定第一报文中的目的地址是本节点的SID,且该SID的flavor的类型为Branch时,第一网络设备对第一报文执行复制操作,然后分别对两个分支路径上的转发报文中的SL字段值执行不同的操作,分别获取第一路径的路径信息和第二路径的路径信息,第一网络设备根据第一路径的转发信息转发第一报文,而根据第二路径的转发信息转发第二报文,从而在第一网络设备实现数据流量镜像到流量处理设备E。In this embodiment, the first network device receives the first message, and the segment list in the first message has been configured with the path information of the second path (that is, the path used to reach the traffic processing device E) and the path information of the first path. path information. In this embodiment, when each network device determines that the destination address in the first message is the SID of the node, and the flavor type of the SID is Branch, the first network device performs a copy operation on the first message, and then Perform different operations on the SL field values in the forwarded packets on the two branch paths respectively to obtain the path information of the first path and the path information of the second path, and the first network device forwards the second path according to the forwarding information of the first path. The second packet is forwarded according to the forwarding information of the second path, so that data traffic is mirrored to the traffic processing device E on the first network device.
可选地,当达到流量处理设备的路径出现故障时,为了避免由于中间节点保护机制的保护,使得第二报文转发到第二网络设备(如网络设备C),而使得网络设备C接收到两份报文,一份是第一报文,一份第二报文。本实施例中,不使用中间节点保护机制,或者,当第二路径出现故障时,第一网络设备直接删除第二报文。Optionally, when the path to the traffic processing device fails, in order to prevent the second message from being forwarded to the second network device (such as network device C) due to the protection of the intermediate node protection mechanism, the network device C receives Two messages, one is the first message and one is the second message. In this embodiment, no intermediate node protection mechanism is used, or, when the second path fails, the first network device directly deletes the second message.
可选地,在第三个应用场景中,第一网络设备可以为尾结点。请参阅图10所示,通信***包括网络设备A,网络设备B,网络设备D、流量处理设备E和设备F。其中,网络设备A,网络设备B,网络设备D和流量处理设备E依次连接。第一报文的目的端是设备F,也即网络设备B需要转发第一报文,直到第一报文转发至设备F。示例性的,网络设备B的SID的类型可以为END.DT4(或END.DT6)。相对于上述第二个应用场景,本应用场景和上述第二个应用场景相同之处在于,第一网络设备(如网络设备B)的flavor的类型为Branch。本应用场景和上述第二个应用场景中的不同之处在于,上述第二个应用场景 中,网络设备B的SID的类型为END类型,本应用场景中,网络设备B的SID的类型可以也可以为END.DT4类型(或END.DT6类型)。Optionally, in the third application scenario, the first network device may be an end node. Please refer to FIG. 10 , the communication system includes a network device A, a network device B, a network device D, a traffic processing device E and a device F. Wherein, network device A, network device B, network device D and traffic processing device E are connected in sequence. The destination of the first packet is the device F, that is, the network device B needs to forward the first packet until the first packet is forwarded to the device F. Exemplarily, the type of the SID of the network device B may be END.DT4 (or END.DT6). Compared with the second application scenario above, this application scenario is the same as the second application scenario above in that the flavor type of the first network device (such as network device B) is Branch. The difference between this application scenario and the above-mentioned second application scenario is that in the above-mentioned second application scenario, the type of SID of network device B is END type. In this application scenario, the type of SID of network device B can be Can be END.DT4 type (or END.DT6 type).
S40、网络设备A配置第一报文的segment list。第一报文(如报文P)的第一路径的segment list为<SA,SID B.Branch,SID E>。其中,SID B.Branch表示网络设备B的SID的flavor类型为Branch。网络设备B的SID的类型可以为END.DT4。S40. Network device A configures the segment list of the first message. The segment list of the first path of the first message (such as message P) is <SA, SID B.Branch, SID E>. Among them, SID B.Branch indicates that the flavor type of the SID of network device B is Branch. The type of the SID of network device B may be END.DT4.
S41、网络设备A向网络设备B发送第一报文(如报文P)。相应的,网络设备B从网络设备A接收第一报文。S41. Network device A sends a first packet (such as a packet P) to network device B. Correspondingly, network device B receives the first packet from network device A.
报文P的结构简化表示为:(SA,SID B.Branch)(SID E,SID B.Branch,SID A,SL=1)。其中,(SID A,SID B.Branch)为源地址和目的地址,(SID E,SID B.Branch,SID A)为segment list,“SL=1”指示下一跳为网络设备B。The simplified structure of the message P is expressed as: (SA, SID B.Branch)(SID E, SID B.Branch, SID A, SL=1). Among them, (SID A, SID B.Branch) is the source address and destination address, (SID E, SID B.Branch, SID A) is the segment list, and "SL=1" indicates that the next hop is network device B.
S42、网络设备B确定第一报文中(如报文P)的目的地址是本节点的SID。S42. The network device B determines that the destination address in the first message (for example, message P) is the SID of the current node.
S43、网络设备B响应于确定第一报文中的目的地址是本节点的SID,且该SID的flavor的类型为Branch,网络设备B根据该SID的flavor的类型复制报文P,得到报文P1(复制报文)。S43. Network device B determines in response to determining that the destination address in the first message is the SID of the node, and the type of the flavor of the SID is Branch, and the network device B copies the message P according to the type of the flavor of the SID to obtain the message P1 (copy message).
S44、网络设备B根据Branch类型的flavor分别对第一报文(报文P)和复制报文(报文P1)进行处理。S44. The network device B respectively processes the first packet (packet P) and the copied packet (package P1) according to the flavor of the Branch type.
1、对报文P进行处理,以获取第一路径的路径信息。1. Process the packet P to obtain path information of the first path.
示例性的,网络设备B确定本节点的SID的类型是END.DT4。网络设备B根据END.DT4类型的SID对报文P解封装,获取内层的IPv4DA(如设备F的目的地址),网络设备B查询该END.DT4对应的私网路由表,获取第一路径的路径信息。或者,网络设备B确定本节点的SID的类型是END.DT6。网络设备B根据END.DT6类型的SID对报文P解封装,获取内层的IPv6DA(如设备F的目的地址),网络设备B查询该END.DT6对应的私网路由表,获取第一路径的路径信息,第一路径为用于到达设备F的路径。Exemplarily, the network device B determines that the type of the SID of the current node is END.DT4. Network device B decapsulates the packet P according to the SID of the END.DT4 type, and obtains the inner layer IPv4DA (such as the destination address of device F), and network device B queries the private network routing table corresponding to the END.DT4 to obtain the first path path information. Alternatively, the network device B determines that the type of the SID of the current node is END.DT6. Network device B decapsulates the packet P according to the SID of END.DT6 type, and obtains the inner layer IPv6DA (such as the destination address of device F), and network device B queries the private network routing table corresponding to the END.DT6 to obtain the first path path information, the first path is the path used to reach the device F.
2、对报文P1进行处理,以获取第二路径的路径信息。2. Process the packet P1 to obtain path information of the second path.
网络设备B对报文P1中SRH的SL字段值执行减1的操作。报文P1中的segment list为(SID E,SID B.Branch,SID A,SL=1),网络设备B对SL字段值执行减1的操作后,SL=0,即下一跳为流量处理设备E,网络设备B将SID E复制到目的地址字段,得到报文P1',报文P1'的结构简化表示为:(SA,SID E)(SID E,SID B.Branch,SID A,SL=0)。第二路径的路径信息包括SID E和segment list。Network device B subtracts 1 from the value of the SL field of the SRH in the packet P1. The segment list in the message P1 is (SID E, SID B.Branch, SID A, SL=1). After network device B decrements the value of the SL field by 1, SL=0, that is, the next hop is traffic processing Device E and network device B copy SIDE to the destination address field to obtain message P1'. The simplified structure of message P1' is expressed as: (SA,SID E)(SIDE,SID B.Branch,SID A,SL =0). The path information of the second path includes SIDE and segment list.
S45、网络设备B向设备F发送报文P',并向流量处理设备E发送报文P1'。S45. The network device B sends the packet P' to the device F, and sends the packet P1' to the traffic processing device E.
本实施例中,第一网络设备根据本节点Branch类型的flavor对第一报文执行复制操作,得到复制报文,第一网络设备分别对第一报文和复制报文执行不同的操作,根据第一路径的路径信息转发第一报文,直到第一报文被转发到目的端(设备F),并根据第二报文的路径信息转发第二报文,直到第二报文转发到流量处理设备E,从而实现在第一网络设备将第一路径上的流量镜像到流量处理设备E。In this embodiment, the first network device performs a copy operation on the first message according to the branch type flavor of the node to obtain the copied message, and the first network device performs different operations on the first message and the copied message respectively, according to The path information of the first path forwards the first packet until the first packet is forwarded to the destination (device F), and forwards the second packet according to the path information of the second packet until the second packet is forwarded to the flow processing device E, so that the first network device mirrors the traffic on the first path to the traffic processing device E.
本申请实施例提供了一种网络设备,网络设备用于执行上述方法实施例中第一网络设备所执行的方法。请参阅图11所示,网络设备1100包括收发模块1101和处理模块1102。An embodiment of the present application provides a network device, and the network device is configured to perform the method performed by the first network device in the foregoing method embodiments. Referring to FIG. 11 , a network device 1100 includes a transceiver module 1101 and a processing module 1102 .
收发模块1101,用于接收第一报文;A transceiver module 1101, configured to receive a first message;
处理模块1102,用于确定第一报文的目的地址为第一网络设备的SID;A processing module 1102, configured to determine that the destination address of the first packet is the SID of the first network device;
处理模块1102,还用于响应于确定第一报文的目的地址为第一网络设备的SID,根据第一报文得到第二报文,第二报文的净荷与第一报文的净荷相同;The processing module 1102 is further configured to obtain a second message according to the first message in response to determining that the destination address of the first message is the SID of the first network device, and the payload of the second message is the same as the net load of the first message. the same charge;
收发模块1101,还用于通过第一路径转发第一报文;The transceiver module 1101 is further configured to forward the first message through the first path;
收发模块1101,还用于通过第二路径转发第二报文。The transceiver module 1101 is further configured to forward the second message through the second path.
可选地,收发模块1101为收发器。其中,收发器具有发送和/或接收的功能。可选地,收发器由接收器和/或发射器代替。Optionally, the transceiver module 1101 is a transceiver. Wherein, the transceiver has the function of sending and/or receiving. Optionally, the transceiver is replaced by a receiver and/or transmitter.
可选地,收发模块1101为网络接口。可选地,网络接口是输入输出接口或者收发电路。输入输出接口包括输入接口和输出接口。收发电路包括输入接口电路和输出接口电路。Optionally, the transceiver module 1101 is a network interface. Optionally, the network interface is an input/output interface or a transceiver circuit. The input and output interfaces include input interfaces and output interfaces. The transceiver circuit includes an input interface circuit and an output interface circuit.
可选地,处理模块1102为处理器,处理器是通用处理器或者专用处理器等。可选地,处理器包括用于实现接收和发送功能的收发单元。例如该收发单元是收发电路,或者是接口,或者是接口电路。用于实现接收和发送功能的收发电路、接口或接口电路是分开的部署的,可选地,是集成在一起部署的。上述收发电路、接口或接口电路用于代码或数据的读写,或者,上述收发电路、接口或接口电路用于信号的传输或传递。Optionally, the processing module 1102 is a processor, and the processor is a general-purpose processor or a special-purpose processor. Optionally, the processor includes a transceiver unit configured to implement receiving and sending functions. For example, the transceiver unit is a transceiver circuit, or an interface, or an interface circuit. The transceiver circuits, interfaces or interface circuits for realizing the functions of receiving and sending are deployed separately, and optionally integrated together. The above-mentioned transceiver circuit, interface or interface circuit is used for reading and writing codes or data, or the above-mentioned transceiver circuit, interface or interface circuit is used for signal transmission or transfer.
进一步的,收发模块1101用于执行上述方法实施例中的步骤601、步骤604;步骤S21、步骤S25;步骤S31、步骤S35;步骤S41;步骤S45。处理模块1102用于执行上述方法实施例中的步骤602、步骤603;步骤S22、步骤S23、步骤S24;步骤S32、步骤S33、步骤S34;步骤S42、步骤S43、步骤S44。Further, the transceiver module 1101 is used to execute step 601, step 604; step S21, step S25; step S31, step S35; step S41; step S45 in the above method embodiment. The processing module 1102 is used to execute step 602, step 603; step S22, step S23, step S24; step S32, step S33, step S34; step S42, step S43, step S44 in the above method embodiment.
可选地,SID为特定类型的SID,特定类型的SID用于指示第一网络设备复制第一报文,并将第二报文通过第二路径转发到流量处理设备。Optionally, the SID is a specific type of SID, and the specific type of SID is used to instruct the first network device to copy the first packet and forward the second packet to the traffic processing device through the second path.
可选地,特定类型的SID为端点复制绑定END.DB类型的SID。Optionally, the specific type of SID is the SID of the endpoint replication binding END.DB type.
可选地,特定类型的SID为端点END类型的SID,SID的附加行为flavor的类型为连接类型或分支类型。Optionally, the specific type of SID is the SID of the endpoint END type, and the type of the flavor of the additional behavior of the SID is the connection type or the branch type.
可选地,处理模块1102,还用于获得对应第二路径的路径信息;Optionally, the processing module 1102 is also configured to obtain path information corresponding to the second path;
收发模块,还用于根据对应第二路径的路径信息转发第二报文。The transceiver module is further configured to forward the second message according to the path information corresponding to the second path.
可选地,处理模块1102,还用于根据SID和关联关系获得第二转发路径的路径信息,关联关系包括SID和第二转发路径的路径信息的对应关系。Optionally, the processing module 1102 is further configured to obtain path information of the second forwarding path according to the SID and the association relationship, where the association relationship includes a correspondence between the SID and the path information of the second forwarding path.
可选地,第一报文含有第一分段路由头SRH;Optionally, the first packet contains a first segment routing header SRH;
处理模块1102,还用于根据第一SRH获得第二路径的路径信息。The processing module 1102 is further configured to obtain path information of the second path according to the first SRH.
可选地,第一SRH中包含第二路径的路径信息;Optionally, the first SRH includes path information of the second path;
处理模块1102,还用于对第一SRH中的剩余段SL的字段值执行减1的操作,确定第二路径的路径信息。The processing module 1102 is further configured to subtract 1 from the field value of the remaining segment SL in the first SRH, so as to determine the path information of the second path.
可选地,处理模块1102,还用于在第二报文中封装第二SRH,第二SRH包含第二路径的路径信息,Optionally, the processing module 1102 is further configured to encapsulate a second SRH in the second packet, where the second SRH includes path information of the second path,
收发模块1101,还用于根据第二SRH转发第二报文。The transceiver module 1101 is further configured to forward the second message according to the second SRH.
可选地,处理模块1102,还用于获得第二报文的目的地的IPv6地址,第二报文中封装 IPv6报文头,IPv6报文头的目的地址为第二报文的目的地的IPv6地址;Optionally, the processing module 1102 is also used to obtain the IPv6 address of the destination of the second message, the IPv6 message header is encapsulated in the second message, and the destination address of the IPv6 message header is the destination address of the second message IPv6 address;
收发模块1101,还用于根据目的地的IPv6地址转发第二报文。The transceiver module 1101 is further configured to forward the second message according to the IPv6 address of the destination.
可选地,第二路径的路径信息包括至少一个地址,至少一个地址包括流量处理设备的地址;或者,第二路径的路径信息与一个绑定段标识BSID对应;或者,第二路径用END.X类型的SID指示。Optionally, the path information of the second path includes at least one address, and at least one address includes the address of the traffic processing device; or, the path information of the second path corresponds to a binding segment identifier BSID; or, the second path uses END. SID indication of type X.
可选地,第一报文为SRv6报文。Optionally, the first packet is an SRv6 packet.
可选地,处理模块1102,还用于获取第一路径的路径信息;Optionally, the processing module 1102 is also configured to acquire path information of the first path;
收发模块1101,还用于根据第一路径的路径信息转发第一报文。The transceiver module 1101 is further configured to forward the first message according to the path information of the first path.
可选地,处理模块1102,还用于对第一SRH中的SL字段值执行减x的操作,确定第一路径的路径信息;其中,x为大于或者等于2的整数,第二路径的路径信息包括(x-1)个地址。Optionally, the processing module 1102 is further configured to subtract x from the value of the SL field in the first SRH to determine the path information of the first path; where x is an integer greater than or equal to 2, and the path information of the second path The information includes (x-1) addresses.
可选地,处理模块1102,还用于当第一网络设备到流量处理设备的路径发生故障时,则删除第二报文。Optionally, the processing module 1102 is further configured to delete the second packet when a path from the first network device to the traffic processing device fails.
参阅图12所示,本申请实施例提供了一种网络设备,该网络设备可用于实现上述方法实施例中第一网络设备所执行的方法,具体可以参见上述方法实施例中的说明。Referring to FIG. 12 , an embodiment of the present application provides a network device, which can be used to implement the method performed by the first network device in the above method embodiment. For details, refer to the description in the above method embodiment.
网络设备1200可以包括一个或多个处理器1201,处理器1201也可以称为处理单元,可以实现一定的控制功能。处理器1201可以是通用处理器或者专用处理器等。中央处理器可以用于对网络设备进行控制,执行软件程序,处理软件程序的数据。The network device 1200 may include one or more processors 1201, and the processors 1201 may also be referred to as processing units, and may implement certain control functions. The processor 1201 may be a general-purpose processor or a special-purpose processor. The central processing unit can be used to control network devices, execute software programs, and process data of software programs.
在一种可选的设计中,处理器1201也可以存有指令1203,所述指令1203可以被所述处理器运行,使得所述网络设备1200执行上述方法实施例中描述的方法。In an optional design, the processor 1201 may also store instructions 1203, and the instructions 1203 may be executed by the processor, so that the network device 1200 executes the methods described in the foregoing method embodiments.
在另一种可选的设计中,处理器1201中可以包括用于实现接收和发送功能的收发单元。例如该收发单元可以是收发电路,或者是接口,或者是接口电路。用于实现接收和发送功能的收发电路、接口或接口电路可以是分开的,也可以集成在一起。上述收发电路、接口或接口电路可以用于代码/数据的读写,或者,上述收发电路、接口或接口电路可以用于信号的传输或传递。In another optional design, the processor 1201 may include a transceiver unit configured to implement receiving and sending functions. For example, the transceiver unit may be a transceiver circuit, or an interface, or an interface circuit. The transceiver circuits, interfaces or interface circuits for realizing the functions of receiving and sending can be separated or integrated together. The above-mentioned transceiver circuit, interface or interface circuit may be used for reading and writing code/data, or the above-mentioned transceiver circuit, interface or interface circuit may be used for signal transmission or transfer.
在又一种可能的设计中,网络设备1200可以包括电路,所述电路可以实现上述方法实施例中发送或接收的功能。In yet another possible design, the network device 1200 may include a circuit, and the circuit may implement the function of sending or receiving in the foregoing method embodiments.
网络设备1200中可以包括一个或多个存储器1202,其上可以存有指令1204,所述指令可在所述处理器上被运行,使得网络设备1200执行上述方法实施例中描述的方法。可选的,所述存储器中还可以存储有数据。可选的,处理器中也可以存储指令和/或数据。所述处理器和存储器可以单独设置,也可以集成在一起。The network device 1200 may include one or more memories 1202, on which instructions 1204 may be stored, and the instructions may be executed on the processor, so that the network device 1200 executes the methods described in the foregoing method embodiments. Optionally, data may also be stored in the memory. Optionally, instructions and/or data may also be stored in the processor. The processor and memory can be set separately or integrated together.
可选地,网络设备1200还可以包括收发器1205和/或天线1206。处理器1201可以称为处理单元,对网络设备1200进行控制。收发器1205可以称为收发单元、收发机、收发电路、收发装置或收发模块等,用于实现收发功能。Optionally, the network device 1200 may further include a transceiver 1205 and/or an antenna 1206 . The processor 1201 may be called a processing unit, and controls the network device 1200 . The transceiver 1205 may be called a transceiver unit, a transceiver, a transceiver circuit, a transceiver device, or a transceiver module, etc., and is used to implement a transceiver function.
可选地,收发器可以为网络接口,例如,网络接口为以太网接口。Optionally, the transceiver may be a network interface, for example, the network interface is an Ethernet interface.
本申请实施例还提供了一种计算机程序产品,所述计算机程序产品中包括计算机程序代码,当所述计算机程序代码被计算机执行时,使得计算机实现上述方法实施例中第一网 络设备执行的方法。The embodiment of the present application also provides a computer program product, the computer program product includes computer program code, and when the computer program code is executed by the computer, the computer implements the method performed by the first network device in the above method embodiment .
本申请实施例还提供了一种计算机可读存储介质,用于储存计算机程序或指令,所述计算机程序或指令被执行时使得计算机执行上述方法实施例中第一网络设备执行的方法。The embodiment of the present application also provides a computer-readable storage medium for storing a computer program or instruction, and when the computer program or instruction is executed, the computer executes the method performed by the first network device in the above method embodiment.
本申请实施例提供了一种芯片,芯片包括处理器和通信接口,通信接口例如是输入/输出接口、管脚或电路等。处理器用于读取指令以执行上述方法实施例中第一网络设备所执行的方法。An embodiment of the present application provides a chip, and the chip includes a processor and a communication interface, where the communication interface is, for example, an input/output interface, a pin, or a circuit. The processor is configured to read instructions to execute the method executed by the first network device in the foregoing method embodiments.
以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的范围。As mentioned above, the above embodiments are only used to illustrate the technical solutions of the present application, and are not intended to limit them; although the present application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still understand the foregoing The technical solutions described in each embodiment are modified, or some of the technical features are replaced equivalently; and these modifications or replacements do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the various embodiments of the application.

Claims (32)

  1. 一种报文转发的方法,其特征在于,所述方法应用网络设备,所述方法包括:A method for message forwarding, characterized in that the method is applied to network equipment, and the method includes:
    接收第一报文;receiving the first message;
    确定所述第一报文的目的地址为所述网络设备的段标识SID;determining that the destination address of the first packet is the segment identifier SID of the network device;
    响应于确定所述第一报文的目的地址为所述网络设备的SID,根据所述第一报文得到第二报文,所述第二报文的净荷与所述第一报文的净荷相同;In response to determining that the destination address of the first packet is the SID of the network device, obtaining a second packet according to the first packet, the payload of the second packet is the same as that of the first packet same payload;
    通过第一路径转发所述第一报文;Forwarding the first packet through the first path;
    通过第二路径转发所述第二报文。Forward the second packet through the second path.
  2. 根据权利要求1所述的方法,其特征在于,所述SID为特定类型的SID,所述特定类型的SID用于指示所述网络设备复制所述第一报文,并将所述第二报文通过所述第二路径转发到流量处理设备。The method according to claim 1, wherein the SID is a specific type of SID, and the specific type of SID is used to instruct the network device to copy the first message and copy the second message The text is forwarded to the traffic processing device through the second path.
  3. 根据权利要求2所述的方法,其特征在于,所述特定类型的SID为端点复制绑定END.DB类型的SID。The method according to claim 2, wherein the specific type of SID is an endpoint replication binding END.DB type of SID.
  4. 根据权利要求2所述的方法,其特征在于,所述特定类型的SID为端点END类型的SID,所述SID的附加行为flavor的类型为连接类型或分支类型。The method according to claim 2, wherein the specific type of SID is a SID of an endpoint END type, and the additional behavior flavor of the SID is a connection type or a branch type.
  5. 根据权利要求1至4任一项权利要求所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1 to 4, wherein the method further comprises:
    获得对应所述第二路径的路径信息,所述通过第二路径转发所述第二报文包括:Obtaining path information corresponding to the second path, the forwarding the second message through the second path includes:
    根据对应所述第二路径的路径信息转发所述第二报文。Forwarding the second packet according to the path information corresponding to the second path.
  6. 根据权利要求5所述的方法,其特征在于,所述获得对应所述第二路径的路径信息包括:The method according to claim 5, wherein said obtaining path information corresponding to said second path comprises:
    根据所述SID和关联关系获得所述第二路径的路径信息,所述关联关系包括所述SID和所述第二路径的路径信息的对应关系。Obtain path information of the second path according to the SID and an association relationship, where the association relationship includes a correspondence between the SID and the path information of the second path.
  7. 根据权利要求5所述的方法,其特征在于,所述第一报文包含有第一分段路由头SRH,所述获得对应所述第二路径的路径信息包括:The method according to claim 5, wherein the first message includes a first segment routing header SRH, and the obtaining path information corresponding to the second path comprises:
    根据所述第一SRH获得所述第二路径的路径信息。Obtain path information of the second path according to the first SRH.
  8. 根据权利要求7所述的方法,其特征在于,所述第一SRH中包含所述第二路径的路径信息,所述根据所述第一SRH获得所述第二路径的路径信息,包括:The method according to claim 7, wherein the first SRH includes the path information of the second path, and the obtaining the path information of the second path according to the first SRH comprises:
    对所述第一SRH中的剩余段SL的字段值执行减1的操作,确定所述第二路径的路径信息。The operation of subtracting 1 is performed on the field value of the remaining segment SL in the first SRH to determine the path information of the second path.
  9. 根据权利要求5至7任一项权利要求所述的方法,其特征在于,所述根据对应所述第二路径的路径信息转发所述第二报文,包括:The method according to any one of claims 5 to 7, wherein the forwarding of the second message according to the path information corresponding to the second path includes:
    在所述第二报文中封装第二SRH,所述第二SRH包含所述第二路径的路径信息,根据所述第二SRH转发所述第二报文。encapsulating a second SRH in the second packet, where the second SRH includes path information of the second path, and forwarding the second packet according to the second SRH.
  10. 根据权利要求5至7任一项权利要求所述的方法,其特征在于,所述根据对应所述第二路径的路径信息转发所述第二报文,包括:The method according to any one of claims 5 to 7, wherein the forwarding of the second message according to the path information corresponding to the second path includes:
    获得所述第二报文的目的地的IPv6地址,所述第二报文中封装IPv6报文头,所述IPv6报文头的目的地址为所述第二报文的目的地的IPv6地址,根据所述目的地的IPv6地址转 发所述第二报文。Obtaining the IPv6 address of the destination of the second message, encapsulating an IPv6 message header in the second message, and the destination address of the IPv6 message header is the IPv6 address of the destination of the second message, Forwarding the second packet according to the IPv6 address of the destination.
  11. 根据权利要求5至10中任一项所述的方法,其特征在于,A method according to any one of claims 5 to 10, wherein
    所述第二路径的路径信息包括至少一个地址,所述至少一个地址包括流量处理设备的地址;The path information of the second path includes at least one address, and the at least one address includes an address of a traffic processing device;
    或者,or,
    所述第二路径的路径信息与一个绑定段标识BSID对应;The path information of the second path corresponds to a binding segment identifier BSID;
    或者,or,
    所述第二路径用END.X类型的SID指示。The second path is indicated by a SID of type END.X.
  12. 根据权利要求1至10任一项权利要求所述的方法,其特征在于,所述第一报文为SRv6报文。The method according to any one of claims 1 to 10, wherein the first packet is an SRv6 packet.
  13. 根据权利要求8所述的方法,其特征在于,所述方法还包括:The method according to claim 8, characterized in that the method further comprises:
    获取第一路径的路径信息,所述通过第一路径转发所述第一报文,包括:Obtaining path information of the first path, and forwarding the first message through the first path includes:
    根据所述第一路径的路径信息转发所述第一报文。Forwarding the first packet according to the path information of the first path.
  14. 根据权利要求13所述的方法,其特征在于,所述获取第一路径的路径信息,包括:The method according to claim 13, wherein said acquiring the path information of the first path comprises:
    对所述第一SRH中的SL字段值执行减x的操作,确定所述第一路径的路径信息;其中,x为大于或者等于2的整数,所述第二路径的路径信息包括(x-1)个地址。The operation of subtracting x is performed on the SL field value in the first SRH to determine the path information of the first path; wherein, x is an integer greater than or equal to 2, and the path information of the second path includes (x- 1) Addresses.
  15. 根据权利要求1至14中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1 to 14, further comprising:
    若所述网络设备到流量处理设备的路径发生故障,则删除所述第二报文。If the path from the network device to the traffic processing device fails, delete the second packet.
  16. 一种网络设备,其特征在于,包括:A network device, characterized in that it includes:
    收发模块,用于接收第一报文;a transceiver module, configured to receive the first message;
    处理模块,用于确定所述第一报文的目的地址为所述网络设备的段标识SID;A processing module, configured to determine that the destination address of the first message is the segment identifier SID of the network device;
    所述处理模块,还用于响应于确定所述第一报文的目的地址为所述网络设备的SID,根据所述第一报文得到第二报文,所述第二报文的净荷与所述第一报文的净荷相同;The processing module is further configured to obtain a second message according to the first message in response to determining that the destination address of the first message is the SID of the network device, and the payload of the second message is The same as the payload of the first message;
    所述收发模块,用于通过第一路径转发所述第一报文;The transceiver module is configured to forward the first message through a first path;
    所述收发模块,还用于通过第二路径转发所述第二报文。The transceiver module is further configured to forward the second message through the second path.
  17. 根据权利要求16所述的网络设备,其特征在于,所述SID为特定类型的SID,所述特定类型的SID用于指示所述网络设备复制所述第一报文,并将所述第二报文通过所述第二路径转发到流量处理设备。The network device according to claim 16, wherein the SID is a specific type of SID, and the specific type of SID is used to instruct the network device to copy the first message and copy the second The packet is forwarded to the traffic processing device through the second path.
  18. 根据权利要求17所述的网络设备,其特征在于,所述特定类型的SID为端点复制绑定END.DB类型的SID。The network device according to claim 17, wherein the specific type of SID is an endpoint replication binding END.DB type of SID.
  19. 根据权利要求17所述的网络设备,其特征在于,所述特定类型的SID为端点END类型的SID,所述SID的附加行为flavor的类型为连接类型或分支类型。The network device according to claim 17, wherein the specific type of SID is an endpoint END type SID, and the additional behavior flavor type of the SID is a connection type or a branch type.
  20. 根据权利要求16至19任一项权利要求所述的网络设备,其特征在于,The network device according to any one of claims 16 to 19, characterized in that,
    所述处理模块,还用于获得对应所述第二路径的路径信息;The processing module is further configured to obtain path information corresponding to the second path;
    所述收发模块,还用于根据对应所述第二路径的路径信息转发所述第二报文。The transceiver module is further configured to forward the second message according to path information corresponding to the second path.
  21. 根据权利要求20所述的网络设备,其特征在于,The network device according to claim 20, characterized in that,
    所述处理模块,还用于根据所述SID和关联关系获得所述第二转发路径的路径信息, 所述关联关系包括所述SID和所述第二转发路径的路径信息的对应关系。The processing module is further configured to obtain path information of the second forwarding path according to the SID and an association relationship, where the association relationship includes a correspondence between the SID and the path information of the second forwarding path.
  22. 根据权利要求20所述的网络设备,其特征在于,所述第一报文含有第一分段路由头SRH;The network device according to claim 20, wherein the first message contains a first segment routing header SRH;
    所述处理模块,还用于根据所述第一SRH获得所述第二路径的路径信息。The processing module is further configured to obtain path information of the second path according to the first SRH.
  23. 根据权利要求22所述的网络设备,其特征在于,所述第一SRH中包含所述第二路径的路径信息;The network device according to claim 22, wherein the first SRH includes path information of the second path;
    所述处理模块,还用于对所述第一SRH中的剩余段SL的字段值执行减1的操作,确定所述第二路径的路径信息。The processing module is further configured to subtract 1 from the field value of the remaining segment SL in the first SRH to determine the path information of the second path.
  24. 根据权利要求20至22任一项权利要求所述的网络设备,其特征在于,The network device according to any one of claims 20 to 22, characterized in that,
    所述处理模块,还用于在所述第二报文中封装第二SRH,所述第二SRH包含所述第二路径的路径信息,The processing module is further configured to encapsulate a second SRH in the second packet, where the second SRH includes path information of the second path,
    所述收发模块,还用于根据所述第二SRH转发所述第二报文。The transceiver module is further configured to forward the second message according to the second SRH.
  25. 根据权利要求20至22任一项权利要求所述的网络设备,其特征在于,The network device according to any one of claims 20 to 22, characterized in that,
    所述处理模块,还用于获得所述第二报文的目的地的IPv6地址,所述第二报文中封装IPv6报文头,所述IPv6报文头的目的地址为所述第二报文的目的地的IPv6地址;The processing module is also used to obtain the IPv6 address of the destination of the second message, the IPv6 message header is encapsulated in the second message, and the destination address of the IPv6 message header is the address of the second message The IPv6 address of the destination of the text;
    所述收发模块,还用于根据所述目的地的IPv6地址转发所述第二报文。The transceiver module is further configured to forward the second message according to the IPv6 address of the destination.
  26. 根据权利要求20至25中任一项所述的网络设备,其特征在于,The network device according to any one of claims 20 to 25, characterized in that,
    所述第二路径的路径信息包括至少一个地址,所述至少一个地址包括流量处理设备的地址;The path information of the second path includes at least one address, and the at least one address includes an address of a traffic processing device;
    或者,or,
    所述第二路径的路径信息与一个绑定段标识BSID对应;The path information of the second path corresponds to a binding segment identifier BSID;
    或者,or,
    所述第二路径用END.X类型的SID指示。The second path is indicated by a SID of type END.X.
  27. 根据权利要求16至25任一项权利要求所述的网络设备,其特征在于,所述第一报文为SRv6报文。The network device according to any one of claims 16 to 25, wherein the first packet is an SRv6 packet.
  28. 根据权利要求23所述的网络设备,其特征在于,The network device according to claim 23, characterized in that,
    所述处理模块,还用于获取第一路径的路径信息;The processing module is further configured to obtain path information of the first path;
    所述收发模块,还用于根据所述第一路径的路径信息转发所述第一报文。The transceiver module is further configured to forward the first message according to the path information of the first path.
  29. 根据权利要求28所述的网络设备,其特征在于,The network device according to claim 28, characterized in that,
    所述处理模块,还用于对所述第一SRH中的SL字段值执行减x的操作,确定所述第一路径的路径信息;其中,x为大于或者等于2的整数,所述第二路径的路径信息包括(x-1)个地址。The processing module is further configured to subtract x from the value of the SL field in the first SRH to determine the path information of the first path; where x is an integer greater than or equal to 2, and the second The route information of the route includes (x-1) addresses.
  30. 根据权利要求16至29中任一项所述的网络设备,其特征在于,A network device according to any one of claims 16 to 29, characterized in that,
    所述处理模块,还用于当所述网络设备到流量处理设备的路径发生故障时,则删除所述第二报文。The processing module is further configured to delete the second packet when a path from the network device to the traffic processing device fails.
  31. 一种网络设备,其特征在于,包括:包括处理器,所述处理器与至少一个存储器耦合,所述处理器用于读取所述至少一个存储器所存储的计算机程序,使得所述网络设备 执行如权利要求1至15中任一项所述的方法。A network device, characterized by comprising: a processor, the processor is coupled to at least one memory, and the processor is used to read a computer program stored in the at least one memory, so that the network device executes the following: A method as claimed in any one of claims 1 to 15.
  32. 一种计算机可读存储介质,其特征在于,用于储存计算机程序或指令,所述计算机程序或指令被执行时使得计算机执行如权利要求1至15中任一项所述的方法。A computer-readable storage medium is characterized in that it is used to store computer programs or instructions, and when the computer programs or instructions are executed, the computer executes the method according to any one of claims 1 to 15.
PCT/CN2021/126561 2021-07-30 2021-10-27 Packet forwarding method and network device WO2023005018A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110875153.0A CN115695338A (en) 2021-07-30 2021-07-30 Message forwarding method and network equipment
CN202110875153.0 2021-07-30

Publications (1)

Publication Number Publication Date
WO2023005018A1 true WO2023005018A1 (en) 2023-02-02

Family

ID=85059709

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/126561 WO2023005018A1 (en) 2021-07-30 2021-10-27 Packet forwarding method and network device

Country Status (2)

Country Link
CN (1) CN115695338A (en)
WO (1) WO2023005018A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116915685B (en) * 2023-09-06 2023-12-12 新华三技术有限公司 Message transmission method and device and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160099864A1 (en) * 2014-10-07 2016-04-07 Cisco Technology, Inc. Selective service bypass in service function chaining
CN112787931A (en) * 2019-11-06 2021-05-11 华为技术有限公司 Message transmission method, proxy node and storage medium
CN113114566A (en) * 2017-09-25 2021-07-13 华为技术有限公司 Message forwarding method and network equipment
WO2021148021A1 (en) * 2020-01-22 2021-07-29 华为技术有限公司 Packet processing method, apparatus and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160099864A1 (en) * 2014-10-07 2016-04-07 Cisco Technology, Inc. Selective service bypass in service function chaining
CN113114566A (en) * 2017-09-25 2021-07-13 华为技术有限公司 Message forwarding method and network equipment
CN112787931A (en) * 2019-11-06 2021-05-11 华为技术有限公司 Message transmission method, proxy node and storage medium
WO2021148021A1 (en) * 2020-01-22 2021-07-29 华为技术有限公司 Packet processing method, apparatus and system

Also Published As

Publication number Publication date
CN115695338A (en) 2023-02-03

Similar Documents

Publication Publication Date Title
JP7358538B2 (en) Methods and network devices for forwarding packets
US8913617B1 (en) Packet processor for altering a header portion of a data packet
US9894003B2 (en) Method, apparatus and system for processing data packet
CN112787931B (en) Message transmission method, proxy node and storage medium
WO2020182156A1 (en) Message forwarding method in network, network node and network system
EP3780517B1 (en) Method and apparatus for processing multicast data packet
US20100232444A1 (en) Frame transfer method and frame transfer device
WO2020073685A1 (en) Forwarding path determining method, apparatus and system, computer device, and storage medium
EP4040738A1 (en) Message processing method, device and system
KR100636273B1 (en) Apparatus and method for transmitting of mpls multicast packet on ethernet
JP2023514630A (en) FORWARDING ENTRY GENERATION METHOD, PACKET TRANSMISSION METHOD, NETWORK DEVICE AND SYSTEM
WO2021197141A1 (en) Service processing method and apparatus, and device and storage medium
CN112737954B (en) Message processing method, device, system, equipment and storage medium
WO2020182085A1 (en) Transmission method and device for message
WO2023005018A1 (en) Packet forwarding method and network device
WO2022117018A1 (en) Packet transmission method and apparatus
US20230254246A1 (en) Mechanisms for packet path tracing and per-hop delay measurement in segment routing with multiprotocol label switching (sr-mpls) networks
JP4040045B2 (en) Data transfer device
WO2022134674A1 (en) Message transmission method and apparatus, and device, storage medium and system
US10171368B1 (en) Methods and apparatus for implementing multiple loopback links
CN108156066A (en) Message forwarding method and device
JP2003348148A (en) Ip multicast control method and ip multicast control system employing the same
WO2024001701A1 (en) Data processing method, apparatus and system
KR100908843B1 (en) How to Configure a Forwarding Table in a Routing System
CN110535675B (en) Method and device for multicast fast switching

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21951590

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE