-
公开(公告)号:US09887912B2
公开(公告)日:2018-02-06
申请号:US15198268
申请日:2016-06-30
发明人: Qiang Feng , Weifeng Shen , Xiuchu Zhao
IPC分类号: H04L12/721 , H04L12/741 , H04L29/06
CPC分类号: H04L45/38 , H04L45/745 , H04L69/22
摘要: The present disclosure discloses a flow table matching method and apparatus and an OpenFlow switching system to implement matching of any field in any data flow without changing existing hardware logic or a standard protocol. The method includes: receiving a jump instruction and a match instruction that are delivered by a controller for a first flow table; creating a first flow entry in the first flow table; receiving a flow mode message delivered by the controller for a second flow table; and creating a second flow entry in the second flow table. The present disclosure lays a foundation for implementing really flexible and programmable software-defined networking, assists a network service operator in reducing capital expenditures and operation expenditures, and enables a traditional IP network to have more flexible network abstraction and management capabilities for a real-time service.
-
公开(公告)号:US10382457B2
公开(公告)日:2019-08-13
申请号:US15363047
申请日:2016-11-29
发明人: Laijun Zhong , Xiuchu Zhao , Kai Qi
IPC分类号: H04L29/06 , H04L12/717 , H04L12/721 , H04L12/755 , H04L12/801 , H04L12/823
摘要: An attack stream identification method, apparatus, and device on a software defined network is presented, where an invalid stream filter table is stored in a switch, and the method includes the steps of the switch receives a data packet of a data stream and searches, according to a characteristic value of the data packet, the invalid stream filter table for a state field of a filter entry; when the state field is a suspected attack stream state or a non-attack stream state, the switch sends a report message to a controller, determines a rate value for sending the report message to the controller, and fills the rate value in a rate field of the filter entry; and when the rate value is greater than a preset rate threshold, the switch changes the state field of the filter entry to an attack stream state.
-
3.发明申请公开(公告)号:US20160308759A1
公开(公告)日:2016-10-20
申请号:US15198268
申请日:2016-06-30
发明人: Qiang FENG , Weifeng Shen , Xiuchu Zhao
IPC分类号: H04L12/721 , H04L29/06 , H04L12/741
CPC分类号: H04L45/38 , H04L45/745 , H04L69/22
摘要: The present disclosure discloses a flow table matching method and apparatus and an OpenFlow switching system to implement matching of any field in any data flow without changing existing hardware logic or a standard protocol. The method includes: receiving a jump instruction and a match instruction that are delivered by a controller for a first flow table; creating a first flow entry in the first flow table; receiving a flow mode message delivered by the controller for a second flow table; and creating a second flow entry in the second flow table. The present disclosure lays a foundation for implementing really flexible and programmable software-defined networking, assists a network service operator in reducing capital expenditures and operation expenditures, and enables a traditional IP network to have more flexible network abstraction and management capabilities for a real-time service.
摘要翻译: 本公开公开了一种流表匹配方法和装置以及OpenFlow交换系统,用于实现任何数据流中的任何字段的匹配,而不改变现有的硬件逻辑或标准协议。 该方法包括:接收由控制器为第一流表传送的跳转指令和匹配指令; 在第一流表中创建第一流入口; 接收控制器为第二流表传送的流模式消息; 以及在第二流表中创建第二流条目。 本披露为实施真正灵活可编程的软件定义网络奠定了基础,帮助网络服务运营商减少资本支出和运营支出,并使传统IP网络实现更灵活的网络抽象和管理功能 服务。
-
公开(公告)号:US10148596B2
公开(公告)日:2018-12-04
申请号:US15274511
申请日:2016-09-23
发明人: Weifeng Shen , Xiuchu Zhao , Xiaobo Zhang
IPC分类号: H04L12/935 , H04L12/741 , H04L12/26 , H04L12/64 , H04L12/24
摘要: A data flow statistics collection method, a switch, and a controller. The data flow statistics collection method includes recording first identification information and second identification information in the first flow entry if a part of fields in a data packet match a flow entry and the flow entry is the last flow entry corresponding to the to-be-counted flow object, where the first identification information identifies that the first part of fields match the first flow entry and the second identification information identifies that at least one second part of fields in the data packet respectively match a second flow entry in at least one second flow table. The data flow statistics collection method also includes performing, in the first flow entry, statistics collection on the to-be-counted flow object, and recording statistical information of the to-be-counted flow object. In this way, statistics collection on the to-be-counted flow object is implemented.
-
公开(公告)号:US10009252B2
公开(公告)日:2018-06-26
申请号:US15166954
申请日:2016-05-27
发明人: Hongkuan Liu , Weifeng Shen , Xiuchu Zhao
IPC分类号: H04L12/751 , H04L12/64 , H04L12/721 , H04L12/741 , H04L12/715 , H04L12/717
摘要: A flow entry delivery method and a communication system are provided. The communication system includes a controller and N switches. After receiving a packet-in message sent by a source switch, the controller determines a forwarding path for forwarding to-be-forwarded data. Then, the controller generates a corresponding flow entry for each of the N switches in the forwarding path separately, and generates a corresponding control instruction for each of other N−1 switches except the source switch in the forwarding path separately. After encapsulating the generated N flow entries and N−1 control instructions into the Nth command packet, the controller sends the Nth command packet to the Nth switch of the N switches, so that the Nth switch transmits the N flow entries in the forwarding path according to the Nth control instruction in the Nth command packet.
-
6.发明申请Attack Stream Identification Method, Apparatus, and Device on Software Defined Network 审中-公开攻击流识别方法,设备和软件定义网络设备公开(公告)号:US20170078313A1
公开(公告)日:2017-03-16
申请号:US15363047
申请日:2016-11-29
发明人: Laijun Zhong , Xiuchu Zhao , Kai Qi
IPC分类号: H04L29/06
CPC分类号: H04L63/1416 , H04L29/06 , H04L45/021 , H04L45/38 , H04L45/42 , H04L47/29 , H04L47/32 , H04L63/0245
摘要: An attack stream identification method, apparatus, and device on a software defined network is presented, where an invalid stream filter table is stored in a switch, and the method includes the steps of the switch receives a data packet of a data stream and searches, according to a characteristic value of the data packet, the invalid stream filter table for a state field of a filter entry; when the state field is a suspected attack stream state or a non-attack stream state, the switch sends a report message to a controller, determines a rate value for sending the report message to the controller, and fills the rate value in a rate field of the filter entry; and when the rate value is greater than a preset rate threshold, the switch changes the state field of the filter entry to an attack stream state.
摘要翻译: 本发明提供了一种软件定义网络上的攻击流识别方法,装置和设备,其中无线流过滤表存储在交换机中,该方法包括交换机接收数据流的数据包并进行搜索的步骤, 根据数据分组的特征值,滤波器条目的状态字段的无效流过滤表; 当状态字段是可疑的攻击流状态或非攻击流状态时,交换机向控制器发送报告消息,确定用于向控制器发送报告消息的速率值,并在速率字段中填充速率值 的过滤条目; 并且当速率值大于预设速率阈值时,交换机将过滤器条目的状态字段改变为攻击流状态。
-
公开(公告)号:US10171355B2
公开(公告)日:2019-01-01
申请号:US15376206
申请日:2016-12-12
发明人: Jiao Wang , Xiuchu Zhao
IPC分类号: H04L12/28 , H04L12/721 , H04L12/751 , H04L12/715 , H04L12/717
摘要: A data packet sending method and apparatus. The method includes: sending a policy request message that carries header information of a data packet to one or more controllers when a forwarding table of a first switch does not have a forwarding entry that matches the header information of the data packet; receiving a policy response message sent by a controller, where the policy response message includes a controller-determined forwarding path; selecting a forwarding path from received controller-determined forwarding paths; informing the selected forwarding path to a second switch on the selected forwarding path to forward the data packet after receiving the data packet, where the second switch is a switch besides the first switch on the selected forwarding path; and forwarding the data packet according to the selected forwarding path.
-
公开(公告)号:US20180102978A1
公开(公告)日:2018-04-12
申请号:US15821620
申请日:2017-11-22
发明人: Weifeng Shen , Xiuchu Zhao , Fengwei Zhang
IPC分类号: H04L12/805 , H04L12/931 , H04L29/08 , H04Q11/00
CPC分类号: H04L47/36 , H04L12/4633 , H04L12/4641 , H04L43/16 , H04L49/60 , H04L67/1097 , H04L69/14 , H04L69/321 , H04L2212/00 , H04Q11/0003 , H04Q11/0066 , H04Q2011/0073
摘要: The present disclosure relates to a data transmission method and apparatus in an optoelectronic hybrid network. The method is: receiving an RDMA transmission request, and determining an RDMA transmission type and a to-be-transmitted data volume for data transmission according to the RDMA transmission request; determining a preset encapsulation format corresponding to the RDMA transmission type for data transmission and the to-be-transmitted data volume for data transmission; receiving to-be-transmitted data and encapsulating the to-be-transmitted data into a to-be-transmitted data packet of the determined preset encapsulation format; selecting a switching link for data transmission from an optical switching link and an electrical switching link according to a size of the to-be-transmitted data packet; and sending the to-be-transmitted data packet to a peer end based on the selected switching link for data transmission. Therefore, a proper switching link can be selected each time RDMA transmission for data transmission is performed.
-
公开(公告)号:US20170012902A1
公开(公告)日:2017-01-12
申请号:US15274511
申请日:2016-09-23
发明人: Weifeng Shen , Xiuchu Zhao , Xiaobo Zhang
IPC分类号: H04L12/935 , H04L12/24 , H04L12/64 , H04L12/741
CPC分类号: H04L49/3009 , H04L12/6418 , H04L41/142 , H04L43/026 , H04L45/54 , H04L45/745
摘要: A data flow statistics collection method, a switch, and a controller. The data flow statistics collection method includes recording first identification information and second identification information in the first flow entry if a part of fields in a data packet match a flow entry and the flow entry is the last flow entry corresponding to the to-be-counted flow object, where the first identification information identifies that the first part of fields match the first flow entry and the second identification information identifies that at least one second part of fields in the data packet respectively match a second flow entry in at least one second flow table. The data flow statistics collection method also includes performing, in the first flow entry, statistics collection on the to-be-counted flow object, and recording statistical information of the to-be-counted flow object. In this way, statistics collection on the to-be-counted flow object is implemented.
摘要翻译: 数据流统计收集方法,交换机和控制器。 数据流统计收集方法包括:如果数据分组中的一部分字段与流条目相匹配,则记录第一流条目中的第一标识信息和第二标识信息,并且流条目是对应于待计数的最后流条目 流对象,其中所述第一标识信息识别所述第一部分字段与所述第一流条目匹配,并且所述第二标识信息标识所述数据包中的字段的至少一个第二部分分别与至少一个第二流中的第二流条目匹配 表。 数据流统计收集方法还包括在第一流条目中执行待计数流对象的统计收集,以及记录待计数流对象的统计信息。 以这种方式,实现了要计数的流对象的统计数据收集。
-
公开(公告)号:US20160277280A1
公开(公告)日:2016-09-22
申请号:US15166954
申请日:2016-05-27
发明人: HONGKUAN LIU , Weifeng Shen , Xiuchu Zhao
IPC分类号: H04L12/751 , H04L12/741 , H04L12/721
摘要: A flow entry delivery method and a communication system are provided. The communication system includes a controller and N switches. After receiving a packet-in message sent by a source switch, the controller determines a forwarding path for forwarding to-be-forwarded data. Then, the controller generates a corresponding flow entry for each of the N switches in the forwarding path separately, and generates a corresponding control instruction for each of other N−1 switches except the source switch in the forwarding path separately. After encapsulating the generated N flow entries and N−1 control instructions into the Nth command packet, the controller sends the Nth command packet to the Nth switch of the N switches, so that the Nth switch transmits the N flow entries in the forwarding path according to the Nth control instruction in the Nth command packet.
摘要翻译: 提供流入口传送方法和通信系统。 通信系统包括控制器和N个开关。 控制器收到源交换机发送的报文消息后,确定转发转发数据的转发路径。 然后,控制器分别为转发路径中的每个N个交换机生成相应的流入口,并分别为转发路径中的源交换机之外的其他N-1个交换机生成相应的控制指令。 将生成的N个流入口和N-1个控制指令封装到第N个命令包中后,控制器向N个交换机的第N个交换机发送第N个命令数据包,从而第N个交换机按照 到第N个命令包中的第N个控制指令。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.02 秒)
