Patent Application
20160094357
The present invention is based upon and claims the benefit of the priority of Japanese patent application No. 2013-091469, filed on Apr. 24, 2013, the disclosure of which is incorporated herein in its entirety by reference thereto.
The present invention relates to a control apparatus, a computer system, a communication control method, and a program. In particular, the present invention relates to: a control apparatus that controls switches that processes received packets on the basis of externally set control information; a computer system, a communication control method, and a program.
There are known computer systems in which a certain apparatus transmits heartbeat notifications or alive-monitoring packets to other apparatuses and monitoring apparatuses. These heartbeat notifications and alive-monitoring packets are exchanged by broadcasting or multicasting. For example, in an environment in which IPMIs (intelligent platform management interfaces) are used, there are cases in which a control unit called a BMC (baseboard management controller) broadcasts gratuitous ARP (address resolution protocol) packets by using a watchdog timer. A software product called Heartbeat of Linux (registered mark) HA (High-Availability Linux) also performs alive monitoring by broadcasting.
Non-Patent Literatures 1 and 2 disclose a technique called OpenFlow, which will be mentioned in exemplary embodiments of the present invention.
Patent Literatures 1 to 3 are examples of OpenFlow-related inventions by the applicant of the present application.
The following analysis has been given by the present inventors. In the above computer systems, since an apparatus transmits heartbeat notifications or alive-monitoring packets by broadcasting or multicasting, destinations of these packets do not need to be specified or managed. In addition, the packets can be forwarded to a plurality of apparatuses.
However, if such apparatus that transmits heartbeat notifications or alive-monitoring packets by broadcasting or multicasting is connected, there is a problem that these packets are forwarded throughout the entire network. Generally, these packets are not needed by apparatuses other than those targeted by the transmission-source apparatus. In addition, depending on the number of apparatuses that transmit these packets, the network and other apparatuses can be subjected to a non-negligible amount of load.
As described above, exchange of heartbeat notifications or alive-monitoring packets between or among predetermined apparatuses affects the network and other irrelevant apparatuses. It is an object of the present invention to provide a control apparatus, a computer system, a communication control method, and a program that can reduce the impact caused by the exchange.
According to a first aspect, there is provided a control apparatus, including: a communication identification unit that identifies a predetermined communication between or among predetermined apparatuses by matching a packet received via a switch against a preset pattern(s); and a switch control unit that sets, at least in the switch, control information in which match conditions for determining the communication between or among the apparatuses and a processing content(s) applied to the predetermined communication between or among the predetermined apparatuses are associated with each other.
According to a second aspect, there is provided a computer system, including: a plurality of apparatuses that perform a predetermined communication in accordance with a predetermined procedure; a switch(es) that processes received packets by referring to control information set by a control apparatus; and the control apparatus that includes: a communication identification unit that identifies the predetermined communication between or among the plurality of apparatuses by matching a packet received via one of the switch(es) against a preset pattern(s); and a switch control unit that sets, at least in the switch, control information in which match conditions for determining the predetermined communication between or among the predetermined apparatuses and a processing content(s) applied to the communication between or among the apparatuses are associated with each other.
According to a third aspect, there is provided a communication control method, including steps of: causing a control apparatus, which controls a switch(es) that processes received packets by referring to control information set by the control apparatus, to identify a predetermined communication between or among predetermined apparatuses by matching a packet received via one of the switch(es) against a preset pattern(s); and causing the control apparatus to set, at least in the switch, control information in which match conditions for determining the communication between the apparatuses and a processing content(s) applied to the predetermined communication between the predetermined apparatuses are associated with each other. This method is associated with a certain machine, namely, with the control apparatus that controls the above switch(es).
According to a fourth aspect, there is provided a program, causing a computer, which controls a switch(es) that processes received packets by referring to control information set by a control apparatus, to perform processing for: identifying a predetermined communication between or among predetermined apparatuses by matching a packet received via one of the switch(es) against a preset pattern(s); and setting, at least in the switch, control information in which match conditions for determining the communication between or among the apparatuses and a processing content(s) applied to the predetermined communication between the predetermined apparatuses are associated with each other. The program may be recorded in a computer-readable (non-transitory) storage medium. Namely, the present invention can be embodied as a computer program product.
According to the present invention, the impact on a network and an irrelevant apparatus(es) caused by exchange of heartbeat notifications or alive-monitoring packets between or among predetermined apparatuses can be reduced.
First, an outline of an exemplary embodiment of the present invention will be described with reference to the drawing. In the following outline, various elements are denoted by reference characters for the sake of convenience. Namely, the following reference characters are merely used as examples to facilitate understanding of the present invention, not to limit the present invention to the illustrated modes.
As illustrated in
Next, the switch control unit 303 sets, at least in the switch, control information in which match conditions for determining the predetermined communication between or among the predetermined apparatuses and a processing content(s) applied to the communication between or among the apparatuses are associated with each other.
According to the above configuration, features of heartbeat notifications or alive-monitoring packets exchanged by broadcasting or multicasting between or among certain apparatuses (for example, between apparatuses A and B in
Next, a first exemplary embodiment of the present invention will be described in detail with reference to the drawings.
Each of the servers 1a to 1n is a computer that performs various calculations and performs broadcasting to transmit heartbeat notifications or alive-monitoring packets (hereinafter, referred to as “certain packets”) to the other servers. Such a certain packet indicates an operation state and whether processing is continuing.
An OpenFlow switch disclosed in Non-Patent Literatures 1 and 2 is used as each of the OFSs 2. An individual OFS 2 holds an entry(ies) in which match conditions (rules) against which headers and the like of received packets are matched and a processing content(s) applied to packets that match the match conditions (rules) are associated with each other. In addition, an individual OFS 2 processes received packets on the basis of its own entry(ies). In place of the OFSs, other switches may be used if such switches can identify and process received packets in accordance with control information set by a control apparatus.
An OpenFlow controller disclosed in Non-Patent Literatures 1 and 2 is used as the OFC 3. The OFC 3 controls the OFSs 2. When receiving a packet from any one of the OFSs 2, the packet being issued from one of the servers 1a to 1n, the OFC 3 according to the present exemplary embodiment refers to a notification forwarding table (described below) and determines a forwarding destination(s) of the packet. Next, the OFC 3 sets a flow entry, which is control information that defines processing for forwarding the packet to the forwarding destination(s), in the OFS(s) 2 on the forwarding path(s) of the packet.
The inter-server notification configuration DB 5 is a database in which forwarding destinations set among the servers 1a to 1n are recorded.
The pattern information includes a pattern ID, which is a pattern identifier, and a group of zero or more pattern attributes, which are associated information about the corresponding pattern. As a pattern attribute, a header field against which a received packet is matched and a corresponding value are set.
In addition, the group ID is an ID given on the basis of a segmentation unit. For example, the group ID is given to a network such as a subnet, a tenant, a partition, and a VLAN or to a resource lending unit.
The forwarding destination information includes a group ID indicating a group serving as a forwarding destination(s) and server information. In addition, a value indicating that all the groups are forwarding targets may be allocated as a certain group ID. In the forwarding destination information field, zero or more forwarding destinations can be set. If no forwarding destinations are set in the entry, corresponding communication packets will be dropped. In addition, as the server information, a media access control (MAC) address (Ether address) of an individual forwarding destination server is set.
Such entry described above is registered in the inter-server notification configuration DB 5 by a network administrator or the like.
Next, a specific configuration of each of the above apparatuses will be described.
When the OFS 2 receives a packet, the packet processing unit 20 refers to the flow table 21 and processes the received packet. If the flow table 21 does not include any entry that matches the received packet, the packet processing unit 20 forwards the received packet to the OFC 3. If an entry that matches the received packet specifies forwarding the received packet to the OFC 3, the packet processing unit 20 also forwards the received packet to the OFC 3.
The flow table 21 stores an entry(ies) (a flow entry(ies)) in which rules (match conditions) for determining a control target packet and a processing content(s) applied to packets that match the rules (match conditions) are written.
The above flow table 21 may be configured by using a content-addressable memory (CAM) or the like. In addition, if the packet processing unit 20 is configured with an application specific integrated circuit (ASIC) that searches the CAM for an entry to perform processing, the packet processing unit 20 can perform the processing at high speed.
The path calculation unit 31 is processing means for processing packets transmitted from the OFSs 2. The path calculation unit 31 corresponds to the above communication identification unit.
The topology DB 32 is a database for managing topology information that indicates connection relationships among servers 1 and the OFCs 2 (hereinafter, any one of the servers 1a to 1n will be referred to as a “server 1” unless the servers 1a to 1n need to be distinguished from each other).
The flow entry setting unit 33 is processing means that performs communication for setting flow entries in the flow tables 21 of the OFSs 2. The flow entry setting unit 33 corresponds to the above switch control unit.
The notification forwarding table 34 is a table for holding an entry(ies) in which features of a certain packet exchanged between or among servers 1 are associated with a corresponding forwarding destination(s) of the packet, the entry(ies) having been supplied from the control-target-communication notification apparatus 4.
For example, the following information can be specified in the rule fields: a group ID indicating a group to which a server 1 serving as the corresponding communication source belongs; the DPID of the corresponding OFS 2 to which the control target communication packet is inputted; information about the corresponding input port (In port); and other information included in the packet header of the control target communication packet, such as the source MAC address (Ether SA), destination MAC address (Ether DA), Ether type, source IP address (IP src), destination IP address (IP dst), IP (Internet protocol)/ARP number (IP proto/ARP opcode), TCP (transmission control protocol)/UDP (user datagram protocol)/SCTP (stream control transmission protocol) source port number, ICMP (internet control message protocol) code (TCP/UDP/SCTP src port ICMP Code), and TCP/UDP/SCTP des port ICMP code. In addition, a value (wildcard) indicating that any value is applicable or a mask indicating that only a part of a value is valid may be set in an individual field.
The forwarding destination field specifies a forwarding destination determined by the DPID of a corresponding exit-side OFS 2 that is connected to a forwarding destination server and information about the corresponding output port (Out port) of the OFS 2.
The group management table 35 is a table for managing information about which group each server 1 belongs to.
The communication rule generation unit 41 converts an entry acquired from the inter-server notification configuration DB 5 by referring to the pattern DB 42 and generates an entry to be registered in the notification forwarding table 34 of the OFC 3.
In the forwarding destination field, a group ID as a forwarding destination(s) and server information can be set. If no forwarding destinations are set, corresponding communication packets will be dropped. In addition, a group other than the group to which the source server belongs may be set as a forwarding destination. In such case, corresponding communication packets are also forwarded to this group specified by the group ID. By using such entry, the OFC 3 can manage packets to be broadcasted to a plurality of groups in a centralized manner. Since the contents of the other fields in the entry held in the pattern DB 42 are the same as those held in the notification forwarding table 34, description thereof will be omitted.
Each unit (processing means) of the above apparatuses may be realized by a computer program which causes a computer that constitutes the corresponding apparatus to use its hardware and execute the corresponding processing described above.
Next, an operation according to the present exemplary embodiment will be described in detail with reference to the drawings. The following description will be made assuming that the servers 1, the OFSs 2, and the OFC 3 are connected as illustrated in
First, a basic operation of an OFS 2 and of the OFC 3 will be described.
As a result of the search, if the packet processing unit 20 finds an entry having rules (match conditions) that match the received packet (Yes in step S501), the OFS 2 carries out a processing content(s) (action(s)) set in the instruction field of the entry (step S502).
If the packet processing unit 20 does not find an entry having rules (match conditions) that match the received packet (No in step S501), the OFS 2 forwards the received packet to the OFC 3 (step S503).
As a result of the search, if the OFC 3 finds a matching entry (Yes in step S602), the OFC 3 sets a destination(s) specified in the matching entry as a destination(s) of the packet (step S603; change forwarding destination).
If the OFC 3 does not find a matching entry (No in step S602), the OFC 3 determines whether the received packet is a broadcast packet (step S604). If the received packet is a broadcast packet, the OFC 3 searches the group management table 35 for the other servers that belong to the group to which the source server of the packet belongs and sets these servers as destinations of the packet (step S605).
If the notification forwarding table 34 does not include any entry that matches the received packet and if the received packet is not a broadcast packet (No in step S604), the OFC 3 determines that the received packet is a unicast packet or the like. In such case, the OFC 3 sets the destination that is specified in the packet header and that has been stored in step S601 as the destination of the packet.
Next, by referring to the topology DB 32, the OFC 3 calculates a packet forwarding path(s) from the OFS 2 that has transmitted the packet to the set packet destination(s) (step S606). If the packet has a plurality of forwarding destinations, the OFC 3 calculates respective forwarding paths in the path calculation in step S606. Dijkstra's algorithm may be used for the path calculation.
Next, the OFC 3 calculates a flow entry(ies) to be set in the OFS(s) 2 on the packet forwarding path(s) (step S607) and sets the calculated flow entry(ies) in the corresponding OFS(s) 2 (step S608). In step S607, the OFC 3 can create rules (match conditions) for the flow entry(ies) by using a packet header field(s) that matches the entry in the notification forwarding table 34 (except for a field(s) indicating a wildcard), Ether src, and Ether dst. A wildcard can be used for the rest of the fields. Alternatively, the OFC 3 may create rules (match conditions) for the flow entry(ies) by using a wildcard only for In port and using the original packet header contents for the rest of the fields.
Next, the OFC 3 instructs the OFS 2 to transmit the received packet (step S609). In step S609, if the packet has a single destination, the OFC 3 instructs the OFS 2 connected to the destination to transmit the packet to the destination. If the packet has a plurality of destinations, the OFC 3 instructs the OFS 2 that has transmitted the packet to transmit the packet along the set paths.
Next, an overall operation of the computer system according to the present exemplary embodiment will be described with reference to the drawings. The following description will be made assuming that the servers 1a to 1c belong to a group whose group ID is 1 and that the server 1d belongs to a group whose group ID is 2.
As described above, according to the present exemplary embodiment, by registering an entry that determines heartbeat notifications or alive-monitoring packets broadcasted between or among the servers 1 in the notification forwarding table 34, the OFC 3 can finely specify a forwarding destination(s) of such communication packets. Thus, the network and irrelevant apparatuses are affected less.
Next, a second exemplary embodiment will be described. In the second exemplary embodiment, the OFC includes an additional function so that the OFC can accommodate change and deletion of a control target communication between or among servers.
On the basis of a notification transmitted from the control-target-communication notification apparatus 4, the notification configuration change reception unit 36 modifies the notification forwarding table 34. If a related flow entry(ies) is set in the flow table(s) 21 of the OFS(s) 2, the notification configuration change reception unit 36 requests the flow entry setting unit 33 to delete the related flow entry(ies) from the OFS(s) 2 that includes the related flow entry(ies).
Next, an operation according to the present exemplary embodiment will be described in detail with reference to the drawings. The following description will be made assuming that the servers 1, the OFSs 2 (2a and 2b), and the OFC 3B are connected as illustrated in
Next, an operation performed by the OFC 3B that has received a notification from the control-target-communication notification apparatus 4 will be described.
As a result of the search, if the notification forwarding table 34 includes an entry that matches rules (match conditions) in the modification target entry indicated by the control-target-communication notification apparatus 4 (Yes in step S702), the OFC 3B deletes the entry from the notification forwarding table 34 (step S703).
Next, on the basis of the modification content indicated by the control-target-communication notification apparatus 4, the OFC 3B determines a change to be made to a flow entry(ies) that has been set in the corresponding OFS(s) 2 (step S704). For example, if the control-target-communication notification apparatus 4 instructs the OFC 3B to delete an entry, the OFC 3B determines a corresponding flow entry to be deleted by the flow entry setting unit 33. To determine the deletion-target flow entry, the OFC 3B copies, other than a rule(s) (match condition(s)) indicated by a wildcard, the rules (match conditions) of the corresponding entry held in the notification forwarding table 34 in the relevant rules of a flow entry, sets a wildcard for the rest of the rules, and searching for a flow entry that matches the created rule(s) (match condition(s)). In addition, for example, if the control-target-communication notification apparatus 4 instructs the OFC 3B to change a forwarding destination(s) in an entry, the OFC 3B determines a corresponding flow entry to be changed by the flow entry setting unit 33 and a content(s) of the corresponding instruction field to be changed by the flow entry setting unit 33.
Next, the OFC 3B determines whether the modification content indicated by the control-target-communication notification apparatus 4 is a notification of registration of a new entry in the notification forwarding table 34 (step S705).
As a result of the determination, if the modification indicated by the control-target-communication notification apparatus 4 is a notification of registration of a new entry in the notification forwarding table 34, the OFC 3B registers a new entry in the notification forwarding table 34 (step S706).
Finally, the OFC 3B requests the flow entry setting unit 33 to change or delete the corresponding flow entry (step S707).
If the OFC 3B has a table holding a flow entry(ies) that corresponds to a preset path(s), the OFC 3B can perform the flow entry determination processing in step S704 by referring to this table.
Next, an overall operation of the computer system according to the present exemplary embodiment will be described with reference to the drawings. The following description will be made assuming that the servers 1a to 1c belong to a group whose group ID is 1 and that the server 1d belongs to a group whose group ID is 2.
Next, as in the operation according to the first exemplary embodiment illustrated in
Next, as in the operation according to the first exemplary embodiment illustrated in
As described above, according to the second exemplary embodiment, on the basis of an operation content given by the control-target-communication notification apparatus 4 on the notification forwarding table 34, the OFC 3B operates a corresponding flow entry. Thus, even a communication whose forwarding destination and the like is frequently changed can be registered in the notification forwarding table 34.
Finally, control target packets as specific examples and corresponding exemplary entries in the pattern DB 42, the inter-server notification configuration DB 5, and the notification forwarding table 34 will be described.
(1) Gratuitous ARP transmitted by BMC watchdog timer when IPMI is used
An example will be described assuming that a method in which notification of a heartbeat is performed by broadcasting a gratuitous ARP packet is used and that all gratuitous ARP packets in a group are forwarded to a certain server included in another group.
In this case, the pattern DB 42 includes an entry as follows. In the following entry, “VAL” is a value indicating that an attribute value is to be set and “WILDCARD” is a value indicating a wildcard. An entry in the pattern DB 42 (
In port: WILDCARD,
Ether Type: 0x0806,
IP proto/ARP opcode: 0x0001,
TCP/UDP/SCTP src port ICMP Code: WILDCARD,
TCP/UDP/SCTP dst port ICMP Code: WILDCARD,
Forwarding Destination 1 {Group ID: VAL, Server Information [MAC address]: VAL})
Next, an entry in the inter-server notification configuration DB 5 will be described, the entry being applied to when forwarding is performed from all the servers corresponding to a group ID=G1 to MAC address=Md corresponding to a group ID=G2.
An entry in the notification configuration DB 5 (
Information [MAC address]: Md}
)
The control-target-communication notification apparatus 4 creates the following entry to be stored in the notification forwarding table 34 on the basis of the above entries in the pattern DB 42 and the inter-server notification configuration DB 5. In the following entry, the DPID and the output port information (Out port) of the forwarding destination OFS are dp1 and m, respectively.
An entry in the notification forwarding table 34 (
Server Information [MAC address]: WILDCARD,
Ether Type: 0x0806,
IP proto/ARP opcode: 0x0001,
TCP/UDP/SCTP src port ICMP Code: WILDCARD,
TCP/UDP/SCTP dst port ICMP Code: WILDCARD
},
Forwarding Destination 1 {DPID: dp1, Out port: m})
)
For example, in a situation in which a heartbeat notification is regularly transmitted to specified ports of UDP by broadcasting, an example in which packets are aggregated to a specified server will be described.
In this case, the pattern DB 42 includes an entry as follows. In the following entry, “VAL” is a value indicating that an attribute value is to be set and “WILDCARD” is a value indicating a wildcard.
An entry in the pattern DB 42 (
In port: WILDCARD,
Ether Type: 0x0800,
IP proto/ARP opcode: 17,
TCP/UDP/SCTP src port ICMP Code: WILDCARD,
TCP/UDP/SCTP dst port ICMP Code: VAL,
Forwarding Destination 1 {Group ID: VAL, Server Information [MAC address]: VAL}
)
Next, an entry in the inter-server notification configuration DB 5 will be described, the entry being applied to when the communications involving UDP 55000 ports of all the servers corresponding to a group ID=G1 are forwarded to MAC address=Ma in the same group.
An entry in the inter-server notification configuration DB 5 (
Forwarding Destination Information 1 {Group ID: G1, Server Information [MAC address]: Ma}
)
The control-target-communication notification apparatus 4 creates the following entry to be stored in the notification forwarding table 34 on the basis of the above entries in the pattern DB 42 and the inter-server notification configuration DB 5. In the following entry, the DPID and the output port information (Out port) of the forwarding destination OFS are dp2 and k, respectively.
An entry in the notification forwarding table 34 (
Server Information [MAC address]: WILDCARD,
Ether Type: 0x0800,
IP proto/ARP opcode: 0x0800,
TCP/UDP/SCTP src port ICMP Code: WILDCARD,
TCP/UDP/SCTP dst port ICMP Code: 55000
},
Forwarding Destination 1 {DPID: dp2, Out port: k}
)
While exemplary embodiments of the present invention have thus been described, the present invention is not limited thereto. Further variations, substitutions, or adjustments can be made without departing from the basic technical concept of the present invention. For example, the configurations of the networks and elements illustrated in the drawings are used only as examples to facilitate understanding of the present invention. Namely, the present invention is not limited to the configurations illustrated in the drawings.
For example, in the above exemplary embodiments, while the OFC 3 or 3B sets a flow entry(ies) when receiving a packet forwarded from an OFS(s) 2, the OFC 3 or 3B may set a flow entry(ies) in the flow table(s) of the OFS(s) 2 in advance. In this way, processing load on the OFC 3 or 3B is reduced, and delay in forwarding an initial packet can be shortened.
In addition, in the above exemplary embodiments, while heartbeat notifications or alive-monitoring packets exchanged between or among servers are used as the control targets, packets exchanged between various types of other apparatuses may be used as the control targets. For example, broadcast/multicast packets exchanged between or among apparatuses called machine to machine (M2M) can be used as the control targets.
Finally, suitable modes of the present invention will be summarized.
(See the control apparatus according to the above first aspect.)
The control apparatus according to mode 1;
wherein the pattern(s) is used for determining a state check packet periodically broadcasted or multicasted between or among the predetermined apparatuses.
The control apparatus according to mode 1 or 2;
wherein the control apparatus holds a table in which the pattern(s) and a corresponding forwarding destination(s) are associated with each other; and
wherein, by referring to the table, the switch control unit creates control information for instructing forwarding of packets that match the pattern(s) to the corresponding forwarding destination(s) and sets the control information at least in the switch.
The control apparatus according to mode 3;
wherein a group to which the forwarding-destination apparatus(s) belongs can be specified as a forwarding destination in the table; and
wherein, by referring to a second table in which information about the apparatus(es) that belongs to the group is stored, the switch control unit determines an apparatus(es) to which packets that match the match conditions are forwarded.
The control apparatus according to mode 3 or 4;
wherein the control apparatus is connected to a control-target-communication notification apparatus that updates the table.
The control apparatus according to mode 5;
wherein, on the basis of deletion of an entry(ies) or change of a forwarding destination(s) in the table by the control-target-communication notification apparatus, the control apparatus updates control information that is at least set in the switch.
(See the computer system according to the above second aspect.)
(See the communication control method according to the above third aspect.)
(See the program according to the above fourth aspect.)
Modes 7 to 9 can be expanded in the same way as mode 1 is expanded to modes 2 to 6.
The disclosure of each of the above Patent Literatures and Non-Patent Literatures is incorporated herein by reference thereto. Modifications and adjustments of the exemplary embodiments and examples are possible within the scope of the overall disclosure (including the claims) of the present invention and based on the basic technical concept of the present invention. In addition, various combinations and selections of various disclosed elements (including the elements in each of the claims, exemplary embodiments, examples, drawings, etc.) are possible within the scope of the entire disclosure of the present invention. Namely, the present invention of course includes various variations and modifications that could be made by those skilled in the art according to the entire disclosure including the claims and the technical concept. In particular, the present description discloses numerical value ranges. However, even if the description does not particularly disclose arbitrary numerical values or small ranges included in the ranges, these values and ranges should be deemed to have been specifically disclosed.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2013-091469 | Apr 2013 | JP | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/JP2014/061438 | 4/23/2014 | WO | 00 |
