As one of route control methods of the network communication, a route control method using an open flow (OpenFlow) technique which is a control protocol of communication equipment has been studied. A network in which the route control of the open flow technique is carried out is called an open flow network.
In the open flow network, a controller such as an OFC (OpenFlow Controller) controls the behaviors of switches such as OFSs (OpenFlow switches) by operating open flow tables of the switches. The controller and the switch are connected by a secure channel for control to control the switch by using a control message based on the open flow protocol.
The switch in the open flow network configures the open flow network, and is an edge switch and a core switch which are under the control of the controller. A series of steps of the packet from reception of a packet (communication data) in the edge switch on the input side in the open flow network to transmission by the output side edge switch is called a flow.
The open flow table is a table on which a flow entry which defines a predetermined action (process content) to be carried out to a packet group (packet series) matching to a predetermined rule (the match condition) is registered.
The rule of the flow entry is defined by various combinations of a part or all of a destination address, a source address, a destination port, and a source port to distinguish, which are contained in a header region of each protocol layer of a packet and can be identified. It should be noted that it is supposed that the above-described addresses contains a MAC address (Media Access Control Address) and an IP address (Internet Protocol Address). Also, in addition to the above, data of an ingress port is usable as the rule of the flow entry.
The action of the flow entry shows operations such as “outputting to a specific port”, “discarding”, “rewriting a header”. For example, the switch outputs a packet to the port corresponding to this, if identification data (egress port number) of the output port is shown in the action of the flow entry, and discards the packet if the identification data of an output port is not shown. Or, the switch rewrites the header of the packet based on header data if the header data is shown in the action of the flow entry.
The switch in the open flow network executes the action of the flow entry to a packet group matching to the rule of the flow entry.
The details of the open flow technique are described to Non-Patent Literatures 1 and 2.
At present, the open flow technique is in a transition period from a research step to a practical use step. In such a situation, it would not be carried out to collectively replace existing legacy networks with the open flow networks. In many cases, a part of the existing network is replaced with the open flow compatible network and generally, a pilot test is carried out in a small-scale environment.
Also, usually, a large budget is not invested for such a pilot test, and the test is executed in a limited budget. In such a situation, in a “single controller type” of the existing technique, one new OFC must be prepared and it became an obstacle on the cost.
Also, it is ordinary that in the step of the pilot test, the OFC and the OFS are procured from various venders and a benchmark is taken. However, because the communication standard of the route calculation apparatus is not unified at present in an existing “route calculation apparatus cooperation method”, a network cannot be built in which the products of various venders are mixed.
Also, on the other hand, in the current open flow network environment (open flow network system), because a small-scale environment for the pilot test is in a great part, enough consideration is not carried out to a problem which would be caused in the large-scale environment.
From such a situation, a technique is demanded which does not need a new apparatus, allows the mixture of the OFC and the OFSs of various venders, and also prevents formation of a closed loop in light-weight processing even in a large scale network.
(Configuration Example of Network)
A configuration example of the open flow network system will be first described with reference FIG. 1, before a conventional problem will be described.
There are a plurality of small-scale networks that one OFC manages a plurality of OFSs in the open flow network system shown in FIG. 1 and a large scale network is configured from a combination of the plurality of small-scale networks.
The open flow network system contains hosts (host computers) 10 (10-i, i=1 to x: x is a total number), the OFSs 11 (11-j, j=1 to y: y is a total number) and the OFCs 12 (12-k, k=1 to z: z is a total number).
In the small-scale network, one OFC 12 manages a plurality of OFSs 11. Each of the small-scale networks is connected with other small-scale networks through the OFSs 11 in an uppermost layer to configure a large-scale network.
The host 10-1, the host 10-2, the host 10-3, and the host 10-4 are connected with the OFS 11-2 and the OFS 11-3 by communications lines such as LAN cables. The OFS 11-2 and the OFS 11-3 are connected with the OFS 11-1 with communications lines such as the LAN cables. It is supposed that the OFC 12-1 carries out management such as route calculation for the OFS 11-1, the OFS 11-2, and the OFS 11-3 and flow entry registration. In the same way, the host 10-5, the host 10-6, the host 10-7 and the host 10-8 are connected with the OFS 11-5 and the OFS 11-6 by communications lines such as the LAN cables. The OFS 11-5 and the OFS 11-6 are connected with the OFS 11-4 by the communications lines such as the LAN cables. It is supposed that the OFC 12-2 carries out the management such as route calculation for the OFS 11-4, the OFS 11-5, and the OFS 11-6 and the flow entry registration. In the same way, the host 10-9, the host 10-10, the host 10-11 and the host 10-12 are connected with the OFS 11-8 and the OFS 11-9 by the communication lines such as the LAN cables. The OFS 11-8 and the OFS 11-9 are connected with the OFS 11-7 by the communications lines such as the LAN cables. It is supposed that the OFC 12-3 carries out management such as the route calculation for the OFS 11-7, the OFS 11-8, and the OFS 11-9, and the flow entry registration. The OFS 11-1 and the OFS 11-4 are connected with the OFS 11-7 by the LAN cables.
In this configuration, the OFC 12-1, the OFC 12-2 and the OFC 12-3 do not have any component and procedure to exchange data mutually. That is, for example, there is no component and procedure to detect what flow entry the OFC 12-3 registers on the OFS 11-7 from the OFC 12-1 and the OFC 12-2.
(Generation of Flow Entry)
A plurality of flow entries with the format shown in FIG. 2 are registered on each of the OFSs 11 (11-j, j=1 to y).
(Format of Conventional Flow Entry)
As shown in FIG. 2, the flow entry has three fields of a “rule” field (region), an “action” field, and a “statistic data” field, when it is largely divided.
A “rule” (match condition) such as a packet type, a packet source host address, a packet destination host address is written in the rule field. The data of “IPv4” (Internet Protocol version 4), “IPv6” (Internet Protocol version 6) and so on is written in the packet type field.
An “action” (processing contents) showing how to process when receiving a packet matching to the rule, such as “discard” and “transferring to the OFS 11-n (n is optional)” is written in the action field.
“Statistic data” such as a total number of the processed packets is written in the statistic data field.
As a first example, in some OFS, it is supposed that a flow entry is registered on a flow table, and in the flow entry, “192. 168. 10. *” is written in the rule field as a transmission source, and “discard” is written in the action field as the action. It should be noted that “*” is a wild card and means optional characters of an optional length (a character string equal to or more than 0 characters). That is, a part of “*” may be something. In this case, if “192. 168. 10” is contained in the head of the source IP address of the received packet, the received packet matches to the flow entry. When a packet from “192. 168. 10. 34” arrives at the OFS, the packet matches to the flow entry and discard processing is carried out.
As a second example, it is supposed that a flow entry is registered on a flow table and the flow entry has “*. *. *. *” written as a transmission source “192. 168. 20. *” written as a destination in the rule field, and “transfer to OFS 11-n” written in the action field. When a packet transferred from “192. 168. 10. 23” to “192. 168. 20. 25” arrives at the OFS, the packet matches to the flow entry and transfer processing is carried out so as to be transferred to the OFS 11-n. It should be noted that the OFS requests the OFC to register the flow entry when a packet matching to neither of the flow entries registered on the flow table is received. The OFC calculates an efficient route appropriately and registers a flow entry defining the route of the packet on the OFS. The OFS processes the received packet according to the flow entry.
(Configuration of a Closed Loop)
Next, a case that a closed loop is formed in a network configuration of FIG. 1 will be described with reference to FIG. 3.
The network shown in FIG. 3 contains the hosts (20-i, i=1 to x), the OFSs 21 (21-j, j=1 to y) and the OFCs 22 (22-k, k=1 to z).
The host 20 (20-i, i=1 to x) is equivalent to the host 10 (10-i, i=1 to x) of FIG. 1. The OFS 21 (21-j, j=1 to y) is equivalent to the OFS 11 (11-j, j=1 to y) of FIG. 1. The OFC 22 (22-k, k=1 to z) is equivalent to the OFC 11 (11-k, k=1 to z) of FIG. 1. The hosts 20 (20-1, i=1 to x), the OFSs 21 (21-j, j=1 to y) and the OFCs 22 (22-k, k=1 to z) belong to the networks 200 (200-l, l=1 to w: w is a total number of the small-scale networks). The hosts 20-1, the OFS 21-1 and the OFC 22-1 belong to the network 200-1. The OFS 21-2, the OFC 22-2, the host 20-4, the host 20-5, the OFS 21-4 and the OFC 22-4 belong to the network 200-2. The host 20-2, the hosts 20-3, the OFS 21-3 and the OFC 22-3 belong to the network 200-3. The hosts 20-6, the OFS 21-5 and the OFC 22-5 belong to the network 200-4.
It is supposed that the network address of “192. 168. 1. 0” is assigned to the network 200-1. It is supposed that the network address of “192. 168. 2. 0” is assigned to the network 200-2. It is supposed that the network address of “192. 168. 3. 0” is assigned to the network 200-3. It is supposed that the network address of “192. 168. 4. 0” is assigned to the network 200-4. It is supposed that the network address of “192. 168. 1. 5” is assigned to the host 20-1. It is supposed that the network address of “192. 168. 3. 10” is assigned to the host 20-2. It is supposed that the network address of “192. 168. 3. 21” is assigned to the host 20-3. It is supposed that the network address of “192. 168. 4. 8” is assigned to the host 20-6. Also, it is supposed that a flow entry in which “a packet destined to “192. 168. 1. *” is transferred to the host, and packets destined to other addresses are transferred to the OFS 21-2” is registered in the OFS 21-1. Also, it is supposed that a flow entry in which “a packet destined to “192. 168. 2. *” is transferred to the host, and packets destined to other addresses are transferred to the OFS 21-3” is registered in the OFS 21-2. Also, it is supposed that a flow entry in which “a packet destined to “192. 168. 3. *” is transferred to the host” is registered in the OFS 21-3. Also, it is supposed that a flow entry in which “a packet destined to “192. 168. 2. *” is transferred to the host, and a packet destined to other addresses is transferred to the OFS 21-5” is registered in the OFS 21-4.
In this case, when issuing a packet destined to the host 20-2, the host 20-1 transmits the packet to the OFS 21-1 first. The OFS 21-1 transfers the packet destined to the host 20-2 to the OFS 21-2 according to the flow entry. The OFS 21-2 transfers the packet destined to the host 20-2 to the OFS 21-3 according to the flow entry. The OFS 21-3 transfers the packet destined to the host 20-2 to the host 20-2 according to the flow entry. Thus, the packet destined to the host 20-2 arrives at the target host. That is, a route which passes through the OFS 21-1, the OFS 21-2 and the OFS 21-3 is established for the packet from the OFS 21-1 to the host 20-2.
Also, when the host 20-4 or the host 20-5 issues a packet destined to the host 20-6, it transmits the packet to the OFS 21-4 first. The OFS 21-4 transfers the packet destined to the host 20-6 to the OFS 21-5 according to the flow entry. The OFS 21-5 transfers the packet destined to the host 20-6 to the host 20-6 according to the flow entry. That is, a route which passes through the OFS 21-4 and the OFS 21-5 is established for the packet destined to the host 20-6 from the host 20-4 or the host 20-5.
In such a case, how a packet which is issued from the host 20-3 ad destined to the host 20-6 is routed is considered. When the host 20-3 issues a packet destined to the host 20-6, it transmits the packet to the OFS 21-3 first. However, any flow entry matching to the received packet is not registered on the OFS 21-3.
Therefore, the OFS 21-3 issues an inquiry to the OFC 22-3 about handling of the packet. However, the OFC 22-3 does not have a component and a procedure to detect what flow entries other OFCs set to the OFS managed by them.
When it is adequate to transfer the packet to the OFS 21-4 based on a calculation result of a route for the packet according to a route calculation routine, the OFC 22-3 newly registers a flow entry in which “the packet destined to “192. 168. 3. *” is transferred to the host, and the packet destined to other addresses is transferred to the OFS 21-4” to the OFS 21-3. In this case, a route 24-1 of “OFS 21-3→the OFS 21-4” is established. The OFC 22-3 transfers the packet to the OFS 21-4. The OFS 21-4 transfers the packet to the host 20-6 through the OFS 21-5.
On the other hand, when it is adequate to transfer the packet to the OFS 21-1 based on the calculation result of a route according to the route calculation routine, the OFC 22-3 newly registers a flow entry in which the packet destined to “192. 168. 3. *” is transferred to the host and the packets destined to other addresses are transferred to the OFS 21-1, in the OFS 21-3. In this case, the route 24-2 of “OFS 21-3→the OFS 21-1” is established. The OFC 22-3 transfers the packet to the OFS 21-1. Because the packet matches to any of the existing flow entries in the OFS 21-1, the OFS 21-1 transfers the packet to the OFS 21-2. Because the packet matches to any of the existing flow entries, the OFS 21-2 transfers the packet to the OFS 21-3. Because the packet matches to the newly registered flow entry, the OFS 21-3 transfers the packet to the OFS 21-1. In this way, because the closed loop 25-1 of “OFS 21-1→the OFS 21-2→the OFS 21-3→the OFS 21-1” is formed, the packet does not arrive at the target host.
From the above, when there are not a component and a procedure which detect what flow entry is already registered in the OFSs managed by another OFC, there is a possibility that a closed loop is formed.
(Kind of Closed Loop)
It should be noted that as a kind of closed loop, there are two kinds of a pattern shown in FIG. 4A and a patterns shown in FIG. 4B. The host 30 (30-i, i=1 to x) shown in FIG. 4A or FIG. 4B is equivalent to the host 10 (10-i, i=1 to x) of FIG. 1. The OFSs 31 (31-j, j=1 to y) shown in FIG. 4A and FIG. 4B are equivalent to the OFSs 11 (11-j, j=1 to y) of FIG. 1.
(Pattern 1)
In the pattern shown in FIG. 4A, the OFS 31-1 receives a packet from the host 30-1, and the packet matches to any of the flow entries and then the OFS 31-1 transfers the packet according to the newly registered flow entry. As a result, the packet arrives at the OFS 31-2. The packet matches to any of the existing flow entries in the OFS 31-2 and the OFS 31-3, and is transferred according to the matching flow entry. As a result, because the packet returns to the OFS 31-1 through the OFS 31-2 and the OFS 31-3, the closed loop has been formed among the OFS 31-1, the OFS 31-2 and the OFS 31-3.
(Pattern 2)
In the pattern shown in FIG. 4B, the OFS 31-4 receives a packet from the host 30-2, and the packet matches to the newly registered flow entry and is transferred according to the newly registered flow entry. As a result, the packet arrives at the OFS 31-6 through the OFS 31-4 and the OFS 31-5. The packet matches to an existing flow entry in the OFS 31-6, the OFS 31-7 and the OFS 31-8, and is transferred according to the existing flow entries. As a result, the packet returns to the OFS 31-6 through the OFS 31-7 and the OFS 31-8. Thus, a closed loop has been formed among the OFS 31-6, the OFS 31-7 and the OFS 31-8.
(Conventional Measure to Closed Loop Formation)
Conventionally, a “single controller method” shown in FIG. 5 and a “route calculation apparatus cooperation method” shown in FIG. 6 are proposed and implemented to the closed loop formation problem.
(Single Controller Method)
In the “single controller method” shown in FIG. 5, an OFC 12-4 is additionally provided to integrate the OFC 12-1, the OFC 12-2 and the OFC 12-3, in addition to the elements of FIG. 1. For example, in this configuration, the OFC 12-1 issues an inquiry to the OFC 12-4 when calculating the route of the packet. The OFC 12-4 takes account of the routes already set in the OFC 12-3 and the OFC 12-4 and sets a flow entry to the OFC 12-2 so as not to form the closed loop. However, as a drawback of the “single controller method”, if the network scale becomes large, a data amount of the flow entries set in the respective OFCs and combinations necessary for the route calculation are enormous, so that the load of the OFC 12-4 becomes heavy.
(Route Calculation Apparatus Cooperation Method)
In the “route calculation apparatus cooperation method” shown in FIG. 6, a route calculating section 121-1 operating on the OFC 12-1, a route calculating section 121-2 operating on the OFC 12-2, and a route calculating section 121-3 operating on the OFC 12-3 are provided in addition to the components of FIG. 1. The route calculating sections 121-1, 121-2, and 121-3 exchange data of registered flow entries, and adds a mechanism for calculating the route. For example, in this configuration, the OFC 12-1 inquires data of the related flow entries to the OFC 12-2 and the OFC 12-3 when calculating the route of the packet. However, in the “route calculation apparatus cooperation method”, too, if the network scale becomes large, the number of communicating OFCs and the number of the route data received from each OFC become enormous. Also, because the calculation must be carried out to combinations of them, the load of the OFC 12-1 becomes heavy.