In recent years, as one of route control systems in a network system, a route control method that uses the OpenFlow technique, a control protocol for communication devices, has been studied.
In the network system where a route control based on the open flow technique is performed, a control server such as an OFC (OpenFlow Controller) determines the route information, operates a flow table of the switch such as an OFS (OpenFlow Switch) in accordance with the determined route information, and thereby controls the behavior of the switch.
The flow table is a table for registering a flow entry that defines a predetermined process (an action) to be executed to a packet conformed to a predetermined matching condition (a rule). A packet group (a packet series) conformed to the rule is called a flow. The rule of the flow is defined by various combinations using some or all of: a Destination Address; a Source Address; a Destination port; and a Source Port which are included in a header region of each protocol hierarchy of the packet, and can be distinguished. Meanwhile, in the above-mentioned address, a MAC address (Media Access Control Address) and an IP address (Internet Protocol Address) are included. Further, in addition to the above description, information on an Ingress Port also can be used as the rule of the flow.
Details of the OpenFlow technique are described in Non Patent Literatures 1 and 2.
FIGS. 1 and 2 show a network system including: a switch for forwarding a packet; and a control server for determining route information as an example of a network system where the route control is performed on the basis of the OpenFlow technique. FIG. 1 shows a basic configuration of the minimum unit of the network system. FIG. 2 shows a specific configuration example of the network system.
The network system includes a control server 10 and a switch 20.
The control server 10 can determine route information 11, and can register a flow entry 22 on a flow table 21 of the switch 20 via a control channel.
The switch 20 has the flow table 21, and stores the flow entry 22. In addition, the switch 20 forwards a received packet via a link to another switch 20 or to a terminal 30 on the basis of the flow entry 22 stored in the flow table 21.
FIG. 3 shows information registered to the flow entry.
The flow entry 22 retains a match field 51, a priority 52, and an action 53 as the information.
The match field 51 is the information used for matching (collation) between the header information of the packet and the flow entry, and has: the MAC address and the IP address of the source and destination included in the header information; a VLAN ID (Virtual Local Area Network-identifier); and information related to a physical port, an application port, and the like. The priority 52 is the information related to a priority order used for determining the matching order of the flow entry. The action 53 is the information related to a process method (process details) of the packet, and has information defining to send the packet to a specific port or to discard the packet.
FIG. 4 shows the header information of the packet.
The packet retains as the header information: a MAC header 61; an IP header 62; a TCP (Transmission Control Protocol) header 63; an encrypted control message 64. As an example of the control message 64, a “Flow Mod” message for registering the entry from the controller to the flow table of the switch, the message being one of the Open Flow Protocol Messages, and the like can be considered.
The MAC header 61 has the source MAC address (the Src MAC in FIG. 4) and the destination MAC address (the Dst MAC in FIG. 4). The IP header 62 has the source IP address (the Src IP in FIG. 4) and the destination IP address (the Dst IP in FIG. 4). The TCP header 63 has the source port (the Src Port in FIG. 4) and the destination port (the Dst Port in FIG. 4).
The switch 20 refers to the header information extracted from the packet header of the received packet and to the match field 51 of the flow entry, and when the information on the same items included in them conform by the matching respectively, the switch 20 determines the action 53 of the flow entry as the action to the packet.
In FIG. 5, regarding the flow entry in each of the flow tables, the matching order is determined on the basis of the priority of each flow entry.
As described above, in the above-described network system, the switch used as the packet forwarding means and the control server used as the route information determination means are separated from each other, a configuration where one control server determines the route information of the plurality of switches is realized, and the switch and the control server are connected by a control channel. In this case, in order to prevent the communication between the switch and the control server from delaying and being interrupted, it is desired that the control channel is a dedicated line; however, a dedicated port for the switch and a dedicated link for the network are required to use the control channel as the dedicated line, and thus availability and expandability are restricted. In addition, in the case where the dedicated line of the control channel is disconnected, the switch fails to receive the control information.
As a related technique, Patent Literature 1 (JP2000-078194A) discloses a network system. In the related technique, a switch composing the network includes a plurality of connection ports, and to the ports, a transmission path, an end system, and a network server each composing the network are connected.
In addition, Patent Literature 2 (JP2003-273907A) discloses an autonomous system, a communication control method, a server, and a router. In the related technique, the autonomous system is configured by including: a plurality of BGP routers having a function for performing communication based on a BGP (Boarder Gateway Protocol) mutually with another autonomous system; a single server for intensively controlling the BGP communication due to the BGP router; and a router for relaying the communication between the server and the BGP router without having the communication function based on the BGP. The BGP router and the router can change the route information of an IP packet in itself in accordance with an order from the server.
Moreover, Patent literature 3 (JP2007-251344A) discloses a wireless communication device and a wireless communication method. In the related technique, even in the case where upstream control information included in the control information cannot be obtained because of occurrence of an error in a control channel, the upstream control information is placed in-band in a data channel, and accordingly a frame for the upstream transmission is created by using the upstream control information placed in-band.