Patent Application
20190245781
The disclosure is related to a technology for host detection applied to a network switch, and in particular to a method and a system for host detection operated with a network switch and a flow table mechanism so that the loading of a CPU can be reduced.
A central processor 101 is electrically connected with its peripheral circuits. The central processor 101 executes a software switch 102 for conducting exchanging and routing of network packets. While processing the network packets, both the central processor 101 and the memory 103 handle a huge load of work such as storing and clearing. Further, the work over a control plane between the SDN switch 10 and the SDN controller 12 may also be added to the workload of the central processor 101 and the memory 103, so that the loading applied to the electronic components such as the central processor 101 and the memory 103 is increased.
The internal circuits of the SDN switch 10 are schematically described in
In the conventional SDN, an OpenFlow protocol is used between the SDN switch 10 and the SDN controller. The OpenFlow protocol uses three message types such as a packet-in message, a flow-mod message and a packet-out message to implement communication there-between. For example, when the SDN switch 10 processes the packet-in message, the central processor 101 is required to perform multiple accessing sequences and process the information with respect to the processor 101. The SDN switch may therefore have unreliability problems since the central processor 101 may suffer from a too high loading when processing a huge number of packets.
The disclosure is related to a host detection method for a network switch and a system thereof. A rule in compliance with an OpenFlow protocol is provided for interconnecting an SDN switch with an SDN controller. Functions of metering and counting can also be provided with a configuration of flow entries of a flow table in a software switch. This scheme successfully achieves loading reduction of a central processor of the SDN switch.
According to one of the embodiments of the host detection method, when an SDN switch goes online, a first flow entry with a meter is firstly added. For example, a priority 100 flow entry can be firstly added, and a second flow entry used to match ARP packets, e.g. a priority 310 flow entry, can also be added.
When receiving packets from one or more hosts, the SDN controller can learn the MAC addresses of the one or more hosts through the priority 100 flow entry and the priority 310 flow entry. Meter is performed within a timeout period. For example, the SDN controller controls the number of packets entering the central processor of the SDN switch by a meter, thereby reducing the loading of the central processor.
After that, the same number of the third flow entries as the detected hosts are added. The third flow entry is such as a priority 110 flow entry. A counter is used to count the packets that match a priority 110 flow entry. A counting result allows the SDN controller to detect if the host is online. The same number of the fourth flow entries as the detected hosts are added. The fourth flow entry is such as priority 330 flow entry that is used to update the MAC address and IP address of the host.
When the counting result no longer changes or the counter is insufficient, the SDN switch will issue an ARP request packet to the host. An ARP reply packet from the host can be referred to to determine if the host is online. In this case, a fifth flow entry is added to the SDN switch. The fifth flow entry is such as priority 340 flow entry that allows the SDN controller to receive an ARP reply packet.
Through the records of the abovementioned flow entries, it can be detected whether the hosts are in online or offline state, and the loading of the central processor of the SDN switch can be simultaneously reduced.
According to one of the embodiments of the disclosure, the aforementioned flow entries are:
a first flow entry (priority 100): having no match fields;
a second flow entry (priority 310): matching on ARP packet;
a third flow entry (priority 110): matching on Source MAC Address;
a fourth flow entry (priority 330): matching on Sender Hardware Address and Sender Protocol Address in ARP packet; and
a fifth flow entry (priority 340): matching on Target Hardware Address in ARP packet.
The disclosure is further related to a host detection system. In one embodiment, the system includes an SDN switch and an SDN controller that form a network system. The host detection method described above can be operated in the SDN controller that can communicate with the SDN switch in compliance with an
These and other aspects of the present disclosure will become apparent from the following description of the embodiment taken in conjunction with the following drawings and their captions, although variations and modifications therein may be affected without departing from the spirit and scope of the novel concepts of the disclosure.
The present disclosure will become more fully understood from the detailed description and the accompanying drawings, in which:
The present disclosure is more particularly described in the following examples that are intended as illustrative only since numerous modifications and variations therein will be apparent to those skilled in the art. Like numbers in the drawings indicate like components throughout the views. As used in the description herein and throughout the claims that follow, unless the context clearly dictates otherwise, the meaning of “a”, “an”, and “the” includes plural reference, and the meaning of “in” includes “in” and “on”. Titles or subtitles can be used herein for the convenience of a reader, which shall have no influence on the scope of the present disclosure.
The terms used herein generally have their ordinary meanings in the art. In the case of conflict, the present document, including any definitions given herein, will prevail. The same thing can be expressed in more than one way. Alternative language and synonyms can be used for any term(s) discussed herein, and no special significance is to be placed upon whether a term is elaborated or discussed herein. A recital of one or more synonyms does not exclude the use of other synonyms. The use of examples anywhere in this specification including examples of any terms is illustrative only, and in no way limits the scope and meaning of the present disclosure or of any exemplified term. Likewise, the present disclosure is not limited to various embodiments given herein. Numbering terms such as “first”, “second” or “third” can be used to describe various components, signals or the like, which are for distinguishing one component/signal from another one only, and are not intended to, nor should be construed to impose any substantive limitations on the components, signals or the like.
The present invention will now be described more fully with reference to the accompanying drawings, in which preferred embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as being limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
The disclosure is related to a host detection method for a network switch, and a host detection system for implementing the method. One of the objectives of the host detection method is to solve the problem of overburdening of the processor of the network switch. The network switch is such as a Software-Defined Network (SDN) switch.
According to one embodiment of the disclosure, the host detection method is operated in an SDN switch. The network switch can also be a Legacy & SDN Hybrid Switch. The Software-Defined Network utilizes a centralized SDN controller to replace a control plane of a conventional switch in a distributed network system. The SDN switch in the Software-Defined Network is only in charge of a data plane. Therefore, the centralized controller can optimize the control plane. When the network switch performs the host detection method, the SDN controller will take over the operation. In one aspect of the disclosure, the SDN controller communicates with the SDN switch through an OpenFlow protocol so as to acquire the host status and perform the host detection method.
The processor of the network switch is in charge of processing the packets in the switch. A huge amount of memory is required to conduct the processes of copying and cleaning the data. In an exemplary example, the SDN switch conducts the exchanging of packets and instructions, e.g. the packet-in packets, with the SDN controller. Some actions will be required for repeatedly accessing and clearing the processor and memory.
One further objective of the host detection method for software switch is to solve the drawback of overloading applied to the central processor 101 of SDN switch 10 when the SDN switch 10 processes the network packets and tasks with the SDN controller 12 simultaneously. One aspect of the invention is utilizing the flow entries of a flow table operated in the software switch 102 to detect whether the host is online or offline. Therefore, the number of packet-in messages can be decreased so as to reduce the loading of the central processor 101.
The technology of detecting whether the host is online or offline can be implemented by metering and counting packets generated by the host. The flow entry of the flow table in the switch can cooperate with the meter or counter for detecting the host's status. The information of OSI Layer 2 or MAC layer of the packets and Address Resolution Protocol (ARP) packets allow the network switch to detect the host's status. An SDN controller can be specified to conduct host detection if the network switch is an SDN switch.
The information such as obtaining the flow entry from the network switch for determining whether the host is online or offline can be referred to a flow chart of
The flow entries are:
a first flow entry (priority 100): having no match fields;
a second flow entry (priority 310): matching on ARP packet;
a third flow entry (priority 110): matching on Source MAC Address;
a fourth flow entry (priority 330): matching on Sender Hardware Address and Sender Protocol Address in ARP packet; and
a fifth flow entry (priority 340): matching on Target Hardware Address in ARP packet.
The definitions for the flow entries applied to the host detection method according to one embodiment of the disclosure are as follows.
Priority 100: each network switch has only one flow entry with priority 100. With the SDN switch as an example, when the SDN switch is online, this priority 100 flow entry with a meter is added (step S301 of
Table 1 describes the priority 100 flow entry recorded in a memory of the network switch. Table 1 shows that this flow entry needs not to be matched on any field when there is no data in the match fields. One of the objectives of the priority 100 flow entry is to obtain a MAC address of the host. The action field shows that a packet matching this flow entry will be encapsulated in a packet-in message and this message will be sent to the SDN controller below a rate specified by a meter with ID 29. A timer inside the SDN switch counts time and a meter conducts metering within the timeout period (step S305 of
Table 2 describes a meter table of the priority 100 flow entry. The current example shows the meter table with meter ID 29 including a rate mode and a rate.
Priority 310: each network switch only includes one priority 310 flow entry. One of the objectives of the present flow entry is to detect whether or not the one or more hosts are online and to obtain the MAC and IP addresses of every online host. In one embodiment, when the SDN switch is online, the SDN controller adds this second flow entry, used to resolve an ARP packet, to the memory of the SDN switch (step S301 of
Table 3 describes a priority 310 flow entry that is used to match the ARP packets using ARP as its match fields. The action of this flow entry is sending packet-in messages to the controller below a rate specified by a meter with ID 29.
Table 4 describes a meter table with meter ID 29 including a rate mode pktps and a rate 8 of the priority 310 flow entry.
Priority 110: each network switch has the same number of the priority 110 flow entries as the number of detected hosts (step S309 of
Table 5 describes a priority 110 flow entry that is used to match on the Source MAC Address using a Source MAC as its match fields and an action being a normal action.
Priority 330: each network switch has the same number of priority 330 flow entries as the number of detected hosts (step S313 of
Table 6 describes a priority 330 flow entry that is used to match on a sender hardware address and a sender protocol address in the ARP packet generated by the user-end host. The match fields of the flow entry is the sender hardware address and the sender protocol address in the ARP packet. The action of the flow entry is a normal action.
Priority 340: when the counting result of the priority 110 flow entries no longer changes or the counter is insufficient, the SDN controller adds the priority 340 flow entry. The SDN controller sends an ARP packet to the host. It is determined whether or not the host is online by checking if the controller gets any response of the ARP packet.
Table 7 describes a priority 340 flow entry. Every network switch has only one priority 340 flow entry that is used to match on a target hardware address in the ARP packet generated by a sender, e.g. the user-end host. The match fields of the priority 340 flow entry is the target hardware address of the ARP packet.
The operation of the host detection system of the disclosure is based on the host detection method performed in a network switch through the flow table. The host detection method can be referred to a flow chart in
This host detection method is based on the L2 packets and ARP packets obtained by a switch. When the network switch is online and in operation (step S401) as an SDN controller, a software procedure performed in the network switch stores the priority 100 and 310 flow entries into a memory of the network switch as one of the initial operations (step S403).
Next, the SDN controller resolves the packets obtained from each host (step S405). These packets can be L2 packets or ARP packets. In the meantime, if the received packet is the L2 packet that matches the priority 100 flow entry, a MAC address of the host is obtained. In step S407, the software procedure performed in the system adds the priority 110 flow entry to a memory of the SDN switch.
If the packet received by the SDN controller is an ARP that matches the priority 310 flow entry, such as in step S409, the priority 110 and 330 flow entries are configured to be added in the memory of the SDN switch.
According to the above-mentioned mechanism, the host detection method for a network switch can be referred to a flow chart shown in
The SDN switch is configured to resolve the received packets. In an initial process, the priority 100 and 310 flow entries are written in a memory of the network switch. The host is generally connected to a network via a wired or wireless connection. When the host generates the L2 packets, the SDN controller learns a MAC address. The priority 110 flow entry can be added to a flow table of the SDN switch in response to the detected host. Therefore, when the SDN switch receives the packets transmitted from the host, the packets are transferred to the SDN controller. The SDN controller detects if the host is online according to the priority 110 flow entry monitoring the packets transmitted by the host. However, if the network switch cannot retrieve the packets transmitted from the host, it indicates that the host is offline or that a failure of the communication port has occurred.
At the beginning of the method, under a normal circumstance, the SDN controller scans the priority 110 flow entry (step S501) and determines whether or not the SDN switch has a sufficient number of counters for the priority 110 flow entry (step S503). Each network switch has the same number of priority 110 flow entries as the number of detected hosts. Thus, when the SDN switch receives an L2 packet or an ARP packet, the priority 110 flow entry will be written to the SDN switch, allowing the SDN controller to determine whether or not the host is online by scanning the priority 110 flow entry. After scanning the priority 110 flow entry, the counting result obtained by the counter can be used to perform the host detection, e.g. detecting whether the host is online or not.
In step S503, if the SDN switch is found to not have enough counters, only the ARP packet can be relied upon to determine whether or not the host is online. In step S505, the SDN controller issues the ARP request packet through the SDN switch. The priority 340 flow entry can be added for matching the ARP response packets generated by the host. The ARP response packets are used to detect whether the host is online or not. For example, the ARP packet can be transferred to a specific host by a unicast process. Next, in step S507, the SDN controller resolves the received packet and determines if the SDN switch receives the ARP response packet from the host. If the SDN switch does not receive the ARP response packet from the host within the timeout period, the host is determined to be offline (step S509).
On the other hand, in step S503, if the SDN switch is determined to have sufficient counters, the SDN switch counts the data flow (step S511) and then determines whether or not the counted value obtained by the counter is changed (step S513). The host is determined to be online if the counted value is changed (step S515).
Further, it is determined that no data flow from the host is found from resolving the received packet if the counted value is not changed (no update) within a time threshold. In next step S505, the SDN controller issues the ARP request packet via the SDN switch. In step S507, the SDN controller determines whether or not the SDN switch receives the ARP response packet from the host. The host is determined to be online (step S515) if the ARP response packet from the host has been received. Otherwise, the host is determined to be offline if the SDN switch does not receive the ARP response packet (step S509).
Thus, the host detection method for a network switch is performed to determine whether the host is online or not through the flow entries in the network switch. Therefore, the loading of central processor of the network switch can be effectively reduced. For an SDN switch, the number of times that the memory is accessed for exchanging the packets between the SDN switch and the SDN controller can be effectively reduced so as to reduce the loading of processor.
A counter of the SDN switch can be associated with the priority 110 flow entry if the number of counters is sufficient. The SDN controller periodically accesses the counter, e.g. once in 10 minutes, and the counting result can be periodically obtained.
To sum up, the host detection method for a network switch can be applied to a network environment under the Software-Defined network. A host detection system can be implemented in the SDN network and the host detection method is operated in the SDN controller. The loading of central processor of the SDN switch, the messaging process between the SDN switch and the SDN controller, and the loading for processing the packets for the host can be reduced. It should be noted that the method utilizing a flow table, a meter, and a counter under OpenFlow protocol effectively detects the status of the host. The SDN can be more stable since the loading of the processor can be reduced.
It is intended that the specification and depicted embodiments be considered exemplary only, with a true scope of the invention being determined by the broad meaning of the following claims.
The foregoing description of the exemplary embodiments of the disclosure has been presented only for the purposes of illustration and description and is not intended to be exhaustive or to limit the disclosure to the precise forms disclosed. Many modifications and variations are possible in light of the above description.
The embodiments were chosen and described in order to explain the principles of the disclosure and their practical application so as to enable others skilled in the art to utilize the disclosure and various embodiments and with various modifications as are suited to the particular use contemplated. Alternative embodiments will become apparent to those skilled in the art to which the present disclosure pertains without departing from its spirit and scope.
| Number | Date | Country | Kind |
|---|---|---|---|
| 107103843 | Feb 2018 | TW | national |
