[0048] The core of the present invention is to control the flow of messages received by the CPU by setting the flow of messages within a time window, and adopt a corresponding penalty mechanism for messages that exceed the unit time window, that is, delay processing, to ensure that the flow of messages within the unit time window is delayed. The number of sent messages is basically stable, so as to achieve the purpose of optimizing the use of CPU resources and protecting the CPU when the system suffers from broadcast storms or hacker attacks.
[0049] The present invention provides a universal and simple message rate limiting method, which performs traffic rate limiting or traffic shaping on CPU messages sent by software means, and is suitable for various types of CPUs and software operating systems. The following takes the implementation on the embedded operating system Vxworks as an example to further describe the technical solution of the invention.
[0050] Please refer to figure 1 , Is the flow chart of the method for message rate limiting of the present invention. During the control process of the method, the Ethernet switch device runs a task specifically responsible for receiving messages when it is running. The present invention first embeds the corresponding code into the receiving and sending messages. In the processing function of the message task, it is processed during each message reception. The method specifically includes:
[0051] Step S10: preset the width of the time window and the number of messages allowed to pass in the time window;
[0052] Step S11: Obtain the current system time, and calculate the elapsed time of the current time window according to the deadline of the previous time window;
[0053] Step S12: Determine whether the elapsed time of the current time window is less than the width of the time window, if not, allow the message in the current time window to pass, update the expiration time of the current time window, and end (Step S13); if yes, execute (Step S14);
[0054] Step S14: Determine whether the number of messages passed in the current time window is greater than the number of messages allowed to pass, if so, calculate the number of messages that exceed the allowed number of messages, and perform punitive delay processing on the messages before allowing them to pass (step S15 ); otherwise, the message in the current time window is allowed to pass, and the expiration time of the current time window is updated (step S13).
[0055] Before step S10, the message sending and receiving task receives the message sent to the CPU, and filters the message reported to the CPU. This is because some messages may not be of interest to the system, or some protocols and functional modules require The discarded packets are filtered out in advance. For example, if the system does not start the shortest path first protocol (OSPF, Open Short Path First), the shortest path first protocol is a network routing protocol. In this step, if the OSPF protocol message is received by the receiving task, it can be directly filtered out, that is, it is directly discarded in this step without further processing; this way, it is possible to limit the amount of some messages in the sending and receiving tasks. flow control.
[0056] In step S10, the current system time is obtained through the processing function provided by the operating system and stored in the variable ulNowTicks. For example, the VxWorks system can use the sysTimeBaseIn function. The corresponding code of the present invention has been pre-embedded in the processing function, so that the corresponding processing can be obtained during each message receiving process. In this step, the elapsed time of the current time window is calculated by the difference between the current system time and the last time deadline. The calculation formula is: current time window elapsed time ulTicksGo=current system time ulNowTicks-last time window end time ulOldTicks, where the time window end time refers to the time recorded when the message passes the time window. At the initial startup, the end of the last time window is initialized to 0. The moments are counted by Tick. When a packet is received in the current time window, the number of packetsReceived is increased by one, and the PacketsReceived is preset to 0 when initialized.
[0057] In step S12, it is determined whether the current time window has timed out, that is, whether the elapsed time ulTicksGo of the current time window is less than the preset time window width ulTimeWindow, wherein the time window width is preset during initialization and is based on system performance It is set according to requirements and saved in global variables, which can be adjusted according to actual conditions during operation.
[0058] If the current time window expires, that is, when the elapsed time of the current time window is less than the preset time window width, the current time window is not over, and then it is judged whether the number of packets received in the current time window has been greater than the allowed time window. Number of packets PacketsPermit (step S14); if yes, it means that the number of packets normally received in this time window has exceeded the standard, and flow control measures need to be taken, that is, the number of packets received in the current time window has been PacketsPermit exceeds the number of packets allowed to pass in the unit time window preset during initialization. In order to optimize the use of CPU resources, the present invention controls the flow of packets that exceed the standard through a penalty mechanism to ensure that they are sent within the average unit time window. The number of messages is basically stable (step S15). The number of messages allowed to pass in the unit time window is set according to system performance and requirements, and stored in global variables. It can be adjusted according to the actual situation during operation to calculate the number of messages exceeding the allowed number. The calculation formula is : The difference between the number of packets received in the current unit time window and the number of packets allowed to pass in the preset unit time window is the number of packets exceeding the standard in the unit time window.
[0059] Among them, the penalty mechanism requires a certain amount of traffic delay processing, that is, a "penalty" delay, on the calculated over-standard packets, in order to achieve the effect of receiving shaping on the time axis. The implementation process of the punitive delay includes:
[0060] a. Calculate the number of packets exceeding the allowable number of packets based on the difference between the number of packets received in the current time window and the number of packets allowed to pass in the preset unit time window;
[0061] b. Calculate the time required to delay the packets that exceed the allowable passage according to the packet rate allowed in the unit time window;
[0062] c. Delay processing of the message that exceeds the allowable passage according to the required delay time;
[0063] d. When the delay time is reached, the message exceeding the allowable passage is allowed to pass, and the deadline of the current time window is updated.
[0064] That is to say, the penalty delay is calculated based on the average rate of allowed passing messages to calculate the required delay time. There may be many types of penalty mechanisms. The processing currently implemented by the present invention is: if the message upload rate is high, the unit time before the time window exceeds the message allowed to pass in the preset unit time window The number of PacketsPermit, then according to the number of excess packets PacketsReceived-the number of packets allowed to pass in a unit time window, PacketsPermit, then divide by the number of packets allowed to receive in the unit time window, PacketsPermit, and finally multiply by the preset time window width ulTimeWindow, you get the time that needs to be delayed, and the time is also counted in ticks. However, the present invention is not limited to the aforementioned penalty mechanism, and can also be implemented in other ways. In addition, the current message is cached, and the current message is delayed according to the calculated delay value; when the delay time is reached, the current message is allowed to pass, that is, the message is sent to the protocol stack for processing. deal with.
[0065] When the elapsed time of the current time window is not less than the time width, the current time window is ended, the current message is allowed to pass, and the number of messages received in the current time window is cleared (step S13). Take the current time ulNowTicks as the new current time window deadline, that is, ulOldTicks is equal to ulNowTicks. Then start the next processing cycle.
[0066] The present invention uses the above process to ensure that the rate of messages sent to the CPU within a unit time window is limited to a certain time range. If the rate of messages sent to the CPU exceeds the standard in a short time, a corresponding "penalty" delay mechanism is adopted to Ensure that the number of packets sent to the CPU in the average unit time window is basically stable. When the average rate of sending CPU messages is not large but occasionally there is a large peak rate, the method of the present invention can effectively realize the protection of the CPU and can ensure that important messages are not lost. During the delay, the operating system can schedule the CPU to handle other tasks.
[0067] In addition, the present invention also provides another message rate limiting method, the flow chart of which is detailed in figure 2 , The method includes the steps:
[0068] Step H10: preset the width of the time window and the number of messages allowed to pass in the time window;
[0069] Step H11: Obtain the current system time, and calculate the elapsed time of the current time window according to the deadline of the previous time window;
[0070] Step H12: Determine whether the elapsed time of the current time window is less than the width of the time window, if not, allow the message in the current time window to pass, update the expiration time of the current time window, and end (Step H13); if yes, execute (Step H14);
[0071] Step H14: Determine whether the number of packets passed in the current time window is greater than the preset number of packets allowed to pass. If yes, discard the packets that exceed the standard and end (step H15); otherwise, allow the current time window to receive and send normally Until the preset number of messages passed (step H16).
[0072] The method described in the present invention can also ensure that the rate of messages allowed to be sent to the CPU within a unit time window is limited within a certain range. Said method is mainly to directly discard the message sent to the CPU when the message has exceeded the standard. Although packets may be lost during the implementation process, this method can effectively protect the CPU when there are many device operating protocols and the CPU load is heavy.
[0073] The message rate limiting method described in the present invention is a simplification of the first message rate limiting method, and its implementation steps are partially similar to those of the first method, specifically:
[0074]Before step H10, the message sending and receiving task receives the message sent to the CPU, and filters the message reported to the CPU. This is because some messages may be of no interest to the system, or some protocols and functional modules require The discarded packets are filtered out in advance. For example, if the system does not start the shortest path first protocol (OSPF, Open Short Path First), the shortest path first protocol is a network routing protocol. In this step, if the OSPF protocol message is received by the receiving task, it can be directly filtered out, that is, it is directly discarded in this step without further processing; this way, it is possible to limit the amount of some messages in the sending and receiving tasks. flow control.
[0075] In step H10, the current system time is obtained through the processing function provided by the operating system and saved in the variable ulNowTicks. For example, the VxWorks system can use the sysTimeBaseIn function. The corresponding code of the present invention has been pre-embedded in the processing function, so that the corresponding processing can be obtained during each message receiving process. In this step, the elapsed time of the current time window is calculated by the difference between the current system time and the last time deadline. The calculation formula is: the elapsed time ulTicksGo of the current time window is the current system time ulNowTicks minus the last time window end time ulOldTicks, where the time window end time refers to the time recorded when the message passes the time window. At the initial startup, the end of the last time window is initialized to 0. The moments are counted by Tick. When a packet is received in the current time window, the number of packetsReceived is increased by one, and the PacketsReceived is preset to 0 when initialized.
[0076] In step H12, it is determined whether the current time window has timed out, that is, whether the elapsed time ulTicksGo of the current time window is less than the preset time window width ulTimeWindow, wherein the time window width is preset during initialization and is based on system performance It is set according to requirements and saved in global variables, which can be adjusted according to actual conditions during operation. If the elapsed time of the current time window is less than the preset time window width, the current time window has ended, and then it is judged whether the number of packets passed in the current time window has been greater than the allowed number, and if it is not exceeded, the The number of normally received packets in the time window will be sent normally, and the upload will be stopped until the predetermined limit is reached, and the processing will end; if it exceeds, it means that the number of normally received packets in the time window has exceeded the standard, and all packets will be discarded directly. Describe the packets that exceed the standard.
[0077] If the elapsed time of the current time window is not less than the preset time window width, the message within the current time window is allowed to pass, and the current time window is ended, the number of the current time window is cleared, and the expiration of the current time window is updated Time ulOldTicks.
[0078] The process described in this method can also effectively ensure that the rate of packets allowed to be sent to the CPU is limited within a certain range within a unit time window. If the CPU message sent exceeds the limit within the unit time window, the message is directly discarded. This method may lose packets, but it can also protect the CPU well, because it is more suitable when the device has a variety of operating protocols, rich support features, and heavy CPU load.
[0079] In addition, the present invention further provides a message rate limiting method, which is an optimized method for message rate limiting when the CPU load is heavy. The flowchart is detailed in image 3. When the CPU load is heavy, this method uses separate queues for operation, and sets different thresholds in each queue to ensure that important messages with higher priority are sent first to ensure that important messages are basically not discarded. Among them, the implementation of the sub-queue is to forward each message to the hardware queue of the CPU. image 3 According to the method for controlling the flow of messages, the method can set a larger number of messages passing per unit time for a high priority queue and a smaller number of messages passing per unit time for a low priority queue, so as to achieve control of the CPU While protecting, hierarchical control and services for different businesses.
[0080] Such as image 3 The optimization process of the message rate limiting method shown includes the steps:
[0081] Step M10: respectively preset the time window width of each queue and the number of messages allowed to pass in the time window;
[0082] Step M11: Obtain the current system time, and calculate the elapsed time of the current time window according to the deadline of the previous time window;
[0083] Step M12: Respectively judge whether the elapsed time of the current time window is less than the width of the time window, if not, allow the message in the current time window to pass, update the expiration time of the current time window, and end (step M13); if yes, Go to step M14;
[0084] Step M14: Determine whether the number of packets in each queue that has passed through the current time window is greater than the number of packets allowed to pass in each queue. If so, calculate the number of packets that exceed the allowed number and allow them to be delayed after processing. Pass (step M15); otherwise, allow the messages in each current time window to pass, and update the expiration time of the current time window (step M13).
[0085] The similarities between the method and the above method will not be repeated here. The difference is that the received message is first divided into different queues according to the type or priority of the message, and then according to each queue The different priority is used to preset the number of packets allowed to pass in a unit time window, set a larger number of packets to pass in a unit time window for high priority queues, and set a smaller unit time for low priority queues The number of packets passing through the window, so that when the number of packets in each queue that has passed through the current time window is greater than the number of packets allowed by each queue, first calculate the number of packets that each queue exceeds the allowed number, and then proceed After the traffic is delayed, it is allowed to pass. Among them, the specific implementation process of flow control (that is, flow delay processing) for data packets that exceed the standard includes: the difference between the number of packets received through the current time window of each queue and the number of packets allowed to pass in the preset unit time window To calculate the number of packets that each queue exceeds the allowable passage; according to the rate of packets allowed to pass in the unit time window of each queue to calculate the delay time for each queue to exceed the allowable packets, the calculation formula for calculating the delay time of each queue It is: the time required to delay = (the number of messages allowed to pass in the preset unit time window-the number of messages allowed to pass in the unit time window)/the number of messages allowed to be received per unit time * the width of the time window; The packets exceeding the allowable passage are respectively delayed according to the required delay time; when the delay time is reached, the packets exceeding the allowable passage of each queue are allowed to pass, and the expiration time of the current time window of each queue is updated.
[0086] The above are only the preferred embodiments of the present invention. It should be pointed out that for those of ordinary skill in the art, without departing from the principle of the present invention, several improvements and modifications can be made, and these improvements and modifications should also be made. It is regarded as the protection scope of the present invention.