Summary of the invention
It is an object of the invention to overcome the deficiencies of existing technologies, a kind of chip realization side of ACL matching UDF message is providedMethod and device.
To achieve the above object, the following technical solutions are proposed by the present invention: a kind of chip realization side of ACL matching UDF messageMethod, which comprises
S1, chip identification UDF message simultaneously parse message, and the parsing result that parsing is obtained is sent into ACL table;
S2, forms ACL keyword for the parsing result, ACL table is searched according to the ACL keyword, according to searchingThe matching behavior arrived carries out respective handling to message.
Preferably, the S1 includes:
S11, chip search UDF table, find the matched message of condition according to lookup result, and carry out UDF to the messageParsing;
S12 takes out the matching content of designated position according to the lookup result from message;
S13, chip parse to obtain the parsing result, include the matching content in the parsing result.
Preferably, the lookup result includes the type and offset of start offset position.
Preferably, the parsing result further includes index address field and message validity field.
Preferably, the S2 includes:
S21 closes ACL described in the matching content of parsing result, index address field and message validity field groupsKey word;
S22 judges that the ACL keyword and mask do logical operation, does together with the keyword in ACL table with the maskWhether the result of the logical operation of sample is equal, if equal, the matching behavior is taken out from ACL table.
Preferably, in S22, the logical operation is logic and operation.
Present invention further teaches another technical solutions: a kind of chip realization device of ACL matching UDF message, describedDevice includes UDF message identification device and ACL coalignment, wherein
The UDF message identification device UDF message and parses message for identification, the parsing knot that parsing is obtainedFruit is sent into ACL table;
The ACL coalignment is used to the parsing result forming ACL keyword, is searched according to the ACL keywordACL table carries out respective handling to message according to obtained matching behavior is searched.
Preferably, the UDF message identification device includes searching parsing module, matching content taking-up module, the lookupParsing module finds the matched message of condition for searching UDF table, according to lookup result, and carries out UDF parsing to the message,Parsing obtains parsing result;The matching content is taken out module and is used for according to the lookup result for searching parsing module from messageThe middle matching content for taking out designated position includes the matching content in the parsing result.
Preferably, the parsing result further includes index address field and message validity field.
Preferably, the ACL coalignment includes group ACL keyword module and matching module, the ACL keyword moduleFor by ACL keyword described in the matching content of parsing result, index address field and message validity field groups;It is describedMatching module is done together with the keyword in ACL table with the mask for judging that the ACL keyword and mask do logical operationWhether the result of the logical operation of sample is equal, if equal, the matching behavior is taken out from ACL table.
The beneficial effects of the present invention are: the present invention makes chip that the matching customized message of user may be implemented, so as to allowUser disposes more service applications.
Specific embodiment
Below in conjunction with attached drawing of the invention, clear, complete description is carried out to the technical solution of the embodiment of the present invention.
The revealed a kind of chip implementing method and device of ACL matching UDF message of the embodiment of the present invention, pass through identificationUDF message is matched from being taken out in required matching content feeding ACL in message, realizes that ACL can match unconventional UDF reportText is conducive to user and disposes more service applications.
Referring to figs. 1 and 2, the revealed a kind of chip realization side of ACL matching UDF message of the embodiment of the present inventionMethod is broadly divided into two large divisions, and first part is the process of chip identification UDF message, and second part is ACL matching UDF messageProcess.Specifically include:
S1, chip identification UDF message simultaneously parse message, and the parsing result that parsing is obtained is sent into ACL table.
As shown in connection with fig. 3, step S1 is specifically included:
S11, chip search UDF table, find the matched message of condition according to lookup result, and carry out UDF parsing to message.
Specifically, message enters chip, and chip first looks for UDF table (i.e. UDF cam, UDF content adressable memory), looks forTo the matched message of condition, UDF parsing is carried out.
UDF cam entry (entry) is defined in UDF cam (ParserUdfCam), comprising a plurality of in UDF camEntry, such as 16, validity field (entryValid), data field (data) and mask field are included in each entry(mask) etc..Wherein, the port information (portBitmapBase, portBitmap) in data field including message, message classType information (layer2Type, etherType), vlan quantity (vlanNum), two layers of information, three-layer information (ipsa, ipda),Four layers of information (l4srcport, l4dstport) etc..Wherein, UDF cam is a kind of chip memory mechanism, content addressable storageDevice (Coment Addressable Memory).
Chip matches according to the information in message with the above-mentioned corresponding field in UDF cam entry, if matching, i.e.,Matched entry is found, lookup result (ParserUdfCamResult) is obtained from the matching entry.
S12 takes out the matching content of designated position according to lookup result from message.
Specifically, include following field in above-mentioned lookup result:
The type (udfStartPosType) and offset (udfEntryOffset) of start offset position, the present embodimentIn, the type definition of start offset position four kinds, it is respectively as follows:
2 ' b00:Start from L2header indicate that udfStartPosType is 0, from two layer message headL2Header starts to take;
2 ' b01:Start after L2header indicate that udfStartPosType is 1, from three-tier message headL3Header starts to take;
2 ' b10:Start after L3header indicate that udfStartPosType is 2, from four layers of headerL4Header starts to take;
2 ' b11:UDF=127 ' d0 indicate disabling udf (disable udf).
Corresponding offset also defines four seed types:
UdfEntryOffset0 [3:0], unit:4Byte;
UdfEntryOffset1 [3:0], unit:4Byte;
UdfEntryOffset2 [3:0], unit:4Byte;
UdfEntryOffset3 [3:0], unit:4Byte.
That is, if lookup result are as follows:
If udfStartPosType is 0, taken since L2Header, udfEntryOffset0 [3:0]~UdfEntryOffset3 [3:0] specified 4 opposite offset initial positions, can at most take out 128bits content in total;
If udfStartPosType is 1, taken since L3Header, udfEntryOffset0 [3:0]~UdfEntryOffset3 [3:0] specified 4 opposite offset initial positions, can at most take out 128bits content in total;
If udfStartPosType is 2, taken since L4Header, udfEntryOffset0 [3:0]~UdfEntryOffset3 [3:0] specified 4 opposite offset initial positions, can at most take out 128bits content in total;
If udfStartPosType is 3, then it represents that disable udf.
S13, chip parse to obtain parsing result, include matching content in parsing result.
Specifically, chip parses UDF message, and obtained parsing result includes following data:
Matching content (ParserResult.udf): the 128bits message content of i.e. above-mentioned taking-up, asParserResult.udf[127:0];
Index address field: in the present embodiment, it is defined as ParserResult.udfHitIndex [3:0];
Message validity field: in the present embodiment, it is defined as ParserResult.udfValid.
Chip by these fields (ParserResult.udf [127:0], ParserResult.udfHitIndex [3:0],ParserResult.udfValid it) is sent into subsequent ACL and handles, that is, enter step S2.
S2, forms ACL keyword for parsing result, searches ACL table according to ACL keyword, the matching obtained according to lookupBehavior carries out respective handling to message.
This part is the process of above-mentioned ACL matching UDF message, and as shown in connection with fig. 4, specifically, S2 includes:
S21, by the matching content of parsing result, index address field and message validity field groups ACL keyword.
Data ParserResult.udf [127:0] that above-mentioned UDF is finally exported,ParserResult.udfHitIndex [3:0], ParserResult.udfValid form corresponding ACL keyword (key),It is matched for ACL.
S22 judges that ACL keyword and mask do logical operation, does same logic with mask with the keyword in ACL tableWhether the result of operation is equal, if equal, matching behavior is taken out from ACL table.
Specifically, after judging that the above-mentioned ACL key of chipset and the mask (mask) under user do logical operation, this implementationIt is logic and operation (&) in example, the knot of same logical operation is done with the keyword in ACL table and the mask under user (mask)Whether fruit is equal, if equal, i.e. expression TCAM is found, and takes corresponding matching behavior (Action), does corresponding processing;If noIt is equal, then illustrate that TCAM is not found, corresponding Action will not be taken.
It is corresponding with the above-mentioned ACL matching chip implementing method of UDF message, a kind of revealed ACL of the embodiment of the present inventionMatch the chip realization device of UDF message, including UDF message identification device and ACL coalignment, wherein
UDF message identification device UDF message and parses message for identification, and parsing result that parsing obtains is sentEnter ACL table.
Specifically, UDF message identification device includes searching parsing module, matching content taking-up module, wherein searches parsingModule finds the matched message of condition for searching UDF table, according to lookup result, and carries out UDF parsing to message, and parsing obtainsParsing result.
Matching content takes out module and is used to take out designated position from message according to the lookup result for searching parsing moduleMatching content includes matching content in parsing result.
ACL coalignment is used to parsing result forming ACL keyword, ACL table is searched according to ACL keyword, according to looking intoThe matching behavior found carries out respective handling to message.
Specifically, ACL coalignment includes group ACL keyword module and matching module, wherein
ACL keyword module is used for the matching content of parsing result, index address field and message validity field groupsAt ACL keyword.
Matching module is done together with the keyword in ACL table with mask for judging that ACL keyword and mask do logical operationWhether the result of the logical operation of sample is equal, if equal, matching behavior is taken out from ACL table.
Wherein, the concrete principle of above-mentioned UDF message identification device and ACL coalignment can refer to retouching in above-mentioned S1 and S2It states, which is not described herein again.
Technology contents and technical characteristic of the invention have revealed that as above, however those skilled in the art still may baseMake various replacements and modification without departing substantially from spirit of that invention, therefore, the scope of the present invention in teachings of the present invention and announcementIt should be not limited to the revealed content of embodiment, and should include various without departing substantially from replacement and modification of the invention, and be this patent ShenPlease claim covered.