PACKET FORWARDING METHOD AND DEVICE UTILIZING THE SAME
A packet forwarding method. The method reacts to service function events promptly by recalculating a more streamlined service function path (SFP) for a packet flow of a service function chain (SFC). Service functions (SFs) and service function forwarders (SFFs) collaborate to serve a SFC packet flow and bypass SFs belonging to the same SF group which does not provides functional service to packets of the flow.
The disclosure relates to computer techniques, and more particularly to service function chain (SFC) packet forwarding.
2. Description of Related ArtNetwork function virtualization (NFV) is becoming a key driver and architecture in many large enterprise networks. Generally, NFV realizes virtualization of certain network functions that would traditionally be implemented as separate network appliances, such as firewalls, accelerators, intrusion detection, load balances and others.
NFV implementations increasingly employ service function chains to control which functions or services are applied to network traffic. Service function chaining enables virtualized networking functions to be implemented as part of a cloud network. A service function chain defines an ordered list of a plurality of service functions that may be applied to packet flows in the network. A packet flow enters the network through a classifier node that generates a service function path for that flow according to the service function chain policy. The classifier node encapsulates each packet of the flow with a network service header that indicates the service functions to which the flow will be subjected, and the order the service functions will be applied.
Even if a sequence of service functions have been allocated for a packet flow, some of the allocated service functions may bypass processing packets in the packet flow. For example, a network function for transmission control protocol (TCP) processing may bypass processing user datagram protocol (UDP) packets in a packet flow. Repeatedly routing UDP packets to a TCP network function and bypassing processing is inefficient.
The disclosure provides a packet forwarding method for network function virtualization (NFV) and service function chain (SFC). In response to a bypass event in which a packet of a flow belonging to a service function path (SFP) is forwarded to a service function (SF) but processing of the packet by the SF is determined to be bypassed, components in the service function path cooperate to recalculate a streamlined path for packets of the flow. For example, a SFP includes a plurality of SFs including an i-th SF, a j-th SF, and a k-th SF, wherein i, j, and k are integers and i>j>k. A service function forwarder (SFF) in the SFP upon detecting that a i-th SF bypasses processing of a packet of the SFP, the SFF, rather than forwarding the packet to a j-th SF grouped with i-th SF in the SFP, directly forwards the packet to a k-th SF in the SFP. The packet thus bypass the j-th SF and a j-th SFF associated with the j-th SF. Components in the SFP may further cooperate to facilitate packets of the SFP bypass more SFs and SFFs that share the same group of the i-th SF.
With reference to
The SFC controller 100 includes a grouping module (GM) 500 operable to distribute definition of one or more SF groups. The SFC controller 100 may comprise an exemplary embodiment of a heterogeneous control/policy point as described in RFC 7665. The SFs 411, 412, 421, 422, 431, 432, and 441 respectively comprise sensitive detector module (SDM) 711, 712, 721, 722, 731, 732, and 741. The SFFs 310, 320, 330, and 340 respectively includes path recalculation module (PRM) 610, 620, 630, and 640. Each of the GM 500, SDM 711, 712, 721, 722, 731, 732, 741, PRM 610, 620, 630, and 640 may be installed as a plug-in.
With reference to
The classifier 200 may initiate a SFP as a more specific instance of the SFC created in step S14. For example, the classifier 200 may initiate an first exemplary SFP comprising a ordered set of the SFs 411, 412, 421, 422, 431, 432, and 441 as an instance of the SFC. Each of the SFFs 310, 320, 330, and 340 may receive and route packets of the SFC to the SFs according to the SFP.
With reference to
With reference to
Even though the flag 803 in the NSH 802 is utilized as an example for communication between SFs and SFFs, other fields in the NSH, such as metadata, or other channels may be utilized by SFs and SFFs to reveal the bypass event and the group information flag, and thus to achieve in-band control signaling between SFs and SFFs. Alternatively, out of band control signaling between SFs and SFFs may also be utilized. For example, an SF may report a bypass event associated with a packet in a flow to the SFC controller 100. The SFC controller 100 facilitates the SFFs to bypass SFs belonging to the same SF group which does not provides functional service to packets of the flow through out of band control signaling.
With reference to
With reference to
If SF 421 is took as an example, the SDM 721 in the SF 421 receives the first packet and detects whether a bypass event occurs in the SF 421. If no bypass event occurs in the SF 421, that is, the SF 421 actually provides functional service of the type one video optimizer to the first packet, the SDM forwards the first packet to SFF 320 and SF 422. The SDM 722 in the SF 422 receives the first packet and detects whether a bypass event occurs in the SF 422. In a condition that a bypass event is detected in the SF 422, that is, the SF 422 actually does not provide functional service of the type two video optimizer to the first packet, the SDM 722 modifies a network service header (NSH) of the first packet to further bypass one or more subsequent service functions arranged subsequent to the SF 422 in the first exemplary SFP of the first packet.
If SFF 320 is took as an example, the PRM 620 in SFF 32 receives the first packet from the SF 422 and determines whether the packet includes a group information flag in the NSH, such as the flag 803 in the NSH 802. If the packet does not include any group flag in the NSH, the exemplary SFF forwards the packet to a next hop, such as the SFF 330 and the SF 431. If the packet include a group flag in the NSH, such as the flag 803 in the NSH 802, the exemplary SFF determines whether to bypass processing of the packet by the next SF 431 in the first exemplary SFP (step S36). The exemplary SFF determines whether to bypass processing of the packet by the next SF 431 in the exemplary SFP based on whether the SF 422 and SF 431 belongs to the same group according to the definition of SF groups in Table 1. As shown in Table 1, the SFs 422, 431, and 432 belong to the same group of “Type two video optimizer”, the SFF 320 determines to bypass processing of the packet by the SF 431 and the SF 432 in the first exemplary SFP. The SFF 320 updates the NSH of the packet to bypass processing of the packet by the next SF (step S38). With reference to
With reference to
The disclosed method reacts to SF events more promptly by recalculating a more streamlined path for a packet flow of a SFP and does not relying on an SFC classifier to further classifying the SFP into a plurality of sub-divided SFP. SFs and SFFs collaborate to serve a SFC packet flow and bypass SFs belonging to the same SF group which does not provides functional service to packets of the flow. At least one member of the SF group bypasses processing a packet of the flow, triggers and reports a bypass event using a group information flag. An SFF identifies the bypass event and accordingly redirects packets of the flow.
It is to be understood, however, that even though numerous characteristics and advantages of the disclosure have been set forth in the foregoing description, together with details of the structure and function of the present disclosure, the disclosure is illustrative only, and changes may be made in detail, especially in matters of shape, size, and arrangement of parts within the principles of the present disclosure to the full extent indicated by the broad general meaning of the terms in which the appended claims are expressed.
Claims
1. A packet forwarding method executable by an electronic device, comprising:
- defining one or more service function (SF) groups;
- collecting SF information for further categorization of service functions (SFs); and
- creating at least one service function chain (SFC), retrieving and sending definition of the SF groups associated with the SFC to at least one path recalculation module (PRM) in the SFF, wherein the PRM stores the definition of SF groups.
2. The packet forwarding method of claim 1, further comprising:
- generating definition of one or more SF groups through a computerized automation process or a machine learning based categorization process.
3. The packet forwarding method of claim 1, further comprising:
- passively receiving and storing definition of one or more SF groups from an administrative user.
4. The packet forwarding method of claim 1, wherein the SF information comprises function description of the SFs, events occurs in the SFs, packets processing history, and others.
5. The packet forwarding method of claim 1, further comprising:
- receiving a first packet classified for a service function path (SFP) at a first service function (SF) in the service function path;
- determining whether a bypass event associated with the first packet and the first service function is detected;
- inserting group information of the first service function into a header of the first packet in a condition that the bypass event is detected;
- transmitting the first packet comprising the group information to a service function forwarder (SFF); and
- modifying a service index in the service function chain encapsulation of the first packet to bypass one or more subsequent service functions arranged subsequent to the first service function in the service function path of the first packet in a condition that the first packet comprises the group information.
6. The packet forwarding method of claim 5, wherein the first service function and the one or more subsequent service functions arranged subsequent to the first service function in the service function path belong to a same service function group.
7. The packet forwarding method of claim 5, wherein the modifying the header of the first packet comprises:
- modifying the header of the first packet to bypass a subsequent service function forwarder connecting the one or more subsequent service functions arranged subsequent to the first service function in the service function path of the first packet in a condition that the bypass event is detected.
8. A packet forwarding device, comprising:
- a memory operable to store a sensitive detector module;
- a processor operable to load the sensitive detector module and perform a packet forwarding method comprising: defining one or more service function (SF) groups; collecting SF information for further categorization of service functions (SFs); and creating at least one service function chain (SFC), retrieving and sending definition of the SF groups associated with the SFC to at least one path recalculation module (PRM) in the SFF, wherein the PRM stores the definition of SF groups.
9. The packet forwarding device of claim 8, further comprising:
- generating definition of one or more SF groups through a computerized automation process or a machine learning based categorization process.
10. The packet forwarding device of claim 8, further comprising:
- passively receiving and storing definition of one or more SF groups from an administrative user.
11. The packet forwarding device of claim 8, wherein the SF information comprises function description of the SFs, events occurs in the SFs, packets processing history, and others.
12. The packet forwarding device of claim 8, further comprising:
- receiving a first packet classified for a service function path (SFP) at a first service function (SF) in the service function path;
- determining whether a bypass event associated with the first packet and the first service function is detected;
- inserting group information of the first service function into a header of the first packet in a condition that the bypass event is detected;
- transmitting the first packet comprising the group information to a service function forwarder (SFF); and
- modifying a service index in the service function chain encapsulation of the first packet to bypass one or more subsequent service functions arranged subsequent to the first service function in the service function path of the first packet in a condition that the first packet comprises the group information.
13. The packet forwarding device of claim 12, wherein the first service function and the one or more subsequent service functions arranged subsequent to the first service function in the service function path belong to a same service function group.
14. The packet forwarding device of claim 12, wherein the modifying the header of the first packet comprises:
- modifying the header of the first packet to bypass a subsequent service function forwarder connecting the one or more subsequent service functions arranged subsequent to the first service function in the service function path of the first packet in a condition that the bypass event is detected.
Type: Application
Filed: Oct 26, 2020
Publication Date: Feb 11, 2021
Inventor: CHIH-CHIN CHANG (New Taipei)
Application Number: 17/080,664