[Description of a C/U Separation Type Network System]
As a method of controlling a network system, a C/U (C: control plane/U: user plane) separation type network system, which controls a node device (user plane) from an external control device (control plane), is proposed.
As an example of a C/U separation type network system, an OpenFlow network system can be given. The OpenFlow uses a technology of OpenFlow in which a switch is controlled via a controller to control a path of a network system. Details of the OpenFlow technology are disclosed in a Non-Patent literature 1. It should be noted that OpenFlow network system is only an example.
[Description of an OpenFlow Network System]
In an OpenFlow network system, conventional switch mechanism is separated into an OpenFlow controller and an OpenFlow switch. The OpenFlow controller is a module of which a path determination process can be changed by programming from outside. The OpenFlow switch is a module which performs only packet transfer process.
In the following, OpenFlow Controller will be denoted by “controller (OFC)” and OpenFlow Switch will be denoted by “switch (OFS)” for a simplification of the description.
In an OpenFlow network system, a controller (OFC) controls a flow table of a switch (OFS) to control a behavior of the switch.
A connection is realized between a controller (OFC) and a switch (OFS) by a secure channel which uses a control message complying with an OpenFlow protocol for the controller (OFC) to control the switch (OFS).
A switch (OFS) in an OpenFlow network system means an edge switch and a core switch which constitute an OpenFlow network and are under a control of a controller. A series of flows of packet, from a reception of packet by an input side edge switch in an OpenFlow network system to a transmission of packet by an output side edge switch, is called a Flow.
A packet can be read as a frame. A difference between a packet and a frame is merely a difference of PDU (Protocol Data Unit). A packet is a PDU of TCP/IP (Transmission Control Protocol/Internet Protocol). On the other hand, a frame is a PDU of Ethernet (registered trademark).
A flow table is a table in which a flow entry is registered. In a flow entry is defined a predetermined action to be performed in regard to a packet (communication data) which matches with a predetermined condition (rule).
A rule of a flow entry is defined by a various combination using any or all of a destination address included in a header area in each protocol layer of a packet, a source address, a destination port and a source port, and is distinguishable. It should be noted that above addresses include a MAC (Media Access Control) address or an IP (Internet Protocol) address. It should be also noted that, by addition to the above, ingress port information can be used as a flow entry rule. It should be noted also that a flow entry rule can be set with a header area value of a packet which shows a flow expressed in part (or in whole) by a regular expression of a wild card “*”.
An action of a flow entry means an action such as “output to a specific port”, “discard”, “rewrite a header”, etc. For example, if identification information of an output port (such as an output port number) is shown as an action of a flow entry, a switch output a packet to a corresponding port, and if no identification information of an output port is shown, the switch discards the packet. Or, if header information is shown in an action of a flow entry, the switch rewrites a header of the packet on a basis of corresponding header information.
A switch (OFS) in an OpenFlow network system performs an action of a flow entry to a group of packets which complies with a rule of the flow entry (packet series).
At present, an OpenFlow technology is in a period of transition from a phase of research to a phase of practical use. Operation tests for a practical use are executed in a large scale network of a data center or the like. In those tests, problems related to scalability are apparent such as a problem related to flow entry synchronization. For example, there is a problem in which, if a synchronization is performed for all switches and all flow entries, a service degeneracy time, occurring at a failure or a cluster switching, becomes very long. Therefore, a technology to improve such problems is desired.