Patent Application
20160112248
This application is based upon and claims the benefit of the priority of Japanese Patent Application No. 2013-093738 filed on Apr. 26, 2013, the disclosure of which is incorporated herein in its entirety by reference thereto.
The present invention relates to a communication node, a communication system, a packet processing method, and a program. In particular, it relates to: a communication node that operates on the basis of control information set by a control apparatus(es); a communication system; a packet processing method; and a program.
NPLs 1 and 2 propose a technique referred to as OpenFlow that realizes a centralized-control-type network in which the control and data planes are separated from each other. OpenFlow recognizes communications as end-to-end flows and performs path control, failure recovery, load balancing, and optimization on a per-flow basis. An OpenFlow switch standardized in NPL 2 has a secure channel for communication with an OpenFlow controller and operates according to a flow table suitably added or rewritten by the OpenFlow controller. In the flow table, a set of the following three is defined for each flow: match conditions (Match Fields) against which packet headers are matched; flow statistical information (Counters); and an instruction(s) (Instructions) that defines a processing content(s) (see section “5.2 Flow Table” in NPL 2).
For example, when an OpenFlow switch receives a packet, the OpenFlow switch searches its flow table for an entry having match conditions (see “5.3 Matching” in NPL 2) that match header information of the received packet. As a result of the search, if the OpenFlow switch finds an entry that matches the received packet, the OpenFlow switch updates its flow statistical information (Counters) and processes the received packet on the basis of the processing content(s) (packet transmission from a specified port, flooding, dropping, etc.) written in the instruction field of the entry. If, as a result of the search, the OpenFlow switch does not find an entry that matches the received packet, the OpenFlow switch requests the OpenFlow controller to set an entry for processing the received packet, namely, transmits a control information transmission request (Packet-In message) to the OpenFlow controller via the corresponding secure channel. The OpenFlow switch receives a flow entry in which a processing content(s) is defined and updates its own flow table. In this way, the OpenFlow switch performs packet forwarding by using an entry stored in its flow table as control information.
PTL 1 discloses a communication apparatus (corresponding to an OpenFlow switch) that performs high-speed path switching when a failure or congestion occurs in a network using the above OpenFlow. More specifically, PTL 1 discloses that this communication apparatus includes: a processing storage unit (corresponding to the above flow table) that stores processing rules in which information for identifying received packets and processing performed on the received packets are associated with each other; an alternative processing storage unit (a table storing alternatives to entries in the above flow table) that stores processing rules including processing that is performed on the received packets and that is different from the processing stored in the processing storage unit; and a processing unit that processes the received packets in accordance with the processing rules obtained by searching the processing storage unit or the alternative processing storage unit on the basis of the information for identifying the received packets.
PTL 2 discloses an OpenFlow controller capable of reducing unnecessary flow setup processing (setting control information in switches). The OpenFlow controller achieves this by setting control information (a forwarding rule) after confirming establishment of connection between terminals.
PTL 3 discloses a configuration in which a plurality of flow tables are held in an individual OpenFlow switch. In this way, an individual OpenFlow switch is allowed to hold more entries.
PTL 1: Japanese Patent Kokai Publication No. JP2012-49674A
PTL 2: Japanese Patent Kokai Publication No. JP2012-195807A
PTL 3: International Publication No. 2012/032864
NPL 1: Nick McKeown, and seven others, “OpenFlow: Enabling Innovation in Campus Networks,” [online], [searched on Apr. 10, 2013], Internet <URL:http://www.openflow.org/documents/openflow-wp-latest.pdf>
NPL 2: “OpenFlow Switch Specification” Version 1.3.1 (Wire Protocol 0x04), [online], [searched on Apr. 10, 2013], Internet <URL: https://www.opennetworking.org/images/stories/downloads/sdn-resources/onf-specifications/openflow/openflow-spec-v1.3.1.pdf>
The following analysis has been given by the present inventors. As pointed out in paragraphs 0006 to 0008 in PTL 1, in a network in which the control and data planes are separated from each other as typified by the above OpenFlow, when a failure occurs, much time is required until communication is enabled again, which is counted as a problem. This is because a switch(es) controlled in the network needs to query a control apparatus (OpenFlow controller) controlling the control plane about the next operation or data forwarding destination. Particularly, if the network is expanded and the number of switches controlled by the control apparatus is increased, many queries are simultaneously transmitted to the control apparatus. As a result, the control plane is congested, which is counted as a problem.
According to PTL 1, an individual communication apparatus includes at least one flow table that stores a group of basic flow entries that corresponds to paths used during a normal operation and a group of alternative flow entries that corresponds to alternative paths used when failures occur. The communication apparatus realizes path switching by referring to the group of basic flow entries during a normal operation and to the group of alternative flow entries when a failure occurs (see paragraph 0062. PLT 1 also discloses a method of searching two flow entry groups in parallel and a method of determining the processing that needs to be performed by the corresponding switch).
However, PTL 1 is problematic in that an area for storing the group of alternative flow entries needs to be secured in a flow table. Particularly, if the flow table is configured by using a CAM (Content-Addressable Memory) or the like, a valuable area is occupied by the flow entries that are used only when a failure occurs.
In addition, in a network in which the control and data planes are separated from each other, it is desirable that instructions given to communication nodes such as switches be changed at various timing, for example, when malfunction of a port of a certain switch is detected, when communication with the control apparatus (controller) is disconnected, or when congestion occurs.
It is an object of the present invention to provide: a communication node(s) that is allowed to change an instruction(s) (control information) given by a control apparatus(es) when a predetermined event such as a failure occurs without querying the control apparatus(es) every time or previously arranging an alternative flow entry(ies) for failure recovery in a flow table as described above; a communication system; a packet processing method; and a program.
According to a first aspect, there is provided a communication node, including: a packet processing unit which processes received packets by referring to a first table(s) that stores an entry(ies) defining match conditions against which the received packets are matched and a processing content(s) applied to packets that match the match conditions; and an autonomous operation unit which refers to a second table(s) in which an event(s) is associated with a change(s) applied to an entry(ies) stored in the first table(s) when occurrence of the event(s) is detected and which rewrites an entry(ies) in the first table(s) on the basis of an event(s) that has occurred.
According to a second aspect, there is provided a communication system including the above communication node(s) and a control apparatus(es) that sets an entry(ies) in the first table(s) and the second table(s) of the communication node(s).
According to a third aspect, there is provided a packet processing method, including steps of: causing a communication node, including a packet processing unit which processes received packets by referring to a first table(s) that stores an entry(ies) defining match conditions against which received packets are matched and a processing content(s) applied to packets that match the match conditions, to detect occurrence of a predetermined event(s); and causing the communication node to refer to a second table(s) in which an event(s) is associated with a change(s) applied to an entry(ies) stored in the first table(s) when occurrence of the event(s) is detected and to rewrite an entry(ies) in the first table(s) on the basis of an event(s) that has occurred. This method is associated with a certain machine(s), namely, with a communication node(s) that processes received packets by referring to the above first table(s).
According to a fourth aspect, there is provided a program, causing a computer, including a packet processing unit which processes received packets by referring to a first table(s) that stores an entry(ies) defining match conditions against which received packets are matched and a processing content(s) applied to packets that match the match conditions, to perform processing for: detecting occurrence of a predetermined event(s); and referring to a second table(s) in which an event(s) is associated with a change(s) applied to an entry(ies) stored in the first table(s) when occurrence of the event(s) is detected and rewriting an entry(ies) in the first table(s) on the basis of an event(s) that has occurred. The program may be recorded in a computer-readable (non-transitory) storage medium. Namely, the present invention can be embodied as a computer program product.
According to the present invention, a communication node(s) is allowed to change an instruction(s) (control information) given by a control apparatus(es) without querying the control apparatus(es) every time or previously arranging an alternative flow entry(ies) for failure recovery in a flow table.
First, an outline of an exemplary embodiment of the present invention will be described with reference to the drawings. In the following outline, various components are denoted by reference characters for the sake of convenience. Namely, the following reference characters are merely used as examples to facilitate understanding of the present invention, not to limit the present invention to the illustrated modes.
As illustrated in
More specifically, in the second table 13, an event(s) that can be detected by the communication node is associated with a change(s) applied to an entry(ies) stored in the first table 11 when occurrence of the event(s) is detected. The autonomous operation unit 14 rewrites an entry(ies) in the first table 11 on the basis of an event(s) that has occurred.
Through the above processing, the communication node 10 can change processing applied to received packets on the basis of an event(s) that has occurred, without querying a control apparatus.
Next, a first exemplary embodiment of the present invention will be described in detail with reference to the drawings.
The OFSs 101 and 102 are OpenFlow switches having an Ether-OAM function and operate by referring to entries in flow and event tables set by the OFC 200. The Ether-OAM function is an operation, administration, and maintenance function for an Ethernet (registered mark) network defined in ITU-T Y.1731, IEEE 802.1ag, etc.
The OFC 200 exchanges control messages with the OFSs 101 and 102 via the control channels 501 and 502 and adds entries to the flow and event tables (which will be described below) in the OFSs 101 and 102.
The flow table 111 corresponds to the above first table storing an entry(ies) defining match conditions against which received packets are matched and a processing content(s) applied to packets that match the match conditions. A plurality of flow tables 111 may be included as disclosed in NPL 2.
When receiving a packet from the outside, the packet processing unit 112 searches the flow table 111 for an entry having match conditions that match the ingress port or header information of the received packet. As a result of the search, if the packet processing unit 112 finds an entry having match conditions that match the received packet, the packet processing unit 112 applies a processing content(s) defined in the entry to the packet. As a result of the search, if the packet processing unit 112 does not find an entry having match conditions that match the received packet, the packet processing unit 112 performs a predetermined operation such as dropping of the packet or forwarding of the packet to the OFC 200. If the packet processing unit 112 receives an Ether-OAM failure notification, the packet processing unit 112 outputs the Ether-OAM failure notification to the autonomous operation unit 114. An operation of the OFS 101/102 performed when the OFS 101/102 receives an Ether-OAM failure notification can be realized by setting an entry(ies) that instructs outputting to a virtual port connected to the autonomous operation unit 114 in the flow table 111.
The event table 113 corresponds to the above second table storing entries in which various types of event conditions that can be detected by the OFS 101/102 are associated with processing contents (event actions) performed when the corresponding events occur. It is preferable that the OFC 200 set an entry(ies) in the event table 113 by using a path calculation result when creating the entry(ies) in the flow table 111. Of course, a network administrator or the like may manually set an entry(ies) in the event table 113. Since it is likely that the event table 113 is referred to or rewritten less frequently than the flow table 111, the event table 113 does not need to be configured by a CAM or the like, unlike the flow table 111.
If a state (a failure, for example) that matches an event condition written in the event table 113 occurs, the autonomous operation unit 114 performs a processing content(s) (event action(s)) defined in the matching entry. In addition, if an entry(ies) in the flow table 111 is changed by performing the processing content(s) (event action(s)) defined in the entry in the event table 113, the autonomous operation unit 114 notifies the OFC 200 of the processing content(s) performed or the change(s) made to the flow table 111. In this way, the consistency between the flow entry(ies) that the OFC 200 grasps is set in the OFS 101/102 and the flow entry(ies) actually set in the OFS 101/102 can be maintained.
The protocol communication unit 115 is a means for communicating with the OFC 200 by using, for example, the OpenFlow protocol in NPL 2.
The monitoring unit 116 monitors operating statuses and link statuses of the corresponding OFS. If the monitoring unit 116 finds a malfunction, the monitoring unit 116 transmits an Ether-OAM failure notification or an Ether-OAM failure recovery notification to a different OFS(s), etc.
Each unit (processing means) in the OFS 101/102 illustrated in
Next, an operation according to the present exemplary embodiment will be described in detail with reference to the drawings. The following description will be made assuming that each of the flow tables 111 in the respective OFSs 101 and 102 includes an entry for forwarding packets transmitted between the terminals 401 and 402 via the network 301, as indicated by a double-headed arrow in
If a failure occurs in the network 301 in
The OFS 102 also makes necessary changes so that the packets between the terminals 401 and 402 are forwarded via the network 302.
In this way, as illustrated in
In addition, according to the present exemplary embodiment, since the number of control messages exchanged among the OFC and OFSs can be reduced, congestion in the control channels 501 and 502 can be avoided, for example. With the basic configuration in NPL 2, if a failure occurs in a network and if many OFSs are connected to the network, these OFSs transmits a request (Packet-In message) to the OFC 200 for an entry to be registered in their flow tables 111. In response, the OFC 200 creates an entry to be set in each OFS and transmits the entry thereto. According to the present exemplary embodiment, it is only necessary that the autonomous operation unit 114 of an individual OFS notify the OFC 200 of a change(s) made in its flow table 111. Thus, the communication amount is reduced by half at least.
By setting entries in the event table 113, an individual OFS can perform a recovery operation from the state illustrated in
In this way, the packet forwarding path between the terminals 401 and 402 in
Next, a second exemplary embodiment will be described. In the second exemplary embodiment, the same OFSs as those used in the above first exemplary embodiment are used to realize failover between servers. Since the present exemplary embodiment can be realized by the same configuration as that according to the first exemplary embodiment, the present exemplary embodiment will be described with a focus on the difference.
Next, an operation according to the present exemplary embodiment will be described in detail with reference to the drawings. The following description will be made assuming that each of the flow tables 111 in the respective OFSs 101 and 102 includes an entry for forwarding packets transmitted between the terminal 401 and the server 701 via the network 301, as indicated by a double-headed arrow in
When detecting occurrence of a failure in the server 701 in
It is also preferable that the OFS 102 convert an address of the server 701 that is set as the destination or source in a packet header portion into an address of the server 702. In this way, the OFS 101 does not need to change entries in its flow table 111.
Consequently, the packet forwarding paths between the terminal 401 and the server 701 can be switched without control by the OFC 200, as illustrated in
While exemplary embodiments of the present invention have thus been described, the present invention is not limited thereto. Further variations, substitutions, or adjustments can be made without departing from the basic technical concept of the present invention. For example, the configurations of the networks and elements illustrated in the drawings are used only as examples to facilitate understanding of the present invention. Namely, the present invention is not limited to the configurations illustrated in the drawings.
While an OFC and OFSs in NPLs 1 and 2 are used in the above exemplary embodiments, the present invention is also applicable to a centralized-control-type network in which the control plane and the data plane are separated from each other, for example.
In addition, while an individual OFS uses a single event table in the above exemplary embodiments, an individual OFS may adopt another table configuration. For example, as in pipeline processing using a plurality of flow tables in NPL 2, an individual OFS may sequentially refer to a plurality of tables and finally select an entry that matches a plurality of conditions, so as to determine an event action(s). In this way, an individual event table can have a smaller size, and management thereof can be performed more easily.
In addition, while path switching and failover are performed by using the event table 113 in the above exemplary embodiments, other variations are also possible. For example, a certain entry(ies) in a flow table(s) may be removed or a processing content(s) in a certain entry(ies) in a flow table(s) may be rewritten to packet dropping (Drop).
In addition, while an individual OFS has an Ether-OAM function in the above exemplary embodiments, the present invention is also applicable as long as an individual OFS has another equivalent function. For example, like advantageous effects can be expected by setting an entry for changing the packet forward destination in a corresponding flow table 111 in an event table 113 when a malfunction of a link of a port is detected. In addition, another operation is possible. For example, when a failure in a control channel with an OFC or the like is detected, the corresponding OFS may be controlled by a different OFC (the OFS forwards packets to the different OFC and requests the different OFC to transmit flow entries).
Finally, suitable modes of the present invention will be summarized.
(see the communication node according to the above first aspect)
The communication node according to mode 1;
wherein the communication node receives entries to be stored in the first table(s) and the second table(s) from a predetermined control apparatus(es).
The communication node according to mode 2;
wherein, when the communication node refers to the second table(s) and rewrites an entry(ies) in the first table(s), the communication node notifies the predetermined control apparatus(es) of the rewritten content(s).
The communication node according to any one of modes 1 to 3;
wherein, in the second table(s), there is set an entry(ies) for switching, when a network failure(s) is detected, packet forwarding path(s) that is affected by the failure(s) to a different path(s).
The communication node according to any one of modes 1 to 3;
wherein, in the second table(s), there is set an entry(ies) for changing, when a failure(s) of a communication destination(s) is detected, a packet forwarding destination(s) in an entry(ies) in the first table(s) that is affected by the failure(s) to an alternative apparatus(es) of the communication destination(s).
(see the communication system according to the above second aspect)
(see the packet processing method according to the above third aspect)
(see the program according to the above fourth aspect)
Modes 6 to 8 can be expanded in the same way as mode 1 is expanded to modes 2 to 5.
The disclosure of each of the above PTLs and NPLs is incorporated herein by reference thereto. Modifications and adjustments of the exemplary embodiments and the examples are possible within the scope of the overall disclosure (including the claims) of the present invention and based on the basic technical concept of the present invention. In addition, various combinations and selections of various disclosed elements (including the elements in each of the claims, exemplary embodiments, examples, drawings, etc.) are possible within the disclosure of the present invention. Namely, the present invention of course includes various variations and modifications that could be made by those skilled in the art according to the overall disclosure including the claims and the technical concept. In particular, the present description discloses numerical value ranges. However, even if the description does not particularly disclose arbitrary numerical values or small ranges included in the ranges, these values and ranges should be deemed to have been specifically disclosed.
10 communication node
11 first table
12 packet processing unit
13 second table
14 autonomous operation unit
101, 102 OpenFlow switch (OFS)
111 flow table
112 packet processing unit
113 event table
114 autonomous operation unit
115 protocol communication unit
116 monitoring unit
200 OpenFlow controller (OFC)
301, 302 network
401, 402 terminal
501, 502 control channel
701, 702 server
| Number | Date | Country | Kind |
|---|---|---|---|
| 2013-093738 | Apr 2013 | JP | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/JP2014/061694 | 4/25/2014 | WO | 00 |
