Flow table rapid searching method and system under high-concurrency network environment

A network environment and flow table technology, applied in the field of network security, can solve problems such as system missed detection, and achieve the effect of reducing overhead, improving access efficiency, and high efficiency and flexibility

Active Publication Date: 2016-10-26
INST OF INFORMATION ENG CAS
View PDF1 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In terms of optimizing the search operation with the help of network locality, using FPGA and SRAM to realize the high-speed cache of the flow table can speed up the access speed. Limited by the circuit complexity of the FPGA and the capacity limitation of the SRAM

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Flow table rapid searching method and system under high-concurrency network environment
  • Flow table rapid searching method and system under high-concurrency network environment
  • Flow table rapid searching method and system under high-concurrency network environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be further described below through specific embodiments and accompanying drawings.

[0027] The general framework of the present invention is as figure 1 As shown, it consists of six parts: network interface, buffer window management module, data stream grouping module, starvation avoidance module, packet scheduler, and connection management module. The operation steps are as follows:

[0028] 1) When the traffic enters the network interface, the traffic situation is counted, and the traffic statistics are sent to the buffer window management module; the buffer window management module selects one from the preset window sizes according to the current traffic situation;

[0029] 2) According to the set window size, the data stream grouping module performs a grouping operation on the arriving data packets, and when the scheduling opportunity arrives, triggers the grouping scheduler;

[0030] 3) After receiving the trigger instruction, the packe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a flow table rapid searching method and system under a high-concurrency network environment. The method comprises the steps of: 1) counting the flow entering a network interface, setting a buffering window of a buffering area according to the counted current flow state; 2) according to the size of the set buffering window, utilizing quintuple information to group arrived data packets; 3) according to a preset scheduling strategy, scheduling each cached group, and successively sending each group to a connection management module; and 4) extracting the quintuple information of each group by the connection management module, carrying out flow table searching, finding corresponding flow table items, and using the data packets in the groups to update the information of the flow table items. The flow table rapid searching method and system are mainly suitable for a high speed network flow processing system of a backbone link, the access cost of the connection management module under the high speed network environment is optimized, and the access efficiency of the flow table is improved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a fast flow table search method and system for a high-concurrency network environment. Background technique [0002] In a high-speed network environment, efficient connection management has become a key module of existing network traffic processing systems (such as intrusion detection, traffic accounting, etc. systems). Usually, the traffic processing system architecture is mainly divided into three modules: traffic acquisition, Connection management, business processing. Connection management provides flow traceability for business processing, including three operations: search, update, and delete. In order to accurately record each connection, the connection management module must maintain a connection table (or session table), wherein each connection table item traces a connection in the network, and is responsible for recording the identification ID, sta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/865H04L47/6275
CPCH04L47/6275
Inventor 刘庆云王鹏周舟李佳杨威方滨兴郭莉
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap