CN105959217A - Data processing method and apparatus for SDN Mobile Ad-Hoc Network - Google Patents

Abstract

The embodiment of the invention provides a data processing method and apparatus for SDN (Software Defined Networking) Mobile Ad-Hoc Network, being able to acquire the latest connection state between a controller and a switch. The data processing method for SDN Mobile Ad-Hoc Network includes the steps: performing self-learning on a data message to be processed and constructing a first flow entry; judging whether a flow entry being identical to a matching domain of the first flow entry exists in a disaster backup flow table; if so, deleting the flow entry being identical to the matching domain of the first flow entry and adding the first flow entry in the disaster backup flow table; and if not, adding the first flow entry in the disaster backup flow table; judging whether the data message to be processed matches the first flow entry added in the disaster backup flow table; if so, according to the first flow entry in the disaster backup flow table, processing the data message; and if not, according to the default flow entry, processing the data message. Therefore, the data processing method and apparatus for SDN Mobile Ad-Hoc Network can reduce the fault recovery time when a controller malfunctions, and can improve the reliability and stability of the network.

Description

A data processing method and device for an SDN mobile ad hoc network

technical field

The present invention relates to the technical field of wireless communication network design, in particular to a data processing method and device for an SDN mobile ad hoc network.

Background technique

Ad Hoc network is a kind of centerless wireless network, which has the advantages of self-organization and rapid deployment, so it is widely used in many fields such as military, vehicle network, disaster rescue and smart city. However, the Ad Hoc network is a distributed network structure, its nodes are composed of mobile hosts, and all nodes are in the same position, so it lacks the whole network view and centralized control, and has insufficient flexibility for resource scheduling. Software Defined Networking (SDN) technology logically divides the network into a control plane and a data plane. The control and forwarding strategy of the network is deployed centrally by the controller at the control plane, and the forwarding device focuses on the data plane under the guidance of the control strategy. Processing and forwarding greatly improves network flexibility and network efficiency. Therefore, the Ad Hoc network based on SDN came into being. Specifically, an SDN-based Ad Hoc network elects a certain mobile node as a controller, and centralizes the control functions of the mobile node in the controller. The controller sends a flow table to the switch through a standard southbound interface. The processing and forwarding of the text are under centralized control, while other mobile nodes are used as switches and only retain the function of data forwarding. Therefore, an SDN-based Ad Hoc network can easily obtain a view of the entire network, and centrally deliver data forwarding policies. In this way, Ad Hoc network resources can realize centralized control and flexible resource scheduling, and improve network operation efficiency.

However, due to the strong mobility of the Ad hoc network, the dynamic network topology changes and the shortage of wireless link resources, when the mobile node with the controller function leaves the SDN network, the underlying switch loses the control of the controller and cannot process and forward new data. Even if a new controller is elected from other nodes, this period of election switching time will cause a temporary interruption of communication, resulting in a long recovery time for SDN-based Ad Hoc network failures. The fault recovery time specifically refers to the time required for the switch to process and forward new data packets after the controller is disconnected.

At present, the Openflow protocol proposed by the Open Network Foundation (ONF) and the Open vSwitch (OVS) multilayer virtual switch supporting the Openflow protocol are widely used in SDN-based Ad Hoc networks to solve the above control How to reduce the technical problem of fault recovery time after the device fails. OVS mainly solves the above problems through two working modes of "failure independent mode" and "failure safe mode". OVS not only supports the processing and forwarding of data packets on the Openflow channel, but also supports the processing and forwarding of data packets on the traditional channel. The data message is first processed on the Openflow channel. When the Openflow channel cannot be processed, it is transferred to the traditional channel for processing.

OVS is in "failure independent mode", if the controller is connected normally, the data packet will normally match the forwarding flow entry, and realize the forwarding and processing of the data packet according to the action of the matched flow entry; if the controller is disconnected On, according to the order of priority, if the action of the flow entry matched by the data packet first is to forward to the controller, and at this time, because the controller is disconnected, the switch cannot forward the data packet to the controller, but the flow The entry has a certain timeout period. After the timeout expires, the flow entry will be automatically deleted, and the data packet will match the flow entry with lower priority. For example, the action is to enter the traditional channel for data packet Process and forward flow entries to ensure normal communication when the controller is disconnected. It can be seen that in the "failure independent mode", OVS requires the controller to regularly maintain a specific flow entry with a higher priority. After the controller is disconnected and the specific flow entry times out, it cannot match new data packets. The flow entry with lower priority is discarded, affecting normal communication, and the timeout period of the specific flow entry cannot be set too small (generally greater than 1s), otherwise the time interval for the controller to issue the specific flow entry is too small, It is easy to cause communication link congestion, which affects the timeliness of flow entry distribution, so the fault recovery time is long.

In the "fail safe mode" of OVS, the OVS switch periodically sends echo messages to the controller as a probe to detect the connection status. When the echo message reply from the controller is not received within 5s, it enters the "IDLE" state from the ACTIVE state , and then send the echo message again as a probe to detect the connection status. If the echo message reply is not received within 5s, it is considered that the connection is disconnected. When the controller is disconnected, the data packet will first match the flow entry according to the priority. If the match is not found, the data packet that does not match the flow entry will be matched with an invisible one according to the connection status. The default flow entry is forwarded according to the action of the default flow entry, so as to ensure normal communication when the controller is disconnected. However, in the "fail safe mode" of OVS, when the controller is disconnected, it takes 10s to obtain the connection status, so the fault recovery time also takes about 10s, so the fault recovery time is long.

It can be seen that no matter what kind of working mode OVS is, in the case of controller failure, the recovery time of communication failure is still long, which seriously affects the reliability and stability of the network.

Contents of the invention

The purpose of the embodiments of the present invention is to provide a data processing method and device for an SDN mobile ad hoc network, so as to shorten the fault recovery time when the controller fails, thereby improving the reliability and stability of the network.

In order to achieve the above object, the embodiment of the present invention discloses a data processing method of an SDN mobile ad hoc network, which is applied to a switch, and the method includes the following steps:

Detecting the connection status between the controller and the switch according to preset rules, and obtaining the latest connection status;

When the latest connection status is disconnected, self-learning is performed on the data message to be processed, and the first flow entry is constructed according to the self-learning result;

judging whether there is a flow entry with the same matching field as the first flow entry in the disaster recovery flow table, and if so, deleting the flow entry with the same matching field as the first flow entry, and Add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to the disaster recovery flow table; wherein, the priority of the first flow entry is higher than that of the disaster recovery flow table Describe the default flow entry in the disaster recovery flow table;

Judging whether the data packet to be processed matches the first flow entry added to the disaster recovery flow table, and if so, matching the first flow entry in the disaster recovery flow table to the Process the data packet; otherwise, process the data packet according to the default flow entry.

Preferably, the switch also pre-stores a normal forwarding flow table issued by the controller, and the method further includes:

When the latest connection status is normal, match the data packet with the normal forwarding flow table to obtain a matched second flow entry, and process the data packet according to the second flow entry to process.

Preferably, the disaster recovery flow table further includes: a security current limiting flow entry, and the security current limiting flow entry has the highest priority;

The matching field of the security current limiting entry includes the address information of the destination receiving device for limiting the data message.

Preferably, performing self-learning on the data packets to be processed, and constructing the first flow entry according to the self-learning results include:

Parse the packet header of the data packet to be processed, and extract the information in the packet header of the data packet;

Construct the first flow entry according to the information in the extracted data packet header.

Preferably, the detecting the connection state between the controller and the switch according to preset rules includes:

Send a first Echo request message to the controller;

judging whether the switch receives the message sent by the controller within the set timeout period, wherein the set timeout period starts from the time when the switch receives the last message sent by the controller timekeeping;

If not, determine that the latest connection state between the controller and the switch is a disconnected state, and if yes, determine that the latest connection state between the controller and the switch is a normal state.

Preferably, the determining that the latest connection status between the controller and the switch is a normal status includes:

When the message sent by the controller is not received within the set first timeout period, it is determined that the latest connection state between the controller and the switch is an idle state in the normal state; The time of the last message sent by the controller starts counting the set first time-out period;

When it is determined that the latest connection state is an idle state, send a second Echo request message to the controller;

When the message sent by the controller is received within the set second timeout period, it is determined that the latest connection state between the controller and the switch is an active state in the normal state, wherein the set first The sum of the first timeout period and the set second timeout period is the set timeout period.

Preferably, when it is determined that the latest connection status between the controller and the switch is normal, the method further includes:

When the connection state is an active state, according to the time of sending the first Echo request message last time, and receiving the first Echo response message sent by the controller for the first Echo request message, send the first Echo request message The time interval of the request message, the set first time-out time length and the set second time-out time length are adjusted;

When the connection state is an idle state, according to the time of sending the second Echo request message and the time of receiving the second Echo response message sent by the controller for the second Echo request message, send the first Echo request message Adjust the time interval and the length of the set first timeout time.

The embodiment of the present invention also discloses a data processing device for an SDN mobile ad hoc network, which is applied to a switch, and the switch is pre-stored with a disaster recovery flow table issued by the controller, and the disaster recovery flow table is pre-stored with a default flow Table item, the device includes: a connection state detection module, a self-learning module, a first processing module and a second processing module, the connection state detection module is used to detect the connection between the controller and the switch according to preset rules Connection status, get the latest connection status;

The self-learning module is configured to perform self-learning on the data packet to be processed when the latest connection state is disconnected, and construct a first flow entry according to the self-learning result;

The first processing module is configured to determine whether there is a flow entry in the disaster recovery flow table that is the same as the matching field of the first flow entry, and if so, match the match with the first flow entry The flow entry with the same domain is deleted, and the first flow entry is added to the disaster recovery flow table; otherwise, the first flow entry is added to the disaster recovery flow table; wherein, the first flow entry is added to the disaster recovery flow table; The priority of the first-class entry is higher than the default flow entry in the disaster recovery flow table;

The second processing module is configured to determine whether the data packet to be processed matches the first flow entry added to the disaster recovery flow table, and if so, according to the disaster recovery flow table Process the data packet according to the first flow entry; otherwise, process the data packet according to the default flow entry.

Preferably, the device further includes: a normal processing module,

The normal processing module is configured to combine the data message with the normal forwarding flow table when the latest connection status is normal when the normal forwarding flow table issued by the controller is pre-stored in the switch. The forwarding flow table is matched to obtain a matched second flow entry, and the data packet is processed according to the second flow entry.

Preferably, the disaster recovery flow table further includes: a security current limiting flow entry, and the security current limiting flow entry has the highest priority;

The matching field of the security current limiting entry includes the address information of the destination receiving device for limiting the data message.

A data processing method and device for an SDN mobile ad hoc network provided by an embodiment of the present invention is applied to a switch, and can detect and obtain the latest connection status between the controller and the switch; when the latest connection status is disconnected, the datagram to be processed According to the self-learning result, the first flow entry is constructed; it is judged whether there is a flow entry in the disaster recovery flow table with the same matching field as the first flow entry, and if so, it will be matched with the first flow entry. Delete the flow entry with the same domain, and add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to the disaster recovery flow table; determine whether the data packet to be processed is the same as the one added to the The first flow entry in the disaster recovery flow table matches, if yes, the data packet is processed according to the first flow entry in the disaster recovery flow table; otherwise, the data packet is processed according to the default flow entry. Therefore, the data processing method and device of the SDN mobile ad hoc network provided by the present invention can quickly perceive the occurrence of a connection failure between the switch and the controller, and when the controller is disconnected, the new data message can be sent to the controller without blindly The processing is directly matched with the disaster recovery flow table when the connection state is disconnected to obtain the corresponding processing strategy, which shortens the fault recovery time, improves the data processing capability and efficiency of the switch, and thus improves the reliability and stability of the network In addition, when the change of the topological structure of the mobile ad hoc network causes the controller to fail, the present invention can also learn and age the flow entry in time according to the change of the connection state, so as to prevent the switch from still using the old flow entry after the change of the network topology , further improving the reliability of the network. Of course, implementing any product or method of the present invention does not necessarily need to achieve all the above-mentioned advantages at the same time.

Description of drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.

Fig. 1 is a flow chart of a data processing method for an SDN mobile ad hoc network provided by an embodiment of the present invention;

FIG. 2 is a flow chart of another SDN mobile ad hoc network data processing method provided by an embodiment of the present invention;

3 is a schematic diagram of a connection state detection principle between a controller and a switch provided by an embodiment of the present invention;

FIG. 4 is a schematic diagram of a connection state transition relationship between a controller and a switch provided by an embodiment of the present invention;

FIG. 5 is a flow chart of another SDN mobile ad hoc network data processing method provided by an embodiment of the present invention;

FIG. 6 is a flow chart of another SDN mobile ad hoc network data processing method provided by an embodiment of the present invention;

FIG. 7 is a flowchart of a data processing method for an SDN mobile ad hoc network in an actual application provided by an embodiment of the present invention;

FIG. 8 is a structural diagram of a data processing device for an SDN mobile ad hoc network provided by an embodiment of the present invention;

FIG. 9 is a structural diagram of another SDN mobile ad hoc network data processing device provided by an embodiment of the present invention;

FIG. 10 is a structural diagram of another SDN mobile ad hoc network data processing device provided by an embodiment of the present invention;

FIG. 11 is a structural diagram of another SDN mobile ad hoc network data processing device provided by an embodiment of the present invention;

FIG. 12 is a structural diagram of a data processing device for an SDN mobile ad hoc network in practical application provided by an embodiment of the present invention.

detailed description

The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

Embodiments of the present invention provide a data processing method for an SDN mobile ad hoc network and a data processing device for an SDN mobile ad hoc network, which are applied to switches, and will be described respectively below.

First, a data processing method of an SDN mobile ad hoc network is described.

As shown in Figure 1, a data processing method for an SDN mobile ad hoc network provided by an embodiment of the present invention is applied to a switch, and the switch is pre-stored with a disaster recovery flow table issued by a controller, and the disaster recovery flow Default flow entries are pre-stored in the table, and the method may include:

S100. Detect the connection state between the controller and the switch according to preset rules, and obtain the latest connection state;

First of all, it should be noted that the switches mentioned in the embodiments of the present invention may be Open vSwitch (OVS) virtual switches supporting the Openflow protocol, or other switches, and the switches mentioned in the embodiments of the present invention are mainly used in In the Ad Hoc network of SDN, of course, it can also be applied to other networks. However, for the convenience of description, in the following embodiments of the present invention, an OVS switch applied in an SDN-based Ad Hoc network and supporting the Openflow protocol is used as an example for illustration.

The controller connection state detection mechanism is mainly realized based on the finite state mechanism. The connection state between the controller and the switch may include: a normal state and a disconnected (DISCONNECTION) state, wherein the normal state may further include an active (ACTIVE) state and an idle (IDLE) state.

S200. When the latest connection state is disconnected, perform self-learning on the data packet to be processed, and construct a first flow entry according to the self-learning result;

Wherein, performing self-learning on the data packets to be processed, and constructing the first flow entry according to the self-learning results may include:

Step 1, analyzing the packet header of the data packet to be processed, and extracting the information in the packet header of the data packet;

Step 2: Construct a first flow entry according to the information in the extracted data packet header.

Specifically, the destination address matching field of the first flow entry may be the source mac address of the data packet, and the forwarding exit of the behavior is the ingress port of the data packet, that is, the data packet for self-learning may be a reverse data packet.

In the embodiment provided by the present invention, the OVS switch can directly call the self-learning function at the data processing level, so that, on the one hand, when the controller is disconnected, the data message can be sent to the controller without blindly Processing directly matches the disaster recovery flow table when the connection state is disconnected in the switch, and executes the corresponding processing strategy, which improves the data processing capability and efficiency of the switch; when the controller is connected normally, it can reduce the number of handovers to the controller. The number of data packets can effectively avoid the processing delay of the controller and reduce the burden on the controller; on the other hand, this is more in line with the idea of separating control and forwarding in the SDN network and increases flexibility; in addition, the first flow generated by self-learning The rules of the entry and the default flow entry in the disaster recovery flow table stored in the switch are the same, that is, the first flow entry generated by self-learning also includes matching domains, counters and actions, and can be added to the original disaster recovery without difference In the flow table, the original characteristics of OpenFlow and SDN are maintained, thereby ensuring the stability of the network. In addition, when the change of the topological structure of the mobile ad hoc network causes the controller to fail, the present invention can timely learn and age the flow entry according to the change of the connection state, preventing the switch from still using the old flow entry after the change of the network topology, further improving network reliability.

S300. Determine whether there is a flow entry with the same matching field as the first flow entry in the disaster recovery flow table, and if yes, delete the flow entry with the same matching field as the first flow entry , and add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to the disaster recovery flow table, wherein the priority of the first flow entry is higher than The default flow entry in the disaster recovery flow table;

Specifically, the disaster recovery flow table may be one of the flow tables issued by the controller to the switch in advance, and the flow table generally includes multiple flow table items, and the flow table items include: matching fields, counters, and actions. The matching field of OpenFlow (OpenFlow v1.3.1) is used to match the packet header and other fields of the data packet, and the action guides the processing and forwarding of the data packet matching the flow entry. In practical applications, the data packet to be processed is first matched with a flow entry with a higher priority, and then matched with a flow entry with a lower priority if no match is found. Default flow entries are pre-stored in the disaster recovery flow table, and the default flow entry has the lowest priority.

Specifically, as shown in Table 1, the matching field of the default flow entry in the disaster recovery flow table can be matched with the packet header and other fields of any data packet, and the action of the default flow entry can be flood. The data packet is forwarded out from all ports except the inbound port of the data packet.

Table 1 Disaster recovery flow table

Specifically, Table 2 is the disaster recovery flow table after inserting a self-learning first flow entry on the basis of Table 1, and its priority is higher than the default flow entry.

Table 2 Disaster recovery flow table after inserting a first flow entry

S400. Determine whether the data packet to be processed matches the first flow entry added to the disaster recovery flow table, and if so, according to the first flow entry in the disaster recovery flow table Process the data packet; otherwise, process the data packet according to the default flow entry.

Specifically, the current data packet to be processed is first matched with the first flow entry added to the disaster recovery flow table (such as Table 2), and if matched, the current data packet to be processed is processed according to the action of the first flow entry Process it; otherwise, process the currently pending data packet according to the action of the default flow entry.

Figure 2 shows the process of "detecting the connection status between the controller and the switch according to preset rules" in step S100, which may include:

S101. Send a first Echo request message to the controller;

Specifically, when an OpenFlow connection is established between the switch and the controller, it enters an active state. Then, the switch sends the first first Echo request message (Echo request) to the controller as a probe to perform connection state tracking detection.

S102. Determine whether the switch receives the message sent by the controller within the set timeout period, wherein the set timeout starts from the time when the switch receives the last message sent by the controller Time length is counted;

Specifically, it is judged whether the switch receives the Openflow message sent by the controller within the set time-out period; wherein, the set time-out period is performed from the time when the switch receives the last Openflow message sent by the controller Timing, that is, from the last active time of the Openflow message to start timing the set timeout period; this Openflow message can be any Openflow message sent by the controller to the switch, including the first Echo request message for the first An Echo response message (Echo reply).

S103. If no, determine that the latest connection state between the controller and the switch is a disconnected state, and if yes, determine that the latest connection state between the controller and the switch is a normal state.

Specifically, if the switch does not receive the Openflow message sent by the controller within the set time-out period, it is determined that the latest connection state between the controller and the switch is disconnected; If the Openflow message sent by the controller is received within a certain period of time, it indicates that the connection status is normal, and after a certain time interval, the second first Echo request message is sent as a probe to continue tracking and detection of the connection status between the switch and the controller.

Specifically, as shown in FIG. 3 , the aforementioned set timeout period is the sum of the set first timeout period t1 and the set second timeout period t2 . In step S103, determining that the latest connection state between the controller and the switch is a normal state may include:

Step 1. When the switch does not receive the Openflow message sent by the controller within the set first time-out period t1, determine that the latest connection state between the controller and the switch is an idle state in the normal state; the same , start timing the set first timeout period t1 from the time when the switch receives the last Openflow message sent by the controller, that is, start timing the set first timeout period t1 from the last active time of the Openflow message timekeeping;

Step 2, when it is determined that the latest connection state is an idle state, send a second Echo request message to the controller;

Step 3. When receiving the message sent by the controller within the set second timeout period t2, determine that the latest connection state between the controller and the switch is an active state in the normal state, wherein the The sum of the set first timeout period and the set second timeout period is the set timeout period.

In the above step three, when the Openflow message sent by the controller is not received within the set second timeout length t2, the controller and the switch enter the disconnected state from the idle state, that is, from the last time of the Openflow message After the active time begins and the time t1+t2 expires, the switch has not received the Openflow message sent by the controller, indicating that the controller has failed and the switch is in a fault state.

Of course, it can be understood that there is another situation, that is, after the switch receives the message that the controller is about to actively disconnect the connection, the controller directly enters the disconnected state from the active state.

Figure 4 shows the specific conversion relationship of the three states of active, idle and disconnected.

Preferably, when the connection state is an active state, the switch can also send the first Echo request message according to the latest time, and receive the first Echo response message sent by the controller for the first Echo request message. , the time interval for sending the first Echo request message, the first time-out length of the setting and the second time-out time length of the setting are adjusted; when the connection state is an idle state, according to sending the second Echo request message time, and the time of receiving the second Echo response message sent by the controller in response to the second Echo request message, adjust the time interval for sending the first Echo request message and the set first timeout time length.

Specifically, as shown in Figure 3, when the connection state is active, the switch can send the first first Echo request message to the first Echo response to the first first Echo request message sent by the controller The time length of the message is counted as T1, and the time length from receiving the first Echo response message to sending the second first Echo request message is counted as T2, and the sum of T1 and T2 is the switch sending the first Echo request in the active state message interval. The switch can dynamically adjust the sending interval Tx of the first Echo request message, the set first time-out time length t1 and the set second time-out time length t2 by detecting the round-trip delay T1 of the last first Echo request message;

Specifically, when the connection state is an idle state, if the switch receives an Openflow message (which may be a second Echo response message) within the second timeout period set, the connection state jumps from the idle state to the active state, which can be based on The time for sending the second Echo request message, and the time for receiving the second Echo response message sent by the controller for the second Echo request message, the time interval for sending the first Echo request message, the first overtime of setting Adjust the length.

In this way, on the one hand, intelligent management of Echo messages can be realized, thereby saving communication link resources, and on the other hand, it helps to shorten the fault recovery time after the controller fails.

In the traditional solution, the switch detects the connection status by periodically sending Echo messages. The period is long (usually 5s) and fixed. Therefore, the round-trip of echo messages cannot be affected according to link conditions (such as link congestion). Time) to dynamically adjust the sending interval of the echo message, and it is impossible to detect the failure of the controller connection in time. However, the embodiment provided by the present invention detects the connection state dynamically and in real time, can quickly perceive the occurrence of a connection failure between the switch and the controller, provides a powerful help for shortening the fault recovery time when the controller fails, and improves the reliability of the network .

As shown in Figure 5, on the basis of the embodiment shown in Figure 1, the present invention also provides another data processing method for an SDN mobile ad hoc network. Forwarding the flow table, the method may also include:

S500. When the latest connection state is normal, match the data packet with the normal forwarding flow table to obtain a matching second flow entry, and process the data according to the second flow entry The message is processed.

Specifically, a normal forwarding flow table is also pre-stored in the switch, and when the latest connection status is normal, the data packet is matched with the normal forwarding flow table to obtain a matching second flow entry, according to The second flow entry processes the data packet.

In addition, since the data processing method provided by the present invention can realize the processing of all data packets in the Openflow channel without entering the traditional channel, the data processing method provided by the present invention has good compatibility and is more in line with the control and communication requirements in the SDN network. Forwarding the core idea of separation.

Preferably, as shown in FIG. 6, when the controller and the switch are disconnected, in order to ensure the security of the data message, the embodiment of the present invention also provides another data processing method for the SDN mobile ad hoc network. In the switch, the switch pre-stores a disaster recovery flow table issued by the controller, and the disaster recovery flow table pre-stores a default flow entry and a security current limiting flow entry, wherein the security current limiting flow table item has the highest priority, the method can include:

S010. Detect the connection state between the controller and the switch according to preset rules, and obtain the latest connection state;

Specifically, the connection state detection method is consistent with the method in the embodiment shown in FIG. 1 , and will not be repeated here.

S020. When the latest connection status is disconnected, check in the stored disaster recovery flow table whether there is a security current limit flow entry matching the current data message to be processed; if so, according to the security limit The flow entry processes the data packet; otherwise, self-learning is performed on the data packet to be processed, and the first flow entry is constructed according to the self-learning result;

Specifically, the disaster recovery flow table may pre-store at least one security current limiting flow entry; since the security current limiting flow entry has the highest priority in the disaster recovery flow table, firstly, it is checked in the disaster recovery flow table whether There is a security rate limiting entry matching the current data packet to be processed. When a security rate limiting entry matching the current data packet is found, the data to be processed according to the security rate limiting entry Packets are processed; when no security current limiting flow entry matching the current data packet to be processed is found, self-learning is performed on the data packet to be processed, and the first flow entry is constructed according to the self-learning result.

Specifically, as shown in Table 3, the matching field of the security current limiting flow entry can contain the address information of the destination receiving device that limits the flow of the data packet, and the action is to discard or send it to the destination receiving device, that is, the switch can choose Discard the currently pending data packet, or choose to send the currently pending data packet to the destination receiving device, or send the currently pending data packet to the destination receiving device unsuccessfully data packets are discarded.

Table 3 Disaster recovery flow table containing security flow limiting flow entries

S030. Determine whether there is a flow entry with the same matching field as the first flow entry in the disaster recovery flow table, and if so, delete the flow entry with the same matching field as the first flow entry , and add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to the disaster recovery flow table, where the priority of the first flow entry is higher than The default flow entry in the disaster recovery flow table;

Wherein, the method for constructing the first flow entry is consistent with the method in the embodiment shown in FIG. 1 , and will not be repeated here.

S040. Determine whether the data packet to be processed matches the first flow entry added to the disaster recovery flow table, and if so, according to the first flow entry in the disaster recovery flow table Process the data packet; otherwise, process the data packet according to the default flow entry.

The data processing method provided by the embodiment shown in FIG. 6 of the present invention can ensure the security of specific data packets with security requirements, and solve the problem in the prior art that when the connection between the controller and the switch is disconnected, all When all data packets are processed according to the default flow entries, the data packets will be forwarded from all ports except the inbound port of the data packet, resulting in loss of control over specific data packets with security requirements, thereby reducing communication security. question.

In practical applications, when a data packet enters a switch, it first searches for a matching flow entry in the kernel layer of the switch, and if a matching flow entry is found, the data packet is processed according to the flow entry ; If no matching flow entry is found, the data packet is sent to the user layer, and the matching flow entry is searched in the user layer, and the data packet is processed according to the found matching flow entry At the same time, the matching flow entry is sent to the kernel layer for caching, so that when the switch receives the same data packet as the data packet processed this time, it will be processed directly at the kernel layer to improve the data packet document processing efficiency. Therefore, as shown in FIG. 7 , the embodiment of the present invention also provides a data processing method of an SDN mobile ad hoc network in practical application, which is applied to a switch, and a stateful control flow table and a normal forwarding flow table are pre-stored in the switch. and a disaster recovery flow table, wherein a default flow entry is pre-stored in the disaster recovery flow table, and the method may include:

S001. Detect the connection status between the controller and the switch according to preset rules, and obtain the latest connection status;

Specifically, the detection method of the connection state is consistent with the method in step S100, and will not be repeated here.

S002. In the kernel layer of the switch, use the latest connection status between the switch and the controller as the metadata of the data message to be processed to construct a first search key with the connection status;

Specifically, when the switch receives the data packet, the switch kernel layer will call the Key value extraction function to analyze each field of the packet header of the data packet, and then combine the latest connection status to construct the first search key.

S003. Match the first lookup key with the flow table cached in the kernel layer; when no flow entry matching the first lookup key is found in the flow table cached in the kernel layer, it will be processed The data message and the first search key are sent to the user layer of the switch;

S004. In the user layer of the switch, update the first lookup key to the second lookup key with the current latest connection status;

Through the processing of step S003 and step S004, the double synchronization and encapsulation of the connection state and the search key in the kernel layer and the user layer have been realized, that is, the latest connection state is encapsulated in the first search key and the second search key, which can improve The real-time and accuracy of the switch's perception of the connection state reduces the impact of the connection state transition on network communication as much as possible.

S005. Match the second lookup key with the state control flow table; when the second lookup key matches the flow entry whose matching domain in the state control flow table is a disconnected state, jump to disaster recovery flow table;

Specifically, the disaster recovery flow table may include a security current limiting flow entry (such as Table 3), or may not include a security current limiting flow entry (such as Table 2);

Specifically, the state control flow table may include two flow entries whose matching fields are the connection state is normal and the connection state is disconnected, as shown in Table 4. When the latest connection status encapsulated in the second lookup key is normal, it matches the second flow entry in Table 4, and then executes the action of the second flow entry, that is, jumps to Table 5, Table 5 is the normal forwarding flow table;

Specifically, when the latest connection status encapsulated in the second lookup key is disconnected, it matches the first flow entry in Table 4, and then executes the action of the first flow entry, that is, jumps to the above The disaster recovery flow table 2 in the text, or, preferably, jump to the disaster recovery flow table 3 above. When jumping to table 3, first look up in table 3 whether there is a security current limiting flow entry matching the current data message to be processed; Process; otherwise, execute step S006.

Table 4 is the state control flow table used in the actual application of the embodiment of the present invention.

Table 4 State Control Flow Table

Table 5 Normal forwarding flow table

S006. Perform self-learning on the data message to be processed, and construct a first flow entry according to the self-learning result; determine whether there is a flow entry in the disaster recovery flow table that is the same as the matching domain of the first flow entry, if yes , delete the flow entry that has the same matching domain as the first flow entry, and add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to In the disaster recovery flow table, the priority of the first flow entry is higher than the default flow entry in the disaster recovery flow table;

Specifically, the process of performing self-learning on data packets is consistent with the process in the method embodiment shown in FIG. 1 , and will not be repeated here.

Specifically, add the first flow entry constructed according to the self-learning result to Table 2; or, determine whether the matching domains of the existing first flow entry in Table 3 are the same, and if so, add the existing first flow entry in Table 3 Delete the first-class entry, add the first-flow entry obtained by the current self-learning to Table 3, otherwise, directly add the first-flow entry obtained by the current self-learning to Table 3, and there are two self-learning entries in Table 3 The first stream entry obtained.

S007. Determine whether the second lookup key matches the first flow entry added to the disaster recovery flow table, and if so, pair the data according to the first flow entry in the disaster recovery flow table otherwise, process the data packet according to the default flow entry.

A data processing method for an SDN mobile ad hoc network provided by an embodiment of the present invention is applied to a switch, and can detect and obtain the latest connection status between the controller and the switch; when the latest connection status is disconnected, the data message to be processed is processed Self-learning, constructing the first flow entry according to the self-learning result; judging whether there is a flow entry with the same matching field as the first flow entry in the disaster recovery flow table, and if so, it will be the same as the matching field of the first flow entry Delete the flow entry, and add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to the disaster recovery flow table; The first flow entry in the flow table matches, if yes, the data packet is processed according to the first flow entry in the disaster recovery flow table; otherwise, the data packet is processed according to the default flow entry. Therefore, the data processing method of the SDN mobile ad hoc network provided by the present invention can quickly perceive the occurrence of a connection failure between the switch and the controller. It is directly matched with the disaster recovery flow table when the connection state is disconnected to obtain the corresponding processing strategy, which shortens the fault recovery time, improves the data processing capability and efficiency of the switch, and thus improves the reliability and stability of the network; In addition, when the change of the topological structure of the mobile ad hoc network causes the controller to fail, the present invention can timely learn and age the flow entry according to the change of the connection state, preventing the switch from still using the old flow entry after the change of the network topology, further improving network reliability.

Corresponding to the method embodiment shown in FIG. 1 , as shown in FIG. 8 , the present invention also provides a data processing device for an SDN mobile ad hoc network, which is applied to a switch, and the switch is pre-stored with data sent by the controller. A disaster recovery flow table, wherein a default flow entry is pre-stored in the disaster recovery flow table, and the device may include: a connection state detection module 100, a self-learning module 200, a first processing module 300, and a second processing module 400,

A connection state detection module 100, configured to detect the connection state between the controller and the switch according to preset rules, and obtain the latest connection state;

It should also be noted that the switches mentioned in the embodiments of the present invention can be Open vSwitch (OVS) virtual switches supporting the Openflow protocol, or other switches, and the switches mentioned in the embodiments of the present invention are mainly used in SDN-based Ad Hoc network, of course, can also be applied to other networks.

Specifically, the type of the connection state of the controller is the same as that in the method embodiment shown in FIG. 1 , and will not be repeated here.

The self-learning module 200 is configured to perform self-learning on the data packet to be processed when the latest connection status is disconnected, and construct a first flow entry according to the self-learning result;

Specifically, the disaster recovery flow table is one of the flow tables issued by the controller to the switch in advance. The flow table generally contains multiple flow table items, and the flow table items are mainly composed of three parts: matching fields, counters, and actions. The matching field of OpenFlow (OpenFlow v1.3.1) is used to match the packet header and other fields of the data packet, and the action guides the processing and forwarding of the data packet matching the flow entry. In practical applications, the data packet to be processed is first matched with a flow entry with a higher priority, and then matched with a flow entry with a lower priority if no match is found. Default flow entries are pre-stored in the disaster recovery flow table, and the default flow entry has the lowest priority.

The first processing module 300 is configured to determine whether there is a flow entry in the disaster recovery flow table that is the same as the matching field of the first flow entry, and if so, set the matching field of the first flow entry to The same flow entry is deleted, and the first flow entry is added to the disaster recovery flow table; otherwise, the first flow entry is added to the disaster recovery flow table, wherein the first flow table The priority of the item is higher than the default flow entry in the disaster recovery flow table;

The second processing module 400 is configured to determine whether the data packet to be processed matches the first flow entry added to the disaster recovery flow table, and if so, according to the data packet in the disaster recovery flow table The first flow entry processes the data packet; otherwise, processes the data packet according to the default flow entry.

Specifically, as shown in FIG. 9, the connection state detection module 100 may include: a first request submodule 101, a first judgment submodule 102, and a state determination submodule 103,

The first request submodule 101 is configured to send a first Echo request message to the controller;

The first judging sub-module 102 is used to judge whether the information sent by the controller is received within the set timeout period, wherein the switch starts from the time when the switch receives the last piece of information sent by the controller. Timing for the set timeout period;

Specifically, start counting the set time-out time length from the time when the switch receives the last Openflow message sent by the controller, that is, start counting the set time length from the last active time of the Openflow message; The Openflow message may be any Openflow message sent by the controller to the switch, including a first Echo response message (Echo reply) for the first first Echo request message.

A state determining submodule 103, configured to determine that the latest connection state between the controller and the switch is disconnected when the judgment result obtained by the first judging module is no; When the judgment result obtained by the module block is yes, it is determined that the latest connection state between the controller and the switch is a normal state.

Wherein, the status determination module 103 may include: a first status determination submodule, a second request submodule and a second status determination submodule,

The first state determination submodule is configured to determine that the latest connection state between the controller and the switch is in the normal state when the message sent by the controller is not received within the set first timeout period Idle state; wherein the first time-out time length of the setting is counted from the time when the switch receives the last message sent by the controller;

The second request submodule is used to send a second Echo request message to the controller when it is determined that the latest connection state is an idle state;

The second state determination submodule is used to determine that the latest connection state between the controller and the switch is active in the normal state when receiving the message sent by the controller within the set second timeout period state, wherein the sum of the set first timeout period and the set second timeout period is the set timeout period.

Specifically, the process of determining the set timeout period length, the set first timeout period length and the set second timeout period length, and the conditions for determining the mutual conversion of the three states of active, idle and disconnected The process is consistent with that described in the method embodiment shown in FIG. 1 , and will not be repeated here.

Also preferably, on the basis of the data processing device shown in Figure 9, the device may further include: a first adjustment module and a second adjustment module,

The first adjustment module is used to receive the first Echo response message sent by the controller for the first Echo request message according to the last time the first Echo request message was sent when the connection state is active. Time, the time interval of sending the first Echo request message next time, the first time-out time length of setting and the second time-out time length of setting are adjusted;

The second adjustment module is used for when the connection state is an idle state, according to the time of sending the second Echo request message and the time of receiving the second Echo response message sent by the controller for the second Echo request message, The time interval for sending the first Echo request message and the set first timeout time length are adjusted.

In the traditional solution, the switch detects the connection status by periodically sending Echo messages. The period is long (usually 5s) and fixed. Therefore, the round-trip of echo messages cannot be affected according to link conditions (such as link congestion). Time) to dynamically adjust the sending interval of the echo message, and it is impossible to detect the failure of the controller connection in time. However, the embodiment provided by the present invention detects the connection state dynamically and in real time, can quickly perceive the occurrence of a connection failure between the switch and the controller, provides a powerful help for shortening the fault recovery time when the controller fails, and improves the reliability of the network .

Specifically, the first processing module 300 may include: a parsing submodule and a flow entry construction submodule,

The analysis sub-module is used to analyze the header of the data message to be processed, and extract the information in the header of the data message;

The flow entry construction submodule is configured to construct the first flow entry according to the information in the extracted data packet header.

Specifically, the destination address matching field of the first flow entry may be the source mac address of the data packet, and the forwarding exit of the behavior is the ingress port of the data packet, that is, the data packet for self-learning may be a reverse data packet.

As shown in Figure 10, on the basis of the data processing device shown in Figure 8, the present invention also provides another data processing device for an SDN mobile ad hoc network. normal forwarding flow table, the device may also include: a normal processing module 500,

A normal processing module 500, configured to forward the data packet with the normal forwarding flow table when the latest connection state is normal when the switch also pre-stores a normal forwarding flow table delivered by the controller. The flow table is matched to obtain a matched second flow entry, and the data packet is processed according to the second flow entry.

Corresponding to the method embodiment shown in FIG. 6, as shown in FIG. 11, the embodiment of the present invention also provides another data processing device for an SDN mobile ad hoc network, which is applied to a switch, and the switch is pre-stored with a controller Distributed disaster recovery flow table, the disaster recovery flow table is pre-stored with a default flow entry and a security current limiting flow entry, wherein the priority of the security current limiting flow entry is the highest, and the device may include: A connection state detection module 010, a first search module 020, a third processing module 030 and a fourth processing module 040,

The first connection state detection module 010 is configured to detect the connection state between the controller and the switch according to preset rules, and obtain the latest connection state;

Specifically, the connection state detection method is consistent with the method in the embodiment shown in FIG. 1 , and will not be repeated here.

The first search module 020 is configured to search the stored disaster recovery flow table for whether there is a security current limiting flow entry matching the current pending data packet when the latest connection status is disconnected; if Yes, processing the data packet according to the security current limiting flow entry; otherwise, performing self-learning on the data packet to be processed, and constructing a first flow entry according to the self-learning result;

Specifically, the disaster recovery flow table may pre-store at least one security current limiting flow entry; since the security current limiting flow entry has the highest priority in the disaster recovery flow table, firstly, it is checked in the disaster recovery flow table whether There is a security rate limiting entry matching the current data packet to be processed. When a security rate limiting entry matching the current data packet is found, the data to be processed according to the security rate limiting entry Packets are processed; when no security current limiting flow entry matching the current data packet to be processed is found, self-learning is performed on the data packet to be processed, and the first flow entry is constructed according to the self-learning result.

The third processing module 030 is configured to determine whether there is a flow entry in the disaster recovery flow table that is the same as the matching field of the first flow entry, and if so, set the matching field of the first flow entry to The same flow entry is deleted, and the first flow entry is added to the disaster recovery flow table; otherwise, the first flow entry is added to the disaster recovery flow table, wherein the first flow table The priority of the item is higher than the default flow entry in the disaster recovery flow table;

Wherein, the method for constructing the first flow entry is consistent with the method in the embodiment shown in FIG. 1 , and will not be repeated here.

The fourth processing module 040 is configured to determine whether the data packet to be processed matches the first flow entry added to the disaster recovery flow table, and if so, according to the data packet in the disaster recovery flow table The first flow entry processes the data packet; otherwise, processes the data packet according to the default flow entry.

The data processing device provided in FIG. 11 of the present invention can ensure the security of specific data messages with security requirements, and solve the problem in the prior art that when the connection between the controller and the switch is disconnected, all data messages are pressed When the default flow entry is processed, the data packet is forwarded from all ports except the inbound port of the data packet, which leads to the loss of control of the specific data packet with security requirements, thereby reducing the problem of communication security.

Corresponding to a data processing method of an SDN mobile ad hoc network in practical applications shown in FIG. 7, as shown in FIG. The data processing device is applied to a switch, and a stateful control flow table, a normal forwarding flow table, and a disaster recovery flow table are pre-stored in the switch, and a default flow entry is pre-stored in the disaster recovery flow table. The device may include: state processing Module 001, first search key construction module 002, first flow table matching module 003, second search key construction module 004, second flow table matching module 005, first data processing module 006 and second data processing module 007,

A state processing module 001, configured to detect the connection state between the controller and the switch according to preset rules, and obtain the latest connection state;

The first search key construction module 002 is used to construct the first search Key with the connection state by using the latest connection status of the switch and the controller as the metadata of the data message to be processed in the kernel layer of the switch;

The first flow table matching module 003 is used to match the first lookup key with the flow table cached in the kernel layer; when no flow matching the first lookup key is found in the flow table cached in the kernel layer When entering the table, the data message to be processed and the first lookup key are sent to the user layer of the switch;

The second lookup key construction module 004 is used to update the first lookup key to the second lookup key with the current latest connection status in the user layer of the switch;

The second flow table matching module 005 is configured to match the second lookup key with the state control flow table; when the matching field between the second lookup key and the state control flow table is a flow entry whose connection state is disconnected When matching, jump to the disaster recovery flow table;

Specifically, the disaster recovery flow table may include a security current limiting flow entry, or may not include a security current limiting flow entry.

The first data processing module 006 is configured to perform self-learning on the data message to be processed, and construct a first flow entry according to the self-learning result; determine whether there is a matching domain identical to that of the first flow entry in the disaster recovery flow table If so, delete the flow entry with the same matching field as the first flow entry, and add the first flow entry to the disaster recovery flow table; otherwise, delete all The first flow entry is added to the disaster recovery flow table, wherein the priority of the first flow entry is higher than the default flow entry in the disaster recovery flow table;

The second data processing module 007 is configured to determine whether the second lookup key matches the first flow entry added to the disaster recovery flow table, and if so, according to the first flow entry in the disaster recovery flow table The first-flow entry processes the data packet; otherwise, the data packet is processed according to the default flow entry.

A data processing device for an SDN mobile ad hoc network provided by an embodiment of the present invention is applied to a switch, and can detect and obtain the latest connection status between the controller and the switch; when the latest connection status is disconnected, the data message to be processed is processed Self-learning, constructing the first flow entry according to the self-learning result; judging whether there is a flow entry with the same matching field as the first flow entry in the disaster recovery flow table, and if so, it will be the same as the matching field of the first flow entry Delete the flow entry, and add the first flow entry to the disaster recovery flow table; otherwise, add the first flow entry to the disaster recovery flow table; The first flow entry in the flow table matches, if yes, the data packet is processed according to the first flow entry in the disaster recovery flow table; otherwise, the data packet is processed according to the default flow entry. Therefore, the data processing device of the SDN mobile ad hoc network provided by the present invention can quickly perceive the occurrence of a connection failure between the switch and the controller. It is directly matched with the disaster recovery flow table when the connection state is disconnected to obtain the corresponding processing strategy, which shortens the fault recovery time, improves the data processing capability and efficiency of the switch, and thus improves the reliability and stability of the network; In addition, when the change of the topological structure of the mobile ad hoc network causes the controller to fail, the present invention can timely learn and age the flow entry according to the change of the connection state, preventing the switch from still using the old flow entry after the change of the network topology, further improving network reliability.

As for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiment.

It should be noted that in this article, relational terms such as first and second are only used to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply that there is a relationship between these entities or operations. any such actual relationship or order exists between them. Furthermore, the term "comprises", "comprises" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus comprising a set of elements includes not only those elements, but also includes elements not expressly listed. other elements of or also include elements inherent in such a process, method, article, or device. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional identical elements in the process, method, article or apparatus comprising said element.

Each embodiment in this specification is described in a related manner, the same and similar parts of each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiment.

The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present invention are included in the protection scope of the present invention.

Claims (10)

1. the data processing method of a SDN mobile ad hoc network, it is characterised in that be applied to switch, Described switch is previously stored with the calamity that controller issues be previously stored with in stream table for stream table, described calamity Default stream list item, described method comprises the steps:

The connection status of described controller and described switch is detected, it is thus achieved that up-to-date connection shape according to preset rules State；

When described up-to-date connection status is for disconnecting, pending data message is carried out self study, according to certainly Learning outcome constructs first-class list item；

Judge described calamity for whether stream table exists the stream list item identical with the matching domain of described first-class list item, If it is, stream list item identical for the matching domain of described and described first-class list item is deleted, and by described first Stream list item adds described calamity to in stream table；Otherwise, described first-class list item is added to described calamity for stream table In；Wherein, the priority of described first-class list item is higher than the default stream list item in described calamity standby stream table；

Judge described pending data message whether with add described first-class in stream table of described calamity to List item matches, if it is, according to the described first-class list item in described calamity standby stream table to described data message Process；Otherwise, according to described default stream list item, described data message is processed.

Method the most according to claim 1, it is characterised in that be also previously stored with in described switch The normal forwarding flow table that controller issues, described method also includes:

When described up-to-date connection status is normal, described data message is carried out with described normal forwarding flow table Coupling, it is thus achieved that the second list item matched, according to described second list item to described data message at Reason.

Method the most according to claim 1, it is characterised in that described calamity also includes for stream table: safety Current limliting stream list item, and the priority of described safe current limliting stream list item is the highest；

The matching domain of described safe current limliting stream list item comprises data message is carried out current limliting purpose receive set Standby address information.

4. according to the method described in any one of claim 1-3, it is characterised in that described to pending number Carry out self study according to message, construct first-class list item according to self study result and include:

The packet header of pending data message is resolved, extracts the information in data message packet header；

According to the first-class list item of information structuring in the data message packet header extracted.

Method the most according to claim 1, it is characterised in that described described according to preset rules detection Controller includes with the connection status of described switch:

Send an Echo to described controller and ask message；

Judge whether described switch receives what described controller sent in the time-out time length set Message, wherein the time from the last item message of described switch reception described controller transmission starts institute The time-out time length stating setting carries out timing；

If it does not, determine that described controller is off-state with the up-to-date connection status of described switch, if It is to determine that described controller is normal condition with the up-to-date connection status of described switch.

Method the most according to claim 5, it is characterised in that described determine that described controller is with described The up-to-date connection status of switch is that normal condition includes:

When not receiving the message that described controller sends in the first time-out time length set, determine Described controller is the idle condition in normal condition with the up-to-date connection status of described switch；Wherein from institute The time stating the last item message that switch receives the transmission of described controller starts first to described setting Time-out time length carries out timing；

When determining that up-to-date connection status is idle condition, send the 2nd Echo request to described controller and disappear Breath；

When receiving the message that described controller sends in the second time-out time length set, determine institute The up-to-date connection status stating controller and described switch is the active state in normal condition, wherein said sets The first fixed time-out time length and the second time-out time length of setting and be described setting overtime time Between length.

Method the most according to claim 6, it is characterised in that when determining described controller and described friendship When the up-to-date connection status changed planes is normal condition, described method also includes:

When described connection status is active state, according to the last time send the oneth Echo request message time Between, and receive the Echo response message that described controller sends for an Echo request message Time, ask the time interval of message, the first time-out time length and setting of setting to sending an Echo The second time-out time length be adjusted；

When described connection status is idle condition, according to the time of transmission the 2nd Echo request message, and connect Receive the time of the 2nd Echo response message that described controller sends for the 2nd Echo request message, right Send an Echo request time interval for message, the first time-out time length of setting is adjusted.

8. the data processing equipment of a SDN mobile ad hoc network, it is characterised in that be applied to switch, Described switch is previously stored with the calamity that controller issues be previously stored with in stream table for stream table, described calamity Default stream list item, described device includes: connection status detection module, self-learning module, the first processing module With the second processing module,

Described connection status detection module, for detecting described controller and described switch according to preset rules Connection status, it is thus achieved that up-to-date connection status；

Described self-learning module, for when described up-to-date connection status is for disconnecting, to pending datagram Literary composition carries out self study, constructs first-class list item according to self study result；

Described first processing module, is used for judging that described calamity is for whether existing in stream table and described first-class list item The identical stream list item of matching domain, if it is, by stream identical for the matching domain of described and described first-class list item List item is deleted, and described first-class list item adds described calamity in stream table to；Otherwise, by described first-class List item adds described calamity to in stream table；Wherein, the priority of described first-class list item is higher than the standby stream of described calamity Default stream list item in table；

Described second processing module, for judge described pending data message whether with add described calamity to Described first-class list item in standby stream table matches, if it is, according to described first in described calamity standby stream table Described data message is processed by stream list item；Otherwise, according to described default stream list item to described data message Process.

Device the most according to claim 8, it is characterised in that also include: normal process module,

Described normal process module is normal for be also previously stored with in described switch that controller issues In the case of forwarding flow table, when described up-to-date connection status is normal, by described data message with described just Often forwarding flow table mates, it is thus achieved that the second list item matched, according to described second list item to described Data message processes.

Device the most according to claim 8, it is characterised in that described calamity also includes for stream table: peace Full current limliting stream list item, and the priority of described safe current limliting stream list item is the highest；

The matching domain of described safe current limliting stream list item comprises data message is carried out current limliting purpose receive set Standby address information.