[go: up one dir, main page]

WO2018210052A1 - Method for controlling flow, network element device, and storage medium - Google Patents

Method for controlling flow, network element device, and storage medium Download PDF

Info

Publication number
WO2018210052A1
WO2018210052A1 PCT/CN2018/079687 CN2018079687W WO2018210052A1 WO 2018210052 A1 WO2018210052 A1 WO 2018210052A1 CN 2018079687 W CN2018079687 W CN 2018079687W WO 2018210052 A1 WO2018210052 A1 WO 2018210052A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
control
action
network element
execution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2018/079687
Other languages
French (fr)
Chinese (zh)
Inventor
李振强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Research Institute of China Mobile Communication Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Research Institute of China Mobile Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, Research Institute of China Mobile Communication Co Ltd filed Critical China Mobile Communications Group Co Ltd
Publication of WO2018210052A1 publication Critical patent/WO2018210052A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/06Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present disclosure relates to the field of communications technologies, and in particular, to a method for controlling traffic, a network element device, and a storage medium.
  • the FlowSpec (Flow Specifications) message is used to indicate that the network element matches the traffic and controls the matched traffic, such as BGP FlowSpec (BGP Flow Specifications, BGP (Border Gateway Protocol) flow specification).
  • BGP FlowSpec BGP Flow Specifications, BGP (Border Gateway Protocol) flow specification.
  • the message defines a new NLRI (Network Layer Reachability Information) for BGP, so that the BGP FlowSpec message can pass the NLRI Distribute Traffic Flow Specifications information to implement DoS (Denial of Service, denial of service, or DDS (Distributed Denial of Service) attack traffic is limited, or certain traffic is controlled by a specific DSCP (Differentiated Services Code Point) tag.
  • the matching rule of the traffic is encapsulated in the NLRI, and the action required to match the rule is encapsulated in the extended community attribute (Extended Community), and then the matching rule is used to determine the traffic to be controlled, and The flow performs the corresponding action to achieve control of the flow. Seven actions are defined in the current specification, as shown in Table 1.
  • the BGP Community Container defines a new encoding format with the ability to express, carry and execute operator-defined parameter sets, and it also extends the Extended Community attribute in the BGP FlowSpec (Extended Community).
  • a platform is provided.
  • the network element cannot periodically perform traffic control according to a single BGP FlowSpec message, that is, it cannot perform periodic actions on the traffic, and can only re-release the FlowSpec message to the network element when each cycle arrives or needs to perform an action.
  • the number and difficulty of sending FlowSpec messages are not conducive to the periodic control of traffic.
  • the network element cannot periodically control the traffic according to a FlowSpec message, and cannot meet the requirements of the periodic execution action.
  • Embodiments of the present disclosure provide a method, a network element device, and a storage medium for controlling traffic.
  • the first network element places the control object information, the control mode information, and the control period information in a FlowSpec message;
  • the first network element sends a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.
  • the first network element places the control period information in the attribute domain of the FlowSpec message.
  • the first network element places the control period information in the BGP Community Container.
  • the first network element places the control period information in the BGP Wide Community (Boundary Gateway Protocol Wide Community Attribute), and the BGP Wide Community is a BGP Community Container of Type 1.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • the second network element determines the target traffic according to the control object information in the FlowSpec message, and periodically controls the target traffic according to the control mode information and the control period information in the FlowSpec message.
  • the second network element obtains control period information from an attribute domain of the FlowSpec message.
  • the second network element obtains control period information from the BGP Community Container.
  • the second network element obtains control period information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container with Type 1.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • a message generating module configured to: place control object information, control mode information, and control period information in a FlowSpec message
  • the sending module is configured to send a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.
  • the message generation module is configured to place the control period information in the attribute domain of the FlowSpec message.
  • the message generation module is configured to place the control period information in the BGP Community Container.
  • the message generating module is configured to place the control period information in the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • a receiving module configured to receive a FlowSpec message sent by the first network element
  • the control module is configured to determine the target traffic according to the control object information in the FlowSpec message, and periodically control the target traffic according to the control mode information and the control period information in the FlowSpec message.
  • control module is configured to acquire control cycle information from an attribute domain of the FlowSpec message.
  • control module is configured to obtain control cycle information from the border gateway protocol community container BGP Community Container.
  • control module is configured to obtain control period information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • a storage medium provided by the embodiment of the present disclosure has a computer program stored thereon, and when the computer program is executed by the processor, the steps of any method on the first network element side are implemented.
  • Another storage medium provided by the embodiment is provided, and a computer program is stored thereon, and when the computer program is executed by the processor, the steps of any of the methods on the second network element side are implemented.
  • the second network element can be based on the control object information in a FlowSpec message.
  • the control mode information and the control period information periodically control the traffic, which reduces the number and difficulty of the delivery of the FlowSpec message when the periodic action is performed, and simplifies the step of periodically controlling the traffic, thereby at least solving the related technologies.
  • the network element cannot periodically control the traffic according to a FlowSpec message, and cannot meet the requirement of the periodic execution action.
  • FIG. 1 is a schematic diagram of steps of a method for controlling traffic according to an embodiment of the present disclosure
  • FIG. 2 is a schematic diagram of steps of another method for controlling traffic according to an embodiment of the present disclosure
  • FIG. 3 is a schematic diagram of a format of a Periodic Action List Atom according to an embodiment of the present disclosure
  • FIG. 4 is a schematic diagram of a format of a value range of a Periodic Action List Atom according to an embodiment of the present disclosure
  • FIG. 5 is a schematic diagram of a format of a header of a BGP Community Container according to an embodiment of the present disclosure
  • FIG. 6 is a schematic diagram of a format of a BGP Community Container carrying control period information according to an embodiment of the present disclosure
  • FIG. 7 is a schematic diagram of a format of a parameter of a BGP Wide Community according to an embodiment of the present disclosure
  • FIG. 8 is a schematic diagram of a format of a BGP Wide Community Parameter (s) TLV according to an embodiment of the present disclosure
  • FIG. 9 is a schematic diagram of a format of a BGP Wide Community carrying control period information according to an embodiment of the present disclosure.
  • FIG. 10 is a schematic flowchart of performing flow control according to an embodiment of the present disclosure.
  • FIG. 11 is a schematic structural diagram of a first network element for controlling traffic according to an embodiment of the present disclosure
  • FIG. 12 is a schematic structural diagram of a second network element for controlling traffic according to an embodiment of the present disclosure.
  • the FlowSpec message is used to indicate that the network element matches the traffic and instructs the network element to control the matched traffic, for example, by performing an action on the traffic, including but not limited to BGP FlowSpec message.
  • the BGP FlowSpec message indicates that the network element matches the traffic through the NLRI, and the action in the extended community attribute in the BGP FlowSpec message indicates that the network element performs a corresponding action on the matched traffic.
  • the control of the traffic in the embodiment of the disclosure includes, but is not limited to, determining a target traffic to be controlled according to the BGP FlowSpec message, and determining a manner of controlling the target traffic according to the BGP FlowSpec message (ie, determining an action to be performed) and a period (ie, Determine the period of the action that needs to be performed) and control it.
  • the first network element in the embodiment of the disclosure includes, but is not limited to, a router, an SDN (Software Defined Network) controller, a route reflector, or a policy server, and may be another network element device capable of generating a FlowSpec message.
  • the second network element includes, but is not limited to, a router or a switch (for example, a Layer 3 switch, an SDN switch), or other network element device capable of performing flow control according to a FlowSpec message.
  • the control object information in the embodiment of the present disclosure includes but is not limited to the matching rule indicated by NLRI in the BGP FlowSpec; the control mode information includes but is not limited to the action in the BGP FlowSpec; the control period information includes but is not limited to the BGP FlowSpec for indicating The information of the period of the execution of the action; the target traffic includes, but is not limited to, the traffic that needs to be controlled according to the control object information represented by the NLRI in the BGP FlowSpec.
  • FIG. 1 The method for performing flow control by the first network element in the embodiment of the present disclosure is described below with reference to FIG. 1, which includes the following steps:
  • Step 101 The first network element places the control object information, the control mode information, and the control period information in a FlowSpec message.
  • Step 102 The first network element sends a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.
  • control object information in the sent FlowSpec message is used by the second network element to determine the target traffic; the control mode information and the control period information in the sent FlowSpec message are used for the second network element to target Traffic is periodically controlled.
  • control period information in the embodiment of the present disclosure includes, but is not limited to, information used in the BGP FlowSpec to indicate the period of execution of the action.
  • the first network element can set the control object information, the control mode information, and the control period information in the FlowSpec message, so that the second network element can read the control object information, the control mode information, and the information in a FlowSpec message.
  • the network element performs the action periodically, which reduces the number and difficulty of the delivery of the FlowSpec message corresponding to the periodic action, and simplifies the step of periodically controlling the traffic.
  • the first network element may add control period information corresponding to the control object information and the control mode information in the existing FlowSpec message.
  • the first network element may place the control object information, the control mode information, and the control period information corresponding to each other in the same BGP FlowSpec, and is used to indicate that the target traffic determined according to the control object information is represented according to the control cycle information.
  • the action indicated by the control mode information is periodically executed, so that after receiving the BGP FlowSpec, the second network element performs a periodic action according to the control object information, the control mode information, and the control cycle information.
  • the method for performing flow control by the second network element in the embodiment of the present disclosure is described below with reference to FIG. 2, and the method includes the following steps:
  • Step 201 The second network element receives the FlowSpec message sent by the first network element.
  • Step 202 The second network element determines the target traffic according to the control object information in the FlowSpec message, and periodically controls the target traffic according to the control mode information and the control period information in the FlowSpec message.
  • the control period information includes, but is not limited to, information in the BGP FlowSpec for indicating the period of execution of the action.
  • the second network element after receiving the FlowSpec message sent by the first network element, can determine the target traffic to be controlled according to the control object information in the FlowSpec message, and target the traffic according to the control mode information and the control cycle information. Periodically, the second network element can perform periodic actions on the target traffic according to a FlowSpec message, which reduces the number and difficulty of the delivery of the FlowSpec message corresponding to the periodic action, and simplifies the step of periodically controlling the traffic. .
  • the control period information includes, but is not limited to, information in the BGP FlowSpec for indicating the period of execution of the action.
  • the second network element may determine a period of performing an action on the target traffic according to the control period information in the FlowSpec message. For example, the second network element may determine, according to the control period information corresponding to the control object information and the control mode information in the same BGP FlowSpec message, a period of performing an action on the target traffic, and then according to the control object information, the control mode information, and the control cycle information. Perform periodic actions.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • control period information may be composed of two parts: control interval information for determining an interval between periods in which an action is performed, and a start time and each action for determining each execution of an action in each period The control time information of the execution time.
  • control interval information for determining the interval between the periods in which the action is performed includes, but is not limited to, a Periodic Action List Atom for indicating an interval between periods in which the action is performed, or may be capable of using Other information for determining an interval between periods in which an action is performed;
  • control time information for determining a start time of each execution of an action in each cycle and an execution time of each action includes, but is not limited to, indicating each execution of the action
  • the start time and the execution time of each action Integer32 List Atom (32-bit integer list atom), may also be other information indicating the start time of each execution action and the execution time of each action, or it means that each time The start time of the execution action and the end time of each action can be used to determine other information such as the start time of each execution action and the execution time of each action.
  • the Integer32 List Atom may be information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or may be information indicating the start time of each action performed in each cycle and Information indicating the end time of each execution of the action.
  • the Periodic Action List Atom and the Integer32 List Atom in the embodiment of the present disclosure are Atoms in the form of TLV (Type-Length-Value).
  • TLV Type-Length-Value
  • the second network element determines the period in which the action is performed and the start time of each execution of the action in each cycle and the duration of each execution of the action (or the end time of each execution of the action) according to the control cycle information.
  • the control cycle information in the embodiment of the present disclosure may also include only a Periodic Action List Atom or an Integer32 List Atom.
  • the Periodic Action List Atom can be used to indicate the interval of action execution.
  • a possible structure of the Periodic Action List Atom is shown in Figure 3.
  • the Type can be standardized by IANA (The Internet Assigned Numbers Authority, Internet Digital Distribution Authority), the Length field indicates the size of the value field, and the specific bit (bit) bit in the Value field is used to indicate the specific periodicity when set (ie, the bit is 1).
  • the interval between actions For example, as shown in FIG. 4, the 0 to 25 bits of the value range are reserved, and the 26 to 31 bits are mutually exclusive, that is, only one bit of each of the 26 to 31 bits is set, and a specific bit can be agreed in advance.
  • the meaning of the action interval represented by the set for example, when the Y bit is set, the action is performed once a year.
  • the action is executed once a month.
  • the W bit is set, the action is performed once a week.
  • the D bit is set, the action is executed once a day.
  • the H bit is set, the action is executed every hour.
  • the MI bit is set, the action is executed every minute.
  • the first 4-byte integer of each of the two 4-byte integers in the Integer32 List Atom indicates the time when the action starts.
  • the time from the start of the cycle to the start of the action may be represented by a 4-byte integer.
  • the duration eg, in seconds
  • the second network element begins performing an action after determining the length of time represented by the first 4-byte integer from the beginning of the period, wherein the beginning of the period is used to determine the first execution of the action in the cycle.
  • the time for example, the start of the cycle may be a time point determined according to the bit set in the Periodic Action List Atom, or may be a time point set by other means; the second 4 words of every 2 4-byte integers
  • the integer number indicates the duration of the action.
  • the length between the start of the action and the end of the action can be expressed by a 4-byte integer. That is, after the second network element starts to operate, it is determined that the second 4 is passed.
  • the duration of the byte integer indicates the end of the action; in addition, the second 4-byte integer of every two 4-byte integers can also be used to indicate the end of the action, for example, from the start of the cycle to the action The length of time the bundle has passed.
  • a method for expressing a cycle start point by using a Periodic Action List Atom is as follows: For example, the Y bit in FIG. 4 is set, indicating that the start of the cycle is January 1st, zero, zero, and zero seconds of each year.
  • MO bit When the MO bit is set, it indicates that the start of the cycle is 0:00:00 on the 1st of each month.
  • W bit When the W bit is set, it indicates that the start of the cycle is zero, zero, and zero seconds per week, when the D bit Set to indicate that the start of the cycle is zero, zero, and zero seconds per day.
  • the H bit When the H bit is set, it indicates that the start of the cycle is each hour, that is, zero minute and zero seconds per time.
  • MI bit When the MI bit is set, it indicates The start of the cycle is zero seconds per minute.
  • the first network element may place the control period information composed of the Periodic Action List Atom and/or the Integer32 List Atom in the FlowSpec message, for example, in the attribute field of the FlowSpec message.
  • the second network element may determine, according to the control period information composed of the Periodic Action List Atom and/or the Integer32 List Atom in the FlowSpec message, a period of performing an action on the target traffic and a start time of performing the action in each cycle. And the duration of the action (or the end time of the action), for example, the second network element determines to perform an action on the target traffic according to the control cycle information composed of the Periodic Action List Atom and/or the Integer32 List Atom in the attribute field of the FlowSpec message. cycle.
  • the above method for setting the control period information is only an example, as long as the second network element can determine the interval between the periods in which the action is performed and the start time of each action in each period according to the control period information. And the execution time of each action (or the start time of each action and the end time of each action) and periodically control the target flow according to this, and other setting methods of the control cycle information should also belong to the implementation of the present disclosure.
  • the method of setting the control period information is set.
  • the first network element may place control period information in an attribute field of the FlowSpec message.
  • the first network element may place the control period information in an attribute domain of the FlowSpec message.
  • the first network element places the control object information and the control mode information in the FlowSpec message according to the existing manner, after which the first network element places the control period information in the attribute domain of the FlowSpec message; the first network element may also The control object information, the control mode information, and the control cycle information are placed in the attribute field of the FlowSpec message.
  • the second network element may obtain control period information from an attribute domain of the FlowSpec message.
  • the second network element obtains the control period information from the FlowSpec message and performs periodic control on the target traffic. If the control period information is located in the attribute domain of the FlowSpec message, the second network element is from the FlowSpec message. The control period information is obtained in the attribute domain and the target traffic is periodically controlled.
  • the first network element places control period information in the BGP Community Container.
  • the Header format of the BGP Community Container is shown in Figure 5.
  • the header of the BGP Community Container includes the type field, the Flags field (including the C and T flags), the Reserved field, and the length field.
  • a possible structure of a specific parameter of a BGP Community Container carrying control period information is provided by the embodiment of the present disclosure, for example, it can be defined as a BGP Periodic Action Community (BGP).
  • BGP BGP Periodic Action Community
  • the Periodic Action Community Type value is assigned by the IANA after standardization to indicate that the BGP Periodic Action Community is a BGP Community Container containing control period information, and the Source AS Number field in the attribute domain is for generating control period information.
  • the AS number of the network element, the Context AS Number field is the AS number of the second network element that needs to execute the BGP Community Container, and the TLVs contain control period information composed of the Periodic Action List Atom 601 and the Integer32 List Atom 602.
  • the second network element obtains control period information from the BGP Community Container.
  • the second network element obtains the control period information from the FlowSpec message and performs periodic control on the target traffic. If the control period information is located in the BGP Periodic Action Community, the second network element is from the BGP Periodic Action Community. The control cycle information is obtained and the target traffic is periodically controlled.
  • the first network element places the control period information in the BGP Wide Community, and the BGP Wide Community is a BGP Community Container of type 1.
  • the first network element may place the control period information in the BGP Wide Community.
  • the BGP Wide Community in the embodiment of the present disclosure is one of the types of the BGP Community Container, and has a header of the BGP Community Container as shown in FIG. 5, where the BGP Community Container has a type value of 1.
  • the parameters and format carried by the BGP Wide Community are shown in Figure 7, including the Community Value (source value), source AS number, context AS number, and Optional (optional) TLVs parameters.
  • the TLVs may include a BGP Wide Community Parameter(s) TLV (Border Gateway Protocol Wide Community Parameter TLV), and the BGP Wide Community Parameter(s) TLV has a structure as shown in FIG. 8 , and a BGP Wide Community Parameter(s) TLV.
  • the feasible setting method is: sub-type (subtype) is 3, Length is the actual length of the Value field, the unit is byte, and the value range is composed of atoms in the form of TLV.
  • the first network element may place control period information in the BGP Wide Community Parameter(s) TLV.
  • the value of the specific location of the BGP Wide Community may be set to a preset value, where the preset value may be allocated by the IANA. For example, if the first network element sets the Community Value of the BGP Wide Community shown in FIG. 7 to a preset value, the second network element determines the BGP Wide after determining that the received Community Value of the BGP Wide Community is a preset value.
  • the Community carries control cycle information.
  • the method for carrying the control period information in the BGP Wide Community is only an example.
  • the method of setting the preset value and/or the specific value in other locations of the BGP Wide Community to indicate that the BGP Wide Community carries the control period information is protected by the disclosure. range.
  • the second network element obtains control period information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.
  • the second network element obtains the control period information from the FlowSpec message and performs periodic control on the target traffic. If the control period information is located in the BGP Wide Community, the second network element is obtained from the BGP Wide Community. Control period information, where BGP Wide Community is a BGP Community Container of type Type 1.
  • a BGP Wide Community carrying control period information may be defined as a BGP Periodic Action Wide Community, for example, by a Periodic Action.
  • the control period information 903 composed of the List Atom 901 and the Integer 32 List Atom 902 is located in the BGP Wide Community Parameter(s) TLV 904 in the TLVs.
  • the second NE After receiving the BGP Periodic Action Wide Community as shown in Figure 9, the second NE obtains control period information from the BGP Periodic Action Wide Community.
  • the first 4 bytes in the Integer32 List Atom represent the duration (in seconds) between the start time and the start time of the action.
  • the second 4 bytes in the Integer32 List Atom indicate the duration of the periodic action (unit) For the second), according to the method of setting the control period information shown in FIG.
  • Step 1001 The first network element places the control object information, the control mode information, and the control period information in a FlowSpec message.
  • Step 1002 The first network element sends a FlowSpec message to the second network element.
  • Step 1003 The second network element receives the FlowSpec message sent by the first network element.
  • Step 1004 The second network element determines the target traffic according to the control object information in the FlowSpec message, and periodically controls the target traffic according to the control mode information and the control cycle information in the FlowSpec message, and then ends the process.
  • an embodiment of the present disclosure further provides a first network element that controls traffic.
  • the principle of the first network element is similar to the embodiment of the present disclosure. Therefore, the implementation of the first network element may refer to the implementation of the method in the disclosure, and details are not repeated herein.
  • a first network element for controlling traffic includes:
  • the message generating module 1101 is configured to: the control object information, the control mode information, and the control period information are placed in the FlowSpec message;
  • the sending module 1102 is configured to send a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.
  • the message generation module 1101 is configured to place control period information in an attribute field of the FlowSpec message.
  • the message generation module 1101 is configured to place control cycle information in the BGP Community Container.
  • the message generation module 1101 is configured to place the control period information in the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • an embodiment of the present disclosure further provides a second network element that controls traffic.
  • the principle of the second network element is similar to that of the embodiment of the present disclosure. Therefore, the implementation of the second network element may refer to the implementation of the method in the disclosure, and details are not repeated herein.
  • the message generating module 1101 can be implemented by a processor in the first network element
  • the sending module 1102 can be implemented by a communication interface in the first network element.
  • the communication interface sends the communication interface to the second network element under the control of the processor. Corresponding information.
  • the processor needs to read the information stored in the memory (ie, the computer program), and run the computer program to realize its function.
  • an embodiment of the present disclosure further provides a storage medium, specifically a computer readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor, the steps of any method on the first network element side are implemented. .
  • a second network element for controlling traffic includes:
  • the receiving module 1201 is configured to receive a FlowSpec message sent by the first network element.
  • the control module 1202 is configured to determine the target traffic according to the control object information in the FlowSpec message and periodically control the target traffic according to the control mode information and the control cycle information in the FlowSpec message.
  • control module 1202 is configured to obtain control cycle information from an attribute domain of the FlowSpec message.
  • control module 1202 is configured to obtain control cycle information from the Border Gateway Protocol Community Container BGP Community Container.
  • control module 1202 is configured to obtain control cycle information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of type Type 1.
  • control period information includes some or all of the following:
  • Control interval information for determining an interval between periods in which an action is performed
  • Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action
  • Control time information includes:
  • control module 1202 can be implemented by a processor in the first network element
  • receiving module 1201 can be implemented by a communication interface in the second network element.
  • the communication interface receives the first network element and sends the information under the control of the processor. Corresponding information.
  • the processor needs to read the information stored in the memory (ie, the computer program), and run the computer program to realize its function.
  • an embodiment of the present disclosure further provides a storage medium, specifically a computer readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor, the steps of any method on the second network element side are implemented. .
  • the embodiment of the present disclosure further provides a system for controlling traffic, including the foregoing first network element and second network element;
  • the first network element is configured to: the control object information, the control mode information, and the control period information are placed in the FlowSpec message; and send the FlowSpec message to the second network element;
  • the second network element is configured to receive the FlowSpec message sent by the first network element, and determine the target traffic according to the control object information in the FlowSpec message, and target the target traffic according to the control mode information and the control period information in the FlowSpec message. Perform periodic control.
  • control object information, the control mode information, and the control period information are placed in the FlowSpec message by the first network element, so that the second network element can be based on the control object information in a FlowSpec message.
  • the control mode information and the control period information periodically control the traffic, which reduces the number and difficulty of the delivery of the FlowSpec message when the periodic action is performed, and simplifies the step of periodically controlling the traffic.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed are a method for controlling a flow, a network element device, and a storage medium. The method for controlling a flow comprises: a first network element including in a FlowSpec message information of a controlled object, information of a control method and information of a control period; and the first network element transmitting the FlowSpec message to a second network element, such that the second network element performs periodic control on a target flow.

Description

一种控制流量的方法、网元设备及存储介质Method for controlling traffic, network element device and storage medium

相关申请的交叉引用Cross-reference to related applications

本申请基于申请号为201710339660.6、申请日为2017年05月15日的中国专利申请提出,并要求该中国专利申请的优先权,该中国专利申请的全部内容在此引入本申请作为参考。The present application is based on a Chinese patent application filed on Jan. 15, 2017, the filing date of which is hereby incorporated by reference.

技术领域Technical field

本公开涉及通信技术领域,特别涉及一种控制流量的方法、网元设备及存储介质。The present disclosure relates to the field of communications technologies, and in particular, to a method for controlling traffic, a network element device, and a storage medium.

背景技术Background technique

FlowSpec(Flow Specifications,流规范)消息用于指示网元对流量进行匹配,并对匹配出的流量进行控制,例如BGP FlowSpec(BGP Flow Specifications,BGP(Border Gateway Protocol,边界网关协议)流规范,)消息为BGP定义了一种新的NLRI(Network Layer Reachability Information,网络层可达信息),以使BGP FlowSpec消息可以通过这种NLRI传递流规范(Distribute Traffic Flow Specifications)信息,实现对DoS(Denial of Service,拒绝服务)或者DDos(Distributed Denial of Service,分布式拒绝服务)的攻击流量进行限速,或者将某些流量进行特定的DSCP(Differentiated Services Code Point,差分服务代码点)标记等控制动作。在BGP FlowSpec消息中,流量的匹配规则封装在NLRI中,对匹配上规则需要采取的动作(action)封装在扩展团体属性(Extended Community)中,进而通过匹配规则确定出需要控制的流量,并对流量执行相应的动作以实现对流量的控制。目前规范中定义了7种动作,如表1所示。The FlowSpec (Flow Specifications) message is used to indicate that the network element matches the traffic and controls the matched traffic, such as BGP FlowSpec (BGP Flow Specifications, BGP (Border Gateway Protocol) flow specification). The message defines a new NLRI (Network Layer Reachability Information) for BGP, so that the BGP FlowSpec message can pass the NLRI Distribute Traffic Flow Specifications information to implement DoS (Denial of Service, denial of service, or DDS (Distributed Denial of Service) attack traffic is limited, or certain traffic is controlled by a specific DSCP (Differentiated Services Code Point) tag. In the BGP FlowSpec message, the matching rule of the traffic is encapsulated in the NLRI, and the action required to match the rule is encapsulated in the extended community attribute (Extended Community), and then the matching rule is used to determine the traffic to be controlled, and The flow performs the corresponding action to achieve control of the flow. Seven actions are defined in the current specification, as shown in Table 1.

Figure PCTCN2018079687-appb-000001
Figure PCTCN2018079687-appb-000001

表1Table 1

另外,BGP Community Container(边界网关协议团体容器)定义了新 的编码格式,具备表达、携带和执行运营商定义的参数集的能力,同时它也为扩展BGP FlowSpec中的扩展团体属性(Extended Community)提供了平台。In addition, the BGP Community Container defines a new encoding format with the ability to express, carry and execute operator-defined parameter sets, and it also extends the Extended Community attribute in the BGP FlowSpec (Extended Community). A platform is provided.

然而目前,网元仍然无法根据单一的BGP FlowSpec消息对流量进行周期性控制,即无法对流量执行周期性动作,只能在每次周期到达或者需要执行动作时对网元重新下达FlowSpec消息,增加了FlowSpec消息的下发数量和难度,不利于流量的周期性控制。However, at present, the network element cannot periodically perform traffic control according to a single BGP FlowSpec message, that is, it cannot perform periodic actions on the traffic, and can only re-release the FlowSpec message to the network element when each cycle arrives or needs to perform an action. The number and difficulty of sending FlowSpec messages are not conducive to the periodic control of traffic.

综上,网元无法根据一条FlowSpec消息对流量进行周期性控制,无法满足周期执行动作的需求。In summary, the network element cannot periodically control the traffic according to a FlowSpec message, and cannot meet the requirements of the periodic execution action.

发明内容Summary of the invention

本公开实施例提供一种控制流量的方法、网元设备及存储介质。Embodiments of the present disclosure provide a method, a network element device, and a storage medium for controlling traffic.

本公开实施例提供的一种控制流量的方法,包括:A method for controlling traffic provided by an embodiment of the present disclosure includes:

第一网元将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中;The first network element places the control object information, the control mode information, and the control period information in a FlowSpec message;

第一网元向第二网元发送FlowSpec消息,以使第二网元根据控制对象信息确定目标流量并根据控制方式信息和控制周期信息对目标流量进行周期性控制。The first network element sends a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.

上述方案中,第一网元将控制周期信息置于FlowSpec消息的属性域中。In the above solution, the first network element places the control period information in the attribute domain of the FlowSpec message.

上述方案中,第一网元将控制周期信息置于BGP Community Container中。In the above solution, the first network element places the control period information in the BGP Community Container.

上述方案中,第一网元将控制周期信息置于BGP Wide Community(边界网关协议宽团体属性)中,BGP Wide Community为Type为1的BGP Community Container。In the above solution, the first network element places the control period information in the BGP Wide Community (Boundary Gateway Protocol Wide Community Attribute), and the BGP Wide Community is a BGP Community Container of Type 1.

上述方案中,控制周期信息,包括下列中的部分或全部:In the above scheme, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

本公开实施例提供的另一种控制流量的方法,包括:Another method for controlling traffic provided by an embodiment of the present disclosure includes:

第二网元接收第一网元发送的FlowSpec消息;Receiving, by the second network element, a FlowSpec message sent by the first network element;

第二网元根据FlowSpec消息中的控制对象信息确定目标流量并根据FlowSpec消息中的控制方式信息和控制周期信息对目标流量进行周期性控制。The second network element determines the target traffic according to the control object information in the FlowSpec message, and periodically controls the target traffic according to the control mode information and the control period information in the FlowSpec message.

上述方案中,第二网元从FlowSpec消息的属性域中获取控制周期信息。In the above solution, the second network element obtains control period information from an attribute domain of the FlowSpec message.

上述方案中,第二网元从BGP Community Container中获取控制周期信息。In the above solution, the second network element obtains control period information from the BGP Community Container.

上述方案中,第二网元从BGP Wide Community中获取控制周期信息,其中BGP Wide Community为Type为1的BGP Community Container。In the foregoing solution, the second network element obtains control period information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container with Type 1.

上述方案中,控制周期信息,包括下列中的部分或全部:In the above scheme, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作 的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

本公开实施例提供的一种控制流量的第一网元,包括:A first network element for controlling traffic according to an embodiment of the present disclosure includes:

消息生成模块,配置为将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中;a message generating module, configured to: place control object information, control mode information, and control period information in a FlowSpec message;

发送模块,配置为向第二网元发送FlowSpec消息,以使第二网元根据控制对象信息确定目标流量并根据控制方式信息和控制周期信息对目标流量进行周期性控制。The sending module is configured to send a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.

上述方案中,消息生成模块配置为将控制周期信息置于FlowSpec消息的属性域中。In the above solution, the message generation module is configured to place the control period information in the attribute domain of the FlowSpec message.

上述方案中,消息生成模块配置为将控制周期信息置于BGP Community Container中。In the above solution, the message generation module is configured to place the control period information in the BGP Community Container.

上述方案中,消息生成模块配置为将控制周期信息置于BGP Wide Community中,其中BGP Wide Community为Type为1的BGP Community Container。In the above solution, the message generating module is configured to place the control period information in the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.

上述方案中,控制周期信息,包括下列中的部分或全部:In the above scheme, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

本公开实施例提供的一种控制流量的第二网元,包括:A second network element for controlling traffic provided by the embodiment of the present disclosure includes:

接收模块,配置为接收第一网元发送的FlowSpec消息;a receiving module, configured to receive a FlowSpec message sent by the first network element;

控制模块,配置为根据FlowSpec消息中的控制对象信息确定目标流量并根据FlowSpec消息中的控制方式信息和控制周期信息对目标流量进行周期性控制。The control module is configured to determine the target traffic according to the control object information in the FlowSpec message, and periodically control the target traffic according to the control mode information and the control period information in the FlowSpec message.

上述方案中,控制模块配置为从FlowSpec消息的属性域中获取控制周期信息。In the above solution, the control module is configured to acquire control cycle information from an attribute domain of the FlowSpec message.

上述方案中,控制模块配置为从边界网关协议团体容器BGP Community Container中获取控制周期信息。In the above solution, the control module is configured to obtain control cycle information from the border gateway protocol community container BGP Community Container.

上述方案中,控制模块配置为从BGP Wide Community中获取控制周期信息,其中BGP Wide Community为Type为1的BGP Community Container。In the above solution, the control module is configured to obtain control period information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.

上述方案中,控制周期信息,包括下列中的部分或全部:In the above scheme, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

本公开实施例提供的一种存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现上述第一网元侧任一方法的步骤。A storage medium provided by the embodiment of the present disclosure has a computer program stored thereon, and when the computer program is executed by the processor, the steps of any method on the first network element side are implemented.

崩开实施例提供的另一种存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现上述第二网元侧任一方法的步骤。Another storage medium provided by the embodiment is provided, and a computer program is stored thereon, and when the computer program is executed by the processor, the steps of any of the methods on the second network element side are implemented.

根据本公开实施例提供的控制流量的方案,由于第一网元将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中,使得第二网元能够根据一条FlowSpec消息中的控制对象信息、控制方式信息以及控制 周期信息对流量进行周期性控制,降低了执行周期性动作时的FlowSpec消息的下发数量和难度,简化对流量进行周期性控制的步骤,从而至少能够解决相关技术中存在的网元无法根据一条FlowSpec消息对流量进行周期性控制,无法满足周期执行动作的需求的问题。According to the scheme for controlling traffic provided by the embodiment of the present disclosure, since the first network element places the control object information, the control mode information, and the control period information in the FlowSpec message, the second network element can be based on the control object information in a FlowSpec message. The control mode information and the control period information periodically control the traffic, which reduces the number and difficulty of the delivery of the FlowSpec message when the periodic action is performed, and simplifies the step of periodically controlling the traffic, thereby at least solving the related technologies. The network element cannot periodically control the traffic according to a FlowSpec message, and cannot meet the requirement of the periodic execution action.

附图说明DRAWINGS

为了更清楚地说明本公开实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本公开的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present disclosure, the following drawings will be briefly described in the description of the embodiments, and the accompanying drawings in the following description are only Those skilled in the art can also obtain other drawings based on these drawings without paying any creative work.

图1为本公开实施例提供的一种控制流量的方法的步骤示意图;FIG. 1 is a schematic diagram of steps of a method for controlling traffic according to an embodiment of the present disclosure;

图2为本公开实施例提供的另一种控制流量的方法的步骤示意图;2 is a schematic diagram of steps of another method for controlling traffic according to an embodiment of the present disclosure;

图3为本公开实施例提供的一种Periodic Action List Atom的格式示意图;FIG. 3 is a schematic diagram of a format of a Periodic Action List Atom according to an embodiment of the present disclosure;

图4为本公开实施例提供的一种Periodic Action List Atom的值域的格式示意图;FIG. 4 is a schematic diagram of a format of a value range of a Periodic Action List Atom according to an embodiment of the present disclosure;

图5为本公开实施例提供的一种BGP Community Container的头部的格式示意图;FIG. 5 is a schematic diagram of a format of a header of a BGP Community Container according to an embodiment of the present disclosure;

图6为本公开实施例提供的一种携带控制周期信息的BGP Community Container的格式示意图;FIG. 6 is a schematic diagram of a format of a BGP Community Container carrying control period information according to an embodiment of the present disclosure;

图7为本公开实施例提供的一种BGP Wide Community的参数的格式示意图;FIG. 7 is a schematic diagram of a format of a parameter of a BGP Wide Community according to an embodiment of the present disclosure;

图8为本公开实施例提供的一种BGP Wide Community Parameter(s)TLV的格式示意图;FIG. 8 is a schematic diagram of a format of a BGP Wide Community Parameter (s) TLV according to an embodiment of the present disclosure;

图9为本公开实施例提供的一种携带控制周期信息的BGP Wide Community的格式示意图;FIG. 9 is a schematic diagram of a format of a BGP Wide Community carrying control period information according to an embodiment of the present disclosure;

图10为本公开实施例提供的一种进行流量控制的具体流程示意图;FIG. 10 is a schematic flowchart of performing flow control according to an embodiment of the present disclosure;

图11为本公开实施例提供的一种控制流量的第一网元的结构示意图;FIG. 11 is a schematic structural diagram of a first network element for controlling traffic according to an embodiment of the present disclosure;

图12为本公开实施例提供的一种控制流量的第二网元的结构示意图。FIG. 12 is a schematic structural diagram of a second network element for controlling traffic according to an embodiment of the present disclosure.

具体实施方式detailed description

为了使本公开的目的、技术方案和优点更加清楚,下面将结合附图对本公开作进一步地详细描述,显然,所描述的实施例仅仅是本公开一部分实施例,而不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本公开保护的范围。The present disclosure will be further described in detail with reference to the accompanying drawings, in which FIG. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present disclosure without departing from the inventive scope are the scope of the disclosure.

在本公开实施例中,FlowSpec消息是指用于指示网元对流量进行匹配并指示网元对匹配出的流量进行控制(例如通过对流量执行动作的方式进行控制)的消息,包括但不限于BGP FlowSpec消息。其中,BGP FlowSpec消息能够通过NLRI指示网元对流量进行匹配,并通过BGP FlowSpec消息中的扩展团体属性中的动作指示网元对匹配出的流量执行相应的动作。In the embodiment of the present disclosure, the FlowSpec message is used to indicate that the network element matches the traffic and instructs the network element to control the matched traffic, for example, by performing an action on the traffic, including but not limited to BGP FlowSpec message. The BGP FlowSpec message indicates that the network element matches the traffic through the NLRI, and the action in the extended community attribute in the BGP FlowSpec message indicates that the network element performs a corresponding action on the matched traffic.

本公开实施例中对流量的控制,包括但不限于根据BGP FlowSpec消息确定需要控制的目标流量,以及根据BGP FlowSpec消息确定对目标流量进行控制的方式(即确定需要执行的动作)和周期(即确定需要执行的动作的周期)并进行控制。The control of the traffic in the embodiment of the disclosure includes, but is not limited to, determining a target traffic to be controlled according to the BGP FlowSpec message, and determining a manner of controlling the target traffic according to the BGP FlowSpec message (ie, determining an action to be performed) and a period (ie, Determine the period of the action that needs to be performed) and control it.

本公开实施例中的第一网元,包括但不限于路由器、SDN(Software Defined Network,软件定义网络)控制器、路由反射器或者策略服务器,也可以是其他能够生成FlowSpec消息的网元设备。第二网元包括但不限于路由器或者交换机(例如三层交换机、SDN交换机),也可以是其他能够根据FlowSpec消息进行流量控制的网元设备。The first network element in the embodiment of the disclosure includes, but is not limited to, a router, an SDN (Software Defined Network) controller, a route reflector, or a policy server, and may be another network element device capable of generating a FlowSpec message. The second network element includes, but is not limited to, a router or a switch (for example, a Layer 3 switch, an SDN switch), or other network element device capable of performing flow control according to a FlowSpec message.

本公开实施例中的控制对象信息,包括但不限于BGP FlowSpec中通过NLRI表示的匹配规则;控制方式信息包括但不限于BGP FlowSpec中的动 作;控制周期信息包括但不限于BGP FlowSpec中用于表示动作执行的周期的信息;目标流量,包括但不限于根据BGP FlowSpec中由NLRI表示的控制对象信息确定出的需要进行控制的流量。The control object information in the embodiment of the present disclosure includes but is not limited to the matching rule indicated by NLRI in the BGP FlowSpec; the control mode information includes but is not limited to the action in the BGP FlowSpec; the control period information includes but is not limited to the BGP FlowSpec for indicating The information of the period of the execution of the action; the target traffic includes, but is not limited to, the traffic that needs to be controlled according to the control object information represented by the NLRI in the BGP FlowSpec.

下面以图1说明本公开实施例中第一网元进行流量控制的方法,该方法包括以下步骤:The method for performing flow control by the first network element in the embodiment of the present disclosure is described below with reference to FIG. 1, which includes the following steps:

步骤101:第一网元将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中;Step 101: The first network element places the control object information, the control mode information, and the control period information in a FlowSpec message.

步骤102:第一网元向第二网元发送FlowSpec消息,以使第二网元根据控制对象信息确定目标流量并根据控制方式信息和控制周期信息对目标流量进行周期性控制。Step 102: The first network element sends a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.

也就是说,发送的FlowSpec消息中的控制对象信息用于供所述第二网元确定目标流量;发送的FlowSpec消息中的控制方式信息以及控制周期信息用于供所述第二网元对目标流量进行周期性控制。That is, the control object information in the sent FlowSpec message is used by the second network element to determine the target traffic; the control mode information and the control period information in the sent FlowSpec message are used for the second network element to target Traffic is periodically controlled.

其中,本公开实施例中的控制周期信息包括但不限于BGP FlowSpec中用于表示动作执行的周期的信息。The control period information in the embodiment of the present disclosure includes, but is not limited to, information used in the BGP FlowSpec to indicate the period of execution of the action.

本公开实施例中,由于第一网元将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中,使得第二网元能够在一条FlowSpec消息中读取控制对象信息、控制方式信息以及控制周期信息,并根据控制方式信息和控制周期信息对流量进行周期性控制,从而使得第二网元能够根据FlowSpec消息对目标流量执行周期性动作,因而不再要通过多条FlowSpec消息指示第二网元周期性执行动作,降低了执行周期性动作对应的FlowSpec消息的下发数量和难度,简化了对流量进行周期性控制的步骤。In the embodiment of the present disclosure, the first network element can set the control object information, the control mode information, and the control period information in the FlowSpec message, so that the second network element can read the control object information, the control mode information, and the information in a FlowSpec message. Controlling the period information, and periodically controlling the traffic according to the control mode information and the control period information, so that the second network element can perform periodic actions on the target traffic according to the FlowSpec message, and thus no longer needs to indicate the second through multiple FlowSpec messages. The network element performs the action periodically, which reduces the number and difficulty of the delivery of the FlowSpec message corresponding to the periodic action, and simplifies the step of periodically controlling the traffic.

第一网元可以在现有的FlowSpec消息中,添加控制对象信息和控制方式信息相对应的控制周期信息。例如,第一网元可以将相互对应的控制对象信息、控制方式信息和控制周期信息置于同一条BGP FlowSpec中,用于 表示对依据控制对象信息所确定的目标流量根据控制周期信息所表示的周期执行控制方式信息所表示的动作,以使第二网元在收到BGP FlowSpec后,根据控制对象信息、控制方式信息和控制周期信息执行周期性动作。The first network element may add control period information corresponding to the control object information and the control mode information in the existing FlowSpec message. For example, the first network element may place the control object information, the control mode information, and the control period information corresponding to each other in the same BGP FlowSpec, and is used to indicate that the target traffic determined according to the control object information is represented according to the control cycle information. The action indicated by the control mode information is periodically executed, so that after receiving the BGP FlowSpec, the second network element performs a periodic action according to the control object information, the control mode information, and the control cycle information.

下面以图2说明本公开实施例中第二网元进行流量控制的方法,该方法包括以下步骤:The method for performing flow control by the second network element in the embodiment of the present disclosure is described below with reference to FIG. 2, and the method includes the following steps:

步骤201:第二网元接收第一网元发送的FlowSpec消息;Step 201: The second network element receives the FlowSpec message sent by the first network element.

步骤202:第二网元根据FlowSpec消息中的控制对象信息确定目标流量并根据FlowSpec消息中的控制方式信息和控制周期信息对目标流量进行周期性控制。Step 202: The second network element determines the target traffic according to the control object information in the FlowSpec message, and periodically controls the target traffic according to the control mode information and the control period information in the FlowSpec message.

其中,控制周期信息包括但不限于BGP FlowSpec中用于表示动作执行的周期的信息。The control period information includes, but is not limited to, information in the BGP FlowSpec for indicating the period of execution of the action.

本公开实施例中,第二网元在接收第一网元发送的FlowSpec消息后,能够根据FlowSpec消息中的控制对象信息确定需要控制的目标流量,并根据控制方式信息和控制周期信息对目标流量进行周期性控制,因此第二网元能够根据一条FlowSpec消息对目标流量执行周期性动作,降低了执行周期性动作对应的FlowSpec消息的下发数量和难度,简化了对流量进行周期性控制的步骤。In the embodiment of the present disclosure, after receiving the FlowSpec message sent by the first network element, the second network element can determine the target traffic to be controlled according to the control object information in the FlowSpec message, and target the traffic according to the control mode information and the control cycle information. Periodically, the second network element can perform periodic actions on the target traffic according to a FlowSpec message, which reduces the number and difficulty of the delivery of the FlowSpec message corresponding to the periodic action, and simplifies the step of periodically controlling the traffic. .

其中,控制周期信息包括但不限于BGP FlowSpec中用于表示动作执行的周期的信息。The control period information includes, but is not limited to, information in the BGP FlowSpec for indicating the period of execution of the action.

第二网元可以根据FlowSpec消息中的控制周期信息确定对目标流量执行动作的周期。例如,第二网元可以根据同一条BGP FlowSpec消息中的与控制对象信息和控制方式信息对应的控制周期信息确定对目标流量执行动作的周期,之后根据控制对象信息、控制方式信息和控制周期信息执行周期性动作。The second network element may determine a period of performing an action on the target traffic according to the control period information in the FlowSpec message. For example, the second network element may determine, according to the control period information corresponding to the control object information and the control mode information in the same BGP FlowSpec message, a period of performing an action on the target traffic, and then according to the control object information, the control mode information, and the control cycle information. Perform periodic actions.

在一实施例中,控制周期信息,包括下列中的部分或全部:In an embodiment, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

本公开实施例中,控制周期信息可以由两部分组成:用于确定执行动作的周期之间的间隔的控制间隔信息和用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息。In the embodiment of the present disclosure, the control period information may be composed of two parts: control interval information for determining an interval between periods in which an action is performed, and a start time and each action for determining each execution of an action in each period The control time information of the execution time.

其中,用于确定执行动作的周期之间的间隔的控制间隔信息包括但不限于用于表示执行动作的周期之间的间隔的Periodic Action List Atom(周期性动作列表原子),也可以是能够用于确定执行动作的周期之间的间隔的其他信息;用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息包括但不限于表示每次执行动作的起始时间和每次动作的执行时长的Integer32 List Atom(32位整数列表原子),也可以是表示每次执行动作的起始时间和每次动作的执行时长的其他信息,或者是表示每次执行动作的起始时间和每次动作的结束时间等能够用于确定每次执行动作的起始时间和每次动作的执行时长的其他信息。Integer32 List Atom可以是表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;也可以是表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Wherein, the control interval information for determining the interval between the periods in which the action is performed includes, but is not limited to, a Periodic Action List Atom for indicating an interval between periods in which the action is performed, or may be capable of using Other information for determining an interval between periods in which an action is performed; control time information for determining a start time of each execution of an action in each cycle and an execution time of each action includes, but is not limited to, indicating each execution of the action The start time and the execution time of each action, Integer32 List Atom (32-bit integer list atom), may also be other information indicating the start time of each execution action and the execution time of each action, or it means that each time The start time of the execution action and the end time of each action can be used to determine other information such as the start time of each execution action and the execution time of each action. The Integer32 List Atom may be information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or may be information indicating the start time of each action performed in each cycle and Information indicating the end time of each execution of the action.

本公开实施例中的Periodic Action List Atom和Integer32 List Atom为TLV(Type-Length-Value,类型-长度-值)形式的Atom(原子)。另外,只 要能够清楚地使第二网元根据控制周期信息确定执行动作的周期和每个周期内每次执行动作的起始时间以及每次执行动作的持续时长(或者每次执行动作的结束时间),本公开实施例中的控制周期信息还可以只包括Periodic Action List Atom或者Integer32 List Atom。The Periodic Action List Atom and the Integer32 List Atom in the embodiment of the present disclosure are Atoms in the form of TLV (Type-Length-Value). In addition, as long as it is possible to clearly make the second network element determine the period in which the action is performed and the start time of each execution of the action in each cycle and the duration of each execution of the action (or the end time of each execution of the action) according to the control cycle information. The control cycle information in the embodiment of the present disclosure may also include only a Periodic Action List Atom or an Integer32 List Atom.

其中,Periodic Action List Atom可以用于表示动作执行的间隔,Periodic Action List Atom的一种可能的结构如图3所示,其中,Type(类型)可以在标准化后由IANA(The Internet Assigned Numbers Authority,互联网数字分配机构)分配,Length(长度)域表示值域的大小,Value(值)域中的特定bit(比特)位用于在置位(即该比特位为1)时表示具体的周期性动作的间隔时间。例如图4所示,值域的0至25比特位保留,26至31比特位为互斥关系,即26至31比特位中每次只有一个比特位被置位,可以事先约定特定比特位被置位所代表的动作间隔含义,例如约定当Y位被置位,表示动作每年执行一次,当MO位被置位表示动作每月执行一次,当W位被置位,表示动作每周执行一次,当D位被置位,表示动作每天执行一次,当H位被置位,表示动作每小时执行一次,当MI位被置位,表示动作每分钟执行一次。Among them, the Periodic Action List Atom can be used to indicate the interval of action execution. A possible structure of the Periodic Action List Atom is shown in Figure 3. The Type can be standardized by IANA (The Internet Assigned Numbers Authority, Internet Digital Distribution Authority), the Length field indicates the size of the value field, and the specific bit (bit) bit in the Value field is used to indicate the specific periodicity when set (ie, the bit is 1). The interval between actions. For example, as shown in FIG. 4, the 0 to 25 bits of the value range are reserved, and the 26 to 31 bits are mutually exclusive, that is, only one bit of each of the 26 to 31 bits is set, and a specific bit can be agreed in advance. The meaning of the action interval represented by the set, for example, when the Y bit is set, the action is performed once a year. When the MO bit is set, the action is executed once a month. When the W bit is set, the action is performed once a week. When the D bit is set, the action is executed once a day. When the H bit is set, the action is executed every hour. When the MI bit is set, the action is executed every minute.

Integer32 List Atom为Type为4的atom,其中,Integer32 List Atom的值域为N个2个4字节整数,N为正整数,若N=1,则表示第二网元每个周期内需要在一个时间段执行动作;若N≥2,则表示第二网元每个周期内需要在至少两个时间段执行动作。The Integer32 List Atom is an atom of type 4, where the value range of the Integer32 List Atom is N two 4-byte integers, and N is a positive integer. If N=1, it means that the second network element needs to be in each cycle. The action is performed for one time period; if N≥2, it means that the second network element needs to perform an action in at least two time periods in each cycle.

可选的,Integer32 List Atom中的每个2个4字节整数中的第一个4字节整数表示动作开始的时间,例如可以以4字节整数表示从周期起点到动作开始的时间经过的时长(例如以秒为单位),则第二网元在确定从周期起点起经过第一个4字节整数表示的时长后开始执行动作,其中周期起点用于确定周期内第一次执行动作的时间,例如周期起点可以是根据Periodic  Action List Atom中被置位的比特位确定的时间点,也可以是通过其他方式设定的时间点;每2个4字节整数中的第二个4字节整数表示动作持续的时长,例如可以以4字节整数表示从动作开始到动作结束之间的时长(例如以秒为单位),即第二网元在开始动作后,确定经过第二个4字节整数表示的时长后结束动作;另外,每2个4字节整数中的第二个4字节整数也可以用于表示动作结束的时间,例如表示从周期起点到动作结束的时间经过的时长。Optionally, the first 4-byte integer of each of the two 4-byte integers in the Integer32 List Atom indicates the time when the action starts. For example, the time from the start of the cycle to the start of the action may be represented by a 4-byte integer. The duration (eg, in seconds), the second network element begins performing an action after determining the length of time represented by the first 4-byte integer from the beginning of the period, wherein the beginning of the period is used to determine the first execution of the action in the cycle. The time, for example, the start of the cycle may be a time point determined according to the bit set in the Periodic Action List Atom, or may be a time point set by other means; the second 4 words of every 2 4-byte integers The integer number indicates the duration of the action. For example, the length between the start of the action and the end of the action (for example, in seconds) can be expressed by a 4-byte integer. That is, after the second network element starts to operate, it is determined that the second 4 is passed. The duration of the byte integer indicates the end of the action; in addition, the second 4-byte integer of every two 4-byte integers can also be used to indicate the end of the action, for example, from the start of the cycle to the action The length of time the bundle has passed.

下面说明本公开实施例提供的一种利用Periodic Action List Atom表示周期起点的方法:例如约定当图4中的Y位被置位,表示周期起点为每年的1月1日零点零分零秒,当MO位被置位,表示周期起点为每月的1日零点零分零秒,当W位被置位,表示周期起点为每周周日的零点零分零秒,当D位被置位,表示周期起点为每天的零点零分零秒,当H位被置位,表示周期起点为每个整点,即每时的零分零秒,当MI位被置位,表示周期起点为每分钟的零秒。A method for expressing a cycle start point by using a Periodic Action List Atom according to an embodiment of the present disclosure is as follows: For example, the Y bit in FIG. 4 is set, indicating that the start of the cycle is January 1st, zero, zero, and zero seconds of each year. When the MO bit is set, it indicates that the start of the cycle is 0:00:00 on the 1st of each month. When the W bit is set, it indicates that the start of the cycle is zero, zero, and zero seconds per week, when the D bit Set to indicate that the start of the cycle is zero, zero, and zero seconds per day. When the H bit is set, it indicates that the start of the cycle is each hour, that is, zero minute and zero seconds per time. When the MI bit is set, it indicates The start of the cycle is zero seconds per minute.

本公开实施例中,第一网元可以将由Periodic Action List Atom和/或Integer32 List Atom构成的控制周期信息置于FlowSpec消息的中,例如置于FlowSpec消息的属性域。In the embodiment of the present disclosure, the first network element may place the control period information composed of the Periodic Action List Atom and/or the Integer32 List Atom in the FlowSpec message, for example, in the attribute field of the FlowSpec message.

本公开实施例中,第二网元可以根据FlowSpec消息中的由Periodic Action List Atom和/或Integer32 List Atom构成的控制周期信息确定对目标流量执行动作的周期和每个周期内执行动作的开始时间和动作的持续时长(或动作的结束时间),例如,第二网元根据FlowSpec消息的属性域中的由Periodic Action List Atom和/或Integer32 List Atom构成的控制周期信息确定对目标流量执行动作的周期。In the embodiment of the present disclosure, the second network element may determine, according to the control period information composed of the Periodic Action List Atom and/or the Integer32 List Atom in the FlowSpec message, a period of performing an action on the target traffic and a start time of performing the action in each cycle. And the duration of the action (or the end time of the action), for example, the second network element determines to perform an action on the target traffic according to the control cycle information composed of the Periodic Action List Atom and/or the Integer32 List Atom in the attribute field of the FlowSpec message. cycle.

需要注意的是,以上设置控制周期信息的方法只是举例说明,只要能够使第二网元根据控制周期信息确定出执行动作的周期之间的间隔和每个 周期内每次执行动作的起始时间和每次动作的执行时长(或者每次执行动作的起始时间和每次执行动作的结束时间)并据此对目标流量进行周期性控制,控制周期信息的其他设置方法也应属于本公开实施例中设置控制周期信息的方法。It should be noted that the above method for setting the control period information is only an example, as long as the second network element can determine the interval between the periods in which the action is performed and the start time of each action in each period according to the control period information. And the execution time of each action (or the start time of each action and the end time of each action) and periodically control the target flow according to this, and other setting methods of the control cycle information should also belong to the implementation of the present disclosure. In the example, the method of setting the control period information is set.

在一实施例中,第一网元将控制周期信息可以置于FlowSpec消息的属性域中。In an embodiment, the first network element may place control period information in an attribute field of the FlowSpec message.

本公开实施例中,第一网元可以将控制周期信息置于FlowSpec消息的属性域中。例如,第一网元按照现有方式将控制对象信息和控制方式信息置于FlowSpec消息中,之后,第一网元将控制周期信息置于FlowSpec消息的属性域中;第一网元也可以将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息的属性域中。In the embodiment of the present disclosure, the first network element may place the control period information in an attribute domain of the FlowSpec message. For example, the first network element places the control object information and the control mode information in the FlowSpec message according to the existing manner, after which the first network element places the control period information in the attribute domain of the FlowSpec message; the first network element may also The control object information, the control mode information, and the control cycle information are placed in the attribute field of the FlowSpec message.

在一实施例中,第二网元可以从FlowSpec消息的属性域中获取控制周期信息。In an embodiment, the second network element may obtain control period information from an attribute domain of the FlowSpec message.

本公开实施例中,第二网元从FlowSpec消息中获取控制周期信息并对目标流量进行周期性控制,其中,若控制周期信息位于FlowSpec消息的属性域中,则第二网元从FlowSpec消息的属性域中获取控制周期信息并对目标流量进行周期性控制。In the embodiment of the present disclosure, the second network element obtains the control period information from the FlowSpec message and performs periodic control on the target traffic. If the control period information is located in the attribute domain of the FlowSpec message, the second network element is from the FlowSpec message. The control period information is obtained in the attribute domain and the target traffic is periodically controlled.

在一实施例中,第一网元将控制周期信息置于BGP Community Container中。In an embodiment, the first network element places control period information in the BGP Community Container.

BGP Community Container的Header(头部)格式如图5所示,其中BGP Community Container的头部包括类型域、Flags(标志)域(其中包括C、T标志)、Reserved(保留)域、长度域。The Header format of the BGP Community Container is shown in Figure 5. The header of the BGP Community Container includes the type field, the Flags field (including the C and T flags), the Reserved field, and the length field.

如图6所示,本公开实施例提供的一种携带控制周期信息的BGP Community Container的具体参数的可能结构,例如可以将其定义为BGP Periodic Action Community(边界网关协议周期性动作团体),BGP Periodic  Action Community Type值在标准化后由IANA分配,用以表示该BGP Periodic Action Community为包含控制周期信息的BGP Community Container,其属性域中的Source AS Number(源AS号码)域为产生控制周期信息的网元的AS号码,Context AS Number(上下文AS号码)域为需要执行这个BGP Community Container的第二网元的AS号,TLVs包含由Periodic Action List Atom601和Integer32 List Atom602构成的控制周期信息。As shown in FIG. 6 , a possible structure of a specific parameter of a BGP Community Container carrying control period information is provided by the embodiment of the present disclosure, for example, it can be defined as a BGP Periodic Action Community (BGP). The Periodic Action Community Type value is assigned by the IANA after standardization to indicate that the BGP Periodic Action Community is a BGP Community Container containing control period information, and the Source AS Number field in the attribute domain is for generating control period information. The AS number of the network element, the Context AS Number field is the AS number of the second network element that needs to execute the BGP Community Container, and the TLVs contain control period information composed of the Periodic Action List Atom 601 and the Integer32 List Atom 602.

在一实施例中,第二网元从BGP Community Container中获取控制周期信息。In an embodiment, the second network element obtains control period information from the BGP Community Container.

本公开实施例中,第二网元从FlowSpec消息中获取控制周期信息并对目标流量进行周期性控制,其中,若控制周期信息位于BGP Periodic Action Community中,则第二网元从BGP Periodic Action Community中获取控制周期信息并对目标流量进行周期性控制。In the embodiment of the present disclosure, the second network element obtains the control period information from the FlowSpec message and performs periodic control on the target traffic. If the control period information is located in the BGP Periodic Action Community, the second network element is from the BGP Periodic Action Community. The control cycle information is obtained and the target traffic is periodically controlled.

在一实施例中,第一网元将控制周期信息置于BGP Wide Community中,BGP Wide Community为类型为1的BGP Community Container。In an embodiment, the first network element places the control period information in the BGP Wide Community, and the BGP Wide Community is a BGP Community Container of type 1.

本公开实施例中,第一网元可以将控制周期信息置于BGP Wide Community中。本公开实施例中的BGP Wide Community是BGP Community Container的类型之一,具有BGP Community Container的如图5所示的头部,其中BGP Community Container的类型值为1。In the embodiment of the present disclosure, the first network element may place the control period information in the BGP Wide Community. The BGP Wide Community in the embodiment of the present disclosure is one of the types of the BGP Community Container, and has a header of the BGP Community Container as shown in FIG. 5, where the BGP Community Container has a type value of 1.

BGP Wide Community携带的参数和格式如图7所示,包括Community Value(团体值)、源AS号码、上下文AS号码以及Optional(可选)的TLVs参数。The parameters and format carried by the BGP Wide Community are shown in Figure 7, including the Community Value (source value), source AS number, context AS number, and Optional (optional) TLVs parameters.

其中,TLVs可以包括BGP Wide Community Parameter(s)TLV(边界网关协议宽团体参数TLV),BGP Wide Community Parameter(s)TLV的结构如图8所示,BGP Wide Community Parameter(s)TLV的一种可行的设置方式 为:sub-type(子类型)为3,Length为Value域的实际长度,单位是字节,值域由TLV形式的原子组成。第一网元可以将控制周期信息置于BGP Wide Community Parameter(s)TLV中。The TLVs may include a BGP Wide Community Parameter(s) TLV (Border Gateway Protocol Wide Community Parameter TLV), and the BGP Wide Community Parameter(s) TLV has a structure as shown in FIG. 8 , and a BGP Wide Community Parameter(s) TLV. The feasible setting method is: sub-type (subtype) is 3, Length is the actual length of the Value field, the unit is byte, and the value range is composed of atoms in the form of TLV. The first network element may place control period information in the BGP Wide Community Parameter(s) TLV.

本公开实施例中,为了表示BGP Wide Community携带了控制周期信息,可以在BGP Wide Community的特定位置的值设置为预设值,其中,预设值可以由IANA分配。例如,第一网元将图7所示的BGP Wide Community的Community Value设置为预设值,则第二网元在确定收到的BGP Wide Community的Community Value为预设值后,确定该BGP Wide Community携带了控制周期信息。In the embodiment of the present disclosure, in order to indicate that the BGP Wide Community carries the control period information, the value of the specific location of the BGP Wide Community may be set to a preset value, where the preset value may be allocated by the IANA. For example, if the first network element sets the Community Value of the BGP Wide Community shown in FIG. 7 to a preset value, the second network element determines the BGP Wide after determining that the received Community Value of the BGP Wide Community is a preset value. The Community carries control cycle information.

以上表示BGP Wide Community携带控制周期信息的方法只是举例说明,在BGP Wide Community的其他位置设置预设值和/或特定值以表示BGP Wide Community携带有控制周期信息的方法,都属于本公开保护的范围。The method for carrying the control period information in the BGP Wide Community is only an example. The method of setting the preset value and/or the specific value in other locations of the BGP Wide Community to indicate that the BGP Wide Community carries the control period information is protected by the disclosure. range.

在一实施例中,第二网元从BGP Wide Community中获取控制周期信息,其中BGP Wide Community为Type为1的BGP Community Container。In an embodiment, the second network element obtains control period information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.

本公开实施例中,第二网元从FlowSpec消息中获取控制周期信息并对目标流量进行周期性控制,其中,若控制周期信息位于BGP Wide Community中,则第二网元从BGP Wide Community中获取控制周期信息,其中BGP Wide Community为类型Type为1的BGP Community Container。In the embodiment of the present disclosure, the second network element obtains the control period information from the FlowSpec message and performs periodic control on the target traffic. If the control period information is located in the BGP Wide Community, the second network element is obtained from the BGP Wide Community. Control period information, where BGP Wide Community is a BGP Community Container of type Type 1.

如图9所示,本公开实施例提供的一种携带控制周期信息的BGP Wide Community,例如可以将其定义为BGP Periodic Action Wide Community(边界网关协议周期性动作宽团体),其中,由Periodic Action List Atom901和Integer32 List Atom902构成的控制周期信息903位于TLVs中的BGP Wide Community Parameter(s)TLV904中。As shown in FIG. 9 , a BGP Wide Community carrying control period information provided by an embodiment of the present disclosure may be defined as a BGP Periodic Action Wide Community, for example, by a Periodic Action. The control period information 903 composed of the List Atom 901 and the Integer 32 List Atom 902 is located in the BGP Wide Community Parameter(s) TLV 904 in the TLVs.

第二网元收到如图9所示的BGP Periodic Action Wide Community后,从BGP Periodic Action Wide Community中获取控制周期信息。After receiving the BGP Periodic Action Wide Community as shown in Figure 9, the second NE obtains control period information from the BGP Periodic Action Wide Community.

以上设置FlowSpec的方法只是举例说明,其他方案例如定义新的用于携带控制周期信息的Community(例如,BGP Community Container或者BGP Wide Community以外的Community)也属于本专利保护范围。The above method of setting the FlowSpec is only an example. Other schemes, for example, defining a new Community (for example, BGP Community Container or Community other than the BGP Wide Community) for carrying control period information are also covered by this patent.

下面举例说明本公开实施例中第一网元设置控制周期信息的方法,其中FlowSpec消息为BGP Periodic Action Wide Community:The following describes a method for setting control period information of a first network element in the embodiment of the present disclosure, where the FlowSpec message is a BGP Periodic Action Wide Community:

假设每天的晚上7:00至10:00需要对流采取周期性动作,且Periodic Action List Atom中表示动作周期间隔为一天的特定比特置位,同时还表示周期起点为每天的零点零分零秒,Integer32 List Atom中的第一个4字节表示起点时间与动作开始时间之间的时长(单位为秒),Integer32 List Atom中的第二个4字节表示起周期性动作的持续时长(单位为秒),则根据图9所示的设置控制周期信息的方法,可以对Periodic Action List Atom901以及Integer32 List Atom902进行以下设置:置位Periodic Action List Atom901的Value中表示动作周期间隔为一天的特定比特位,并将Integer32 List Atom902中的第一个4字节整数设置为68400(即表示0点过后19(68400秒/3600秒/每小时=19小时)小时为动作开始的时间点),将Integer32 List Atom002中的第二个4字节整数设置为10800(即表示动作持续时长为3(10800秒/3600秒/每小时=3小时)小时)。Assume that a periodic action is required for convection from 7:00 to 10:00 every day, and a specific bit in the Periodic Action List Atom indicating that the action cycle interval is one day is set, and that the start of the cycle is zero, zero, zero, and zero per day. The first 4 bytes in the Integer32 List Atom represent the duration (in seconds) between the start time and the start time of the action. The second 4 bytes in the Integer32 List Atom indicate the duration of the periodic action (unit) For the second), according to the method of setting the control period information shown in FIG. 9, the following settings can be made for the Periodic Action List Atom 901 and the Integer32 List Atom 902: the value of the Periodic Action List Atom 901 is set to indicate a specific bit with an action period interval of one day. Bit, and set the first 4-byte integer in Integer32 List Atom902 to 68400 (that is, after the 0 o'clock, 19 (68400 sec / 3600 sec / hour = 19 hours) hour is the time point when the action starts), Integer32 The second 4-byte integer in List Atom002 is set to 10800 (that is, the duration of the action is 3 (10800 seconds / 3600 seconds / hour = 3 hours) hours) .

下面以图10说明本公开实施例中第一网元与第二网元进行流量控制的流程:The flow of the flow control of the first network element and the second network element in the embodiment of the present disclosure is described below with reference to FIG. 10:

步骤1001:第一网元将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中;Step 1001: The first network element places the control object information, the control mode information, and the control period information in a FlowSpec message.

步骤1002:第一网元向第二网元发送FlowSpec消息;Step 1002: The first network element sends a FlowSpec message to the second network element.

步骤1003:第二网元接收第一网元发送的FlowSpec消息;Step 1003: The second network element receives the FlowSpec message sent by the first network element.

步骤1004:第二网元根据FlowSpec消息中的控制对象信息确定目标流量,并根据FlowSpec消息中的控制方式信息和控制周期信息对目标流量进 行周期性控制,之后结束本流程。Step 1004: The second network element determines the target traffic according to the control object information in the FlowSpec message, and periodically controls the target traffic according to the control mode information and the control cycle information in the FlowSpec message, and then ends the process.

基于同一发明构思,本公开实施例还提供了一种控制流量的第一网元。由于该第一网元解决问题的原理与本公开实施例相似,因此该第一网元的实施可以参见本公开方法的实施,重复之处不再赘述。Based on the same inventive concept, an embodiment of the present disclosure further provides a first network element that controls traffic. The principle of the first network element is similar to the embodiment of the present disclosure. Therefore, the implementation of the first network element may refer to the implementation of the method in the disclosure, and details are not repeated herein.

如图11所示,本公开实施例提供的一种控制流量的第一网元,包括:As shown in FIG. 11 , a first network element for controlling traffic according to an embodiment of the present disclosure includes:

消息生成模块1101,配置为将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中;The message generating module 1101 is configured to: the control object information, the control mode information, and the control period information are placed in the FlowSpec message;

发送模块1102,配置为向第二网元发送FlowSpec消息,以使第二网元根据控制对象信息确定目标流量并根据控制方式信息和控制周期信息对目标流量进行周期性控制。The sending module 1102 is configured to send a FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and periodically controls the target traffic according to the control mode information and the control period information.

在一实施例中,消息生成模块1101配置为将控制周期信息置于FlowSpec消息的属性域中。In an embodiment, the message generation module 1101 is configured to place control period information in an attribute field of the FlowSpec message.

在一实施例中,消息生成模块1101配置为将控制周期信息置于BGP Community Container中。In an embodiment, the message generation module 1101 is configured to place control cycle information in the BGP Community Container.

在一实施例中,消息生成模块1101配置为将控制周期信息置于BGP Wide Community中,其中BGP Wide Community为Type为1的BGP Community Container。In an embodiment, the message generation module 1101 is configured to place the control period information in the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of Type 1.

在一实施例中,控制周期信息,包括下列中的部分或全部:In an embodiment, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作 的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

基于同一发明构思,本公开实施例还提供了一种控制流量的第二网元。由于该第二网元解决问题的原理与本公开实施例相似,因此该第二网元的实施可以参见本公开方法的实施,重复之处不再赘述。Based on the same inventive concept, an embodiment of the present disclosure further provides a second network element that controls traffic. The principle of the second network element is similar to that of the embodiment of the present disclosure. Therefore, the implementation of the second network element may refer to the implementation of the method in the disclosure, and details are not repeated herein.

实际应用时,消息生成模块1101可由第一网元中的处理器实现,发送模块1102可由第一网元中的通信接口实现,具体地,在处理器的控制下通信接口向第二网元发送相应的信息。In actual application, the message generating module 1101 can be implemented by a processor in the first network element, and the sending module 1102 can be implemented by a communication interface in the first network element. Specifically, the communication interface sends the communication interface to the second network element under the control of the processor. Corresponding information.

其中,处理器需要读取存储器中存储的信息(即计算机程序),并运行计算机程序后实现其功能。Among them, the processor needs to read the information stored in the memory (ie, the computer program), and run the computer program to realize its function.

基于此,本公开实施例还提供了一种存储介质,具体为计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现上述第一网元侧任一方法的步骤。Based on this, an embodiment of the present disclosure further provides a storage medium, specifically a computer readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor, the steps of any method on the first network element side are implemented. .

如图12所示,本公开实施例提供的一种控制流量的第二网元,包括:As shown in FIG. 12, a second network element for controlling traffic according to an embodiment of the present disclosure includes:

接收模块1201,配置为接收第一网元发送的FlowSpec消息;The receiving module 1201 is configured to receive a FlowSpec message sent by the first network element.

控制模块1202,配置为根据FlowSpec消息中的控制对象信息确定目标流量并根据FlowSpec消息中的控制方式信息和控制周期信息对目标流量进行周期性控制。The control module 1202 is configured to determine the target traffic according to the control object information in the FlowSpec message and periodically control the target traffic according to the control mode information and the control cycle information in the FlowSpec message.

在一实施例中,控制模块1202配置为从FlowSpec消息的属性域中获取控制周期信息。In an embodiment, the control module 1202 is configured to obtain control cycle information from an attribute domain of the FlowSpec message.

在一实施例中,控制模块1202配置为从边界网关协议团体容器BGP Community Container中获取控制周期信息。In an embodiment, the control module 1202 is configured to obtain control cycle information from the Border Gateway Protocol Community Container BGP Community Container.

在一实施例中,控制模块1202配置为从BGP Wide Community中获取控制周期信息,其中BGP Wide Community为类型Type为1的BGP Community Container。In an embodiment, the control module 1202 is configured to obtain control cycle information from the BGP Wide Community, where the BGP Wide Community is a BGP Community Container of type Type 1.

在一实施例中,控制周期信息,包括下列中的部分或全部:In an embodiment, the control period information includes some or all of the following:

用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed;

用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action;

控制时间信息包括:Control time information includes:

表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or

表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action.

实际应用时,控制模块1202可由第一网元中的处理器实现,接收模块1201可由第二网元中的通信接口实现,具体地,在处理器的控制下通信接口接收第一网元发送的相应信息。In actual application, the control module 1202 can be implemented by a processor in the first network element, and the receiving module 1201 can be implemented by a communication interface in the second network element. Specifically, the communication interface receives the first network element and sends the information under the control of the processor. Corresponding information.

其中,处理器需要读取存储器中存储的信息(即计算机程序),并运行计算机程序后实现其功能。Among them, the processor needs to read the information stored in the memory (ie, the computer program), and run the computer program to realize its function.

基于此,本公开实施例还提供了一种存储介质,具体为计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现上述第二网元侧任一方法的步骤。Based on this, an embodiment of the present disclosure further provides a storage medium, specifically a computer readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor, the steps of any method on the second network element side are implemented. .

另外基于上述的第一网元和第二网元,本公开实施例还提供了一种控制流量的系统,包含上述的第一网元和第二网元;In addition, based on the foregoing first network element and the second network element, the embodiment of the present disclosure further provides a system for controlling traffic, including the foregoing first network element and second network element;

具体地,第一网元配置为将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中;并向第二网元发送所述FlowSpec消息;Specifically, the first network element is configured to: the control object information, the control mode information, and the control period information are placed in the FlowSpec message; and send the FlowSpec message to the second network element;

第二网元配置为接收第一网元发送的FlowSpec消息;并根据所述FlowSpec消息中的控制对象信息确定目标流量并根据所述FlowSpec消息中的控制方式信息和控制周期信息对所述目标流量进行周期性控制。The second network element is configured to receive the FlowSpec message sent by the first network element, and determine the target traffic according to the control object information in the FlowSpec message, and target the target traffic according to the control mode information and the control period information in the FlowSpec message. Perform periodic control.

第一网元和第二网元的具体处理过程已在上文详述,这里不再赘述。The specific processing procedures of the first network element and the second network element are detailed above, and are not described herein again.

显然,本领域的技术人员可以对本公开进行各种改动和变型而不脱离 本公开的精神和范围。这样,倘若本公开的这些修改和变型属于本公开权利要求及其等同技术的范围之内,则本公开也意图包含这些改动和变型在内。It will be apparent that those skilled in the art can make various modifications and variations to the present disclosure without departing from the spirit and scope of the disclosure. Thus, it is intended that the present invention cover the modifications and the modifications

工业实用性Industrial applicability

根据本公开实施例提供的控制流量的方案,由第一网元将控制对象信息、控制方式信息以及控制周期信息置于FlowSpec消息中,使得第二网元能够根据一条FlowSpec消息中的控制对象信息、控制方式信息以及控制周期信息对流量进行周期性控制,降低了执行周期性动作时的FlowSpec消息的下发数量和难度,简化对流量进行周期性控制的步骤。According to the scheme for controlling traffic provided by the embodiment of the present disclosure, the control object information, the control mode information, and the control period information are placed in the FlowSpec message by the first network element, so that the second network element can be based on the control object information in a FlowSpec message. The control mode information and the control period information periodically control the traffic, which reduces the number and difficulty of the delivery of the FlowSpec message when the periodic action is performed, and simplifies the step of periodically controlling the traffic.

Claims (21)

一种控制流量的方法,包括:A method of controlling traffic, including: 第一网元将控制对象信息、控制方式信息以及控制周期信息置于流规范FlowSpec消息中;The first network element places the control object information, the control mode information, and the control period information in a flow specification FlowSpec message; 所述第一网元向第二网元发送所述FlowSpec消息,以使所述第二网元根据所述控制对象信息确定目标流量并根据所述控制方式信息和所述控制周期信息对所述目标流量进行周期性控制。Sending, by the first network element, the FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and according to the control mode information and the control cycle information, The target traffic is periodically controlled. 如权利要求1所述的方法,其中,所述第一网元将所述控制周期信息置于所述FlowSpec消息的属性域中。The method of claim 1 wherein said first network element places said control period information in an attribute field of said FlowSpec message. 如权利要求2所述的方法,其中,所述第一网元将所述控制周期信息置于边界网关协议团体容器BGP Community Container中。The method of claim 2 wherein said first network element places said control period information in a Border Gateway Protocol Group Container BGP Community Container. 如权利要求2所述的方法,其中,所述第一网元将所述控制周期信息置于边界网关协议宽团体属性BGP Wide Community中,所述BGP Wide Community为类型Type为1的BGP Community Container。The method according to claim 2, wherein said first network element places said control period information in a Border Gateway Protocol Wide Community attribute BGP Wide Community, said BGP Wide Community being a BGP Community Container of type Type 1 . 如权利要求1~4任一项所述的方法,其中,所述控制周期信息包括下列中的部分或全部:The method according to any one of claims 1 to 4, wherein the control period information comprises part or all of the following: 用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed; 用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action; 所述控制时间信息包括:The control time information includes: 表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or 表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action. 一种控制流量的方法,包括:A method of controlling traffic, including: 第二网元接收第一网元发送的FlowSpec消息;Receiving, by the second network element, a FlowSpec message sent by the first network element; 所述第二网元根据所述FlowSpec消息中的控制对象信息确定目标流量并根据所述FlowSpec消息中的控制方式信息和控制周期信息对所述目标流量进行周期性控制。And determining, by the second network element, the target traffic according to the control object information in the FlowSpec message, and periodically controlling the target traffic according to the control mode information and the control period information in the FlowSpec message. 如权利要求6所述的方法,其中,所述第二网元从所述FlowSpec消息的属性域中获取所述控制周期信息。The method of claim 6, wherein the second network element obtains the control period information from an attribute domain of the FlowSpec message. 如权利要求7所述的方法,其中,所述第二网元从边界网关协议团体容器BGP Community Container中获取所述控制周期信息。The method of claim 7, wherein the second network element obtains the control period information from a Border Gateway Protocol Group Container BGP Community Container. 如权利要求7所述的方法,其中,所述第二网元从边界网关协议宽团体属性BGP Wide Community中获取所述控制周期信息,其中所述BGP Wide Community为类型Type为1的BGP Community Container。The method of claim 7, wherein the second network element obtains the control period information from a border gateway protocol wide community attribute BGP Wide Community, wherein the BGP Wide Community is a BGP Community Container of type Type 1 . 如权利要求6~9任一项所述的方法,其中,所述控制周期信息,包括下列中的部分或全部:The method according to any one of claims 6 to 9, wherein the control period information includes some or all of the following: 用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed; 用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action; 所述控制时间信息包括:The control time information includes: 表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or 表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action. 一种控制流量的第一网元,包括:A first network element for controlling traffic, including: 消息生成模块,配置为将控制对象信息、控制方式信息以及控制周期信息置于流规范FlowSpec消息中;a message generating module, configured to: the control object information, the control mode information, and the control period information are placed in a flow specification FlowSpec message; 发送模块,配置为向第二网元发送所述FlowSpec消息,以使所述第二 网元根据所述控制对象信息确定目标流量并根据所述控制方式信息和所述控制周期信息对所述目标流量进行周期性控制。The sending module is configured to send the FlowSpec message to the second network element, so that the second network element determines the target traffic according to the control object information, and targets the target according to the control mode information and the control cycle information. Traffic is periodically controlled. 如权利要求11所述的第一网元,其中,所述消息生成模块配置为将所述控制周期信息置于所述FlowSpec消息的属性域中。The first network element of claim 11 wherein the message generation module is configured to place the control period information in an attribute field of the FlowSpec message. 如权利要求12所述的第一网元,其中,所述消息生成模块配置为将所述控制周期信息置于边界网关协议团体容器BGP Community Container中。The first network element of claim 12, wherein the message generation module is configured to place the control cycle information in a Border Gateway Protocol Community Container BGP Community Container. 如权利要求12所述的第一网元,其中,所述消息生成模块配置为将所述控制周期信息置于边界网关协议宽团体属性BGP Wide Community中,其中所述BGP Wide Community为类型Type为1的BGP Community Container。The first network element according to claim 12, wherein the message generating module is configured to place the control period information in a border gateway protocol wide community attribute BGP Wide Community, wherein the BGP Wide Community is of type Type 1 BGP Community Container. 如权利要求11~14任一项所述的第一网元,其中,所述控制周期信息,包括下列中的部分或全部:The first network element according to any one of claims 11 to 14, wherein the control period information includes some or all of the following: 用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed; 用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action; 所述控制时间信息包括:The control time information includes: 表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or 表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action. 一种控制流量的第二网元,包括:A second network element for controlling traffic, including: 接收模块,配置为接收第一网元发送的FlowSpec消息;a receiving module, configured to receive a FlowSpec message sent by the first network element; 控制模块,配置为根据所述FlowSpec消息中的控制对象信息确定目标流量并根据所述FlowSpec消息中的控制方式信息和控制周期信息对所述目 标流量进行周期性控制。And a control module, configured to determine a target traffic according to the control object information in the FlowSpec message, and periodically control the target traffic according to the control mode information and the control period information in the FlowSpec message. 如权利要求16所述的第二网元,其中,所述控制模块配置为从所述FlowSpec消息的属性域中获取所述控制周期信息。The second network element of claim 16, wherein the control module is configured to obtain the control cycle information from an attribute domain of the FlowSpec message. 如权利要求17所述的第二网元,其中,所述控制模块配置为从边界网关协议团体容器BGP Community Container中获取所述控制周期信息。The second network element of claim 17, wherein the control module is configured to obtain the control cycle information from a Border Gateway Protocol Community Container BGP Community Container. 如权利要求17所述的第二网元,其中,所述控制模块配置为从边界网关协议宽团体属性BGP Wide Community中获取所述控制周期信息,其中所述BGP Wide Community为类型Type为1的BGP Community Container。The second network element according to claim 17, wherein the control module is configured to acquire the control period information from a border gateway protocol wide community attribute BGP Wide Community, wherein the BGP Wide Community is of type Type 1 BGP Community Container. 如权利要求16~19任一项所述的第二网元,其中,所述控制周期信息,包括下列中的部分或全部:The second network element according to any one of claims 16 to 19, wherein the control period information comprises part or all of the following: 用于确定执行动作的周期之间的间隔的控制间隔信息;Control interval information for determining an interval between periods in which an action is performed; 用于确定每个周期内每次执行动作的起始时间和每次动作的执行时长的控制时间信息;Control time information for determining a start time of each execution of an action in each cycle and an execution time of each action; 所述控制时间信息包括:The control time information includes: 表示每个周期内每次执行动作的起始时间的信息和表示每次动作的执行时长的信息;或Information indicating the start time of each execution of the action in each cycle and information indicating the execution time of each action; or 表示每个周期内每次执行动作的起始时间的信息和表示每次执行动作的结束时间的信息。Information indicating the start time of each execution of the action in each cycle and information indicating the end time of each execution of the action. 一种存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现权利要求1~5任一项所述方法的步骤,或者实现权利要求6~10任一项所述方法的步骤。A storage medium having stored thereon a computer program, the computer program being executed by a processor to perform the steps of the method of any one of claims 1 to 5, or the method of any one of claims 6 to 10 step.
PCT/CN2018/079687 2017-05-15 2018-03-20 Method for controlling flow, network element device, and storage medium Ceased WO2018210052A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710339660.6 2017-05-15
CN201710339660.6A CN108881041A (en) 2017-05-15 2017-05-15 A kind of method and system controlling flow

Publications (1)

Publication Number Publication Date
WO2018210052A1 true WO2018210052A1 (en) 2018-11-22

Family

ID=64273265

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/079687 Ceased WO2018210052A1 (en) 2017-05-15 2018-03-20 Method for controlling flow, network element device, and storage medium

Country Status (2)

Country Link
CN (1) CN108881041A (en)
WO (1) WO2018210052A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112751814B (en) 2019-10-31 2022-04-12 华为技术有限公司 Information reporting method, data processing method and device
CN116389345B (en) 2020-03-23 2025-08-15 华为技术有限公司 Method and device for transmitting segmented routing strategy and network transmission system
CN115941223A (en) * 2021-09-26 2023-04-07 中兴通讯股份有限公司 BGP Flowspec route issuing method and device, storage medium and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140160924A1 (en) * 2012-12-06 2014-06-12 At&T Intellectual Property I, L.P. Advertising network layer reachability information specifying a quality of service for an identified network flow
CN106254152A (en) * 2016-09-19 2016-12-21 杭州华三通信技术有限公司 A kind of flow control policy treating method and apparatus
WO2017004778A1 (en) * 2015-07-06 2017-01-12 华为技术有限公司 Routing control method, device and system
CN106603417A (en) * 2015-10-16 2017-04-26 华为技术有限公司 A routing processing method, device and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140160924A1 (en) * 2012-12-06 2014-06-12 At&T Intellectual Property I, L.P. Advertising network layer reachability information specifying a quality of service for an identified network flow
WO2017004778A1 (en) * 2015-07-06 2017-01-12 华为技术有限公司 Routing control method, device and system
CN106603417A (en) * 2015-10-16 2017-04-26 华为技术有限公司 A routing processing method, device and system
CN106254152A (en) * 2016-09-19 2016-12-21 杭州华三通信技术有限公司 A kind of flow control policy treating method and apparatus

Also Published As

Publication number Publication date
CN108881041A (en) 2018-11-23

Similar Documents

Publication Publication Date Title
Manner et al. NSLP for Quality-of-Service signalling
TW201015370A (en) Method of dynamically updating network security policy rules when new network resources are provisioned in a service landscape
JP6556151B2 (en) Cloud-based network function injection for network services
CN105915510A (en) Method and device for controlling service traffic
EP2978174A1 (en) Interest return control message
WO2018210052A1 (en) Method for controlling flow, network element device, and storage medium
WO2009094917A1 (en) Method for obtaining virtual private network label and autonomous system boundary router device
US20200136932A1 (en) Enabling multiple provider software defined network programming using blockchain distributed ledgers
WO2016078431A1 (en) Policy file synchronous management method, policy synchronous server and management device
CN105228126A (en) A kind of method and system of Network Access Point trustship
CN107534556A (en) Future certificate revocation using CRL
CN102291386A (en) Method for processing server authorization and communication device thereof
WO2016086542A1 (en) Message transmission method and device, and computer storage medium
WO2020224341A1 (en) Method and apparatus for identifying tls encrypted traffic
CN111314269B (en) Address automatic allocation protocol security authentication method and equipment
CN101931583B (en) Domain routing information generation method and device, path computation method and device
CN111262724A (en) A method and device for confirming inter-domain trust relationship
WO2015192466A1 (en) Notification message transmission method and device, and computer storage medium
CN105306245A (en) Traffic engineering link information maintenance method and traffic engineering link information maintenance device
CN104158736B (en) A kind of method and apparatus for determining next-hop, issuing routing iinformation
CN105592083A (en) Method and device for terminal to have access to server by using token
CN115883088A (en) Self-control domain security parameter updating method based on BGP routing
CN103533071A (en) Update method, device and system for terminal software
CN101616128A (en) An access control method and system, and related equipment
CN106878352A (en) A method for realizing remote access, AllJoyn gateway agent, cloud server and mobile device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18801501

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 18/06/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 18801501

Country of ref document: EP

Kind code of ref document: A1