Session table entry processing method and device in multi-core system and related product

A multi-core system and session entry technology, applied in the field of data processing, can solve problems such as affecting forwarding performance, packet loss, and untimely processing of packets by the forwarding core, and achieve the effects of improving forwarding performance, defending against attacks, and saving processing resources.

Active Publication Date: 2019-10-25
NEUSOFT CORP
View PDF9 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the forwarding core uses a polling mechanism to process message forwarding and timeout session entries, so that the forwarding core cannot process message forwarding and timeout session entries at the same time
[0003] In practical applications, the firewall can maintain a high throughput performance when it does not encounter a distributed denial of service (Distributed Denial of Service, DDoS) attack, but when it encounters a DDos attack, it will generate a large number of timed-out If the timer of the mechanism takes too long to process the timeout session entry, it will inevitably cause the forwarding core to process the message not in time, resulting in packet loss and affecting the overall forwarding performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Session table entry processing method and device in multi-core system and related product
  • Session table entry processing method and device in multi-core system and related product
  • Session table entry processing method and device in multi-core system and related product

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the above objects, features and advantages of the present application more obvious and understandable, the embodiments of the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

[0045]In the research of the traditional firewall working structure, the inventor found that the firewall can be a message forwarding system based on the dpdk platform. Since the working mechanism of the dpdk platform is an endless loop in user mode, that is, the forwarding core loop handles the following two things, one is forwarding The core receives messages from each network card / other forwarding cores and processing cores and forwards the messages; second, the timer of the forwarding core needs to process timed-out session entries to avoid affecting system performance due to the large number of session entries.

[0046] The above-mentioned processing mechanism of the forwarding cor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a session table entry processing method and device in a multi-core system. Whether a message is safe or not is firstly determined after a forwarding core receives a first handshake message or a second handshake message when the forwarding core receives the message. When the message is an unsafe first handshake message or an unsafe second handshake message,the session timeout item of the message is added into the link table list array; and the session timeout item of the message is processed by utilizing the link table list array; therefore, the situation that when the received message is the attack message, the timer of the forwarding core is used for processing the session timeout item of the attack message is avoided, attacks are effectively defended, processing resources of the timer of the forwarding core can be saved, the forwarding core can normally process the security message, and the overall forwarding performance is improved. In addition, each forwarding core is configured with a linked list array, so that lock-free processing of the multi-core system is realized.

Description

technical field [0001] The present application relates to the field of data processing, in particular to a method, device and related products for processing session entries in a multi-core system. Background technique [0002] For security vendors, after receiving the message, the forwarding core in the firewall queries the session table and forwards the message. If there is no corresponding session table, it builds a session table according to the policy, and finally realizes message forwarding. Since too many session tables will also cause system burden, it is necessary to pay attention to the timeout mechanism of the session table, delete the timed-out session entries in time, and reduce the system load. That is to say, the forwarding core not only needs to process message forwarding, but also needs to process timed-out session entries. However, the forwarding core uses a polling mechanism to process message forwarding and timeout session entries, so that the forwarding...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/02
Inventor 刘健男党丽娜
Owner NEUSOFT CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap