JP5258442B2 - ARP table management device - Google Patents

Description

  The present invention relates to an ARP (Address Resolution Protocol) table management apparatus for an Ethernet (registered trademark) address resolution protocol based on RFC 826 of IETF. More specifically, it relates to time control of ARP table entries called aging.

  The Ethernet address resolution protocol is a protocol for obtaining a 48-bit MAC address assigned uniquely to a device I / F on a local network using an IP address assigned to a network composed of 32 bits.

  FIG. 2 is a diagram illustrating a sub-network including two client terminals, a HUB, and a Router 1 connected to an external network.

  In FIG. 2, when data is transmitted from Client 1 to Client 2, the application layer performs IP layer processing using the data transmitted together with the partner's IP address as a payload. Then, by analyzing the IP address of the other party that was previously passed, the own IP address as the transmission source, the data length, etc., an IP Header is created, and an IP packet is created along with the payload.

  Next, in order to transmit on Ethernet (registered trademark), the user's own MAC address and the destination MAC address are required. At this time, the other party's IP address is known, but the MAC address may not be known. At this time, before sending out the IP packet, the sending client terminal sends an ARP request packet as a broadcast packet in the same subnet to search whether there is a device corresponding to the destination IP address. .

  FIG. 3 shows the format of the ARP request packet. Since the destination MAC address in the MAC header is unknown in the ARP request packet, “FF: FF: FF: FF: FF: FF” called a broadcast address is entered in the destination MAC address field. Then, a packet having this destination MAC address is sent out as a broadcast packet that propagates to devices in all subnets.

  In the ARP packet field, the hardware specification and protocol specification of the ARP transmission source are followed by the instruction code of the ARP packet, the IP of the transmission source, and the MAC address. The destination IP address and the like are described, and the network device that has received the ARP request packet analyzes the ARP packet and sends out an ARP reply packet when it is found that it is searching for its own IP address.

  Since the destination of the ARP reply packet is the transmission source of the ARP request packet, the ARP reply packet is not broadcast but is transmitted to unicast, that is, to the MAC address of the transmission source of the ARP request packet.

  The ARP reply packet describes the MAC address of the device that has received the ARP request packet. Therefore, the client terminal that has received this ARP reply packet creates a conversion table between IP addresses and MAC addresses, that is, a database called an ARP table.

  FIG. 4 is a diagram showing an example of the ARP table. When the correspondence information between the IP address and the MAC address is registered in this database, the MAC address can be obtained by inquiring the database without inquiring with the ARP packet every time the IP packet is sent. This ARP table is composed of an IP address, a MAC address, and a Type field, and the last Type field indicates whether this entry is a static entry or a dynamic entry.

  In the case of a static entry, it is an entry that is permanently retained unless it is intentionally deleted once registered. In the case of a dynamic entry, the entry has been entered and has not been accessed for a certain period of time. Represents an entry to be deleted.

  This operation of “deletion of entry” is a function necessary to cope with a change in the network configuration. If a terminal with a network device is deleted from the network configuration for reasons such as network failure or power shutdown, it is useless for other terminals on the network to permanently hold them as entries in the ARP table. It is a function.

  Keeping previous entries when the IP address is changed by the terminal causes unnecessary traffic to flow on the network or cause malfunctions. Therefore, the function of deleting entries from the ARP table after a certain period of time is used. This is an essential function for table management.

  In the ARP table of Client1 shown in FIG. 4, the IP address and MAC address of Client2 and Router1 are entered as Type = dynamic. On the other hand, the Type of the entry of Router1 is entered as Static in the ARP table of Client2. In this way, a device such as a Router that is supposed to operate at all times may be entered with Static, and its operation can be determined by a terminal having an ARP table.

  Similarly, even when the entry is made dynamically, it is left up to the terminal to determine how long the “predetermined period” until the entry is deleted from the ARP table by the device.

  However, if this time is too short, ARP packets are issued frequently, and if it is too long, it becomes impossible to follow dynamic changes in the network. Generally, it is generally set to about 30 minutes to about 1 minute, and about 10 minutes in the case of a large network (about more than several thousand terminals in a subnet). Of course, this time may also differ from these times because it depends on how the terminal communication application is used.

  There are many software algorithms for quickly retrieving a MAC address from an IP address. On the other hand, an ARP table management apparatus using an associative memory: CAM (content address memory) as a hardware device is known. FIG. 5 shows an IP-MAC conversion table using the CAM in the conventional example, that is, an ARP table and a management device.

  In FIG. 5, 501 is a CAM, 502 is a RAM, 503 is an address selection circuit, 504 is an address encoder, 505 is a timer, and 506 is an address decoder. The operation of this conversion table is divided into an IP address and MAC address registration operation, and an inquiry operation for outputting a MAC address in response to an IP address inquiry.

  On the other hand, the time management of the table is performed by a series of modules of address encoders 504, 505, and 506, a timer, and an address decoder. First, the registration operation will be described.

  In order to register the IP address and MAC address in the CAM and RAM, respectively, a common address used in the CAM and RAM is required. For this reason, the address selector 503 selects the reference address input from the outside in the case of the registration operation and gives it to the RAM as an address. The number of entries in the conversion table is determined by the width of this address. If the address width is 8 bits, it is possible to convert 256 entries, that is, 256 types of IP addresses to MAC addresses. In order to increase the number of entries, it is necessary to increase the address width and increase the capacity of the CAM / RAM.

  Now, along with the input of the CAM / RAM address, the IP address to be entered is given to the CAM, and the MAC address is given to the RAM. As a result, the IP address and MAC address are stored in the CAM and RAM, respectively, in the common CAM / RAM address. In the case of an inquiry operation, an address selector is selected so that CAM Adrs output from the CAM is given as a RAM address.

  When the IP address is input as inquiry data to the CAM, the CAM immediately outputs the CAM Adrs at the time of registration. If there is no corresponding CAM Adrs, Unmatch is output and the inquiry operation is terminated.

  When the CAM Adrs output is output to the RAM together with the Match output, the MAC address is output from the CAM Adrs. In this way, the MAC address can be obtained from the IP address.

  If there are only three network devices in the subnet, as shown as an example in FIG. 2, it does not take much processing time even if all the databases are expanded on the RAM and a comparative search is performed for each entry. However, when network devices in a subnet are managed in units of thousands or tens of thousands, the cost of search time is required. Therefore, the ARP table using CAM and the management method described in this conventional example are used.

  However, the ARP table management apparatus found in the conventional example has the following problems. That is, when the configuration of a device in the network changes, an entry in the ARP table that has not been accessed at a certain time interval must be deleted so as to correspond to the increase / decrease in the network device or the change in topology. Therefore, it is necessary to provide an operation for providing each entry with a timer and searching for and deleting an entry whose timer has expired. Therefore, there is a problem that hardware resources to be managed by each timer must be prepared for all these entries.

Further, when the software timer is used, there is a problem that the entry deletion operation becomes slow although the search is speeded up using CAM.
The present invention aims to solve the above problems.

An ARP table management apparatus according to the present invention is an ARP table management apparatus that outputs a MAC address when an IP address is input, an associative memory that outputs a registration address using IP address and time information as input data, and a registration address as an input address. Select a random access memory that outputs a MAC address, a timer code selector that selects a registration time and a search time and inputs it to the associative memory, a registration address that is externally input, and an update address that the associative memory outputs A first address selector to be input to the associative memory address; a second address selector to select an externally input registration address and an update address output by the associative memory and output to the RAM; and Invalidate any bit of input data in associative memory comprising a AskBit, and a Type field indicating whether static information held or dynamic information permanently to be erased in the registration information of a predetermined time as input to the associative memory, to Mask the timer code input By converting the IP address to the MAC address, the IP address input is masked to search for an entry having arbitrary time information, and only the dynamic information can be extracted as an address that can be deleted by the Type field. It is characterized by that.

  According to the present invention, in addition to conversion from an IP address to a MAC address, it is possible to perform processing such as aging of each entry, extraction of time-out entries, and extraction of unused entries.

  Embodiments of the present invention will be described below in detail with reference to the accompanying drawings. FIG. 1 is a diagram showing a configuration example of an ARP table management apparatus according to an embodiment based on the concept of the present invention. The ARP table management apparatus that outputs a MAC address by inputting an IP address according to the present embodiment includes an associative memory that outputs a registered address using the IP address and time information as input data.

The ARP table management apparatus according to the present embodiment includes a random access memory that outputs a MAC address using a registration address as an input address, and a timer code selector that selects a registration time and a search time and inputs them to an associative memory. In addition, it has a first address selector that selects an externally input registered address and an update address output by the associative memory itself and inputs it to the associative memory address. In addition, a second address selector that selects an externally input registered address and an update address output by the associative memory itself and outputs it to the RAM, and a mask bit that can invalidate any bit of input data in the associative memory. And have. In the present embodiment having such a configuration, the conversion from the IP address to the MAC address is performed by masking the timer code input, and an entry having arbitrary time information is searched by masking the IP address input.
In addition, a Type field indicating whether the registration information is dynamic information that is deleted in a certain time as input data to the associative memory or static information that is permanently retained is provided. Only information can be extracted as an address that can be deleted. In addition, a status field indicating whether registration information is valid or invalid as input data to the associative memory is provided, and the registration target is searched only for the registration information by the status field, and invalid registration information is searched.

  In FIG. 1, 101 is an associative memory (CAM) for storing IP addresses, 102 is a random access memory (RAM) for storing MAC addresses, and 103 and 104 are address selectors for selecting addresses input to the CAM / RAM. . Note that 103 corresponds to the first address selector in the present invention, and 104 corresponds to the second address selector.

  Reference numeral 105 denotes a timer, and reference numeral 106 denotes a timer code selector for selecting the timer code from the output of the timer 105 for aging of the ARP entry or the search timer code by the address sector 104. First, an entry registration procedure in the ARP table management system will be described in order.

  At the time of entry registration, Entry is selected and input for Query / Entry input. As a result, the CAM 101 and the RAM 102 become the write operation mode, and the address selectors 103 and 104 input the CAM / RAM addresses inputted from the outside to the CAM and RAM, respectively. The timer code selector 106 selects the 105 timer as an input to the CAM.

  During the entry registration operation, CAM / RAM address, IP address (32 bits), Type / Status (2 bits), and MAC address (48 bits) are required as input information.

  The IP address is input as data to the CAM, and the MAC address is input as data to the RAM. At the same time, the Type / Status information is input as data common to the CAM / RAM, and the timer code output at the time of registration from the timer 105 is input to the CAM as data.

  FIG. 6 shows an example of registration information in the CAM / RAM. In this embodiment, the CAM address “0” has an IP address “192.168.0.11”, a registration time code “01:30”, and a CAM / RAM address “0”. As a result, Type = “Dynamic” is input. Further, it is assumed that “66: 55: 44: 33: 22: 11” is input as the MAC address to Status = “up” and the RAM address “0”. When searching, it is possible to search using any of the IP address, timer code, and Type / Status information.

  Of these input information, information that is not used for the search can be excluded from the search target by inputting Mask information. Mask information input corresponds to search information of IP address, timer code, and Type / Status information in units of bits.

  Here, the procedure until the MAC address is output as a result of searching using “192.168.0.11” as a key in the contents of the CAM / RAM in FIG. 6 will be described. If there is a matching entry as a result of the search by the CAM 101, the CAM Adrs is output from the CAM 101 together with the “Match” output.

  First, since the search mode is operated as the operation mode, both the CAM 101 and the RAM 102 operate in the read mode. The address selector 104 selects CAM Adrs during the search operation, and the address output from the CAM 101 is input as a RAM address. As a search key to be input, an entry with “192.168.0.11” as the IP address and “Up” as the Status is searched.

  The mask code is input so that other input information, that is, the entry type and the timer code are excluded from the search target. As a result, CAM 101 outputs address = “0” and “Match” indicating that a valid address has been output. These outputs are input as the address of the RAM 102 and enable information. Since the RAM 102 outputs the content of the address = “0” as data, the MAC address = “66: 55: 44: 33: 22: 11”, Type = “d”, and Status = “Up” are output.

  In this way, the MAC address corresponding to the IP address is output from the IP address.

  Subsequently, an operation for updating the timer code registered in the CAM 101 is performed. As a result, only the timer code at the time of searching the entry searched by the CAM 101 is updated. While the CAM address output as a search result is added to the RAM 102, it is fed back as an address input of the CAM 101, and the “Macth” output is also fed back to the address selectors of the CAMs 101 and 103.

  As a result, the CAM 101 shifts from the search mode to the registration mode, and the address output by the CAM 101 itself is input as a registration address to the address selector. The timer code at the time of update from the timer 105 is input to the input of the timer code, and Mask is applied to data input such as other IP addresses and Type / Status information. As a result, only the timer code is updated.

  As described above, the operation at the time of registration and the search at the time of obtaining the MAC address from the IP address has been described. Next, searching for an entry to be deleted will be described.

  As described in the conventional example, in order to cope with the dynamic change of the network, the ARP table must delete dynamic entries such as registration and search that have passed a certain period of time. As described above, each entry of the CAM 101 includes time information at the time of registration / retrieval as a timer code. From this, it is possible to perform a search by CAM using time information as a search key.

  If the timer code is 8 bits and the timer counts up every second, a maximum of 255 seconds can be counted.

  When searching for an entry in which 60 seconds have passed since the last access, a value obtained by subtracting 60 from the output of the timer indicating the current time, Status = up indicating that Status is valid, and Type indicating that it is a dynamic entry = Dynamic is the search key. Then, a search is performed by masking another IP address or Type information.

  The result address that is output when there is a Mact output in this search is the address of an entry that has passed 60 seconds after registration and search. In order to delete an entry from the entry, the result address of the entry is input as a reference address, and if the Status input is registered as “down”, the deletion of the entry is completed.

  When there are a plurality of corresponding entries, a Machin output is obtained with a different CAM / RAM address when searching again with the same timer code and status after deleting the previous entry. The CAM / RAM address obtained here is deleted in the same manner, and the process is repeated until an Unmatch output is obtained.

  By performing the above operation every second, it is possible to extract and delete an entry that has passed 60 seconds or more since the last access. Furthermore, it is added that the search and deletion can be performed once in 2 ^ n [seconds] by masking and searching the lower n bits of the timer code.

  Finally, when searching for an unused entry when registering a new entry, a result address that can be extracted using only the status information “down” as a search key becomes an unused entry. This result address can be used as a reference address. If a free entry cannot be extracted here, the entry is deleted from the entry with the most time since the last access.

  In order to search for an entry whose time has elapsed since the last access, there is a simple method in which the search timer code is subtracted "one by one". In addition, a method of narrowing down the search by gradually removing the mask bits from the mask from the higher bits after masking the lower bits of the search timer code to widen the search range is used.

  In order to realize the present invention, a storage medium in which a program code (computer program) of software that realizes the functions of the above-described embodiments may be used. In this case, the object of the present invention is achieved by supplying the storage medium to the system or apparatus, and the computer (or CPU or MPU) of the system or apparatus reads and executes the program code stored in the storage medium.

  In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiments, and the program code itself and the storage medium storing the program code constitute the present invention.

  As a storage medium for supplying the program code, for example, a flexible disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a CD-R, a magnetic tape, a nonvolatile memory card, a ROM, or the like can be used.

  Needless to say, the OS (basic system or operating system) running on the computer performs part or all of the actual processing based on the instruction of the program code.

  Furthermore, the program code read from the storage medium may be written in a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer. In this case, based on the instruction of the written program code, the CPU or the like provided in the function expansion board or function expansion unit may perform part or all of the actual processing.

It is the figure which showed an example of the ARP table management apparatus which concerns on embodiment of this invention. It is the figure which showed the structural example of the network. It is the figure which showed the format of the ARP packet described in RFC826. It is the figure which showed an example of the IP-MAC conversion table. It is the figure which showed the ARP table management apparatus which performs IP-MAC conversion using CAM in a prior art example. It is the figure which showed an example of the IP-MAC conversion table which concerns on embodiment of this invention.

Explanation of symbols

101 Associative Memory 102 Random Access Memory 103 Address Selector 104 Address Selector 105 Timer 106 Timer Code Selector 501 Associative Memory 502 Random Access Memory 503 Address Selector 504 Address Encoder 505 Timer 506 Address Decoder

Claims (2)

An ARP table management device that outputs a MAC address by inputting an IP address,
An associative memory that outputs a registered address using IP address and time information as input data;
A random access memory that outputs a MAC address using a registered address as an input address;
A timer code selector for selecting a registration time and a search time to be input to the associative memory;
A first address selector that selects a registration address that is input externally and an update address that is output from the associative memory, and inputs the address to the associative memory address;
A second address selector for selecting an externally input registered address and an update address output by the associative memory to output to the RAM;
In the associative memory, MaskBit for invalidating an arbitrary bit of input data ;
A Type field that indicates whether the registration information is dynamic information that is deleted in a predetermined time as input data to the associative memory or static information that is permanently retained;
With
By masking the timer code input, conversion from IP address to MAC address is performed. By entering the IP address mask, an entry having any time information can be searched, and only dynamic information can be deleted by the Type field. An ARP table management apparatus characterized in that it can be extracted as a unique address . A Status field indicating whether registration information is valid or invalid as input data to the associative memory;
2. The ARP table management apparatus according to claim 1, wherein invalid registration information is searched for only registration information as a search target by the Status field.

Images