This application is based upon and claims the benefit of priority of Japanese Patent Application No. 2010-068900, filed on Mar. 24, 2010, the disclosure of which is incorporated herein in its entirety by reference thereto.
The present invention relates to an information system, a control device, a method of managing a virtual network, and a program, and in particular relates to an information system, a control server, a method of managing a virtual network, and a program, that provide a virtual network.
Attention is being focused on the concept of a programmable flow switch by which flow control functions (control planes) implemented in network equipment, such as a switch router, are separated, and a control server performs integrated control of a network including the flow control functions, computers and storage.
Technology known as OpenFlow is proposed as a programmable flow switch, as disclosed in Non-Patent Literatures 1 and 2. In OpenFlow, communication is taken as end-to-end flow, and path control, recovery from failure, load balancing, and optimization are performed in flow units. An OpenFlow switch functioning as a forwarding node operates in accordance with a flow table for which appropriate addition or rewriting is prescribed by the OpenFlow controller, via a secure channel for communication with the OpenFlow controller. In the flow table are definitions of sets of rules (FlowKey, matching key) that refer to packet headers, actions (Actions) defining processing content, and flow statistical information (Stats), for each flow (refer to
For example, on receiving a first packet, the OpenFlow switch searches for an entry having a rule (FlowKey) that matches header information of the received packet, from the flow table. As a result of the search, in a case where an entry matching the received packet is found, the OpenFlow switch implements processing content described in an action field of the entry in question, with regard to the received packet. On the other hand, as a result of the search, in a case where an entry matching the received packet is not found, the OpenFlow switch transmits the received packet to an OpenFlow controller via the secure channel, requests determination of a packet path based on source and destination of the received packet, receives a flow entry realizing this, and updates the flow table.
“OpenFlow Switch Specification” Version 0.9.0 (Wire Protocol 0x98) [search conducted Feb. 26, 2010] Internet URL: <http://www.openflowswitch.org/documents/openflow-spec-v0.9.0.pdf>
The entire disclosures of the abovementioned Non-Patent Literatures 1 and 2 are incorporated herein by reference thereto. The following analysis is given according to the present inventors. Using the technology described in the abovementioned Non-Patent Literatures 1 and 2, by setting flow entries where forwarding nodes 20 to 24 shown in the lower part of
However, in the technology described in the abovementioned Non-Patent Literatures 1 and 2, even if a state change such as a failure in some of the forwarding nodes is detected, there is a problem in that this stops at modification of actual physical topology and re-setting of an accompanying flow entry, and it is not possible to identify which virtual network will be affected thereafter. For example, in a case where a link between forwarding node 22 and forwarding node 23 in the lower part of
Furthermore, consideration may be given to a method of identifying a failure or the like in a virtual network by periodically generating flow in the virtual network, but there is a problem in that this method not only causes extra flow entries to be held in respective forwarding nodes, but also increases load.
The present invention has been made in view of the abovementioned situation, and the invention provides an information system, a control device, a method of managing a virtual network, and a program, whereby it is possible to identify a virtual network affected by a change in the state of a forwarding node, without causing flow in the virtual network.
According to a first aspect of the present invention there is provided an information system, comprising: a plurality of forwarding nodes provided with a packet processing unit that performs processing of a received packet using a processing rule conforming to the received packet; and a control device that causes the plurality of forwarding nodes to operate as a virtual network by setting a processing rule in the forwarding nodes. The control device comprises: a virtual network path information storage unit that stores a correspondence relationship between the virtual network and a forwarding path configured by the forwarding nodes; and a virtual network control unit that identifies a virtual network that is affected by a change in a state of any forwarding node among the plurality of forwarding nodes, by referring to the virtual network path information storage unit.
According to a second aspect of the present invention there is provided a control device, connected to a plurality of forwarding nodes provided with a packet processing unit that performs processing of a received packet using a processing rule conforming to the received packet. The control device comprises: a virtual network control unit that causes the plurality of forwarding nodes to operate as a virtual network, by setting a processing rule in the forwarding nodes; and a virtual network path information storage unit that stores a correspondence relationship between a forwarding path configured by the forwarding nodes and the virtual network; wherein a virtual network that is affected by a change in a state of any forwarding node among the plurality of forwarding nodes is identified by referring to the virtual network path information storage unit.
According to a third aspect of the present invention there is provided a method of managing a virtual network, wherein a control device, connected to a plurality of forwarding nodes having a packet processing unit that performs processing of a received packet using a processing rule conforming to the received packet, and having a virtual network path information storage unit that stores a correspondence relationship between a virtual network realized by setting a processing rule in the forwarding nodes and a forwarding path configured by the forwarding nodes. The control device comprises performing: a step of receiving a notification of a change in a state of a forwarding node in question from any forwarding node among the plurality of forwarding nodes, and a step of identifying a virtual network that is affected by a change in a state of the forwarding node, by referring to the virtual network path information storage unit. The present method is linked to a specific apparatus known as a control device, which sets a processing rule in accordance with a request from a forwarding node.
According to a fourth aspect of the present invention there is provided a program, that executes on a computer configuring a control device. The control device is connected to a plurality of forwarding nodes provided with a packet processing unit that performs processing of a received packet using a processing rule conforming to the received packet; and the control device comprises a virtual network path information storage unit that stores a correspondence relationship of a virtual network realized by setting a processing rule in the forwarding nodes and a forwarding path configured by the forwarding nodes, the program executing: a process of receiving a notification of a change in a state of a forwarding node in question from any forwarding node among the plurality of forwarding nodes; and a process of identifying a virtual network that is affected by a change in a state of the forwarding node, by referring to the virtual network path information storage unit. It is to be noted that the program can be recorded on a computer readable storage medium. That is, the present invention can be embodied as a computer program product.
According to the present invention, it is possible to identify a virtual network affected by a change in the state of a forwarding node, without causing flow in the virtual network. A reason for this is that the invention is configured so that the control device stores correspondence relationships between the virtual network and forwarding paths configured by the forwarding nodes, to enable identification of a virtual network that is affected, through notification of a change in a state from a forwarding node.
First a description is given of an outline of the present invention. Drawing reference symbols attached to this outline, as below, are examples solely for aiding understanding, and are not are intended to limit the invention to modes of the drawings shown. An information system according to the present invention, as shown in
The control device (30 in
In a case of receiving notification that a failure has occurred in a link with another forwarding node (for example, 23 in
Next, a detailed description is given concerning a first exemplary embodiment of the present invention, making reference to the drawings.
The message processing unit 201 gives notification of the state of its own device to the control device 30, at arbitrary timing such as when a request is received from the control device 30.
It is to be noted that the forwarding nodes 20 to 24 described above can also be realized by an OpenFlow switch as in Non-Patent Literatures 1 and 2.
A virtual network configuration information storage unit 311, a virtual network identification information storage unit 312, a virtual network path information storage unit 313, a physical topology information storage unit 314, a forwarding path information storage unit 315, and a forwarding node information storage unit 316 are provided in the storage device 31 of the control device 30.
The virtual network configuration information storage unit 311 is configured by a table or the like, which describes connection relationships between nodes (virtual nodes) in a virtual network. This type of virtual network configuration information storage unit 311 can be realized, for example, by a table storing connection relationships (connection relationships of virtual interfaces) between a virtual router 10, a virtual load balancer 11, a virtual L2 switch 12, and servers 13 and 14, in a virtual network in the upper part of
The virtual network identification information storage unit 312 is configured by a table that stores which physical interfaces of which forwarding node, among the forwarding nodes 20 to 24, are correspondent with virtual nodes and their virtual interfaces of each of the abovementioned virtual networks.
The virtual network path information storage unit 313 is configured by a table or the like, which associates forwarding paths according to the forwarding nodes 20 to 24, with respect to all combinations of virtual nodes connected to an external network or servers #1 and #2, in the virtual networks.
It is to be noted that a correspondence relationship of a forwarding path according to forwarding nodes 20 to 24, with a path in the abovementioned virtual network can be acquired by a method of referring to the virtual network identification information storage unit 312 to obtain information of physical nodes respectively corresponding to virtual nodes that are end points of the virtual network, and pass the physical node information thereof to the path control unit 302, to obtain information of a path created using the forwarding nodes 20 to 24.
The physical topology information storage unit 314 is configured by a table or the like, which represents connection relationships (network topology/physical topology information) of the forwarding nodes 20 to 24.
The forwarding path information storage unit 315 is realized by a table or the like, which stores path information created using physical topology information stored in the physical topology information storage unit 314,
For example, path 1 is a path of a packet having physical port #1 of the forwarding node 20 and physical port #3 of the forwarding node 23 as end points, and a packet inputted from the physical port #1 of the forwarding node 20 is outputted from the physical port #3 of the forwarding node 20, and inputted to the physical port #1 of the forwarding node 22. Below, forwarding takes place between forwarding nodes in the same way, and after being inputted to the physical port #2 of the forwarding node 23, a packet is finally outputted from physical port #3 of the forwarding node 23.
It is to be noted that in the present exemplary embodiment, the path information stored in the forwarding path information storage unit 315 is stored as long as forwarding node and physical port of an end node information field are present in the physical topology information storage unit 314. It is also possible to use a mode in which this path information is stored as a cache for a prescribed time only.
The forwarding node information storage unit 316 is realized by a table or the like, which stores a configuration and state information of each of the forwarding nodes 20 to 24.
The virtual network control unit 301 receives configuration change requests for a virtual network, in addition to providing virtual network configuration information to a user or manager of a virtual network, based on the virtual network configuration information storage unit 311.
The virtual network control unit 301 refers to the virtual network identification information storage unit 312 to obtain path information according to the forwarding nodes 20 to 24, corresponding to paths between virtual nodes that are end points of the virtual network, and to register the path information in the virtual network path information storage unit 313. Furthermore, on receiving notification that a change has occurred in a forwarding path from the path control unit 302, the virtual network control unit 301 searches in a table of the virtual network path information storage unit 313 and identifies a virtual network that is affected.
The path control unit 302 refers to physical network topology information stored in the physical topology information storage unit 314, calculates a forwarding path between any two forwarding nodes, and stores this in the forwarding path information storage unit 315.
On receiving notification (a state change notification) that the state of a forwarding node has changed, from the forwarding node control unit 303, the path control unit 302 updates the physical network topology information of the physical topology information storage unit 314. The path control unit 302 re-calculates a forwarding path for forwarding the packet to a destination, based on the updated physical network topology information, and stores this in the forwarding path information storage unit 315.
It is to be noted that in the present exemplary embodiment, with regard to the calculation of the respective forwarding paths, a shortest hop forwarding path is calculated using Dijkstra's method or the like. Therefore, according to the state change notification from a forwarding node, when a change occurs in the physical network topology information, a change may occur in a forwarding path. In this case, the path control unit 302 gives a notification that a change has occurred in a forwarding path to the virtual network control unit 301.
On receiving a forwarding path from the path control unit 302, the forwarding node control unit 303 refers to the forwarding node information storage unit 316, creates a flow entry (processing rule) implementing a created forwarding path, and sets (transmits) this with respect to the forwarding nodes 20 to 24.
The forwarding node control unit 303 receives configuration information and state information of forwarding nodes and physical ports thereof, from the forwarding nodes 20 to 24, stores these in the forwarding node information storage unit 316, and gives notification to the path control unit 302. For example, on receiving a link down notification with regard to a physical port from a forwarding node, the forwarding node control unit 303 gives notification that there is a link down with regard to the physical port of the forwarding node in question, to the path forwarding unit 302. In this way, the forwarding node control unit 303 is provided with a function to detect the occurrence of a failure of the forwarding nodes 20 to 24 and a recovery therefrom, and to give notification to the path control unit 302.
It is to be noted that the control device 30 as described above can also be realized by a configuration in which the abovementioned respective functions are added to the OpenFlow controller of Non-Patent Literatures 1 and 2.
Furthermore, respective parts (processing means) of the control device 30 shown in
Next, a detailed description is given concerning operation of the present exemplary embodiment, making reference to the drawings.
Here, a description is given where a failure has occurred in a link between the forwarding node 22 and the forwarding node 23 in the lower part of
The forwarding node control unit 303 of the control device 30, which has received the notification, updates the physical node information stored in the forwarding node information storage unit 316 based on the received notification of the state change of the forwarding node, and forwards the notification of the state change of the forwarding node to the path control unit 302 (step S002).
As a result of the updating, the state of the physical port #2 of the forwarding node information storage unit 316 is updated to a down state.
The forwarding control unit 302 updates the physical topology information stored in the physical topology information storage unit 314 based on the received notification of the state change of the forwarding node. Moreover, the path control unit 302 performs path re-calculation of a path affected by the updating of the physical topology information based on the updated physical topology information, and updates the path information stored in the forwarding path information storage unit 315.
The path that has been affected can be identified by searching for a path including a forwarding node where there has been a state change and its physical port, from a relay node information field in path information (
In a case where it has not been possible to re-calculate a path for the path that is affected by the updating of the physical topology information, and in a case where, as a result of the re-calculation, a change has occurred in a path, the path control unit 302 gives notification of path information that has changed, to the virtual network control unit 301 (step S003).
For example, with regard to path 1 (broken line) and path 3 (dotted line) of
Furthermore, as a result of performing a path re-calculation for path 1 (broken line) and path 3 (dotted line) of
The virtual network control unit 301 that receives the notification refers to a table (
In a description with the virtual network configuration shown in
Furthermore, the virtual network control unit 301 updates virtual port and virtual node states in virtual network configuration information stored in the virtual network configuration information storage unit 311 (step S005). For example, in a case where path 1 and path 3 fail due to a port link down in physical port #2 of the forwarding node 22 described above, and it is not possible to calculate an alternative path, it is possible to make a presentation to the user, using content of the virtual network configuration information storage unit 311 that has been updated, as shown in the upper part of
As described above, according to the present exemplary embodiment, it is possible to identify the virtual network that is affected by a failure occurring in the physical network, and furthermore to identify which link between forwarding nodes is affected within the virtual network, and to present this to the user.
A reason for this is that the configuration is such as to provide the virtual network path information storage unit that stores correspondence relationships between forwarding paths configured by forwarding nodes and a virtual network provided by the forwarding paths, and to enable identification of failure and recovery in the virtual network, without actually waiting for packet forwarding.
In the present exemplary embodiment, there is an advantage in that high speed processing is possible in comparison to a method of identifying a failure in the virtual network by the occurrence of a communication failure by transmitting a test packet or the like based on the virtual network. A reason for this is that a configuration is used where it is possible to identify the virtual network by searching for a path based on physical topology, rather than by transmitting a large amount of test packets and identifying the virtual network.
Next, a description is given concerning a second exemplary embodiment of the present invention, which can be implemented with a configuration approximately the same as the first exemplary embodiment. In the first exemplary embodiment a description was given in which forwarding paths according to forwarding nodes 20 to 24 are associated with respective paths combining virtual nodes that are end points in a virtual network, to be stored in a virtual network path information storage unit 313 of a control device 30 of
In a case where there is no longer communication using a path in the virtual network (communication has been completed) or a timeout has occurred due to the elapse of a certain fixed time, the virtual network control unit 301 in the present exemplary embodiment deletes path information corresponding to the completed communication and virtual network path information, from the virtual network path information storage unit 313.
As described above, in the second exemplary embodiment of the invention, in a case where a path in the virtual network is not used, there may be a case where it is not possible to identify a virtual network that is affected by a change in the state of a forwarding node, but it is possible to speed up processing to specify a virtual network because there are less entries held in the virtual network path information storage unit 313.
Next, a description is given concerning a third exemplary embodiment of the present invention, in which a modification is added to a configuration of a control device 30 of the first exemplary embodiment.
The control device 30a of
A description has been given above of preferable exemplary embodiments of the present invention, but the present invention is not limited to the abovementioned exemplary embodiments, and further modifications, substitutions and adjustments can be added, within a scope that does not depart from fundamental technological concepts of the invention.
For example, in the abovementioned exemplary embodiments a description was given where the virtual network path information storage unit 313 and the forwarding path information storage unit 315 are each separated, but it is also possible to use a configuration where the two are merged.
In the abovementioned exemplary embodiments a description was given where one virtual network having paths 1 to 3, shown as an example in
In addition, although a description was omitted in the abovementioned first exemplary embodiment, as a result of performing a re-calculation of a path affected by a change in the state of a forwarding node, in a case where it was possible to calculate an alternative path, this fact can be reflected in a virtual network configuration information storage unit 311, and to give notification to the user of the fact that a switch has been made to the alternative path in question, and of an effect due to switching to the alternative path.
It is to be noted that each disclosure of the abovementioned non-patent literatures is incorporated herein by reference. Modifications and adjustments of exemplary embodiments are possible within the bounds of the entire disclosure (including the scope of the claims) of the present invention, and also based on fundamental technological concepts thereof. Furthermore, a wide variety of combinations and selections of various disclosed elements is possible within the scope of the claims of the present invention. That is, the present invention clearly includes every type of transformation and modification that a person skilled in the art can realize according to the entire disclosure including the scope of the claims and to technological concepts thereof.
Finally, preferred modes of the present invention are summarized.
(Refer to the information system according to the first aspect described above.)
With respect to the information system according to the first mode, an information system, wherein the control device further comprises a forwarding path information storage unit that stores a connection relationship of a physical interface of each forwarding node in a forwarding path configured by the forwarding nodes; and the virtual network control unit retrieves a forwarding path including a physical interface of a forwarding node where a change in a state has occurred, by referring to the forwarding path information storage unit, and identifies a virtual network corresponding to the retrieved forwarding path, by referring to the virtual network path information storage unit.
With respect to the information system according to the first or second mode, an information system wherein the control device further comprises a physical topology information storage unit that stores physical topology information representing connection relationships of the forwarding nodes; and a path control unit that calculates a path between any forwarding nodes, by referring to the physical topology information; and wherein the path control unit updates the physical topology information based on content of a change in a state received from the forwarding nodes, in addition to re-calculating a forwarding path configured by the forwarding nodes based on the physical topology information after updating, and as a result of the re-calculation, in a case where a change has occurred in a forwarding path configured by the forwarding nodes, causes the virtual network control unit to identify the virtual network.
With respect to the information system according to the third mode, an information system wherein the control device further comprises a virtual network identification information storage unit that associates the plurality of forwarding nodes and physical interfaces thereof, and virtual nodes in a virtual network and virtual interfaces thereof; and the virtual network control unit refers to the virtual network identification information storage unit when communication occurs in the virtual network, to obtain forwarding nodes corresponding to a start point and an end point of the communication, and physical interfaces thereof, respectively; and a path created using the forwarding nodes corresponding to the start point and the end point of the communication and the physical interfaces thereof is associated with the virtual network in which the communication has occurred, to be registered in the virtual network path information storage unit.
With respect to the information system according to the first to fourth modes, an information system wherein the virtual network control unit deletes an entry in question from the virtual network path information storage unit, at an occasion when communication is completed or when a prescribed time has elapsed.
With respect to the information system according to the first to fifth modes, an information system device, wherein a correspondence relationship between a path in a virtual network and a forwarding path configured by the forwarding nodes is stored in the virtual network path information storage unit, and the virtual network control unit identifies a path in a virtual network that is affected by a change in a state of a forwarding node.
(Refer to the control device according to the second aspect described above.)
With respect to the control device according to the seventh mode, a control device further comprising a forwarding path information storage unit that stores connection relationships of physical interfaces of respective forwarding nodes in a forwarding path configured by the forwarding nodes; wherein a forwarding path including a physical interface of a forwarding node in which a change in a state has occurred is retrieved by referring to the forwarding path information storage unit, and a virtual network corresponding to the retrieved forwarding path is identified by referring to the virtual network path information storage unit.
With respect to the control device according to the seventh or eighth mode, a control device further comprising: a physical topology information storage unit that stores physical topology information representing connection relationships of the forwarding nodes; and a path control unit that calculates a path between any forwarding nodes by referring to the physical topology information; wherein the path control unit updates the physical topology information based on content of a change in a state received from the forwarding nodes, in addition to re-calculating a forwarding path configured by the forwarding nodes based on the physical topology information after updating, and as a result of the re-calculation, in a case where a change has occurred in a forwarding path configured by the forwarding nodes, causes the virtual network control unit to identify the virtual network.
With respect to the control device according to the ninth mode, a control device further comprising: a virtual network identification information storage unit that associates the plurality of forwarding nodes and physical interfaces thereof, and virtual nodes in a virtual network and virtual interfaces thereof; wherein the virtual network control unit refers to the virtual network identification information storage unit when communication occurs in the virtual network, to obtain forwarding nodes corresponding to a start point and an end point of the communication, and physical interfaces thereof, respectively; and a path created using the forwarding nodes corresponding to the start point and the end point of the communication and the physical interfaces thereof is associated with the virtual network in which the communication has occurred, to be registered in the virtual network path information storage unit.
With respect to the control device according to the seventh to tenth modes, a control device wherein the virtual network control unit deletes an entry in question from the virtual network path information storage unit, at an occasion when communication is completed or when a prescribed time has elapsed.
With respect to the control device according to the seventh to eleventh modes, a control device wherein a correspondence relationship between a path in a virtual network and a forwarding path configured by the forwarding nodes is stored in the virtual network path information storage unit, and the virtual network control unit identifies a path in a virtual network that is affected by a change in a state of a forwarding node.
(Refer to the method of managing a virtual network according to the third aspect described above.)
With respect to the method of managing a virtual network according to the thirteenth mode, a method of managing a virtual network further including a step where the control device retrieves a forwarding path including a physical interface of a forwarding node in which a change in a state has occurred, by referring to a forwarding path information storage unit that stores connection relationships of physical interfaces of respective forwarding nodes in a forwarding path configured by the forwarding nodes, wherein a virtual network corresponding to the retrieved forwarding path is identified.
With respect to the method of managing a virtual network according to the thirteenth or fourteenth mode, a method of managing a virtual network further including steps where the control device updates physical topology information representing connection relationships of the forwarding nodes stored in a prescribed storage device, based on content of a change in a state received from the forwarding nodes, and re-calculates a forwarding path configured by the forwarding nodes based on the physical topology information after updating, wherein as a result of the re-calculation, in a case where a change has occurred in a forwarding path configured by the forwarding nodes, a virtual network that is affected by a change in a state of the forwarding node is identified.
With respect to the method of managing a virtual network according to the thirteenth to fifteenth modes, a method of managing a virtual network including steps wherein, when communication in the virtual network has occurred, the control device respectively obtains forwarding nodes corresponding to a start point and an end point of the communication and physical interfaces thereof, by referring to correspondence relationships of the plurality of forwarding nodes stored in a prescribed storage unit and physical interfaces thereof, and virtual nodes in a virtual network and virtual interfaces thereof; creates a path using the forwarding nodes corresponding to the start point and the end point of the communication and the physical interfaces thereof; and associates the created path with the virtual network where the communication has occurred, to be registered in the virtual network path information storage unit.
With respect to the method of managing a virtual network according to the thirteenth to sixteenth modes, a method of managing a virtual network further including a step of deleting an entry in question from the virtual network path information storage unit, at an occasion when the communication is completed or a prescribed time has elapsed.
With respect to the method of managing a virtual network according to the thirteenth to seventeenth modes, a method of managing a virtual network wherein a correspondence relationship of a path in the virtual network and a forwarding path configured by the forwarding nodes is stored in the virtual network path information storage unit, and a path in the virtual network is identified in addition to a virtual network that is affected by a change in a state of a forwarding node.
(Refer to the program according to the fourth aspect described above.)
Number | Date | Country | Kind |
---|---|---|---|
2010-068900 | Mar 2010 | JP | national |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/JP2011/056842 | 3/22/2011 | WO | 00 | 9/12/2012 |