The Ethernet (registered trademark) has been widely used on LANs such as an in-house LAN or in wide-area LAN services provided on, for example, L2-VPN by a communication carrier.
The wide-area LAN service is based on a network configured irrespective of Layer 3 protocol as an upper protocol. In other words, the service is based on an L3 topology-free network. Clients can freely design and operate the IP network.
The Clients can design a simple route using a static route as well as can dynamically control a route using, for example, a dynamic routing protocol such as RIP/OSPF (Routing Information Protocol/Open Shortest Path First).
Here, proposed is a ring switching method applied to a network configured by connecting Layer 2 switches having a route control function and a failure detecting mechanism in a ring shape, in which each Layer 2 switch includes an address learning table storing a MAC address and a corresponding port, and when a link failure is detected between adjacent Layer 2 switches, each of the adjacent Layer 2 switches sends a packet of a failure notification frame, and a target Layer 2 switch having received the failure notification frame records entry of MAC addresses into the switch in the failure notification frame and transfers the frame to the adjacent Layer 2 switch.
Further, proposed is a Layer 2 switch including a first controller and a second controller, in which if a Layer 2 switch positioned on a sender terminal side receives a broadcast-transferred frame, and the switch has learned a destination MAC address included in the frame and has not learned a sender MAC address, the first controller sends a virtual response frame intended to represent a response frame to be primarily sent from a destination terminal and the second controller deletes the virtual response frame received from the Layer 2 switch positioned on the sender terminal side.
Japanese Laid-open Patent publication No. 2004-147172 and Japanese Laid-open Patent publication No. 2006-279820 are related to background.
The Layer 2 switch as an Ethernet (registered trademark) switch as a MAC automatic learning function and automatically creates an MAC table. The MAC table is also called forwarding table or MAC address table.
FIG. 1A and FIG. 1B illustrate a conventional MAC learning method. A Layer 2 switch SW1 illustrated in FIG. 1A receives a MAC frame FR1 including a sender MAC address b and a destination MAC address “a”.
The Layer 2 switch SW1 references the sender MAC address of the received MAC frame to learn which port is connected to a node having which MAC address.
In the illustrated example of FIG. 1B, the Layer 2 switch SW1 learns that a port p1 having received the MAC frame FR1 is connected to a node having the sender MAC address a of the received MAC frame FR1, and registers a correspondence relationship between the MAC address “a” and the port p1 in a MAC table MT1.
The Layer 2 switch SW1 determines an output port for outputting the received MAC frame FR1 based on the MAC table MT1 storing automatic learning results. If the sender MAC address is not registered in the MAC table MT1, the frame is output from all ports but the frame-received port. This processing is called flooding.
FIG. 2A and FIG. 2B illustrate flooding processing in the case where the sender MAC address has not been learned. The Layer 2 switch SW1 illustrated in FIG. 2A receives a MAC frame FR2 having a destination MAC address “c” and the sender MAC address “a” at the port p1.
The MAC table MT1 stored in the Layer 2 switch SW1 does not register the destination MAC address “c” of the received MAC frame FR2. Thus, the Layer 2 switch SW1 outputs the MAC frame FR2 from the other ports p2 and p3 than the frame-received port p1.
Forwarding a frame based on the automatic learning function of the Layer 2 switch facilitates network management operation but might cause undesirable flooding due to failed MAC learning with some Layer 3 topologies. FIG. 3 illustrates an example of a network that might cause flooding due to failed MAC learning.
The network illustrated in FIG. 3 is a wide-area LAN (L2-VPN) connecting a head office of a client company, a data center, an xx local office, and a ww branch with one another. In FIG. 3, Layer 2 switches SW1 to SW4 are networking components for MAC frame switching on the wide-area LAN (L2-VPN).
The head office LAN has a network address A/24 and is connected to the wire-area LAN through a router R-a connected to the Layer 2 switch SW4. The router R-a has a MAC address “a”.
The data center LAN has a network address B/24 and is connected to the wire-area LAN through a router R-b connected to the Layer 2 switch SW3. The router R-b has a MAC address “b”.
The xx local office LAN has a network address C/24 and is connected to the wire-area LAN through a router R-c connected to the Layer 2 switch SW2. The router R-b has a MAC address “c”.
The ww branch LAN has a network address D/24 and is connected to the wire-area LAN through a router R-d connected to the Layer 2 switch SW1. The router R-b has a MAC address “d”.
A port p1 of the Layer 2 switch SW4 connected to the head office LAN is connected to the router R-a, and a port 3 of the Layer 2 switch SW4 is connected to the adjacent Layer 2 switch SW3.
A port p1 of the Layer 2 switch SW3 connected to the data center LAN is connected to the router R-b, a port 2 of the Layer 2 switch SW3 is connected to the adjacent Layer 2 switch SW4, and a port 3 of the Layer 2 switch SW3 is connected to the adjacent Layer 2 switch SW2.
A port p1 of the Layer 2 switch SW2 connected to the xx local office LAN is connected to the router R-c, a port 2 of the Layer 2 switch SW2 is connected to the adjacent Layer 2 switch SW3, and a port 3 of the Layer 2 switch SW2 is connected to the adjacent Layer 2 switch SW1.
A port p1 of the Layer 2 switch SW1 connected to the ww branch LAN is connected to the router R-d, and a port 2 of the Layer 2 switch SW1 is connected to the adjacent Layer 2 switch SW2.
Reference symbols MT1 and MT2 denote MAC tables the Layer 2 switches SW1 and SW2 use for forwarding a frame. The MAC tables MT1 and MT2 represent which port is used to output a MAC frame having each MAC address as a destination address.
Routing tables RT1 to RT4 are routing tables the routers R-d to R-a use for routing a packet. The routing tables RT1 to RT4 includes an I/P field and a next hop field. For ease of illustration, the next hop is represented by “N.H.” in the accompanying drawings.
The routing tables RT1 to RT4 stores network addresses in the I/P field, and the next hop field stores an IP address of a router as the next forwarding destination of a packet to be sent to a network indicated by the network address stored in the I/P field.
For example, the routing table RT4 indicates that the next forwarding destination of a packet addressed to the network address B/24 is the router R-b, indicates that the next forwarding destination of a packet addressed to the network address C/24 is the router R-c, and indicates that the next forwarding destination of a packet addressed to the network address D/24 is the router R-d.
Further, for example, the routing table RT3 indicates that the next forwarding destination of a packet addressed to the network address A/24 is the router R-a, indicates that the next forwarding destination of a packet addressed to the network address C/24 is the router R-c, and indicates that the next forwarding destination of a packet addressed to the network address D/24 is the router R-d.
In the example of the wire-area LAN illustrated in FIG. 3, the router R-c of the xx local office and the router Rd of the ww branch are given only a default router for sending a packet to the head office, and routing tables in the router R-a of the head office and the router R-c of the data center store all routes.
In addition, the router R-a of the head office distributes traffic from the xx local office and the ww branch. Such a network configuration is advantageous in that a static route does not need to be reconfigured each time a router is added or disconnected.
For example, in the case where a terminal on the ww branch LAN accesses the data center, packets sent from the ww branch toward the data center are first transmitted from the ww branch to the head office and then transferred from the head office to the data center as indicated by the dotted line in FIG. 3. Further, packets sent from the data center toward the ww branch are transmitted to the ww branch from the data center to the ww branch not through the router R-a of the head office as indicated by the dashed-dotted line in FIG. 3. Thus, traffic passes through different outward and return IP paths, between the ww branch and the data center. In other words, the traffic passes through asymmetric outward and return IP paths.
In the case of accessing the ww branch to the data center, the Layer 2 switches SW1 and SW2 on a path therebetween can learn the MAC address a of the router R-a in the head office LAN based on an address resolution protocol (ARP: Address Resolution Protocol) used by the router R-d of the ww branch.
However, a sender MAC address of a MAC header sent from the data center toward the ww branch is an address b of the router R-b of the data center LAN, and a frame having a MAC address a as a sender address is not transmitted in traffic between the data center and the ww branch. Thus, as a result of aging processing of the MAC table, entries regarding the MAC address a are deleted from the MAC table MT1 of the Layer 2 switch SW1 and the MAC table MT2 of the Layer 2 switch SW2.
FIG. 4 illustrates a state in which entries regarding the MAC address a are deleted from the MAC table MT1 of the Layer 2 switch SW1 and the MAC table MT2 of the Layer 2 switch SW2 as a result of aging processing of the MAC table. Since entries regarding the MAC address “a” are not found in the MAC table MT2, frames transferred to the data center from the ww branch by way of the head office flood in the Layer 2 switch W2.
Referring to FIG. 5, a process for deleting entries regarding the MAC address a on the network in FIG. 3 is described.
RT1a to RT1c denote a routing table and ARP table used in the router R-d, and suffixes a to c denote detailed data stored in the routing table and ARP table, which are changed over time, at a corresponding time.
The ARP table is a table storing combinations of IP address of a router as a packet destination and MAC address of the router. In the examples denoted by RT1a to RT1c, a MAC address of a router including a routing table storing an IP address in the next hop field is stored in the ARP field of the ARP table. For ease of explanation, in FIG. 5, the routing table and the ARP table are illustrated in an integral form. The same applies to the following description about the ARP table in FIGS. 14 and 21.
RT3a and RT3b denote a routing table and ARP table used in the router R-b, and suffixes “a” and “b” denote detailed data stored in the routing table and ARP table, which are changed over time, at a corresponding time.
RT4a and RT4b denote a routing table and ARP table used in the router R-a, and suffixes “a” and “b” denote detailed data stored in the routing table and ARP table, which are changed over time, at a corresponding time.
MT1a and MT1b denote a MAC table used in the Layer 2 switch SW1, and suffixes “a” and “b” denote detailed data stored in the MAC table, which is changed over time, at a corresponding time.
MT2a and MT2b denote a MAC table used in the Layer 2 switch SW2, and suffixes “a” and “b” denote detailed data stored in the MAC table, which is changed over time, at a corresponding time.
MT3a and MT3b denote a MAC table used in the Layer 2 switch SW3, and suffixes “a” and “b” denote detailed data stored in the MAC table, which is changed over time, at a corresponding time.
MT4a and MT4b denote a MAC table used in the Layer 2 switch SW4, and suffixes “a” and “b” denote detailed data stored in the MAC table, which is changed over time, at a corresponding time.
In the case where a terminal on the ww branch LAN starts accessing the data center, if no MAC entry regarding the router R-a of the head office LAN is stored in an ARP table denoted by reference symbol RT1a, the router R-d broadcast-transmits an ARP Request to inquire about the MAC entry regarding the router R-a in step S10. Reference numerals 101 and 102 represent a state where flooding occurs in the Layer 2 switches SW2 and SW3 on a path for forwarding Request.
When receiving the ARP Request, the router R-a sends back ARP Reply in step S11. The Layer 2 switches SW1 to SW3 on a path for forwarding ARP Reply learn a MAC address of the router R-a from the passing ARP Reply.
After that, in step S12, a frame 103 is sent from the router R-d to an IP address B1 of the data center LAN. The frame 103 has an IP address D1 of the ww branch LAN as a sender IP address, and an IP address B1 of the data center LAN as a destination IP address.
The frame 103 relayed with the router R-a of the head office LAN has the MAC address “a” of the router R-a as a destination MAC address and the MAC address “d” of the router R-d as a sender MAC address. Since the Layer 2 switch SW2 on the forwarding path has learned the MAC address “a” at this time point, flooding does not occur.
The router R-a having received a packet 103 sends a frame 104 obtained by replacing the sender MAC address and destination MAC address of the frame 103 by the MAC address “a” of the router R-a and the MAC address “b” of the router R-b, respectively, toward the router R-b.
The router R-b having received a packet 104 directly sends to the router R-a, a frame 105 as a response to the frame 103 in step S13. The frame 105 has an IP address B1 of the data center LAN as a destination IP address and an IP address D1 of the ww branch LAN as a destination IP address. Further, the frame 105 has the MAC address “b” of the router R-b as a sender MAC address and the MAC address “d” of the router R-d as a destination MAC address.
As described above, in the traffic passing through the asymmetric outward and return IP paths between the ww branch and the data center, a frame sent from the data center toward the ww branch does not have the MAC address “a” of the head office router R-a used to forward the frame in the traffic to the data center from the ww branch, as a sender address. Therefore, entries regarding the MAC address a of the head office router R-a are deleted due to aging processing of the MAC table at the Layer 2 switch SW2 through which traffic passes between the ww branch and the data center.
In general, the aging processing of the MAC table in the Layer 2 switch takes about 5 minutes, and the aging processing of the ARP table in the router takes about several tens of minutes to several hours. In other words, an aging period for the MAC table is generally longer than an aging period for the ARP table.
As a result, as indicated by reference symbol MT2b, during a period from when entries regarding the MAC address a of the head office router R-a are deleted from the MAC table of the SZW2 due to aging until when the MAC address “a” is deleted from the ARP table of the router R-d, frames sent from the ww branch toward the data center flood in the Layer 2 switch SW2 in step S14 as indicated by reference numeral 106.
Such a situation not only causes unnecessary flooding but also causes a substantially incommunicable state due to an occupied band.
A network configuration that would cause flooding due to failed MAC learning is conceivable besides the network configuration in FIG. 3. FIG. 6 illustrates a second example of the network that would cause flooding due to failed MAC learning.
A terminal 110 includes two network interfaces for a wired network and a wireless network. The wired-network interface has a MAC address “a” and the wireless-network interface has a MAC address “b”.
Then, an up frame is transferred to a router 113 by way of a wireless access point 111 and a Layer 2 switch 112, and a down frame is transferred to the terminal 110 by way of a Layer 2 switch 114.
With such a network configuration, the wired-network MAC address “a” of the terminal 110 fails to be learned as in the network illustrated in FIG. 3. As a result, flooding occurs in the Layer 2 switch 114.
FIG. 7 illustrates a third example of the network that would cause flooding due to failed MAC learning. In the network configuration illustrated in FIG. 7, a LAN and a WAN are connected together by a master router 120 and a backup router 121 duplexed using a virtual router redundancy protocol (VRRP: Virtual Router Redundancy Protocol) or the like.
In some cases, although a current path is switched to a path running through the backup router 121 is selected as a down path from the WAN to the LAN, a path running though the master router 120 is still selected as an up path from the LAN to the WAN. In this state, a MAC address a of a terminal 125 fails to be learned in a Layer 2 switch 126 not relaying any data between the master router 120 and the terminal as in the network of FIG. 3. As a result, flooding occurs in the Layer 2 switch 125.
FIG. 8 illustrates a fourth example of the network that would cause flooding due to failed MAC learning. In the network configuration illustrated in FIG. 8, a destination where a terminal 131 sends a frame differs from a sender that sends the received frame. This configuration example illustrates a network that provides a video distributing service. The destination is a management server that accepts a request from a terminal 131, and the sender for delivering video data is a distribution server. With this configuration, a MAC address “a” of the terminal 131 failed to be learned in a Layer 2 switch not relaying data between the management server and the terminal 131 in the network as in the network of FIG. 3. As a result, flooding occurs in the Layer 2 switch 131.
In view of the above circumstances, the device, system, computer program, and method disclosed herein relate to a frame switching device for changing frames in a frame switching network. In the device that stores an output port for outputting a frame having a corresponding address as a destination address in association with each of addresses, and executes flooding processing at the time of transferring a frame having a destination address not stored in association with an output destination port, it is intended to suppress flooding that would occur if a destination address has not been stored.